9.22.2013

Android 3x3 Pattern Lock Cracker


File name: AndroidPatternCrack.tar.gz
Size:   30,596 KB
Description: This tool is using to decrypt gesture.key into pattern lock key.
Distribution : freeware
Md5checksum: 669883014b10ce9d1e30232573b57acb
Download link: click here 


 
notes:
  •  Using dictionary that avaiable to get here.
  •  Running under unix/nux environment.
  •  Usage = bash ./crack_pattern.sh [gesture file]
    ex.  bash ./crack_pattern.sh gesture.key 
  • To get gesture.key u can obtain it by using two several way
    •  Using ADB, ( adb shell && adb pull /data/system/gesture.key) *require to enabled adb debugger and rooted phone.
    •  By examine backup image of NAND rom device, to get the image u can reboot and choose backup in CWM. After that u can see some file created under SDcard ( /sdcard/clockworkmod/backup/2013-0*-**.**.**.**/ ) such as .android_secure.vfat.tar, cache.yaffs2.img, data.yaffs2.img, sd-ext.ext2.tar, system.yaffs2.img. At last use yaffey or yaff2util to open data.yaffs2.img file...see u can see gesture.key under /system directory. *need CWM or another backup tool in android phone kernel.
    • Using CWM, by choosin mount>>mount data>>then connect ur device to PC thru usb>>find gesture.key under system folder (*thanks to rastri to remind me about this one...^^)
  •  3x3 pattern gesture.key sample files can be download here .
  • Try it ....^^
http://forum.xda-developers.com/sitesearch.php?q=yaffey

Thank to : Eric Draven (RNDC.or.id) for fix the script... ; )





    8.30.2013

    mr 3020 run pineapple jasanger ...but karma not


     find tut in: http://penturalabs.wordpress.com/2013/04/25/blue-for-the-pineapple/

    main issue; 
    - U need dsniff to perform dnspoof and urlsnarf
    - To install dsniff u need to take it on minipwner repository, do this :
    opkg update
    opkg install  libpcap libnids libnet0 libopenssl libgdbm librpc
    cd /tmp
    wget http://www.minipwner.com/20120514/downloads.openwrt.org/snapshots/trunk/ar71xx/packages/dsniff_2.4b1-2_ar71xx.ipk
    opkg install dsniff_2.4b1-2_ar71xx.ipk

    - U also need autossh n other packages whose in pineapple mark4 but didn't bring on pentura tutorial...here they are :
    at  autossh  chat  comgt  crda  empty  ettercap  hostapd-utils  hostapd  iptables-mod-ipopt  iptables-mod-nat-extra  kmod-ath9k-htc  kmod-button-hotplug  kmod-crypto-hash  kmod-crypto-manager  kmod-eeprom-93cx6  kmod-fs-nfs-common  kmod-fs-nfs  kmod-input-core  kmod-input-gpio-keys-polled  kmod-input-polldev  kmod-ipt-ipopt  kmod-ipt-nat-extra  kmod-lib-crc-itu-t  kmod-nls-utf8  kmod-rt2800-lib  kmod-rt2800-usb  kmod-rt2x00-lib  kmod-rt2x00-usb  kmod-rt73-usb  kmod-rtl8180  kmod-rtl8187  kmod-scsi-generic  kmod-tun  kmod-usb-net-cdc-ether  kmod-usb-net-rndis  kmod-usb-net  kmod-usb-serial  kmod-usb-uhci  libcom_err  libcurl  libelf1  libext2fs  libltdl  libnet1  libsqlite3  libusb-1.0  libusb-compat  macchanger  php4-cgi  php4  procd  sdparm  usb-modeswitch-data  usb-modeswitch  usbreset  usbutils  zoneinfo-core

    - So sad...although with this all  i still can't runs karma on.... -_-' , if u can make its work please message me to this email.




    8.27.2013

    Hak4Fun: mr3020 Auto Rickroll (custumized openwrt firmware)


    File name: openwrt-tl-mr3020-ricklroller.bin
    Size:   3.75 MB (3,932,160 bytes)
    Description: openwrt firmware for tplink MR3020 with auto rickroller feature (every link that users wants to connect will leads into local index in ur openwrt)
    Distribution : freeware
    Md5checksum: 1f9ec3669a24b7c4e71098fc00732032

     Download link: click here 

    (copied from hak5)
     John Bebo’s Auto-Rickroll payload for the  John Bebo’s Auto-Rickroll payload for the WiFi Pineapple WiFi Pineapple is an excellent example of using   is an excellent example of using Dnsmasq Dnsmasq to  to
    forward targets to a hosted site. While this site could be malicious, perhaps hosing the  forward targets to a hosted site. While this site could be malicious, perhaps hosing the Browser Browser
    Exploitation Framework Exploitation Framework, Bebo’s payload is a safe and simple prank. Any web site a victim attempts to , Bebo’s payload is a safe and simple prank. Any web site a victim attempts to
    browse to brings them to a  browse to brings them to a WiFi Pineapple WiFi Pineapple hosted page containing   hosted page containing Rick Astley Rick Astley ASCII Art and looping  ASCII Art and looping
    audio. It uses a similar technique employed by Captive Portals something we’ll explore in more detail audio. It uses a similar technique employed by Captive Portals  something we’ll explore in more detail
    soon “ except a lot more annoying.
    overview :


    main issue:
    • Right after u flashing the router u will get "free@wifi.id" as ur SSID (Always think like a fish, no matter how weird it gets).
    • There is a lot of chance if u want to inject ur own payloads on it (just edit the index.html or make something new).
    • This firmware only contain some basic packages, there is no Luci there. So i remind u again...don't try if not familiar with flashing thru ssh terminal/putty or else. 
    related source: 

    8.17.2013

    MiniPwner at Derbycon 2012 (video)


    8.03.2013

    Twitter Delicious Facebook Digg Stumbleupon Favorites More