Skip to main content

Posts

Showing posts from June, 2017

Download mp3 ,pdf ,zip or rar with google dork

Ever wondered how to hack Google for free music or eBooks. Well, here is a way to do that. To download free music, just enter the following query on Google search box and hit enter. ?intitle:index.of?mp3 eminem Now, you’ll gain access to the whole index of Eminem album where in you can download the songs of your choice. Instead of eminem you can substitute the name of your favorite album. To search for the eBooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3” with “pdf” or “zip” or “rar”. I hope you enjoy using Google for hacking stuffs on the Internet. If you’ve liked this post, please pass your comments. Cheers!

Kali Linux Cheat Sheet for Penetration Testers by rock star devil

Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Kali Linux Cheat Sheet for Penetration testers is a high level overview for typical penetration testing environment ranging from nmap, sqlmap, ipv4, enumeration, fingerprinting etc. Always view man pages if you are in doubt or the commands are not working as outlined here (can be OS based, version based  changes etc.) for the operating system you are using (such as BlackBox, Black Ubuntu, ParrotSec OS, Debian, Ubuntu etc.). I’ve also referenced some guides that I found useful in different sections and it might come in handy. Recon and Enumeration NMAP Commands Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedu...

Search exploits in metasploit

Metasploit was created by H. D. Moore in 2003 as a portable network tool using Perl. By 2007, the Metasploit Framework had been completely rewritten in Ruby. On October 21, 2009, the Metasploit Project announced that it had been acquired by Rapid7, a security company that provides unified vulnerability management solutions. Metasploit’s emerging position as the de facto exploit development framework led to the release of software vulnerability advisories often accompanied by a third party Metasploit exploit module that highlights the exploitability, risk and remediation of that particular bug. Metasploit 3.0 began to include fuzzing tools, used to discover software vulnerabilities, rather than just exploits for known bugs. This avenue can be seen with the integration of the lorcon wireless (802.11) toolset into Metasploit 3.0 in November 2006. Metasploit 4.0 was released in August 2011. In this guide we will look into the most important part of using Metasploit, how to s...

Cracking password in Kali Linux using John the Ripper

John the Ripper is a free password cracking software tool. Initially developed for the Unix operating system, it now runs on fifteen different platforms (eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing and breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix versions (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others. Cracking password in Kali Linux using John the Ripper is very straight forward. In this post, I will demonstrate that. John the Ripper is different from tools like Hydra. Hydra...

How to add remove user (standard user/non-root) in Kali Linux

This guide will walk you through on how to add remove user (standard user or non-root user) in Kali Linux. I’ve tested this in Kali Linux , so any Debian or Debian derivative (such as Ubuntu ) should just work. This guide accomplishes: The main reason I wanted to try this to demonstrate the followings: Add a user with all user directories already in place (thereby avoiding “Could not update .ICEauthority var/lib/gdm3/.ICEauthority” or any error containing .ICEauthority or permission in general. Add user to sudo group to allow him to use root commands. You can also add user to ‘lpadmin’ group to allow printing for Canon or HP and such. Change default shell from chsh to bash. Or any shell like Bourne Shell ( sh ), Bourne-Again Shell ( bash ), C Shell ( csh ) or Korn shell ( ksh ) etc. Login as that user and demonstrate there were no errors . Be able to use sudo and show groups affinity. Delete that user safely. Benefits of Standard User in Kali: Few benefit...

Crack passwords in Kali Linux with Hydra

For years, experts have warned about the risks of relying on weak passwords to restrict access to data, and this is still a problem. A rule of thumb for passwords is the longer, the better. In this guide I will use FTP as a target service and will show how to crack passwords in Kali Linux with Hydra. There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallelized connects. We’ve previously covered password cracking using John the Ripper , Wireshark , NMAP and MiTM . Hydra can be used and compiled cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and OSX. Currently THC Hydra tool supports the following protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNT...

Router Hack – How to hack ADSL router using NMAP

Asynchronous digital subscriber line (DSL or ADSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connectivity to the Internet, which is often called DSL or ADSL broadband. In this guide I will show you show you how to scan IP range for connected ADSL or DSL modem routers and find DSL ADSL router hack remotely. This guide applies to Windows, Linux or Mac, so it doesn’t matter what’s your Operating system is, you can try the same steps from all these operating systems. The term DSL or ADSL modem is technically used to describe a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot. The more common DSL or ADSL router which combines the function of a DSL or ADSL modem and a home router, is a standalone device which can be connected to multiple computers through multiple Ethernet ports or an integral wireless access point. Also called a residentia...

Website Password hacking using WireShark

ets try this on a simple website. I will hide part of the website name (just for the fact that they are nice people and I respect their privacy.). For the sake of this guide, I will just show everything done on a single machine. As for you, try it between two VirtualBox/VMWare/Physical machines. p.s. Note that some routers doesn’t broadcast traffic, so it might fail for those particular ones. Step 1: Start Wireshark and capture traffic In Kali Linux you can start Wireshark by going to Application > Kali Linux > Top 10 Security Tools > Wireshark In Wireshark go to Capture > Interface and tick the interface that applies to you. In my case, I am using a Wireless USB card, so I’ve selected wlan0 . Ideally you could just press Start button here and Wireshark will start capturing traffic. In case you missed this, you can always capture traffic by going back to Capture > Interface > Start Step 2: Filter captured traffic for POST data At this point Wires...

Nmap: DNS (part-19)

Force Reverse DNS Resolution The -R parameter instructs Nmap to always perform reverse DNS resolution on the target IP address. Usage syntax: nmap -R [target] # nmap -R 64.13.134.52 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-13 17:22 Central Daylight Time Interesting ports on scanme.nmap.org (64.13.134.52): Not shown: 993 filtered ports PORT STATE 25/tcp closed smtp SERVICE 53/tcp open 70/tcp closed gopher 80/tcp open 110/tcp closed pop3 113/tcp closed auth domain http 31337/tcp closed Elite Nmap done: 1 IP address (1 host up) scanned in 9.38 seconds Output of a Nmap scan with reverse DNS enabled By default, Nmap will only do reverse DNS for hosts that appear to be online. The -R option is useful when performing reconnaissance on a block of IP addresses as Nmap will try to resolve the reverse DNS information of every IP address. The reverse DNS information can reveal interesting information about the target IP address (even if it is offline or blocking Nmap...