How to do Post exploitation with metasploit

Tweet

How to do Post exploitation with metasploit

Hey guys , how u been. this is a requested tutorial .
I made a tutorial before some days on how to hack a computer with metasploit . In this video i explained what else interesting things you can do after you break-in or in other words POST EXPLOITATION Techniques .
Hope you guys enjoy it .
There are some really cool things in the video ;-)

VIDEO

Guys plz comment and share and like .... thanks
Stay Tuned !!!!

SUBSCRIBE TO MY CHANNEL FOLKS :)


Copyright © 2012. All rights reserved by “Kumar Sourav"

Read More

BackTrack 5: Using Metasploit to Hack computers

Tweet

BackTrack 5 : using Metasploit

Hey guys , how u been. Long time since i posted . anyway m back with new tutorials :)
some day ago smarty ujjwal suggested me that i should make videos with explanation by myself instead of putting songs . So thanks to ujjwal and here i am with my first video on how to hack PC on your LAN with metasploit.   Although i used xp cause this is for education purpose. Anyway , you'll the idea on how to use metasploit.


 i dont want you guys to be a script kiddie and use watever u see , i want you to do a little research and make a better hacker :)

Video

Guys plz comment and share and like .... thanks
Stay Tuned !!!!

SUBSCRIBE TO MY CHANNEL FOLKS :)


Copyright © 2012. All rights reserved by “Kumar Sourav" & "xeo hacker" 

Read More

Setup a LAN on your virtual box with video

Tweet

LAN on your PC

hey guys how u been ? hope everything's fine.

anyway what if you want to experiment or check some attacks and you dont have 2 computers ... well you can use virtual box to setup a lan there :D
its great. give it a try :)

VIDEO

guys like and subscribe the videos plz !

command used

ifconfig eth0 192.168.1.2 netmask 255.255.255.0

Guys plz comment and share and like .... thanks
Stay Tuned !!!!



Copyright © 2011. All rights reserved by “Kumar Sourav" & "xeo hacker"

Read More

Hack your desired PC on LAN

Tweet

As I have told in my previous post Simple Commands for LAN Hacking for Beginners that these days I am working on LAN Hacking so guys here is my new post in this respect .Hope you guys love it .Dont forget to Change your IP Address if you want to remain safe but its not compulsary.Through this technique you will be able to hack your desired PC on LAN .

This technique will be taking advantage of Port 139.Most of the time,Port 139 will be opened.But if unfortunately your victim's Port 139 is filtered or closed then you can't hack him by this method .So guys follow these steps carefully and at the end you will be able to hack Lan computers.

NOTE : All the tools used in this tutorial have already been sent to all the Email subscribers to their emails,but if someone didn't got it then post your email in the comments and if we find that email in subscription list we will send you all the tools.

Steps to Follow

• First of all,I will do a port scanning at the target computer which is 192.168.40.128.This computer is inside my LAN network. 
• Scan it using Nmap, this is actually for checking either its port is opened or closed.

• I get the result and it shows Port 139 is opened up for me. 
• Now we will need both of these tools:

1. USER2SID & SID2USER
2. NetBios Auditing Tool
   

• I have already sent these tools to all the Email Subscribers.
• After you get both of them,put them in the C: directory.

• Now you need to create a null session to the target computer.For this open cmd prompt and write this below command as it is as shown in image below :

Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER. 
We will first using USER2SID to get the ID.Just follow all the codes same as shown in below image ,just replace the IP Address of victim

• We will test against the Guest account because Guest account is a built in account. 
• After we get the ID,we need to do some modification on the ID.
• We take the ID we get from the guest account and modified it become "5 21 861567501 1383384898 839522115 500".
• Please leave out the S-1-,leave out all the - too.

• Now you will see that you get the username of the Administrator account.
• In this case,the Administrator account is Administrator.

MAIN PART

• Now we are going to crack the Administrator account for the password in order to access to the target computer. 
• First of all,extract the NetBios Auditing Tool in C directory, which you have received in your email.
• Now open cmd prompt and write the below code as it is :

• Press on enter and the tool will run and finally you will crack the password.

• In this case,I have get the password. 
• In order to proof that I can get access to the target computer using this password.

• After you press enter,it will prompt you for the username and password.

• Therefore,just input them inside the prompt and continue.

• Target C drive will be on your screen.You are done ....

Prevention

• In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 13.

Read More

Change your IP in less than 30 seconds

Tweet

The following is a guide on how to change your IP in 30 seconds or less. This can be used if your IP has been banned from a game server, or on gunbound if your IP get's blocked. I've tried this on both Windows XP and Windows 2000, and it has worked :

• Click on "Start" in the bottom left hand corner of screen.
•  Click on "Run"
• Type in "command" and hit ok.
• You should now be at an MSDOS prompt screen.
• Type "ipconfig /release" just like that, and hit "enter"
• Type "exit" and leave the prompt
• Right-click on "Network Places" or "My Network Places" on your desktop.
• Click on "properties"

NOTE : You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

• Right click on "Local Area Connection" and click "properties" 
• Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
• Click on "Use the following IP address" under the "General" tab
• Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
• Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
• Hit the "Ok" button here
• Hit the "Ok" button again

NOTE : You should now be back to the "Local Area Connection" screen.

• Right-click back on "Local Area Connection" and go to properties again. 
• Go back to the "TCP/IP" settings
• This time, select "Obtain an IP address automatically"
• Hit "Ok"
• Hit "Ok" again
• You now have a new IP address

NOTE : This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back.

Read More

Simple Commands for LAN Hacking for beginners

Tweet

I am sure many guys know all these commands.I am just gonna start on LAN Hacking so I am starting from basics.These commands are for beginners.These commands will run on CMD prompt.



 

• First of all, open your Network Connection.
• Now right click and select Properties. 
• Then Select TCP/IP and click on Properties again. 
• Click on Advanced and WINS tab. 
• Here select Default for NeBIOS.
• Now come back to the main window named Local Area Connection.
• Now select File and Print Sharing for Microsoft Networks and hit enter.

NOTE : This is just to make sure you have NetBIOS enabled. We will have some fun with NetBIOS on CMD.

First thing you need to know is some very helpfull commands to use on CMD(Command Prompt).
In case you don’t know how to get CMD open in your box, then click on Start, then Run, then type “cmd”.

Codes

• nslookup
• net view
• net use
• net user
• ping
• tracert
• arp
• route
• nbtstat
• netstat
• ipconfig

In case you don’t know some of them, then just type the command on CMD and hit enter. A little help will show up in your screen. Read it and understand what the command does.

1) Ping

• This command will allow you to know if the host you pinging is alive, which means if it is up at the time of executing the “ping” command.

CODE :

• ping x.x.x.x (x is the IP address).
• ping www.whatever.com (www.whatever.com is the website you want to ping, but you don’t know the IP)

NOTE : Keep in mind that if the host you pinging is blocking ICMP packets, then the result will be host down.

2) Nslookup

• This command is mostly for resolving DNS into IP.

Lets say you know the website URL but you don’t know its IP(and you want to find out).
nslookup www.whatever.com (www.whatever.com is the website you want to find out the IP)
Now, another really nice function of nslookup is to find out IP of specific Mail Severs.

CODE :

• nslookup (enter)
• set type=mx (enter)
• yahoo.com

This command will give you the mail server IP of yahoo.com. You can use whatever server you want and if it is listed on DNS, then you get the IP.

• Now why would you want to have an IP of a mail server?
• To send spoofed mail to your friends or even for SE.
• In case you looking for “How to spoof email”, then look for my “How to spoof email tutorial” http://www.infowar.com/forums/showthread.p…p;threadid=2360

3) Tracert

This command will give you the hops that a packet will travel to reach its final destination.
OBS: This command is good to know the route a packet takes before it goes to the target box.

CODE :

• tracert x.x.x.x (x is the IP address)
• tracert www.whatever.com (www.whatever.com is the website you don’t know the IP)

4) Arp

This command will show you the arp table. This is good to know if someone is doing arp poisoning in your LAN.

CODE :

arp -a

• Route 

This command will show you the routing table, gateway, interface and metric.

CODE :

• route print

5) Ipconfig

This command will show tons of very helpful things.Your IP, gateway, dns in use.

CODE :

• ipconfig
• ipconfig /all

This command will give all that info but for all networks you might have it.Also, in case you have a dynamic IP and want to change it, then type.

• ipconfig /release (this will release your IP)
• ipconfig /renew (this will renew your iP)

NOTE : Keep in mind that those commands will change your IP, but the new IP will still be tighed up to you. So don’t do anything stupid.

6) Netstat

This command will show you connection to your box.

CODE :

• netstat
• netstat -a (this will show you all the listening ports and connection with DNS names)
• netstat -n (this will show you all the open connection with IP addresses)
• netstat -an (this will combined both of the above)

7) Nbtstat

This command will show you the netbios name of the target box.

CODE :

• nbtstat -A x.x.x.x (x is the IP address)
• nbtstat -a computername
• net view x.x.x.x or computername (will list the available sharing folders on the target box)
• net use \ipaddressipc$ “” /user:administrator (this command will allow you to connect to the target box as administrator)
• Now if you want to connect to the target box and browse the entire C drive, then use this command: net use K: \computernameC$ (this will create a virtual drive on your “my computer” folder)

NOTE : Keep in mind that this will only works if the target box doesn’t have an administrator password set.

And least but not last, the “help” command.

• whatevercommand /help
• whatevercommand /?

This command will help you to understand what it does and all the switchs available for each command.
Very useful if you know the command, but forgot the right switch.

Read More

Side Jacking - Hack accounts on LAN or Wifi

Tweet

Side jacking is the process of sniffing cookie information, then use these cookies against websites toget into the victim’s session. We use the term “sidejacking” to distinguish it from man-in-the-middle hijacking as in case of Cain and Abel. In Side jacking,the victim continues to use his/her session blissfully and he remains unaware of it that we are also in his/her account.  

In this tutorial , I will explain the process of side jacking using some tools while the main tools are : 

• Hamster 
• Ferret     

NOTE : Although signs such as additional e-mails in the ‘sent’ folders might give a clue.

Contents

• Preparations
• Starting Up
• Using the console

Side Jacking with Hamster and Ferret

Hamster is our wizard.So we will start capturing the cookie and then using them to get into the victim's session. So starting with Hamster :

Part A : Preparations to Set UP for Attack

• Download Hamster and Ferret tools.
• These are command line tools means we can make them work using some instructions on command prompt ,but those who are afraid of command line, dont worry, u wont have to do much.
• Unzip these into a directory which you can access easily e.g. C:\side-jacking

Note : There is one major problem with the Intel® PRO/Wireless 2200BG and some other intel adapters: it doesn’t do promiscuous mode. This means that unlike most other wifi adapters, you can’t use it for sidejacking. To get around this, you would need to buy a cheap USB wifi adapter (usually 1000 rs)

• First of all to make sure that you’re at browser’s proxy to Hamster, which will be on port 3128. 
• I will strongly recommend that DON’T use your normal browser, because Hamster will totally screws up the cookies in the browser. So must take the following three precautions ,which i took while using it :

1. I used Internet Explorer for side jacking, as Firefox is my default browser
2. Secondly I created a second account called “hamster” in my computer, and did the whole task from that account and then I deleted it.
3. Next I used the alternate “profile” feature of Firefox to have two profiles running at the same time to feel easy.

I think you didn't get the third step, okay I am gonna explain it:

• Firefox allows two profiles to be running at the same time. You can easily launch them from the command line as follows:

• You will have to use these at c:\Program Files\Mozilla Firefox\ 
• After using these commands, the following screen will popup

• Click on create profile, give any name.. Next time u start Mozilla use that one for hamster. 
• Now open your created profile in Firefox, go to the Tools / Options. Select the Advanced Tab and open Network Tab under it. 
• Now Under connections click on settings. Now set up as following:

Set your proxy as shown and click ok.  

Part B. Starting Up

• Now we have to run Ferret,so open command prompt 

NOTE : I will recommend to do Side Jacking In administrator mode.

• Now goto ferret directory (C:\side-jacking) and type ferret-W.

• Now choose your WiFi or LAN interface (u can try using the company names or try again) 
• Now in command prompt type ferret.exe –i to start sniffing cookies e.g ferret -i 4 

NOTE : You might also want to capture packets at the same time: ferret.exe –i 4 sniffer.mode=most sniffer.directory=\pcaps

• The advantage of sniffing packets at the same time is that you can later replay them through Ferret in order to generate a hamster.txt. The cookies last for a long time. 
• To run a packet capture, do something like: ferret -r \pcaps\sniff-2007-08-04-eth.pcap 
• Open another command prompt without closing the previous one ( Run as Administrator necessary) 
• Go to hamster directory(C:\side-jacking)
• Now type 'hamster' and enter to start hamster proxy. 
• Now if you have already done the browser configuration as above move on to next part else set the browser proxy to 127.0.0.1 port 3128. 

Part C. Using it!!

• Open your configure browser and go to http://hamster/ remember don't put . com or www in the name.

NOTE : If you get server not found, you didnt set proxy correctly or you didnt start hamster in cmd.

• If you are doing everything correctly, you will get this :

• As Ferret is running in the background, it will be updating this list. You’ll need to manually refresh it to see if any information has been added. 
• In the right-hand window, you’ll get a list of targets. Most targets will have just the IP address. Some will have additional identifying information that Ferret finds. 
• This identifying information is only names associated with the IP address, it’s not cookie information.
• When you click on an IP address, you “clone” it. At this point, all the cookie are set for that IP address. 

Keep in Mind – A lot of problems people have is because they set the current IP address to something else, thereby erasing the cookies of a site they want to access.

• Cloning an IP address by clicking on it will cause the window to the left to be filled in, as in the following example:

• You have three options here. 

1. You can view the raw cookies for this IP address (discussed below). 
2. You can click on a URL that has a HIGHER probability of being Sidejacked. 
3. Or you can choose from the URLs below, which have a lower probability of being Sidejacked.

•  At this point, just click the URL. For example, I clicked on the http://slashdot.org URL in the above example, and the following window popped up:

• The name “side jacking” in the mid-left of that screenshot is because I created a test account with the username of “side jacking”. This shows how I’ve successfully cloned the cookies to get to that Slashdot account. 
• And here is the Facebook account:

FootNotes:

• When things work well, its point-and-click. They don’t always work well. 
• The first thing that sucks is you have to figure out which interface to sniff on and make sure that you have a proper wifi adapter. 
• I recommend downloading Wireshark and make sure that you’ve got the packet sniffing working with that product before you start Ferret.For more help on Wireshark read How to Bypass Firewall using Wireshark .
• Both Ferret and Hamster will crash or hang. You’ll be restarting the programs a lot. Right now, Ferret overwrites ‘hamster.txt’ every time it restarts, so if you’ve got a good session, make copies of it (or log to sniffer files, and recreate it).
• The Hamster proxy is really slow. You’ll click on a link and have to wait patiently sometimes. Check the Hamster console window in order to see what’s going on.
• Cloning sites is finicky. Sometimes you have to choose the right URL from the list, and choosing the wrong URL will cause the server to reset the cookies, locking you (and the original person) out from the account until a re-login. It takes practice to figure out what you can, and cannot, clone. 
• Finally, when the original session cookies expire, you can’t clone them. This is rarely a problem in a live environment, but if you work from capture files, it becomes more difficult.

That is all you gotta know... Now u can try messing up your WiFi or LAN network, also works in some broadbands and internet connections.Comments and queries are welcome.
Thanks!

Credits : Hamster Creator himself  (I used his Help file along with my editing).....

Read More

BACKTRACK 5 : The credential harvester attack with video

Tweet

BACKTRACK : The credential harvester attack

Hey guys .. how u been ? so enjoying . huh ?? well m back with another Backtrack post . Its called credential harvester attack . By this u can get id and passwords of any user in ur lan u want.
Follow these steps:

Starting SET

Well in Backtrack there is an awesome tool called SET (Social Engineering Toolkit).

• To start this toolkit login as root by issuing command sudo su .

• Then issue following command:
  cd /pentest/exploits/set .
• Now u are in SET directory , again following command and hit enter: ./set.

Now you are in that tool kit.

Using SET

In SET you can navigate through your number pad . To navigate press corresponding keys. OK now about The credential harvester attack .... follow these steps and u can refer to pics also.

• Select option no. 1 which says Social Engg toolkit .. if your SET is updated or select credential harvester method directly
• now select option no. 2 again which says Website Attack Vectors (for updated SET).
• Select option 3 which says Credential Harvester Attack Method.
• Now select any of options .. for now select option 1 which says Web Templates.
• Now select any of the templates , i used gmail .

Now it may ask for your interface address , put your lan ip there ... in my case it was 192.168.1.1

Final Step

Now give your ip to anyone in your LAN and somehow make them open it .. (that depends on you..lot of ways are there).

Now you will get every entry that person does in that attack.

Video For Backtrack 5

Feel free to ask doubts.

Guys plz comment and share and like .... thanks
Stay Tuned !!!!



Copyright © 2011. All rights reserved by “Kumar Sourav" & "xeo hacker"

Read More