Need a Power-Up in Solo Leveling: Arise? Unlock Free Rewards with These Codes Want to level up your characters faster? Get the inside scoop on working Solo Leveling Arise redeem codes and h… Read More
Blog Directory > Blogging Blogs > Guides Blogs > Hacking Dream guides Blog >
Hacking Dream Blog
hackingdream.net
Tags:
A Blog Where You Can Get A Lot Of Information, Guides On System, Wifi,Internet, Systems, Facebook -Hacking, Tricks, Tips
Find Wordpress Applications and Run WPScan
wget https://raw.githubusercontent.com/Bhanunamikaze/PenTest-Scripts/main/Wordpress_Scanner.sh
Wordpress_Scanner.sh domains.txt
Note: you need to… Read More
Social engineering is a growing threat to businesses, as manipulators use psychological manipulation to exploit people's weaknesses and gain unauthorized access to sensitive informatio… Read More
Cybersecurity is a critical aspect of any organization's infrastructure, as it helps protect sensitive data and systems from cyber threats. However, designing a cybersecurity architect… Read More
In today's digital world, data security is a top priority for individuals and organizations alike. Modern cryptography plays a crucial role in securing sensitive information by providi… Read More
In today's digital age, cybersecurity is more important than ever. As technology advances, the need for skilled professionals who can protect against threats grows. David, a seasoned cyberse… Read More
As technology continues to advance, the future of work is becoming increasingly uncertain. While some jobs may be replaced by automation and artificial intelligence (AI), others will remain… Read More
As we enter 2024, the field of artificial intelligence (AI) is rapidly advancing. In this blog post, we'll explore the current state of AI technology and predictions for its developments in… Read More
The article discusses the transformative role of Artificial Intelligence (AI) and Machine Learning (ML) in penetration testing, showcasing how they revolutionize security evaluations. These… Read More
In an era where digital threats loom at every corner, arming yourself with cyber security knowledge isn't just a choice, it's a necessity. Dive into the world of cyber security with ou… Read More
Welcome to our blog post on the exciting intersection of quantum computing and artificial intelligence (AI). In this article, we will delve into the potential implications of this powerful a… Read More
Spotify is the world's largest music streaming service with over 500 million users. One of the key factors behind its success is its ability to provide personalized music recommendations to… Read More
Artificial General Intelligence (AGI) is a rapidly evolving technology that has the potential to transform society in unprecedented ways. As AGI advances through various stages, it cou… Read More
ChatGPT may also be a game-changer, for it may be just this development that allows for a revolutionary twist in many industries. On the negative side, it might be argued that such tools cou… Read More
Model Stealing or Extraction Attacks tries to replicate the functionality of a proprietary model without direct access to its parameters or architecture. The attacker systematically queries… Read More
Membership Inference attacks seek to identify if a specific data point was included in a model's training data. Observing a model's predictions allows an attacker to gauge the likelihood of… Read More
Model inversion attacks are among the most sophisticated ways in which adversaries can steal sensitive information from the AI models, ranging from details of the training data to the struct… Read More
Data poisoning is a sophisticated cyber attack targeting machine learning models by deliberately altering training data to corrupt the model's accuracy or lead it to incorrect conclusions. T… Read More
Are you interested in pursuing a career in Artificial Intelligence (AI)? With the rapid growth of technology, AI has become an essential tool for various industries. However, navigatin… Read More
Advanced AI systems have revolutionized various industries and aspects of our lives. However, as these technologies become more sophisticated, there are growing concerns about their potentia… Read More
The pace of digital innovation continues to accelerate, bringing to the forefront groundbreaking technologies that promise to redefine our interaction with the digital world. Among these, th… Read More
In this blog post, we will share with you a comprehensive cheatsheet for pentesting those powerful and critical domain controllers. Now, I know what you're thinking: "But why, oh wise one, d… Read More
In lot of scenarios, we usually don't have access to GUI access to web applications but in most of the scenarios - you can find curl installed on the test machine - so, below is a simp… Read More
Installation curl https://packages.microsoft.com/keys/microsoft.asc | sudo tee /etc/apt/trusted.gpg.d/microsoft.asc
#Download appropriate package for the OS version
#Choose only ONE of the… Read More
In the fast-paced world of artificial intelligence and machine learning, local LLM (Large Language Models) such as ChatGPT have revolutionized how we interact with technology. These models a… Read More
In the digital age, where cyber threats are becoming more sophisticated, the importance of secure coding cannot be overstated. Secure coding practices are essential for developing Applicatio… Read More
As we approach 2024, the landscape of cybersecurity is evolving rapidly, influenced by both emerging technologies and shifting threat dynamics. Experts in the field have been closely monitor… Read More
In the digital era, the internet has become a pivotal part of our daily lives, serving as a gateway to a wealth of information and connectivity. However, this vast digital landscape is… Read More
Introduction:Embarking on your journey in Getting Started in Ethical Hacking and Penetration Testing is not merely about learning to "be a hacker"; it encapsulates a mindset focused on secur… Read More
RMI can be run on any nonstandard port and when RMI is running you will observer one more endpoint port connected to it (find it from nmap easily by running rmi-dumpreg… Read More
#nmap
nmap -Pn -sV -p1521 --script=oracle* 10.10.10.10
#Check for service Version
#Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5,
#try this… Read More
Basic info About SNMP
Ports - 161,162,10161,10162/udp
SNMP is a based on UDP, stateless protocol --> susceptible to IP spoofing and replay attacks.
SNMP1, SNMP2, SNMP2C --> ca… Read More
Before getting into the Attacking and Exploitation, it is recommended to know the difference between vSphere, vCenter and ESXI/ESX hosts. VMware vSphere: VMware vSphere is the nam… Read More
Egg hunting in 32-bit Windows binary exploitation is a technique used to locate and exploit vulnerabilities in software running on 32-bit versions of the Windows operating system. we are goi… Read More
Get shellcode of the binary using objdump
objdump -d ./Exit.o|grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-6 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s… Read More
X64 Exploit concepts
#JMP RAX
Final Exploit - `nops + shellcode + JUNK + JMP RAX`
#JMP RSP - use when there is not enough space for shellcode before RIP register.
Final Exploit - `JUNK +… Read More
# Simple BOF
# jmp_address - somewhere at the start of NOPS
NOPS + shellcode + A*(EBP_offset-len(shellcode)) + jmp_address
#When you have less buffer add the exploit in env and try t ocall… Read More
Make sure to set a breakpoint and run the program before running below commands when trying from GDB
# Find system address
p system
xinfo system
#Find Exit address
p exit
#Chek if li… Read More
Intelligent Platform Management Interface (IPMI) is a hardware-based system management and monitoring tool that is widely used by sysadmins. It works independently of a host's BIOS, firmware… Read More
# Open a file with GDBgdb ./file#quitegdb -q .file#run the processrrun#run a processr 127.0.0.1 -c 1 #run PID; -q is for quiet mode gdb -q -p 1200#List the functionsinfo functions#find funct… Read More
Hello all, This is a simple cheat sheet for Hacking/Pentesting Captive Portals Enabled Wireless/Wifi networksBefore Starting the attack, it is recommended to Change your Device MAC Add… Read More
#nmap Scan for RPCnmap -sC -sV 10.10.10.10 -p111 -Pn> outputPORT STATE SERVICE VERSION111/tcp open rpcbind 2-4 (RPC #100000)| rpcinfo:| program version port/proto service| 100… Read More
SMB Enumerationsmbmap -H 10.10.10.10 //Check Privileges smbmap -H 10.10.10.10 -R --depth 5smbclient -L //10.10.10.10/ //List Sharessmbclient //10.10.10.10/Users //In… Read More
What is DPAPI ? According to wiki, DPAPI (Data Protection Application Programming Interface) is a simple cryptographic application programming interface available as a built-in componen… Read More
Linux Capabilities are used to allow binaries (executed by non-root users) to perform privileged operations without providing them all root permissions. There are currently 40 capabili… Read More
#Relay attacks - Capturing SMB hashes Import-Module .\Inveigh.ps1#Start collecting hashes, we will see hashes whenever a user tries to access something non-existant via SMBInvoke-Inveigh -Co… Read More
There is no doubt that Mac offers seamless operations and smoothness that very few other brands can deliver to escalate your convenience. However, despite this convenience of operations, PC… Read More
Hello Readers, Welcome to Hacking Dream. Today' post is on Active directory Penetration testing, this is a continuation of ACTIVE DIRECTORY PENETRATION TESTING CHEAT SHEET - RECON &… Read More
Hello Everyone, I am back after a long time. Today' post is on Active directory reconnaissance and gaining initial foot hold into the target active directory network. here i am going to shar… Read More
Getting your hands on the right smartphone hacking app can be very tricky. This is because there are plenty of options to choose from, with a vast majority of them failing to deliver on thei… Read More