If you've updated your iPhone 4S or iPad 2 to a version of iOS 7, iOS 8, or even iOS 9, you've probably noticed that its performance is a little more sluggish than it was back when it had iOS 6 and lower on it. Now, thanks to a tutorial from tihmstar, you can downgrade the op ...more
Google TV gives the new Chromecast a home screen full of curated content from your various streaming subscriptions, but it's just that — a home screen app. Underneath, Google's new dongle is running Android TV, meaning its home screen is just a launcher that can be installed o ...more
UnrealIRCd is an open-source IRC server that has been around since 1999 and is perhaps the most widely used one today. Version 3.2.8.1 was vulnerable to remote code execution due to a backdoor in the software. Today, we will be exploiting the vulnerability with Metasploit, exa ...more
Websites are often misconfigured in ways that allow an attacker to view directories that are not ordinarily meant to be seen. These directories can contain sensitive information such as private credentials or configuration files that can be used to devise an attack against the ...more
Ports allow network and internet-connected devices to interact using specified channels. While servers with dedicated IP addresses can connect directly to the internet and make ports publicly available, a system behind a router on a local network may not be open to the rest of ...more
With a tiny computer, hackers can see every website you visit, exploit services on the network, and break into your Wi-Fi router's gateway to manipulate sensitive settings. These attacks can be performed from anywhere once the attacker's computer has been connected to the rout ...more
Barrow's article on Pupy made me wish for a RAT that could target an OS frequently used by gatekeepers at startups, tech companies, and creative firms: macOS. Once run, a RAT can do severe damage by dumping a user's stored credentials for many accounts. The best loot lives in ...more
Samsung's One UI 3.0 skin is built on top of Google's Android 11 open source code base, which means you get all of the standard features, plus some cool bonus stuff from Samsung. However, it's one of those standard AOSP features that you might find most useful if you send a lo ...more
Wish your home wireless network was faster? You can always buy a signal booster, but if you'd rather not spend the money, here are a few tips and tricks to speed up your wireless connection, including how to make a homemade signal booster with things you probably already have ...more
Every Windows system includes command prompt; and while a lot of people on Null Byte and WonderHowTo in general know how to use it, some people don't know anything about it, even how to access it. Even if you aren't a Windows user, it's good to know how command prompt works b ...more
Bash scripting is a convenient way to automate things on any Linux system, and we're going to use it here to automate certain tasks we use all the time. Bash is a simple language for stringing together several different Linux utilities. Its simplicity makes it easy for beginn ...more
If you want to carry a variety of network adapters without looking suspicious, a perfect solution is accessing them through Airserv-ng. Tucked away in the Aircrack-ng suite, this tool allows a hacker to plug any number of network adapters into a Raspberry Pi and access them ov ...more
With Virtual Network Computing, you don't need to carry a spare keyboard, mouse, or monitor to use your headless computer's full graphical user interface (GUI). Instead, you can connect remotely to it through any available computer or smartphone. Virtual Network Computing, be ...more
When hacking into a network during a penetration test, it can sometimes be useful to create your own wireless AP simply by plugging a Pi into an available Ethernet port. With this setup, you have your own backdoor wireless connection to the network in a matter of seconds. Crea ...more
Welcome back, my hacker novitiates! In previous guides, we have used one of the most powerful hacking platforms on the planet, Metasploit, to perform numerous hacks. They ranged from exploiting Windows XP and Windows 7/8 vulnerabilities, to installing a keylogger and turning ...more
Hackers rely on good data to be able to pull off an attack, and reconnaissance is the stage of the hack in which they must learn as much as they can to devise a plan of action. Technical details are a critical component of this picture, and with OSINT tools like Maltego, a sin ...more
The tactic of brute-forcing a login, i.e., trying many passwords very quickly until the correct one is discovered, can be easy for services like SSH or Telnet. For something like a website login page, we must identify different elements of the page first. Thanks to a Python to ...more
In the world of technology, there's often a trade-off between convenience and security. The Java Remote Method Invocation is a system where that trade-off is all too real. The ability for a program written in Java to communicate with another program remotely can greatly extend ...more
It's common for IoT devices like Wi-Fi security cameras to host a website for controlling or configuring the camera that uses HTTP instead of the more secure HTTPS. This means anyone with the network password can see traffic to and from the camera, allowing a hacker to interce ...more
A powered-off Windows 10 laptop can be compromised in less than three minutes. With just a few keystrokes, it's possible for a hacker to remove all antivirus software, create a backdoor, and capture webcam images and passwords, among other highly sensitive personal data. The ...more
Passwords and data stored in web browsers are extremely valuable to hackers. If not for financial gain, black hat hackers may still leak your passwords and personal information for amusement. Never undervalue what you're worth to a hacker. While I'm definitely no black hat, d ...more
Welcome back, my greenhorn hackers! In previous Wi-Fi hacking tutorials, I have shown you ways to create an Evil Twin, to DoS a wireless AP, and to crack WEP and WPA2 passwords, but in this tutorial, I will show you something a little bit different. In many restaurants, hote ...more
What you see when you open the Play Store is completely dependent on your country settings. Search results and top charts are specific to each region and there are lots of popular apps and games that simply won't show up unless your Play Store country matches up. Until recent ...more
Welcome back, my rookie hackers! The more we know about a system or network, the better our chances of owning it and not leaving a trace for investigators to follow. One of the often overlooked sources for information is the Simple Network Management Protocol (SNMP). Many roo ...more
Welcome back, my fledgling hackers! There's an evil dictator hellbent on destroying the world, and in one of our last hacks, we successfully compromised his computer and saved the world from nuclear annihilation. Then, we covered our tracks so no one would know what we did, a ...more
Hello everyone! How's subnetting going? Did you practice a lot? I hope you did, but even if you didn't we will go through some more examples so you can be feeling confident after reading this article. It's all about that bad boy binary! We will move from the previous article' ...more
Developing GUI apps in python is really cool. I ask those who understand the language to help convert some of the command-line or console programs or apps ( I mean programs that are useful to a hacker ) to GUI. I know GUI makes us lazy and not wanna learn but we should all kno ...more
Man-in-the-Middle attacks can prove to be very useful, they allow us to do many things, such as monitoring, injection, and recon. What Is a Man-in-the-Middle Attack? Essentially, a man-in-the-middle attack is when an attacker places them self between two parties. This passes ...more
Automating port scanners, directory crawlers, and reconnaissance tools can be complicated for beginners just getting started with Kali Linux. Sparta solves this problem with an easy-to-use graphical interface designed to simplify a penetration tester's tasks. Sparta, authored ...more
Welcome back, my rookie hackers! "How can I travel and communicate over the Internet without being tracked or spied on by anyone?" It's a question many Null Byteans have asked me, so I have decided to write a comprehensive article addressing this issue. There are a multitude ...more
Welcome back, my hacker apprentices! I recently began a new series on digital forensics to show aspiring hackers what the forensic investigator can do and see while investigating a cyber attack. This is the second installment in that series and will focus upon network forensi ...more
Aircraft equipped with ADS-B are constantly shouting their location into the radio void, along with other useful unauthenticated and unencrypted data. In this guide, we will make an ADS-B receiver using a Raspberry Pi with a software-defined radio (SDR) dongle, which we can us ...more
SMB (Server Message Block) is a protocol that allows resources on the same network to share files, browse the network, and print over the network. It was initially used on Windows, but Unix systems can use SMB through Samba. Today, we will be using a tool called Enum4linux to ...more
Local port forwarding is good when you want to use SSH to pivot into a non-routable network. But if you want to access services on a network when you can't configure port-forwarding on a router and don't have VPN access to the network, remote port forwarding is the way to go. ...more
You need a good microphone on your computer in order to make audio recordings, voice chat, or use speech recognition. However, not every computer comes with a built-in mic, and not every built-in mic works great. You can purchase a cheap computer microphone on Amazon for as l ...more
Welcome back, my greenhorn hackers! I recently began a series on scripting and have received such positive feedback that I'm going to keep this series going. As I've said before, to graduate from the script kiddie to the pro hacker, you'll need to have some scripting skills. ...more
Hello guys I am ROMEO 64 (sounds weird I guess but who cares. :D).. Alright....Ever wondered what happens when you login to your Facebook account? WARNING - geeky stuff ahead! Quit now if sleepy :D You cannot imagine how much of hidden stuff happens when you press your login ...more
Welcome back, my novice hackers! Episode 6 of Mr. Robot has come and gone and, as usual, it did not disappoint. Once again, our hero, Elliot, has used his extraordinary intellect and hacking skills to awe and inspire us. In this episode, Elliot is being blackmailed by the ru ...more
One of the best ways to improve your skills as a hacker is to learn to combine different avenues of attack to achieve success. What if it were possible to get a victim to connect to our machine and execute a chosen payload on our behalf? This is indeed possible with the almigh ...more
It's been said time and time again: reconnaissance is perhaps the most critical phase of an attack. It's especially important when preparing an attack against a database since one wrong move can destroy every last bit of data, which usually isn't the desired outcome. Metasploi ...more
Particular vulnerabilities and exploits come along and make headlines with their catchy names and impressive potential for damage. EternalBlue is one of those exploits. Originally tied to the NSA, this zero-day exploited a flaw in the SMB protocol, affecting many Windows machi ...more
I have came across a lot of members on the forum that didn't have a clear idea of what port forwarding is and what it does. So...Let's get started... Your router is blocking outside traffic from coming inside the network for security reasons (Kind of, like, a firewall level), ...more
It seems like every day now that we see a new headline on a cyber security breach. These headlines usually involve millions of records being stolen from some large financial institution or retailer. What doesn't reach the headlines are the many individual breaches that happen ...more
As you might know, there are a multitude of tools used to discover internal IP addresses. Many of these tools use ARP, address resolution protocol, in order to find live internal hosts. If we could write a script using this protocol, we would be able to scan for hosts on a giv ...more
PirateBox is a great way to communicate with others nearby when cellular and Wi-Fi networks aren't available. With it, you can anonymously share any kind of media or document and even talk to one another by voice — without being online. However, it needs a Raspberry Pi, which ...more
This tutorial follows the same idea as my original tutorial for windows, but I've redone it to work with Mac OS X. Here's how to get a meterpreter session from your victim opening a malicious word document: Step 1: Creating the Payload For this tutorial, I'll be using a pyth ...more
UPDATE: This post is outdated, the latest version with the correct links and updated instructions can be found at my blog, here - https://techkernel.org/2015/12/19/embed-metasploit-payload-in-apk-manually/ Hi guys, I'm here again with my second tutorial, as I promised. Metas ...more
The public leaks of NSA tools and information have led to the release of previously secret zero-day exploits such as EternalBlue, which was used in the notorious WannaCry ransomware attack. Despite multiple patches being released, many users have failed to update their systems ...more
In a previous guide, I demonstrated how to extract images from a security camera over Wi-Fi using Wireshark, provided you know the password. If you don't know the password, you can always get physical with the Hak5 Plunder Bug. Using this small LAN tap, we can intercept traffi ...more
Imagine for a moment that a VPN is like putting on a disguise for your computer. This disguise works to change your IP address, secure your traffic with encryption, and mask your location to bypass regional restrictions. This makes it a helpful tool for both whistleblowers and ...more
EternalBlue was a devastating exploit that targeted Microsoft's implementation of the SMB protocol. Metasploit contains a useful module that will automatically exploit a target, as long as it's vulnerable. But what if we wanted to exploit this vulnerability without Metasploit ...more
If you need to do some hardcore multitasking on your Windows PC, a second monitor can go a long way towards getting things done. If you opt to "extend" your Windows desktop across a dual monitor setup, it's as if you have two computers side by side, with each display getting i ...more
Social Engineering was mentioned a few times here on Null Byte, but not very many explained what it is, or how to do it. I love this quote because it's true: Social Engineering is the key to carrying out client side attacks, and all you need is a little creativity! Social Eng ...more
It only takes a few commands to manipulate a MacBook's secure HTTPS traffic and pluck login passwords out of the encrypted data. Let's take Facebook and Gmail hacking to the next level by intercepting Safari and Google Chrome web traffic in real time. Both Facebook and Gmail ...more
Keeping your online data and identity private is an uphill battle, but with the anonymity network Tor, you have a pretty decent line of defense from prying eyes. But while Tor is great for desktop users, since they can simply install a Tor browser or plugin, it's a bit more c ...more
On the latest iOS software, your iPhone comes with significant privacy and security enhancements to protect your data even more than Apple did before. From safeguarding your iPhone to passcode-protecting files to making it easier to browse the web safely, there's a lot you nee ...more
School internet filters serve a valid purpose—they keep students from wandering off into the deep corners of the web while still allowing at least some internet access. But a lot of these restrictions are completely ridiculous, to the point where some school districts block ac ...more
Hello ladies and gentlemen, welcome back to the Part 2 of our UDP & Wireshark adventure as I promised. Last time we discussed about what DNS is and how it uses UDP as its transport protocol but we left some unexplained parts behind and I'm about to investigate those with you. ...more
For the most part, transferring files from your computer to your Nexus 7 (and vice versa) is a simple process. Just hook up your tablet to your computer with the USB cable and transfer. However, most of the time you'll need additional software on your computer to do this, and ...more
All of my hacks up to this point have been operating system hacks. In other words, we have exploited a vulnerability usually in an operating system service (SMB, RPC, etc.) that all allow us to install a command shell or other code in the target system. As I have mentioned nu ...more
How To:
19 New Messages Features in iOS 18, iPadOS 18, and macOS 15 You Didn't Know You Needed
How To:
Master iOS 18's T9 Dialing for Lightning-Fast Contact Searches on Your iPhone
How To:
Apple Messages Lets You Switch Rich Link Previews and Use Plain Text URLs for Webpages More Easily — Here's How
How To:
11 Ways Apple's Reminders App Is Even Better with iOS 18, iPadOS 18, and macOS 15
How To:
Your iPhone's Hidden Back Tap Button Has 6 More Actions Available with iOS 18
How To:
Your iPhone's Clock App Just Got a Big New Feature with iOS 18
How To:
Your iPhone's Action Button Has Way More Actions to Choose From — Here's What's New and Changed with iOS 18
How To:
11 New Features on iOS and iPadOS 18 That'll Make Apple Notes Your Go-To Productivity App
How To:
12 New Home Screen Features iOS 18 and iPadOS 18 Has for Your iPhone or iPad
How To:
Your Lock Screen Just Got 13 Times Cooler with iOS 18 and iPadOS 18
How To:
Apple's Messages App Has Some Cool New Text Editing Features and Effects for iMessage — Here's How It All Works
How To:
22 Features the iPhone 16 and 16 Pro Models Have That Other iPhones Don't
How To:
21 iPhone 16 Pro Features You Won't Find on Apple's iPhone 16 or 16 Plus
How To:
These Are the Only Differences Between iPhone 16 Pro and 16 Pro Max
How To:
iPhone 16 Series — Preorder and Release Dates, Prices, and Where to Get One
How To:
11 New Apple Maps Features That Improve Hikes, Search, Favorites, Saved Locations, and More on Your iPhone
How To:
Create Custom Offline Routes for Walks and Hikes in Apple Maps
How To:
Safari's New Summary Feature Boils Webpages Down to Key Highlights for You — Here's How It Works
How To:
Apple's Weather App Just Got 13 New Features and Changes in the Latest iPhone Software Update
How To:
The Easiest Way to Find, Share, and Manage Wi-Fi Passwords Your iPhone and Other Apple Devices Auto-Saved for You
How To:
19 New Messages Features in iOS 18, iPadOS 18, and macOS 15 You Didn't Know You Needed
How To:
Apple's Messages App Has Some Cool New Text Editing Features and Effects for iMessage — Here's How It All Works
How To:
12 New Home Screen Features iOS 18 and iPadOS 18 Has for Your iPhone or iPad
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
Clone Any Android App on Your Samsung Galaxy Phone Without Using Any Third-Party Tools
How To:
Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone
How To:
11 New Features on iOS and iPadOS 18 That'll Make Apple Notes Your Go-To Productivity App
How To:
16 Harry Potter Spells for Siri That Turn Your iPhone into a Magical Elder Wand
How To:
Schedule Messages to Send Later Automatically Using iMessage
How To:
Dox Anyone
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
13 Tips Every Apple Pencil User Needs to Know for iPad
How To:
Find music and movies easier using "insite" in Google
How To:
Make Siri Say Whatever You Want Every Time You Connect Your iPhone to a Charger
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Turn Your iPhone into a Bedside Clock, Digital Photo Frame, or Full-Screen Smart Display with iOS 17
How To:
Activate Your Samsung Galaxy's Vault to Keep Your Apps, Files, and History Safe from Prying Eyes and Hackers
How To:
19 Harry Potter Spells Your Android Phone Can Cast Using Google Assistant
How To:
Roll Sushi—The Ultimate Guide
How To:
Lock and Hide Apps on Your iPhone or iPad — The Official Way
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Turn Any Website into a Full-Screen App on Your iPhone
How To:
Your iPhone's Status Bar Can Actually Be Customized — Here's How
How To:
CC in a Physical Business Letter
How To:
Group Texts Split into Separate Conversations on Your iPhone? Here's the Fix
TWRP 101:
How to Make a NANDroid Backup & Restore Your Entire Phone
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Seamlessly Transfer a FaceTime Call to Your iPhone, iPad, or Mac Without Disconnecting It
How To:
Easily Change Your Play Store Country to Download Region-Locked Apps & Games
How To:
Uninstall Bloatware Without Root or a PC Using Android's New 'Wireless Debugging' Feature
How To:
Permanently Stop Any App from Updating on the Play Store — No Computer Needed
How To:
Inconspicuously Sniff Wi-Fi Data Packets Using an ESP8266
How To:
iOS 17.6 Has 13 New Features and Changes for iPhone You Need to Know About
How To:
Find & Recover Apple Notes Stored in Gmail, Yahoo, Outlook, AOL & Other Third-Party Mail Accounts
How To:
Send Star Wars Emoji in Text Messages & Chats
How To:
Make the Platonic Solids Out of Playing Cards
Text Replacements:
The Secret Weapon to Typing More with Less on Your iPhone, iPad, or Mac
How To:
Save Your iPhone's SHSH2 Blobs So You Can Downgrade iOS for Future Jailbreak Methods
How To:
Create Your Own Search Engine for More Privacy & Zero Trust Issues
