removed!
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Dox Anyone
How To:
Escape Restricted Shell Environments on Linux
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Crack Shadow Hashes After Getting Root on a Linux System
Hack Like a Pro:
Reconnaissance with Recon-Ng, Part 1 (Getting Started)
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
How To:
Run USB Rubber Ducky Scripts on a Super Inexpensive Digispark Board
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Fuzz Parameters, Directories & More with Ffuf
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Dox Anyone
How To:
Escape Restricted Shell Environments on Linux
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Crack Shadow Hashes After Getting Root on a Linux System
Hack Like a Pro:
Reconnaissance with Recon-Ng, Part 1 (Getting Started)
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
How To:
Run USB Rubber Ducky Scripts on a Super Inexpensive Digispark Board
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Fuzz Parameters, Directories & More with Ffuf
9 Comments
This is interesting... How can I use this backdoor once it is deployed? Maybe a listener?
All the information is in cd00r.c. To activate the backdoor (it is just a telnet server in this case) you have to send the correct sequence of SYN packets. In line 37 of the code the author suggest this:
./nmap -sS -T Polite -p<port1>,<port2>,<port3> <target>
The sequences of ports to "knock" are defined in line 121 as CDR_PORTS. Order matters.
and once its been sent I telnet in?
Yep. For this to work, the target machine has to have inetd and telnet installed... what is quite unlikely. You can easily change the cdr_open_door function to something that better suits you
Since libpcap uses raw sockets and the backdoor uses libpcap, would that require the backdoor to be run under root privileges?
Check this one out
Hey mate. That's right. Unh0lys0da link has all the details.
Very interesting, thx for sharing.
This is fantastic. I'm looking for a proficient person who clearly understands this, Kali and telecomm's. Please if interested icetip61 AT gmail
Share Your Thoughts