Hacking windows using SET

GAINING WINDOWS USING SET

What is Social Engineering Toolkit ?
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.

Actually this hacking method will works perfectly with DNS spoofing or Man in the Middle Attack method. Here in this tutorial I’m only write how-to and step-by-step to perform the basic attack, but for the rest you can modified it with your own imagination.  


Requirement : 
1.  Backtrack 5 or Backtrack 4


Step By Step : 
1. Change your work directory into /pentest/exploits/set/ 

2. Open Social Engineering Toolkit (SET) ./set and then choose "Website Attack Vectors" because we will attack victim via internet browser. Also in this attack we will attack via website generated by Social Engineering Toolkit to open by victim, so choose "Website Attack Vectors" for this options. 

3. Usually when user open a website, sometimes they don't think that they are opening suspicious website that including malicious script to harm their computer. In this option we will choose "The Metasploit Browser Exploit Method" because we will attack via victim browser. 

4. The next step just choose "Web Templates", because we will use the most famous website around the world that already provided by this Social Engineering Toolkit tools. 

5. There are 4 website templates Ready To Use for this attack methods, such as GMail, Google, Facebook, and Twitter. In this tutorial I will use Google, but if you think Facebook or Twitter more better because it's the most accessed website, just change into what do you want. 

6. For the next step…because we didn't know what kind of vulnerability that successfully attack the victim and what type of browser, etc, in this option we just choose "Metasploit Browser Autopwn" to load all vulnerability Social Engineering Toolkit known. This tools will launch all exploit in Social Engineering Toolkit database.

7. For payload options selection I prefer the most use Windows Shell Reverse_TCP, but you also can choose the other payload that most comfortable for you

. 

8. The next step is set up the Connect back port to attacker computer. In this example I use port 4444, but you can change to 1234, 4321, etc 

9. The next step just wait until all process completed and also wait until the server running. 

10. When the link given to user, the victim will see looks-a-like Google (fake website). When the page loads it also load all malicious script to attack victim computer.

11. In attacker computer if there's any vulnerability in victim computer browser it will return sessions value that mean the exploit successfully attacking victim computer. In this case the exploit create new fake process named "Notepad.exe". 

12. To view active sessions that already opened by the exploit type "sessions -l" for listing an active sessions. Take a look to the ID…we will use that ID to connect to victim computer.

13. To interract and connect to victim computer use command "sessions -i ID". ID is numerical value that given when you do sessions -l. For example you can see example in picture below. 

14. Victim computer already owned. I'm practice to create this tutorial using Virtual Machine so it will not harm other computer and also you can doing a lot of experience with your OS.

BlindElephant - Backtrak 5

CMS IDENTICICATION USING BLINDELEPHANT

BlindElephant tools Web Application Fingerprinter. With BlindElephant we can find Web application that is running on a website. The workings of this BlindElephant is trying to read static files or configuration of Web applications. BlindElephant also can find the web version of the application is running, so that will help us in the search for target information. By knowing the version of the web application, we can look for weaknesses in the web version.

Backtrack–>Information Gathering—> Web Application Analys–>Cms Identification–>BlindElephant

# ./blindelephant.py [option] url appName

1. scanning Wordpress.

2. scanning drupal.

3. scanning joomla.

E-HACK 2013

EHACK IN CHENNAI

About E-HACK :

Temple Run guy’s running never ends. The same happens for security experts and hackers. Everyday it’s a clash of titans between the two which never ends. But there will be clash of stalwarts with an end and it is called as E-HACK. It will be world largest attempt on hackathon with brain twisting levels and stages, the continuous run for 24 hours non-stop. Starting with easier levels, the hackathon will continue to be a challenging with over 50 levels.

Meddle in cyber-warfare, battle with our machine master mind who will throw challenges on web application security, network security, algorithms, reverse engineering and decryption. The team which cracks the final level will attain the glory of being Winner at our E-HACK Guinness record attempt with tons of prizes waiting.  Be simple but not simpler is quote by Einstein, that’s secret of success for E-HACK. Be there to witness the epic battle of brains.

P.S: World renowned web security experts will be watching you at E-HACK, who knows you might end up working for them, prove you’re potential.

About E-HACK in Chennai:
Chennai is the city through which India’s primary Internet backbone cable runs into land from sea.  This Techno-wizard city has something to do with hacking.  Yes it just got easier and better because the city is welcoming legendary teachers and pioneers to educate you to hack your way through any informationsystem ever invented. E hack is just not any other workshop it is the place to be if you want to keep your information discreet.  The pioneers are going to be here in your city to make you Professional Hackers.

WHAT IS CTF?

Capture the Flag (CTF) is a real time scenario game. You’ll be given a scenario which will require you to hack into a server/site. There will be multiple levels and you have to progress through each level by hacking through it. For instance the first level will need a password to enter, so you’ll have to identify the password and progress to the next level. It’s not going to be straight forward like this, it’s just an example. With a total of 50 levels, the team/person which cracks the maximum number of levels within the time limit, will be announced the winner.

The first couple of levels are bound to be easier because of the training provided throughout day 1, but in the later levels you’ll be facing things which you might’ve never faced before like a combination of hacks for instance. There will be a live leader board which will be reflecting the performance of each and every team. That will heat up the contest more. Amidst all this, social engineering is totally allowed and please do have fights but only online! Use of fists not allowed!! 

VENUE:

SRM Nagar, 
Kattankulathur - 603 203, 
Kancheepuram District, Tamil Nadu.

Register here


FOR CHENNAI HACKERS MEMBERS ALONE:

IF U DON'T HAVE TEAM U CAN ALSO REGISTER WITH CHENNAI HACKERS TEAM JUST COMMENT YOUR DETAILS WITH MAIL ID.AFTER REGISTRATION THE TICKET NUMBER WILL BE MAILED TO U.

Sql Injection with SqlMap - Backtrack

Hacking sql database using SqlMap

SqlMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for maximum penetration tester and a broad range of switches lasting fingerprint database, more data Search the database to access the file system underlying and executing commands on the operating system via out-of-band connections.

Some basic options. 

./sqlmap.py -u URL --dbs
./sqlmap.py URL -D --tables  
./sqlmap.py URL -D -T --columns
./sqlmap.py URL -D -T -C --dump

-D: Database
-T: Tables
-C: Column
-U: user custom
- table
- columns
- dump