What are your favourite exploits or experiences hacking, /g/? White hats or black hats welcome
Bonus points for social engineering
buffer overflows are always cool
>>59105009
when i was in highschool i would see the password to the teachers network. on top of that i would print out people facebook and email logins on random printers in the school.
>>59105071
lmao just looking over the teachers shoulders?
>>59105009
>Bonus points for social engineering
its not even like it requires any ingenuity. Leave an USB zip disquette lying around thats infected with whatever you care. People will plug it in.
>>59105071
I always wondered if it would be possible to set up a little camera pointed at someones keyboard. Seems easier than getting them to download a hidden keylogger
>>59105090
>>59105102
i miss typed but yeah i saw someone type it in and i would sell it to students
>>59105101
could be a dumb question: how do you get the user to run whatever malware you have on the usb? Or do you somehow set it up to run automatically using kernel level code?
>>59105126
autorun.inf. Interesting-looking word document with a macro virus. Or just the old trick of something-interesting.jpg.exe
>>59105151
Just googled that stuff, windows really doesn't have a protection against automatically run files like autorun.inf ??
>>59105218
I think on 7 or later it adds an entry to the "there's such and such kind of files on this drive, whadda ya want to do?" popup. That most people will click through by default.
Optical discs still silently run whatever autorun.inf tells them to.
anybody know how to get into cameras remotely?
>>59105009
>as a kid download radmin, rename to svhost.exe and install to every win compy in my hood local network via public exploit
>share logins with my friends
>take control over normies compy
>write creepy hacker movie shit on his desktop in notepad
>normie freaks out, does antivirus scan, spends next weak reading about viruses on the internet
>we read with him
>>59105009
>social engineering
>>59105009
Evil twin
Raspberry pi makes it a lot easier
Works for most case scenarios
inurl:"index.php?db=information_schema"
some of foolish admins have forgot to hide phpMyAdmin.
#############################################################################
filetype:sql intext:wp_users phpmyadmin
Description: Finds SQL dump files of Wordpress sites with usernames and
passwords. Pretty funny that people make these publicly available!
##############################################################################
inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin
This dork gives you direct access to some phpmyadmin's on google
###############################################################################
intitle:phpmyadmin inurl:server_processlist.php
intitle:phpmyadmin inurl:tbl_operations.php
intitle:phpmyadmin inurl:server_collations.php
intitle:phpmyadmin inurl:server_databases.php
intitle:phpmyadmin inurl:server_export.php
intitle:phpmyadmin inurl:server_engines