Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Digital Footprinting and Information Gathering
- ----------------------------------------------
- Information Gathering : The goal of the information gathering is collect as much as information we can about our target or victim hence we can plan a stable attacking plan according to requirements.
- In other words is a pre hacking phase, info provided by this phase will be used by attackers to exploit devices or technologies.
- Why information gathering phase is very important in professional hacking?
- -----------------------------------------------------
- 1. Maximum information about the tagert = Maximum chances of success.
- 2. It becomes easier to plan attack when we have a ready vulnerability blueprint infornt of us.
- Network Information Gathering
- -----------------------------
- Simple Info Gathering
- - Total Number of Nodes connected on the network
- - Machines HOST Names
- - IP addresses
- - MAC address
- - Sharing Vulnerability
- - Perephiral Device Sharing
- Requirement : Softperfect Network Scanner.
- Intelligent Info Gathering: Its a very technical way of grabing information which is required to perform attack stages over the time as per requierements.
- - IP address
- - OS
- - Service Pack of OS or Kernel Vesrion
- - Open Ports
- - Filtered Ports
- - Service
- - Service Vesrion
- Requirement : nmap and Kali Linux.
- 3389/tcp
- Vmware : Install Mac or Windows
- 1. Windows 7
- 2. Kali Linux -> LIVE
- 3. Windows XP
- Web Application Information Gathering
- -------------------------------------
- Target : vit.ac.in
- Name
- Date It was Created
- Expiry of the domain
- Address
- Phone Number
- Email Address <---- IMP
- Registrar Information <-- Who registered this domain service.
- Example: whois.domaintools.com
- People Information Gathering
- ----------------------------
- www.jantakhoj.com
- Remote IP Grabbing
- ------------------
- Method 1: Via URL
- www.whatstheirip.com
- Method 2: IP Grabbing via image
- www.fuglekus.com
- Link: goo.gl/KxGrMW
- OS Login Bypassing
- ------------------
- Target OS
- Windows Platform : Windows XP , WIndows 7 , Windows 8.1 and 10
- Linux Platform : Ubuntu 14.5 LTS
- Mac OS Platform : L Capital Latest from Apple
- Windows 7 - Ultimate
- ---------------------
- Windows hold their password in a file known as Sam ( Security Accounts Manager), having hash in nature with custom AES algo from microsoft.
- Online Cracking : When you change the active system's password without knowing the current password.
- Offline Cracking: When system is switched off mode and os is not in active state then we have to apply offline cracking.
- HirenBootCD - Disaster Recovery Toolkit
- - Active Password Changer
- SAM file path : c:/windows/system32/config/sam
- Bootable Pen Drive: unetboot or Pen Drive Linux 123
- Download: https://www.youtube.com/watch?v=tp8Hq3bAz5w
- System Hacking
- System Haking is a technique in which we try to change the tradional behaviour of the OS as per our requirements. Via change in settings, firewalls settings, or bypasisng login authentication.
- -> Windows Password: Windows holds its login password in a file known as SAM(Securiy Accounts Manager) which is at path.
- c:/windows/system32/config/sam
- Online Cracking/Resetting the Password
- This we can execute when teh system is in online mode i,e its already logged in. And we tryt to reset the password of the admin.
- Step 1: Right click on my computer and selet manage
- Step 2: On left you will see an option known as local users and group expant the + and click on users.
- Step 3: Select the admin account or any other account which is password protected and right click.
- Offline Cracking / Resetting the password
- In this attack we will try to reset the password by resetting the value of SAM file to its origin.
- Requirements
- --------------
- Step 1: Download HirenBootCD :www.hirensbootcd.org/download/
- Now See Only!!
- To make bootable pendrive : pendrive linux or unetboot
- https://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
- Others options
- --------------
- 0Phcrack
- Kon-BOot
- -> Hack Kali Linux / Ubuntu
- Bypassing Login of Kali Linux
- Linux :Bypassing Kali Linux Password
- Step 1: Select Recovery MODe Press E
- Step 2: Change ro to rw and add init=/bin/bash at the end of line and Press F10
- Step 3: Reset password by typing passwd root and press enter
- Step 4: Type new password and restart the system
- Bypassing Ubuntu System Password
- Step 1: Go to Safe mode
- Step 2: Recover Mode
- Step 3: Select the second last option from the list i.e SHELL
- Step 4: type passwd root
- Step 6: Give the new password and confirm password and restart the machine.
- Step 7: Fill the new password and enjoy :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement