API tools faq
paste
Advertisement
itsroopam1998

grade 1 session 4

itsroopam1998
May 10th, 2018
28
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.59 KB | None | 0 0
raw download clone embed print report
  1. Digital Footprinting and Information Gathering
  2. ----------------------------------------------
  3. Information Gathering : The goal of the information gathering is collect as much as information we can about our target or victim hence we can plan a stable attacking plan according to requirements.
  4.  
  5. In other words is a pre hacking phase, info provided by this phase will be used by attackers to exploit devices or technologies.
  6.  
  7. Why information gathering phase is very important in professional hacking?
  8. -----------------------------------------------------
  9. 1. Maximum information about the tagert = Maximum chances of success.
  10. 2. It becomes easier to plan attack when we have a ready vulnerability blueprint infornt of us.
  11.  
  12. Network Information Gathering
  13. -----------------------------
  14. Simple Info Gathering
  15. - Total Number of Nodes connected on the network
  16. - Machines HOST Names
  17. - IP addresses
  18. - MAC address
  19. - Sharing Vulnerability
  20. - Perephiral Device Sharing
  21.  
  22. Requirement : Softperfect Network Scanner.
  23.  
  24. Intelligent Info Gathering: Its a very technical way of grabing information which is required to perform attack stages over the time as per requierements.
  25. - IP address
  26. - OS
  27. - Service Pack of OS or Kernel Vesrion
  28. - Open Ports
  29. - Filtered Ports
  30. - Service
  31. - Service Vesrion
  32.  
  33. Requirement : nmap and Kali Linux.
  34.  
  35. 3389/tcp
  36.  
  37. Vmware : Install Mac or Windows
  38.  
  39. 1. Windows 7
  40. 2. Kali Linux -> LIVE
  41. 3. Windows XP
  42.  
  43. Web Application Information Gathering
  44. -------------------------------------
  45. Target : vit.ac.in
  46. Name
  47. Date It was Created
  48. Expiry of the domain
  49. Address
  50. Phone Number
  51. Email Address <---- IMP
  52. Registrar Information <-- Who registered this domain service.
  53.  
  54. Example: whois.domaintools.com
  55.  
  56.  
  57. People Information Gathering
  58. ----------------------------
  59. www.jantakhoj.com
  60.  
  61. Remote IP Grabbing
  62. ------------------
  63. Method 1: Via URL
  64. www.whatstheirip.com
  65.  
  66. Method 2: IP Grabbing via image
  67. www.fuglekus.com
  68.  
  69. Link: goo.gl/KxGrMW
  70.  
  71. OS Login Bypassing
  72. ------------------
  73. Target OS
  74. Windows Platform : Windows XP , WIndows 7 , Windows 8.1 and 10
  75.  
  76. Linux Platform : Ubuntu 14.5 LTS
  77.  
  78. Mac OS Platform : L Capital Latest from Apple
  79.  
  80. Windows 7 - Ultimate
  81. ---------------------
  82. Windows hold their password in a file known as Sam ( Security Accounts Manager), having hash in nature with custom AES algo from microsoft.
  83.  
  84. Online Cracking : When you change the active system's password without knowing the current password.
  85.  
  86. Offline Cracking: When system is switched off mode and os is not in active state then we have to apply offline cracking.
  87.  
  88. HirenBootCD - Disaster Recovery Toolkit
  89. - Active Password Changer
  90.  
  91. SAM file path : c:/windows/system32/config/sam
  92.  
  93. Bootable Pen Drive: unetboot or Pen Drive Linux 123
  94. Download: https://www.youtube.com/watch?v=tp8Hq3bAz5w
  95.  
  96.  
  97. System Hacking
  98. System Haking is a technique in which we try to change the tradional behaviour of the OS as per our requirements. Via change in settings, firewalls settings, or bypasisng login authentication.
  99.  
  100. -> Windows Password: Windows holds its login password in a file known as SAM(Securiy Accounts Manager) which is at path.
  101.  
  102. c:/windows/system32/config/sam
  103.  
  104. Online Cracking/Resetting the Password
  105. This we can execute when teh system is in online mode i,e its already logged in. And we tryt to reset the password of the admin.
  106.  
  107. Step 1: Right click on my computer and selet manage
  108. Step 2: On left you will see an option known as local users and group expant the + and click on users.
  109. Step 3: Select the admin account or any other account which is password protected and right click.
  110.  
  111. Offline Cracking / Resetting the password
  112. In this attack we will try to reset the password by resetting the value of SAM file to its origin.
  113.  
  114. Requirements
  115. --------------
  116. Step 1: Download HirenBootCD :www.hirensbootcd.org/download/
  117.  
  118. Now See Only!!
  119.  
  120. To make bootable pendrive : pendrive linux or unetboot
  121. https://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
  122.  
  123.  
  124. Others options
  125. --------------
  126. 0Phcrack
  127. Kon-BOot
  128.  
  129. -> Hack Kali Linux / Ubuntu
  130.  
  131. Bypassing Login of Kali Linux
  132. Linux :Bypassing Kali Linux Password
  133. Step 1: Select Recovery MODe Press E
  134. Step 2: Change ro to rw and add init=/bin/bash at the end of line and Press F10
  135. Step 3: Reset password by typing passwd root and press enter
  136. Step 4: Type new password and restart the system
  137.  
  138.  
  139. Bypassing Ubuntu System Password
  140. Step 1: Go to Safe mode
  141. Step 2: Recover Mode
  142. Step 3: Select the second last option from the list i.e SHELL
  143. Step 4: type passwd root
  144. Step 6: Give the new password and confirm password and restart the machine.
  145. Step 7: Fill the new password and enjoy :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!