Google Hacks

Google hacks also know as Google dorks are specific keywords which can be used to dig out more details in a regular Google search query.

Now there are millions of such keywords we cannot discuss about each of these posts in a single post. So we will discuss about the most commonly used ones. 

  1. inurl: This keyword can be used to find out URL of multiple site having a certain URL query. 
  2. filetype: This keyword is used to look for specific file on the net.
  3. intitle:This keyword is used to find out URL with the specific  word in the title.
  4.  94fbr This keyword can be used to find serial keys(crack) of a software.




    For more hacks you can refer to the GHDB of exploit-db.com..



    Note:-

    we are using chrome in our demonstration for optimized results but you can eventually use any browsers as long as it connects to the Google's search engine...

     


Creating a disk image:1st step in digital forensics

A disk image is a virtual image of a storage device which functions like a actual physical drive. It is the first step in digital forensics. In other words you don't what to contaminate the evidence with your shit. This can also be used to recover a complete disk.


How to?
Windows:-
  1.  Download Winimage and install it.
  2. Run it with administrative privilege and now click OK.
  3. Now click on disk and then click on "create virtual hard disk image from physical drive".
  4. Now select your drive and click on OK and select the path of the directory in which you would like to save the disk image..

 Linux:-
  1. Open a terminal and type fdisk -l and hit enter.
  2. Now note the drive name.
  3. Now type dcfldd if=drive name of=file.dd and hit enter.
  4. Now type ls and hit enter to see if the file is created or not.  

Note:-
The file created by Winimage has .vhd extension and the file created on Kali Linux has .dd extension. Similarly if you use other programs then the extension may vary. The only thing you need to keep in mind is that you should be sure of the extensions which your forensics tool supports.

Multibootable USB: Many OS one pendrive

A multibootable USB is drive which is  programmed to  boot more than one operating system without altering the computer on which it is done.This is helpful for demonstration purpose when you cannot carry your laptop or when you are working on some critical hack and you don't want to get caught. 


What you need?
YUMI

How to?
  1. Plug in your drive. Open YUMI with administrative privileges.
  2. Now hit "I agree" for the license agreement.
  3. Now select your USB device from the drop down menu. In our case it was F and you can also select the format option if you don't remember the file system of you drive.
  4.   Now select the Linux distribution from the drop down list which you want to install on the drive. If you have the ISO and the program is unable to automatically locate it you can manually go to the folder in which you have saved it. But if you don't have the ISO then you can check the box which says "download the ISO".
  5.  Wait for it to do its thing. It will open the 7 zip or various other programs as per requirement so don't freak out.
  6.  Now it will ask you "Would you like to add more ISO/Distro Now on F:?". Hit yes and do the steps 4 and 5 again. 
  7. After you have installed all the distributions you want then you can click on finish.
  8. Now plug the drive in any computer and use your operating system.


Note:- 
  • You can only install a limited number of operating systems on a drive as each operating system has different size.
  •  And if your system has a CD drive then you might need to change the boot sequence in the bios.

Denial of service attacks:Dos attacks

Denial of service attack(DOS) is one of the most basic attack which can be done against any network. In this attack we flood the network or web server with different legitimate looking requests an the legitimate user is unable to access the service. There are various types of denial of service attack depending on the type of request used. A distributed denial of service attack is a denial of service attack in which the web server or the network is flooded by different attackers at the same time so that the network or web server crashes(party play).




How to?
There are various ways and tools to perform a denial of service attack.
  1. The most basic way to perform an denial of service attack with and windows machine is by typing in the command ping ip -t -l 19000 here -t is for delay time of the packets and -l is for the length of the packet. But this method is outdated and hence the magnitude required to crash is very high. You can consider this as the method your grandfather will use to attack the networks which are of his age and are still being used without any alterations. 
  2. The second way to attack is by using the famous LOIC. Low Orbit Ion Cannon is an open source stress testing tool which has a GUI. It is easy to use as you only need to set the URL or ip and then hit lock on then you can change the settings as per your requirements and then just hit fire. This tool is available in both windows as well as android. According to some rumors the famous hacktivist group "Anonymous" use this tool in most of their attacks.
  3. There are various tools in Kali Linux to perform such attacks but the best way is by using the command flood_router6 interface where interface can be eth0 or any other interface if your target is using an windows regular or server version lower than 8. We haven't tested this on higher versions so we don't know how it may react against this attack.
  4. To attack a router with a SYN dos attack you can use the tool present in msfconsole. Just type use auxiliary/dos/tcp/synflood. Now type set rhost ip to set the ip of the host machine. At the end type exploit to start the exploitation.



Note:- 
These attacks can be easily detected by intrusion detection system which might block the specific port or alert the system admin.  This attack is often exaggerated by the media but is very weak against large setups.