Top 16 Websites to Learn How to Hack Like a Pro

1. Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
2. Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.
3. Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
4. DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
5. Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
6. KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
7. Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
8. Phrack Magazine: Digital hacking magazine.
9. Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
10. Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
11. SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
12. SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
13. The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
14. Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
15. NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
16. HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.

A note on what’s next

It's been an unprecedented year

I hope this email brings you joy

Weathering the storm

Please take 3 minutes to watch this video.

Krista Suh List: You are now unsubscribed

We have removed your email address from our list. We're sorry to see you go. Was this a mistake? Did you forward one of our emails to a friend, and they clicked the unsubscribe link not realizing they were in fact unsubscribing you from this list? If this was a mistake, you can re-subscribe at: Subscribe For questions or comments, please contact us at: heyitsme@kristasuh.com

Amazon: Delivering Destruction

Time to investigate, expose, and overcome the corporate polluters

Amazon’s racism runs deep

Add your voice: Demand Amazon stop selling racist tech

Your city is rising

Let's show up for Juneteenth

Elections have consequences

Death shouldn't be one of them

Linux Command Line Hackery Series - Part 5

Welcome back to the Linux Command Line Hackery series, this is Part-V of the series. Today we are going to learn how to monitor and control processes on our Linux box, so wrap your sleeves up and let's get started.

Command:    ps
Syntax:           ps [options]
Description:  ps displays information about the currently running processes. Some of the common flags of ps are described briefly below
Flags: 
  -A or -e -> select all processes
  -a -> select all processes except both session leaders and processes not associated with a terminal.
  T -> select all processes associated with current terminal
  -u <username or id> -> select all processes of a given user or userlist

Open up a terminal and type ps:

ps

what you'll see is a list of processes currently running in your terminal. One important thing to notice in the output is what's called as PID which stands for process ID. It is the number that uniquely identifies a process. Just keep that PID concept in mind we'll use it soon.

OK I know that's not really what you want to see rather you want to see all the processes that are currently running on your box. Don't worry we have flags to rescue, in order to see all the processes you can use the -e flag like this:

ps -e

Boom! you get a long list of processes currently running on your machine (don't stare at me like that, you asked and I gave you that). If you want to see processes of a particular user you can type the following command in your terminal:

ps -u bob

here "bob" is a username. This command will list all processes of the user with effective user name of bob.

You can do a full-format listing of the processes using the -f flag like this:

ps -fu bob

But the output of the ps command is a snapshot not really a live preview of what is going on in your box. I know your next question is going to be something like this, Isn't there a command in Linux that gives me a live updating information of the processes? Yes, there is a command called top that we'll learn about next.

Command:    top
Syntax:           top [options]
Description:  top gives a dynamic real-time view of a running system. That is, it gives the up-to-date information about all the processes running on your Linux box (sounds fun!). Besides giving information about current processes and threads top also provides a brief system summary.

To start top just type this command:

top

and you'll get a nice and cute looking ugly display :). Well what the heck is going on here you might ask, right? What you get is information about what is going on with your computer. To see what more can you do with top just type <h> within the program window and you'll be given list of options that you can play with.

OK looking at what processes are going on in your box is cool but what if you want to terminate (or close) a process, is there a command line utility for that? Yes, there is and that's what we are going to look at next.

Command:   kill
Syntax:          kill [options] <pid> [...]
Description:  kill is used to send a signal to process which by default is a TERM signal meaning kill by default sends a signal of termination to process (Cruel guy). To list the available signals we can use the -l or -L flag of the kill command.


To simply terminate a process we provide kill command a PID (process ID) and it will send the TERM signal to the process. So to kill a process first we'll list the running processes and then we'll keep the PID of the process in mind that we want to terminate. After that we'll issue the kill command with the PID that we just found.

ps -ax
kill 1153

the above command will send a TERM signal to the process whose PID is 1153, as simple as that.

We can also use our already learned skills to refine the output of ps command. Say we have a xterm terminal running on our box and we want to terminate it. By using ps command all alone we'll get a long listing of all processes running on our box. But we can limit the output of ps command to just those processes that we're interested in by piping ps command with the grep command like this:

ps -ax | grep xterm

wow! that's amazing, we're able to pull out only those results from the ps command that contained xterm in them. Isn't that a cool trick? But what is that vertical bar ( | ) doing in the middle, you may be thinking, right? Remember we learned about the input and output re-directors previously, the vertical bar (pipe in geeky terms) is another re-director whose task is to redirect the output of one command as input to another command. Here the pipe redirects the output of ps -ax command as input to grep command and of-course from the previous article you know that grep is used to search for a PATTERN in the given input. That means the above command searches for the xterm word in the output of ps -ax command and then displays just those lines of ps -ax command which contain xterm. Now get that PID and kill that process.

That's it for today, try these commands up on your own box and remember practice is gonna make you master the Linux command line. :)

Read more

1. Pentest+ Vs Ceh
2. Hacking Growth
3. Pentest Practice
4. Pentest Cyber Security
5. Pentest Nmap
6. Pentest Wiki
7. Hacking Attack
8. Hacker Tools
9. Pentest Os
10. Pentest Android App
11. Hacking Jacket
12. Hacking Browser
13. How To Pentest A Website With Kali
14. Hacker Code
15. Pentest Ftp

Masad Clipper And Stealer - Windows Spyware Exfiltrating Data Via Telegram (Samples)

Reference

2019-09-25 Juniper. Masad Stealer: Exfiltrating using Telegram 

"Masad Clipper and Stealer" steals browser information, computer files,  and automatically replaces cryptocurrency wallets from the clipboard with its own.

It is written using Autoit scripts and then compiled into a Windows executable.
It uses Telegram to exfiltrate stolen information.

Download

             Other malware

Download. Email me if you need the password (see in my profile)

Hashes

SHA256	SHA1	MD5
1acf5a461ee16336eb8bbf8d29982c7e26d5e11827c58ca01adac671a28b52ad	6001b34c17c122d201613fffd846b056614b66da	e03234c2259c474aeb69500423ddeed7
290a1b89517dec10bfd9938a0e86ae8c53b0c78ed7c60dc99e4f8e5837f4f24a	32800c10588053813f55bf8c87771311c5f7f38e	2df4c1cf093c8373a8f2f194e77b69a2
7937a1068f130a90b44781eea3351ba8a2776d0fede9699ba8b32f3198de045b	a2a67b06344e4f1cf85086f6b584316ec53d5e54	8368f1c4d8f0d908f5f4ff671df5f1da
87e44bca3cc360c64cc7449ec1dc26b7d1708441d471bf3d36cd330db3576294	2fe5483e6b82220eeeef12e531eb3347fea16ac1	1082ce517dd23eee335bedfc6bcd8205
cf97d52551a96dacb089ac41463d21cab2b004ba8c38ffc6cb5fb0958ddd34db	5b79a15cb61f5260f0b9d807faa160e6d49590e4	b5fdf9653eb1ffbdae8cb4f1f2d71747
79aa23c5a25c7cdbaba9c6c655c918dac3d9823ac62ebed9d7d3e94e1eaafc07	4a279a6b82fe801d3c8be9d16df2ef5623b17704	0029ab0fd56cd7e493b46a331ef18bd3
03d703f6d341be258ac3d95961ff0a67d4bf792f9e896530e193b091dca29c2e	a9740352af2c9cc926deba7dffc452f213f7f05f	a462aac76def5b53351b3b1ddb41124c
a368b6755e62e5c0ff79ea1e3bd146ee8a349af309b4acf0558a9c667e78293a	e16167ab646381c277c2ca84319ceb57bacb2c92	c4cdc7665adb1cda5897d4df4a560f88
ba933cefbe9a8034f0ba34e7d18481a7db7451c8ef4b6172fb0cad6db0513a51	00749407e97085af470c75ef004f2235d30af44f	c26a3f2317507a09d91014469b045384
3ba3c528d11d1df62a969a282e9e54534fb3845962672ad6d8bbc29cb6d062f5	b8100890c0f1894544b3f99168377ec46c38e911	4a0607b4488cd539b8b0b443abd121e3
b763054180cd4e24c0a78b49055ad36dbc849f1a096cddf2db8cee0b9338c21d	7bec99308ce4bf409417b642cd9432000a5c19d2	2dfb1d606e5539399aa1a536baafd2f8
d5ce4b04b7eec6530a4a9d40510177468fadc235253e5a74530a8c9d990f3c50	27fc204ffa42262b7570b6fccb435d4d38a3610f	c5d8b73da810646407c333fe52186281
965a5949d8f94e17ebcd4cb6d0a7c19f49facbfc1b1c74111e5ceb83550d6c8f	7698584b2e7c62061447a6a2583ed6957180c205	e7ebe4411664672359b393f530fc2fc1
44134b9d4b10d94f6381b446a1728b116d62e65c1a52db45235af12caf7e38c0	fd114077927d501606575ba9ab38ecfb3407d432	a4388980d7e3539d74a950dab23d00ac
848d76a227f4fe282b7ddfd82a6dfc4c25da2735a684462b42fe4e1c413d8e34	135cee7610890497183eb6251efef307ea013fe1	7bb23077b4f80df48b91b425eda05828
5ca0a957fe6c253827f344da4ba8692d77a4e21a1df4251594be2d27d87dd8ae	d231874332ca462fb462e4f68450d2c2c22d4bcd	dda77b3f3f74a2bdffd167917686e139
016fa511f6546ed439d2606c6db8821685a99f5a14ef3f710668b58dc89c6926	5c83749c62ee0131710bf26931cb1e463a8fbda3	b0c34df85677d8f752dc1e1a5eeba0c9
22be594fbfa878f631c0632f6c4d260b00918817ff66a1f9f15efe44c1a58460	856d635fca52631305f1fefc58eafa74496524b6	60ebf41953d5c6e212fc306cdb0c6519
f3571ec66288405dab43332ca03812617f85fb08832fbbe1f1d89901fe034b8a	819485e20d841195e2e8a7ae5b41ff709887bb21	6984d37863c08b9fdd969297d35d3538
04c949eca23103b1de05278b49f42c3ab6b06f4bf20aafa5f2faefaa84c16ecd	0487db2df1802dd4ee4ae3b62b5f08937dd5c77c	4366ee61cbd7e636aea8540836a60036
d6fc04acda8f33a6d35eb577c27754c2f2b4d6f4869576c7c4e11b2c5e9b0176	83ae89826114662dad8553d5eeed5217b57047f2	2bc964e294d7ab314c34e5934d91a5a9
18c0bd4dd98008383fc52045ad896449fa7f0037593bb730ed1ef88aa547006d	bcaa05b60a9d625852ac4f2d0d805ab164988155	35d9f08c39c4cf396427f3a345e5c09a
4c9d5469e9095813418260045c2b11e499e4eaa0ffb25293f90f580c464157df	4c6aacc0b893ed366f9f307326e59efa61e51534	50dddaf7e5bb24aabf66eecd0c8b79cf
0b5f1fbc05dc8baca492b748adeb01fb4904e02723b59211ecde222f7b12d91e	87f898e0d41c0f2c22d4e9278a942326877fc368	da780b72140535d4c2d391e76dc8181d
31ad5c4547ceae4d0550c8460524c16a6105afc056760e872c4966656256c9dc	37f485d3fa8f6cf13061cb1ea38ae0d5d2edfd95	134aefcf640c24a1ab5344a96150fb05
edb00a0e5ff70e899857549e3263c887a799416c8bbab43ab130ca1be9bbd78c	42c30dc551a3cb3bc935c0eae79b79f17942e439	c2722241f765d2ad4fb58edd76a4adea
96f852b81760a425befaa11ea37c0cdea2622630bf2a0c94bb95042211ab614d	5d9782064bc38d40c88f32c0410479cbd61caa40	f332cfcda8c0ef579ede59eff23caa1e
57fd171a5b1a88e9583b42439851a91a940eb31105ab29cb314846da2ed43b82	0bfec2059823b936d782bea7bc16abd9923dddb5	6fff82df7a565b4570d299486697310f
277018b2cc6226dca6c7678cac6718c8584f7231340ad8cd7c03477559fdf48b	261f916ce97ffc6817a4772705df68e6ccca8181	009dc7d8766a85d85bb6a26ee69b66fe
e968affb1fc7756deb0e29807a06681d09a0425990be76b31816795875469e3d	cf78484a999183324da9affdf2aaeff508d1dc47	3e1b8f6313447b8a4b49671ddeb8a4ee
4b1ccf6b823ee82e400ba25b1f532cd369d7e536475a470e2011b77ffeaf7bb3	bc988f7cd32d411f2a9888afc72c7a892e2a1def	55128a3da6f70129acdbf9dbe955cfe7
fc84d6636a34ad1a11dbaa1daec179e426bdcd9887b3d26dc06b202417c08f95	1df31bec02e35c9a4656bb3a3bdf631bb37605a8	55d77ab16377a8a314982f723fcc6fae
9ca15f15fbae58cb97b0d48a0248461e78e34e6d530338e3e5b91f209a166267	8505dfaad6d10b84c73544eb748d547cb5bad9bd	ebc12c530dab0a65c37ffd72612fa705
31f3a402c1662ed6adffbf2b1b65cf902d1df763698eb76d21e4e94b4c629714	18c972722d984ff6da2bc26a0aca4c7f209cc39c	05bbf6e72b5b24c0c81e0671bf17b1e7
8d9f124ddd69c257189f1e814bb9e3731c00926fc2371e6ebe2654f3950ca02e	553cd98c83e945ee3013aa40897baec0305b34a2	b4030025e039c54c2d3923057447494c
a0923d7645604faaa864a079adeb741a5d6e65507a2819b2fee4835d396077d9	f8e6995e28c789d8b24e982ac53d5d6ba453de73	b796f85c8a7de71407d6e3c4206edda3
a19b790ea12f785256510dde367d3313b5267536a58ca0c27dbdac7c693f57e1	a92f7393daf7ead9a44b12e35f850705798fc879	a6defec886d31f6375712466dd794a96
f030fb4e859ee6a97c50c973a73dced3640befe37f579cfd15367ce6a9bbede2	ad3a1e779f02539ccd07bff735e0823add9730b2	c259564a8fe72333604a5686e30f6242
f01db6d77ac21211992ceae4e66e1e03c1cb39d61e03645b9369f28252ca7693	14c6bf63ff4d32d8a0a42e81ea39304fb7ab13c8	80fe593ef5538fbf66b3b3e1cb7b9b8b
dfe3d0e95feaed685a784aed14d087b019ba2eb0274947a840d2bdbae4ae3674	2107d057478328df8f538102508de00b0c4b37c7	b5a85a0e7a2c4197c3794c8bb2eb5763
bf6083040ca51e83415f27c9412d9e3d700bd0841493b207bc96abf944ab0ca7	09a695ce6c35c029dd7577e29f403d7144698b41	7a2edceb31a9c0d05e5f13c6caee0576
b154151dc8ace5c57f109e6bb211a019db20c4f0127c4d13c7703f730bf49276	8c0cda049c85493df4e97db3db4ddc94075ba62c	b6a895ac5ba5b6472680d47410a238a5
6bf6b1bde63cee9b81902efd187fdd56ecee5853754ce0a19d5ab5c3b0242988	6e2d4f0bcc97ce130ae89647f648d3e96548a391	a29f9d176b913e7f693355700aaadbb9
0dcf547bd8f4074af97416d8b84ea64b2f3319064aa4bce64ad0c2e2d3957175	a996b925e9391a69140caf6e4adba928694ffe66	dd575413a40839f2807593aa21c71152
6cff1249cc45b61ce8d28d87f8edc6616447e38168e610bed142f0b9c46ea684	9baa823deb9075e8df77b891115c019244de09de	488bb5c0739485721182c01a82b01d14
5b5ebe019806885bbaafe37bc10ca09549e41c240b793fd29a70690a5d80b496	3d46711f9064b96ff2d0affdef1ecd82d120659d	b95e2d8a8509ac05f5445d18d32cc7cb
103d87098c9702cab7454b52869aeeb6a22919f29a7f19be7509255ce2d8c83e	e29a163488438c9ea9014ddf1a9b2d382cc5d7e6	baf2587fafaedbab4a78b9b7fd8b55f8
c73675005a09008bc91d6bc3b5ad59a630ab4670dca6ac0d926165a3ecfd8d92	d8ea2280cd06a5cc32b7d668e2b4b2e68f3a7e2a	98ecc6fbb2cb5649daf751fcbfb81bcb
ef623aadd50330342dc464a31b843b3d8b5767d62a62f5e515ac2b380b208fbe	620ff5a7aaf7f3fcf4abc9365e0e77b3ec4b434d	b14535c5835c9dfb3cbbc7f6fef6034c

Related posts

• Hacking Youtube
• Pentest Windows
• Pentestlab
• Pentest Keys
• How To Pentest A Website
• Hacker Language
• Hacker Lab
• Pentest Kit
• Hacking To The Gate
• Hacking Lab
• Pentest
• Pentest Dns

DOWNLOAD OCTOSNIFF 2.0.3 FULL VERSION – PLAYSTATION AND XBOX IP SNIFFER

OctoSniff is a network research tool that allows you to determine information about all the other players you're playing with. It is compatible with PS, XBox 360 and XBox One. It has many other features that make it a great sniffing tool. Some people think it might be a tool like Wireshark or Cain n Abel. No, it's not a tool like that. It simply sniffs players that let you know who's really playing. Download OctoSniff 2.0.3 full version. It's only for educational purposes to use.

FEATURES

• VPN Optimized
• Supports Wireless & Wired Spoofing
• Detects Geo IP and Complete Location
• Searches Usernames of Players in the Lobby
• Really easy to setup

DOWNLOAD OCTOSNIFF 2.0.3 FULL VERSION

Related word

1. Basic Pentest 1 Walkthrough
2. How To Pentest A Network
3. Pentest As A Service
4. Pentest Network
5. Hacking To The Gate
6. Hacker Computer
7. Pentest+ Vs Oscp
8. Hacking Device
9. Pentest Open Source
10. Hacking With Raspberry Pi
11. Pentestlab
12. Pentestbox
13. Pentest Cheat Sheet
14. Hacking Resources
15. Pentest Security
16. Hacking Process
17. Is Hacking Illegal

WiFiJammer: Amazing Wi-Fi Tool

The name sounds exciting but really does it jam WiFi networks? Yes, it is able to do the thing which it's name suggests. So today I'm going to show you how to annoy your friend by cutting him/her short of the WiFi service.

Requirements:

1. A computer/laptop with WiFi capable of monitoring (monitor mode).
2. A Linux OS (I'm using Arch Linux with BlackArch Repos)
3. And the most obvious thing wifijammer (If you're having BlackArch then you already have it).

How does it work? You maybe thinking!, it's quite simple it sends the deauth packets from the client to the AP (Access Point) after spoofing its (client's) mac-address which makes AP think that it's the connected client who wants to disconnect and Voila!

Well to jam all WiFi networks in your range its quite easy just type:

sudo wifijammer

but wait a minute this may not be a good idea. You may jam all the networks around you, is it really what you want to do? I don't think so and I guess it's illegal.

We just want to play a prank on our friend isn't it? So we want to attack just his/her AP. To do that just type:

sudo wifijammer -a <<AP-MAC-ADDRESS>>

here -a flag specifies that we want to jam a particular AP and after it we must provide the MAC-ADDRESS of that particular AP that we want to jam.

Now how in the world am I going to know what is the MAC-ADDRESS of my friend's AP without disturbing the other people around me?

It's easy just use the Hackers all time favorite tool airodump-ng. Type in the following commands:

sudo airmon-ng

sudo airodump-ng

airmon-ng will put your device in monitor mode and airodump-ng will list all the wifi networks around you with their BSSID, MAC-ADDRESS, and CHANNELS. Now look for your friend's BSSID and grab his/her MAC-ADDRESS and plug that in the above mentioned command. Wooohooo! now you are jamming just your friend's wifi network.

Maybe that's not what you want, maybe you want to jam all the people on a particular channel well wifijammer can help you even with that just type:

sudo wifijammer -c <<CHANNEL-NUMBER>>

with -c we specify to wifijammer that we only want to deauth clients on a specified channel. Again you can see with airodump-ng who is on which channel.

wifijammer has got many other flags you can check out all flags using this command that you always knew:

sudo wifijammer -h

Hope you enjoyed it, good bye and have fun :)

Read more

1. Pentest Gear
2. Pentest Vs Ceh
3. Pentest+ Vs Ceh
4. Hacker Lab
5. Pentest Process
6. Pentest Questions
7. Hacker Keyboard
8. Hacking Online Games
9. Hacking Process
10. Pentest Smtp
11. Pentest Web Application
12. Pentesting And Ethical Hacking
13. Pentest Guide
14. Pentest With Metasploit
15. Hacking Programs
16. Pentest Network
17. Pentest With Kali
18. Pentest Kit
19. Pentestmonkey Sql Injection

Top Process Related Commands In Linux Distributions

Commands in Linux are just the keys to explore and close the Linux. As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well. In this blog you will exactly get the content about Linux processes commands which are are given below.

ps

The "ps" command is used in Linux to display your currently active processes over the Linux based system. It will give you all the detail of the processes which are active on the system.

ps aux|grep

The "ps aux|grep" command is used in Linux distributions to find all the process id of particular process like if you wanna know about all the process ids related to telnet process then you just have to type a simple command like "ps aux|grep 'telnet'". This command will give you the details about telnet processes.

pmap

The "pmap" command in Linux operating system will display the map of processes running over the memory in Linux based system.

top

The "top" command is used in Linux operating system to display all the running processes over the system's background. It will display all the processes with process id (pid) by which you can easily kill/end the process.

Kill pid

Basically the kill command is used to kill or end the process or processes by simply giving the process id to the kill command and it will end the process or processes. Just type kill and gave the particular process id or different process ids by putting the space in between all of them. kill 456 567 5673 etc.

killall proc

The "killall proc" is the command used in Linux operating system to kill all the processes named proc in the system. Killall command just require a parameter as name which is common in some of the processes in the system.

bg

The "bg" is the command used in Linux distributions to resume suspended jobs without bringing them to foreground.

fg

The "fg" command is used in Linux operating system to brings the most recent job to foreground. The fg command also requires parameters to do some actions like "fg n" n is as a parameter to fg command that brings job n to the foreground.

Related word

• Hacking Lab
• Hacking Names
• Pentest App
• Hacking Browser
• Pentest Ubuntu
• Pentest Companies
• Hacking Link
• Pentest Basics
• Pentest Checklist
• Hacker Computer
• Hacking Health
• Pentest Usb
• Pentest Web Application
• Hacker Ethic
• Hacker Types

Hacking Windows 95, Part 2

In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available tools only).

The first thing we can do when we have read access to the Windows directory through the share, is to locate all the *.pwl files on the c:\windows directory, copy them to your machine where Cain is installed, switch to Cracker tab, pwl files, load the pwl file, add username based on the filename, and try to crack it. If you can't crack it you might still try to add a .pwl file where you already know the password in the remote windows directory. Although this is a fun post-exploitation task, but still, no remote code execution. These passwords are useless without physical access.

One might think that after having a share password and user password, it is easy to achieve remote code execution. The problem is:

• there is no "at" command (available since Windows 95 plus!)
• there is no admin share
• there is no RPC
• there is no named pipes
• there is no remote registry
• there is no remote service management

If you think about security best practices, disabling unnecessary services is always the first task you should do. Because Windows 95 lacks all of these services, it is pretty much secure!

During my quest for a tool to hack Windows 95, I came across some pretty cool stuff:

Internet periscope

Winfingerprint

LanSpy

But the best of the best is Fluxay, which has been written by chinese hackers. It is the metasploit from the year 2000. A screenshot is worth more than a 1000 words. 4 screenshot > 4 thousand words :)

It is pretty hard to find the installer, but it is still out there!

But at the end, no remote code execution for me.

My idea here was that if I can find a file which executes regularly (on a scheduled basis), I can change that executable to my backdoor and I'm done. Although there is no scheduler in the default Windows 95, I gave it a try. 

Let's fire up taskman.exe to get an idea what processes are running:

Looks like we need a more powerful tool here, namely Process Explorer. Let's try to download this from oldapps.com:

LOL, IE3 hangs, can't render the page. Copying files to the Win95 VM is not that simple, because there are no shared folders in Win95 VM. And you can't use pendrives either, Win95 can't handle USB (at least the retail version). After downloading the application with a newer browser from oldapps, let's start Process Explorer on the test Windows 95.

Don't try to download the Winsocks 2 patch from the official MS site, it is not there anymore, but you can download it from other sites. 

Now let's look at the processes running:

After staring it for minutes, turned out it is constant, no new processes appeared.
Looking at the next screenshot, one can notice this OS was not running a lot of background processes ...

My current Win7 has 1181 threads and 84 processes running, no wonder it is slow as hell :)

We have at least the following options:

1. You are lucky and not the plain Windows 95 is installed, but Windows 95 Plus! The main difference here is that Windows 95 Plus! has built-in scheduler, especially the "at" command. Just overwrite a file which is scheduled to execution, and wait. Mission accomplished!
2. Ping of death - you can crash the machine (no BSOD, just crash) with long (over 65535 bytes) ICMP ping commands, and wait for someone to reboot it. Just don't forget to put your backdoor on the share and add it to autoexec.bat before crashing it. 
3. If your target is a plain Windows 95, I believe you are out of luck. No at command, no named pipes, no admin share, nothing. Meybe you can try to fuzz port 137 138 139, and write an exploit for those. Might be even Ping of Death is exploitable?

Let's do the first option, and hack Windows 95 plus!

Look at the cool features we have by installing Win95 Plus!

Cool new boot splash screen!

But our main interest is the new, scheduled tasks!

Now we can replace diskalm.exe with our backdoor executable, and wait maximum one hour to be scheduled.

Instead of a boring text based tutorial, I created a YouTube video for you. Based on the feedbacks on my previous tutorialz, it turned out I'm way too old, and can't do interesting tutorials. That's why I analyzed the cool skiddie videoz, and found that I have to do the followings so my vidz won't suck anymore:

• use cool black windows theme
• put meaningless performance monitor gadgets on the sidebar
• use a cool background, something related with hacking and skullz
• do as many opsec fails as possible
• instead of captions, use notepad with spelling errorz
• there is only one rule of metal: Play it fuckin' loud!!!!

Related word

• Hacker Kevin Mitnick
• Pentest Reporting Tool
• Pentest Services
• Hacker Language
• Pentest Bootcamp
• Pentest Magazine
• Hacking Link
• Pentest Certification
• Pentest Online Course
• Hacker Language