ඔබ තවමත් Widane Forums සාමාජිකයෙක් නෙවෙයි ද..?

Widane Forums හි සියළුම ලිපිවල ඇති සියළුම Links වෙත පිවිසීමට නම් ලියාපදිංචිවීම අනිවාර්යයි.
ඔබගේ සියලුම තාක්ෂණික ගැටළු සඳහා විසඳුම් සොගැනීමට වගේම දැනුම බෙදාගැනීම සඳහා මෙහි ඉඩකඩ වෙන්කර තිබෙනවා.
ඉතින් ඇයි තවත් බලාගෙන ඉන්නේ ඉක්මනින් ලියාපදිංචිවී ඔබගේ දැනුම වැඩිකරගන්න.

Register Here




 
Welcome, Guest
You have to register before you can post on our site.

Username/Email:
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 1,279
» Latest member: Prageeth
» Forum threads: 396
» Forum posts: 2,685

Full Statistics

Online Users
There are currently 34 online users.
» 2 Member(s) | 28 Guest(s)
UptimeRobot, Bing, Google, Facebook, Area Master, Nicky_47

Latest Threads
Android RAT - SPYNOTE V5 ...
Forum: Remote access
Last Post: Amil sudaraka
1 hour ago
» Replies: 30
» Views: 1,965
Linux Exploit Development
Forum: Other - Hacking related
Last Post: ph03n1x
3 hours ago
» Replies: 4
» Views: 13
මම අද ගෙනාවේ කස්ටියට GTA ...
Forum: Computer Games
Last Post: Area Master
5 hours ago
» Replies: 2
» Views: 45
ඕනිම කෙනෙක්ව Track කරමු T...
Forum: Other - Hacking related
Last Post: Area Master
5 hours ago
» Replies: 27
» Views: 1,400
Dialog Free 100mb
Forum: Other - Hacking related
Last Post: Anøn LK
5 hours ago
» Replies: 11
» Views: 292
Zip Bomb
Forum: Real Viruses
Last Post: ph03n1x
5 hours ago
» Replies: 10
» Views: 719
kali linux phishing tool(...
Forum: Phishing & Tabnabbing
Last Post: Amil sudaraka
8 hours ago
» Replies: 9
» Views: 380
පුළුවන් නම් Image එකක්......
Forum: Special Notices
Last Post: Elite_x
11 hours ago
» Replies: 2
» Views: 33
ඕනේම torrent එකක් direct ...
Forum: Internet
Last Post: Nick Killer(Nadun)
Yesterday, 06:45 PM
» Replies: 5
» Views: 196
The Warez Scene
Forum: Miscellaneous Computer Talk
Last Post: Elite_x
Yesterday, 03:21 PM
» Replies: 9
» Views: 261

 
Heart Linux Exploit Development
Posted by: ph03n1x - 3 hours ago - Forum: Other - Hacking related - Replies (4)

[Image: protostar-stack0.jpg]
Hello there, In this tutorial we are going to learn Linux exploit development. We use protostar Linux mashing for this purpose. Protostar was developed by exploit-exercises.com .Unfortunately The host site is now down. Anyway you can download the iso file from internet. Just google it. So first Download it and use virtualbox or Vmware as the virtualization software.

As the first step boot protostar and log in as root. Default username/password s are “root:godmode”. After log in as root use ifconfig to get the IP of the mashing.

[Image: protostar-ifconfig.png]

Now you can use SSH in Linux or putty to access our victim mashing. This time you have to log in as normal user. Default credentials are “user:user”.

[Image: protostar-login.png]

There is one more thing to do before you actually start learning process.
Just change your shell to bash by entering bash.Because with bash shell you have more power than the sh shell.
Now the interesting part is beginning. All of challenges are located inside “/opt/protostar/bin”.
So use cd && ls

Code:
cd /opt/protostar/bin && ls

There are 25 levels to play which can be divided into following main categories.
  1. Stack based buffer overflows
  2. Heap based buffer overflows
  3. Format string Exploits
Most easy part to understand is stack based exploits. Even if you are new to exploit development you can understand what’s going on. The first level you want to try is stack0. It’ll teach you how function calls are happened?.  How stack frames are build and how to over flaw data outside of allocated buffer etc.

let's see what we have to do.

Code:
./stack0

just enter a string and see what happens.

It’s said to retry. Confused

[Image: stack0-1st-try.png]

We have given the source code also.but actually it doesn’t help a lot. Just try to get an idea of what happening.

Code:
#include<stdlib.h>
#include<unistd.h>
#include<stdio.h>
int main(int argc,char **argv){

 volatile int modified;
 char buffer[64];
 modified=0;
 gets(buffer);
 if(modified!=0){
   printf("you have changed the 'modified' variable\n");
 }
 else
 {
   printf("Try again?\n");
 }
}

First it declare two variables called ‘modified’ and ‘buffer’. The size of buffer is 64 bytes. After it takes a string as the input from user and copies that to buffer space. This code doesn’t any kind of bound checking before copy data into buffer space. It doesn’t care if supplied string is lager than buffer space . Buffer overflows are occurred in such a situations.
Did you note something special when declaring ‘modified’ integer value.? why there is a volatile keyword? First we give value zero to our ‘modified’ value.But in this code it’s never changed and after that there is an if-statement for check if int variable is equal to zero or not. What a joke hear.  .  When compiler see this ,  it don’t care about if-statement and optimize the code.That’s why the ‘volatile’ keyword is used in above code. It says compiler , ‘Hay GCC Don’t bother about the integer value . It may change when run time  Big Grin Big Grin Big Grin .

Now the time to disassemble the binary and see inner working of it. We use GDB for this. Let me introduce you our awesome tool GDB. It’s a acronym for GNU debugger. By using a debugger we can see how things are happening inside the mashing code. In following screenshot you can see I have used Intel syntax for assembly.
Code:
set disassembly-flavor intel

The reason to use Intel’s Assembly syntax is it’s clear ,  user friendly and easy to understand.

As the next step I disassembled the main function.You can see assembly instructions in the red box.

[Image: gdb-disass.png]

You can see that I disassembled the main function with


disass main

There are some Hexadecimal values in the left hand side.Those are called memory addresses.Our assembly instructions are stored at these locations. The computer memory is divided into some small parts called bytes.You know that one byte is equal to 8 bits. 1 bit can hold zero or one. So in binary 8 bits can hold 256 values. Their range is 0 to 256 in decimal. Normally we work with 4 byte words.
In CPU there are 5 main components for processes instructions.
  1. Data bus
  2. Instruction Decoder
  3. Program counter
  4. Arithmetic and logic unit (ALU)
  5. Registers
The program counter keeps track of what instruction should be processed this time and what’s next to get executed. Actually this is happened with EIP register. EIP register always hold the memory address of the instruction . Now CPU knows the memory address of the instruction . So it takes the instruction and give what ever found on that address to the Instruction Decoder. The instruction those fetched from memory are something called op-codes. The have their own meaning.The Op-Code for pop EDI  is 5f while Op-Code for inc ebp is 45 .Duty of Instruction Decoder is find out what to do from these op-codes.If it see op-code 5f it says CPU ‘pop off the stack and save value of the ESP in EDI’ .  As the final step needed data come through the data bus and processed in ALU. After that processed data is saved in memory or registers. OK , I hope you understood what’s going on hear.

Actually instructions like push ebp / mov ebp,esp are not coming from main function. They are included by the compiler to make a stack frame for the function. Let me quickly introduce you the term stack.
The stack is a concept that used in Computer science.In programs we have to use functions for make things easy and clear. In languages like C and python you can see that we supply some arguments to function and functions return some data too. So how this is possible? .This is the place Stack comes to play. We use stack for give function arguments.The stack is always begin from high memory and grows to high memory.We can add something to stack by using push command and remove with pop command. The ESP register always points to the top of stack.

In following image I have set a break point  inside of main function.For that I used break *0x80483f4. You may ask me ‘Why you didn’t use break main?’ . Well if we use break main the debugger skips function prologue and only care about the main function’s code because it know the prologue code is coming from compiler. Since we want to see how is stack build, we set the BP like this.

[Image: break-main-1.png]

Next , we use the command i r to see what’s inside of registers.Actually this short form of info registers. You can use one of them .(i r or info registers).Note that EIP is pointing to a address 0x80483f4. Do you remember it? It was the address of first instruction of above disassembled code.EIP contains that value because next instruction waiting to execute is there. we have stopped execution at the start of the code.  Following is the graphical view of the stack. You can see right now there is something on the top of stack called ret. So what’s it. That is return address and after completing our function’s process CPU have to go to that address and execute what ever instruction found at there.

[Image: gr1-1024x310.jpg]

We can examine stack also in GDB. Let’s see how.Command for examine memory in hexadecimal is below.
x/x  [memory address]
If we want to see content in decimal we use d and if we use t we can see in binary.
x/d 0xbffff7bc :  examine memory in decimal at 0xbffff7bc
x/x 0xbffff7bc : examine memory in hexadecimal at 0xbffff7bc
x/t 0xbffff7bc : examine memory in binary at 0xbffff7bc
What if i want to examine multiple words those begin from a address? We can do it in this way.
x/10wx 0xbffff7bc : Examine 10 words in hex at 0xbffff7bc
Another thing to note. We can examine memory at a register directly by using this method.
x/30wx $esp.


[Image: stackbeforepushebp.png]

In above image you can see the return address whiting a green box at top of the esp. Remember that top of the stack in low memory addresses.

Next instruction is push ebp . So theoretically the value of EBP register should copied to top of the stack after this instruction. Let’s see if this true or not?

[Image: stack-after-push-ebp.png]

You can see that in a blue box there is a value copied to stack and it’s 0xbfff838. This is nothing but the value of EBP.  Tongue  . Anther thing is happened . Esp  changed from 0xbffff7bc to 0xbffff7bc. Calculate the difference of them using your calculator on mind.It will be 4. Yes the size of a register is 4 bytes.So ESP got reduced by 4 bytes. Wait why ESP reduced while we push data to stack?. This is because stack is growing to low memory. If something is pushed to stack ESP is reduced. If we pop off the stack ESP goes high. Anyway right now stack looks like this.

[Image: gr2-1024x310.jpg]
Next instruction to execute is mov ebp  , esp . So the value of ESP should copied to EBP. Now both of ESP and ESP registers point to the top of stack like this.


[Image: gr4-1024x310.jpg]
Let’s see this situation in GDB.

[Image: stack-after-move-esp-ebp.png]

I have used another GDB command called ni hear. It is similar to ‘ next instruction’ . The name says all.  It simply executes next instruction . Also in above screenshot you can see that ESP has never changed.We have never push or pop things to stack. So ESP stays on it’s current location.

Next there is a code as and esp , 0xfffffff0 . This command is used to alignment the stack and we don’t  want to care much about this . How ever ESP is changed like this. (Goes to a low address)

[Image: gr5-1024x310.jpg]

As the next instruction there is a sub esp , 0x60 So ESP is reduced by 96 bytes. Where is 96 coming from? . 60 in Hex is similar to 96 in decimal. This is how allocate space for local variables in stack.


[Image: gr6-1024x399.jpg]
We can see this on GDB too.

0xbffff7b0 – 0xbffff750 = 0x60 ==> 96 Bytes in decimal .

[Image: sub-esp.png]
OK. Let’s see what’s up to next?.
mov DWRD PTR [esp + 0x5c] , 0x0
This code gets the address pointed by esp + 0x5c and copies a zero value to it. Since 0x5c is equal to 92 in decimal a zero is copied to 4 bytes ahead of saved EBP. Can you imagine what this line of code actually does? In our C source code there was a int value that equal to zero. This is that value. Shy

[Image: move-0-to-int.png]

Next instruction is.
lea eax , [esp + 0x1c]
lea is stand for Load Effective Address .This will load the address pointed by esp + 0x1c = esp + 28

[Image: lea-to-eax.png]
After that, what ever in the EAX is pushed to the stack. What both of above instructions did together? They load a address to stack. But why? .This is the argument for next function. the next thing to do is call to GETS function. The argument to that function was pushed to the stack. After calling to GETS function it writes data in to that memory address.

[Image: gr7-1024x399.jpg]
Let’s see what happen when GETS function writes input data to the buffer on stack. Now I enter some A s as the string to function.

You can clearly see that our input is copied on the stack.


[Image: inject-As.png]
What if I enter more large number of As ? It will overflow in to our  previous value (modified integer). How much data is needed to overflow into integer value? Since our buffer is 64 bytes If I enter 65 As It will get modified.

[Image: gr8-1024x399.jpg]
Now all clear and OK. It’s time to extraction. We can use lovely <3 Python for this.

If I enter python -c “print ‘\x41’ * 65 “ in a shell I can get 65 As printed. So I can pipe this command’s output as input of stack0 program like this.

[Image: done.png]

Awesome. we did it. We successfully modified the value. It was not just one command. we learned all the theories.

Now there is one more thing. What if I enter a more large input? .


[Image: seg-fault.png]
We got a segmentation fault. Real happiness begins hear. We are going to learn more on this topic on future tutorials.

See you again soon. Thank for reading.

Thilan Dissanayaka.
B.Sc Engineering. [Computer Science]
(Undergraduate)

Print this item

Star පුළුවන් නම් Image එකක්....
Posted by: Elite_x - Yesterday, 05:08 PM - Forum: Special Notices - Replies (2)

ටිකක් ලොකු උදවුවක් ඉල්ලන්න යන්නෙ. උදවුවක් කියපු ගමන් හැරිලා යන්නෙ නැතිව නැවතිලා කියවන්න.

මේකෙ Post Writersලා ගොඩක් ඉන්නවනෙ. ඉතින් ඔයාලා ලියන පෝස්ට් එකට ගැලපෙන විදිහෙ Image එකක් හදලා දාන්න පුළුවන් නම් වටිනවා. මොකද Image එකක් තියෙද්දි අපිට ඒක එහෙම්මම FB එකේ දාන්න පුළුවන්. නැත්තම් අපිට වෙනම ඒක හදන්න වෙනවා. ඒ නිසා පුළුවන් අය ඔයාලා දාන Thread එකට Image එකකුත් නිර්මාණය කරලා දායි කියලා විශ්වාස කරනවා.

Print this item

Star Dialog Free 100mb
Posted by: Elite_x - 02-19-2019, 05:07 PM - Forum: Other - Hacking related - Replies (11)

Dialog Free 100mb  Heart Heart

[Image: eKU9as8.jpg]


මේක නම් BlackHat වැඩක්වත්, Illegal දෙයක්වත් නෙවෙයි. උන් දෙන දේ නිකං ගන්න සීන් එකක්.  Confused

හැබැයි ඉතින් රුපියල් 2ක් විතර කැපෙනවා වැඩේට. ඒත් මොකෝ 100mb නෙ. Big Grin

හරි දැන් Phone එක අරගෙන මේ USSD Code එක ගහපල්ලා.

[Only registered and activated users can see links Click here to register]

දැන් අපෙන් ඉල්ලයි Phone Number එක. එතනට හරියට නම්බර් එක දීලා Ok කරන්න. Angry

දැන් අපිට OTA Verification Code එකක්. ඒක මතක තියාගන්න ඕනෙ ආපු ගමන්. අමතක වෙනවා නම් ලියාගන්න ඉක්මනට.

දැන් කෝඩ් එක දීලා Ok කලා නම් MyDoctor Register උනා කියලා වැටෙයි. ඒත් එක්කම 100mb එයි.

දැන් ඔය Mydoctor Active එකේම තිබුනොත් දවසට රුපියල් 2ක් වගේ කැපෙනවා. Exclamation

ඒ නිසා [Only registered and activated users can see links Click here to register] ගහන්න.

එතන පෙන්වයි Active වෙලා තියෙන Service. ඒකෙන් Mydoctor තෝරලා Deactivate කරන්න. Sleepy

එහෙනම් වැඩේ හරිනෙ. ඊළග ටියුට් එකෙන් හම්බ වෙමු. Sad Sad Sad

Print this item

  මම අද ගෙනාවේ කස්ටියට GTA SANANDREAS එකට Custom Cars දාගන්න විදියයි
Posted by: Nasmi_2004 - 02-19-2019, 01:34 PM - Forum: Computer Games - Replies (2)

Hi හැමෝටම
මම නස්මි


මම අද ගෙනාවේ කස්ටියට GTA SANANDREAS 
එකට Custom Cars දාගන්න විදියයි 
ඉතින් මේ විඩීයෝ බලලා එකෙන් කර ගන්න


Ford Car -  [Only registered and activated users can see links Click here to register]

IMG Edit - [Only registered and activated users can see links Click here to register]
Crazy Trainer -  [Only registered and activated users can see links Click here to register]
මේක දැම්මේ මේ විදියට කරන්න දන්නේ නැති අයටයි 
ඉතින් මගේ චැනල් එකත් සබ් පාරක් කැමති නම් දාන්න
හැමෝටම සුබ දවසක්

Print this item

Video ඕනේම torrent එකක් direct බාමූ | NO SIZE LIMITS
Posted by: Defaltlk - 02-18-2019, 01:53 PM - Forum: Internet - Replies (5)

හුගක් අය ඩිරෙක්ට් download කරන්න ගියාම යොදාගන්න website එකක් තමා seedr ඒත් මේකේ ප්‍රශ්නේ තියෙන්නේ storage ඉතින් ඔය වගේ අසරණ උන වෙලාවට මායි තව යාලුවෙකුයි වෙබ් එකක් හෙව්වා ටොරන්ට් එකක් download කරගන්න , මේ ටොරන්ට් එක පොඩ්ඩක් පරණයි ඒක හින්දා seedr එකේවත් download උනේ නෑ , කොමහරි අහම්බෙන් අපිට වෙබ් එකක් සෙට් වෙනවා අපිට කිව්වට මටම නෙවෙයි මගේ යාලුවට (kenway) පල්ලෙහයින් තියෙනේ ඒ වෙබ් එක , මේක ටික දවසක් පාවිච්චි කරා එකම එක අවුලයි සෙට් උනේ , මේක සමහර වෙලාවට download speed අඩු වෙලා download fail වෙනවා , ඒත් හොද torrent එකක් නම් අවුලක් නැති වෙයි. එහෙනම් අපි ගියා ?❤ කට්ටියට තව මොනාහරි අවුල් හම්බුනොත් කියන්න

[Only registered and activated users can see links Click here to register]

Defalt_lk

[Image: giphy.gif]

Print this item

Thumbs Up FREE දෙන්නේ හරිද ,
Posted by: Nasmi_2004 - 02-17-2019, 04:23 PM - Forum: Computer Softwares & Tools - Replies (6)

Hi හැමෝටම 

මම නස්මි


කස්ටිය ඔයාලට එක ඕනි නම් කියන්න ,
Adobe PhotoShop 2017 CC
මන් ෆ්‍රී දෙන්නම් ඇක්ටිවේටර් එකත් එක්කම ,
කැමති නම් කියන්න ,
අඩුම 10 දෙනෙක්ට වත් ඕනි නම් ම්ං අනිව Post එකක් දාන්නම් ,

ඉතින් තවත් ත්‍රෙඩ් එකකින් හම්බ වෙමු එතකන් සුබ දවසක් ,,,

Print this item

  ශ්‍රී ලංකා පරිගණක අපරාධ පනත පිළිබඳව ඔබ දැනුවත් ද?
Posted by: Area Master - 02-17-2019, 02:16 PM - Forum: News & Happenings - Replies (7)

මම මුකුත් කියන්නේ නැහැ මේක බලන්න. මේක තමයි පරිගණක අපරාධ සම්බන්ධව ශ්‍රී ලංකාවේ පවතින නීතිය හෙවත් පරිගණක අපරාධ පනත පිළිබඳ පැහැදිලි කිරීමක්.

Print this item

Wink WiFi Hacking සම්පූර්ණ වීඩියෝ මාලාව [Updated] [ Tech7 ]
Posted by: Vishwa Amarasinghe - 02-17-2019, 02:09 PM - Forum: Wireless Hacking - Replies (3)

WiFi Hacking ගැන සිංහලෙන් ඉගෙන ගන්න. සම්පූර්ණ වීඩියෝ මාලාව.... 

TECH7 අපේ වැඩක්  Big Grin Big Grin  


මතක ඇතුව අපේ Youtube Channel එකටත්  Subscribe කරල අපිත් එක්ක එකතු වෙන්න...

1 - Introduction To WiFi Hacking   - [Only registered and activated users can see links Click here to register]

2 - How To Install Kali Linux In VMware   - [Only registered and activated users can see links Click here to register]

3 - Basic Linux Commands   -  [Only registered and activated users can see links Click here to register]

4 - Basic Linux Network Commands   - [Only registered and activated users can see links Click here to register]

5 - What Is MAC Address and How To Change MAC   - [Only registered and activated users can see links Click here to register]

6 - Basic WiFi Terminologies   - [Only registered and activated users can see links Click here to register]

7 - Managed Mode vs Monitor Mode   - [Only registered and activated users can see links Click here to register]

8 - WiFi Traffic Sniffing   - [Only registered and activated users can see links Click here to register]

9 - Deauthentication Attack   - [Only registered and activated users can see links Click here to register]

10 - Finding Hidden SSID   - [Only registered and activated users can see links Click here to register]

11 - How To Bypass MAC Filters  - [Only registered and activated users can see links Click here to register]

12 - Introduction  To WEP Hacking  - [Only registered and activated users can see links Click here to register]

13 - Basic WEP Password Hacking  - [Only registered and activated users can see links Click here to register]

14 - WEP Password Hacking With ARP Reply Attack  - [Only registered and activated users can see links Click here to register]

15 - Automated WEP Hacking With WiFite  - [Only registered and activated users can see links Click here to register]

16 - Introduction To WPA / WPA2 Hacking  - [Only registered and activated users can see links Click here to register]

17 - How To Capture a 4-Way Handshake  - [Only registered and activated users can see links Click here to register]

18 - How To Crack WPA/WPA Password Using Dictionary Attack  - [Only registered and activated users can see links Click here to register]

19 - WPA/WPA2 Password Hacking Complete Tutorial  - [Only registered and activated users can see links Click here to register]

20 - How To Generate Dictionaries Using Crunch - [Only registered and activated users can see links Click here to register]

සම්පූර්ණ වීඩියෝ මාලාව(Youtube Playlist)   - [Only registered and activated users can see links Click here to register]

වීඩියෝ වල මොනව හරි අවුල් තියෙනව නම් අනිව කියන්න. එතකොට ඒ වීඩියෝ ආපහු හදන්න පුලුවන්. Smile

Print this item

  හැමෝටම රු.2500
Posted by: Nasmi_2004 - 02-17-2019, 04:50 AM - Forum: Smartphone, Mobiles, Apps & SDK - Replies (9)

Hi හැමෝටම 
මම නස්මි


අද දවසේ ගේන 3 වන ත්‍රෙඩෙ එක


මේකන් ඔයාලට පුලුවන් ,
ෆොටෝ ලැබ් ප්‍රෝ එකයි , 
වීවා විඩීයෝ ප්‍රෝ එකයි ,
නිකන් දෙන්නේ ඔයාලා මේක ඩවුන්ලෝඩ් කරගන්න
ඔක්කොම සල්ලි දිලා ගන්නවනම් 2200 - 2500 යනවා


ලින්ක් ඒකේන් ඩවුන්ලෝඩ් කර ගන්න - [Only registered and activated users can see links Click here to register]
ඉතින් තවත් ත්‍රෙඩ් එකකින් හම්බ වෙමු එතකන් සුබ දවසක් ,,,

Print this item

Wink ඕන කම්පියුටර් එකක් OFF කරමු
Posted by: Nasmi_2004 - 02-17-2019, 04:35 AM - Forum: Networking, Routers, Switches & Firewalls - Replies (10)

Hi හැමෝටම 
මම නස්මි

අද ගෙනාවේ වින්ඩෝස් ගහපු ඕන මැශින් එකක් හරි රිමෝට්ලි ඔෆ් කරන විදිහ


මේක ගොඩක් හොදයි ඔයාලගේ ඉස්කෝලේ කම්පියුටර් ලැබ් එකට කරන්න 
ගොඩක් කට්ටිය දන්නවා කියලා හිතනවා , 
දන්නේ නැති කට්ටියටයි මේක ,
ඉතින් තවත් ත්‍රෙඩ් එකකින් හම්බ වෙමු එතකන් සුබ දවසක්

Print this item