New Post

Rss

Saturday, October 31, 2009
Hacking Class 10 -How To Prevent Urself from Scanning??

Hacking Class 10 -How To Prevent Urself from Scanning??

Till Now We have Discussed that How to extract the Information about the Site and Individual/site/organisation and scanning them for getting live ports or vulnerabilities to attack them.

Today I will explain you How to Prevent Yourself from Scanning.. and Tomorrow I will give you the Live demonstration of hacking and attacking a website with complete snapshots. 
First of all you should know How to protect yourself from these attacks... Its really important that you should know the Counter measures of what you are doing... In case you will face the same problem yourself...:P


THESE ARE THE CERTAIN STEPS AND THINGS YOU SHOULD REMEMBER:

1. Use a Good Firewall to block all the illegal port activity. The Firewall blocks almost all unauthorized attempts by attackers except the following Ports i.e Firewall doesn't monitor port 80,8080,8181,3128,53.

Hacking Class 10 -How To Prevent Urself from Scanning??

Now You should Know Which Port Stands for What...

Port 80 is for servers(webservers).
Port 8080 is for HTTP clients.
Port 8181 is for HTTPS clients.
Port 3128 is a active port Needed for all Network processes.
Port 53 is for DNS.

Now If you Have a Good Firewall all illegal activity other than these ports can be blocked. Now the Only chance to being attacked is through 80,8080 and 8181. i.e through websites...When you open some malicious website containing malware scripts  there are most chances of being attacked.
So from this you can guess What will be the Second point...Right..

2. Use a Good Web Shield Preferable AVG or any other Good Web shield. This will prevent you from attack through websites...

3. Third way to get attacked is through softwares.  
As we all know most of us use Pirated Softwares and Download it from anywhere i.e where we find it and also we doesn't know the Uploaders...
This is the currently going practice Nowadays. Hackers upload softwares and attach a malicious softwares and hack tools with them like keyloggers, trojans, spywares etc.. with them. Now Here user Himself downloads the attacker files. SO there must be something to prevent from this attack. You can guess for what I am talking...
Ya Surely I am talking about Good Antivirus... I will recommend all to use AVIRA Antivirus and KASPERSKY. Its because of their interativeness. 

4. Fourth Point And most Important One...Please Note Most Important One...

Note: It took only 50 sec to 1 minute to scan the system and 3 minutes to attack any system and damage it.
Why I am saying this Important its because no tool is made to detect these type of attacks...If you open this nothing can prevent you from attacked...
So prevention is better than Cure. Don't open them. For which I am talking.
Hacking Class 10 -How To Prevent Urself from Scanning??

I am talking about anonymous mails and spams in your Email ID's. Point to remember 3 out of 1 mail is a spam and 5 out of 1 contains a virus or attack script. Nowadays you will get emails like you have won 100000$ or something like these... these all mails are BOTNETS., these are viruses. they all are asking you about your personal Information and ask you to follow the Link..
You all have noticed that when you click the link it shows Redirecting ...around 30 sec ..and then just show you are not eligible for this or this offer is not available in you country... Between the time when they say redirectingggg... they are scanning your system.....and if they find something on you system they attack your system and get access to it...
Sooooooo, DON'T open the mails that come from some anonymous source...


This is all about Scanning Part .. I think you all will like this..
If you have any queries ask me.. I will reply soon.
Friday, October 30, 2009
Hacking Class 9 - IP SPOOFING AND ITS USE

Hacking Class 9 - IP SPOOFING AND ITS USE

As we have covered almost all topics of scanning this is the last topic that come under scanning....

First of all ..

WHAT IS IP SPOOFING??
Ip spoofing is basically encrypting your Ip address so that it appears something else to attacker or victim i.e it is the virtual Ip address..

~ IP Spoofing is when an attacker changes his IP address so that he appears to be someone else.
~ When the victim replies back to the address, it goes back to the spoofed address and not to the attacker’s real address.
~ You will not be able to complete the three-way handshake and open a successful TCP connection by spoofing an IP address.

You Will Better Understand It With SNAPSHOT..
Hacking Class 9 - IP SPOOFING AND ITS USE



HOW TO DETECT IP SPOOFING ??

When an attacker is spoofing packets, he is usually at a different location than the address being spoofed
Attacker's TTL(Time to Live i.e Time for which IP is allocated for use) will be different from the spoofed address' real TTL. If you check the received packet’s TTL with spoofed one, you will see TTL doesn't match.

These things are blocked in latest versions of Windows i.e after SP3. Firewall will itself block any spoofing attacks...


This Is all about the IP spoofing and Scanning Part.  


The Next Two Parts of upcoming class:
1. How to Protect Yourself From Scanning .
2. How to Hack Websites Using things that We Studied until Now . A little SQL injection tutorial is also required for that. We will try to cover it as quick as Possible..

If you have any doubts about Ip spoofing you can ask..
Thursday, October 29, 2009
How to Hack Cyberoam 100% working hack

How to Hack Cyberoam 100% working hack

Hello Frens I am back with another hacking tutorial . This time I will explain you all " How to Hack or Unblock cyberoam to access all blocked sites in college or company" . Tutorial will be noob friendly as everything is explained with the help of snapshots...So to know How to hack cyberoam Read On....

First of all Guys You Must Know What is Cyberoam and What Idea it uses to block the user.



What is Cyberoam :


Cyberoam is Identity-based unified threat management appliances, offer comprehensive threat protection with firewall-VPN, anti-virus, anti-spam, intrusion prevention system, content filtering in addition to bandwidth management and multiple link load balancing and gateway failover.
Identity-based controls and visibility are critical components of network security. With identity and network data combined, enterprises are able to identify patterns of behavior by specific users or groups that can signify misuse, unauthorized intrusions, or malicious attacks from inside or outside the enterprise. Activities and security policy rules can be enforced on network segments based on identity.

THINGS THAT WE NEED TO HACK CYBEROAM??
1.FootPrint IP . (Our Ip that is being footprinted or traced by any website that we visit. In short NAT outside local IP).

2. An Open PORT generally its 3128. (3128 port is active port which is always open If your computer has Network assessiblity.)

3. Proxifer and Its Settings. (any Version after 2.17).

Now that's the only things that we need If we want to hack or bypass the cyberoam Client. Now Detailed Hack Is below...


HACKING CYBEROAM (DETAILED HACK)
Stepwise Description:
1. First of all We need to get the FootPrint IP . Simple Method to Get FootPrint IP.
2. Open Your Mozilla Firefox Web Browser And type the Following Site.
      https://your-freedom.de
3. When you Open the Site you will see something like this:


Click On I understand the risk (THIS IS TO ACCEPT SSL CERTIFICATE)




Click on Add Exception




CLICK ON CONFIRM SECURITY CERTIFICATE.




4. Now Guys We have Got the Footprint IP.  Next thing is that We Neeed PORT for Accessing It.
USE PORT 3128 as Its open by default on system which have aceess to Internet.

5. NOW DOWNLOAD THE FOLLOWING SOFTWARE  (PROXIFIER)

http://www.mediafire.com/?qnmczoxojjw


6. Its a Portable version of Proxifier . So need Not To Install. Just Click on It And Extract Anywhere you want. I prefer In Pen Drive.


7. After that You will Get Some Files LIKE THIS and CLICK ON PROXIFER TO RUN IT.


8. Now see the Task Bar. You will See something Like This. Clcik on that.


9. CLICK ON OPTIONS AND THEN ON ROXY SETTINGS.


10. NOW TO THE FOLLOWING SETTINGS AS SHOWN:


11. Now do the Settings as Shown Below. and Click Ok.


12. Now CLICK OK . AND OPEN THE WEBSITE YOU WANT:



NOW THATS ALL OVER THE FULL TUTORIAL.  HOPE YOU WILL ENJOY IT ..

ALL QUESTIONS ARE WELCOMED.. IF YOU HAVE ANY QUERY ASK ME I WILL HELP YOU.


SPECIAL SETTINGS FOR AMU STUDENTS :


HEY FRENS THIS FOR YOU : 
YOU NEED NOT TO FIND FOOTPRINT IP I HAVE ALREADY DONE FOR YOU.
IN the Proxy setting Enter the Following:
Address : 210.212.76.241     Port :3128
And select HTTPS PROTOCOL.   And then CLICK on OK...

AND THEN OPEN ANY WEBSITE YOU WANT...


DON'T FORGET TO SAY THANKS !
Monday, October 26, 2009
Hacking Class 8 - Removing Traces Continues

Hacking Class 8 - Removing Traces Continues

Continuing from the Previous Lecture on Removing and Hiding Our Traces . Today we will discuss the Remaining four Points that we discussed tomorrow... So read on..

Tool to Bypass Government Censor : Psiphon Tool 



  • Psiphonis a censorship circumvention solution that allows users to access blocked sites in countries where the Internet is censored.
  • Psiphonturns a regular home computer into a personal, encrypted server capable of retrieving and displaying web pages anywhere .
  • Psiphonacts as a "web proxy" for authenticated psiphonites, retrieving requested web pages and displaying them in a user's browser.
  • Psiphonuses a secure, encrypted connection to receive web requests from the psiphoniteto the psiphonode who then transports the results back to the psiphonite.

Hacking Class 8 - Removing Traces Continues


DOWNLOAD:
http://www.eccouncil.org/cehtools/psiphon.zip

For More Details About Tool Visit:
http://psiphon.ca/


How To Bypass Google Tracing and What's the Need??

First I will tell you the Need . Everything that We searches over the Net i.e through google , Google makes a log of us ... Log contains 4 basic fields :
1. IP address
2. Search Query
3. ISP from which search is made
4. Time ,date,year etc..

Did you know that Google stores a unique identifier in a cookie on your PC, which allows them to track the keywords you search for? They use this information to compile reports, track user habits, and test features. In the future, it is possible they could even sell this information or share it with others. Even worse, Google's cookie isn't set to expire until the year 2038, unless you delete it first.

Now If you do anything that doesn't pass google censorship then you will surely going to suffer.


TOOL TO BYPASS GOOGLE TRACING  :  G-Zapper

G-Zapper helps protect your identity and search history. G-Zapper will read the Google cookie installed on your PC, display the date it was installed, determine how long your searches have been tracked, and display your Google searches. G-Zapper allows you to automatically delete or entirely block the Google search cookie from future installation.

SNAPSHOT:
G-Zapper Screenshot

SAMPLE LOOK UP OF YOUR SEARCHES:
Hacking Class 8 - Removing Traces Continues

DOWNLOAD:
http://www.dummysoftware.com/gzapper.html

Sorry Guys Currently my version of this software has expired so you have to work with trial..

We Will Continue Discussion in evening... 

If you have any Queries Ask me..
Saturday, October 24, 2009
Hacking Class 7 - Hiding Yourself From being Traced

Hacking Class 7 - Hiding Yourself From being Traced

NOTE : STRICTLY FOR EDUCATIONAL PURPOSES.. I AND Hackingloops IS NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITY AND MISUSE...

Hey guys as I have Already Mentioned above this is only for educational purpose so don't misuse it. I and Isoftdl is not responsible for any malpractice... Now you all thinking why I am saying this.. Itz pity simple because Its the most dangerous part i.e Hiding your identity from being traced by anyone i.e government,ISP,Raw...everything... So Read On...

Let's have a Breif Look up of Topics That we Cover Here:
1. Proxies and Anonymous Web Browsers
2. Anonymizers
3. Tools to bypass Government Censorship :P
4. Tools to Bypass Google Tracing :P
5. HTTP Tunneling for Windows
6. IP spoofing :P

Today we Will Cover First two Topics...

FIRST OF ALL ..

WHAT IS PROXY AND HOW IT WORKS???

Proxy is a network computer that can serve as an intermediate for connection with other computers .

Hacking Class 7 - Hiding Yourself From being Traced


They are usually used for the following purposes:
• As a firewall, a proxy protects thelocal network from outside access.
• As an IP addresses multiplexer, a proxy allows the connection of a number of computers to the Internet
   when having only one IP address.
• Proxy servers can be used (to some extent) to anonymize web surfing.
• Specialized proxy servers can filter out unwanted content, such as ads or 'unsuitable' material.
• Proxy servers can afford some protection against hacking attacks. (For Our Purpose)


HOW AND WHY  TO GET FREE PROXY SERVERS ??

~ Attacks using thousands of proxy servers around the world are difficult to trace.
~ Thousands of free proxy servers are available on the Internet .
~ Search for “free proxy  servers” in Google .
~ Using proxy servers can mask your trace .


I will recommend two sites for getting the Free Proxy servers. As these sites Daily provides Fresh anonymous Proxies...
1. http://www.tech-faq.com/proxy.shtml  (provides almost all type of Proxies)

Hacking Class 7 - Hiding Yourself From being Traced


2. http://proxy.org/   (check the Right Hand Side For Proxies)

Hacking Class 7 - Hiding Yourself From being Traced


BELOW SNAP SHOWING HOW PROXIES USED TO ATTACK..
Hacking Class 7 - Hiding Yourself From being Traced



ANONYMOUS WEB BROWSERS

Anonymous Web Browsers have inbuilt proxy finders they search for proxies by default and make our surfing anonymous...
TWO BEST ANONYMOUS WEB BROWSERS ARE:
1. Invisible Browsing v7.0

SNAPSHOT:
Hacking Class 7 - Hiding Yourself From being Traced


2. BrowZar 2.0
DOWNLOAD:
http://www.browzar.com/download/index.html

SNAPSHOT:

Hacking Class 7 - Hiding Yourself From being Traced

You can also find more by googling it but these two are just Best.. :P


ANONYMIZERS 

Anonymizers are services that help to make web surfing anonymous. The first anonymizer developed was Anonymizer.com, created in 1997 by Lance Cottrel.

An anonymizer removes all the identifying information from a user’s computers while the user surfs the Internet, thereby ensuring the privacy of the user.

Why Use Anonymizer?
• Example: Google.com keeps track of all your web searches on their servers by placing a cookie on your machine.
• Every single search you entered at Google is logged.

SEVERAL ANONYMIZER TOOLS  ARE:
1. Hide Platinum IP
2. Hide My IP
3.Hide My Ip Address

Note: I am not providing the Below Three Because Almost 99% of their cracked version contains viruses and Spywares which can cause damage to your system...

The Rest Four Topics About Hiding Our Traces We will discuss Tomorrow..
Hope that You all have Like This...
IF you have Any Queries ASK in FORM OF COMMENTS !
Friday, October 23, 2009
Hacking Class 6 - Vulnerability Scanning And Tools

Hacking Class 6 - Vulnerability Scanning And Tools

In my previous class I have discussed about OS fingerprinting i.e finding that which OS the Victim is using.
Now We move further in scanning phase and now we will scan the systems for vulnerabilities i.e finding the weakness in security ,OS,database and so on..


What is Vulnerability???

As I have Told in First class that Vulnerability is weakness in the network,system,database etc... We can call vulnerability as the Loophole i.e through which victim can be attacked.. We first analyze the loophole and then try to use it to best to Hack the System of victim or oraganisation or website...

TOOL THAT WE USE FOR VULNERABILITY SCANNING ARE :
1. Nessus
2. Retina

NESSUS
The Nessus® vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks.

Hacking Class 6 - Vulnerability Scanning And Tools


Features:

~ Plug-in-architecture
~ NASL (Nessus Attack Scripting Language)
~ Can test unlimited number of hosts simultaneously
~ Smart service recognition
~ Client-server architecture
~ Smart plug-ins
~ Up-to-date security vulnerability database


SAMPLE SNAPSHOT:


Hacking Class 6 - Vulnerability Scanning And Tools


DOWNLOAD NESSUS :
http://www.nessus.org/download/




RETINA
Retina Network Security Scanner, the industry and government standard for multi-platform vulnerability management, identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits.



Hacking Class 6 - Vulnerability Scanning And Tools


Features:

~ Retina network security scanner is a network vulnerability assessment scanner.
~ It can scan every machine on the target network, including a variety of operating system platforms, networking devices, databases, and third party or custom applications.
~ It has the most comprehensive and up-to-date vulnerability database and scanning technology.


SAMPLE SNAPSHOT:

Hacking Class 6 - Vulnerability Scanning And Tools




DOWNLOAD RETINA:
http://www.eeye.com/html/products/retina/download/index.html






Now After Scanning the Systems for Vulnerabilites .. We will Now Going to attack the Systems but before this we should know the Risk . This risk can be reduced to great extent by using Proxies.. In Next Class We will Discuss what are Proxies and How they work and how they are going to Help us and some undetectable and untraceable Proxy servers...
So wait For Next Class.... And Keep Learning...


If you Have Any Queries You can Ask In form Of Comments!
Thursday, October 22, 2009
Hacking Class 5 - Scanning and FingerPrinting Continues

Hacking Class 5 - Scanning and FingerPrinting Continues

In the Previous class I have discussed the very basic things about scanning and two most important scanning tools namely NMAP and Nettools. Now we continue our discussion on the Scanning ...
Now we Discuss some internal and advanced scanning Methods..

First of Which is OS Fingerprinting...

What is OS Fingerprinting ??

OS fingerprinting is the method to determine the operating system that is running on the target system.

The two different types of fingerprinting are:
• Active stack fingerprinting
• Passive fingerprinting

Active Stack FingerPrinting:

Based on the fact that OS vendors implement the TCP stack differently.Specially crafted packets are sent to remote OSs and response is noted. The responses are then compared with a database to determine the OS.

Passive FingerPrinting:

Passive banner grabbing refers to indirectly scanning a system to reveal its server’s operating system.
It is also based on the differential implantation of the stack and the various ways an OS responds to it.
It uses sniffing techniques instead of the scanning techniques. It is less accurate than active fingerprinting.

TOOL USED FOR OS FINGERPRINTING :p0f Os Fingerprinting Tool
DOWNLOAD:
http://lcamtuf.coredump.cx/p0f-win32.zip


P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
  • machines that connect to your box (SYN mode),
  • machines you connect to (SYN+ACK mode),
  • machine you cannot connect to (RST+ mode),
  • machines whose communications you can observe.



P0f can also do many other tricks, and can detect or measure the following:
  • firewall presence, NAT use (useful for policy enforcement),
  • existence of a load balancer setup,
  • the distance to the remote system and its uptime,
  • other guy’s network hookup (DSL, OC3, avian carriers) and his ISP.

Hacking Class 5 - Scanning and FingerPrinting Continues


We will continue class on scanning in the evening...Today I will explain more about scanning.. So wait for Next article...

If You Have Any Queries ask Me ... I will Help You 
Out !
Monday, October 19, 2009
Hacking Class 4 - Scanning and Attacking Open Ports

Hacking Class 4 - Scanning and Attacking Open Ports

In my Previous class I have explained about footprinting i.e getting the IP of the Person/website/organisation whom you want to attack and extracting the personal Information.. You all were thinking that what was the use of that .. In this class you will came to know why we have undergo footprinting and analysis part...

In Scanning Part We Will Cover the Following Topics in details :

~ Definition of scanning
~ Types and objectives of Scanning
~ Understanding Scanning methodology
~ Checking live systems and open ports
~ Understanding scanning techniques
~ Different tools present to perform Scanning
~ Understanding banner grabbing and OS fingerprinting
~ Drawing network diagrams of vulnerable hosts
~ Preparing proxies
~ Understanding anonymizers
~ Scanning countermeasures

Hacking Class 4 - Scanning and Attacking Open Ports



What Is Scanning ?? And Why We Focus On that ?

 Scanning as from the name means that we will scan something to find some details etc etc... Scanning basically refers to the gathering of following four informations...

We Scan systems for four basic purposes :-

  • To find specific IP address
  • Operating system
  • System Architecture
  • Services Running on system


The various types of scanning are as follows:
~Port Scanning
~Network Scanning
~Vulnerability Scanning

I want to Define These Terms here Only as they are of great use in further tutorial...

PORT SCANNING : There are 64k ports in a computer out of which 1k are fixed for system or OS services. In Port scanning we scan for the open Ports which can be used to attack the victim computer.
In Port scanning a series of messages sent to break into a computer to learn about the computer’s network services. Through this we will know that which port we will use to attack the victim..

Network Scanning : Network scanning is basically a procedure of finding the active hosts on the Network.
i.e We tries to find that system is standalone or multiuser...

This is done either for the purpose of attacking them or for network security assessment i.e how secured the network Is ??

Vulnerability Scanning : As from the name , In this type of scanning We scan the systems for finding the vulnerability i.e the weakness in OS/database ... Once we find the vulnerability or loop hole we can utilize it to Best..and attack the victim through that ...

OBJECTIVES OF SCANNING 
These are Primary objectives of scanning i.e why do we do scanning :

~ To detect the live systems running on the network.
~ To discover which ports are active/running.
~ To discover the operating system running on the target system (fingerprinting).
~ To discover the services running on the target system.
~ To discover the IP address of the target system.


We will prefer TOOLS for this because they will reduce our Hectic Work... The first Tool that we Use is the NMAP :
DOWNLOAD :http://nmap.org/dist/nmap-5.00-setup.exe

Features of NMAP :

~ Nmap is used to carry out port scanning, OS detection, version detection, ping sweep, and many other techniques.
~ It scans a large number of machines at one time.
~ It is supported by many operating systems.
~ It can carry out all types of port scanning techniques.

Hacking Class 4 - Scanning and Attacking Open Ports


SECOND TOOL IS NET TOOLS 5.0.70 :

Itz is a collection of various Networking Tools ... must for beginners...
DOWNLOAD: http://www.softpedia.com/progDownload/Net-Tools-Download-22193.html


~ Net Tools Suite Pack is a collection of scanning tools.
~ This toolset contains tons of port scanners, flooders, web rippers, and mass e-mailers.
Note: Some of these tools may not Work but some are too good.

Hacking Class 4 - Scanning and Attacking Open Ports


Hacking Class 4 - Scanning and Attacking Open Ports


I thisnk that's Enough for Today .We will discuss more on scanning tomorrow Until You try these tools..
If you have any problem in Using these tools then you can ask me ..I will help you use these tools...

ENJOY AND HAVE FUN ! IF YOU HAVE ANY QUERIES ASK ME IN FORM OF COMMENTS !
Sunday, October 18, 2009
Hacking Class 3 - Footprinting Continues

Hacking Class 3 - Footprinting Continues

Yesterday I have explained You all that How to collect information about the Websites and organisations....
Today i will continue With Footprinting and take you to some more deep level... And then tell you how to make Blueprints from them.. So read on....

UNEARTHING BASIC INFORMATION

First of all We will focus on Unearthing the Basic Information about the site... i.e the IP and server informations..
I will Show you with the help on snapshots :
First go to START --> RUN --->type cmd--->then type tracert www.websitename.com
Here we will use two basic commands in command Prompt(cmd): tracert  www.webistetobeanlysed.com

and ping www.websitename.com

It will look something like this:
Hacking Class 3 - Footprinting Continues

Here I explain what it shows...
We trace routed www.amulive.com
1. Shows Our Gateway of connectivity.
2. Shows our Outgoing Footprint Ip(i.e the our IP that is being analyzed by website)
3. Shows Connectivity passes through which service Provider. I uses BSNL but its showing airtel because I prefer DNS of Airtel for surfing Quick).
Next steps showing the Ip's of Webservers through which amulive is being maintained.

After This We will came to now the IP of the Website and Ip of itz web servers which are being used further.
website Ip can be used to gather more information about the website..

How to Find The Personal Information About the Individual Over Net ??
Its one of the Most important task. Its also helpful in finding the fake profiles... But unfortuantely this is limited But we can use it to the Most... There are two website which will help us...
1.  http://people.yahoo.com ( best Site To trace People for their Personal Information and also reverse Phone or mobile number Look up)

Hacking Class 3 - Footprinting Continues


2.  http://www.intellius.com  ( But this site is limited to US only)

Hacking Class 3 - Footprinting Continues

Sample Report from Intellius :
Hacking Class 3 - Footprinting Continues
Satellite Picture of Joe's House from Intellius:
Hacking Class 3 - Footprinting Continues

Now Using these Sites you will be able to collect the personal information of the individuals and also being able to identify the fake profiles..


TOOLS NEEDED FOR FOOTPRINTING :

You can avoid above hectic work by using this tool : SpiderFoot
Download link: http://www.binarypool.com/spiderfoot/

Information about SpiderFoot:


SpiderFoot is a free, open-source, domain footprinting tool. Given one or multiple domain names (and when I say domains, I'm referring to the DNS kind, not Windows domains), it will scrape the websites on that domain, as well as search Google, Netcraft, Whois and DNS to build up information like:
  • Subdomains
  • Affiliates
  • Web server versions
  • Users (i.e. /~user)
  • Similar domains
  • Email addresses
  • Netblocks

Hacking Class 3 - Footprinting Continues


ADDITIONAL FOOTPRINTING TOOLS :

Note all these tools are freewares .. U can easily google then and download these..


~ Whois
~ Nslookup
~ ARIN
~ Neo Trace
~ VisualRoute Trace
~ SmartWhois
~ eMailTrackerPro
~ Website watcher
~ Google Earth
~ GEO Spider
~ HTTrack Web Copier
~ E-mail Spider


This is all about Footprinting .  Now Use the Gathered information to make basic Detailed Information about the Website/person...

I thinks This is Enough for Today. Please Comment . If you have any queries Post them in form of comments.


Saturday, October 17, 2009
Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems

Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems

Previously We have Introduces hacking and hackers. Now In this class we will see what hackers do in pre-phases of hacking .i.e Footprinting.

Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems

What Is FOOTPRINTING ??

Basically footprint is the blueprints of site/organisation/system that a hacker want to Hack i.e basic internal structure.Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological
manner.

Footprinting is one of the three pre-attack phases. The others are scanning and enumeration.

Important Thing to be Noted : An attacker will spend 90% of the time in profiling an organization and another 10%  in launching the attack.

Now What is the result of Footprinting??? Can anyone guess It.... I explain it..


Footprinting results in a unique organization profile with respect to networks (Internet/intranet/extranet /wireless) and systems involved.Don't It look amazing...

The most interesting stage of a targeted attack is the reconnaissance, or footprint analysis. Here you use the web, search engines, whois.com, to discover as much about the target as possible. A whois.com can tell you email address formats for instance (first letter last name @ company.com).
A Google search could reveal submission to forums by security personnel that reveal brands of firewall or antivirus in use at the target. 
Sometimes network diagrams are even found that can guide an attack. The next stage, scanning, meant using special tools, ( I date myself by mentioning Cybercop and Internet Security Scanner, these were the days before the open source Nessus) to discover open ports, services, and machines on the target network. And then, finally, you could start attacking various vulnerabilities that you had discovered.


SITES THAT HELP IN FOOTPRINTING!
1. www.whois.domaintools.com
Now How It can Help You To GET Info . I will Show It Through Snapshots...

Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems

Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems



Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems

2. Now you can use this information to search more about Person using Simply google as shown in next snapshot..

Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems


Hacking Class 2 - Footprinting and How It can be HelpFul to Hack systems


Now Its on you need How much info u want to explore about the person and website which u want to hack...

I think you all Will Like Thisss.... WE will continue Our Discussion on FOOTPRINTING tomorrow also... As It is the Most Important Phase..... 
We will Explore More Information in the Next class.... I will explain Few More interesting facts and information exploring things so read on...

I think this Deserves For Comments...Comments Please!
Designed by Hackingloops.