Hi everyone! One of my gmail accounts has been hacked and the hacker changed my password. Google aren't helping me to regain control of the account at all and I was wondering if anyone can help me to regain access. Like I said I am an absolute beginner and not necessarily skilled with computers so step by step instructions and explanation in layman's terms would be best. Thanks!
Directory traversal, or path traversal, is an HTTP attack which allows attackers to access restricted directories by using the ../ characters to backtrack into files or directories outside the root folder. If a web app is vulnerable to this, an attacker can potentially access restricted files that contain info about all registered users on the system, their permissions, and encrypted passwords.
A rainbow table can be thought of like a dictionary, except instead of words and their definitions, it holds combinations of characters on one side and their hashed form on the other. What is a hash and why would you want to know what random combinations of characters are hashed into?
Due to weaknesses in the way Wi-Fi works, it's extremely easy to disrupt most Wi-Fi networks using tools that forge deauthentication packets. The ease with which these common tools can jam networks is only matched by how simple they are to detect for anyone listening for them. We'll use Wireshark to discover a Wi-Fi attack in progress and determine which tool the attacker is using.
Hi all, noob here. I'm getting into networking hacking and can't seem to find an adapter that's compatible with my set up on virtual box on Mac OS Mojave. I have a AWUSO36NEH and while I can get kali to recognize it, it doesn't work in monitor mode and I'm unable to sniff for packets. Any model recommendations would be appreciated, as i don't want to spend any more money on adapters I can't use. Thanks.
I was trying to hack my pc(windows 10) with my laptop (Kali Linux) I did an nmap scan and my pc showed up so I disabled the firewall and I tried everything, nothing worked even hail mary please help me
Guys im new around here its my first time using a subsystem but i used some linux operating systems ... of course with dual boot.And we can choose what desktop environment we use if we dual boot,we just download the iso and burn it to usb...but with kali linux subsystem i only see xrdp as an option where ever i visit but my favorite is gnome,is there a way to use gnome desktop in kali linux subsystem
Hello hackers !I just found lab.pentestit.ru.It's an Online Pentest Lab.After setting up the VPN to acces the Lab, they give me 2 IP (192.168.101.12 - 192.168.101.13)So, I do a nmap scan like that:
I have tried aireplay many wifi every time it worked but this bssid is not working ...as it showing ..so help me. Plz its a pain in the ass...I have deauth 6 today yet this one and onther one is not working .and both r from same isp...I m sure .cause their essid has some extension
" Iwould use a military grade C encryption tool. It would involve me pinging the cell remotely and using a array of malware encrypted texts, bug infested cell transmissions and Geo-location acces, which would then spill to creating a background access into the target device as you can tell this is not a easy decryption process. In a bid to achieve excellence i would require your attention on time."
I tried for curiosity the instagram bruteforce (with dictionary) in my account, but is uselles! If you dont have the password on the list dont work, to easy... so how use the standard bruteforce? A code who try ab, ac, ad, etc etc; every combination not a dictionary of words? Can help me? Sorry for my engRish :')
I've been messing around with Perl lately and no, I'm not gonna switchto Py2 or Py3. The problem I'm facing at the moment, is I'm trying tomake a script to login into a site. The issue? Well, it isn't really aissue, but more like, JavaScript is being somewhat annoying.
Apple's macOS operating system is just as vulnerable to attacks as any Windows 10 computer or Android smartphone. Hacker's can embed backdoors, evade antivirus with simple commands, and utilize USB flash drives to completely compromise a MacBook. In this always-updated guide, we'll outline dozens of macOS-specific attacks penetration testers should know about.
I will need to create a trojan that spreads to other pc via ethernet just by infecting a pc with a usb key. To better explain: I insert my usb key into a computer (Windows 7) the pc is now infected without need to do anything I remove my usb stick and I go home and I look on another pc (no relationship with others) infected pc. remote I would like to access files, ...
Hey I recently bought the Alfa AWUS 1900, because of the great signal strength ( 4 omnidirectional dual-band antennas), but my laptop isn't detecting my dongle. I thought that with this chipset it's „plug'n play" on linux distros.
Things that are supposed to make life easier for developers and users are often easy targets for exploitation by hackers. Like many situations in the tech world, there is usually a trade-off between convenience and security. One such trade-off is found in a system known as Distributed Ruby, which can be compromised easily with Metasploit.
I've done numerous tutorials in Null Byte demonstrating the power of Metasploit's meterpreter. With the meterpreter on the target system, you have nearly total command of the victim.
The ability to stay organized and be resourceful with data gathered from recon is one of the things that separates the true hackers from the script kiddies. Metasploit contains a built-in database that allows for efficient storage of information and the ability to utilize that information to better understand the target, which ultimately leads to more successful exploitation.
Kali Linux is probably the most well-known hacking distribution among penetration testers. However, there are alternative distros which offer versatility and advanced package management systems that are absolutely worth considering.
Hello everyone I am new to the forum and I start in computer security. For my test I installed Linux box and windows 10 professionel When I do an nmap scan I see that port 445 is open and when I'm doing In metasploit use auxiliary / scanner / smb / smbms17010 I add the rhosts then enter I find that my target of evaluation is vulnerable to this attack. When I use the following exploits: ms17010eternalblue, eternalblue_doublepulsar, and other exploits of type smb, the attack fails. Please help me...
Hi i'm a first time installer, I've made a live Kali usb stick, now it works fine when i start up the laptop, but when I select a live option to boot. It will run and then stop. It doesn't always stop at the same line(s), but this is the one with includes both (error) lines.
Hey, I wanted to know how I can slow down my internet from my friend or DDOSsen. I did a lot of research on the internet, also about the ping of death metode (which is probably very bad) but there were a lot of unnecessary answers. Many thanks in advance!!!
With an ordinary birthday card, we can introduce a physical device which contains malicious files into someone's home and deceive them into inserting the device into a computer.
Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
When it comes to attacking devices on a network, you can't hit what you can't see. Nmap gives you the ability to explore any devices connected to a network, finding information like the operating system a device is running and which applications are listening on open ports. This information lets a hacker design an attack that perfectly suits the target environment.
Users are often the weakest link when probing for vulnerabilities, and it's no surprise they can be easily fooled. One way to do this is called clickjacking. This type of attack tricks the victim into clicking something they didn't mean to click, something under the attacker's control. Burp Suite contains a useful tool called Clickbandit to generate a clickjacking attack automatically.
hey guys i was thinking about create a phising mail with a tool ( gophish , SET ..... ) and at the Use a fake domain at the end created witj evilurl but how can i use it ? use a fake domain created with a several domain ?
Hi to every one. i have searched over internet and found a way (Metasploit) to get access to an android phone via port forwarding and ip method, it gives much access (as per my little search) but the problem is i want to find out a way through which i can get access to android phone completely like i can install/uninstall apps remotely in future whenever i want. I know some of softwares are providing this facility but they are paid or have many ads into them. If anyone can help me is it good to...
Hello Hackerz! Today I will show you how to use a tool I created to make hacking wifi easier. Make sure that the router has wps lock off and wps is on. Make sure bully and pixiewps in installed.
I use a virtual machine of kali in my windows laptop and when I try to deauthenticate all users in a network I normaly deauthenticate only myself or few others but never ALL.
hello guys, sorry for my bad english, i'm italian. So i use Fluxion. WifiPhisher and Airgeddon with 2 network adapter. Every time i create the fake AP the clients in the real ap are deauthenticate, but after they don't connect automatically in my fake ap. How i can fix this issue?
I am using metasploitable to learn pen testing but I ran into a problem that is most likely very simple but I don't yet understand this. I used the vsfpd backdoor exploit to connect to metasploitable. Then I disconnect. When I try to reconnect using the same exploit I get the message that the exploit ran successfully, however no shell was created. How do I reconnect to metasploitable after using an exploit on it and disconnecting?
Hello everyone, I installed Kali Linux in dual boot on a MacBook Pro. Only when I use programs like fluxion tells me that the network card is not adequate, I believe it is because it can not send the deauthentication packages. Someone would advise me a network card not too expensive, that can do what I ask and that also works with Mac?
have the message :wlan0 is soft blocked, please run "rfkill unblock 1" to use this interface.rfkill error, unable to start wlan0as i run:airmon-ng start wlan0so i can't go on anymore..any fix??
One of the ultimate goals in hacking is the ability to obtain shells in order to run system commands and own a target or network. SQL injection is typically only associated with databases and their data, but it can actually be used as a vector to gain a command shell. As a lesson, we'll be exploiting a simple SQL injection flaw to execute commands and ultimately get a reverse shell on the server.
