Jump to content

i8igmac

Dedicated Members
 View Profile  See their activity

  • Posts

    939

  • Joined

  • Last visited

  • Days Won

    22

 Content Type 

Everything posted by i8igmac

  1. i8igmac
    5.8ghz is best. 2.4 is obsolete. I just have to upgrade my kodi pi to support 5.8ghz. Then ill completely remove 2.4 from my property.
  2. i8igmac
    You can perform a tcp scan from almost any device. Your cell phone could install a network scanning tool. You should maybe slow down with metasploit. learn the 3way hand shake and nmap from irongeeks website video tutorial. You need some networking knowledge to continue. Install a server. Anything like a game or webserver and learn how to properly configure so its accessible publicly.
  3. i8igmac
    Run your exploit handler this should open port 4444. From another computer run nmap -p 4444 192.168.36.128 Is the port responding?
  4. i8igmac
    Here was a old video I made 9 years ago. Was a lot of fun. hope you guys enjoy. I won a hackers video contest with this video.
  5. i8igmac
    Yes meterpreter is installed on my phone. i could pivot my kali desktop into any network.
  6. i8igmac
    Pivot scenario. I have installed meterpreter on my phone. When my phone is connected to a persons wifi network I can connect back to my kali desktop and perform network scanning to discover devices and launch exploits onto the network. Once you upload meterpreter to a domain, you can pivot around the network. A reverse proxy is another term.
  7. i8igmac
    I found a the solution to my problem. The problem was uploading files from my android to my desktop, I tried many different protocols and different apps... No matter what i tried the same results, android tcpsocket failure, the upload stalls. Fails almost instantly. It turns out that when you run your android on power saving mode this would lower the current supplied to the cpu and cause failure in the tcp protocol. Solved.
  8. i8igmac
    Hping3 can send a spoofed packet
  9. i8igmac
    I was reading about this kind of attack years ago. what I understand. If you broadcast a older protocol that has a weaker encryption, if the signal is stronger the device will connect. Unless this device is manually configured not to use backwards compatible protocols it should connect. It might have been 2g or 1x. I don't remember. I would be interested in seing some one build and document this.
  10. i8igmac
    I understand you I hope to have some free time. I have been doing things with live streaming by leaving the http/tcp connection between the client<-->server always in a open state. (3way hand shake) This allows me to send data to the client, waiting for a response then send more data based on some ruby server side if expressions. If response.include?('netgear exist 10.0.0.1') Send(payload.html) this is not the simple way but I believe it will broaden the possibilities.
  11. i8igmac
    Cve-2016-6277 metasploit module. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgear_r7000_cgibin_exec.rb I have used this before. if you search from msfconsole netgear, dlink, tp-link, linksys etc you can find more.
  12. i8igmac
    there are so many directions you could go. my mind wonders down this path almost daily. Smb exploits, brute force defaults, autopwn stuff. The idea of doing this all from the browser with web sockets I thought was undocumented until this post. I was going to do it from a ruby rails web application. this is the first time I see someone think like me.
  13. i8igmac
    This has been on my todo list. this is a nice poc. you could go far with something like this. From any device at any time you should always know what's on the network and if any services are exploitable. Automate the shit out of this! I have used meterpreter on my android to pivit exploit code from a remote machine onto a local network... the exploit goes through the tunnel but the shell is directly reverse tcp back to remote desktop. I have also made a reverse proxy to pivot exploit code in the same manner. (Might have some videos) With debian now running In my pocket (android) the possibilities are incredible. My networking kung fu is dangerously scary.
  14. i8igmac

    Code

    i8igmac replied to Lazy's topic in Hacks & Mods

    That looks like a noce example. Almost like hping syntax but instead of tcp level its on 802.11 wifi
  15. i8igmac
    I use iptables and what ever proxy mitm tool you like that is capable of modifying the data. burpsuit is a good one because you have full control with a nice visual. if you want to get into building your own proxy, there is a lot to learn with modifying http headers. One of my projects was replace all executable's with meterpreter. (exe,zip,rar,msi, etc) Most of these files still download over http.
  16. i8igmac
    I have a linux desktop that runs 24/7 raid configuration ftp server. Has any one used recently android apps for ftp upload and download. I have correct chmod folder permissions. The android apps I use are inconsistent, socket errors and failure half way through a single file upload. this file server is my backup solution. When you experience data lost you will understand.
  17. i8igmac
    Yah. I email the admin. They respond appropriately asking for detailed information of the attack. but I decided I want to keep my honey pot running hoping to capture private exploits and log as many ip's as possible. The list is big. All easily exploitable
  18. i8igmac
    (Your trying to kill the labtop?) Good luck with this. when the system reaches a dangerous temp it powers off... You might have to put a decent amount of effort into this. You could give it a black screen. From the bios disable the hard drive. or a little water. Let it dry out before you beg for a new one.
  19. i8igmac
    I would setup crunch real quick. See if you can create a quick multithreaded python/perl/or ruby script. send out 10,000 dns request, dump the results to a log file for grepable filtering after the scan completes and time this activity. When complete figure the time it took compared to how many successful 200 response.
  20. i8igmac
    cuda wont matter. The bottle neck is waiting on that 200 response. 16^(32) = kabillion my math is inaccurate but this is crazy amount of computing... You need IoT distributed. I have been logging IoT activity for a few months. I have a decent list of infected ip addresses.
  21. i8igmac
    You would need a botnet style brute force. the dns response time is slow and needs to be distributed across lots of multi threaded bots.
  22. i8igmac
    This is simply a legit YouTube video. well Maybe copyright content but thats it. Possibly he has other videos with instructions to downloading software to hack your wifes cellphone. The only harm a person could do with a YouTube page is post links to cpumining software or verbal instructions. Monitor your cpu. this should be a habit for any puter neerd.
  23. i8igmac
    It seems like your on the right path. if you have working examples I would like to see how you accomplish things. I have taken a break From this with family life. I have run into loads of problems that I will have to over come. (Example) if I run a reaver attack from the press of a jquery button and open a client connection from another device to view the same tcpstream. There is alot of data management or tcpstream management that has to cover all situations that might happen... I challenge you to run a reaver attack. Stream the data. Close the browser. view the stream on multiple devices. topical behavior. Ill get back to it when im done with school.
  24. i8igmac
    Images maybe subject to copyright. Maybe some one could elaborate. I guess these images maybe used for non profit purpose.
  25. i8igmac
    I have also been interested in this. do any of these nexus devices have autheros wifi chip? packet injection works with internal chip? I'm not interested if I have to carry around usb wifi card.
×
×
  • Create New...