Feeds:
Posts
Comments

In this tutorial, I assume that you are familiar with linux Terminal and basic command line.

Step 1.Make sure your wireless card in “Monitor mode”.
aireply01

Type “iwconfig your_wireless_card”.
You can turn off the wireless card, switch to ‘Monitor Mode’ and turn it on again.
aireply02
Continue Reading »

Advertisements

Ping is a simple test to check if the target is exist. When your are connected with free wifi in a cafe library etc, and someone try to hack your system, usually this is one of the method that they do.

You can it using tcpdump.

If it’s not in your system yet, you can install by typing (for Ubuntu): apt-get install tcpdump in your linux terminal.

Type the command below to start the process:

sudo tcpdump -i wlan0 icmp and icmp[icmptype]=icmp-echo
-i option is for your wireless network interface. I use atheros chipset, so my one is wlan0.
When I ping from my other device, tcpdump will tell me that there is a device from an ip address try to ping me.
tcpdump

There few methods available that you can find in the Internet but the method that I like to share it’s bit different. May be, it will suitable for you.

What is the benefit of OFFLINE installation?
You don’t have to connect to the Internet when you install new application and you can distribute it easily.

In this tutorial, I use Ubuntu 14.04.

Below are the steps:

1.Clean the folder /var/cache/apt/archives
Open your linux terminal then type the command below:
$sudo apt-get clean

This command will clean all .deb file in folder /var/cache/apt/archives.
Clean the folder is important otherwise it will mixed up with the previous download application files.
For folder /var/cache/apt/archives/partial is only temporary place before files moved to archieves, so it will automatically cleaned.

2.Update the source list.
Connect to the Internet and update your package list because sometimes your application it’s not the list yet.
$sudo apt-get update
Continue Reading »

In this tutorial, I will show you how to send email via gmail server using openssl. Before you can use telnet to do it. But since Google implement TLS-encrypted connection, you can’t do that anymore unless you upgrade your telnet with ssl capability.

OpenSSL version that I use is OpenSSL 1.0.1f 6 Jan 2014. You can check your version using command openssl version -a.
darklinux@darklinux:~$ openssl version -a OpenSSL 1.0.1f 6 Jan 2014 built on: Thu Jun 11 15:26:18 UTC 2015 platform: debian-i386 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) blowfish(idx) compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector –param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,–noexecstack -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: “/usr/lib/ssl” darklinux@darklinux:~$

Before we start, I will give you a prove that we can’t use telnet to connect to gmail server.
darklinux@darklinux:~$ telnet smtp.gmail.com 587
Trying 74.125.200.108…
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
220 smtp.gmail.com ESMTP p8sm40810771pfi.34 – gsmtp
helo
250 smtp.gmail.com at your service
mail from: <taufanlinux@gmail.com>
530 5.7.0 Must issue a STARTTLS command first. p8sm40810771pfi.34 – gsmtp

darklinux@darklinux:~$ telnet smtp.gmail.com 465
Trying 74.125.68.108…
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
helo
#####FConnection closed by foreign host.
darklinux@darklinux:~$
Continue Reading »

Desclimer:
In this tutorial, I will show you to hack Ms-windows xp. It’s for training purpose only. I’m not responsible for any misused. You will learn about, grap a screenshot of the interactive desktop target, check list running processes, capturing key strokes and get contents of SAM database.

There 2 exploit modules that I will use, ms08_067_netapi and reverse_tcp.

The ms08_067_netapi exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs.

This exploit can be used also for MS windows 2000 universal and MS Windows 2003 universal, SP1 and SP2.

The reverse_tcp will inject the meterpreter server DLL via the Reflective Dll Injection payload (staged). Connect back to the attacker.

————————————————————————————————Name: MS08-067 Microsoft Server Service Relative Path Stack Corruption
Module: exploit/windows/smb/ms08_067_netapi
Platform: Windows
Privileged: Yes
License: Metasploit Framework License (BSD)
Rank: Great
Disclosed: 2008-10-28
———————————————————————————————–Name: Windows Meterpreter (Reflective Injection), Reverse TCP Stager
Module: payload/windows/meterpreter/reverse_tcp
Platform: Windows
Arch: x86
Needs Admin: No
Total size: 281
Rank: Normal

———————————————————————————————–
Continue Reading »

The purpose of this tutorial is for education only.
Before I start, I will explain about what is fake access point?

Access Point (AP) is a networking device that allows wireless devices to connect to a wired networking using WIFI.
Fake access point is a virtual access point that is created using an application but it acts like real access point. It is converted from our wireless device into access point. You can set a password, essid and channel on it.

What tools I need?
The tool is airbase-ng. It’s part of aircrack-ng package. So, you need to download the aircrack-ng first. Make sure you are connected to the Internet. Open your linux terminal and type:
$ sudo apt-get install aircrack-ng
Continue Reading »

Metasploit Framework (MSF) is a free open source penetration testing solution developed by open source community and rapid7. You can download Metasploit from http://www.metasploit.com. You can use Metasploit to collect the information and scanning the system vunerability.

Metasploit offers a GUI version and command line version.

After you download the metasploit installer, you can register your name. Make sure you get the metasploit license key first to activate the metasploit, otherwise you can’t run the application.

After all complete, now we can start the installation.
Copy the metasploit installer to /opt directory.
Set the file to be executeable using chmod.
$ sudo chmod +x metasploit-latest-linux-installer.run <enter>
then type $ sudo ./metasploit-latest-linux-installer.run <enter> to run the installer.
metasploit01
Continue Reading »