Basic Introduction to Metasploit | Hackersbay.in

The Basic ---- Introduction
  
What is Metasploit ?

The Metasploit Project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.

Basically Metasploit is tool which provides complete environment for hacking.

Read More
___________________________________________________________________________

Using The Features

In this part we will talk about using the Exploits , Payloads , Auxiliary , Nops and Encoders

I think i don't need to explain what are these because it is already discussed in the first part 

Metasploit have


+ -- --=[ 684 exploits - 355 auxiliary
+ -- --=[ 217 payloads - 27 encoders - 8 nops


This may vary in your metasploit according to your version.


The Basic use of metasploit

1. Pick which exploit to use
2. Configure the exploit with remote IP address and remote port number
3. Pick a payload
4. Configure the payload with local IP address and local port number
5. Execute the exploit

Read More  
____________________________________________________________________________


Hacking a Box and Giving Instructions using meterpreter


Welcome to the Metasploit Basics Part 3. In this part i will show you a live example of how to own a PC with some exploit and what to do after the Meterpreter session is opened. In short i will explain you about the Meterpreter.

Meterpreter short form Meta-Interpreter .The Meterpreter is one of the advanced payloads available with the MSF. The way to look at the Meterpreter is not simply as a payload, but rather as an exploit platform that is executed on the remote system.The Meterpreter has its own command shell, which provides the attacker with a wide variety of activities that can be executed on the exploited system.in short the meterpreter helps us to overcome the limitations and disadvantages of a individual payload like the adduser payload 

Read More

_____________________________________________________________________________

Note To Readers - If you want to promote your articles or web blogs then i will do it for free even if your blog rank is the lowest in alexa or google.

Contact me at -facebook.com/sauravhacker

Read More

Google +1

Google +1 Clickjacking Script !




A click jacking script for google's new +1 feature is released by one who named "yda". Its looking nice and in future, i think this one will become one of the most wanted script.it is similar to yahoo answer ..and giving some one reputation/like..for helping us...

You can see demo here:demo link






you can download source code from here..


http://www.filesonic.in/file/1117934581

NOTE: To make the button completely invisible change the 0.5 to 0 in this line:
opacity: 0.5; filter: alpha(opacity = 50);



REFERENCE
www.techieblogie.info

Read More

Securing Your Wireless Network | A white paper from Hackersbay

Sorry Guys I was out from many days .. I am back with a new article about Securing Wireless Networks - A white paper from Hackersbay

Here are the few Terminologies, You should know About Wireless networked systems..!! if u don understand this underlyin concepts, it lll be a hard time for u to guarding yo Wireless network..

SSID: (Service Set Identifier) If u having a wireless router or modem the Hardware must have SSID(Like Namin a New born Baby, Yo can name ur Router How it wann be called ba others,But If u take any BSNL Connection Wi fi ASDL Modem Comes With SSID name May be second name of yo father)


Router has a 

Device Burned With MAC &SSID Found in the Picture(WANADOO-02DB)
functionality that it can broadcast or stealth broadcast Which means if u scan for wireless networks u often find networks in Broadcast mode (I.e Tikona 1800 204 3333)Like that…In stealth Broadcast we cant identify the wireless network.. MODEM Don have this fuckin option, so that’s y weneva u scan any, u find some home networks modem range..but u can proceed only after Given SSID in the prompt box..!! 

 WEP: (Wired Equivalence privacy) this Protocol givea Base level security for all wi fi vendors and system Can benefit from OSI Standardization effort..Tha

fat ass option is one can Set in “ON” Or
“OFF”To use this…But Mostly all jerks n Geeks Forcibly set this “ON”

 WPA: (Wi Fi Protected Access) A security protocol tat was designed to secure Wireless Technology and To overcome the WEP Limitations..!! (WPA & WPA2 )

 TKIP: (Temporal Key Intergrity protocol) It’s a More secure version of WEP and it utilize the WPA For Network Security, It uses Some Diff kinda Algorithms than WEP, More trusted Encryption tunnels.(But trust me, most admin will not use this, But the Company Security policy wants to maintain diff security scheme for each heirerachy of the employes in the Org…Admins will deploy this feature)

 

MAC: (Media Access Control) Its used to get Multiple access in a Networked Environment,But MAC Address is a 12Digit Hexa decimal number that is associated with Network adapter, MAC Address is unique to each IP Address…(00-12-FA-WE-3R-TR) First 6 digits Says 00-12-FA Manufacturer Code Which say Network Adapter belongs to Whom, And next 6 digit Was assigned to unique Persons WE-3R-TR.

 DHCP : (Dynamic Host Configuration Protocol)  its one of the inbuilt features of Router..It services for the User who restarts the system, Generates the fresh IP address to them to frame the Device address in the network


Whether you are in Wired or wireless Environment..Yo are under Scan by some1 eye, TCP Monitor Or Any one Can use Sniffer tools like packetyzer to and can read your communication Coz all the transportations are not encrypted..

POSSIBLE ATTACKS: 

EAVESDROPPING (Installing Malicious tools and Make ur machine as a listener, And he hacker gets all packet information coz it was redirected by him to server)

DoS Attacks  Injecting Noise Or Interfrences in the wireless network Infinitely, Cause inturn Denial for particular service which tey Requested,Remember A Hacker Can Extract the SSID name of the network in Response to His ICMP Packets..This gives u a Glimpse of Dos Attacks

WEP Encryption “TURN ON
WEP Encrytion is the standard Encryption scheme for all OSI Network Complicance Products, It comes With Encryption, But doesn’t” TURNED ON” Automatically, Do it And Change all the defaults in the Newly purchased Router..So yo have changed SSID, And Turned On WEP…. I Assume.

 

DUMP THE DEFAULTS  Change all your defaults passwords.And keep this Security checklist With you…! Which also Includes Changing the Default Subnet that is 192.168.1.0 

 

Find the Original White Paper By h4ckfreak at Hackersbay

Read More