The use of the SocialFish is COMPLETE RESPONSIBILITY of the END-USER. Developer assume NO liability and are NOT responsible for any misuse or damage caused by this program.
"DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." Taken from LICENSE.
How do I find phishing pages generated by this tool?
Search with this dork:
intitle:"There's a Phishing Page generated by SocialFish in this website."
Donation
If you liked our work and want to support us, you can donate :D
AndroRAT is
an open-source tool that was created and published on the Internet in
November 2012, it is a RAT (Remote Access Tool) for Android OS and
exactly as any other RATs, it allows a remote attacker to control the
victim. Usually the RATs have a user friendly control panel that makes
possible the control of victims, in the same way AndroRAT can control,
make phone calls and send SMS messages of infected devices, it is also
able to get its GPS coordinates, access to files stored on the handset
and activate and use the microphone and camera. The fact that Android OS
has increased its popularity has had as consequences an increase of
malicious code developed for the Google’s platform, RATs included.
The
principal problem related to the diffusion of tools such as AndroRAT is
that they don’t need a particular expertise to be used by cybercrimanals, a
few steps could transform a criminal in a dangerous hacker. Using the
AndroRAT with binder an attacker could steal sensitive information from
victims and use the handset remotely, following a few operations allowed
to ill-intentioned.
All the available functionalities are
Get contacts (and all theirs informations)
Get call logs
Get all messages
Location by GPS/Network
Monitoring received messages in live
Monitoring phone state in live (call received, call sent, call missed..)
You
need to open port you want to use. To do that Open Control panel >
Network & Internet > Network & Sharing centre Then click on
see full map option Right-Click on the Gateway or router>Properties
In general tab, Go to settings , Click on add In Description of service ,
Write Androrat Now you have to check your ip, To Do this , open command
prompt, type ipconfig, Scroll To ethernet Adapter local area
connection,and note down the ipv4 address Now come back to Add window ,
in the name or ip address type the ipv4 address you have noted Now in
the external & internal port number , type 81 , tcp should be
selected, click ok Now click on Add button again…Now in Description ,
write androrat 1 In the name or ip address, type the ipv4 address you
have noted Now in the external & internal port number , type 81 ,
udp should be selected, click ok.
Now extract the file , Open AndroRat Binder.exe.
Go to No-ip tab and fill your information & click on update.
Go to Build Tab.
In IP section, type the hostname you have created by no-ip.
In port section , type 81.
In apk title ,Type any title you want.
Check the hidden box to hide the apk from mobile’s app drawer.
Click on Go.
Now you will see the apk with the title you have given in the extracted folder.
Now install that apk to any android mobile phone.
You will find a folder named Androrat in the extracted files.
Open Androrat>Androrat.jar (you should have java installed in your pc to open it).
Now click on server> Select port and enter 81, click ok & restart it.
Now , as soon as the android client is online , you will find it on the jar file ……select any server online.
hello my dear colleagues, I made a visit to nullbyte and found that
there is not a complete tutorial about the google dorks, so I felt the
need for this tutorial, and seeing that there are many newbies around,
so here's a tutorial that will teach you how to use google to hack.
The concept of "Google Hacking" dates back to 2002, when Johnny Long
began to collect interesting Google search queries that uncovered
vulnerable systems and/or sensitive information disclosures - labeling
them googleDorks. some people call it googlehacking.
Google: If you still do not know what is google, then you need to take a crash course in "how to use the internet"
Dork:Someone who has odd interests, and is often silly at times.
A dork is also someone who can be themselves and not care what anyone thinks
In my opinion A Google dork is an employee who unknowingly exposes sensitive corporate information on the Internet.
As
a passive attack method, Google dorking can return usernames and
passwords, email lists, sensitive documents, personally identifiable
financial information (PIFI) and website vulnerabilities.
That
information can be used for any number of illegal activities, including
cyberterrorism, industrial espionage,identity theft and cyberstalking
2-OPERATORS
Similar to intext, but searches for all terms to be present in the text.
site
Limits the search to a specific site only. site:nullbyte.com
3- THE FORMULA OF GOOGLE DORKS
Dorks : They are like search criteria in which a search engine returns results related to your dork.
The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.
Basic Formula of dork,
"inurl:."domain"/"dorks" "
So you would normally understand it like this:
"inurl" = input URL
"domain" = your desired domain ex. .gov
"dorks" = your dork of your choice
Here is another example of that
You can use following words instead of inurl :
intitle:
inurl:
intext:
define:
site:
phonebook:
maps:
book:
froogle:
info:
movie:
weather:
related:
link:
All these also help yo find other things then vulnerables.
Anyway now I am going to explain you how to use some for finding vulnerability in websites.
INTITLE:
You
can use the intitle to find anything in the title of the website. Which
also could be usefull to find downloads or anything else.
intitle: index of mp3
This is an example to download mp3 songs for free.
INURL:
The inurl basicly looks for anything after the : in the site urls.
inurl:index.php?id=
INTEXT:
you can find literally everything using intext, you could even use the inurl dorks whit this.
intext:"Design & Developed By Seawind Solution Pvt.Ltd."
Google will give you all the websites created by IT Masons taht recently has bypass Admin Page Vulnerability in some websites,
to try just choose a target from google and add this to the url /adminpanel/
And fill username and password like the information below :
Username : '=' 'OR'
Password : '=' 'OR'
and you will get the admin panel of the website some example: http://www.vulnerablewebsite.com/adminpanel/index.php
DEFINE
Google will define this massage and will look for what had this error for example,
define:"sql syntax error"
SITE:
Obvious, when we will use it, google will looks for a site .
site:wonderhowto.com
Google will look for any site related with wonderhowto.
PHONEBOOK:
It will look for the phone number related to me, so use your victims name or yours instead.
phonebook:Mrnakupenda
MAPS:
Google will look on google maps for your search.
BOOKS:
Google has an online library store. If you want to find interesting books use this dork.
book:java language
This will look for any book gogole hase indexed whith java language in it.
FROOGLE:
Used for froogle search instead of google.
INFO:
google looks for anything you inputted but only information about string which you have puted next to info: .
info:firefox
Above dork will show you alot off things about firefox like what is firefox etc.
MOVIE:
You can find information about movies on google using this dork.
movie:watch Transformers online
WEATHER:
You can find information about weather on google using this dork.
weather: 01/08/2015 london
RELATED:
This will look for anything related to what you have entered next to related: .
related:hacking
Google responds whith sites about hacking stuffs.
LINK:
This
one will works better instead of only looking in search url, it will
also look in the site for urls that possibly are vulnerable.
link:index.php?id=
This is verry usefull I would say even more then inurl.
Vulnerability Approach :
Once
you search website using above dorks, now its time to check whether the
website is vulnerable to SQL injection or not, we simply put in a quote
" ' " at the end of the url address.
So our site will look like this, http://www.site.com/index.php?id=123;
i will explain how to proceed advanced sqli in the next tutorial
4-SOME EXTRAS
As far as i researched Google Dorks can help us getting the data of many websites.
These are some Google Dorks which can affect our online business:
site:.com intitle:"Thank You For Your Order" intext:Click Here to Download
site:.com intitle:"Thank You For Your Purchase" intext:Click Here to Download intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonus inurl:/thankyou.html intitle:Thank you for your order! intext:Click Here to Download
5-CONCLUSION
Google
dorks are very important, so I advise before you start your exploits
against a particular victim the best way is to use google and see what
you can find about the victim, and believe me, byt using google, a lot
of times I did not even turn on Linux kali, by simple search on google, I
found the password of my victim.
6- USEFUL WEBSITES
As far as i researched the best website for fresh google dorks is the exploit db website https://ww.exploit-db.com
here you will find fresh google dorks and you can also submits yours.
another cool website is http://www.google-dorking.com
you can also mention some websites here
to say that the best way to learn is by teaching, so I'm here to share what I know, and as always
I hope you will make correction where I'm wrong, because it is from mistakes that we learn ..
Opciones: -gd : Google Dork -bd : Bing Dork -l : Archivo con links para analizar -p : Numero de paginas para buscar -f : Archivo donde se guardaran los logs
Here is how you can control your PC/laptop with your Android smartphone/tablet using it either as keyboard or mouse.
Android
OS has increased the overall usage domain of mobile phones in a short
period of time. Since it is always fun to do the awesome things with
your smartphone, we are presenting a new way to use your Android
smartphone/tablet. That is as a keyboard or mouse for your PC.
Before
we begin, you must know this “this process will only work with Intel
based PCs”. Now first of all you have to get Android Remote Keyboard App
and software.
How to Set Up Intel Remote Keyboard
Download and install the Intel Remote Keyboard Host
on your Windows PC. You will need to choose x86 or x64 depending on
your Windows. If you aren’t sure what you are running, there are four
easy ways to know if you’re on 64-bit Windows. (Important: Make sure your Android and Windows devices are connected to the same Wi-Fi network.)
On your Android phone, tap the Windows device name.
Your
Windows PC will now show a large QR code. Just scan it with your
Android smartphone’s camera (following the on-screen instructions) and
the two devices will be paired.
You’re all set!
What you can do:
The App is basically a virtual trackpad and keyboard for your computer. You can use it in portrait or landscape mode.
In
portrait mode, your screen is divided into the trackpad area on the top
and keyboard at the bottom. Intel’s keyboard looks much like any
Android keyboard, but also has a Windows button, an Esc button, and the
four arrow keys.
remote keyboard
Stuff which should have been there:
There
could be some enhanced controls to fully optimise the facility. First,
there is no “continuous scrolling” , that means you have to touch scroll
button many times for scrolling upto a large distance. Second there is
no “direct volume control” , since it is always convenient to adjust
volume by using a dedicated key than to use mouse. We firmly expect that
these features will be added in the upcoming updates.
.
