Showing posts with label LAN Hacking. Show all posts
How to shutdown your friend's Pc through chating using cmd
Hello friends. Today your's mafiyaboy is here with a cool trick. You can shutdown your friend's computer through chating. This is very simple and cool trick. Kindly follow these steps :-
Step 1: Before going to start clear all history, all cookies, stop all downloading and close all extra tabs. Mean to say stop all internet activities. Now go to your messanger and start chating with the victim.
Step 2: Go the start and click on run.
Step 3: In run command type cmd.exe and hit enter.
Step 4: A black screen will appear. This is command prompt. In this box type "netstat -n" (without quotes).
Step 5: Now if you done the step one correctly you see only one ip address many times (ip should be of victim).
Step 6: Now again, type "shutdown -i"(without quotes).A box will appear now click on add button.A small box will pop up. Now type ip address of computer which you get from "netstat -n" command.
Step 7: Now there are three options click on shutdown.
Step 8: To show a message to victim's computer check the "warm users of the action" and set the number of seconds.
Step 9: Now select any option in shutdown event tracker.
Step 10: Now comes the best part of the prank. In last type your message like you got hacked and we destroy your computer. After this shutdown your computer is not going to start(type anything that scare your victim). Now click on ok and you are done. Have fun guys and must leave comment below.
Tag :
LAN Hacking
VoIP Hopper - Features and Video Tutorial
VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop security test. VoIP Hopper is a VoIP infrastructure security testing tool but also a tool that can be used to test the (in)security of VLANs.
Features:
Example Usage:
Some quick samples usages for VoIP Hopper are listed below.
voiphopper -i eth0 -z
voiphopper -i eth0 -o 001EF7289C8E
voiphopper -i eth0 -c 0
voiphopper -i eth0 -c 1 -E 'SIP00070EEA5086' -P 'Port 1' -C Host -L 'Cisco IP Phone 7940' -S 'P003-08-8-00' -U 1
voiphopper -i eth0 -c 1 -E 'SEP00070EEA5086' -P 'Port 1' -C Host -L 'Cisco IP Phone 7940' -S 'P00308000700' -U 1
voiphopper -i eth0 -c 2
voiphopper -i eth0 -v 200
voiphopper -i eth0 -a
voiphopper -i eth0 -n
voiphopper -i eth0 -c 0 -m AA:AA:AA:AA:AA:AA
voiphopper -i eth0 -a -m AA:AA:AA:AA:AA:AA
voiphopper -i eth0 -v 200 -m AA:AA:AA:AA:AA:AA
voiphopper -i eth0 -v 200 -m AA:AA:AA:AA:AA:AA -D
voiphopper -i eth0 -m AA:AA:AA:AA:AA:AA
voiphopper -d eth0.200
==============
==============
VIDEO Tutorials:
Tutorial 1: Assessment Mode video tutorial for VoIP Hopper 2.0
Here is a tutorial demonstrating the new, exciting features for Assessment mode. Until I can integrate DHCP spoofing for Avaya/Nortel into assessment mode, I've also shown how to do both Avaya and Nortel VLAN discovery at the end of the video.
Tutorial 2: LLDP-MED features of VoIP Hopper
Here is a tutorial demonstrating the new LLDP-MED capabilities.
Tutorial 3: Hotel Exploit Demo ~ When DHCP is disabled
Here is a tutorial demonstrating the same live demo showed at DefCon 19, in which DHCP was disabled on the VoIP VLAN subnet. VoIP Hopper can still VLAN Hop and spoof the IP and MAC address of an IP Phone, as selected by the user. This is a demonstration of the "s" option of Assessment mode.
Facebook Cookie Stealing And Session Hijacking
THIS ARTICLE IS ORIGINALLY WRITTEN BY RAFAY BALOCH. HE BLOGS AT www.rafayhackingarticles.net
Three days ago I finished the series on Gmail Session Hijacking and Cookie Stealing , due to a tremendous response of readers I planned to write a post on Facebook cookie stealing and Session hijacking. Facebook session hijacking can also be accomplished via a very popular tool called Firesheep(On a Wifi Network Only), which I won't be explaining here because I have already written it before in my post Facebook Hacking Made Easy With Firesheep
In this tutorial I will explain you how an attacker can capture your authentication cookies on a local area network and use them to hack your facebook account, Before reading this tutorial I would recommend you to part1, part2 and part 3 of my Gmail Session Hijacking and Cookie stealing series, So you could have better understanding of what I am doing here.
How To Steal Facebook Session Cookies And Hijack An Account?
An attacker can use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.
If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.
In the example below I will be explaining how an attacker can capture your authentication cookies and hack your facebook account with wireshark.
Step 1 - First of all download wireshark from the official website and install it.
Step 2 - Next open up wireshark click on analyze and then click on interfaces.
Step 3 - Next choose the appropriate interface and click on start.
Step 4 - Continue sniffing for around 10 minutes.
Step 5 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.
Step 6 - Next set the filter to http.cookie contains “datr” at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.
Step 7 - Next right click on it and goto Copy - Bytes - Printable Text only.
In this tutorial I will explain you how an attacker can capture your authentication cookies on a local area network and use them to hack your facebook account, Before reading this tutorial I would recommend you to part1, part2 and part 3 of my Gmail Session Hijacking and Cookie stealing series, So you could have better understanding of what I am doing here.
- Gmail Cookie Stealing And Session Hijacking Part 1
- Gmail Cookie Stealing And Session Hijacking Part 2
- Gmail Cookie Stealing And Session Hijacking Part 3
Facebook Authentication Cookies
The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;
How To Steal Facebook Session Cookies And Hijack An Account?
An attacker can use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.
If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.
In the example below I will be explaining how an attacker can capture your authentication cookies and hack your facebook account with wireshark.
Step 1 - First of all download wireshark from the official website and install it.
Step 2 - Next open up wireshark click on analyze and then click on interfaces.
Step 3 - Next choose the appropriate interface and click on start.
Step 4 - Continue sniffing for around 10 minutes.
Step 5 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.
Step 6 - Next set the filter to http.cookie contains “datr” at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.
Step 7 - Next right click on it and goto Copy - Bytes - Printable Text only.
Step 7 - Next right click on it and goto Copy - Bytes - Printable Text only.
Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjector script. Now open up Facebook.com and make sure that you are not logged in.
Step 9- Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.
Step 10 - Now refresh your page and viola you are logged in to the victims facebook account.
Note: This Attack will only work if victim is on a http:// connection and even on https:// if end to end encryption is not enabled.
Countermeasures
The best way to protect yourself against a session hijacking attack is to use https:// connection each and every time you login to your Facebook, Gmail, Hotmail or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won't be able to do any thing with your cookies.
Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjector script. Now open up Facebook.com and make sure that you are not logged in.
Step 9- Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.
Step 10 - Now refresh your page and viola you are logged in to the victims facebook account.
Note: This Attack will only work if victim is on a http:// connection and even on https:// if end to end encryption is not enabled.
Countermeasures
The best way to protect yourself against a session hijacking attack is to use https:// connection each and every time you login to your Facebook, Gmail, Hotmail or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won't be able to do any thing with your cookies.
How to Make and send Metasploit Backdoor [Video]
I was surfing the youtube when i found the following Video which explain is beautifully that how can you infect someone with only Metasploit.
And NOTE:::: In the First step it is not necessary to have Backtrack or Ubuntu. Windows can also work if the Metasploit is installed. Which you can download from here: http://www.metasploit.com/download/How to Hack any PTCL Broadband user in Pakistan ?
The Hack goes like this that all the Routers have 3 ports open. Two of them are :
- Port 23 : Telnet Server Port.
- Port 80 : Http Server Port.
STEP 1: Finding the IP address.
Well this could be difficult. But there are two ways:
- First is to check your Public IP Address at http://whatismyipaddress.com/ and than scan the nearby IP addresses. e.g. If my IP address is 182.177.252.166 than I would scan from 182.177.252.1 to 182.177.252.250 . Because we connect the internet with Dynamic IP addresses it means that nearby IP address would also be PTCL Broadband users.
- The other way can be to run netstat -an command in command prompt to see the IP address of people whom you are chatting.
STEP 2: Connecting to Telnet or Http Server.
Connecting to Telnet server: Well now when we have the IP address just goto start => RUN then type cmd.exe in it. and following screen will appear . Then type followin into it telnet {IP ADDRESS}.
NOW THIS SCREEN WILL APPEAR:
NOTE::::::::::::::::::::::::::::::::::
The Default Username is: admin
The Default Password is: admin
or
Username is : user
Password is : user
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Now after you have given the user name and Password following screen will appear . Type "help" in it to get all the commands and to whatever with it. BUT BE IN LIMITS!!!!
screen shot of hacked router:
Connecting to Http server: Well all the steps are same but this time you use your browser to access the router like show below.
NOTE::::::::::::::::::::::::::::::::::
The Default Username is: admin
The Default Password is: admin
and after that:
Disclaim:----------------------------------------------------------------------
I take no responsibility of any stupid thing did by any one of you with this information. I just showed you how to do it. Best way of testing it is to hack your self like i Did in this tutorial.
How to become Admin on your school Network
This way works for most schools.
This tutorial is for those newbies out there, wanting to “hack” their school.
Im gonna start by saying, if your going to hack the school, theres a high probability your get caught, and dont do anything dumb like deleting the network. Its lame, and you will get flamed for doing it. This hack will only allow you to hack the computer at a terminal connected to the network. If you want to remote hack your school, ask google.
Firstly get a feel for the layout of the network.. you can do this quickly by:
Start > Programs(Right Click) > Explore
this will give you a map of the network, and you’ll probably be able to edit and run files this way, but with DOS there’s more options…
The basics for school hacking is accessing the command prompt, and 90% of school will have blocked this.
So to get around this you can do two things:
1) input this into the IE address “C:windows\system32\cmd.exe”
however this is very likely to be disabled.
2) Creating a Bat file to open Command Prompt.
You can do this by, opening IE > view > source.
once you have notepad open, where gonna make a .BAT file.
we want the BAT file to open up command prompt, so we type:
“CMD” without the “” press ENTER then save it as file.BAT.
Now you should be able to open Command Prompt by clicking on the file. If it fails to open, it is most likely that the CMD.exe is disabled and you dont have the privilages to run it.
So try using the file COMMAND instead. This does not have the same power as CMD, but is better than nothing.
Once we have it open now comes the good bit….
Before doing this, make sure you know a good lot of DOS commands.
Heres a great list www.computerhope.com/msdos
These are a few that you might like to try:
Net send * “Haseeb’s articles are cool”
Shutdown -s -f –m\\ip-of-computer– rarely works (you can find Ip with Ip scanner)
These will only work if you have the privilages to use them.
After you have access into Command Prompt, to get access to some programs that you are not allowed to use, DIR for Shortcuts (lnk). Then save them onto floppy disk. A shortcut is good, because it is smaller and quicker to save than a whole exe file.
There is also a good chance that the network will have RAT’s installed. A RAT is a (Remote Administration Tool). Used by Admins to manage networks… a bit like a friendly trojan.
This shouldnt be hard to find, and once you have found the EXE or LNK save it to a floppy, – Now you have control over every computer!!
You could use the RAT to use the admins machine, here possibilites are endless!
Tag :
LAN Hacking
