1: Call Boomer Attack Full DC2
What is Call Bombing Attack?
=> Call Bombing main aap kisi ke number pr ek saath 15-20 call kr sakte ho jisse user preshaan hojega, iss attack bs iss attack main itna he hai.
=> Call Bombing is a technique where we can do 100's of call on a Victim mobile within 2-3 minutes time span,
Sabhse phle ye termux-change-repo command daalni h and yha se start krna h commands daalna and uske baad main repo choose krke repo select krni h...koi bhi select krdena
Step #2 => After entering termux-change-repo than select main repo and choose any and agar error aaye toh ek baar saari repos try kro jab tak successful nhi aata and uske baad next command daalni h
Type these new commands below -> Update #2
Sabhse phle ye termux-change-repo command daalni h and yha se start krna h commands daalna
termux-change-repo is simple:
1. Select one or more repositories for which you want to change mirror by tapping "space" and navigating over list by up/down arrow keys. Tap enter to confirm the choice.
2. Pick a mirror, it is recommended to begin with mirror hosted by Grimler. Same as previously, navigate over list by arrow keys, pick mirror by space key and confirm choice by pressing "enter".
Highly recommended to run pkg upgrade after changing mirror.
PKG UPGRADE
Step #1 =>
Go to Playstore => Install Termux application
Step #2 => Type These Commands
Command #1 =>
pkg install git
( If it asks, do you want to continue, press Y and than enter
agar installation ke waqt isne pucha, do you want to continue tabh press Y and enter )
Command #2 =>
pkg install python
( If it asks, do you want to continue, press Y and than enter
agar installation ke waqt isne pucha, do you want to continue tabh press Y and enter )
( If it asks, do you want to continue, press Y and than enter
agar installation ke waqt isne pucha, do you want to continue tabh press Y and enter )
Command #2.2 =>
pkg install openssl
( If it asks, do you want to continue, press Y and than enter
agar installation ke waqt isne pucha, do you want to continue tabh press Y and enter )
Command #2.3 =>
pip install --upgrade pip
( If it asks, do you want to continue, press Y and than enter
agar installation ke waqt isne pucha, do you want to continue tabh press Y and enter )
Command #3 =>
git clone https://github.com/TheSpeedX/TBomb.git
Command #4 =>
cd TBomb
Command #5 =>
chmod +x TBomb.sh
Command #6 =>
./TBomb.sh
Usage....
Step #1 => Press Enter
Step #2 => Press Enter Again
Step #3 => Press 2 for Call Bombing Attack
Step #4 => Type Country Code 91
Step #4 => Type 10 Digits Mobile Number ( Apna Real Number daaliye ) ( Enter your Own Number )
Step #5 => Type Number of Calls ( Type 15 )
Step #5 => Type Delays => 30
Attack Started => and press enter
=============Techboy|Techlab.==============
2: BUG BOUNTY PROGRAM
English => A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
Hindi => Bug Bounty Program basically special offer hota h jo almost sabh companies deti h ki hmari website main Bugs ko / Vulnerabilities / Kmiya find kro and agar milgyi toh company aapko uske liye Paise deti h and recognisation ki aapne unki help kri
Hindi => Ye below website pr list h sabh companies ki, jo abhi offer derhi h ki aap unki website hack kro or kmiya find kro unki app main and vo apko paise degi iske badle
English => Open below website and you will find list of all companies offering Bug Bounty Program
bugcrowd.com/bug-bounty-list
Types of Vulnerability / Bugs?
• Sql Injections
• Cross Site Scripting (Xss)
• Broken Authentication & Session Management
• Insecure Direct Object References
• Cross Site Request Forgery
• Insecure Cryptographic Storage
• Failure To Restrict Url Access
• Insufficient Transport Layer Protection
• Security Misconfiguration
• Cross-Site Request Forgery (Csrf)
• Unvalidated Redirects And Forwards
• & Many more!
Explanation of these topics? How to perform these attacks?
Don't worry in next few days you will learn that
=============Techboy|Techlab.==============
3: WIFI HACKING ( THEORY )
Wireless networks are accessible to anyone within the router’s transmission radius. This makes them vulnerable to attacks. Hotspots are available in public places such as airports, restaurants, parks, etc.
In this tutorial, we will introduce you to common techniques used to exploit weaknesses in wireless network security implementations. We will also look at some of the countermeasures you can put in place to protect against such attacks.
What is a wireless network?
A wireless network is a network that uses radio waves to link computers and other devices together. The implementation is done at the Layer 1 (physical layer) of the OSI model.
How to access a wireless network?
You will need a wireless network enabled device such as a laptop, tablet, smartphones, etc. You will also need to be within the transmission radius of a wireless network access point. Most devices (if the wireless network option is turned on) will provide you with a list of available networks. If the network is not password protected, then you just have to click on connect. If it is password protected, then you will need the password to gain access.
Wireless Network Authentication
Since the network is easily accessible to everyone with a wireless network enabled device, most networks are password protected. Let’s look at some of the most commonly used authentication techniques.
WEP
WEP is the acronym for Wired Equivalent Privacy. It was developed for IEEE 802.11 WLAN standards. Its goal was to provide the privacy equivalent to that provided by wired networks. WEP works by encrypting the data been transmitted over the network to keep it safe from eavesdropping.
WEP Authentication
Open System Authentication (OSA) – this methods grants access to station authentication requested based on the configured access policy.
Shared Key Authentication (SKA) – This method sends to an encrypted challenge to the station requesting access. The station encrypts the challenge with its key then responds. If the encrypted challenge matches the AP value, then access is granted.
WEP Weakness
WEP has significant design flaws and vulnerabilities.
• The integrity of the packets is checked using Cyclic Redundancy Check (CRC32). CRC32 integrity check can be compromised by capturing at least two packets. The bits in the encrypted stream and the checksum can be modified by the attacker so that the packet is accepted by the authentication system. This leads to unauthorized access to the network.
• WEP uses the RC4 encryption algorithm to create stream ciphers. The stream cipher input is made up of an initial value (IV) and a secret key. The length of the initial value (IV) is 24 bits long while the secret key can either be 40 bits or 104 bits long. The total length of both the initial value and secret can either be 64 bits or 128 bits long.The lower possible value of the secret key makes it easy to crack it.
• Weak Initial values combinations do not encrypt sufficiently. This makes them vulnerable to attacks.
• WEP is based on passwords; this makes it vulnerable to dictionary attacks.
• Keys management is poorly implemented. Changing keys especially on large networks is challenging. WEP does not provide a centralized key management system.
• The Initial values can be reused
Because of these security flaws, WEP has been deprecated in favor of WPA
WPA
WPA is the acronym for Wi-Fi Protected Access. It is a security protocol developed by the Wi-Fi Alliance in response to the weaknesses found in WEP. It is used to encrypt data on 802.11 WLANs. It uses higher Initial Values 48 bits instead of the 24 bits that WEP uses. It uses temporal keys to encrypt packets.
WPA Weaknesses
• The collision avoidance implementation can be broken
• It is vulnerable to denial of service attacks
• Pre-shares keys use passphrases. Weak passphrases are vulnerable to dictionary attacks.
How to Crack Wireless Networks
WEP cracking
Cracking is the process of exploiting security weaknesses in wireless networks and gaining unauthorized access. WEP cracking refers to exploits on networks that use WEP to implement security controls. There are basically two types of cracks namely;
• Passive cracking– this type of cracking has no effect on the network traffic until the WEP security has been cracked. It is difficult to detect.
• Active cracking– this type of attack has an increased load effect on the network traffic. It is easy to detect compared to passive cracking. It is more effective compared to passive cracking.
WEP Cracking Tools
• Aircrack– network sniffer and WEP cracker. Can be downloaded from
• WEPCrack– this is an open source program for breaking 802.11 WEP secret keys. It is an implementation of the FMS attack.
• Kismet- this can include detector wireless networks both visible and hidden, sniffer packets and detect intrusions.
• WebDecrypt– this tool uses active dictionary attacks to crack the WEP keys. It has its own key generator and implements packet filters.
WPA Cr@cking
WPA uses a 256 pre-shared key or passphrase for authentications. Short passphrases are vulnerable to dictionary attacks and other attacks that can be used to crack passwords. The following tools can be used to crack WPA keys.
• CowPatty– this tool is used to crack pre-shared keys (PSK) using brute force attack.
• Cain & Abel– this tool can be used to decode capture files from other sniffing programs such as Wireshark. The capture files may contain WEP or WPA-PSK encoded frames.
General Attack types
• Sniffing– this involves intercepting packets as they are transmitted over a network. The captured data can then be decoded using tools such as Cain & Abel.
• Man in the Middle (MITM) Attack– this involves eavesdropping on a network and capturing sensitive information.
• Denial of Service Attack– the main intent of this attack is to deny legitimate users network resources. FataJack can be used to perform this type of attack
Cr@cking Wireless network WEP/WPA keys
It is possible to crack the WEP/WPA keys used to gain access to a wireless network. Doing so requires software and hardware resources, and patience. The success of such attacks can also depend on how active and inactive the users of the target network are.
We will provide you with basic information that can help you get started. Backtrack is a Linux-based security operating system. It is developed on top of Ubuntu. Backtrack comes with a number of security tools. Backtrack can be used to gather information, assess vulnerabilities and perform exploits among other things.
Some of the popular tools that backtrack has includes;
• Metasploit
• Wireshark
• Aircrack-ng
• NMap
• Ophcrack
Cracking wireless network keys requires patience and resources mentioned above. At a minimum, you will need the following tools
A wireless network adapter with the capability to inject packets (Hardware)
• Kali Operating System.
• Be within the target network’s radius. If the users of the target network are actively using and connecting to it, then your chances of cracking it will be significantly improved.
• Sufficient knowledge of Linux based operating systems and working knowledge of Aircrack and its various scripts.
• Patience, cracking the keys may take a bit of sometime depending on a number of factors some of which may be beyond your control. Factors beyond your control include users of the target network using it actively as you sniff data packets.
How to Secure wireless networks
In minimizing wireless network attacks; an organization can adopt the following policies
• Changing default passwords that come with the hardware
• Enabling the authentication mechanism
• Access to the network can be restricted by allowing only registered MAC addresses.
• Use of strong WEP and WPA-PSK keys, a combination of symbols, number and characters reduce the chance of the keys been cracking using dictionary and brute force attacks.
• Firewall Software can also help reduce unauthorized access
=============Techboy|Techlab.==============
=====2022=====
ConversionConversion EmoticonEmoticon