Archive for the ‘Hacking’ Category

In this tutorial, I will show you how to send email via gmail server using openssl. Before you can use telnet to do it. But since Google implement TLS-encrypted connection, you can’t do that anymore unless you upgrade your telnet with ssl capability.

OpenSSL version that I use is OpenSSL 1.0.1f 6 Jan 2014. You can check your version using command openssl version -a.
darklinux@darklinux:~$ openssl version -a OpenSSL 1.0.1f 6 Jan 2014 built on: Thu Jun 11 15:26:18 UTC 2015 platform: debian-i386 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) blowfish(idx) compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector –param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,–noexecstack -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: “/usr/lib/ssl” darklinux@darklinux:~$

Before we start, I will give you a prove that we can’t use telnet to connect to gmail server.
darklinux@darklinux:~$ telnet smtp.gmail.com 587
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
220 smtp.gmail.com ESMTP p8sm40810771pfi.34 – gsmtp
250 smtp.gmail.com at your service
mail from: <taufanlinux@gmail.com>
530 5.7.0 Must issue a STARTTLS command first. p8sm40810771pfi.34 – gsmtp

darklinux@darklinux:~$ telnet smtp.gmail.com 465
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
#####FConnection closed by foreign host.

Read Full Post »

In this tutorial, I will show you to hack Ms-windows xp. It’s for training purpose only. I’m not responsible for any misused. You will learn about, grap a screenshot of the interactive desktop target, check list running processes, capturing key strokes and get contents of SAM database.

There 2 exploit modules that I will use, ms08_067_netapi and reverse_tcp.

The ms08_067_netapi exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs.

This exploit can be used also for MS windows 2000 universal and MS Windows 2003 universal, SP1 and SP2.

The reverse_tcp will inject the meterpreter server DLL via the Reflective Dll Injection payload (staged). Connect back to the attacker.

————————————————————————————————Name: MS08-067 Microsoft Server Service Relative Path Stack Corruption
Module: exploit/windows/smb/ms08_067_netapi
Platform: Windows
Privileged: Yes
License: Metasploit Framework License (BSD)
Rank: Great
Disclosed: 2008-10-28
———————————————————————————————–Name: Windows Meterpreter (Reflective Injection), Reverse TCP Stager
Module: payload/windows/meterpreter/reverse_tcp
Platform: Windows
Arch: x86
Needs Admin: No
Total size: 281
Rank: Normal


Read Full Post »

The purpose of this tutorial is for education only.
Before I start, I will explain about what is fake access point?

Access Point (AP) is a networking device that allows wireless devices to connect to a wired networking using WIFI.
Fake access point is a virtual access point that is created using an application but it acts like real access point. It is converted from our wireless device into access point. You can set a password, essid and channel on it.

What tools I need?
The tool is airbase-ng. It’s part of aircrack-ng package. So, you need to download the aircrack-ng first. Make sure you are connected to the Internet. Open your linux terminal and type:
$ sudo apt-get install aircrack-ng

Read Full Post »

Metasploit Framework (MSF) is a free open source penetration testing solution developed by open source community and rapid7. You can download Metasploit from http://www.metasploit.com. You can use Metasploit to collect the information and scanning the system vunerability.

Metasploit offers a GUI version and command line version.

After you download the metasploit installer, you can register your name. Make sure you get the metasploit license key first to activate the metasploit, otherwise you can’t run the application.

After all complete, now we can start the installation.
Copy the metasploit installer to /opt directory.
Set the file to be executeable using chmod.
$ sudo chmod +x metasploit-latest-linux-installer.run <enter>
then type $ sudo ./metasploit-latest-linux-installer.run <enter> to run the installer.

Read Full Post »