WiFi Slax Wireless Hacking Live CD 3.1

By Unknown | Wednesday, 4 September 2013 Leave a comment

 WiFi Slax Wireless Hacking Live CD 3.1



WiFi Slax Wireless Hacking Live CD 3.1*

WiFi Slax Wireless Hacking Live CD 3.1*


WiFi Slax Wireless Hacking Live CD 3.1 | 635 Mb


Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, "It doesn't matter if you use 128 bit WEP keys, you are vulnerable!"
WEP Hacking - The Next Generation
WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver.

Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of "strong"encryption while a 128 bit key has 104. The IV is placed in encrypted frame's header, and is transmitted in plain text.

Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets? a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key.

Basic Directions:
1)Boot from cd
2)Get the wep key
3)Write it down
4)Reboot into windows
5)Connect using wep key

download
part 1
part 2
part 3

I hope you will definitely like this !!!! Enjoy

INSTALL ANDROID 4.0 ON YOUR PC

By Unknown | Sunday, 1 September 2013 Leave a comment

HOW TO INSTALL ANDROID 4.0 VIRTUAL BOX

The mobile smartphone and tablet industry seems to have a very prominent divide , with lots of consumers having their favorite operating system and stick to hardware which is powered by their chosen OS. Obviously fans of Apple iOS use the iPhone an iPad devices , where Android lovers have a wide range of hardware to choose for due to the fact that the OS is available to multiple manufactures . But what happen if you are a die hard fan of iOS , or Windows Phone but you still want to sample the delights that Android Ice Cream Sandwich has to offer. I personally a iPhone user for many years and will continue to be.

But recently after getting my first taste of Android , i an severely tempted to shell out for a second device so that i can have the benefits of both the devices.

For those who can't or won't purchase a second device the why not run Android 4.0 in virtualization on your desktop or laptop in order to see Ice Cream Sandwich experience first hand ?

Android 4.0 is an Operating System with its own rights , but instead of running it on a dual boot setup , we install and run ICS within free of charge virtualizaton application known as Virtual Box.
Virtual Box runs like any other application or program on your system , but offers the benefits of being able to install a secondary OS within it which can be invoked quickly by the user . 

For those who Die Hard iOS and Windows Phone fans out there , this is a perfect way to experience the delights of Android .
Follow the steps below to fulfill your dreans :

Step 1  - Head over to the official Oracle VM Virtual Box site and download the relevant Virtual box binary for your computers operating system (Windows/Mac/Linux/Solaris)

Step 2 - Find the saved location of the downloaded Virtual Box binary and install as would with any other native application making sure to follow on screen prompts and instructions.

Step 3 - Head over to the VMLite website and download a copy of  the ICE CREAM SANDWICH which has been preconfigured for virtualization and features seamless mouse support for navigation . The download weighs in at 88 MB in size .
 

Step 4 - Locate the download ' Android-v47.z' and etract the content from within .



Step 5 - Once the Android-v47.z has been opened , locate a file from within the archive called 'Android-v4.vbox' which as you can tell by the file extension is a pre configured Virtual Box File . 

Step 6 - Double click on the Android -v4.vbox file which will load the virtual box application and boot up the ICS file .

Step 7 - When the boot menu is presented in Virtual Box, press 'start' on the top toolbar and then if required select the 'Android Startup from /dev/sda' option .

Step 8 - All steps are complete. Android 4.0 ICS should now be booting up allowing you to enjoy that Android goodness.

Windows and Linux users may find that an alternative , specific version Android 4.0 may be required which can be found by visiting the Android Page *86 . The performance of Android ICS virtual installation will not be as smooth as intended on an actual device built for purpose , but it gives good feel of the OS with apps being able to launch as well as widget customization. 

I hope you will definitely love that !!!! Enjoy 

Web Application Exploiter (WAppEx) For Hacking

By Unknown | Saturday, 3 August 2013 Leave a comment


Introduction

WAppEx is an integrated Web Application security assessment and exploitation platform designed with the whole spectrum of security professionals to web application hobbyists in mind. It suggests a security assessment model which revolves around an extensible exploit database. Further, it complements the power with various tools required to perform all stages of a web application attack.
The Exploit Database contains the all the logic associated with trivial fingerprinting, exploitation techniques, and payloads that address a wide range of web application vulnerabilities with the emphasis being on high-risk and zero-day vulnerabilities.
Some of the vulnerabilities already bundled within the Exploit Database include Local File Disclosure (LFD), Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL Injection (SQLI), Remote OS Command Execution (RCE), and Server-side Code Injection (SCI). WAppEx can detect these vulnerabilities in a target, take full advantage of it, and through neatly designed payload codes get as much access to the exploited target as possible in as short a time as possible. Some of the payloads included within the database are various reverse shells, arbitrary code execution, command execution, arbitrary file upload…
Since all the attack logic rests in the form of scripts within the Exploit Database, it is easily extensible, flexible and updatable through community servers. Users, too, can add mature, sophisticated exploits and payloads in the same fashion. The database grows on a daily basis, and our dedicated team of research and development are working non-stop to maintain the richest, most up-to-date aggregate of exploits. The number of exploits is soon bound to surpass hundreds. Meanwhile, users can share their own created exploits and payloads with the community and contribute to this growing momentum.
The scripting language used to create new exploits and payloads is JavaScript with the addition of a few accessory objects and functions that automate daily penetration testing tasks and help integrate the script with the database. Using this feature, you can easily create and execute an exploit based on a newly discovered vulnerability.
WAppEx is also equipped with a penetration testing toolbox that makes an effective synergy with the Exploit Database and a crafty security expert. The provided tools include Manual Request, Exploit Editor, Dork Finder, Hidden File Checker… More tools, such as a crawler, a multi-purpose fuzzer… are to be added to the arsenal in the future releases of WAppEx.
Still, keep your eyes peeled as this is just the beginning of a new, powerful war machine in the pentest battleground.
The full list features is as below:
  • An exploit database covering a wide range of vulnerabilities.
  • A set of tools useful for penetration testing:
    • Manual Request
    • Dork Finder
    • Exploit Editor
    • Hidden File Checker
    • Neighbor Site Finder
    • Find Login Page
    • Online Hash Cracker
    • Encoder/Decoder
  • Execute multiple instances of one or more exploits simultaneously.
  • Execute multiple instances of one or more payloads (for every running exploit) simultaneously.
  • Test a list of target URL’s against a number of selected exploits.
  • Allows you to create your own exploits and payloads and share them online.
  • A number of featured exploits (6) and payloads (39) bundled within the software exploit database:
  • Testing and exploiting of Local File Disclosure vulnerabilities
  • Testing and exploiting of Remote File Inclusion vulnerabilities
  • Testing and exploiting of SQL Injection vulnerabilities
  • Testing and exploiting of Remote Command Execution Inclusion vulnerabilities
  • Testing and exploiting of Server-side Code Injection vulnerabilities.


WAppEx 2.0, like its predecessor, has only been released a free trial. Click the download links below to download WAppEx 2.0, End-User License Agreement, and the registration license file.
NOTICE: BY CLICKING ON ANY OF THE DOWNLOAD LINKS BELOW YOU ADMIT THAT YOU HAVE READ AND ACCEPT ITSECTEAM END USER LISENCE AGREEMENT.
Download WAppEx 2.0
Download License File
Enter ITSecTeam as the license name during registration.

I hope you will definitely love this tool !!!!!!  Its amazing :-)