Showing posts with label tools. Show all posts

free direct sponsor in facebook

last chance worked %100 to sponsor Facebook pages without Money

click > here < to access link

TorGhost | Surf Anonymously - Tor Anonimizer

-----------------INSTALL ---------------------------------------------------------------- clone to the repo or download the files, open the directory and follow the commands

# chmod +x install.sh
# ./install.sh

  _____           ____ _               _
 |_   _|__  _ __ / ___| |__   ___  ___| |_
   | |/ _ \| '__| |  _| '_ \ / _ \/ __| __|
   | | (_) | |  | |_| | | | | (_) \__ \ |_
   |_|\___/|_|   \____|_| |_|\___/|___/\__|
v2.0 - SusmithHCK | www.khromozome.com 


USAGE:
    torghost start -----(start torghost)
    torghost stop  -----(stop torghost) 
torghost switch ----(switch IP)

SS7 TOOL: FULL GUIDE FOR LINUX USERS

Hello Guys,
Before I Start my small tutorial on using SS7 Stack, here is some basic information about SS7...
Signaling System 7 - SS7

The signaling system #7 (SS7) is an international standard network signaling protocol that allows common channel (independent) signaling for call-establishment, billing, routing, and information-exchange between nodes in the public switched telephone network (PSTN). SS7 system protocols are optimized for telephone system control connections and they are only directly accessible to telephone network operators.

Common channel signaling (CCS) is a separate signaling system that separates content of telephone calls from the information used to set up the call (signaling information). When call-processing information is separated from the communication channel, it is called "out-of-band" signaling. This signaling method uses one of the channels on a multi-channel network for the control, accounting, and management of traffic on all of the channels of the network.

An SS7 network is composed of service switching points (SSPs), signaling transfer points (STPs), and service control points (SCPs). The SSP gathers the analog signaling information from the local line in the network (end point) and converts the information into an SS7 message. These messages are transferred into the SS7 network to STPs that transfer the packet closer to its destination. When special processing of the message is required (such as rerouting a call to a call forwarding number), the STP routes the message to a SCP. The SCP is a database that can use the incoming message to determine other numbers and features that are associated with this particular call.

In the SS7 protocol, an address, such as customer-dialed digits, does not contain explicit information to enable routing in a signaling network. It then will require the signaling connection control part (SCCP) translation function. This is a process in the SS7 system that uses a routing tables to convert an address (usually a telephone number) into the actual destination address (forwarding telephone number) or into the address of a service control point (database) that contains the customer data needed to process a call.

Intelligence in the network can be distributed to databases and information processing points throughout the network because the network uses common channel signaling A set of service development tools has been developed to allow companies to offer advanced intelligent network (AIN) services

This diagram shows the basic structure of the SS7 control signaling system. This diagram shows that a customer's telephone is connected to a local switch end office (EO). The service switching point (SSP) is part of the EO and it converts dialed digits and other signaling indicators (e.g. off-hook answer) to SS7 signaling messages. The SS7 network routes the control packet to its destination using its own signal transfer point (STP) data packet switches using separate interconnection lines. In some cases, when additional services are provided, service control point (SCP) databases are used to process requests for advanced telephone services. This diagram also shows that the connections used for signaling are different than the voice connections. This diagram shows that there are multiple redundant links between switches, switching points, and network databases to help ensure the reliability of the telephone network. The links between points in the SS7 system have different functions and message structures. Access links (A-links) are used for access control between EOs and SCPs. Bridge links (B-links), cross links (C-links), and diagonal links (D-links) interconnect STPs. Extended links (E-links) are optionally used to provide backup connections from an EO to the SS7 network. Fully associated links (F-links) share (associate with) the connection between EOs.

Today I'm Just going to show you a little tutorial on using ss7 tools without building full program. i'm using telscale opensource ss7 stack in here, which is compiled by akib sayyed. you don't have to do anything like building it or downloading lots of tools. this tool is in Java .jar format.

##$$ Requirements:

* Linux OS with SCTP support
* JRE 1.7(Java SE Runtime Environment) or above

Here is a Link to Download SS7 Assessment Tool:  SafeSeven.Zip

And Here is Link To Download JRE 8 (Java SE Runtime Environment): JRE 8 For Linux.tar.gz

JDK 7u6 and later releases include JavaFX SDK (version 2.2 or later). The JavaFX SDK and Runtime are installed and integrated into the standard JDK directory structure.

For information about how to work with JavaFX, see http://docs.oracle.com/javase/8/javase-clienttechnologies.html

Installation of the 64-bit JRE on Linux Platforms

This procedure installs the Java Runtime Environment (JRE) for 64-bit Linux, using an archive binary file (.tar.gz). These instructions use the following file:

jre-8uversion-linux-x64.tar.gz
Download the file. Before the file can be downloaded, you must accept the license agreement. The archive binary can be installed by anyone (not only root users), in any location that you can write to. However, only the root user can install the JDK into the system location.
Change directory to the location where you would
like the JDK to be installed, then move the .tar.gz
archive binary to the current directory.

Unpack the tarball and install the JRE:

% tar zxvf jre-8uversion-linux-x64.tar.gz

The Java Development Kit files are installed in a directory called jdk1.8.0_version in the current directory.

Delete the .tar.gz file if you want to save disk space.

Now, Extract the safeseven files to your home directory. Now Open WireShark.(well, wireshark is preinstalled in Kali Linux)

Choose "SCTP" Protocol & Start capturing data packets.

Then Open Terminal. I'm Writing Here Few Commands For Using the Java .Jar Files;

<Before Running Client On Actual SS7 Network>
Edit client_config file(Edit Details of Orange Marked Area)
```

//Client 

SERVER_IP="IP of STP you are connecting to"

CLIENT_IP="IP address provisioned for you in STP"

SERVER_PORT="STP port"

CLIENT_PORT="client provisioned port"

IS_SERVER=FALSE "should be always false"

Local_SPC="point code assigned to you"

Remote_SPC="point code of STP"

Local_SSN="local ssn"

Remote_SSN="remote ssn"

Routing_Context="routing context assigned to you by STP"

NETWORK_INDICATOR="Network indicator"

Local_GT="Local global title assigned to you"

Remote_GT="remote Global title you are testing"

``` 








<#Commands For Simulating SS7 Network/#>
 
Simulating HLR: 
       java -jar server.jar hlr_config 

Simulating MSC/VLR: 
       java -jar server.jar vlr_config

Running STP: 
       java -jar STP.jar stp_config

 
 
<#Commands For Running SafeSeven/#>



SMS Related Operations:
 
       java -jar SMS.jar client_config
 
USSD Related Operations:
 
       java -jar ussd.jar client_config
 
Call Related Operations:
 
       java -jar Call_Handling.jar client_config
 
Mobility Related Operations:
 
       java -jar Mobility.jar client_config




Here Are Some Steps To Intercepting SMS By Using MapSMS.jar:
Step 1. 
1. Attacker sends request SendRoutingInfoForSM addressing MAP(Mobile Application Part) message by MSISDN(Target Phone Number)
2.HLR(Home Resource Locater) replies with: own address, serving MSC address, IMSI(The International Mobile Subscriber Identity (IMSI) is an internationally standardized unique number to identify a mobile subscriber. The IMSI is defined in ITU-T Recommendation E.212. The IMSI consists of a Mobile Country Code (MCC), a Mobile Network Code (MNC) and a Mobile Station Identification Number (MSIN).)


Step 2.
1. Attacker registers Target Phone Number On the fake MSC
2. HLR sets up new location for our target number
3.HLR asks real MSC to release a memory




Step 3.
1. Someone sends SMS to Target Number 
2. MSC translates the SMS to SMS-C
3. SMS-C requests HLR for Target number's location
4. HLR replies with a fake MSC address
5. SMS-C translates SMS to the fake MSC & Your Wireshark captures SMS

There It is...




If you want to more develop on this by your self so you can download following program:

Eclipse Javascript IDE Download
Xampp Download For Linux 
JDK(Java Development Kit) 8 Download




How to find Info For Accessing SS7 Network(Sending SRISM)







Share to your Friends,
Thank You

Install Python and use Facebook.py 2017 (Working 100%!!!!!)

click here to get free money
Hello guys, Pay attention to this video and you shall not have anymore problems using python and facebook.py. Must watch to the end. I have to note that this video is for educational purposes only and I do not keep responsibility about anything you can do using this script. Files needed : Python 2.7.2 : https://www.python.org/download/relea... Mechanize : https://pypi.python.org/pypi/mechanize/ Distribute : https://pypi.python.org/pypi/distribu... Facebook.py : https://drive.google.com/file/d/0B7lD... Download Wordlists : http://scrapmaker.com/view/dictionari... User and system variable : C:\WINDOWS\system32;C:\WINDOWS;C:\Python27 Hit like and subscribe to this video and leave any comment below about any other hack/trick you want to find out. Also share this video with your interesed friends.

Python For Ethical Hacking - #13 - Creating A Brute force Password Cracker - Part 1

click here to get free money
Hey, guys! HackerSploit here with another python tutorial, in this video series I am going to be teaching you how to use Python to create network tools and Ethical Hacking scripts. This series will take you from beginner to intermediate/advanced in Python. I Hope you enjoy/enjoyed the video. If you have any questions or suggestions feel free to ask them in the comments section or on my social networks as well as my blog. HackerSploit Website: https://hsploit.com/

How To DDoS - Xerxes - The Most Powerful DoS Tool

click here to get free money
DoS/DDoS attack on Metasploitable. In computing, a denial-of-service attack (DoS attack) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled Xerxes Github Repository: https://github.com/zanyarjamal/xerxes Metasploitable Link: https://sourceforge.net/projects/meta... 📗 Get My Courses at $10 Only! The Complete Deep Web Course 2017: https://www.udemy.com/the-complete-de... I Hope you enjoy/enjoyed the video. If you have any questions or suggestions feel free to ask them in the comments section or on my social networks as well as my blog. HackerSploit Website: https://hsploit.com/ ✔️SOCIAL NETWORKS

Linux Expl0rer - Forensics Toolbox - Installation & Configuration

click here to get free money
Hey guys HackerSploit here back again with another video, in this video, we are going to be Installing & Configuring Linux Expl0rer; Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.

Linux Expl0rer: https://github.com/intezer/linux-expl... Configuration & Installation Process: Clone repository git clone https://github.com/intezer/linux_expl... pip install -r requirements.txt nano config.py VT_APIKEY = key OTX_APIKEY = key sudo apt-get install yara sudo apt-get install chkrootkit sudo python linux_explorer.py

QuasarRAT - The Best Windows RAT?

click here to get free money
Hey, guys HackerSploit here, back again with another video. In this video, we will be looking at QuasarRAT a Remote Administration Tool for Windows.

Kali Linux 2.0 Top 10 Post Install Tips

Kali Linux 2.0 Top 10 Post Install Tips

With Kali 2.0 now released, we wanted to share a few post-install procedures we find ourselves repeating over and over, in the hopes that you will find them useful as well. We’ve also slapped in some answers to common questions we’ve been getting. Here is our top 10 list:

Enable or Disable the Intelligent Sidebar Option

Some people love it, some people hate it. In smaller resolutions, it can be annoying. We’re talking about the disappearing sidebar on the left of the screen. Here’s a short video showing how to change this behaviour.

Add Your SSH Public Key to Kali 2.0

Kali Linux 2.0 takes on the Debian SSH configuration option, the default since Jessie, which disallows root logins without a key.

root@kali:~# grep Root /etc/ssh/sshd_config

PermitRootLogin without-password

The less preferred alternative is to change the PermitRootLogin parameter to “yes” and restart the SSH server, which will allow remote password root logins. For safer remote root SSH access, add your public key to the /root/.ssh/authorized_keys file.

Install NVIDIA Drivers if You Need Them

If you have a NVIDIA graphics card, you should follow these instructions to get the NVIDIA drivers installed in Kali 2.0.

Install VMware or VirtualBox Guest Tools if You Need Them

Our instructions for installing virtual guest tools haven’t changed much and work well on the latest version of VMware(Workstation and Fusion), as well as VirtualBox.

Disable the Screen Lock Gnome Feature

We missed disabling this feature in our official builds but will do so in an upcoming update and future ISO releases. This is the fastest way to disable the Gnome screen lock feature:

Don’t Add Extra Repositories to Your Kali 2.0 Install

If for some reason you chose “no” when asked “use a network mirror” during your Kali installation, you may be missing some entries in your sources.list file. If this is the case, check the official repository list for the entries that should be in that file. Despite what many unofficial guides instruct you to do, avoid adding extra repositories to your sources.list file. Don’t add kali-dev, kali-rolling, or any other Kali repositories unless you have a specific reason to – which usually, you won’t. If you *must* add additional repositories, drop a new sources file in /etc/apt/sources.list.d/ instead.

Add a Non-root User if You’re Not Comfortable Running as root

We see many people leery of using Kali due to the fact that the main OS user is root. This often confuses us, as adding a non-root user to Kali is trivial and can be done by simply issuing commands similar to the following (just change the “muts” username to your own):

root@kali:~# useradd -m muts -G sudo -s /bin/bash

root@kali:~# passwd muts

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

root@kali:~#

Avoid Installing Flash Player

Just don’t.

Keep the Kali System Up to Date

We pull upstream updates from Debian 4 times a day. This ensures that security updates are implemented in Kali on an ongoing basis. You should keep your system up to date by regularly running the following commands:

apt-get update

apt-get dist-upgrade

Avoid Manual Installations of Tools in FHS Defined Directories

There are several ways you can use Kali – either as a “throw away pentesting machine” or as a “long term use OS“. The “throw away” method entails setting up Kali for a one-off engagement or short term use and then killing off the OS when done (this usually happens in virtual environments). The “long term use” use-case describes people who want to use Kali on an ongoing basis for day-to-day use. Both methods are perfectly valid but require different treatment. If you plan to use Kali on a day-to-day basis, you should avoid manual installs of programs in FHS defined directories as this would conflict with the existing apt package manager.