Welcome back, my budding hackers! Metasploit, one of my favorite hacking/pentesting tools, has so many capabilities that even after my many tutorials on it, I have only scratched the surface of it capabilities. For instance, it can be used with Nexpose for vulnerability scann ...more
Welcome back, my hacker novitiates! In the previous part of this series, we looked at how to use Metasploit's web delivery exploit to create a script to connect to a UNIX, Linux, or OS X machine using Python. Many members of the Null Byte community have asked me, "Can we do t ...more
Hello friends! This tutorial will teach you how to build a local pentesting lab on your Linux machine which will enable you to easily install common web applications so you can practice locating and exploiting their known vulnerabilities (or discover new ones!). In particular, ...more
A hacker with privileged access to a Windows 10 computer can configure it to act as a web proxy, which allows the attacker to target devices and services on the network through the compromised computer. The probes and attacks appear to originate from the Windows 10 computer, m ...more
The latest film addition in the American-produced Millennium series, The Girl in the Spider's Web, was just released on Blu-ray a few days ago. As you could expect, the movie has many hacking scenes throughout, just like the previous English and Swedish language movies centere ...more
Welcome back, my novice hackers! In this third installment of my Hacking Web Apps series, we will look at the authentication of web applications. Remember, there are many ways to hack web applications (as I pointed out in my first article), and cracking authentication is just ...more
This video tutorial talks about browser exploitation. Particularly, it talks about tools, like BeEF, that can be used to hack known vulnerabilities within browsers and some cool frameworks that you can use to check the security of your own browser. To get started hacking your ...more
Welcome back, my budding hackers! With this article, I am initiating a new series that so many of you have been asking for: Hacking Web Applications. In previous tutorials, we have touched on some of the techniques and tools for web app hacking. We looked at web app vulnerab ...more
Welcome back, my hacker novitiates! Often, to hack a website, we need to connect to and exploit a particular object within said website. It might be an admin panel or a subdirectory that is vulnerable to attack. The key, of course, is to find these objects, as they may be hid ...more
Welcome back, my tenderfoot hackers! WordPress-based websites are among the most numerous on this planet (maybe other planets too, but I can't vouch for that). According to WordPress's own website, WordPress powers 23% of the top 10 million websites. That's approximately 2.3 ...more
Welcome back, my tenderfoot hackers! Now that we have begun this trip down web app hacking lane, we need to first address target reconnaissance. Like any hack, reconnaissance is critical. (Are you tired of me saying that yet?) There is no better telltale sign of a script-kid ...more
People use browsers for all types of things, and in general, we trust a lot of personal information to them. That's why browsers are a perfect attack surface for a hacker, because the target may not even know they are infected and feed you all of the information you could want ...more
Cheat Engine is a pervasive program that will attach to your browser when you play web games, and let you hack into the games and cheat. This tutorial focuses on the free web game Dragon Fable, and shows you how to use Cheat Engine to hack the game.
This tutorial will let you hack into a wide selection of web cams and online security cameras. The hack is actually quite easy, and is best done with a browser like Mozilla Firefox. Navigate to Google in your browser, and then type in "inurl:viewerframe?mode+refresh". This pie ...more
The Breach is one of the many popular online games available from Kongregate Games. Like any game, it can be rendered more enjoyable in the long-term by cheating at it. This video will show you how to use Cheat Engine 5.6 to hack the game and give yourself more experience poin ...more
You'd like to treat your friend to a drink from the vending machine, but you only have enough cash for one soda. What do you do? Learn this new Coke vending machine hack! It only works on the newer style vending machines, which use a conveyer belt to deliver your drink to yo ...more
This video demonstrates a way to hack a vending machine for change. First, you should press the top selection button four times, and then press the very last button three times. Then, hold the fourth button from the top and press the last button once more. If done correctly, t ...more
JamesKesn teaches you how to hack a vending machine. You must use a very specific machine and an exact combination of button presses. For this it is: far left Pepsi, near right Mountain Dew, near left Pepsi, far right Mountain Dew. Then far left Pepsi, near right Mountain Dew. ...more
Craving candy but have no change? Then listen closely to this hack. This con how-to video shows you how to hack a candy machine by creating fake quarters. This hack trick should also work on parking meters. Never pay for candy or meters again. Watch this video tutorial on YouT ...more
Learn how to con a vending Pepsi machine and access a secret (but benign) debug menu with this hack how-to video. While this hack won't get you any free soda, you might, at the very least, impress your friends with it. For complete instructions for this simple, pushbutton hack ...more
Get into a menu in the Coke machine. This video offers the code for hacking into a Coke machine menu. This may not work for every machine, but should work for some.
How to get a vending machine to pay you for its goodies, instead of you paying for them. First off, find a older vending machine, and insert your dollar bill as you normally would. Once you have entered it, you can select which ever item you want. Then quickly, before the item ...more
This past Sunday, a group called Gnosis launched a massive hacker attack on Gawker media, one of the web's most popular blog networks (Lifehacker, Gizmodo, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot). 1.3 million registered users' passwords were compromised, and 188 ...more
Welcome hackers. Hackacademic.RTB1 is vulnerable machine for training our skills.This machine can be download from free from here. There is many tutorial how to hack these machine but i did always be my self. Step 1: Recognize Open Ports First step is recognize open ports i ...more
Check out this video from CouponCodesHero on hacking a vending machine in no time. All you need is a little packing tape and some paper money, then fool the machine to either get free stuff, or use the "change" to get free money! Video: .
A vending machine is an invaluable yet totally frustrating piece of equipment. It's a godsend whenever your tummy's growling or you need an ice-cold drink on a hot summer day. But when something gets stuck inside or the machine flat-out malfunctions, it quickly becomes your ar ...more
Welcome back, my tenderfoot hackers! In this series, we are exploring the myriad of ways to hack web applications. As you know, web applications are those apps that run the websites of everything from your next door neighbor, to the all-powerful financial institutions that ru ...more
Welcome back, my tenderfoot hackers! Web apps are often the best vector to an organization's server/database, an entry point to their entire internal network. By definition, the web app is designed to take an input from the user and send that input back to the server or datab ...more
In this video, we learn how to hack a toy slot machine. If you time it right, you can win the jackpot yourself. You can slot the parts of the slot down with your just finger by pressing on them. You can also press down on the side of the slot just hard enough so you can press ...more
Stuck in the middle of London with only 1p in your pocket? If you're hungry, have lost your "A to Z" and need to know how to get free goodies out of a British vending machine, check this out! In this video, you will learn how to take a 1 pence coin, wrap it in tin foil and tri ...more
It only takes a minute to steal a U.S. Election! So, vote for your new president, and everybody else's new president by hacking away that Diebold ETS voting machine. Check out this video to see how to insert a virus into the voting system and control the elections. Those ball ...more
So 2000 was a wash for an election year; we put up with W for four years, then what happened? 2004! Lost again!!! Diebold you just can't seem to fade. Don't believe the elections were a fraud -- try out the legitimacy of the elections yourself. Princeton students present the ...more
Man, it's laundry day and once again you have NO quarters. Well, check out this video and you'll never need quarters again. This how-to shows how to pick the lock on a coin operated laundry machine and then rig it up so you'll never need to pay again. Sweeeet.
Want to visit a website only to find that it's been removed? With the Internet Archive's Wayback Machine, it's easy. So easy, in fact, that this home computing how-to from the folks at Easily can present a complete (and somewhat talky) overview of the process in just over two ...more
The Brother KH-930e knitting machine is an old but reliable device. It's age means that it doesn't like interfacing with modern computers though, so it's hard to get patterns from your computer to your machine so it will knit your project. Without this video it's hard, that is ...more
A long series of code is required to hack any JavaScript web page. Watch this video to learn how to hack a Java website to edit it for your pleasure.
This ultra clever mod of household junk makes for an ingenious variation on the carnival classic. The essence of this treat is basic carmelization. Start with juice. Heat. Spray liquid into air so that it crystallizes into a thready form resembling cotton. Or as the Aussies c ...more
Welcome back, my greenhorn hackers! Earlier in this series, I showed a you a couple of different ways of fingerprinting webservers. Probably the easiest way, is to use netcat and connect to port 80 and pull the webserver banner. The banner is simply the application advertisi ...more
For about a buck, you can make a fun Mini-Pinball machine out of a VHS, just follow the steps in this how-to video. This is a great toy for kids, or anyone that wants to make a cheap version of the arcade favorite. Bring the VHS pinball machine into the car to stay entertained ...more
Welcome back, my hacker novitiates! In an earlier tutorial, I had introduced you to two essential tools for cracking online passwords—Tamper Data and THC-Hydra. In that guide, I promised to follow up with another tutorial on how to use THC-Hydra against web forms, so here we ...more
Welcome back, my hacker noviates! In a recent post, I introduced you to Shodan, the world's most dangerous search engine. Shodan crawls the globe from IP to IP address, attempting to pull the banners of each web-enabled device and server it finds. These banners are what the ...more
Welcome back, my aspiring hackers! In this series on Linux for aspiring hackers, I'm trying to provide you with the basic skills needed to be capable in Linux as a hacker. One area that's critical that we haven't covered yet is building and managing an Apache web server. Apac ...more
It always sounds like a good idea to throw a party... until the party gets there. Next thing you know, you're running around hiding anything breakable, and once everyone leaves, you're stuck cleaning up the mess. But the worst part is footing the bill for everything, and if yo ...more
Security awareness seems to be a hot topic these days on the web, with developers making apps and devices that can hack networks and machines with just a few clicks. But these applications aren't only exploiting security flaws in systems and networks, they're being used by ama ...more
Your social security number, credit card information, and medical history can fall into the wrong hands if you're not careful about how and where you share your data online. If you really care about your data, there are tools and techniques you can utilize to protect yourself ...more
Welcome back, my novice hackers! There are SOOOO many ways to hack a system or network, which means you need to think creatively in order to be successful. Many novice hackers focus way too much energy on cracking passwords (which should be a last resort unless you have spec ...more
Welcome back, my novice hackers! New hackers often ask me the same question: "What is the easiest platform to hack?" My response is always the same—it is not a platform, but rather a particular piece of software that is easiest to hack, which is on nearly every client-side sy ...more
There are lots of simple "hack-like" fashion projects on the web, but kudos to the Glamourai for bringing Style into the equation. Her "Scarf-tan-ette" is surprisingly chic considering it's simplicity. Relatively uncomplicated to make, all you need is a couple vintage scarves, ...more
INTRODUCTION Hello dear null_byters here we go again with our third part of this serie. in this third part of our series I'd like to do a demonstration or continuation on fuzzing, but I think I should leave for later because the next tutorials about fuzzing will require from ...more
For over 20 years, a tiny but mighty tool has been used by hackers for a wide range of activities. Although well known in hacking circles, Netcat is virtually unknown outside. It's so simple, powerful, and useful that many people within the IT community refer to it as the "Swi ...more
Welcome back, my greenhorn hackers! Throughout this series on Metasploit, and in most of my hacking tutorials here on Null Byte that use Metasploit (there are many; type "metasploit" into the search bar and you will find dozens), I have focused primarily on just two types of ...more
Welcome back, my greenhorn hackers! A few years back, Microsoft implicitly recognized the superiority of the Linux terminal over the GUI-based operating system by developing PowerShell. Since Windows 7, every Windows operating system has had PowerShell installed by default, a ...more
In the previous article in this short series, we learned how to find our neighbor's name using publicly accessible information and how to monitor device activity on their home network. With this information at our disposal, it's time to get into installing and configuring the ...more
Warnings i cant be held responsible for any illegal act done by anyone but myself and there are copyrights so notise that taken the trademarks or copyrights are strigtly prohibeted by law and will be punshied by law and i or my partners cant be held responsible for sudo camma ...more
Command injection is a technique used by hackers to execute system commands on a server, usually via a web application or some kind of GUI. This can happen when an application provides some sort of functionality to the user involving the use of system commands. When the input ...more
File inclusion can allow an attacker to view files on a remote host they shouldn't be able to see, and it can even allow the attacker to run code on a target. To demonstrate these vulnerabilities, we'll be practicing PHP file inclusion using the Damn Vulnerable Web App. We'll ...more
JavaScript is one of the most common languages used on the web. It can automate and animate website components, manage website content, and carry out many other useful functions from within a webpage. The scripting language also has many functions which can be used for malicio ...more
Web applications are a prime target for hackers, but sometimes it's not just the web apps themselves that are vulnerable. Web management interfaces should be scrutinized just as hard as the apps they manage, especially when they contain some sort of upload functionality. By ex ...more
OnePlus has now officially upgraded both the 5 and 5T to Android 8.1 Oreo. As implied by the version number, this isn't a huge update from Android 8.0 Oreo. However, OnePlus has included a few of their own features as well. Android 8.1 Oreo acts more as a revision to Android ...more
One of the most critical bugs to come out in the last five years was Shellshock, a vulnerability which allows attackers to execute arbitrary code via the Unix Bash shell remotely. This vulnerability has been around for a while now, but due to the ubiquity of Unix machines conn ...more
How To:
Make Your iPhone Do All Your Talking for You on Calls and in Person
How To:
Add Website Shortcuts to Your iPhone's Home Screen for Fast Access to Web Apps and Bookmarks
News:
Apple Pencil 3 Is Almost Here — And It Comes with Squeeze Gestures and These Other Features
How To:
The Messaging Trick You Never Knew You Needed
How To:
Customize and Use Control Center on Your iPhone for Quick Access to Your Most-Used Apps, Features, and Settings
How To:
11 Features Coming to Apple News on Your iPhone with iOS 17.5 — Including Some Big Ones!
How To:
Apple's Integrating Game Center Leaderboards into News+ Puzzles with iOS 17.5
How To:
Apple Has a Killer New Word Game Puzzle Called Quartiles Hiding on iOS 17.5
How To:
Identify Any Song Playing on Instagram, TikTok, and Other Apps on Your iPhone Using Shazam
How To:
Apple News Gives You More Options for Automatic Downloads on iOS 17.5
How To:
27 New Features and Changes Coming to Your iPhone with iOS 17.5
How To:
Download and Install iOS 17.5 Beta on Your iPhone — And Try New Features Before Everyone Else
How To:
Download and Install iPadOS 17.5 Beta on Your iPhone to Explore New Features Before Everyone Else
How To:
Update Your iPhone's Lock Screen with an Attention-Grabbing Note, Reminder, Warning, or Other Custom Message
How To:
Your iCloud Email Lets You Create Aliases to Protect Your Primary Email Address and Organize Your Inbox
How To:
Use Your iPhone's Built-in Image Analyzer to Reveal the Hidden Meaning Behind Symbols, Signs, and More
Text Replacements:
The Secret Weapon to Typing More with Less on Your iPhone, iPad, or Mac
How To:
Focus Profiles Will Change How You Use Your iPhone — Here's How to Set Them Up for Distraction-Free Experiences
How To:
Force Restart an iPhone 15, 15 Plus, 15 Pro, or 15 Pro Max When It's Frozen, Glitchy, or Won't Turn On
How To:
Create Unlimited iCloud Email Address Variations to Take Total Control Over Your iCloud Mail Inbox
How To:
Make Your iPhone Do All Your Talking for You on Calls and in Person
News:
Apple Pencil 3 Is Almost Here — And It Comes with Squeeze Gestures and These Other Features
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
Warning:
Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone
How To:
Clone Any Android App on Your Samsung Galaxy Phone Without Using Any Third-Party Tools
How To:
Customize and Use Control Center on Your iPhone for Quick Access to Your Most-Used Apps, Features, and Settings
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Phish for Social Media & Other Account Passwords with BlackEye
How To:
Create an Admin User Account Using CMD Prompt (Windows)
How To:
Dox Anyone
How To:
Find All the Reels You Liked & Saved on Instagram
How To:
Keep Your Night Vision Sharp with the iPhone's Hidden Red Screen
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
See What Traffic Will Be Like at a Specific Time with Google Maps
How To:
Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Clear Your Frequently Used and Recent Emoji from Your iPhone's Keyboard
How To:
Use Odin to Flash Samsung Galaxy Stock Firmware
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Trigger iMessage Effects with Just a Keyword
Android Basics:
How to See What Kind of Processor You Have (ARM, ARM64, or x86)
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
Redstone Logic Gates:
Mastering the Fundamental Building Blocks for Creating In-Game Machines
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Crack a Combination Bike Lock in Under 30 Seconds
How To:
100+ Secret Dialer Codes for Your iPhone
Hacking macOS:
How to Hack a Mac Password Without Changing It
How To:
Inflate Any Ball Without a Pump or Needle
How To:
Solve the Rubik's Cube faster with shortcuts
How To:
Get Root with Metasploit's Local Exploit Suggester
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How To:
Use MDK3 for Advanced Wi-Fi Jamming
How To:
Boot Your Galaxy S20 into Recovery Mode or Download Mode
How To:
The Best Way to Send High-Quality Videos from Android to iPhone
How To:
Permanently Delete Text Messages on Your iPhone
How To:
11 Features Coming to Apple News on Your iPhone with iOS 17.5 — Including Some Big Ones!
How To:
Unlock the Bootloader on Your Google Pixel or Pixel XL
