How to Track Lost Android Phone and Tablet

Srikanth Ramesh

Your Android gadgets are the most important things in your life. It contains all your important contacts and information. If you lose your equipment, you will be losing all those sweet memories with the photos and video. But there is some good news to android phone/tablet users, you can now easily find or at least know where your missing phone is with or without using android application.

Let’s first look at the way of finding your lost phone which doesn’t contain any app installed on it.

Use the IMEI Number

Every android phone carries a unique IMEI number (International Mobile Equipment Identity Number). It will be printed at the back of your device. If you are unable to find the number, you have to launch your phone app and dial the number *#06#. This will give you the IMEI number of your phone. Store this number in a safe place so that it helps you in locating your phone when it is lost.

When you file a complaint, this number has to be added in the report. Your service provider uses this number to track your phone and tell you where it is. No matter if the person using the phone is using a different SIM card or has switched off the phone. Once the device is traced, you can request your service provider to block it from using.

This is one of the easy ways of locating your lost Android phone or tablet.

Plan B

Another way of tracking your lost Android gadget in no time is through Plan B app. This app does not require you to install any recovery software previously but still helps in finding your lost phone. All you need to do is log on to your Google play account. Lookout mobile security offers free software called Plan B. Download the software from play store to your phone. This will be possible only if your phone is within the Internet coverage area. Wait for some time and then send the keyword “locate” without the quotes through SMS to your phone. And a map showing where your equipment is will be sent to your Gmail account. This app is very much useful in situations where you don’t have IMEI number.

If you have installed and configured any of these below android software previously, there is good chance of finding it.

You can log on to Google Play store > My Android Apps, on your computer and check if you have installed any of the following apps previously.

Lookout Security and Antivirus

Lookout is the best android app for security and antivirus. So far, it has received millions of downloads. Just recall if you have installed this on your phone.

If you have activated the option “Missing Device” in this app, it is easy to find your device. If you have also enabled “Signal Flare” option, you can trace the last known location of your android device. This is helpful in case your phone battery is dead or tablet is switched off.

Now sign in Lookout to locate your device. The map shows the location of your phone. If you are at a short distance from the tablet, you can choose Scream option to make a loud noise to find it.

Android Device Manager

Google has recently released a new locator feature for Android gadgets called Android Device manager, which helps its users locate their lost or stolen phones and tablets. It functions in the same way as Lookout and Samsung’s “Find My Mobile”. Here’s how to use Android Device Manager.

Go to the Google Settings app, then select Android device manager. By default the locator feature is activated but to activate remove data wipe, select the box next to “Allow remote factory reset”, then select “activate”.

To use this feature, open the site https://www.google.com/android/devicemanager and sign in to your Google account. You may be prompted for permission to allow Android Device Manager to use location data. Select the Accept tab to continue.

Now you will be provided with a map that shows the location of your device along with other details such as the name of the place, when it was last used and more. The location data doesn’t help you if your phone is misplaced somewhere in your home. Instead of making a call to your phone using other’s phone, you can call your phone directly from Android Device Manager. This will make your device to ring with high volume for 5 minutes, even if it’s in silent or vibrate mode.

One feature that is missing in Android Device Manager is remote locking, which can be useful in preventing a stranger from accessing your data, while you’re tracking its location.

Apart from these, there are other apps such as Android Lost, Where do My Droid and GadgetTrak that help you in finding your lost Android phone/Tablet.

by Phr3ak

How To Chat With Friends On-line Without Being Tracked By The NSA

The latest scandals with Edward Snowden, news about Internet users were spied on by law enforcement agencies in a number of countries and the rumors regarding the fact that many large Internet companies leak confidential information on network users are a wake-up-call to the users who require reliable, private and state of the art security services. Any downloading software, as practice shows, can be equipped with the so-called “backdoors” for data interception. The phones also ping cell towers all the time as there's no other way for them to function. Pinging means those cell towers know the phone's location which, essentially,  makes it a tracking device.

All those events made us think of searching for an alternative and safe channel of communication with friends and business partners, anonymous web surfing and file sharing solutions.

So is there any way to stay anonymous during the age of the Internet?

An obvious answer to that would sound something like this: 'Throw your phone, laptop, desktop out of the window, pay for everything with cash and don't talk to strangers'. Of course, that approach (even though it's actually the safest option) wouldn't work for most users which leaves us with extreme to-be-or-not-to-be types of choices. This article explores ways of preserving both: your digital life and your privacy.

Choose your software carefully

You may find many recommendations on-line on how to tune your PC to protect yourself from viruses and phishing scams. They all may or may not achieve the same goal but the primary question is, “can you really trust the software that you are protecting you from viruses and can you be sure it's not a major tracking virus itself?”

There's a lot of info on the web about ‘how famous software companies report all the bug-fixes to the NSA'; which sounds like a scary thought.
This, of course does not mean there's 100% assurance that all systems do not give info away. It is a fact that alternative OS's do not have as many viruses as the most popular ones.  Therefore, if you're a security geek it is a good idea to consider shifting to a different OS. One great example is Qubes OS, a Linux distribution that runs its programs inside dedicated virtual machines reducing the amount of potential vulnerabilities.

 

Browser Wars

This time it's not about speed, it's about security. Having the concept of an OS tracking should make you avoid private web-browsing on native browsers such as Internet Explorer or Safari. The latest versions of all four major browsers including Microsoft Internet Explorer, Mozilla Firefox, Google Chrome and Apple Safari, were hacked at Pwn2Own Hacking Competition 2015. To save your private life online you can use alternative browsers, like the Midori Web browser, which, by the way, features the anonymous search engine 'DuckDuckGo' by default, Epic browser or open-source project Chromium. It's just so happens that Firefox started “safe internet” and still epitomizes it.

 

Use a VPN

Virtual Private Networks are getting more popular. The popularity of these services is justified by the level of anonymity they're able to provide. A VPN server encrypts all of your traffic. They will hide your IP address and location by giving you their own IP address. Surf securely without footprints and leave your online privacy untouched. You can choose to be a resident of South Africa, Argentina or Belize if so desire. If your VPN provider has decent encryption there's no way to track where you really are.
 

The conversion itself, however, can easily be logged by chat services, like Skype or Google Hangouts, so it is a good idea to review secure alternatives.

Chatting

Most chat services work by using a central server. This means that all of your text or audio words and sent files are stored on the server of the provider. If the NSA wants to gain access to this data, it will have no problem.

There are a great number of services offering secure and anonymous encrypted chat rooms.

Privatoria offers a bundle of web security and anonymity services including secure data transfer, anonymous e-mail, Proxy/VPN and of course secure chat.

The peculiarity of this service is the absence of a central server. Their chat technology is based on WebRTC; meaning there's a direct connection between browsers without transferring data or logging information on the servers unlike traditional chat solutions like Skype, Google Hangouts, etc... So, no one can access your different ways of communication.

You will be able to communicate with all of the advanced features like text messaging, voice and video calls, file transfer, etc...

• Cryptochat is an app for Android users for secure chatting that allows end-to-end password-protected encryption.

• CryptoCat offers group chat, file sharing and provides encryption for doing so. Extra features include Facebook integration and the ability to send photos.

• Surespot is an open source mobile messaging app with 256 bit end-to-end encryption. It does not require registration and allows sending voice messages from multiple accounts on a single device.

The Choice is yours

Trying to sum it all up, we can firmly state that the world of technology is constantly evolving and that the government wants to control this process. There are no guarantees that you are not being tracked while reading this article or watching Youtube videos.

There are ways to preserve your privacy or at least give Uncle Sam a hard time when he tries to spy on you. To secure yourself you may want to try using a VPN, alternative OS's, secure chat solutions to transfer your encrypted messages or even set up your own private server machine with cloud storage, a chat server and other useful stuff.

~Phr3ak 

Abu Bakr al-Baghdadi – a Short Biography of the ISIS Sheikh

Abu Bakr al-Baghdadi – a Short Biography of the ISIS Sheikh

This text was released on July 15, 2013 by some Jihadi accounts. It is a biography of Sheikh Abu Bakr al-Baghdadi, the leader of the Islamic State in Iraq and as-Sham (ISIS).

I will translate the most remarkable parts in the text and comment below

لأول مرة…السيرة الذاتية للشيخ أبو بكر البغدادي ( أمير الدولة الإسلامية في العراق و الشام )

بسم الله الرحمن الرحيم

السيرة الذاتية لأبو بكر البغدادي القرشي الحسيني حفظه الله
أمير دولة الإسلام في العراق و الشام
السيرة كما و صلتني
.
.
.
الاسم / أبو دعاء، إبراهيم بن عواد بن إبراهيم البدري الرضوي الحسيني السامرائي

ينحدر من عشائر السادة الأشراف البدريين ( البوبدري ) الرضوية الحسينية الهاشمية القرشية النزارية العدنانية .

الحالة الإجتماعية/ متزوج .

( لمحة تاريخية عنه )

أستاذ ومعلم وتربوي سابق وداعية معروف , وخريج الجامعة الإسلامية في بغداد ودرس بها مراحلة الدراسية ( البكالوريس والماجستير والدكتوراه ) عرف أنه داعية , وضليع بالثقافة الإسلامية , والعلم والفقة الشرعي , وإطلاع واسع في علوم التاريخ والأنساب الشريفة , وله علاقات واسعة وتأثير واضح على أفراد عشيرته في ديالى وسامراء حتى أعلنوا وبكامل إرادتهم ويقينهم التام بيعتهم لدولة العراق الإسلامية وأميرها الأول ( أبي عمر البغدادي القرشي ) حين بايعوا الأمير ودولته عند إنشائها وظهورها على الساحة الجهادية في العراق في الإعلان الرسمي لظهور الدولة في العشر الأواخر من شهر رمضان عام 2006 , وعرف فيما مضى عن الدكتور إبراهيم عواد أنه من أبرز أقطاب السلفية الجهادية وأبرز منظريها في ديالى وفي مدينة سامراء من خلال جامع الإمام أحمد بن حنبل رحمه الله , وهو رجل من عائلة متدينه أخوته وأعمامه منهم دعاة دين وأساتذة في اللغة العربية والبلاغة والمنطق , وعقيدتهم دينية سلفية , فوالدة الشيخ عواد من وجهاء عشيرة البوبدري , ومحب للدين , ومن دعاة الحشمة والفضيلة ومن أنصار الأمر بالمعروف والنهي عن المنكر , وجده الحاج ابراهيم علي البدري رجل عرف بمداومته على صلاة الجماعة , وصلة الرحم , والحرص على حاجات العوائل المتعففة , وقد توفي الحاج ابراهيم قبل عدة سنوات بسيطة أثناء فترة مابعد الإحتلال بعدما عمر في الدنيا على الطاعة وصلة الرحم وفعل الخير , وأمد الله بمنة وكرمه في عمر الحاج المرحوم حتى قارب منتصف عقدها التسعين من العمر

عدم ظهور الدكتور أبودعاء بتسجيل مرئي او صوتي لايعود إلى قلة فصاحته او ضعف بيانه او ماشابه ذلك فهذه أمور لاصحة لمن يقولها , ويروج لها فالرجل خطابته فصيحة وبيانه حسن , وفطتنه ونباهته ظاهرة فهو جمع بين صفتين من أمراء الدولة السابقين حين جمع بين هدوء وروية أبي عمر البغدادي وحسه الأمني العالي , وأخذ جانب كبير من ذكاء ومجالدة أبو أيوب المصري .

( الخبرات العسكرية )

زادت خبرة الدكتور أبودعاء الأمنية والعسكرية على أرض الواقع في الثمانية سنوات الأخيره , وتبلورت بوضوح ونضجت أكثر هذه الخبرة الأمنية والعسكرية عندما تم ممارستها على أرض الواقع , وتعرض لصعوبتها وتضحياتها من خلال الممارسة الواقعية والفعليه في الثمانية سنوات ونصف الماضية من القتال وحروب الكر والفر .

حرض على القتال وصال وجال وقاتل ثم أسر ثم خرج , وخاض معارك عديدة , وأسس جماعات وساهم في إنشائها ودعمها ثم أنضم لمجلس شورى المجاهدين ودولة العراق الإسلامية وعمل كعضو في مجلس الشوى , وحتى أصبح وفي الإعلان الرسمي للدولة بتاريخ 16 أيار مايس 2010 أمير لدولة العراق الإسلامية , وماوصل إلى الإمارة الحالية إلا وفق مراحل عديدة حتى نال هذا الإستحقاق .

بداية من عمله مع عدد من رفاق دربه ومنهجة على إنشاء جماعة جيش أهل السنة والجماعة التي نشطت , وعلى وجة الخصوص في محافظات ( ديالى وسامراء وبغداد ) وتوليه للهيئة الشرعية بها حين أستلم أمير القسم الشرعي لهذه الجماعة , وهذه الجماعة فيما بعد , وأعني بها جماعة جيش أهل السنة والجماعة بايعت وأنضمت لمجلس شورى المجاهدين بعد تأسيسه بأسبوع تقريباً , ومن ثم أنضم الدكتور أبودعاء إلى الهيئات الشرعية في المجلس وعضو في مجلس الشورى , وحتى إعلان دولة العراق الإسلامية , وتسلمه مهمة المشرف العام على الهيئات الشرعية للولايات وعضويتة في مجلس شورى دولة العراق الإسلامية فضلاً عن دوره الواضح والمؤثر في إنضمام جزء من عشائر سامراء لمبايعة البغدادي الأول , ومساهمته في ضم عشيرته وشباب عشيرته في ديالى لمبايعة الدولة , ومع مرور عدة سنوات كان منطقياً أن يحضره ويجهزه أبو عمر البغدادي الحسيني القرشي ( حامد داود ) لخلافته , وهذا لاشك به أبداً فأمثال ( ابومحمود ) وبحسه الأمني العالي جداً , ووضعه لحسابات وتوقع كل الإحتمالات جعله وأوصى أن يكون الدكتور ابودعاء هو من يخلفه.
جمعت هذه الترجمة نصرةً وإنصافاً للأمير البغدادي، الذي سلقوه بألسنة الحداد، وتناسوا غيرته وعزمه ونصرته لأهل سوريا بالمال والنفس رغم المصاعب، وأيضاً نسخة لمن لا يعرف أهل الجهاد وفضلهم وقدرهم…

فهل سيستحي بعد كل هذا أهل التنظير والقعود ويكفوا ألسنتهم عن الطعن في رجال الجهاد ؟؟؟!!!

Some remarkable points:

• the full nom de guerre of the Sheikh and his official title: Abu Bakr al-Baghdadi al-Qurashi al-Husseini, Emir of the State of Islam in Iraq and Syria
• his name: Abu Du’a, Ibrahim bin ‘Awad bin Ibrahim al-Badri ar-Radawi al-Husseini as-Samara’i
• the man is (happily?) married
• al-Baghdadi is, as was to be expected, highly educated. According to the text he has a Master’s degree and PhD in Islamic Studies (poetry, history, genealogy,…) at the Islamic University of Baghdad and was a renowned Professor and Preacher on these matters.
• it is claimed that beacause of his major impact on his clan and followers in Diyala, Samara (Iraq), he hereby became one of the most prominent strategists of al-Qaeda in this area.
• Dr. Abu Du’a is said to have an extensive military experience in all kinds of urban warfare and hit and run operations
• As a zealous fighter and preacher he reached top tier al-Qaeda in Iraq in 2010
• he started out with his own group Jaysh Ahl as-Sunna, active in Samara, Diyala and Baghdad
• the former Sheikh of AQI prepared Dr. Abu Du’a for the leadership
• all his recent actions are claimed to be for the benefit of the Syrian people

Update:

Nasheed in honor of Abu Bakr al-Baghdadi:

Text added in comment:

Islamic State of Iraq and Sham Nasheed – ISIS Nasheed –
الدولة الإسلامية في العراق والشام نشيد
ISIS is the Mujahideen group from Iraq who works hard to establish the law of Allah on Land. ISIS is under the leadership of Al Qaeda. Presently Sheikh Abu Bakr Al-Baghdadi is the Amir of the Islamic State in Iraq and Al-Sham.

His Name and Lineage : Abu Dua, Ibrahim bin Awad bin Ibrahim Al-Badri Al-Radawi Al-Husseini Al-Samarra’i. He is descendant from the tribes of Al-Sada Al-Asharaf Al-Badriyin (Al-Bu’Badri) Al-Radawiya Al-Husayniyya Al-Hāšimiyyah Al-Qurayshiya Al-Nizariya Al-Adnaniya.

Sheikh Abu Bakr Al-Baghdadi is a former teacher and educator and a well known preacher, and a graduate from the Islamic University in Baghdad and he studied in it the academic levels (Bachelor, Masters and PhD) he was known as a preacher and erudite in Islamic culture, and Sharia knowledge and Fiqh, and an expert in the sciences of history and noble lineage, and he has a wide relations and clear impact on the members of his tribe in Diyala and Samarra until they declared on a fully voluntary and total certainty their Baya’a to the Islamic State of Iraq and its first Amir (Abu Omar Al-Baghdadi Al-Qurayshi) when they gave Baya’a to the Amir and the State in the beginning of its establishment and appearance on the Jihadi arena in Iraq in the official deceleration in the last ten days of the month of Ramadan 2006.

It is known that Dr. Ibrahim Awad is from the most prominent figures of Al-Salafiya Al-Jihadiya and one of its most famous theorists in Diyala and in the city of Samarra in the mosque of Imam Ahmed ibn Hanbal rahimahullah. He is a man from a religious family. His brothers and uncles include preachers and professors of Arabic language, rhetoric and logic. Their Aqeeda is Salafiya. His father sheikh Awad is from the elders of Al-Bu’Badri tribe, he loves the religion, and from the callers to decency and virtue and from the supporters of promoting of virtue and preventing of vice, and his grandfather Haj Ibrahim Ali Al-Badri is a man known of his persist-ency on congregational prayer, and being good to his kin, and keenness to the needs of the modest families, and Haj Ibrahim died a few years ago in the post occupation era after he lived long in this Dunya in obedience and being good to his kin and good deeds, and Allah with His grace and favor prolonged the life of late Haj until he almost reached 95 years old.

The security and military experience of Dr. Abu Dua increased by practice in the past eight and half years of fighting and attack and retreat. He incited on fighting and he himself fought then he was captured and released, he engaged in many battles, and established Jamaats and participated in establishing others and supported it then he joined Majlis Shura Al-Mujahidin and the Islamic State of Iraq as a member of the Majlis Al-Shura, until he became in the official declaration of the State in 16 May 2010 as Amir of the Islamic State of Iraq, and he didn’t reach that status except by passing through several stages until he was worthy for that post.

In the beginning he worked with several of his companions in establishing Jamaat Jaish Ahli Sunnah wa Al-Jamaah that was active in particular in the provinces of Diyala, Samarra and Baghdad, and head the Sharia Committee of the Jamaat, this Jamaat later it gave Baya’a and joined Majlis Shura Al-Mujahidin one week after it was declared, and then Dr. Abu Dua joined the Sharia Committees of the Majlis and he became a member of the Majlis Al-Shura, and after the declaration Islamic State of Iraq he became the General Supervisor of the Sharia Committees of the Wilayahs and a member of the Majlis Al-Shura of the Islamic State of Iraq also he has an obvious and influential role in the Baya’a of some of the tribes of Samarra to Abu Omar Al-Baghdadi, and he participated in the Baya’a of his tribe and its youth to the State, and as years passed it was logical that Abu Omar Al-Baghdadi Al-Husseini Al-Qurayshi (Hamid Al-Zawi) to succeed him, and there is no doubt in that because “Abu Mahmud” had a high security sense, and he had his calculations and he expected all possibilities and recommended that Dr. Abu Dua be his successor.

Additional material:

According to the US government (see website) this is Abu Bakr al-Baghdadi:

http://www.rewardsforjustice.net/index.cfm?page=dua

Wikipedia:

Arabic:

http://ar.wikipedia.org/wiki/%D8%A3%D8%A8%D9%88_%D8%A8%D9%83%D8%B1_%D8%A7%D9%84%D8%A8%D8%BA%D8%AF%D8%A7%D8%AF%D9%8A

English:

http://en.wikipedia.org/wiki/Abu_Bakr_al-Baghdadi

The ISIS organisation in Syria mapped by https://twitter.com/DanieleRaineri:

HaCoder.py Updated

HaCoder.py Download Link ~Phr3ak

Pentest Tools

Pentest Tool Box Download Link

Demo Videos

DarkSec Full Tools @ Pentest

~Phr3ak

FREE SOFTWARE TO OPTIMIZE INTERNET CONNECTION

But it doesn’t have to be that way, thanks to TCP Optimizer. Lightweight yet powerful, TCP Optimizer lets you optimize Internet connection in a few clicks. From maximum connection speed to advanced settings like packet size and pings/URL, everything can be tweaked, thus leading to better network speeds. Interested? Let’s find out more.

Sponsored Links

How To Use This Software To Optimize Internet Connection?

Step 1: Getting started with TCP Optimizer is a simple affair. At under 700 KB in size, it’s a pretty featherweight application. And since it’s portable as well, there’s no need for any installation or configuration. Simply download the utility from its homepage, and run it (preferably as administrator). Here’s how TCP Optimizer looks like:

As seen above, TCP Optimizer sports a fairly simplistic UI. All the tweaks and options are distributed across four different tabs, as briefly mentioned below:

• General Settings: Here you can configure settings such as connection speed, network adapter selection, as well as choose from a bunch of presets (e.g. Current, Optimal).
• Advanced Settings: As the name suggests, this is where the advanced tweaks are. You should only tinker with these if you’re well versed with the technicalities of network connection parameters. Some of the settings that can be changed here are high resolution priority, quality of service, retransmit timeout, and more.
• BDP: Under this tab, you can calculate RWIN values using the Bandwidth Delay Product.
• MTU/Latency: Want to configure the Maximum Transmission Unit and Latency. This is the tab where it’s done.

Step 2: Essentially, there isn’t a second step. However it’s important to note that not all settings can be configured, except when the Custom preset is selected. The other presets, when selected, only let you change certain things. Once you’ve tinkered with everything, simply hit the Apply Changes button.

That’s all there’s to it. You can even use the File menu to export the specified settings. How cool is that?

Do Check Out: Free Network Monitoring Software

Wrapping Up

The network connectivity speeds have massively advanced over the past few years, but that doesn’t mean things can’t be improved further. And TCP Optimizer lets you do just that, in a simple and hassle free way. Give it a shot, you’ll love it.

Training: Into the Worm Hole: Metasploit for Web PenTesting

Metasploit is most commonly known for its epic pwnage of network and service level vulnerabilities. What you may not know is that same epic pwnage can be leveraged exploiting web application vulnerabilities. By leveraging the ability to custom build Metasploit modules or tools using the framework the power of Metasploit is only limited by the imagination of the user. “Into The Worm Hole: Metasploit For Web PenTesting” will build on prior knowledge of Metasploit and help elevate the tester’s skills and abilities by working hands-on building a custom scanner, using Metasploit to exploit Web Vulnerabilities, and learn to use Metasploit for phishing, XSS, and other web application vulnerabilities.

See the full outline (PDF) for additional information.

---

About the Instructor

Kizz MyAnthia is an InfoSec specialist whose qualifications include an in-depth understanding of security principles and practices; C|EH, MCSE+Security designations; and detailed knowledge of security tools, technologies and development. Seven years of security experience in the creation and deployment of solutions protecting networks, systems and information assets for diverse companies and organizations, with over 10 years overall in the industry.

---

Title: Into the Worm Hole: Metasploit for Web PenTesting
Outline: PDF 

Prerequisites: This is an Intermediate level class and attendees should understand what Metasploit is and how to use it. A knowledge of Ruby is extremely beneficial, but some scripting experience or skill (any language) is recommended.

Class Requirements: This class requires all attendees to bring a computer with a functioning installation of Metasploit; a Kali or BT5 VM is recommended, but not required. All commands and lessons will be executed on Kali Linux. If an attendee chooses to use MS Windows MSF Installation or other OS they must know if there may be syntax differences, etc, NO SUPPORT WILL BE OFFERED.

~PseudoSec~Philopolemus Therapontigonus

Our New Page!!!

Please Like Our Page For More News: 

Our Page

Evading AntiVirus using Veil

This is a tutorial on how to evade AV using a new tool called Veil. It is not just a tool, It is a framework like metasploit dedicated to AV evasion.

Here is the website of Veil Framework - https://www.veil-framework.com/

Installation

The best way to get Veil is by getting a copy of Kali linux. But this tool was added to kali recently, so if your copy of kali linux dont have veil installed, then you can use the following commands to install it in Kali:

apt-get update && apt-get install veil

OR 

You can gitclone it on to your PC, for this type:

git clone https://github.com/Veil-Framework/Veil-Evasion.git

ok now we can have fun with the tool


Using Veil


Type ¨veil¨ into the terminal.



You can use the ¨list¨ command to see the available payloads. The payloads are listed according to its success rate.



Here we are going to use the “powershell/VirtualAlloc”. To use this type ¨use 9¨. 



Here we will just use the default values, so simple type ¨generate" and press enter.

Then you can choose to use Metasploit’s standard msvenom shellcode or choose your own. We will just choose the default, msfvenom.

type 1 and enter



next we have to choose the type of shell. just press enter



next enter the ip address of the host machine (the one you are using)



then you have to enter the local port that you will be using, enter 4000 here



You will then be asked to enter any MSVenom options that you want to use, we won’t be using any, so just press enter to bypass them.

And that is it! Veil will then generate our shellcode with the options that we chose.
Then we need to give our created file a name. here, some social engineering is required. Your file name should attract the victim.



Our file will be stored in the “/usr/share/veil/output/source/” directory.
Just take the created .bat file and send it to our target. When it is run, it will try to connect out to our machine.
We will now need to start a handler listener to accept the connection.

Getting a Remote Shell

To create the remote handler, we will be using Metasploit.

Start the Metasploit Framework from the menu or terminal (mfsconsole).
Now set up the multi/handler using the following screen:



Be sure to put in the IP address for your machine and the port that you entered into Veil. They must match exactly.

Metasploit will then start the handler and wait for a connection:



Now we just need the victim to run the file that we sent them.



On the Windows 7 machine, if the file is executed, we will see this on our Kali system:




A reverse shell session!

Then if we type “shell”, we see that we do in fact have a complete remote shell:

~Phr3ak