Jump to content



- - - - -

FAQ's


63 replies to this topic

#1 BooCocky

  • Members
  • 6,137 posts

Posted 02 March 2011 - 05:48 PM

Q: Whats the best way to learn how to hack?

A: Hack what? Google has the answer to any questions you have. "Hack" is a very general term. Hacking has nothing to do with malicious intent. Its simply a brilliant way of say, having no boundaries and pushing the limits of technology. You may be thinking of a "Cracker" Hackers have no interest in dealing with "Crackers" those who have no knowledge of computing security and just want to get spoon fed and cause trouble.  Get lost!

Q: What sources should I add?

A: http://ininjas.com/repo



Q: How do I get root access in Mobile Terminal (Terminal)?


A: Good question Bro!! Since 90% of the command functions you'll be doing start there!! Here's what you do: Fire up your Terminal App. Type in these commands with return after each command:
  • su - This is a knock telling terminal you want in.
  • alpine - This is the default password. And won't show as you type it. This should be changed first thing after a jailbreak.
  • cd - This changes the directory from /var/mobile to root.
So now you have root access here's how you change your password for better security. Type these commands:
  • passwd - This tells terminal you want to change your password.
  • Type in your new password. Just like when you typed alpine to get root access it will not show as you type it. You will be prompted again to retype your password make sure they match. Hit enter and you're done.
  • The same can be done with your mobile password. Do this by typing passwd mobile <return> and do the same as you did for password.
See ya!! Play smart and play safe!! [emoji-E056]

Q: Where do I get the 520 version of mobile terminal?

A: Here's the link to get the 520 version of Mobile Terminal.

Q: What is Ettercap??

A: Ettercap was born as a sniffer for switched LAN (and obviously even "hubbed" ones), but during the development process it has gained more and more features that have changed it to a powerful and flexible tool for man-in-the-middle attacks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis (such as OS fingerprint).
This was taken directly from the Ettercap manual.

Q: Where to I get Ettercap from?

A: Add this repository to Cydia:

http://cydia.theworm.tw

Automatically, it will upgrade some libnet and network-cmds packages.  This is completely normal and is even recommended. Also grab libtool from "The Worm Repository" or else you will get errors when starting Ettercap.

Q:L3_ERROR WTF is that? Ettercap wont work!

A: I have no idea what this is, I have had success with redirects on both secure and insecure routers. As long as your forwarding the packets by using promisc mode or enabling IP forwarding after issuing the Ettercap command. It should work fine. That's really all I can tell you :(, there are many subjects on Google about this.  I am not an Ettercap expert, it took a long long time before I discovered how to get it working.  I did not have the privilege of asking someone on the internet, I had to Google, Google, Google.  Until it finally clicked.  I am not interested in Ettercap really anymore, moving on to bigger and better things.

Q: How do I use SET? I heard you can do "cool" things like redirects and such with it and break into computers? haha hehe :)

A: Whoa, whoa, slow down their cowboy. If that's all your interested in than get lost.  SET has many, many uses other than the attacks I used in my videos.  However I do have SET on my repository, and I even went through the trouble of editing the configuration file to be used on iPhone with Ettercap and Metasploit thank you very much. First Ettercap can severely mess up your router if you don't know what your doing, only temporarily, but that is one less support thread we can weed out. Second, Metasploit has been integrated into many of SET's attacks. Its anti-virus encoding, server, and payload implementations rely on the Metasploit framework.  You need to install Metasploit for the specific attack I used in my video to work if you really want to do so.

Q: How do i get Metasploit on a 3G+ device?

A: Download it here, extract the files with iFile, change the name to "framework3", then move the folder to /var/mobile/pentest/exploits. In terminal, as root, type "cd /var/mobile/pentest/exploits/framework3" then "./msfconsole".

Q: How do I get Metasploit working on a 2G Device?

A: First off, because the 2Gs are old models, they have very little RAM. RAM determines how many things you can be doing at once on your device. To increase your RAM, download "iMemoryEnhancer" from this repo: http://iphoneame.com/repo/ to use it, activate SBSettings, hit Processes, then Free Memory. That will temporarily give yiu more RAM. Secondly, this Metasploit uses Perl, which is a really large programing language that can be used on many devices. If you don't have it already, download the "Perl Install Script" from my Repo above, then refresh your sources after you've ran the Terminal Command (installperl). You should have a ton of new packages. To make things simple, download "Harvester" from my repo and that will add all of the necessary parts. After you have perl, you need to download a package called "Subversion". Make sure your filter is on "Developer". Once you have it, go in terminal and type "su" then  your password (The default is "alpine"), then "cd /var/mobile/pentest/exploits" and after that, "svn co http://www.metasploi...amework2/trunk/ framework2".  Then type "p" so you accept the source. Now wait 10 minutes for you to download it all. After that's done, activate iMemoryEnhancer are open Terminal again. Then type "su", then "alpine", then "cd /var/mobile/pentest/exploits/framework2" and finally, "./msfconsole"

Q: Are there some good video tutorials on metasploit framework?

A: Check out these links to video tutorials.

Q: How do I get and use TOR on my Device?

A: 1. Download this .deb file: http://sid77.slackwa...phoneos-arm.deb
2. Install it with iFile (Click on the file and click "Installer")
3. Click the "Refresh" button in Cydia.
4. Download the "Tor Toggle" for SBSettings.
5. To activate it, turn the toggle on, then go to Settings -> Wifi -> Your Wifi Network. Now scroll down to "http proxy" and click "Manuel". Set the port to "8118" and the server to "127.0.0.1"
6. Now close Settings and browse the web :)

Q: How do I SMS Bomb with iPwN?

A: Okay skippy this is an easy to do thing. 1st you need to make a fake G-Mail account. The G-Mail address will show up in the messages so don't be a dummy and use your regular account unless you want them to know who bombed them. If that is the case then you have declared war. Start iPwN and follow the steps. When you are asked for the g-mail account input the whole thing including the .com. When it comes to the part for phone number use the area code also. When it asks for the carrier that's your targets carrier silly not yours. When it asks the number to send send no more than 250. This should lockup their phone and/or send it into an aploptic fit.  [emoji-E105]  25 text bombs is annoying. 50 - 75 is brutal. 100 is torture. 250 is just plain merciless. Have fun and play smart and safe.  [emoji-E056]  [emoji-E011]

Q: I heard you can steal peoples passwords over wifi! How do I do that?

A: Well, yes you can, but you can't just get any of their passwords that easily. You can run whats known as an MITM, or Man In The Middle, attack. What this does is uses ARP spoofing to trick the target computer/s into sending their traffic through your computer or iPod, and you use a packet recorder and sniffer combo to read the passwords, urls, etc such as pirni and derv or firesheep. But an MITM attack isn't guaranteed to get the password. If the website they are logging onto uses https, which is a secure version of http, hence the S, you aren't going to be able to get a password. In this case you will need to be a little more creative. You will need to be a bit more skilled. You will need to copy the login page of the site you want the password for, like facebook, with wget. Then you will need to put that in your webservers main page as index.html, along with a script that records the input into the username and password field into a .txt file. When you have that all ready you just need to run iPwN, use the dns spoof attack, and DON'T use the wildcard target! How suspicious would it look if you wanted to go to google but you get sent to facebook? Just say no to a wildcard and put in the URL of the login page. Now there you go! Leave that run for a bit and check the .txt file for passwords.

Q: But when they visit the URL I'm faking it says "http://192.168.1.2:80/var/www/index.html" How do I make it different?

A: Now that is an excellent question! Unfortunately, you cannot change the ip of the URL, but you CAN change the directory so it looks less suspicious. If you are using Lighttpd from cydia go to /etc/lighttpd2.conf and change the first line, which should say 'server.document-root = "/var/www" '
Change the directory to any that you want. For example, if you are getting a facebook login, change it to something like "/facebook/default_login". Then just make a directory to there and put your index.html there and your keylogger. There you go! You can now get people's passwords!

Q: I can't find those lovely PDF manuals in the files of my favorite exploit!!! How can I read it if I can't find it?

A: Well sport you're asking a good question. Ironman has compiled a library of Exploit Manuals and How To's in an easy to deal with PDF format. Put them in iBooks to read at your leisure. Here's a link to the library.


Hacking is not easy, if it were the internet would be one big mess don't you think? You have to learn how to solve your own problems. That pretty much applies to life in general. I do not know everything about "hacking", I simply have a passion for programming and technology.  Actually, I "get off" (lol) more when I get a new tool, or port a new program, and let YOU GUYS test it out and use it day to day. Your compliments are what keep me going, I could not thank you enough for that. That's my thing, I have no interest in invading anyone's privacy lol.  Simply solving these problems elegantly is my goal and passion, and is what I will continue to do. 


#2 BooCocky

  • Members
  • 6,137 posts

Posted 02 March 2011 - 05:49 PM

what do you guys think? please give me suggestions on what else I should add.  I was going to put this on my profile, thats why I made it.  But I can clean it up, Im not trying to look so self centered by saying "me" there are other smarties on this forum like Ironman and Leffy, and blibby and others sorry if I forgot! just people that have actuall interest and not just causing trouble

#3 LankAsif

    Advanced Sexually

  • Members
  • 1,476 posts

Posted 16 March 2011 - 05:27 PM

As a noob I can admit that we have become lazy. After finding a resource where we are allowed access to (without being badgered) people like you guys who are so altruistic and help to the extents that you do, it's easy to fall into the trap of forgetting all the other resources at our disposal. It's sad lame that we are offered a hand and try to take the whole arm. We as noobs need to pay attention to our etiquette and remember to tow the line. I hope other noobs read this and realise that it isn't just the perspective of a pro.
As for you doing all you do for nothing but compliments (along with Ironman.. - too many to mention), it's been a rewarding experience whitnessing people helping others for nothing but goodwill. So a very BIG THANK YOU to all of youu who help the likes of me through this adventure. I hope it never comes across as though you are taken for granted.
PS: Hope this doesn't seem like a random rant, but I just thought it should be said.
cheers guys  ;)
There are three kinds of people in this world.
Those who can count, and those who can't.
Posted Image

#4 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 23 March 2011 - 11:52 PM


Here is a quick link to the
mysql and db_autopwn  thread
http://ihackmyi.com/...ic,46504.0.html
Posted Image

#5 Blibby

    Average Joe

  • Members
  • 4,996 posts

Posted 26 March 2011 - 03:02 AM

You should first add these repos which contain valuable hacking tools:
http://boococky.hostei.com/cydia/
http://cydia.theworm.tw/
http://trcx.site50.net/cydia/
http://fenyx.net23.net/


#6 Blibby

    Average Joe

  • Members
  • 4,996 posts

Posted 27 March 2011 - 04:13 AM

I think above where it gives all of those links to learn about Metasploit, there should only be one link that takes you to the topic with all of those links in it already. Like the way ironman's hack tool manuals are in one link. The link to all the videos is here. I'm hoping a mod will come along and change this...

#7 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 27 March 2011 - 04:16 AM

+1 the FAQ might be easier to mantain if we just made all the questions into a link to a post containing the answer that way it's not so overloaded looking. I'd do it if someone just gave me a thumbs up

#8 Blibby

    Average Joe

  • Members
  • 4,996 posts

Posted 27 March 2011 - 04:21 AM

Ehh, not everything should be linked. Only somethings. Like there already are many posts about how to get Tor or Metasploit, but it's nice to have it right here, with no other crap in it. The only reason I think we should link things is to make it a little shorter so it will be easier for others to read it all.

#9 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 27 March 2011 - 04:24 AM

I agree about the shorter part.  But I think that it's easier to read/maintain if you can see all the questions. You can read through the question a lot easier, and the you just click the question and boom! There is your answer

#10 Blibby

    Average Joe

  • Members
  • 4,996 posts

Posted 27 March 2011 - 04:27 AM

I see the positives and negatives. I wouldnt be mad if that's what happened tho. That is how the really old "FAQs" by that one guy is.

#11 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 27 March 2011 - 04:30 AM

I haven't seen that post I'll look for it and see what you mean

#12 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 27 March 2011 - 10:22 AM

I've updated this.

#13 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 27 March 2011 - 12:37 PM

I reorganized it a little to make it flow better.

#14 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 28 March 2011 - 04:28 AM

Thanks brutal!!! It's nice to know we have you to help with this. We truly appreciate all you've done here. 
Posted Image

#15 Gavin

  • Members
  • 5,844 posts

Posted 29 March 2011 - 02:07 AM

Ironman said:

Thanks brutal!!! It's nice to know we have you to help with this. We truly appreciate all you've done here.  [emoji-E056]  [emoji-E011]

Yes thank you much brutal :)

Quote

Complainismo strikes again

#16 brutal truth

    Member

  • Moderators
  • 8,695 posts
  • iPhone:iPhone 4
  • iPod touch:iPod touch 1G
  • iPad:iPad
  • iPod:iPod classic
  • Apple TV:Apple TV 2G

Posted 29 March 2011 - 10:15 AM

No problem.

#17 A12danrulz

  • Validating
  • 3,492 posts

Posted 01 April 2011 - 02:03 PM

But it tells you on the cydia homepage....

Quote

Stupid questions get stupid answers.

#18 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 01 April 2011 - 02:21 PM

It still would be a good thing to add. 

#19 Ironman

    Ninja Trainee

  • Members
  • 6,705 posts

Posted 01 April 2011 - 03:59 PM

This is probably in the tutorials section but here's a quick tut if it isn't.
Q: How do I get root access in Mobile Terminal (Terminal) ?
A: Good question Bro!! Since 90% of the command functions you'll be doing start there!! Here's what you do. Fire up your Terminal App. Type in these. Commands with return after each command.
su ( this is a knock telling terminal you want in)
alpine ( this is the default password. And won't show as you type it. This should be changed first thing after a jailbreak)
cd ( this changes the directory from /var/mobile to root)
So now you have root access here's how you change your password for better security. Type these commands
passwd (this tells terminal you want to change your password)
Type in your new password.( just like when you typed alpine to get root access it will not show as you type it. You will be prompted again to retype your password make sure they match. Hit enter and you're done. The same can be done with your mobile password. Do this by typing
passwd mobile <return>
And do the same as you did for password.
See ya!! Play smart and play safe!!  [emoji-E056]
Posted Image

#20 Trcx528

    iPhone Pwner

  • Members
  • 3,131 posts
  • iPod touch:iPod touch 4G
  • Mac:MacBook Pro

Posted 01 April 2011 - 04:02 PM

You might want to mention that as your typing the password it won't show on the screen.