Phishing – Vereda-BA – PayPal

Nosso sistema de Monitoramento Avançado Persistente identificou, em 22/10, novo caso de phishing hospedado em página de governo brasileiro, no município de Vereda/BA, uma página que simula o serviço de pagamento PayPal.

Casos de Phishing hospedados nos domínios ba.gov.br e tjba.jus.br já foram relatados aqui no Blog no post Sorria, tem pescaria na Bahia e a saga da pescaria na Bahia continua.

O phishing pode ser acessado por meio da URL http://vereda.ba.gov.br/wp/wp-content/uploads/2013/05/public/myaccount/settings/

🌎@RubyOfSec

https://www.defcon-lab.org/phishing-vereda-ba-paypal/

Exército Brasileiro - Arquivo Secreto

Hackers Vazam Dados sensíveis e sigilosos do exército brasileiro, Não se sabe ainda o motivo do vazamento, Informações que cita o candidato a presidente (Jair Messias Bolsonaro).

🌏 @RubyOfSec

Download: https://drive.google.com/file/d/1Q7rEKbl2d4n7iJ_INKxFr1kbGb0dpC9_/view?usp=drivesdk

Vazamento de Dados – Telefonica.com – KelvinSecTeam


Nosso sistema de Monitoramento Avançado Persistente identificou, em 26/10, uma publicação no site de compartilhamento de texto Pastebin.com que aparentemente divulga vazamento de dados da empresa de telefonia Telefonica.

A publicação foi atribuída ao grupo de pesquisadores venezuelanos, KelvinSecTeam. Ela inclui dados pessoais de ao menos 12 usuários do sistema atacado (nome, e-mail, HashSenha, Ativo, IdPerfil, IdTipoUsuario, IdEmpresa, CPF, DataNascimento, EmailChefe, Colaborador, Instrutor, Coach, IdResponsavel).

🌏 @RubyOfSec

https://www.defcon-lab.org/vazamento-de-dados-telefonica-com-kelvinsecteam/

Termos

Conheça alguns termos da invasão.

🌎@RubyOfSec

Honeypots - Atraindo e Isolando Hackers

Em vez de tentar bloquear um hacker com
um firewall ou encontrar um hacker com
um sistema de detecção de intrusão,
alguns administradores preferem o
método do honeypot.

🌍@RubyOfSec

https://drive.google.com/file/d/0B8iV-DfDHev3cmNIRldrTmdSZmc/view?usp=drivesdk

🔓 #Segurança #Telegram
Telegram Desktop salva conversas localmente em texto simples
〰〰〰〰〰〰〰〰〰〰〰〰〰
https://www.bleepingcomputer.com/news/security/telegram-desktop-saves-conversations-locally-in-plain-text/

🗂 #Links #Library #DarkNet
〰〰〰〰〰〰〰〰〰〰〰
@DARKNET_BR

📚 Hackerplace

📚 Index of Library
〰〰〰〰〰〰〰〰〰〰〰
http://52wdeibt3ivmcapq.onion/contents.html

📚 Index of Library
〰〰〰〰〰〰〰〰〰〰〰
http://libraryqtlpitkix.onion/library/

📚 Imperial Library
〰〰〰〰〰〰〰〰〰〰〰
http://xfmro77i3lixucja.onion/

📚 Calibre Library
〰〰〰〰〰〰〰〰〰〰〰
http://pepaieloghlblocc.onion/mobile

(Apt list) (chmod +x .sh) (python.py)

|~°•°~°•°~°•°~°•°~°•°~°•°~°•°~°•°~°•°~|

Comandos básicos de Termux:

Comando; apt update
Comando; apt upgrade
Comando; termux-setup-storage
Comando; cd (storage)
Comando; ls
Comando; cd /sdcard/Download/
*(Mover arquivo para o Termux)
Comando; cd /sdcard/Download/(arquivo) $HOME
Comando; pwd (indicar a pasta atual)
Comando; cd /data/data/com.termux/files/home/
Comando; unzip (arquivo)
*(Copiar e mandar)
Comando; cp (arquivo) /data/data/com.termux/usr/bin/
Comando; cd /data/data/com.termux/usr/bin/
Comando; cd /data/data/com.termux/files/home/
*(Remover arquivos)
Comando; rm -r (arquivo)
Comando; cd .. (retroceder pasta)
*(Regressar a pasta home Termux)
Comando; cd /data/data/com.termux/files/home/
*(Abrir sessão nova)
Comando; [CTRL e ALT+c]
Comando; exit ou [CTRL+d] e enter pra ambos (eliminar sessão)
*(Instalar pacotes)
Comando; apt install (pacote)
Comando; apt list (listar pacotes)
*(abrir pagina com termux)
Comando; termux-open (site)
Comando; dpkg --print-architecture (Arquitetura)
Comando; ifconfig (informações)
python3 --version
touch .hushlogin remover banner
screenfetch mostra as configurações do celular tipo modelo da ram/gpu etc...
_________________________________

Pacote de Ferramentas:

apt install git
apt update
apt upgrade
git clone https://github.com/3xploit666/packtermux
cd packtermux
chmod 755 * noscriptpack.sh
sh noscriptpack.sh
_________________________________

Lazymux:

apt install python2
apt install git
apt update
git clone https://github.com/Gameye98/Lazymux
ls
cd lazymux
ls
python2 lazymux.py
_________________________________

Tool-X:

apt update
apt install git
git clone https://github.com/Rajkumrdusad/Tool-X
cd Tool-X
chmod +x install.aex
sh install.aex (if not work than type) ./install.aex
(y)
Enter
Clear
Tool-X
_________________________________

Setoolkit(pishing):

pkg update
pkg upgrade
pkg install python
pkg install python2
git clone https://github.com/trustedsec/social-engineer-toolkit && cd social-engineer-toolkit

python setup.py instala o 
setoolkit

Atualização: 
mestre de origem git pull

sudo ./setup.py instala 
setoolkit

_________________________________

Brutal:

apt update
apt install git
git clone http://github.com/Screetsec/Brutal
ls
cd Brutal
ls
chmod +x Brutal.sh
./Brutal.sh
_________________________________

RED HAWK:

pkg install git
pkg install php
pkg update
git clone https://github.com/Tuhinshubhra/RED_HAWK
cd RED_HAWK
chmod +x rhawk.php
php rhawk.php
Rhawk: (site)
Rhawk: 1
_________________________________

NMap:

pkg install nmap
pkg update
nmap
nmap -v -A (IP da rede,site)
2° ping (site) = (IP da rede)
_________________________________

Xshell:

pkg install python
pkg install php
pkg install Git
pkg update
pkg upgrade
git clone https://github.com/Ubaii/Xshell
cd Xshell
python xshell.py
_________________________________

Routersploit:

-apt install python2
-apt install git
-python3 --version
-apt update
-apt upgrade
-git clone https://github.com/threat9/routersploit.git
-cd routersploit
-pip3 install -r requirements.txt
-pip3 install -r requirements-dev.txt
-pip3 install requests
-pip3 install future
-python3 rsf.py
rsf> show all
rsf> use (module/module/module_mod)
rsf> back (sair do módulo)
_________________________________

Airgeddon:

-cd termux-ubuntu
-./start-ubuntu.sh
# apt-get update
# apt-get install git
# git clone https://github.com/v1s1t0r1sh3r3/airgeddon
# ls
# cd airgeddon
# ls
# chmod +x airgeddon.sh
Enter
Enter
# apt-get install net-tools
# ./airgeddon.sh
# apt-get install aircrack-ng
_________________________________

Torshammer:

apt install python2
apt install tor
apt install git
apt update
apt upgrade
git clone https://github.com/dotfighter/torshammer
cd torshammer
python2 torshammer.py
Torshammer: python2 torshammer.py -t (target site) -r 256 -p (port)
_________________________________

Hunner:

-pkg install python
-pkg install git
-pkg update
-git clone https://github.com/b3-v3r/Hunner
-ls
-cd Hunner
-chmod 777 hunner.py
-python hunner.py
___

______________________________

IPGeoLocation:

1- pkg install python
2- pkg install git
3- pkg update
4- git clone https://github.com/maldevel/IPGeolocation
5- cd IPGeoLocation
6- pip2 install -r requirements.txt
7- easy_install-3.6 termcolor
8- ./ipgeolocation.py -t (IP)
9- dar enter
_________________________________

Planetwork-DDOS:

apt install git python2
apt update
(Lazymux)
cd Planetwork-DDOS
python2 pntddos.py
pntddos.py <ip> <port> <packet>
_________________________________

Hydra:

-apt install hydra
-hydra

Black Hydra:

apt update
apt upgrade
apt install python
apt install python2
apt install git
git clone https://github.com/Gameye98/Black-Hydra
cd Black-Hydra
chmod +x blackhydra.py
python2 blackhydra.py
_________________________________

Facebook Brute Force:

apt update
ls
cd Lazymux
ls
python2 lazymux.py
04
02
ls
cd facebook-brute
ls
pwd (mais pra frente copia e cola em PASSWORD) + (/password.txt)
python2 facebook.py
id da pessoa
copia o diretorio
/password.txt
_________________________________

Blackbox:

pkg install python2 wget
wget https://raw.githubusercontent.com/jothatron/blackbox/master/blackbox.py
pip2 install requests pexpect passlib python2 blackbox.py -h
_________________________________

Netaattack:

-cd termux-ubuntu
-./start-ubuntu.sh
# apt install python
# apt install git
# git clone https://github.com/chrizator/netattack
# cd netattack
# apt-get install python-nmap python-argparse python-scapy iw
# chmod +x netattack.py
# ./netattack.py
_________________________________

Metasploit:

(Metasploit-Framework) 1°
$termux-setup-storage
$apt update
$apt upgrade
$apt install curl then type command $curl -LO https://raw.githubusercontent.com/Hax4us/Metasploit_termux/master/metasploit.sh
$ls
$chmod 777 metasploit.sh
$sh metasploit.sh
$cd metasploit-framework
$./msfconsole

(Metasploit.sh) 2°
1° termux-setup-storage
2° apt install update e upgrade
3° apt install curl
4° curl -LO https://raw.githubusercontent.com/Hax4us/Metasploit_termux/master/metasploit.sh
5° chmod +x metasploit.sh
6° ./metasploit.sh (instalação)
7°msfconsole

pkg install wget
wget https://Auxilus.github.io/metasploit.sh
bash metasploit.sh
_________________________________

SCANNER-INURL:

pkg install git
$ pkg install php
$ git clone https://github.com/googleinurl/SCANNER-INURLBR
$ cd SCANNER-INURLBR
$ ls
$ chmod +x inurlbr.php
clear
$ php inurlbr.php
$ php inurlbr.php --help
_________________________________

SQLscan:

pkg install php
pkg install git
pkg install update
git clone https://github.com/Cvar1984/sqlscan
cd sqlscan
chmod +x sqlscan.php
php sqlscan.php
_________________________________

BruteXSS:

apt upgrade
apt update
apt install python2
apt install git
git clone https://github.com/shawarkhanethicalhacker/BruteXSS
cd BruteXSS && ls
python2 brutexss.py
_________________________________

Termux-sudo:

apt instalar git
git clone https://github.com/Bhai4You/Termux-Sudo
cd Termux-Sudo
chmod +x sudo.sh
bash sudo.sh
_________________________________

A-Rat:

pkg install python2
pkg install git
pkg install update
pkg install upgrade
git clone https://github.com/Xi4u7/A-Rat
cd A-Rat
Python2 A-Rat.py
help
_________________________________

Weeman (pishing):

apt update
apt install git
apt install python2
git clone https://github.com/evait-security/weeman
cd weeman
python2 weeman.py
show
set url (link do site que deseja clonar)
set action_url (ex:http://facebook.com/login)
Run
2° terminal:
./ngrok http 8080
_________________________________

SqlMap:

git clone https://github.com/sqlmapproject/sqlmap
cd sqlmap
ls
chmod +x sqlmap.py
ls
chmod +x sqlmapapi.py
python2 sqlmap.py
_________________________________

Recon Dog:

-apt install git
-apt install python2
-apt update
-git clone https://github.com/s0md3v/ReconDog
-cd ReconDog
-chmod +x dog.py
-python2 dog.py
_________________________________

Hakku Framework:

apt-get upgrade
3.apt install python
4.apt install python2
5.apt install git
6 gith