diff --git a/-awesome-steganography.html b/-awesome-steganography.html new file mode 100644 index 0000000..f98941c --- /dev/null +++ b/-awesome-steganography.html @@ -0,0 +1,46 @@ +
Para o tutorial em português clique [aqui 🇧🇷]
Steganography is the art and science of writing hidden messages in such a way that no-one apart from the sender and intended recipient even realizes there is a hidden message.By contrast, cryptography obscures the meaning of a message, but it does not conceal the fact that there is a message. Today, the term steganography includes the concealment of digital information within computer files. For example, the sender might start with an ordinary-looking image file, then adjust the color of every 100th pixel to correspond to a letter in the alphabet—a change so subtle that someone who isn't actively looking for it is unlikely to notice it. +The larger the cover message is (in data content terms—number of bits) relative to the hidden message, the easier it is to hide the letter. +Stated somewhat more formally, the objective for making steganographic encoding difficult to detect is to ensure that the changes to the carrier (the original signal) due to the injection of the payload (the signal to covertly embed) are visually (and ideally, statistically) negligible; that is to say, the changes are indistinguishable from the noise floor of the carrier. +For this reason, digital pictures (which contain large amounts of data) are used to hide messages on the Internet and on other communication media. For example: a 24-bit bitmap will have 8 bits representing each of the three color values (red, green, and blue) at each pixel. If we consider just the blue there will be 28 different values of blue. The difference between 11111111 and 11111110 in the value for blue intensity is likely to be undetectable by the human eye. Therefore, the least significant bit can be used (more or less undetectably) for something else other than color information. If we do it with the green and the red as well we can get one letter of ASCII text for every three pixels.
The program uses 3 least significant bits (LSB) for red and blue channels and 2 LSB for the green channel. Using lossless compression (PNG), StegoShare provides about 40% capacity (in the 250Mb images you can hide 100Mb file). +Visually images looks that there are no any files embedded, human eye cannot detect the difference. +128-bit encryption makes detecting hidden file more difficult.
Simple and easy to use +Works on any platform that runs Java
apt install wget openjdk-8-jdk openjdk-8-jre
+wget http://downloads.sourceforge.net/stegoshare/StegoShare.jar
+java -jar StegoShare.jar
emerge openjdk
+emerge jre
+wget http://downloads.sourceforge.net/stegoshare/StegoShare.jar
+java -jar StegoShare.jar
Is a tool to send steganographed text messages to another computer over the network. The receiver must make a traceroute to the sender using the mtr program (and pressing d once to switch the display mode to the continuous graph). +This tool, the sender, creates several fake hops and makes them answer the ICMP packets (or not) to write the letters one by one on the mtr client screen.
It can print upper and lower-case letters.
It can print in normal or color-inverse mode.
It can loop forever.
It should work on your own localhost computer, on your LAN and over the Internet.
Is uses the Sinclair ZX Spectrum (1982) font.
You can select the TTL value on demand and therefore 'move' the text up and down the mtr graph.
apt install git mtr python3 python-scapy
+git clone https://github.com/stratosphereips/steganoroute.git
+cd ./steganoroute
+iptables -I INPUT -p icmp --icmp-type 8 -j DROP
+python3 ./steganoroute.py -i lo -m "MATRIX has You!" -l
+mtr -t yourlocalLANip
*MTR command used to list the message
emerge mtr
+emerge python
+emerge scapy
+git clone https://github.com/stratosphereips/steganoroute.git
+cd ./steganoroute
+iptables -I INPUT -p icmp --icmp-type 8 -j DROP
+python3 ./steganoroute.py -i lo -m "MATRIX has You!" -l
+mtr -t yourlocalLANip
*MTR command used to list the message
A lightweight tool that uses whitespace and tabs to hide information inside text files. Unlike other steganographic tools, snow does not rely on binary formats to encode secret data. This can be incredibly useful in cases where it is not possible to share large binary files.
Produces small files +Output text can be used on any program that accepts plain text
apt install stegsnow
+stegsnow -C -m "Encrypted Message Here" -p "angrypassword" infile outfile
+stegsnow -C -p "angrypassword" outfile
wget https://darkside.com.au/snow/snow.zip
+unzip snow.zip
+cd snow
+make
+cp snow /bin/
+snow -C -m "Encrypted Message Here" -p "angrypassword" infile outfile
+snow -C -p "angrypassword" outfile
Quick and easy to use
Uses checksums to verify the integrity of data
apt install steghide
+cd steghide
+steghide embed -ef topsecretfile.txt -cf photo.jpg -sf photoX.jpg
+steghide extract –sf photoX.jpg
wget https://ufpr.dl.sourceforge.net/project/steghide/steghide/0.5.1/steghide-0.5.1.zip
+cd steghide
+./configure
+make
+make check
+make install
+steghide embed -ef topsecretfile.txt -cf photo.jpg -sf photoX.jpg
+steghide extract –sf photoX.jpg
🇧🇷 Para o tutorial em português clique [aqui]
START FIREFOX AND DIGIT IN THE SEARCH BOX:
about:config
*Then press enter
Paste the command and search, then change the value:
network.http.pipelining |True
+ network.http.pipelining.maxrequests |32
+ network.http.proxy.pipelining |True
+ network.dns.disableIPv6 |True
+ plugin.expose_full_path |True
+ nglayout.initialpaint.delay |0
+ content.notify.backoffcount |5
+ ui.submenuDelay |0
+ browser.cache.memory.capacity |32768
+ layout.spellcheckDefault |2
+ browser.download.animateNotifications|False
+ security.dialog_enable_delay |0
+ network.prefetch-next |False
+ browser.newtabpage.activity-stream.feeds.telemetry |False
+ browser.newtabpage.activity-stream.telemetry |False
+ browser.ping-centre.telemetry |False
+ toolkit.telemetry.archive.enabled |False
+ toolkit.telemetry.bhrPing.enabled |False
+ toolkit.telemetry.enabled |False
+ toolkit.telemetry.firstShutdownPing.enabled |False
+ toolkit.telemetry.hybridContent.enabled |False
+ toolkit.telemetry.newProfilePing.enabled |False
+ toolkit.telemetry.reportingpolicy.firstRun |False
+ toolkit.telemetry.shutdownPingSender.enabled |False
+ toolkit.telemetry.unified |False
+ toolkit.telemetry.updatePing.enabled |False
+ reader.parse-on-load.enabled |False
+ reader.parse-on-load.force-enabled |False
+ browser.pocket.enabled |False
+ loop.enabled |False
If you want run it in reboot:
Have a nice day! :)
docker run -it IMAGE_ID_HERE /bin/bash
docker start $(docker ps -a -q --filter "status=exited")
docker start -a -i 'docker ps -q -l'
docker images
docker ps -a
docker exec -it CONTAINER_ID_HERE /bin/bash
apt install xfce-desktop xorg -y
passwd
iptables -A INPUT -i docker0 -j ACCEPT
apt update && apt upgrade && apt install novnc x11vnc tigervnc-standalone-server dbus-x11 python-py python3-pip -y
user > pip install numpy
+user > pip3 install numpy
dbus-launch
vncserver
/usr/share/novnc/utils/novnc_proxy --listen 8081 --vnc localhost:5900
CONTAINER_IP:8081/vnc.html
echo $(hostname -I | cut -d\ -f1) $(hostname) | sudo tee -a /etc/hosts
Para a versão em português clique [🇧🇷]
In the windows gui perform the following steps:
1.) Open the Local Group Policy Editor by hitting "Win + R" and typing: gpedit.msc followed by Ctrl + Shift + Enter.
2.) Navigate to Computer **Configuration\Windows Settings\Scripts (Startup/Shutdown).
3.) In the results pane, double-click Shutdown.
4.) Select the powershell tab
5.) In the Shutdown Properties dialog box, click Add.
6.) In the Script Name box, type the path to the script, or click Browse to search gorilazadah.ps1 in the Netlogon shared folder on the domain controller.
7.) Now add the clean.bat into scripts (Configuration\Windows Settings\Scripts)(double-click Shutdown).
All cache are cleaned by the clean.bat (Include all temp from Microsoft Teams) +Now all an administrator has to do is reboot the computer to perform windows updates smoothly. +The same steps can be performed in GPO to acomplish the same thing on multiple Windows machines at the same time. #profit
I needed a cool portfolio... so i created [this]. +Well. My hacking spirit ever want learn more; then i use threejs and reactjs to create a interative portfolio (check [here]). +But it's not sufficient for me. +After a few months of hard work i finished one of my best creations: A interactive [OpenBSD portfolio] with another two websites(listed above) inside.
apt install novnc psmisc x11vnc tigervnc-standalone-server xterm terminator wget dbus-x11 python-py python3-pip xfce4 xorg -y
tigervncserver -geometry 1366x768 -xstartup /usr/bin/terminator
/usr/share/novnc/utils/launch.sh --listen 8080 --vnc localhost:5901
http://SERVERIP:8080/vnc.html
fuser -k 8080/tcp
Debian: |
+apt update && apt upgrade && apt install sshpass pssh torsocks -y
Fedora:
dnf update && dnf upgrade && dnf install sshpass pssh tor torsocks -y
Gentoo:
emerge sshpass pssh tor torsocks
systemctl enable tor
+systemctl start tor
rc-service tor enable
+rc-service tor start
torify sshpass -p "segfault" pssh -A -i -H "root@lsd.segfault.net:22" uname -a
Go to Segfault interactive shell [here]
ssh@lsd.segfault.net
ssh@adm.segfault.net
Knowledge is power. Use it.
Have a nice day! :)
🇧🇷 Para o tutorial em português clique [aqui]
DEBIAN:
apt update && apt upgrade && apt install tor torsocks -y
GENTOO:
emerge tor torsocks
ARCH:
pacman tor torsocks -Syu
OPENSUSE:
zypper install tor torsocks -y
Clone the repo and open the torando.sh and change USERAQUI for your username. +Do the same on toroff.sh
git clone https://github.com/cristiancmoises/torando
+cd torando
+chmod +x *
+nano torando.sh
nano /etc/tor/torrc
Then paste in the end:
VirtualAddrNetwork 10.192.0.0/10
+AutomapHostsOnResolve 1
+TransPort 9040
+DNSPort 53
nano /etc/resolv.conf
chattr +i /etc/resolv.conf
nameserver 127.0.0.1
Go to the firefox and digit about:config then press enter.
about:config
OK, Now paste the command and search, then change the value:
network.proxy.socks_remote_dns |True
+browser.safebrowsing.enabled |True
+browser.safebrowsing.malware.enabled |False
cd torando
+ ./torando.sh
cd torando
+./toroff.sh
nano .bashrc
alias torando="./torando.sh"
+ alias toroff="./offtor.sh"
Dependencies
]Install
]Features
]Usage
] pip install pydantic
+ pip install asyncvnc
+ pip install aiohttp
git clone https://github.com/cristiancmoises/vncrevolver
+cd vncrevolver
| Some Features | +|------------------------------------------------------------------------------------| +| 🌎 Search for many open Vnc Servers around the world | +| 📍 Filter by country | +| 🔢 List more than one | +| 🖥️ List by Client name | +| ✅ Checks them for vulnerabilities by rebooting the machine via Ctrl+ALT+DEL, obtaining root access through the operating system bootloader easyly. |
python -m vncrevolver
python -m vncrevolver --clientname ubuntu --count 10
python -m vncrevolver --clientname ubuntu --count 10 --check_crt_alt_del
python -m vncrevolver --check_crt_alt_del 123.12.1.23:5901
START ME UP!
$ python -m vncrevolver --help
+
+usage: vncrevolver [-h] [--clientname CLIENTNAME] [--country COUNTRY] [--asn ASN] [--count COUNT] [--check_crt_alt_del [CHECK_CRT_ALT_DEL]] [--show_failed] [--screen_delay SCREEN_DELAY]
+
+optional arguments:
+-h, --help show this help message and exit
+--clientname CLIENTNAME
+ Filter by client name, note that it is case-sensitive!
+--country COUNTRY Filter by ISO 3166-1 alpha-2 country code
+--asn ASN Filter by ASN
+--count COUNT Number of VNCs to find
+--check_crt_alt_del [CHECK_CRT_ALT_DEL]
+ If you specify this parameter without a value, only those VNCs from the search that pass the ctrl_alt_del check will be returned. If a value is passed, it must be a VNC
+ address that will be checked against ctrl_alt_del.
+--show_failed Return VNCs that failed the ctrl_alt_del check
+--screen_delay SCREEN_DELAY
+ Delay between taking two screenshots in milliseconds
Use filters:
from typing import List
+from vncrevolver.search import VNC, search_filter
+
+hosts: List[VNC] = await search_filter(clientname='ubuntu')
+for vnc in hosts:
+print(vnc.ip, vnc,port)
Random Search
from vncrevolver.search import VNC, search_random
+vnc: VNC = await search_random()
+print(vnc.ip, vnc.port)
Ctrl + ALT + DEL - CHECK UP!
from vncrevolver.search import VNC, search_random
+from vncrevolver.vnc import check_crt_alt_del
+vnc: VNC = await search_random()
+print(await check_crt_alt_del(vnc.ip, vnc.port))
This is the personal website of Cristian Cezar Moisés. I am a student. (Pronouns: he, him, his).
Learning about cybersec,infosec and hacking.Information Security Graduate[Ftec]. My research focused on the Linux Servers Security.I'm a free software enthusiast.
I love code and unify projects like threejs + react Check my awesome interactive portfolio [here]. Outside of work, I'm a computerphile — I enjoy learning about and using programming languages .This site was written in the LISP dialect Scheme (GNU Guile, version 3.0.9) and built with the Haunt library (version 0.2.6) on Sun 18 Feb 2024 03:23:30 AM -03. The source code can be found on [GitHub]. Check my YouTube channel [SecurityOps].
A web operating system for you!
Just click [here] and visit now.
For the android app click[here]
All files are running on your local computer. Convert, play music, and more with this. +FasterOS is a web operating system created for help users in daily tasks and for help security enthusiasts and students.
-->--<--