Showing posts with label Tech news. Show all posts
Showing posts with label Tech news. Show all posts

Sunday, June 20, 2021

Hack Victim’s WebCam With a Link

 

Hack Victim’s WebCam With a Link




Take Webcam Shots From Target Just Sending a Malicious Link
SayCheese is Tool Coded By The Linux Choice The tool generates a malicious HTTPS page using Serveo or Ngrok Port Forwarding methods, and a javascript code to cam requests using MediaDevices.getUserMedia.


How it works?
The tool generates a malicious HTTPS page using Serveo or Ngrok Port Forwarding methods, and a javascript code to cam requests using MediaDevices.getUserMedia.

The MediaDevices.getUserMedia() method prompts the user for permission to use a media input which produces a MediaStream with tracks containing the requested types of media. That stream can include, for example, a video track (produced by either a hardware or virtual video source such as a camera, video recording device, screen sharing service, and so forth), an audio track (similarly, produced by a physical or virtual audio source like a microphone, A/D converter, or the like), and possibly other track types.


Steps to Download and Install SayCheese

This script is available for both Linux and Windows. You can check the official repository of PhoneSploit here

Step 1 Execute the following command to clone the SayCheese repository into your Linux Or Download SayCheese

git clone https://github.com/thelinuxchoice/saycheese


Step 2 Go to SayCheese repository using cd command
cd saycheese


Step 3 Now We have to grant the permission to the saycheese.sh file by typing this following command
chmod +x saycheese.sh



after executing all command successfully we can use our tool.
Steps to  use SayCheese

Setp 1 Now we just have to type the final command put this cmd into your command for executing SayChees 
bash saycheese.sh
Now you can see our tool is ready to use


As you can see you have two option Serveo.net or ngrok both services are used for port forwarding  you can use ngrok or serveo according to you hear I'm going to using ngrok

Step 2 For use ngrok service press 2 
now wait till downloding ngrok or wait for starting ngrok or php service



after Everything is done Successfully you get a link as you can see

Step 3 You can send this link over Whatsapp or Facebook or Gmail This will Work Fine.. if Your Victim Open’s it and give the permission to the camera

hear i'm opening this link into my phone and allow to camera that's it
When target opens our link you can see victim IP address as well as you can see SayCheese Start capturing shots and receiving file .



The Image File Will be Automatically Saved here in this folder ( SayCheese Folder )



That's Done you can see Camera received Files
- 3 comments:
Tags: ,

Tuesday, June 8, 2021

Malicious QR Code with QRGen

 

Malicious QR Code with QRGen



QRGen comes with a built-in library that contains lots of popular exploits, which is extremely useful if you have time to sit down with the same device you're looking to exploit and find out which one works. For a penetration tester looking to audit anything that uses a QR code scanner, merely buying the same scanner and running through the exploits can lead you to get the scanner to behave in unexpected ways. The categories of payloads available on QRGen can be accessed by using the -l flag and a number while running the script. The number and payload type are listed below.

  • Command Injection

  • Format String

  • String Fuzzing

  • SQL Injection

  • Directory Traversal

  • LFI

  • XSS

  • watch video



  • Install QRGen

    To start with QRGen, we'll need to download the repository from GitHub do perform the command below in a terminal window.

    git clone https://github.com/h0nus/QRGen
cd QRGen
pip3 install -r requirements.txt

    Generate Malicious QR Codes from a Payload Type

    After installing the packing, you can run the script by typing python3 qrgen.py as following −

    To start, let's create a payload containing format string payloads. To do so, run QRGen with the following argument.

    Finally, a series of QR codes will be generated, and the last one that was created will open automatically.

- No comments:
Tags: , , , ,

Saturday, January 9, 2021

trojan horse

 

RAT stands for Remote Access Trojan or Remote Administration Tool. It is one of the most dangerous virus out their over the internet. Hacker can use RAT to get complete control to your computer. He can do basicly anything with your computer. Using RAT hacker can install keyloggers and other malicious viruses remotely to your computer, infect files on your system and more. In this post i will tell you about what hacker can do with your computer using RAT and tell you about some commonly use RAT by hackers.

 What is RAT ?

As i have told you in my introduction paragraph RAT is Remote Access trojan. It is a peace of software or program which hacker uses to get complete control of your computer. It can be send to you in form of images, videos or any other files. Their are some RAT that even your antivirus software can not detect.  So always be sure about what you are downloading from the internet and never save or download files that anonymous user send you  over the mail or in chat room.

 What You can do with RAT ?

Once a RAT is installed on any computer hacker can do almost anything with that computer. Some malicious task that you can do with RAT are listed below:

  • Infecting Files
  • Installing Keyloggers
  • Controlling Computer
  • Remotely start webcam, sounds, movies etc
  • Using your PC to attack Website (DDOS)
  • View Screen

 Harmless RAT or Good RAT

As you have seen how harmfull RAT are for your computer, but their are some good RAT which some of you might be using daily. You might have heard of TeamViewer, it is a software which you use to control some one’s computer with his permission for file transfer, sharing your screen and more.

 Some Commonly Used RAT

  • ProRAT
  • CyberGate RAT
  • DarkComet RAT

  • Exploit 
    Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

  • Rootkit 
    Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected – in order to extend the period in which programs can run on an infected computer.

  • Trojan-Banker 
    Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards.

  • Trojan-DDoS 
    These programs conduct DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address… leading to a denial of service.

  • Trojan-Downloader 
    Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware.

  • Trojan-Dropper 
    These programs are used by hackers in order to install Trojans and / or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan.

  • Trojan-FakeAV 
    Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent.

  • Trojan-GameThief 
    This type of program steals user account information from online gamers.

  • Trojan-IM 
    Trojan-IM programs steal your logins and passwords for instant messaging programs – such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more.

  • Trojan-Ransom 
    This type of Trojan can modify data on your computer – so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand.

  • Trojan-SMS 
    These programs can cost you money – by sending text messages from your mobile device to premium rate phone numbers.

  • Trojan-Spy 
    Trojan-Spy programs can spy on how you’re using your computer – for example, by tracking the data you enter via your keyboard, taking screen shots or getting a list of running applications.

  • Trojan-Mailfinder 
    These programs can harvest email addresses from your computer.

  • Other types of Trojans include:

    • Trojan-ArcBomb

    • Trojan-Clicker

    • Trojan-Notifier

    • Trojan-Proxy

    • Trojan-PSW 

How to protect yourself against Trojans

By installing effective anti-malware software, you can defend your devices – including PCs, laptops, Macs, tablets and smartphones – against Trojans. A rigorous anti-malware solution – such as Kaspersky Anti-Virus – will detect and prevent Trojan attacks on your PC, while Kaspersky Mobile Security can deliver world-class virus protection for Android smartphones. Kaspersky Lab has anti-malware products that defend the following devices against Trojans:

  • Windows PCs
  • Linux computers
  • Apple Macs
  • Smartphones
  • Tablets

Other articles related to Trojans and products to remove Trojan virus

Related articles:

Related products to remove Trojan virus:

- No comments:
Tags: ,
Subscribe to: Posts (Atom)