Posts

MAC Address Spoofing

Image
MAC Address Media Access Control (MAC) address is a unique identifier or a serial number assigned to a network interface. This unique identifier is used in the Media Access Control protocol. It is hard coded in the read only memory of your NIC (network interface card). MAC addresses are used for routing packets between physical devices (i.e. network interface cards) on networks. Most important thing is that no two NIC card in the world can have same MAC address. MAC Spoofing MAC Spoofing is the way of changing the MAC address of a NIC on a network. By using MAC Spoofing, you will never by pass server access control list. It is only used to hide your identity on the network and it allows network devices to impersonate another network device. In IP Spoofing, response came to the original MAC Address Spoofing With SMAC SMAC is a nice tool that can help you in spoofing MAC address of your NIC. This tool is available for Windows and works on Windows VISTA, XP, 2003, and 2000 sy

Create your own Trojan horse virus

Image
Here i am going to describe a tool name ProRAT which is used to create Trojan virus. First of all you need to download ProRAT from this link   Download You will also get a tutorial with this setup so there's no need to explain more. Now run the ProRAT. we will create a server, which you will send to the victim. Click "Create", and a window will pop up. Then choose the way how you want to be notified, and fill in the necessary details. If you want to use Pro-connective, then tick the appropriate box. Now, click on the general settings tab, and choose a name for your victim, and make a password for your server. Tick whatever boxes you want. If you wish to bind with a file, then click on that tab. The last two tabs will allow you to choose an icon and a sever Extension. Now, Click the create server button. Now your server is ready. Now we have to send this server to the victim, and get their ip. Once you have done this, and victim has got the server, go on to the c

Packet Sniffer for Android phones

Image
This is a nice app to capture and display WiFi and bluetooth traffic on Android phones. But for using this app, you have to root your phone and have "su" command install. This app is based on the tcpdump package therefor it have to be installed manually. 1. Download and Install PacketSniffer App from the market or from the following link. 2. Copy the precompiled TCPDUMP file to the "/data"  library on your phone:                  first make sure your "/data" library has READ and WRITE privileges. if not use:  "chmod 777 data"               in order to copy use the following command if you have ADB :"adb push c:\locationOfTheTcpdumpFile /data"             in case you don't have ADB you can copy the tcpdump file to the SD card and do:  "cat /sdcard/tcpdump > /data/tcpdump  3. Give the tcpdump file Read Write and Exec privileges :    "chmod 777 /data/tcpdump" Before you start to capture you can pick weat

Man In the Middle (MITM) method

Image
Man in the middle attack is a type of attack in which the attacker intercept into the existing connection and breaks it in two different connections, one between the client and the attacker and the other between the attacker and the server. Now all the data would go through the attacker and he would be able to read, modify and insert data in the communication. Man in the middle attacks are sometimes known as fire brigade attacks. This attack is very effective on http protocol because data is seny on plain text form. It is possible to capture session cookies by header and also possible to change. MITM Attack tools There are several tools to perform a MITM attack. PacketCreator Ettercap Dsniff AirJack Cain e Abel

Session hijacking methodes

Image
When a user log in to the account  it starts a session with that account and this session ends up with log out  In a running session, user is give a session id which is unique identifier of the user for that session and is only valid for that session.It is the type of attack in which hacker gain access to the session id to gain unauthorized access to information or services in this maintain on cookies. Session hijacking is simple method to hack someone id hack like as a Facebook, g mail, Hotmail,twitter etc. Session hijacking is support on  cookies... Session hijacking can be done at 2 levels: Network level (TCP and UDP session hijacking) Application level (HTTP session hijacking) Network level (TCP and UDP session hijacking)      TCP session hijacking TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine. It can be do

key logging with XSS

Image
Keylogger is the tool which is used to record the key events. We all know about the keyloggers used int the computer to capture the keystrokes. But this tutorial guide you to create and use a keylogger on a website to capture all keystrokes on that page. As the name suggest, It only works on the website that are XSS vulnerable. As we know that we can run our own scripts on those website which have XSS vulnerability. We use our Keylogging script on XSS vulnerable website. For this attack we need three things: Kelogging script. XSS vulnerable website A webhosting First of all download Keylogging script from Here: DOWNLOAD Now create an account in any free hosting web host that supports PHP. PHP will be used to write keystrokes on a text file. Now open Logger.js and change the URL of your script. Default URL is http://yourwebsite.com Change it to your hosting URL.  Now host all these scripts on your web host. Now find a XSS vulnerable website website and include script link like

WiFi password crack with fern WiFi cracker

Image
This is a wireless security auditing application that is written in python and uses python-qt4. This application uses the aircrack-ng suite of tools. It should work on any version of linux running the following: Requirements: python python-qt4 macchanger aircrack-ng xterm subversion For Slax Distributions, download the zipped module package on the download section, and follow the instructions in the "README" file. To install simply run the following command in terminal after changing directory to the path were the downloaded package is: root@host:~# dpkg -i Fern-Wifi-Cracker_1.2_all.deb Icons and Running the application: Software Icon can be found at the application Menu of the GNOME desktop interfaces Icon can also be found at /usr/share/applications for KDE and also GNOME: There you find "Fern_Wifi_Cracker.desktop" To get the source code for this project from SVN, here's the checkout link: root@host:~# svn checkout http://fern-wifi-cracker.googlecod