What's new

Tutorial How to hunt payload (hard, normal, and easy way)

Kaidus

Forum Guru
Joined
Jul 16, 2017
Posts
4,112
Reaction
4,459
Points
1,263
First of all I know that maybe or almost don't know how to hunt payload on their own, so I make this tutorial to let others hunt payload (free sites/bug sites) on their own.

I have here hard, normal and easy way to hunt payload


HARD WAY
What you need?
•tPacketCapture
•Pcap app or any app that can open the file
•Download the app on playstore


HARD way to hunt payload, before you're going to hunt payload you need first an app called (tPacketCapture) this app lets you record your local traffic between your Android device and the connected network.

How to use this app, first you need free sites that you know before you need to use this app (e.g facebook(.)com, freebasics and more)

So let's start, first ON your data and search any free sites to surf on, see the picture below;
Screenshot_2017-11-01-14-37-50.png
Then open tPacketCapture and click CAPTURE;
Screenshot_2017-11-01-14-38-11.png
Screenshot_2017-11-01-14-38-19.png
After you click capture, click and click and click the refresh button on the upper right side, just click it then.
Screenshot_2017-11-05-15-05-26.png
When you done clicking the refresh button you can see the current file or file in the middle of the app. Let the file reach 100kb,

Then disable the VPN key above.
Screenshot_2017-11-01-14-40-03.png
After you disable the VPN key, open the file by clicking the file list. Open the file with pcap app or any app that can open the file.
Screenshot_2017-11-01-14-40-10.png
Open the file and scroll, then you see this (refer the picture below) there is host get that host.
Screenshot_2017-11-01-14-41-03.png
Screenshot_2017-11-01-14-42-42.png

Host (ui.ff.avast.com)

Try to see if that host is working or not by using it on injector as a payload or try to use this site (check-host.net) to know if its working or not.


NORMAL WAY
What you need?
Internet data to surf or just use injector
•Open this site or search it (yougetsignal.com)

You do not have permission to view the full content of this post. Log in or register now.

You Get Signal is a reverse IP domain checker, it let you know what are other/same web server that hosting that site. Just click the remote address and put anything you want (e.g google.com, phcorner.net, freebasics.com, etc).
Screenshot_2017-11-05-13-43-41.png
Then you can see this (refer the picture below), just pick any domain or site
Screenshot_2017-11-05-13-44-30.png
Check if that domain/site is working by using it on injector as a payload or use this site (check-host.net) to check.



EASY WAY
What you need?

•Internet data to surf or just use injector
•Open this site (Configinter.com)

You do not have permission to view the full content of this post. Log in or register now.

After you click that site you can see already payloads that have status, see the picture below
Screenshot_2017-11-05-13-46-45.png
My Team
Death-Code Team
Kaidus
Asianism
Oggy_14
Gin Ichimaru
PHC- Megabytes
PHC-Elite
CX985
Vainglory SEA
HEMP
LadyClare

If you don't know how to make ehi click this link.
https://phcorner.net/t/how-to-make-ehi-click-and-you-know.368803/

Kaidus
 

Attachments

Last edited:

Similar threads

Back
Top