I have got a new place to keep all my technical stuff.
it is ...
http://sites.google.com/site/visitabhiluck/
abhi
Tuesday, July 7, 2009
Saturday, April 18, 2009
Thursday, March 12, 2009
Automation of Metaspoit Framework3
Today a task was given to me for automating metasploit attacks.
let me explain the task in a more detailed fashion....
let me take an example.
suppose we have been given an ip or list of ip to penetrate using metasploit
eg. 192.168.1.0/24
now what we do is scan the list of ip addresses for various ports and services and then look for any vulnerability for which
exploit has been provided in metasploit framwork.
If multiple exploits are given in the framework, we have to manually try all the exploits on all the machines and see whether it is working or not.
my job was to automate this opr.
I was very lucky coz Mr H D moore has already done this job and written a nice article on blog.metaspoit.com
I followed the instructions and set up my backtrack machine for the automation.
let me explain the task in a more detailed fashion....
let me take an example.
suppose we have been given an ip or list of ip to penetrate using metasploit
eg. 192.168.1.0/24
now what we do is scan the list of ip addresses for various ports and services and then look for any vulnerability for which
exploit has been provided in metasploit framwork.
If multiple exploits are given in the framework, we have to manually try all the exploits on all the machines and see whether it is working or not.
my job was to automate this opr.
I was very lucky coz Mr H D moore has already done this job and written a nice article on blog.metaspoit.com
I followed the instructions and set up my backtrack machine for the automation.
Tuesday, February 24, 2009
Google made searching even more easy
Today I noticed this feature while searching something via google.
Usually when we search something on google, 10 results come in 1 page.
If we have to look at more search results, we used to click on the next button or set the preference of how many search results we want in one page.
But now Next button no longer exists. If you drag the mouse, new search results will automatically be fetched and more search results you can see at one page.
Great Idea.....
Usually when we search something on google, 10 results come in 1 page.
If we have to look at more search results, we used to click on the next button or set the preference of how many search results we want in one page.
But now Next button no longer exists. If you drag the mouse, new search results will automatically be fetched and more search results you can see at one page.
Great Idea.....
Wednesday, February 18, 2009
Thursday, December 25, 2008
Mount NTFS partition in Linux
mount -t ntfs /dev/sda1 /mnt
(Of course replacing the /dev/sda1 with your partition specifics.)
(Of course replacing the /dev/sda1 with your partition specifics.)
Monday, September 1, 2008
DNS cache poisoning
An attacker is running his own domain (attacker.net) with his own hacked DNS Server (ns.attacker.net) Note that It is said hacked DNS Server because the attacker customized the records in his own DNS server, for instance one record could be www.cnn.com=81.81.81.81
1) The attacker sends a request to user’s DNS Server asking it to resolve www.attacker.net
2) User’s DNS Server is not aware of this machine IP address, it doesn't belongs to his domain, so it needs to asks to the responsible name server.
3) The hacked DNS Server is replying to user’s DNS server, and at the same time, giving all his records (including his record concerning www.cnn.com)
Note : this process is called a zone transfer.
4) The DNS server is not "poisoned".
The attacker got his IP, but who cares, his goal was not to get the IP address of his
web server but to force a zone transfer and make your DNS server poisoned as long as the cache will not be cleared or updated.
5) Now if user ask his DNS server, about www.cnn.com IP address it will give him
172.50.50.50, where the attacker run his own web server. Or even simple, the attacker could just run a bouncer forwarding all packets to the real web site and vice versa,so you would see the real web site, but all the user’s traffic would be passing through the attacker's web site.
This is one of the ways cache poisoning works
Subscribe to:
Comments (Atom)