Jump to content


Dedicated Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

i8igmac's Achievements


Newbie (1/14)

  1. I heard something about empty pipes? Secret code, come on in... I've always wanted to cover this topic. Pipes! Sometimes its best to practice with tools like netcat. You should simulate this pipe work or pivit with basic pipes and hello world examples to make sure you can get a proper tcp 3way handshake. Kali~> Ssh -R 4444:localhist:4444 admin@victim.ip This is a basic pivit like command. It will pivit port 4444. Its just a example of what metasploit is basicly doing. When i was doing my testing with metasploit and reverse tcp pivit. I had to change the exploit code to generate the payload with a public ip address. LHOST is used when generating the payload but also used by the multihandler. So you cant just change lhost in msfconsole because your multihandler will fail with unknown local ip. Multihandler has to listen on The payload has to generate with the public reverse address... Maybe im wrong or things have changed since my testing. I thought about adding my own var to metasploit payload generation. LHOST/PHOST I think the metasploit team intentionally left this option unavailable. because its intended use is very powerful. Or maybe provided by the paid version lol
  2. Yes. Routers are hacked like its the wild wild west. Along with home iot devices. I found 30 thousand devices generating coin for one person. At the time the value was like 120$ per day. Most the time these devices are old routers from the 90's or just old devices with bad default settings like remote management is open by default with default password. Chances are your device is new and your fine
  3. What windows manager are you using. This might be a gnome/kde/xfce thing.
  4. I have used qemu and virtualbox. But i never tried to clone a phone and test drive it on a emulator. Ill have to spend the hours testing to answer my questions. Im 50% sure i could clone this hd then use file recovery software from a emulator. This has been a lot of fun honestly
  5. Send me a pm. I have some free time. You're success will depend entirely on whether or not you're willing to do the research and perform trial and error learning. I wish i met a bigmac 15 years ago. All my machines are calling my name lol i have been looking through my old code and projects i never released.
  6. Do you have the equipment for this testing? I have 5 pi's laying around. I have a directional parabolic anttenna design in freecad and ready for 3d printing. I daydream about setting up a mesh Network across a main stretch of highway and i wonder how far i could reach. Or even Focus all mesh nodes at a packed football stadium. Or Think about what you could do on a Vegas Strip. It's all in theory, what would you do with this traffic. Airebase-ng does a good job as a generic Rogue access point that works with most Wi-Fi cards.
  7. Data recovery. Maybe somebody can share opinion and experience on recovering deleted data. I hope to successfully clone the cell phone and open it on virtualbox or another emulator. My understanding in data recovery with layman terms. The file is deleted but in the background it's simply a piece of free space now ready to be Rewritten or overwritten. When trying to recover data it's best to shut the machine down when the removal or deletion was done, as soon as possible if the machine is powered off it will prevent overwritten of this data space stored on the hard drive. If I DD clone the HD, I assume I can recover any data left untouched with an emulator and an exact cloan of the cell phone HD partition... i should also be able to boot up this clone.... Any advice? Am i wrong? I don't want to mislead future visitors of this thread.
  8. So. I made some progress this morning. The first challenge was to ADB authorization to access the phone. This was done by taking screenshots and navigating through the phone. One screenshot at a time, I could click my way through system settings and authorize my PC. I am now mirroring the Android screen on my Linux laptop through USB. With adb screen record i can pipe the live video stream to vlc, ffplay or mplayer. This works over usb and tcp. The first thing i enabled in developer options was 'show screen touches' This now makes things a little easyer when click on the black screen i could see each touch from vlc in real time. I just now need to install a app for backing up my data. I'll try to post a full write-up with example commands video and screenshots. I will also provide a Android system configuration that will allow this type of recovery to be possible for future broken screens. adb shell screenrecord --output- format=h264 - | ffplay -
  9. That is my last option. The device is not worth fixing.
  10. Git clone phonesploit. Seems like everything i need. https://github.com/metachar/PhoneSploit/blob/master/README.md I now think its a bad idea to roll around with debugging enabled on your android... But im a Rebel, I'm so happy my old broken phone had USB debugging enabled. I will always have this enabled on future phones. Phone sploit has a feature for screen sharing and plenty of other useful autimation to speed up the recovery process.
  11. i have a broken android screen. the screen works when i click it, i can hear sound effects and from memory i can manage to click 'enable usb file sharing' so. i have the pictures backed up. But i need EVERYTHING... There is hope... So, at this point i have a usb attached and can navigate through the files on my pc. then i can press the android home+power button to take a screen shot. from my pc i can see those screen shots and almost navigate through the phone. (very difficult but doable) usb debugging is enabled, But to extract the information in recovery mode i would have to navigate the bootloader from a black screen and this would be a potential risk of whipping all data. I can turn the device on and it will connect to my accesspoint. i might have a reverse meterpreter already installed. (cant remember if its there or its configuration) jruby might also be installed, this could allow me to automate the screen shot process for a hacky remote like access of the screen. so at this point, im looking for ideas on screen sharing. if i can navigate the screen remotely. this will be a step in the right direction. maybe i can install and run meterpreter.apk or other remote control software via adb shell. maybe there is screen sharing options already installed by default. tips, advice, ideas, experience... (navigating a black screen is Fucking hard)
  12. I cant exactly provide a answer. This error has popped on me a few times, once while 24 hours of cracking has already been done. I do have a suggestion. I have a bootable kali linux usb stick with all the propper drivers installed for both my desktop and my labtop. I cloned a backup and when i need to crack i just boot up. I found the NVidia-cuda-version.deb file through trial and error and once i had a stable system clone a backup of everything I love pyrit, i love the cluster options. I can clone my usb stick and build a cluster very quick. But, pyrit had its issues and i now use hashcat. Its quicker and has a lot more features like a proper recovery system.
  13. I posted a hping3 script. Does anyone have access to the old backtrack forums. I would like to share the script, it covered all typs of packet flooding attacks.
  14. I ran into issues when hosting access points with hostapd. most cards i tested would only run stable if rates were set no higher than 11M. Insufficient current would just disconnect the USB device. Good luck with the project
  15. I made something like this before. I used all the tools to capture hand shakes and brute pins. The goal was to cover all vectors when cracking wifi. If you use a pi with onboard wifi to create a hotspot. You could login with ssh and use a console based frontend for your tool or at least monitor live data from your phone and launch other attacks. I would include a reaver attack of the most used defailt pins like 0000000, 01234567 etc. Range is the most common issue with River attacks but with this in your bag you can walk up extremely close to a building for just a couple minutes. Also collecting handshakes is a must add function and maybe with a 'deauth all' to acquire those stubborn handshakes. Did you ever experience insufficient current with your Wi-Fi card?
  • Create New...