Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - P!X3LTR0N

Pages: [1] 2 3 ... 5
1
Hacking and Security / Re: Android - Compromise
« on: February 20, 2016, 01:34:18 pm »
Great!

I think this would work perfectly, IOS is not a concern as of yet since the company's policy is to distribute android mobile devices among the employees. But in the future other clients might use IOS, for that I will try and use the same principles. Thanks for the input.


2
Hacking and Security / Android - Compromise
« on: February 20, 2016, 12:48:16 pm »
Hi guys,

I would like some of your input on this. I have recently had a client where their network was tight. Obviously there were still loopholes, but the security team really knew what they were doing. So i came up with an idea to approach the task from another angle. And this is through the mobile architecture.

Some background about the idea:

So basically the CEO of the client approved a more mobile environment for the company, and they do not bring in laptops to meetings anymore, and most of their tasks are going to be run from mobile apps now. What I want to do is prove to them that mobile devices can be compromised as well. Now, what I want to do is send out an email to the employees in the company (I have obtained a record of all the employees) and tell them that I am the lead developer on one of the apps that they will be using. They then need to log in to my malicous app with their email, which will be hard coded to reject the initial login and redirect them to a new screen which asks them to register. (the credentials are logged by now and I can use their email credentials to read emails).

After this, I want to be able to record, screen print and read messages sent via the users and have it stored on my external hosting server. The problem I am facing is, that due to me knowing when meetings will be scheduled  etc I want to record on specific times. The thing is I have developed apps before that record automatically and that is not really the concern. I want to send the device a command, which does not pop up on the victim device, and I want it to send me a reply to my device stating the command is being executed. Obviously I dont want the device to upload a full day worth of recordings, since this will eat up bandwidth and consume a lot of data, thus exposing the intent.

Now I have done some research about sending the device commands via SMS and reading these resources:
http://www.undernews.fr/wp-content/uploads/2011/05/Shmoocon2011_SmartphoneBotnets_GeorgiaW.pdf
http://www.dtic.mil/dtic/tr/fulltext/u2/a562722.pdf

The main problem I see with this is that the user will see that messages are being sent to his device, stating "recordforgiggles" of "screenshotbecausebitches" and he wont know the number and he might block my cell number.

Have any of you worked on a project such as this? If so any input would be appreciated. I don't want you to write any functions for the program, I am just looking for intellegent approaches to look into this from other angles.

thanks

3
Beginner's Corner / Re: Failed to set payload windows/adduser in metasploit,need help
« on: December 16, 2015, 05:52:14 pm »
Your command is incorrect if it is the way you are showing us
"set payload windows/adduser"

It should be :
Quote
use payload/windows/adduser

You don't set payloads, you use them. Try and let me know.

4
Beginner's Corner / Re: Where to begin?
« on: December 14, 2015, 08:43:44 pm »
Quote from: Racheltjie de Beer on December 14, 2015, 05:58:39 pm
Maybe _read_ the sticky for the Beginner's Corner first.  It is will give you a lot if insight on how these forums work and how to ask your question(s).
Maybe_Realize_that the OP isn't on the forum anymore, and maby, just maybe don't reply to threads that are dead-or answered.  8)

5
Networking / Re: ip adress and subnetting
« on: December 07, 2015, 09:46:25 pm »
I think you want this?
http://www.wikihow.com/Calculate-Network-and-Broadcast-Address

6
Operating System / Re: [HELP] Recommend Antivirus for Windows 8.1
« on: December 07, 2015, 09:43:26 pm »
I used to use the Kaspersky solutions.

Pretty neat interface, KES database is pretty up to speed on the latest malware etc. I would go for that if I were you.

7
Hacking and Security / Re: Alienware?!?!
« on: November 03, 2015, 11:39:38 am »
I am using an m17xR3 at the moment. Its great and everything, but for half the price you could probably get something better. I would rather go with one of those flashy MSI laptops if I were you. The Alienware is really very bulky, and I was a fool for carrying it in a backpack while traveling to distant clients. At least bags come with wheels now, everyone laughs when they see the bag, but it beets the hell out of carrying the laptop around.

8
Beginner's Corner / Re: Self teaching advice?
« on: October 06, 2015, 07:30:44 pm »
What are your goals?

Set goals for yourself i.e "I want to become a programmer..." or "I want to learn more about cyber security" with that in mind you can divide the large topics into smaller category's to determine what you are interested in and learn from there.

In my opinion, learn everything you find interesting. You should learn more to better yourself. And in essence create potential opportunity's for career growth.

9
Found it on the Webs / Seagate: apparently back dooring HDD's
« on: September 07, 2015, 09:30:40 pm »
http://thehackernews.com/2015/09/seagate-wireless-harddrives.html



"The secret Telnet Vulnerability (CVE-2015-2874) with an inbuilt user account (default username and password — "root") allows an attacker to access the device remotely, left users data vulnerable to theft".
Thought it was interesting...

10
Hacking and Security / Re: What are some of the Best Books on Hacking? I'm looking for all suggestions.
« on: September 07, 2015, 09:02:21 pm »
https://evilzone.org/wiki//index.php/Main_Page
www.google.com


Fucking seriously?

11
Hacking and Security / Re: Knowledge
« on: September 06, 2015, 09:21:09 pm »
Quote from: white-knight on September 06, 2015, 07:27:28 pm
https://evilzone.org/general-discussion/how-do-you-feel-about-sharing-your-knowledge/


Those are detailed opinions. I think its covered... Its like some dick that asked about what is the best linux distro for hacking'this shit is like discussing is God real - it never ends'.


If we have to start a thread for this every time, god, it would be hectic.

12
General discussion / Re: Easiest programming/scripting language
« on: August 24, 2015, 05:21:28 pm »
Quote from: Josiah23 on August 23, 2015, 11:57:49 pm
Thanks for the helpful information, I'll definitely check out those website. I'll try to put  around 10 hours into Python the days I'm off. @insert-name-here, I'm a somewhat fast learner, it depends on how badly I want to learn it, and in this case, I want it bad.


I give you a week, maybe two. Depending on how fast you fail. Because saying you will devote 10 hours every time you are off is just not normal. You look like Kali is your idol, great.


Thank god your posts don't have that quote any more. Now I only need to see it once every time you spam shit.


Edit: fuck its in the post above mine. Could you remove that shit?


13
Creative Arts / Re: Just made my Avatar & Sig(Mad skillz yo)
« on: August 24, 2015, 05:12:42 pm »
I think it all looks stupid, you are putting all the things we are not into 2 pictures, I mean you made me puke with your alias, the skull makes you look like a skid and the signature makes the whole thing so much better, like some stupid ass robot about to break into the planet or whatever is behind the cum on its visors. But hey, my opinion won't make stupid kids see the light.

14
Tutorials / Re: Spam False AP's in the Area using MDK3
« on: August 18, 2015, 06:49:37 pm »
Nice share.


This would be a great exercise for shits and giggles...

15
General discussion / Re: How to sign up here?
« on: August 18, 2015, 01:55:53 pm »
If you can't succeed in the simplest of things, your an idiot.

Pages: [1] 2 3 ... 5