ProCodeCG Kids Private Coding Class – White Hacking – 17 Feb 2020

Standard

The menu today is hacking an Android phone with Metasploit 😉

IMG_3218

while also cracking password with Hydra in the background 😉

IMG_3219

setting up Metasploit

IMG_3222

the tutorial on ProCodeCG Channel 😉

IMG_3225

generating trojan to be installed on the Android Phone

IMG_3226

the Upgrader.apk is generated

IMG_3227

waiting for the victim to run the app

IMG_3228 IMG_3229

IMG_3230

now we need to move the .apk file to the Android phone

IMG_3231

IMG_3232 IMG_3233

didn’t work with email

IMG_3234

we transfer the file using this

IMG_3235

it is downloaded

IMG_3236 IMG_3237

IMG_3238

we should lower down the security setting on the phone

IMG_3239

IMG_3240 IMG_3241

IMG_3242

it is installed

IMG_3243

but not detected yet on the Metasploit window

IMG_3244

we should figure out how to make this work in the next class

IMG_3245

we had compressed the .apk to make it less detectable by the security of the phone OS

IMG_3246 IMG_3247

IMG_3249

but still not yet succeeded 🙂

IMG_3250

alright will try it again next time 😉

IMG_3221 IMG_3220

*Photos and videos are also available here

ProCodeCG Kids Private Coding Class – White Hacking – 8 Feb 2020

Standard

Today we learn about networking and port scanning 😉

We started with identifying the IP addresses in our network

IMG_2433

IMG_2417

we do port scanning with nmap and then we observe and analyse the result

IMG_2411 IMG_2412

IMG_2413 IMG_2414

IMG_2415 IMG_2416

IMG_2420 IMG_2421

IMG_2422 IMG_2423

next is to install EtherApe

Screen Shot 2020-02-08 at 14.21.44

Screen Shot 2020-02-08 at 14.24.09

IMG_2424 IMG_2426

IMG_2427

IMG_2431

and paralelly learn how to crack password using hydra 😉

IMG_2429

IMG_2430

we do several things to optimize the time because cracking password took some time 😉

IMG_2425 IMG_2428

Rajwaa surely learned a lot today 🙂 He will learn about more cracking password in the next class 😉

IMG_2418 IMG_2419

*Photos and videos are also available here

ProCodeCG Kids Private Coding Class – White Hacking – 1 Feb 2020

Standard

Saturday Night Private Coding Class 🙂

We continue Kali Linux installation

IMG_1541

and while waiting Rajwaa continue to learn about system security

IMG_1542 IMG_1543

dinner 🙂

IMG_1544

because you need food to think

IMG_1545 2

installing is still in progress

IMG_1546 IMG_1547

loading

IMG_1548

and there you go: Kali Linux installed on a Virtual Box

IMG_1549

IMG_1550 IMG_1551

Rajwaa is following instructions on how to test Google Sign In vulnerability

IMG_1552 IMG_1553

IMG_1554

hacking his own account

IMG_1555

and we get the username and password (even when Rajwaa didn’t enter the correct password)

IMG_1556

then we installed AngryIP

IMG_1558

to learn and observe how many IPs connected to the same network 🙂

IMG_1559

will explore more things next week 😉

IMG_1560

IMG_1540

*Photos and videos are also available here

ProCodeCG Kids Private Coding Class – White Hacking – 24 Jan 2020

Standard

Today Rajwaa will start learning White Hacking 🙂

IMG_1036

a wifi adapter we will use to hack wifi later 🙂

IMG_1032

Rajwaa has to go through some coding and puzzle challenges to learn about basic security in system and computer

IMG_1033 IMG_1035

IMG_1037

IMG_1038 IMG_1039

IMG_1044

IMG_1045

IMG_1046

IMG_1047

while also installing Kali Linux so next time we can start to do some hacking 🙂

IMG_1040 IMG_1041

IMG_1042 IMG_1043

there are lots of interesting experiments in White Hacking for Rajwaa to do 🙂 Until next time 😉

IMG_1034

*Photos and videos are also available here

ProCodeCG Kids Private Class – White Hacking – 15 Aug 2019

Standard

Another hard work preparation for ProCodeCG Kids Coding Exhibition in two days!

IMG_8687

We’re going to hack wifi with Kali Linux on Virtual Box

IMG_8688

and this network usb adapter is essential to enable Kali Linux to recognize a wifi network 😉

IMG_8685

while one computer start hacking

IMG_8686

Ara is starting to follow the steps, starting with setting up the hardware 😉

IMG_8689

and then installing the driver

IMG_8690

IMG_8691

enable wifi monitoring

IMG_8695

start monitoring

IMG_8696

dumping the wifi data

IMG_8697

waiting for a handshake before start hacking

IMG_8698 Screen Shot 2019-08-15 at 17.55.59

the first attempt is failed because the password is too hard 😀

Screen Shot 2019-08-15 at 16.07.15

but we got this one and get the  wifi password: password 😀 because we changed to password into something easy to guess 😀 a word that is included in the dictionary 🙂

Screen Shot 2019-08-15 at 18.00.13

IMG_8702

and then we started to hack using rainbow table

Screen Shot 2019-08-15 at 19.18.47

Screen Shot 2019-08-15 at 19.19.38

it is not yet successful but we stopped it because we already done the hacking project with dictionary attack and it is enough for the exhibition. will get back to rainbow table after the exhibition 😉

IMG_8705

the other reason is this 😀 😀 😀 after 3 straight hours hacking, Ara said he’s got backpain and went like this LOLLLLL

IMG_8706

and he still got homework to do LOLLLL

IMG_8703 IMG_8704

see you on Saturday, Ara, we’ll do live hacking 😉

IMG_8684

*Photos are also available here

ProCodeCG Kids Private Class – White Hacking – 8 Aug 2019

Standard

Preparation for 17 August ProCodeCG Kids Exhibition 🙂

The first plan is to do wifi dumping and wifi monitoring with Kali Linux
IMG_8224

we tried many ways to enable wifi on kali linux

IMG_8225

but since we running kali linux on virtual box, airmon-ng could not recognize wifi connection

IMG_8226 IMG_8227

thus could not retrieve any data from any wifi connections

IMG_8228 IMG_8229

IMG_8230

so we changed plan to password attack 😉

IMG_8231

there are still several thing to research and setup before we’re ready for exhibition 🙂

IMG_8223

ProCodeCG – Kids Private Class – White Hacking – Day #5 – 17 June 2019

Standard

The last day already 🙂 *but don’t worry Ara will still take the class regularly after this 😉

IMG_3764

Our to do list for today 😉

IMG_3765

And then Ara is installing DVWA for like the 10th times 😀

IMG_3766

it didn’t work on Ara’s laptop but worked well on the Mac

IMG_3768

this time Ara got this .php file which is a good sign

IMG_3769

got some problems with dpkg but we fixed this

IMG_3770

the point is that we’re going to make the target use a proxy that has been intercepted by BurpSuite to get the session id to be used by Hydra to crack the password 😀

IMG_3771

DVWA installation and setup success 🙂

IMG_3772

IMG_3773

now loading the BurpSuite

IMG_3774

setting up the browser to use proxy manually (directed to BurpSuite)

IMG_3775

setting up BurpSuite

IMG_3776

and cracking up password using Hydra 🙂

IMG_3778

ok all task for today is accomplished, very well done! 🙂

*Photos and videos are also available here