What's new

Closed Generating payloads

Status
Not open for further replies.
Y

Yuukiro Hitane

Addict
Joined
Jan 5, 2017
Posts
33
Reaction
34
Points
72
As far as I know, this tutorial is only applicable to HTTP Injector App.

In this tutorial kailangan po ninyo ng apps na pwedeng makatulong sa understanding niyo tungkol sa payloads.
These apps are available at Google Playstore:
1. HTTP Request Shooter
2. Packet Capture

Once installed, you may now proceed:

To start with, I'll give you a sample PAYLOAD. This payload is actually working depende nalang sa "Proxy" at "SSH Server" kung gagana. Note that this payload is only one line, walang line breaks jan yan dapat actually.

GET You do not have permission to view the full content of this post. Log in or register now. HTTP/1.1[crlf]Host: You do not have permission to view the full content of this post. Log in or register now.: Dalvik/2.1.0 (Linux; U; Android 6.0.1; SM-G920W8 Build/MMB29K)[crlf]Connection: Keep-Alive[crlf]Accept-Encoding: gzip[crlf][crlf][raw][crlf][crlf]


  • This payload is actually WORKING since libre naman talaga bumisita sa You do not have permission to view the full content of this post. Log in or register now. so dapat yung i-rereplace mo sa You do not have permission to view the full content of this post. Log in or register now. ay free site na pwede mong i-visit kapag wala kang load.
  • Now open the app Packet Capture, then press the PLAY BUTTON (Green Triangle on Top Right Corner).
  • Minimize the app, open the HTTP Request Shooter. It's better if you don't have any load, kasi malalaman mo kung kaya ba talagang ma i-visit yung You do not have permission to view the full content of this post. Log in or register now. nang FREE. Input mo siya sa URL, then method is GET, then press the header then the + symbol, sa header name, put "Connection" (w/o ""), sa header value, put "Keep-Alive". As far as I remember, parang Case Sensitive talaga gumawa ng payload kaya pay attention to your CAPS and Lower case letters. After those procedures, you may now press SEND Button. Kapag successful, ilang seconds lang, ma re-receive mo na ang tinatawag na HTTP Response. Naka sulat dapat jan "Status Code", "Elapsed Time", "Content", etc. The only thing that should bother you is the Status Code. The "Status code" should be preferably 200, 201, 202, 203, and so on, and pwede rin minsan yung 300, 301, 302, 303 and so on. Those status indicates na naka connect ka na sa You do not have permission to view the full content of this post. Log in or register now. through direct request.
  • Now go back to your Packet Capture App. It should tell you na may na capture na packets. Example, "54 captures". So press the PAUSE Button (Top Right Corner parin) then open the captured packets. Hanapin mo sa listahan ang pinaka una sa baba na packets captured from HTTP Request Shooter then press it. Ang first tab (1) jan any ang sent REQUEST and the second or succeeding tabs (2, ....) ay ang RESPONSE ng server. Ang REQUEST tab ay ang siya ring ginagawang PAYLOAD without the [crlf] commands kac nga hidden sila sa app na ito. Save the upstream through the menu button sa top right. Name it whatever you want but remember to put ".txt" (w/o "") always sa hulihan para maging text file siya.
  • Now open the text file, then copy all.
  • Then paste it sa HTTP INJECTOR sa may text field ng payload.
  • Then add the command [crlf] after every line breaks and remove the line break. Remember na walang spaces dapat sa mga gilid ng [crlf]
  • Example:
ABCD
EFGH

The two lines above will become one line nalang as:

ABCD[crlf]EFGH

  • After putting [crlf] for every line break, remember na the whole payload should end with two [crlf] commands. Optional na yung [raw][crlf][crlf]
  • Then lastly, see to it na yung PROXY mo e kayang i visit yung web ng You do not have permission to view the full content of this post. Log in or register now.. Kasi minsan hindi mo talaga ma i-visit yung site na iyan sa ibang bansa kaya trial and error na kung maghahanap kayo ng proxies. Try nyo yung host checker sa http injector with the proxy para malaman nyo talaga kung kayang i-visit yung site. The status sa host checker should be anything but not 500, 501, 502, 503, and so on.
That's all salamat sa pagbasa. This worked for me. But if kailangan pa ng clarifications or questions, just mention it here. Thank you!
 
So far salamat sa feedbacks. Lagay aq screenshots mamaya mga sir. At yung tutorial na ito ay pwede rn any networks. Palitan nyo lang You do not have permission to view the full content of this post. Log in or register now. nang ibang freesite, example sa smart e yung gamex.ph so depende nalang sa proxy niyo talaga kung kaya niyang pasuking yung freesite niyo kasi kadalasan yung freesite exclusive lang sa networks dito sa PH or sa country lng talaga natin.
 
And for screenshots: (Hindi ko na kasi ma edit yung post ko)

Screenshot_20170429-230200.png
Screenshot_20170429-230143.png
 

Attachments

Yung font ba sa screenshot yung ibig mong sabihin? Oo nag install lng aq ng fonts sa Google Playstore then set ko sa settings ng phone ko. Samsung S6 gamit ko kaya pwede palitan font, meron din ata sa ibang phones.
 
Status
Not open for further replies.

Similar threads

Popular Tags

android apn card data dito ehi free internet free load freenet globe globe & tm gomo gtm hpi http injector injector internet load mobile mobile network modem network no load openline ovpn payload paymaya pldt pocket wifi postern promo proxy prx psiphon question registration remote proxy signal sim sim card sim registration smart ssh sun tm tnt tutorial unli vpn wifi

About this Thread

  • 24
    Replies
  • 2K
    Views
  • 18
    Participants
Last reply from:
Dave_Canales

New Topics

Popular On This Forum

Online statistics

Members online
702
Guests online
4,798
Total visitors
5,500
Back
Top