[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
Alright, /b/. Tonight I am going to show...
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!
The stories and information posted here are artistic works of fiction and falsehood.
Only a fool would take anything posted here as fact.

You are currently reading a thread in /b/ - Random

Thread replies: 239
Thread images: 33
File: Hack.png (20 KB, 726x492) Image search: [iqdb] [SauceNao] [Google]
Hack.png
20 KB, 726x492
Alright, /b/. Tonight I am going to show you how to hack into an e-mail, getting passwords for Twitter, Facebook, IG, etc.

You will need: Vmware or Virtualbox with a distribution of Kali Linux with the tools installed. If you don't have it and want to do this install everything (it's free) and then come back and catch up.

We will be using Hydra mostly, also, a couple of other tools. Take a screenshot like I did and timestamp so I know you're actually participating. Thank you.
>>
Bumping for interest
>>
>inb4 pruned
>>
Bumping for interest

Go ahead
>>
Not participating atm, but definitely taking notes for future reference
>>
ive used hydra before and it takes way too fucking long

i want to hack into accounts on
interpals
dot)
net

teach me based anon
>>
File: hydra-gtk.png (227 KB, 1221x714) Image search: [iqdb] [SauceNao] [Google]
hydra-gtk.png
227 KB, 1221x714
If you are participating, we will now start by opening Hydra-GTK. We are using the GTK because people I teach this to tend to get lost and confused. It's simple, easy, and very effective.
>>
>>596500273
Were safe to DL?
>>
bUMPPPPPPPPP
>>
File: 1419585641207.jpg (133 KB, 500x620) Image search: [iqdb] [SauceNao] [Google]
1419585641207.jpg
133 KB, 500x620
>>596500273
I will monitor this thread.
>>
Before moving on, first you need to have a designated target (Their IP address.) and their e-mail. I will be using a test e-mail for education purposes. You can download the OS from Kali's website. You can use Virtualbox or Vmware to support it.
>>
>>596501314
Doesn't hydra require a word list? Not only that but most sites change pages after a certain number of attempts and when the page changes hydra sees it as a good thing and selects the wrong password. I'll bump just in case there is something different I can do.
>>
>>596501640
DL vbox from oracle virtualbox dot org and Kali from the Kali dot org website.
>>
>>596502048
Yes anon, we're going to have to create a wordlist first. :)

We will store the passwords there. You will most likely get some false-positives as well. So, getting the right password can take a little bit but is guaranteed success.
>>
>>596502035
how the fuck do you get there ip address
>>
Very 1337, continue plox
>>
>>596502381
Crunch? Maybe you can help me then. If I'm creating one with crunch how do I get it to recognize words instead of certain characters? For instance how would I get it to do every combo of the words bubba lulu and Cosmo without doing every combo of the letters in those words?? Lol
>>
>>596502578
Try to get them to email you and extract the headers or get them on skype and resolve their username. Also with hydra you can target a certain website like gmail dot com.
>>
File: vc.png (94 KB, 1268x593) Image search: [iqdb] [SauceNao] [Google]
vc.png
94 KB, 1268x593
>>596500273
LOADERFYING...
>>
Not participating cause Uni and don't have VMware or kali linux right now, but will save thread for future reference, really interesting, anon.
>>
File: YESS.gif (146 KB, 300x167) Image search: [iqdb] [SauceNao] [Google]
YESS.gif
146 KB, 300x167
inb4 the OP gets you guys to DDOS an FBI IP address and gets you guys V&

go on, op lol
>>
>>596502578
There are several ways in which you can obtain a victims IP address, some more tricky than others. For this instance let's use an IP you can get easily such as one over Skype and or Facebook using a IP resolver.
>>
>>596502224
and what about hydra?
>>
>>596503122
Gonna archive it as well - let's post it when OP has worked his magic.
>>
>>596503128
Still interesting
>>
>>596503128
We aren't ddosing anyone lol. We are learning password recovery techniques. :)
>>
>>596502862
extract headers?
>>
>>596503130
Do cell phones use same IP's as PC's?
>>
File: victimIP.png (26 KB, 508x551) Image search: [iqdb] [SauceNao] [Google]
victimIP.png
26 KB, 508x551
Okay, so, first step, (pic related) we will enter in the victims IP HERE. Make sure it is the correct one.
>>
>>596503279
Hyrdra ks a tool that comes with Kali. >>596503453
Yes. Google it because its a bit too much to explain and it is different for every account. Like gmail is different than yahoo etc... :p
>>
File: Glovehorse.gif (2 MB, 368x467) Image search: [iqdb] [SauceNao] [Google]
Glovehorse.gif
2 MB, 368x467
HEY OP MAKE THEM RUN A PORTSCAN ON SOME NSA SERVERS
sounds like fun
>>
>>596503279
It is included in Kali. All the tools can be downloaded from Kali. You just need to extract it from the CMD. Guides all over Youtube, mate.
>>
will backtrack do?
>>
>>596503776
Backtrack 5 ftw.
>>
>>596500273
>>596500273
very interesting OP

keep going
>>
Anyone know a good drop hacks? the one i have kinda sucks, doesn't work as expected.
>>
File: 1412775544233.jpg (375 KB, 920x1632) Image search: [iqdb] [SauceNao] [Google]
1412775544233.jpg
375 KB, 920x1632
Hopefully not a troll
>>
OP i would love to do this but i am new to this shit and i have a mac what do you suggest? what should i install to get started ?
>>
If this thread 404s, are you going to make another?
>>
File: 1346389382915.jpg (99 KB, 800x481) Image search: [iqdb] [SauceNao] [Google]
1346389382915.jpg
99 KB, 800x481
>>596504312

ok first your going to have to reserve a call with the apple tech support line
>>
OP give us your email or someshit so if thread 404's we can continue.
>>
File: target list.png (4 KB, 465x74) Image search: [iqdb] [SauceNao] [Google]
target list.png
4 KB, 465x74
Okay, here is where you will insert your wordlist (named passwordlist.txt usually). Google how to create one, it takes all of 30 seconds to 5 minutes at most. (pic related) it's where you upload it, just click the white box as if you were typing something and it will bring the upload screen up.
>>
>>596504661

> shiggy diggy
>>
>>596504661
>>596504334
Keep bumping, dont let it 404 untill OP is finished teaching
>>
>>596504312
Download vbox for Mac and run Kali through that. There are tons of tutorials on YouTube. I literally learned everything I know from there.
>>
>>596504859
>/
>>596504859
>>596504859
>>596504859


https://www.youtube.com/watch?v=Eg4mBpMq3FU

https://www.youtube.com/watch?v=_ZiiJT7iJ2c
>>
This is /b/ home of gay porn and trap threads. Wtf is this bullshit thread doing here? Create a roll thread faggot get with the times.

>you are cancer
>>
this all seems so simple :D who knew hacking would be this easy, in like the future you will only need to download a,program and push 1 button to hack. shits awesome.
>>
For the rest of the information under the 'target tab' it goes as follows: (pic related) make sure you click 'be verbose' helps with the process of extracting password and eliminating false-positives.
>>
>>596505661
Newfag
>>
File: Targettab.png (13 KB, 495x343) Image search: [iqdb] [SauceNao] [Google]
Targettab.png
13 KB, 495x343
>>596505828
lol oops forgot to attach image
>>
>>596506017
Also, make sure to use SSL, anons.
>>
File: image.jpg (33 KB, 480x270) Image search: [iqdb] [SauceNao] [Google]
image.jpg
33 KB, 480x270
Bumpin.
>>
>>596505672
Script kiddie. ;)
>>
>>596506284
hey, the hackers are the ones creating the scripts for us. whats the problem?
>>
>>596506284
Everyone ITT.

Niggers can't hack your way out of a wet paper bag.
>>
File: image.jpg (81 KB, 372x492) Image search: [iqdb] [SauceNao] [Google]
image.jpg
81 KB, 372x492
>>
OPs dead guys...
>>
File: passwordstab.png (35 KB, 498x568) Image search: [iqdb] [SauceNao] [Google]
passwordstab.png
35 KB, 498x568
Alright guys, next up, password tab. Just follow the instructions on the pictures I provide within these posts, you should be able to do so. If not, gtfo thread. Anything I do not touch in the tab you do not touch either, you do not want to fuck things up and then get mad at me when it was your faulty move. So, be careful. (Pic related, next tab.)
>>
bamp
>>
>>596507182
I'm confused about the password box
>>
>>596507482
it's obviously bait you fucking autist.
>>
bamp
>>
>>596507482
One moment, I'll explain in a sec.
>>
>>596507182
You touched the password box, should we do the same?
>>
File: tuningtab.png (36 KB, 496x624) Image search: [iqdb] [SauceNao] [Google]
tuningtab.png
36 KB, 496x624
For the tuning tab it's very easy. All we're doing is adjusting the task limit to correctly run the password 'sniff' i guess you could call it. If you're noided about the situation you can go ahead and set up a proxy but it is NOT required. Only if you feel the need to do so.
>>
>>596508000
Trips checked, also bump
>>
>>596507736
Yes, anon
>>
>>596508000
127.0.0.1 is not a routable address. It's a loopback for the local machine. Quit trying to fuck people over you faggot.
>>
File: YES.gif (478 KB, 500x224) Image search: [iqdb] [SauceNao] [Google]
YES.gif
478 KB, 500x224
How to get your IP banned from gmail and facebook: the tutorial
>>
>>596508191

>no proxy

And then you realize that you were born with an extra chromosome.
>>
>>596508191
you have to set it yourself, anon. We all know that is not viable. Pay attention.
>>
>>596502016
>GTFO moderator
>>
>>596508191
Dumbfuck.
>>
The blind leading the blind

> 'hacking'
> not in a shell

topkek
>>
>>596508191

Good troll or lack of knowledge. Either way cheers to you mate.
>>
>>596503014

> cluster - fuck

kek'd
>>
>>596508191
>>596508446

yeah pay attention you noob
>>
>>596506017
>SSL
>be vebose

kekd
>>
>>596502016
nice movie
>>
File: 1422993031368s.jpg (4 KB, 125x104) Image search: [iqdb] [SauceNao] [Google]
1422993031368s.jpg
4 KB, 125x104
>>596508680
>>
you can be easily traced back using this shit. abandon for your own good
>>
>>596503375

Kali is a linux distro that is meant for whitehats and cybersecurity professionals.

Yeah niggerhats gonna nig though.
>>
File: 589_tux_fedora.jpg (10 KB, 220x220) Image search: [iqdb] [SauceNao] [Google]
589_tux_fedora.jpg
10 KB, 220x220
what about i use fedora linux ?
>>
>>596508604
teach us your ways to hack, wise not-op faggot
>>
>>596500273
so am I wrong or are you just showing how to do a dictionary attack?
>>
File: mybface.jpg (20 KB, 298x278) Image search: [iqdb] [SauceNao] [Google]
mybface.jpg
20 KB, 298x278
Seriously? You're having these dumbfucks use hydra? I mean, I know it's trying ground level shit, but you could at least walk them through SET or something.

Just put together an exploitable pdf and send it to the target. Or send a link to some exploitable java, or use the 0 day xss that came out yesterday in IE.

Or you can leave a swath of logs and theyll automatically block you because one account had 60000 login attempts. Either or.

mfw hydra is only useful for checking one password across many accounts and across multiple servers.
>>
>>596500273
>Not sure if I trust OP
>Too curious and naive not to try this
>>
>>596509321

Yes, it's just going to run through a (small) list of passwords that comes with the distro and probably get your IP blacklisted from whatever major site you use it on.
>>
>>596509321
nope. that's the length and breadth of it.

and hey...you need kali for that. there isn't commandline hydra for windows.
>>
>>596509560
oh I'm not following, please carry on I was curious
>would be mindfucked if not IT student
>>
OP is retarded to not mention that Kali comes with wordlists already on it, specifically the rockyou lost, which is really all you'd need.
>>
File: starttab.png (11 KB, 504x394) Image search: [iqdb] [SauceNao] [Google]
starttab.png
11 KB, 504x394
Alright /b/, we skip over the 'specific' tab because that has no practical use for this tutorial. So, once you have everything filled out as I specifically showed you you can go to the 'start' tab. Click start, and wait. It can take a little bit. If you get ANY errors, do NOT get mad, just ask for help. Post a screenshot of your error with a timestamp so I know that you're not fucking with me. When finished it will store a passwordlist.txt file with all the possible password combinations. Don't fret, there is not too many to sift threw. Going to provide a pic in a sec.
>>
>>596509206

Yes. Kali just makes it easier because all of the tools are already bundled in. You can probably find the tar balls for this stuff separately and compile it yourself on Fedora.
>>
File: kalilinux.png (755 KB, 1248x999) Image search: [iqdb] [SauceNao] [Google]
kalilinux.png
755 KB, 1248x999
so i went to kali linux website....
>>
>>596509395
Where would I acquire an exploitable pdf? I want to trash my coworker and his computer with mass amounts of gay porn and email dick pics to all of our customers using his email
>>
I can also show you other ways aside from Hydra if anyone is interested. This is just a viable, nooby way to do it. Reply to this with any other way you'd like me to show you. :)
>>
im following your instructions, still don't really have any idea what im doing
im in doge mo9de
>>
>>596510301
Are you really suspecting it of being a virus or something along those lines?
>>
>>596500273
bumping, i'm following, op. dun dissapoint
>>
>>596510549
>596510549
They're being a 12 year old and laughing at penetration.
>>
>>596500273
Hey OP, definitely gonna try this. Don't have time now, so i'll leave the thread open.Thanks
>>
>>596510301
>>596510549

> DON'T DO THIS IT MAKES MUSTARD GAS!!!
>>
CURRENTLY TAKING SOME HEAVY NOTES
>>
>>596500273
Brute forcing passwords != hacking

I bet you couldn't hack your way out of a wet paper bag.
>>
>>596510733
God dammit, I didn't even notice that.
>>
>>596510301
HAHAHA "PROFESSIONAL PENETRATION"

KEKEKEKEKEE
>>
>>596510301
If you are laughing at penetration testing you are no hacker
>>
>>596511091
I used to know a jew that said kekeke because of some stupid anime.
>>
File: anon.png (283 KB, 1239x991) Image search: [iqdb] [SauceNao] [Google]
anon.png
283 KB, 1239x991
terminal attack please using ubuntu 12.04

>pic related
>>
>>596511270
Muh Shekels
>>
>>596510399
Your a genius, that's the exact type of revenge I want. I'm going to dedicate my life to doing this. Hell I could even break up him and he's missus.. Get some poofter fucks from craigslist to knock on he's door at 1am.. Oh the possibilities.. Hahahaha.. Thank you anon
>>
>>596500273
Lol I haven't seen a thread like this in a long time.

If anyone has stupid questions regarding hacking, ask and I will attempt to answer

>inb4 someone says hack my gf's gmail account
>>
File: hackinginprogress.gif (3 MB, 320x180) Image search: [iqdb] [SauceNao] [Google]
hackinginprogress.gif
3 MB, 320x180
>>596510549
Dude. Don't mess with the poor guy.

It's totally a sting. OP is a security pro working with the police and is stringing people along in what is called a Cyber Honeypot. OP is actually Dave Aitel, CEO of Immunity Labs who works for the Miami Dade Police Department in traps like these to catch people stupid enough to throw a dictionary attack at people they know. They then match your posting IP to brute force logs, subpoena attacking IP's info and make arrests.

Oh, you're using TOR? They can't find you? You're behind 7 proxies? Go here:

https://diafygi.github.io/webrtc-ips/

And tell me how nobody can find you. This is how the FBI locates people. This is how they locate YOU. Adblock plus/Noscript? Won't do shit.

It's your ass. Cover it.
>>
>>596511892
Nigger
>>
>>596511876
I found a popular site that allows stored XSS. Should I go with document.write or go with grabbing document.cookies?
>>
Okay, anons. I successfully created a passwordlist.txt via Hydra, as you can see, it spewed a couple of passwords. Now you try and eliminate.
>>
>>596511892
homossexual spotted
>>
>>596511892

... wtf are you talking about?

What honeypot? These are all legitimate tools and no specific targets are mentioned anywhere. Nobody is hunting anybody for trying to brute force a password you ignorant cretin. Sites will just blacklist your IP and ignore you. Reset your router you get a new one.
>>
>>596511892
nigga i got adblock and mc caffe anti vrius the fib can't touch me
>>
File: 1393473314015.jpg (297 KB, 1131x1600) Image search: [iqdb] [SauceNao] [Google]
1393473314015.jpg
297 KB, 1131x1600
>>596511892
i made a hosts file to hide yourself from webrtc services
pastebin/jVGT5mRE
>>
>>596512526
You forgot the good ones

password
god
sex
love
nigger
niggers
fuckingniggers
goddamnedfuckingniggers
nigger123
123imniggerascanbe
allhailourkikemaster
lobsterbear
twatflange
titclop
gladeplugins
daveaitelisgod
>>
>>596513010
Oh that's good
>>
>>596513011
kekked
>>
>>596512814

... ya know, if you are especially paranoid then just go to a Starbucks and run your tools there on public wifi. The only record of your unique mac address is on the Starbucks router and any attack looks like its coming from Starbucks from your ISP perspective. You probably don't even need to fuck with Tor.
>>
>>596512814

>>596512814

... ya know, if you are especially paranoid then just go to a Starbucks and run your tools there on public wifi. The only record of your unique mac address is on the Starbucks router and any attack looks like its coming from Starbucks from your ISP perspective. You probably don't even need to fuck with Tor.
>>
>>596512814
Shut the fuck up your cybers are suck! You couldn't hack the firewalls IDS for shit. Your I bet you think LMOS is a Jetson. They will just get your cyberfingerprint and suddenly you're being fucked by the DA in the ass in return for him agreeing to a plea agreement.

They got the cyber silk road with it. They have firewall and Palo Alto and Splunk Cloud Services.

They are fucking unstoppable.
>>
>>596513524
right on
>>
>>596513524
behold, king nigger
>>
God you spergs are vulnerable jesus.

If you're trying to brute force someone's facebook account you wouldn't hack their local network, you'd spam facebook. Except the login requests would trigger an account lock yielding a security question. Good luck if someone is using MFA, too.

Also, what good will their public IP do? A port has to be open for you to exploit it and most home routers don't have any ports open by default and won't even permit inbound ICMP from the internet.

Even then, you'd have to compromise their internal network and identify which PCs on their LAN are worth targetting...

Best bet is to get them to run an app client side that would scrape browsers' cached passwords which are usually stored in plaintext or easily decrypted.

You script kiddos are hilarious. "OMFG gonna sue Kali linux tools cuz dats wut pro's use to penetrationg test!"

You fools wouldn't know InfoSec if it fell on your damn heads.

Unless you have basic knowledge of networking, most concepts are lost on the average internet "hacker".

Don't let me stop you from attempting to be edgy though. You'll just walk yourself into a honeypot or do something that causes you to get hacked by someone else more knowledge than yourself because you were gullible.
>>
>>596513010

Host files don't solve every problem dumbass.

LOL you sound like a JR Network Engineer.

ZOMG gonna block virus and spa with host files derp derp!
>>
>>596513402
Exactly. Starbucks doesn't have cameras everywhere. And just run it off your wifi without changing your MAC address. They don't keep any sort of accounting on their AP's and they would never contact the manufacturer and subpoena them for what company the device went to, and what customer purchased the laptop/device.

Because cyberhacking is easy. Be sure to wear your shades and a Defcon t-shirt to not stand out at all.
>>
File: 1421636653524.jpg (9 KB, 251x251) Image search: [iqdb] [SauceNao] [Google]
1421636653524.jpg
9 KB, 251x251
>>596513524

> firewalls IDS
> cyberfingerprint
> cyber silk road
> They have firewall and Palo Alto and ...
> mfw no activated almond web services
>>
>>596513896
OH SHUSH, I AM A GODLY HACKER NOW AND YOU CAN'T STOP ME
>>
>>596513896
i agree with this but
>hurrdurr im a real hacker
>>
>>596513896
the fuck did you expect? this is /b/ not MIT forums
>>
>>596514666
666 trips = checked
>>
>>596514255
dude.

cyberhacker. what are you, a lamer?
>>
>>596514666
satan!
ahhhh!
>>
>>596514118

Again... we aren't dealing with arms smuggling here. Why would anybody go to this much trouble for some edgy teenagers trying to hack their sister's email address for nudz?
>>
File: dylan.jpg (279 KB, 1360x900) Image search: [iqdb] [SauceNao] [Google]
dylan.jpg
279 KB, 1360x900
>>596514666
the fuck are you talking about? This place is filled with MIT grads and doctors and lawyers and Special forces and Hackers and top-flight infosec professionals and women. Lots of fucking women.

You're cybers are SUCK.
>>
>>596514141

You think it's funny, but honeypots were DESIGNED to catch people.

Many companies do have vulnerable networks and services exposed to the internet if you know what to look for and have experience all the way up the "stack" so to speak.

Those incidents can be tough to detect, lock down and permanently resolve.

You know what's easier though? Suck people into honeypots that were DESIGNED to catch people.

Same way narcotics officers lure drug dealers into selling them enough dope to get serious charges. Then plea them down or offer immunity in exchange for names upstream.

Of course, if you're some dumb shmuck who things they're a hacker, you have NOTHING useful that authorities would be interested in, so they'll just fuck you seven ways to Sunday because they can and because they need to make examples out of people.

The Silk Road wasn't shut down immediately because it was watched for years. All the evidence thrown around in court wasn't obtained over the course of a 24 hour period.

But LOL comparing script kiddie hacking to Silk Road.

SOOO EDGE, MAN
>>
File: success.png (31 KB, 873x323) Image search: [iqdb] [SauceNao] [Google]
success.png
31 KB, 873x323
>mfw OP actually knows what he's talking about
>>
>>596514897
you've never seen their sisters man.

they smelled their nipple in the bra that was in the laundry. THEY HAVE TO SEE IT.
>>
>>596500273
does someone want to archive this thread?

I would but I'm in a game of league
>>
>>596513896
See
>>596515192
>>
so does this shit actually work? or....
>>
>>596515068
Special forces master race reporting in.
>>
>>596515072
> implying the government won't recruit me for being a beast hackor and i get a 700000 million slary

it's a win win situation
>>
http://4archive.org/b/thread/596500273

toasting to this epic bread
>>
File: hackershideout.jpg (140 KB, 1057x756) Image search: [iqdb] [SauceNao] [Google]
hackershideout.jpg
140 KB, 1057x756
>>596515072
R U SUM S0RT 0F CYBAR G0D?

R U JAKOB, TEH LAWNM0WAR MAN WH0 WAZ PROMIZED T0 D3L1VAR UZ FROM LAMeN3ZZ? WAS UR BR1RTH H3RALD3D BY TH3 RING1NG OF EVARY T3LLARPH0NE ON URTh/?

R U THE LEG1ON 0F D00M?
R U T0 SAV3 PH1BAR OPTIK FR0M H1Z HUBR1S?

T3LL UZ TEH G0SP3L UV TEH ZER0-DAY. TEECH US TEH B3AUTY 0F TEH BAUD. U AR 0UR CYBARCHR1ST. WE AR UR DECIPL3Z!
>>
OP is such a scriptkiddie.

This shit does not work because you will just end up getting a ton of false positives after the first 50 or so tries.

It's also a great way to get you IP blacklisted.

Anyway if you guys really are interested in this failure of a method just google it, no need to wait for OP to explain every part in an autistic matter.
>>
>>596516125
>>596515192
are you retarded?
>>
File: tardchan.jpg (129 KB, 750x600) Image search: [iqdb] [SauceNao] [Google]
tardchan.jpg
129 KB, 750x600
>>596515784
>special forces
>>
>>596512814

LOL Another fucking myth.

DERP DERP RESETTING MY ROUTER FIRIN MUH LAZER.

Do you fucking understand how DHCP works you imbeciles?

You're still on the same public subnet/vlan that your IP assigns you.

Depending on the size of the subnet, the DHCP lease and how long your router was turned off, you're more than likely just going to get the same IP you had before.

And even if you get a new one it's going to be very close. Either another IP in the same /24, or /23.

Perhaps your ISP puts you a /22 or larger.

Regardless, you're still traceable and your ISP knows who you are.

So you might be able to hide for awhile or skate under the radar a little longer, you're still only a subpoena away from getting caught. Or less if your ISP doesn't require one (depends on what 3 leter agency is inquiring).

You don't think ISPs retain DHCP logs?

And even if you're smart enough to randomize the MAC on your router's public interface, your ISP is still aware of what CPE it's talking to and which customer the CPE is associated with.

Fucking spergs, the lot of you.
>>
>>596516125
This reminds of mincraft tutorials from people who have no idea how to program java. "OH sit it underlined red what happened???!!!! Why do I need public class???!!!"
>>
>>596516385
I like you.

But it's too late brother, we are l33t haxors now. No going back.
No regrets.
>>
>>596516385
U R SO VARY WIZE CYBARJ3ZUZ. WE F0LL0W UR WIZDUM.
>>
Pop quiz for your spergs.

What is a static route and how does it differ from a dynamic router?

What is a proxy and what is it's primary purpose?

What is a reverse proxy and what is it's primary purpose?

Explain in detail the concept of an airgap.

Explain in detail the concept of a multi-tier enterprise DMZ network.

Explain in detail the concept of a corporate intranet.

If you can't answer all of these question adequately, you're unfit to tie your shoes in the morning, let alone administrate network systems or "hack".
>>
>>596516385
also don't worry so much, everything will be fine, i got adblock
>>
>>596516957
hold on let me open up google.
>>
>>596516385
What are best practices in keeping you anonymous? Of course at the local level, no doubt the big 3 letter agencies will find a way to hammer fuck you if need be so. But assuming I'm just fucking around in the webz.
>>
>>596517042

LOL. You can tell your neighbors as the feds haul you out in handcuffs:

But I got ADBLOCK! And I reset my router! I was framed, I tell you!
>>
>>596516487
You are on a new road now. A beautiful road that will lead you to a multitude of stolen nudes and default passwords. A road that will one day lead you to be called The Brute-Force Master by the media. How many guesses can he make in a second? 500,000? 40 million? Can the passwords you guess EVEN BE ENUMERATED?

A windows server? Your packets will slide right through any packet filters or NATting straight to 445. You will enumerate the shit out of their SIDS and their user lists. Linux machines? Sun Machines? They will download, install and set up SMB simply to avoid the battering against their ports that you will give them.

But you are not yet there little hacker. You have many more scripts to run first.
>>
OP here speaking to the people with a fair amount of experience. I said in the beginning of this thread that I will show you a skiddish way on how to obtain e-mail passwords. Never once did I claim we were going to do it the 'professional' way so all of you 'pros' stop trying to boast of your knowledge and act egotistical. This way just a quick little fun tutorial. No one is claiming shit. So, shut the fuck up, please. I wasn't going to go into other advanced methods when half of the people on here have no experience at all.
>>
>>596517165

Use public Wi-Fi's. Change up your location frequently. Buy coffee or a sandwich wherever you go but DONT use credit cards or membership reward cards. Don't stick out as the creepy sperg. You don't want to be identified after the fact by an employee who says "yeah the weeb was a creep".

Shut off your cell phones completely, or better yet, leave them at home. They record your location and will be able to place you at a location better than any security cam can. I don't know that phones are used as evidence often but better safe than sorry.

Fuck Tor, it's not as safe as you think it is, and just makes you more vulnerable.

If you're up to malicious activity, NEVER LOG INTO YOUR EMAIL, FACEBOOK OR ANYTHING ELSE THAT TIES YOU TO YOUR NORMAL IDENTITY. This is key. Don't fuck it up. Check your cousin's beach pictures later when you're back at home.

Run a live CD off a laptop with the hard drive removed. Don't run it off a USB. Too much risk.

That's all I can think of for now.
>>
>>596512952
Lol'd
>>
Here's a method for "hacking" into people's private accounts that will get you more nudes than OP can deliver with this failure of a method.

Just go to iforgot icloud, and ask to reset password followed by entering their date of birth then answer 2 easy security questions. Then the night after Valentines you reset their password and break into their accounts (they won't get an email if you don't go through with the pass reset even if you answer correctly) and gather nudes. Profit.

No programs or skill needed.
>>
File: hackerx.jpg (19 KB, 400x400) Image search: [iqdb] [SauceNao] [Google]
hackerx.jpg
19 KB, 400x400
>>596516957
>static v dynamic

Static routes are sticky, like your socks against your pants when you forget to put in Bounce, the superior antistatic sheet that leaves your clothes smelling fresh. Dynamic routers are what batman and robin use on the bat computer.

>proxy
It's what Munchhausens disease uses to infect you.

>Reverse Proxy
For when you infect Baron Munchhausen with a cyber virus.

>airgap
WHen you fart and you feel that weird bubble that slowly slides along your ass when you're in the tub.

>DMZ network
It's where a jew sends out a bunch of kids in LA to take pictures of celebrities and ask them insulting questions.

>Corprate intranet
Cyberwebs
>>
>>596517671
if anything, you taught me how to hack my ol email accounts in wich i forgotten the passwords too.

Thanks
>>
>>596513011
kek
>>
>>596518090
You're welcome, anon.
>>
>>596516957
I work in construction but I will answer your questions.
Static ip is assigned and does not change. Its specific to your device. Dynamic is ips changed usually on your 1st node out your house on your local area router , on your traceroute that would be node 2
>proxy is what you connect to first.think of it this way, you have to send a letter to your buddy in Ny ,instead of directly going to your mailbox to leave it you go to a strange place in IL and send the letter from there.
>no idea what reverse proxy is first time hearing it
>Airgap is the space between a two shits in your colon
>DMZ can suck my dick
>Intranet is not connected with the www. usually intranet gets to www though a specific server for security purposes
you can suck my dick and I can build you a bathroom for 5000$ or I can put carpet in for $5/sf or I can build you basement for $20/sf
>>
cant you just make your target go to a website you control with JS and frame some requests to harvest Facebook/gmail etc cookies? And then just steal their session?
>>
>>596517974

Best advice so far.

People gotta step up their game.

When you lil niggas set up your security questions you should never answer them honestly, because people who would do you harm will have the means to find the answers to the questions.

Always lie on the security questions but keep a record of the Q and A's on a encrypted thumb drive stored in a sage location should you ever need to reset your own accounts using those Q and A's.
>>
>>596518404
topkek
>>
>>596518404

LOL you didn't get a single question right, even the first one.

The concepts of static and dynamic don't just apply to IP assignment. They apply to routing as well.
>>
>>596518441
Dude, that's only in the movies.

The best way to hack someone is to run nmap. and then you're in. Just keep running it until "ACCESS DENIED" stops flashing on your screen and says "ACCESS GRANTED" and all the pictures start popping up.
>>
>>596518441
yes this would be the sensible option
>>
>>596517850
Thanks anon, have an old laptop that I'm gonna start using. Any tools you recommend?
>>
>>596516957

My best attempt without using GOogle.

> What is a static route and how does it differ from a dynamic router?

You can pay your ISP to provide you a static IP address, this is uncommon though. Most routers are configured to lease IP addresses on a subnet to routers.

> What is a proxy and what is it's primary purpose?

A proxy conceals the client of a request from a server by making the request on behalf of the client.

> What is a reverse proxy and what is it's primary purpose?

This is the opposite. It conceals the real server from the client that is making a request by serving the clients request on behalf of the real server.

> Explain in detail the concept of an airgap.

I actually never heard of this term.

> Explain in detail the concept of a multi-tier enterprise DMZ network.

Corporate networks typically employ a DMZ or demilitarized zone as a buffer between their internal intranet and the outside internet. Requests from the internet need to pass through a firewall here to some publicly visible network resources. Most of these are reverse proxies and load balancers that will serve public requests to servers behind the DMZ that are not publically accessible otherwise.

> Explain in detail the concept of a corporate intranet.

I kind of just did. Everything in the intranet can sit safely behind the DMZ. They are typically subneted through a gateway(s) and serve network entities in the intranet IP addresses within their own internal network. This is basically a very complicated and expensive and sophisticated version of exactly what your home router does for network entities in your home.
If you can't answer all of these question adequately, you're unfit to tie your shoes in the morning, let alone administrate network systems or "hack".
>>
File: 1422356082490.gif (3 MB, 370x208) Image search: [iqdb] [SauceNao] [Google]
1422356082490.gif
3 MB, 370x208
>>596517850
+1 Anon. That is some good advice for proper ghosting.

> much better than faggots calling other ppl faggots and displaying their "vast" knowledge without offering good advice for beginners
>>
>>596518970

Kali > *

No Tails. Bad Tails. Seems convenient at first glance due to Tor and suite coming pre-installed. But not worth it IMO.
>>
>>596518729
You're really really really really really really really smart.

I bet you wouldn't fall for arp spoofing attacks, what with your static routes.

And your clothes are smelling fresh! No static cling!

Maybe you can dazzle us with stories of BGP routing flaps and logical vs physically separated networks. Or really get us to cream in our jeans and tell us about your last PCI audit and how you really dazzled your QSA.

Regulatory stories are super interesting.
>>
>>596519289
I like the part where they ship TOR bundles with javascript enabled.
>>
>>596517974
any suggestion for figuring out the email that someone uses for icloud?
>>
a good hacker protects me from evil hackers <3
>>
>>596519289
What OS in your opinion is best for anon type shit? What would you consider to be the tools of the trade for a noob that's gonna teach him self until I start my degree. Maybe with a focus on recovering deleted files, accessing passwords, and DOS.
>>
>>596508294
>How to power cycle your router and get a new IP.
>>
>>596519025

Good enough. Better than I expected.

The primary purpose of a proxy is two things: provide internet access (HTTP, FTP, etc) for clients on an intranet that wouldn't normally be able to go outbound due to a properly implemented airgap. It's secondary purpose is caching content locally on the proxy to minimize internet traffic saving bandwidth. I suppose you could also say that it provides an aggregated central system for admins to review outbound network traffic that gives them a more comprehensive view of what users are accessing.

The purpose of a proxy has never been to conceal anything. Your org's public IP is still exposed in the same fashion. And your browser will still provide information to web servers it's talking to about what browser you're running, encryption levels, etc.

Please get this out of your heads - proxies aren't for concealment.

I wouldn't say that a router creates a true intranet because it's not proper airgapping.

Also most home routers don't actually have a true firewall. They can sometimes block outbound traffic. But they usually rely on NAT/PAT for security, which isn't the end all be all.

In fact, most home routers that support IPv6 don't offer any "firewall protection", because of the nature of how IPv6 works.

If you want a true home firewall, buy one or build one yourself.
>>
>>596519968
no hacker can protect you from your own stupidity
>>
>>596518353
So now, how to avoid to be hacked by that technique?
>>
>>596520323
Windows XP.

Microsoft discontinued it, and can no longer allow people access to it, even upon FBI request. Just use an 8 character password and you're set.
>>
>>596510435
MITM on the street line for cable Internet Service providers without a vampire tap. Is there a way for modems to use promiscuous mode?
>>
>>596520398
seems to be mans universal flaw

his own stupidity
>>
>>596520586
whoops meant
>>596520150
>>
>>596519875
Go to their facebook profile. Then copy their usename and paste it into "forgot password" section on facebook. Then an email address with the first letter and last letter and ** in between will appear, such as f******kATthemail. Now You just guess what those letters in between are, which is usually extremely easy. Then you use the reset function again, but this time with the email you think is theirs. If the name of the acc is hidden when you enter the address, just see if the last two digits of their phone number matches. You should be able to guess about 95% of people's email addresses.
>>
>>596509052
>Yeah niggerhats gonna nig though
>niggerhats gonna nig
>niggerhats

kek
>>
>>596519298

No system can be 100% protected but you can minimize your risks.

Most companies are clueless, or if they aren't, they know that the won't be able to lock down their networks for fear of user and management revolt. Such is the life.

I'm not the smartest person around, but I hate seeing these weebs get fed misinformation left and right by fellow "hackerz" and/or government agents.

You're free to share your knowledge as well, especially if your ITIL certified ;)
>>
>>596519289
And what about file and email encryption programs. Well aware that more mathematicians work for a certain 3 letter agency then anywhere else and they can more then likely crack it. But maybe I don't want my neighbor reading my shit.
>>
>>596520803
Ah yes. Certifications.

Wanna know the best way to get a virus emailed to you?

Join the CISSP mailing lists.
>>
>>596520586
Nigga are you trolling these weebs?

XP isn't getting security patches any more and has terrible innate security.

8 characters? You should be using more than 14. Anything less is subject to LM hash cracking.
>>
>>596520881
google encryption

you can't break modern encryption
>>
File: 1422545494692.jpg (8 KB, 200x200) Image search: [iqdb] [SauceNao] [Google]
1422545494692.jpg
8 KB, 200x200
>>596500273
Op, tonight you where not a faggot. Thanks. Of course this is nothing fancy or high speed low drag but its good info to know.
>>
>>596520881

All I would say is keep the private key safe. And if you're using builtin encryption in Windows or Mac, make sure that your password is long enough that it can't be cracked.

Doesn't matter if you're using 4096 bit key size if you're computer password is "Fluffy1".

Also beware of encrypting anything with upstream public PKIs. Should go without saying why.
>>
>>596521119
see
>>596521119

You can't crack the encryptions. they're just too good.

the cyberciphers are CBC and BBC, and not even matt blaze (puff buff my bro) or tom ptaceck could possibly cyberhacks them.

It cannot be done.
>>
>>596521398

You don't need to break encryption if you have either the private key, or more than likely, a user password associated with a private key.
>>
>>596520150

Learn networking and operating systems first.

Until you have the concepts down pat, you're wasting your time.
>>
>>596521789
Thanks for the input anon. I'm OCD as it is on my Keys. Keep them long and as random as possible along with changing them often.
>>
>>596518759

Yes. NMAP with default settings. Perfect way to skate right under the most advanced IDS.

Pure genius.
>>
>>596522600
You're welcome. Glad to help.

Please don't do any harm to children though.

I'm OK with drugs, guns, whatever. Just not anything that harms kids.
>>
Why the fuck nobody requested proof with of some timestamped hacked fb accounts?
>>
>>596510301
why would they be professionally pen testing labs
i have a lab he is so dumb
>>
>>596523005
You have to obey this. He got dubs.
>>
>>596516385
>implying I don't hack from a cantenna and my neighbors WiFi with a false MAC
>>
>>596523005
Anon, right there with you. That shit makes me sick.

>inb4 newfag.
>>
>>596523005
Agreed. Only look at / trade CP that's already made. No requests and no producing.
>>
>>596520734

So false.

It won't account for characters like periods or numbers at the end.

You guess wrong and the user will start getting emails that someone is trying to access their account.

Most people have their email tied to their phones so if they bother to check their mail frequently they'll see it, and click on the "it wasn't me" link in the email they received.

Correct answer is to first google the handle or "identity" that they use on Facebook and see if you can find a site that easily helps you correlate their username to a complete email address. This way you aren't guessing at that point.

You'd be surprised at the data that people don't hide correctly on their other social media sites, or even what some internet forums bleed out either intentionally or accidentally.

Occasionally users post their email addresses online, too, in classified ads or forum posts, not even realizing what exposure it creates.

PROTIP - separate distinct usernames/identities for each site you visit.

Keep multiple emails, too.

i.e.

[email protected] - social media set 1
[email protected] - social media set 2
[email protected] - banking
[email protected] - career/education/jobs
[email protected] - family

You get the picture. I would even diversify the usernames in emails to be completely separate as well. But it's a good idea to squat your email usernames on all the major free mail providers so that you're not easily impersonated.

example - I wanted to catch my ex cheating, so I looked through her mialbox and found her ex's email address. I didn't need to hack his email. Even easier was registering for his username on one of the other 3/4 main free mail services out there. so he was [email protected] I created [email protected] and emailed her. She enver thought twice.

Use that to your advnatage.
>>
>>596515068
MIT grad reporting in
>>
>>596523916
Ummmm, its still not cool anon.
>>
>>596524274
It's okay. He's not hurting kids then. He's just masturbating to pictures of children that were hurt beforehand.

Thankfully, the request was specific.
>>
>>596523665

You still fail at geo-diversification. When feds raid your neighbor and find she is a retired old handicapped lady who works at a soup kitchen feeding the poor, they're gonna realize right quick she ain't the perp.

If she knows you as the weeb across the street, you're screwed. You won't get busted immediately, but TPB will figure it out.
>>
>>596519025
>>596520323
AN Air gap is when the internal network and outside world do not touch. These networks are isolated and social engineering is the best way in. There was a power plant that had their air gap breached by throwing infected USBs over their wall. One got picked up, curiosity set in, Malware deployed.
>>
>There was a power plant that had their air gap breached by throwing infected USBs over their wall. One got picked up, curiosity set in, Malware deployed.
lol that's awesome
>>
>>596524995

Ah yes, I remember that case. Sneakernet malware.

At least the machines can't go outbound....

Places like that should really run VDI with thin clients and USB redirection disabled on them.
>>
>>596524251
I think I would know this better than you as I, well I won't admit to anything here, but you can use your imagination.

For example you're trying to hack Mark Johnson who is born in the year 1990, and you go to his email address and what you see is m************0ATgaymail you can almost be sure that his email is mark.johnson90ATgaymail or maybe mark_johnson. Whatever you get a hit on.

Remember you are not trying to hack their facebook so if they get some sort of mail to their account it's not really a big deal, as you are interested in their iCloud acc, not their facebook.

Just try this yourself and you'll see how effective it is. You'll be able to get most people's email address.
>>
>>596518404
>Airgap is the space between a two shits in your colon

Lost
>>
>>596525662
Assuming this a YLYL thread

>wtf
>>
>>596524721
Well, as your logic points out he is still participating in an industry that capitalizes on the pain, misery and suffering of kids. Granted he is not making a request. He is however actively trading and unsure of the source. Thus still creating a demand for product in which fucking degenerates will supply.


I don't ask for people to kill cows directly, but if my neighbor has ground beef I eat it. Overall I'm still part of the supply network.
>>
>>596525415

Yes, you're so cool. Worried about incriminating yourself over compromising a Facebook account. No one goes to jail for that shit, bro.

What you gonna do when mark.johnson.1990, mark_johnson1990, etc don't work?

And it's because he is using "[email protected]" instead?

I agree sometimes you can guess, but it's not as easy as you think. Any number of characters of any type can be hidden by those asterisks.
>>
>>596525388
VDI and Thinclients are just as susceptible. Unles you lock out the host OS. Where I work, until I took over the VDI, one could send terminal commands to Citrix OS from the windows host. You have to be careful with VMs
>>
>>596525996

Yes. Unfortunately there will also be demand for new content. That's the danger.

I don't give two fucks about people trading old German porn from the 70's that's clearly underage or even people sharing omegle, snaps, tinychats, skype, etc.

We clearly know the type of shit that is really disgusting and the creeps that desire it. :(
>>
>>596503776
>>596503871

Kali is just the new backtrack, so yeah
>>
>>596526280

Yes, totally. Need to disable USB ports on the thin clients so in case they are tampered with at a hardware or software level, at least the OS policy is a second security boundary.

I actually am not a fan of Unix because there isn't a single system that manages and enforces all aspects of necessary security policies. Most of the Windows networks I've worked on have far better configured security than Unix systems.

Cause Unix admins be lazy but also not that many great tools to use either. And since InfoSex is always up the Windows' Teams asses, Unix teams get a free pass most of the time.
>>
>>596526005
It is as easy as you think.

The huge majority of people are NOT going to have complicated email addresses. There is NO reason for them to have one in the first place. Do some people have one? Sure, but that's where the 95% comes in.

I am not trying to be "cool", nor have I ever proclaimed to be. I was trying to help out a few anons get some "nudes". I honestly don't think the feds care about some hacked emails, but I would never admit to anything regardless as a safety precaution as I am a very cautious individual.

Now I find it highly amusing that you made a post proclaiming that I was wrong when in fact everything I said was true. If you think I am wrong then I welcome you to try my "method" and see for yourself.
>>
>>596526919
I also forgot to mention that it would be impossible for the email address to be [email protected]" as the ** in the middle each stand for a character, and thus you can see how many characters are in the email address between the first and last character. It's quite stupid of Facebook, but what would you expect anyway.
>>
>>596526792
Bottom line, if it gets on a network, it's vulnerable.
>>
>>596525795
>Assuming this is a YLYL thread

...it's not?

Everyone here is thanking this faggot OP but I've yet to hear one person show it really works.

The principle "tits or gtfo" can be applied here as well.


As for the TC / locked down USB, I agree with the Anon's comments above. Fwiw.
>>
>>596528238

Fuck, you autistic nigger lovin Jew. See
>>596515192


Next time don't get so ass hurt cuz OP was a productive member of the board.
Thread replies: 239
Thread images: 33
Thread DB ID: 36608



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.