Wednesday, 31 July 2013

Forensic Analysis Of Windows Processes Using Process Hacker Tool

process monitoring tool

ProcessHacker is a free, powerful, multi-purpose tool that helps you monitor system resources,
debug software and detect malware.
Forensically for system rouge processes, rootkits, malwares etc., process hacker is a good tool. You can manually check how processes are behaving and how much resources are being consumed by them. Its main features are listed below.

Features:
  • A detailed overview of system activity with highlighting.
  • Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
  • Discover which processes are using which files.
  • See which programs have active network connections, and close them if necessary.
  • And lot of other features that may help you in manual forensics. 
For Further Details visit Process Hacker Offical Site
Download :Process Hacker

Identify Password Hashes Using Python Hash Identifier Tool

hash identifier

Password hacking or password exploitation is itself a big field to investigate and in this field we need to get our self familiarize with password hashes to get a better understanding of exploitation.

Hash identifier is a tool to identify the different types of hashes used to encrypt data and especially passwords.
This is built-in tool in backtrack but other OS users can download it too from the following link.

Download: Hash Identifier

Linux User: can download and use this tool directly without any dependencies problem.
Windows Users: need to install the Python Interpreter before using this tool.

Download: Python Interpreter

How To Anonymize Yourself On Windows Using OpenVPN


There are a lot of free VPN service tools available for windows i.e. CyberGhost VPN, HotSpot Shield etc. But what if you want to connect to your custom VPN service provider?? What if we want to connect to our own created VPN server??
Well in such situations, those free VPN installers are of no use to you.You need some other solution.
OpenVPN is an OpenSource server client tool for VPN solutions.
In this tutorial, i will show you how to use OpenVPN client tool to connect to free VPN services available online.So, here we start.

1- Download and install OpenVPN Client from Here
2- After successful installation, an icon with name "Securepoint SSL VPN" will appear on your desktop.Start this client tool.It will look like as showed in pic below.
openvpn_client

Tuesday, 30 July 2013

Pyloris Application Layer DOS Attack Tool


Pyloris is an inspired python implitmentation of slowloris tool which was written in Perl.
PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

Download Pyloris

Slowloris Low Bandwidth Effective DOS Attack Tool


In considering the ramifications of a slow denial of service attack against particular services, rather than flooding networks, a concept emerged that would allow a single machine to take down another machine's web server with minimal bandwidth and side effects on unrelated services and ports. The ideal situation for many denial of service attacks is where all other services remain intact but the webserver itself is completely inaccessible. Slowloris was born from this concept, and is therefore relatively very stealthy compared to most flooding tools.

Slowloris holds connections open by sending partial HTTP requests. It continues to send subsequent headers at regular intervals to keep the sockets from closing. In this way webservers can be quickly tied up. In particular, servers that have threading will tend to be vulnerable, by virtue of the fact that they attempt to limit the amount of threading they'll allow. Slowloris must wait for all the sockets to become available before it's successful at consuming them, so if it's a high traffic website, it may take a while for the site to free up it's sockets. So while you may be unable to see the website from your vantage point, others may still be able to see it until all sockets are freed by them and consumed by Slowloris. This is because other users of the system must finish their requests before the sockets become available for Slowloris to consume. If others re-initiate their connections in that brief time-period they'll still be able to see the site. So it's a bit of a race condition, but one that Slowloris will eventually always win - and sooner than later.

NOTE:This will can't use its full strength in Windows environment because of limitation of sockets.
HIGHLY RECOMMENDED FOR UNIX OS 
For UNIX Download: slowloris.pl or slowloris6.pl (IPv6 version)
For Windows: slowloris_gui
Further Details: Slow Loris Official Site

OWASP HTTP GET/POST DOS Attack Tool


This tool allows you to test your web applications to test availability concerns from Layer7 DoS HTTP GET and HTTP POST denial of service attacks.

Slow HTTP attack was covered in the OWASP AppSec DC presentation by Wong Onn Chee and Tom Brennan. In this attack type a client completes the request headers phase however it sends the request body (post payload) very slowly (e.g. - 1 byte/110sec).  When you consider that, by default, Apache will accept a request body of up to 2GB in size, you can can see how effective this attack can be.


Download Here
NOTE:At the moment, its available for windows platform only.

Monday, 29 July 2013

How To Hack Android Devices Using Metasploit's Android Meterpreter Payload


Metasploit has released android meterpreter too for exploitatioan so in this tutorial i will show you that how to use an android meterpreter payload to hack into an android device.
Android meterpreter at the moment isn't quite powerful but still its cool enough to pwn someone :)

So lets start ..!!

Step 1-
First thing you need to do is to update your metasploit.So lets do it using the following command.

sudo msfupdate
Upper command will update your metasploit and now you will have all latest exploits of metasploit including android/meterpreter/reverse_tcp and android/shell/reverse_tcp.

How To Install Android 4.3 Jelly Bean On PC

This is a tutorial on android-4.3 Jelly Bean installation on x86 architecture machines.
So here i will show you how to install android-4.3 jelly bean on our virtual machine.

Tools Required:
  • VMWare Workstation
  • Android-4.3 x86 ISO Image

Download android-4.3 iso from the following link and follow my tutorial 

Android-4.3 Download Link:
http://code.google.com/p/android-x86/downloads/list

Watch On Vimeo: 
https://vimeo.com/71238881

Sunday, 28 July 2013

Top 10 Hacking Add-ons Of Mozilla Firefox

Mozilla Firefox is not only a internet browsing tool but it is a fully armed hacking environment too. Hackers and security experts love to use this browser for penetration testing and vulnerability exploitation purpose.

HackBar: is like a toolbar but it comes very handy while testing for web vulnerabilities like SQL, XSS etc. Loading,Splitting and Execution of URL can be done using this toolbar. When testing for SQL and XSS vulnerabilities the codes/queries can be injected into the URL quickly using this toolbar. Features like encoding and encryption also come handy in many situations. Toolbar consists of many inbuilt string too.
Install it.

GCC Compilers For Windows (Compile Your Code/Exploits Using Windows CMD)


GCC can be installed in windows environment using following two methods.
  • Cygwin
  • MinGW /MinGW Drived Third Party Tools

Cygwin:

If you will install it using Cygwin, then it will install a terminal of Cygwin where you can use your GCC compiler and other linux environment stuff. Cygwin is available in a standalone installer which can be downloaded and installed easily from the following link.
Download and installation instruction are available on the very same same download link.

Download Link: http://cygwin.com/install.html

Note: GCC installed through Cygwin will be available in Cygwin terminal only.You can't use it in Windows CMD environment.If you want to install it for Windows CMD then try MinGW.

Saturday, 27 July 2013

How To Install OWASP Joomla Vulnerability Scanner In Windows

OWASP is a largest contributor in web security tools.This scanner can scan joomla websites for all potential vulnerabilities, exploits and 0days. In this tutorial, i will show you how to install OWASP joomla vulnerability scanner in windows environment.
We can't use this scanner directly in windows environment because of some perl missing CPAN modules.So, Follow me step by step and we will make it happen.

1-  Perl interpreter is available in two famous flavors which are Strawberry Perl and Active Perl .In this tutorial i am using Active Perl.So, I would recommend you all to use it too.
Download Link: http://www.activestate.com/activeperl/downloads

How to install weevely web-backdoor tool on Windows

Weevely is a stealth PHP web shell that provides a telnet or netcat type console and let you execute command remotely.
It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. It is a built-in tool in backtrack 5 and easy to install and use in linux but in this tutorial i will show you how to use this tool on Windows Platform.

So follow me step by step:

Thursday, 25 July 2013

Direct Shell uploading with SQLMAP tool using SQL queries

shell uploading with sqlmap

In our previous tutorial, we uploaded a shell a website using SQL queries manually. Well, now in this tutorial i will show you how to upload shell on an SQL vulnerable website using SQLMAP tool.

This tutorial is by my close friend Soldier Of God. Enjoy this tutorial and feel free to ask if u feel any trouble while following.

Wednesday, 24 July 2013

Java Applet Attack on WAN with Metasploit and ZTE Router

java applet attack on internet with Metasploit

Hi everyone ..!!
You must have seen a lot of video tutorials on Metasploit usage inside LAN or Wifi networks but have you seen any video demonstrating metasploit usage over WAN (Internet) network.Well, here in this tutorial i will show you how to perform a Java Applet Attack using Metasploit over WAN network or Internet.


So to perform this attack we need the following apps and gadgets:
  • Metasploit Framework 

  • Router to forward ports 

HOW TO UPLOAD SHELL DIRECTLY THROUGH SQL INJECTION

direct shell uploading with SQL injection queries
  
First of all find a website which is vulnerable to sql injection. You can find websites by dorks or manually like i have found this.
You need 2 main things:
  1. Root Path of the website 
  2. A Writable Directory
Most of the time, you will see root path in SQL error of that site.Like the following one.

How to Upload Shell Using FireFox add-on Tamper Data


firefox addon Temper Data
Shell uploading is a Hell like thing for beginners so here i m writing this tutorial for beginners to upload shell through Temper Data adon of Mozilla FireFox.

When to Use Temper Data:

Some websites don't allow uploading files other than images so in such a situation shell uploading is a problem because we can't upload any php or asp shell file.So we can upload shell by tempering HTTP headers.
Requirements:
  • Mozilla Firef0x
  • Tampe Data add-on
Temper Data: https://addons.mozilla.org/en-US/firefox/addon/tamper-data/
Mozilla FireFox: http://www.mozilla.org/en-US/firefox/new/ 

Hacking a website with SQL Injection Explained for Beginners

hacking and defacing a site with SQL injection

In this tutorial following 3 things are covered.
  • Getting Admin Panel's Credentials of WEBSITE THROUGH SQL INJECTION
  • UPLOADING SHELL
  • DEFACE/HACK IT

Step 1:

Find an SQL vulnerable site !

To find such a site we will use google dorks.Google dorks are searching queries with which we can do advance search using google search engine.
type following query in google
inurl:news.php?nws=

Hacking Windows 7 using Java JMX Applet & DNS spoofing attack in LAN with Metasploit & Ettercap

jmx java applet attack using metasploit and dns spoofing in LAN network

In this tutorial, i will show you power of DNS Spoofing attack in LAN network.
LAN and Wifi networks can be easily compromised with MITM (Man in the middle attack) and DNS Spoofing attacks. In this tutorial, i will show you how to use dns spoofing attack to control HTTP traffic of LAN networks.
Here I am using java jmx applet which is vulnerable to remote code execution and using this exploit i easily bypassed my latest Fully updated Comodo Internet Security 2013.

We have following scenario here:
Attack Machine: Backtrack 5 R3
Victim Machine:
Window 7 with Updated Comodo Internet Security 2013
Network:  LAN

Exploit reference:
http://www.exploit-db.com/exploits/24539/




Proper way of vulnerability exploitation with Metasploit and Nessus - Part 2


Hi everyone..!!
In my last tutorial Proper way of vulnerability exploitation with Metasploit and Nessus - Part 1, i covered installation of NESSUS vulnerability scanner on backtrack. Now in this tutorial, we will scan our LAN network for targets with Nmap scanner and will scan those alive IPs for vulnerabilities using NESSUS scanner and in the end we will ultimately exploit those vulnerable machines using Metasploit exploitation framework.

I m looking forward to your feedback.

Proper way of vulnerability exploitation with Metasploit and Nessus - Part 1


Hi everyone ..!!
In this tutorial i will show you proper way of vulnerability exploitation in LAN network with Nessus (vulnerability scanner ) and Metasploit ( exploitation framework).

Three major tools discussed in this tutorial are
1- Nmap
2- Nessus Vulnerability Scanner
3- Metasploit Framework

All these tools can be downloaded on your linux or windows OS and can be used accordingly. But as my tutorial is for beginners so i m using Backtrack 5R3 which is an awesome Penetration Testing OS with built-in hundred of tools (I would recommend using Backtrack to all beginners because at beginner level you shouldn't have to download/install and configure these tools).
This tutorial is quite noob friendly and i tried to cover each and every step in it.If you still have problems, you may ask in comments.I am looking forward to your feedback.