The Hack o blog

Reinventing the weel

Tag Archives: hacking

4Chan screen Protector V.1.1

While I dissect last week’s JavaScript for all you budding hackers, another question emerged how did I find out that 4chan was behind the attack, well bob like anything odd and daft on the internet the first place I look is 4chan someone will be posting about it, so I put on my 4Chan screen Protector V.1.1 and go and break rules 1 and 2, “4Chan screen Protector V.1.1” what is that I here you shout.  Well it’s this;

4Chan screen Protector V.1.1

4Chan screen Protector V.1.1

I developed this PC extension last year to stay safe will browsing the bowels of the internet <^_^>,To be quite honest I don’t know how any sane person could ever venture in to the /B/ without blindness, and just so you know indecent images on your PC are counted as downloaded even if they are in your browsers cache.

Advertisements

How to bypass a router password

A picture of the BT Home Hub

Image via Wikipedia

How to bypass a router password

Quite often in normal home networks a small router or a home Hub is used, they aren’t really routers and are usually a hybrid of a ADSL modem and a switch, they usually come pre-packaged with a default password if it has not changed then you can normally find the password here.

http://www.routerpasswords.com/

But if the password has been changed then you have two options, the first being using the reset button if you have one, this will reset all the settings and you should only do this in extreme situations.

Bypassing the routers password , this can be usually accomplished with 3rd party tools, most routers use a CGI (conman gateway interface) script to protect the system , they are commonly seen on adult web sites members areas , this attack can be also used to bypass there passwords.

The attack we will be using is a brute force dictionary attack ,this isn’t hacking in it’s normal sense mearly an attack using a overwhelming number of user names and passwords.

Step one: The Tools

This was the first tool I ever used, it introduced me to this world o so long ago. It’s old but not redundant and it works.

Access Diver

A word list, you will not need a user name list, just make a text file and type a list of common user names  main, administrator, user, and so on.

http://www.outpost9.com/files/WordLists.html

Proxy list, you don’t need this if you are on the home network but you will need it if you are connected over the internet then you will need some lists.

http://www.proxylist.net/

Step two: Locating The Router

Eyes step open up a command prompt and type ipconfig

IPv4 Address. . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

You will see commuting like this the Default Gateway is the routers IP address, told you it was simples.

If you are trying to access web site, then right click the login link and copy the link

If you are connected through the internet see this guide>

Step Three: Prepare the attack

Load the word list

Enter the proxies ( if needed)

Pass the IP address or URL in the Server box at the top.

Step Fore: Fire Everything

Fire Every ting

Fire Every ting

Click go and after some time you should get a password

A web crawler in bash

Web-crawler !!

Web-crawler !!

A web crawler in bash.

Forum master Scubudus posted on one of my favorite forums, a simple web crawler in bash. so I thought I would let you all in.

#!/bin/bash
#
#  [ 3/6/2009 ]       Bash Crawler       Scubidus[at]darckoncepts.org
#
#  Parse all Passwords and  Usernames from cirt.net and put them into a file
# with the following  format.   :product:user:pass:
#
#
url='http://www.cirt.net/passwords'
output='pass.lst'
cfile='.cookies.txt'
buffer='.buffer.txt'
pbuf='.parseBuffer.txt'</code>

declare  vflag=0

function error {
echo "Failed To Parse Data, No  Content Was found."
}

trap "rm -f ${cfile} ${buffer} ${pbuf};  exit" 0 1
trap "echo ' Ctrl+C Detected, output deprecated.'; exit" 2 3

while  getopts ":av:" flag; do
case $flag in
a) echo '[+]  Default Router Password Parser, Coded By Scubidus[at]darckoncepts.org'  &amp;&amp; exit;;
*) vflag=1;;
#?) echo 'Usage: No  Parameters Are Needed; -a for an about, -v for verbose';;
esac
done

echo  -n &gt; "${buffer}"; echo -n &gt; "${output}"

wget -q -O -  ${url} --referer="${url}" --keep-session-cookies  --save-cookies="${cfile}" &gt; "${buffer}"

spos=`cat "${buffer}" |  grep -n "table width" | awk -F: '{ print $1 }'`
epos=`cat  "${buffer}" | grep -n "/table&gt;" | awk -F: '{ print $1 }'`
lineCount=$(($epos-$spos))

cat  ${buffer} | head -$((${epos})) | tail -$((${lineCount}-1)) &gt;  ${buffer}

count=1
for each in `grep vendor "${buffer}" | cut  -f 2 -d ? | cut -f 1 -d '"' | sed s/\ /+/g`; do
url_buf="${url}?${each}"

if [ $vflag -eq 1 ]; then
echo ${count}  ${url_buf}
fi

let count=$((${count}+1))
wget -q -O - ${url_buf} --referer="${url}" --load-cookies="${cfile}"  --keep-session-cookies --save-cookies="${cfile}" &gt; "${buffer}"

epos=`grep -n '&lt;div id="block-block-7"&gt;' "${buffer}" | awk -F: '{ print $1 }'`
spos=`grep  -n '&gt;1. &amp;nbsp;' "${buffer}" | awk -F: '{print $1}'`

head -$epos "${buffer}" | tail -$(($epos-$spos)) &gt; "${buffer}" ||  error
vals=`cat "${buffer}" | grep -n "&lt;/table&gt;" | awk -F:  '{print $1}'`

lastVal=0
for i in $vals; do
if [  ${lastVal} -eq 0 ]; then
head -$i ${buffer} &gt; "${pbuf}"

echo -n ":`grep 'Product' ${pbuf} | cut -f 2 -d % | cut -f 2 -d  \&gt; | cut -f 1 -d \&lt;`" &gt;&gt; ${output}
echo -n  ":`grep 'User ID' ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1  -d \&lt;`" &gt;&gt; ${output}
echo ":`grep 'Password'  ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1 -d \&lt;`:"  &gt;&gt; ${output}

lastVal=$i
else
head -$i ${buffer} | tail -$(($i-$lastVal)) &gt; "${pbuf}"

echo -n ":`grep 'Product' ${pbuf} | cut -f 2 -d % | cut -f 2 -d  \&gt; | cut -f 1 -d \&lt;`" &gt;&gt; ${output}
echo -n  ":`grep 'User ID' ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1  -d \&lt;`" &gt;&gt; ${output}
echo ":`grep 'Password'  ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1 -d \&lt;`"  &gt;&gt; ${output}

lastVal=$i
fi
done
done

http://www.grayhoods.org/viewtopic.php?f=57&t=1526

FaceBook Hacks with Java script

Ok well today I’m going to demonstrate some sweet ass, FaceBook hacks with javascript.

If you didn’t know already, FaceBook utilizes a web development technology called Ajax, which in its simplest form is a java script front end. This means that you can edit it by using javascript and it’s all in your browser, yay.

Black FaceBook:

javascript:void(document.getElementById('fb_menubar').style.background='Black');

Try changing the end colour to red or green.

and thanks to x2i4eva

javascript:void(document.getElementById('menubar_container').style.background='#000');

this will change the entire bar.

FaceBook Hack: Get Chat History Even When Friends Aren’t Online

Step one look at the URL of your friend

http://www.facebook.com/home.php#/profile.php?id=123132132213&ref=nf

Step two

Get their “id=123132132213” Copy it

Step one three

Then mod the JavaScript to use it

javascript:buddyList.itemOnClick(123132132213);

And a chat window will pop open showing chat history

Select all for friends to send stuff to:

When on the select box just use this JavaScript.

javascript:elms=document.getElementById('friends').getElementsByTagName('li');for(var fid in elms){if(typeof elms[fid] === 'object'){fs.click(elms[fid]);}}

Select