10) An official said investigators found that it eventually affected nearly 30 companies, including a large bank, government contractor, and the world's most valuable company, Apple Inc. Apple is a significant customer for Supermicro and plans to order more than 30,000 in both companies A new global data center network of servers. Three senior Apple insiders said that in the summer of 2015, it also found malicious chips on Supermicro motherboards. Apple cut its ties with Supermicro the following year because it described unrelated reasons.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Firewall and proxy server HOW TO FULL BY UndercOde ?
pinterest.com/UndercOdeOfficial
π¦ What is a firewall
1) A firewall is a part of the name of the car.
2) In the car, use a firewall separating the engine and passenger to
it once ignited car engine, the firewall will not only protect the safety of passengers, while at the same time also allow the driver to continue to control the
engine. In the computer, a firewall is a device that can separate from a common web portion (the entire Internet network
impact path). Thereafter, the text will be referred to as a computer firewall "firewall", which can be protected while connecting
both ends of the network and the Internet. But the Internet can not be protected to the Internet, the Internet can not be
connected to a protected network. If you want to protect the internal network to the Internet, you
have to telnet to the firewall, then the firewall from United Internet. The
3) simplest firewall is dual
homed system (system with two network connections). If you can believe that all your users, then you just
installed a Linux (setting the IP forwarding / gatewaying set to OFF), and let each person set up
an account. They can then log in to this system, using telnet, FTP, e-mail and read all
4) any other service you provide. Under this setup, the only computer in the network can contact with the outside world will
be the firewall. Other computers on this network don't even need a public path. Needed again
notes: For the above firewall to play a role, we must believe that all users! However, I can not build such a
meeting.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Firewall and proxy server HOW TO FULL BY UndercOde ?
pinterest.com/UndercOdeOfficial
π¦ What is a firewall
1) A firewall is a part of the name of the car.
2) In the car, use a firewall separating the engine and passenger to
it once ignited car engine, the firewall will not only protect the safety of passengers, while at the same time also allow the driver to continue to control the
engine. In the computer, a firewall is a device that can separate from a common web portion (the entire Internet network
impact path). Thereafter, the text will be referred to as a computer firewall "firewall", which can be protected while connecting
both ends of the network and the Internet. But the Internet can not be protected to the Internet, the Internet can not be
connected to a protected network. If you want to protect the internal network to the Internet, you
have to telnet to the firewall, then the firewall from United Internet. The
3) simplest firewall is dual
homed system (system with two network connections). If you can believe that all your users, then you just
installed a Linux (setting the IP forwarding / gatewaying set to OFF), and let each person set up
an account. They can then log in to this system, using telnet, FTP, e-mail and read all
4) any other service you provide. Under this setup, the only computer in the network can contact with the outside world will
be the firewall. Other computers on this network don't even need a public path. Needed again
notes: For the above firewall to play a role, we must believe that all users! However, I can not build such a
meeting.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall flaw-Problems :
t.me/iOsDeveloppers
1) problem for filtering purposes of this firewall is a firewall to prevent Internet access to your network.
2) Only pass
through the firewall to filter access function. With a proxy server, users can log in to the firewall
and enter any system within the private network.
3) In addition, there almost every day new client and server
market.
4) Therefore, it is necessary to have a new method to access the network to invoke these functions.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall flaw-Problems :
t.me/iOsDeveloppers
1) problem for filtering purposes of this firewall is a firewall to prevent Internet access to your network.
2) Only pass
through the firewall to filter access function. With a proxy server, users can log in to the firewall
and enter any system within the private network.
3) In addition, there almost every day new client and server
market.
4) Therefore, it is necessary to have a new method to access the network to invoke these functions.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Telegram
iUNDERCODE IOS JAILBREAK SUPPORT & HELP
WELCOME TO iUNDERCODE BY UNDERCODE TESTING FOR IOS JAILBREAK & TWEAKS GROUP RULES @UNDERCODERULES
ππΎππππ±π ΄
Youtube.com/c/Undercode
π ΅π°π ²π ΄π±πΎπΎπ Ί
@UndercOdeTesting
@iUNDERCODE
π Έπ ½πππ°π Άππ°π Ό
@UndercOdeTestinG
@iUNDERCODE
πππ Έπππ ΄π
@iUNDERCODE
@UNDERCODENEWS
ππΎππππ±π ΄
Youtube.com/c/Undercode
π ΅π°π ²π ΄π±πΎπΎπ Ί
@UndercOdeTesting
@iUNDERCODE
π Έπ ½πππ°π Άππ°π Ό
@UndercOdeTestinG
@iUNDERCODE
πππ Έπππ ΄π
@iUNDERCODE
@UNDERCODENEWS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall kind of
> firewall in two ways.
1) IP Filtering Firewall-Blocks all networking functions except some network functions.
2) Proxy Server-Network connection for you.
π¦ ππΌππ πππΈβπ
1) IP filtering firewall
IP filtering firewall works at the packet level. It contains based on origin, destination, and port number of each data packet in
a data packet type information flow control packets. This kind of firewall is very secure, but it lacks useful logins.
Record. It blocks people entering the individual networks, but do not tell you who you are entering the public system, or what
people from the interior into the Internet. The filtering firewall is an absolute filtering system. Even if you have to let the outside world a
few people into your private server, you can not let everyone into the server. Linux from version 1.3.x to open
contains the packet filtering software in the kernel start.
2) Proxy
Proxy allows directly into the Internet through the firewall. The best example is to telnet system, then
the system again another telnet therefrom. In systems with proxy servers, this task is completely automatic
. After using the client software to connect to the proxy server, the proxy server starts its client software (agent)
and then returns data. Because the proxy server repeats all communications, it is able to log all the work in progress
. As long as the configuration is correct, the proxy server is absolutely secure, which is the most desirable. It barrier anyone enter
into, since no direct IP access.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall kind of
> firewall in two ways.
1) IP Filtering Firewall-Blocks all networking functions except some network functions.
2) Proxy Server-Network connection for you.
π¦ ππΌππ πππΈβπ
1) IP filtering firewall
IP filtering firewall works at the packet level. It contains based on origin, destination, and port number of each data packet in
a data packet type information flow control packets. This kind of firewall is very secure, but it lacks useful logins.
Record. It blocks people entering the individual networks, but do not tell you who you are entering the public system, or what
people from the interior into the Internet. The filtering firewall is an absolute filtering system. Even if you have to let the outside world a
few people into your private server, you can not let everyone into the server. Linux from version 1.3.x to open
contains the packet filtering software in the kernel start.
2) Proxy
Proxy allows directly into the Internet through the firewall. The best example is to telnet system, then
the system again another telnet therefrom. In systems with proxy servers, this task is completely automatic
. After using the client software to connect to the proxy server, the proxy server starts its client software (agent)
and then returns data. Because the proxy server repeats all communications, it is able to log all the work in progress
. As long as the configuration is correct, the proxy server is absolutely secure, which is the most desirable. It barrier anyone enter
into, since no direct IP access.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Set up a firewall
1) hardware requirements
in β‘ embodiment, the computer configuration used was a 486-DX66 chip, 16M and 500M Linux memory division. System
within the system also installed two network cards, connect to a private network, another received a called a "demilitarized zone"
networks (Annotation: refers to a public network), and in the non-military on the web area, there is a Wang received Wangji
Road router (router).
2) This configuration is very common, and even with a network card and a modem
<> via PPP to the Internet, but the key point is to have two IP numbers on the firewall.
3) In many people's homes
All have small networks that connect two or three computers together.
4) Try all the modems are connected to run the Linux
computer (old 386 machine), then use the load balanced way the machines are connected to Internet data.
5) Advantage
using such a device, if the data to be transmitted, two modems simultaneously, the transmission speed can be doubled.
6) Set the firewall software
> existing software packages
if just set a filtering firewall, Linux, and that as long as the basic network software is enough. A set of software
may not be the version you are using Linux, called IP Firewall Administration tool.
7)( IPFWADM) Available from http://www.xos.nl/linux/ipfwadm/. If you want to set up a proxy servo
SERVER, you need a software package such.
SOCKS 1.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Set up a firewall
1) hardware requirements
in β‘ embodiment, the computer configuration used was a 486-DX66 chip, 16M and 500M Linux memory division. System
within the system also installed two network cards, connect to a private network, another received a called a "demilitarized zone"
networks (Annotation: refers to a public network), and in the non-military on the web area, there is a Wang received Wangji
Road router (router).
2) This configuration is very common, and even with a network card and a modem
<> via PPP to the Internet, but the key point is to have two IP numbers on the firewall.
3) In many people's homes
All have small networks that connect two or three computers together.
4) Try all the modems are connected to run the Linux
computer (old 386 machine), then use the load balanced way the machines are connected to Internet data.
5) Advantage
using such a device, if the data to be transmitted, two modems simultaneously, the transmission speed can be doubled.
6) Set the firewall software
> existing software packages
if just set a filtering firewall, Linux, and that as long as the basic network software is enough. A set of software
may not be the version you are using Linux, called IP Firewall Administration tool.
7)( IPFWADM) Available from http://www.xos.nl/linux/ipfwadm/. If you want to set up a proxy servo
SERVER, you need a software package such.
SOCKS 1.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ After This Tutorial
Are able to -take some ideas about firewalls and configurations ..
E N J O Y B Y U N D E R C O D E
Are able to -take some ideas about firewalls and configurations ..
E N J O Y B Y U N D E R C O D E
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 Network and Web Pentest Automation Framework
twitter.com/UndercOdeTC
> Features
π¦Pentest Toolbox management
1) Selection of Tools: Compilation of 50+ open-source tools & scripts, from various sources.
2) Docker-based: Application packaged in a Docker image running Kali OS, available on Docker Hub.
3) Ready-to-use: All tools and dependencies installed, just pull the Docker image and run a fresh container.
4) Updates made easy: Easily keep the whole toolbox up-to-date by running only one command.
5) Easy Customization: Easily add/remove tools from a simple configuration file.
6) Network Infrastructure Security Assessment
Many supported Services: Target most common TCP/UDP services (HTTP, FTP, SSH, SMB, Oracle, MS-SQL, MySQL, PostgreSQL, VNC, etc.).
Combine Power of Tools: Each security check is performed by a tool from the toolbox. Attacks are performed by chaining security checks.
7) Context Awareness: Security checks to run are selected and adapted according to the context of the target (i.e. detected technologies, credentials, vulnerabilities, etc.).
8) Reconnaissance: Automatic fingerprinting (product detection) of targeted services is performed.
9) CVE Lookup: When product names and their versions are detected, a vulnerability lookup is performed on online CVE databases (using Vulners & CVE Details).
10) Vulnerability Scanning: Automatically check for common vulnerabilities and attempt to perform some exploitations (auto-pwn).
11) Brute-force Attack: Automatically check for default/common credentials on the service and perform dictionnary attack if necessary.
12) Wordlists are optimized according to the targeted services.
Post-authentication Testing: Automatically perform some post-exploitation checks when valid credentials have been found.
Web Security Assessment
13) Large Focus on HTTP: More than 60 different security checks targeting HTTP supported for now.
14) Web Technologies Detection: Fingerprinting engine based on Wappalyzer is run prior to security checks, allowing to detect: Programming language, Framework, JS library, CMS, Web & Application Server.
15) Server Exploitation: Automatically scan and/or exploit most critical vulnerabilities (e.g. RCE) on web and application servers (e.g. JBoss, Tomcat, Weblogic, Websphere, Jenkins, etc.).
16) CMS Vulnerability Scanning: Automatically run vulnerability scanners on most common CMS (Wordpress, Drupal, Joomla, etc.).
π¦ πβπππΈπππππΈπππβ & βπβ:
1) Pull Jok3r Docker Image:
> sudo docker pull koutto/jok3r
2) Run fresh Docker container:
> sudo docker run -i -t --name jok3r-container -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g --net=host koutto/jok3r
3) To re-run a stopped container:
> sudo docker start -i jok3r-container
4) To open multiple shells inside the container:
> sudo docker exec -it jok3r-container bash
5) To re-run a stopped container:
>sudo docker start -i jok3r-container
6) To open multiple shells inside the container:
> sudo docker exec -it jok3r-container bash
7)Show all the tools in the toolbox:
> python3 jok3r.py toolbox --show-all
8) Install all the tools in the toolbox (already done in Docker container):
> python3 jok3r.py toolbox --install-all --auto
9) Update all the tools in the toolbox and prompt each time to check update:
> python3 jok3r.py toolbox --update-all
10) Update all the tools in the toolbox without any prompt:
> python3 jok3r.py toolbox --update-all --auto
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 Network and Web Pentest Automation Framework
twitter.com/UndercOdeTC
> Features
π¦Pentest Toolbox management
1) Selection of Tools: Compilation of 50+ open-source tools & scripts, from various sources.
2) Docker-based: Application packaged in a Docker image running Kali OS, available on Docker Hub.
3) Ready-to-use: All tools and dependencies installed, just pull the Docker image and run a fresh container.
4) Updates made easy: Easily keep the whole toolbox up-to-date by running only one command.
5) Easy Customization: Easily add/remove tools from a simple configuration file.
6) Network Infrastructure Security Assessment
Many supported Services: Target most common TCP/UDP services (HTTP, FTP, SSH, SMB, Oracle, MS-SQL, MySQL, PostgreSQL, VNC, etc.).
Combine Power of Tools: Each security check is performed by a tool from the toolbox. Attacks are performed by chaining security checks.
7) Context Awareness: Security checks to run are selected and adapted according to the context of the target (i.e. detected technologies, credentials, vulnerabilities, etc.).
8) Reconnaissance: Automatic fingerprinting (product detection) of targeted services is performed.
9) CVE Lookup: When product names and their versions are detected, a vulnerability lookup is performed on online CVE databases (using Vulners & CVE Details).
10) Vulnerability Scanning: Automatically check for common vulnerabilities and attempt to perform some exploitations (auto-pwn).
11) Brute-force Attack: Automatically check for default/common credentials on the service and perform dictionnary attack if necessary.
12) Wordlists are optimized according to the targeted services.
Post-authentication Testing: Automatically perform some post-exploitation checks when valid credentials have been found.
Web Security Assessment
13) Large Focus on HTTP: More than 60 different security checks targeting HTTP supported for now.
14) Web Technologies Detection: Fingerprinting engine based on Wappalyzer is run prior to security checks, allowing to detect: Programming language, Framework, JS library, CMS, Web & Application Server.
15) Server Exploitation: Automatically scan and/or exploit most critical vulnerabilities (e.g. RCE) on web and application servers (e.g. JBoss, Tomcat, Weblogic, Websphere, Jenkins, etc.).
16) CMS Vulnerability Scanning: Automatically run vulnerability scanners on most common CMS (Wordpress, Drupal, Joomla, etc.).
π¦ πβπππΈπππππΈπππβ & βπβ:
1) Pull Jok3r Docker Image:
> sudo docker pull koutto/jok3r
2) Run fresh Docker container:
> sudo docker run -i -t --name jok3r-container -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g --net=host koutto/jok3r
3) To re-run a stopped container:
> sudo docker start -i jok3r-container
4) To open multiple shells inside the container:
> sudo docker exec -it jok3r-container bash
5) To re-run a stopped container:
>sudo docker start -i jok3r-container
6) To open multiple shells inside the container:
> sudo docker exec -it jok3r-container bash
7)Show all the tools in the toolbox:
> python3 jok3r.py toolbox --show-all
8) Install all the tools in the toolbox (already done in Docker container):
> python3 jok3r.py toolbox --install-all --auto
9) Update all the tools in the toolbox and prompt each time to check update:
> python3 jok3r.py toolbox --update-all
10) Update all the tools in the toolbox without any prompt:
> python3 jok3r.py toolbox --update-all --auto
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TIS Firewall Toolkit (FWTK)
the difference between the 4.2 TIS Firewall Toolkit and SOCKS by UndercOde :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ
1) job of installing a firewall. These software are basically the same as SOCKS software, but the design strategy is different
> SOCKS using a set of Internet-related software performs all work, and TIS for each wish to use
a firewall utility provides a software. To illustrate the difference between the two, take world wide
web and Telnet as examples! In SOCKS, set a configuration file and a
2) After a daemon, both telnet and WWW can start to work, and other functions that have not been closed can also work
3) However, in TIS, you must set up separate configuration files and daemons for both WWW and telnet. After this
is set, the other functions are still unable to use the internet, unless you also make the relevant settings for these functions.
4) If a function (eg talk) no daemon, though there are "" plug-in "" daemon is available, but it is not
as flexible as other tools, but also easy to set. This may seem trivial, but it makes a big difference. Provided
comparison can be freely set when the SOCKS. If you set the SOCKS server is not perfect, from the internal network can be called up
with the original it does not intend to provide the internet functionality.
5) Such as the use of TIS, it can only be called from within the network system management
functions provided to you. SOCKS is easy to set up, easy to edit, and flexible. To ensure control by the
user within the protected network, the TIS higher security. But Both provide absolute protection, no outside
law to enter.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TIS Firewall Toolkit (FWTK)
the difference between the 4.2 TIS Firewall Toolkit and SOCKS by UndercOde :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ
1) job of installing a firewall. These software are basically the same as SOCKS software, but the design strategy is different
> SOCKS using a set of Internet-related software performs all work, and TIS for each wish to use
a firewall utility provides a software. To illustrate the difference between the two, take world wide
web and Telnet as examples! In SOCKS, set a configuration file and a
2) After a daemon, both telnet and WWW can start to work, and other functions that have not been closed can also work
3) However, in TIS, you must set up separate configuration files and daemons for both WWW and telnet. After this
is set, the other functions are still unable to use the internet, unless you also make the relevant settings for these functions.
4) If a function (eg talk) no daemon, though there are "" plug-in "" daemon is available, but it is not
as flexible as other tools, but also easy to set. This may seem trivial, but it makes a big difference. Provided
comparison can be freely set when the SOCKS. If you set the SOCKS server is not perfect, from the internal network can be called up
with the original it does not intend to provide the internet functionality.
5) Such as the use of TIS, it can only be called from within the network system management
functions provided to you. SOCKS is easy to set up, easy to edit, and flexible. To ensure control by the
user within the protected network, the TIS higher security. But Both provide absolute protection, no outside
law to enter.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to create a fake AP and sniff data With Kali-Parrot-updated 2019 ?
Pinterest.com/UndercOdeOfficial
π¦features:
SSLstrip2
Driftnet
Tshark
Full featured access point, with configurable speed limit
mitmproxy
Wireshark
DNS Spoofing
π¦ πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/xdavidhu/mitmAP
2) cd mitmAP
3) python3 mitmAP.py
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to create a fake AP and sniff data With Kali-Parrot-updated 2019 ?
Pinterest.com/UndercOdeOfficial
π¦features:
SSLstrip2
Driftnet
Tshark
Full featured access point, with configurable speed limit
mitmproxy
Wireshark
DNS Spoofing
π¦ πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/xdavidhu/mitmAP
2) cd mitmAP
3) python3 mitmAP.py
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ kernel editor- full Tutorial by Underc0de
π¦ ππΌππ πππΈβπ
1) Firstly Linux version to reinstall the Linux system (I used RedHat 3.0.3, after which are examples of this
version will prevail). The fewer the system software installed, the less problems and vulnerabilities, because these problems and vulnerability
problems on the system will be safe, so long as the minimum amount sufficient to install the software can be.
2) Selection of a stable
set of core. My system uses the Linux 2.0.14 kernel. So this file is set up with this kernel
3) As the basis. Re-edit the kernel based on the appropriate options. If you have not read
too Kernel HOWTO, Ethernet HOWTO and NET-
π¦ HOWTO, this time may wish to use this opportunity to read a
reading these HOWTO. Following are the network related settings in 'make config'.
> In General setup
Set Networking Support to ON
<> In Networking Options
1) Set Network firewalls to ON
Set TCP / IP Networking to ON
2) Set IP forwarding / gatewaying to OFF (unless you want to use IP filtering )
3) Set IP Firewalling to ON
4) Set IP firewall packet loggin to ON (not required, it is better to set it)
5) Set IP: masquerading to OFF (outside the scope of this article)
6) Set IP: accounting to ON
7) Set IP: tunneling to OFF
8) Set IP: aliasing to OFF.
9) Set IP: PC / TCP compatibility mode to OFF
10) Set IP: Reverse ARP to OFF
11) Set Drop source routed frames to ON
π¦ Network device support under item
1) Network device support is provided to the ON
2) Dummy net driver support is provided to the ON
3) disposed Ethernet (10 or 100Mbit) to the ON
4) Select the network card
is now re-edited and re-install the kernel, Restart. The network card should be displayed in the startup prompt. If you
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ kernel editor- full Tutorial by Underc0de
π¦ ππΌππ πππΈβπ
1) Firstly Linux version to reinstall the Linux system (I used RedHat 3.0.3, after which are examples of this
version will prevail). The fewer the system software installed, the less problems and vulnerabilities, because these problems and vulnerability
problems on the system will be safe, so long as the minimum amount sufficient to install the software can be.
2) Selection of a stable
set of core. My system uses the Linux 2.0.14 kernel. So this file is set up with this kernel
3) As the basis. Re-edit the kernel based on the appropriate options. If you have not read
too Kernel HOWTO, Ethernet HOWTO and NET-
π¦ HOWTO, this time may wish to use this opportunity to read a
reading these HOWTO. Following are the network related settings in 'make config'.
> In General setup
Set Networking Support to ON
<> In Networking Options
1) Set Network firewalls to ON
Set TCP / IP Networking to ON
2) Set IP forwarding / gatewaying to OFF (unless you want to use IP filtering )
3) Set IP Firewalling to ON
4) Set IP firewall packet loggin to ON (not required, it is better to set it)
5) Set IP: masquerading to OFF (outside the scope of this article)
6) Set IP: accounting to ON
7) Set IP: tunneling to OFF
8) Set IP: aliasing to OFF.
9) Set IP: PC / TCP compatibility mode to OFF
10) Set IP: Reverse ARP to OFF
11) Set Drop source routed frames to ON
π¦ Network device support under item
1) Network device support is provided to the ON
2) Dummy net driver support is provided to the ON
3) disposed Ethernet (10 or 100Mbit) to the ON
4) Select the network card
is now re-edited and re-install the kernel, Restart. The network card should be displayed in the startup prompt. If you
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How To set two network cards, and network adress via firewalls ?
T.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ
> PC if two network cards, most likely need to add a line in /etc/lilo.conf profile, indicating two
IRQ and address of the network card. In my machine, the added line of lilo.conf file is as follows:
append = "" ether = 12,0x300, eth0 ether = 15,0x340, eth1 ""
> Setting Network Addresses
1) Since the Internet is not going to let any of its own into the network of
any part, so the network does not require the actual URL. Stay in the Internet in a number of network addresses allows
free to use, because somehow need to address its own network, and these can not enter Internet addresses, stir
muddy globally. So you might choose these addresses. In these addresses, 192.168.2.XXX is retained in the
address, and therefore to use these addresses for illustration.
2) Because the proxy server is on two networks at the same time, it can send data from both sides in the middle.
199.1.2.10 ______ 192.168.2.1
_ _ | | / _____________
| / / | | | / | |
Internet ------------- | Firewall | -------- ----------- | Workstation |
_ / _ / _ / _ / | _____ | | __________ |
3) If you want to set a filtering firewall, you can still use these URLs, but you must use IP masquerading. After this
type of setting, the firewall will transfer the data packet, and attach the actual IP address sent to the Internet. In the network card
Internet end (outer end) of the first set the real IP address of the Ethernet card in the end provided
is 192.168.2.1.
4) This is the IP address of the proxy / gateway for this computer. Protected within all other network
computers can be selected in any 192.168.2.xxx as the address (from 192.168.2.2
to 192.168.2.254). In RedHat Linux,
an ifcfg-eth1 file must be added to the / etc / sysconfig / network-scripts directory, so that the
network and routing table can be set through this file during startup . The parameters of ifcfg-eth1 can be set as follows:
#! / bin / sh
# >>> Device type: ethernet
# >>> Variable declarations:
DEVICE = eth1
IPADDR = 192.168.2.1
NETMASK = 255.255.255.0
NETWORK = 192.168.2.0
BROADCAST = 192.168.2.255
GATEWAY = 199.1.2.10
ONBOOT = yes
# >>> End variable declarations You
5) can try these parameters to make the modem and ISP automatically connect. May wish to look at the ipup-ppp file. The data unit and
connected to the Internet, ISP assigns the IP address when connecting the outer end.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How To set two network cards, and network adress via firewalls ?
T.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ
> PC if two network cards, most likely need to add a line in /etc/lilo.conf profile, indicating two
IRQ and address of the network card. In my machine, the added line of lilo.conf file is as follows:
append = "" ether = 12,0x300, eth0 ether = 15,0x340, eth1 ""
> Setting Network Addresses
1) Since the Internet is not going to let any of its own into the network of
any part, so the network does not require the actual URL. Stay in the Internet in a number of network addresses allows
free to use, because somehow need to address its own network, and these can not enter Internet addresses, stir
muddy globally. So you might choose these addresses. In these addresses, 192.168.2.XXX is retained in the
address, and therefore to use these addresses for illustration.
2) Because the proxy server is on two networks at the same time, it can send data from both sides in the middle.
199.1.2.10 ______ 192.168.2.1
_ _ | | / _____________
| / / | | | / | |
Internet ------------- | Firewall | -------- ----------- | Workstation |
_ / _ / _ / _ / | _____ | | __________ |
3) If you want to set a filtering firewall, you can still use these URLs, but you must use IP masquerading. After this
type of setting, the firewall will transfer the data packet, and attach the actual IP address sent to the Internet. In the network card
Internet end (outer end) of the first set the real IP address of the Ethernet card in the end provided
is 192.168.2.1.
4) This is the IP address of the proxy / gateway for this computer. Protected within all other network
computers can be selected in any 192.168.2.xxx as the address (from 192.168.2.2
to 192.168.2.254). In RedHat Linux,
an ifcfg-eth1 file must be added to the / etc / sysconfig / network-scripts directory, so that the
network and routing table can be set through this file during startup . The parameters of ifcfg-eth1 can be set as follows:
#! / bin / sh
# >>> Device type: ethernet
# >>> Variable declarations:
DEVICE = eth1
IPADDR = 192.168.2.1
NETMASK = 255.255.255.0
NETWORK = 192.168.2.0
BROADCAST = 192.168.2.255
GATEWAY = 199.1.2.10
ONBOOT = yes
# >>> End variable declarations You
5) can try these parameters to make the modem and ISP automatically connect. May wish to look at the ipup-ppp file. The data unit and
connected to the Internet, ISP assigns the IP address when connecting the outer end.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Information gathering:
> Parrot-Kali Linux operating system provides some tools that can help users organize and organize the data of the target host, so that users get better late reconnaissance
twitter.com/UndercOdeTC
π¦ tools as follows:
Enumeration service
Test network range;
Identify active hosts and view open ports;
System fingerprint identification;
Service fingerprint identification;
Other means of information collection;
Use Maltego to collect information;
Draw a network diagram.
π¦so lets start Those Tutorials on Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Information gathering:
> Parrot-Kali Linux operating system provides some tools that can help users organize and organize the data of the target host, so that users get better late reconnaissance
twitter.com/UndercOdeTC
π¦ tools as follows:
Enumeration service
Test network range;
Identify active hosts and view open ports;
System fingerprint identification;
Service fingerprint identification;
Other means of information collection;
Use Maltego to collect information;
Draw a network diagram.
π¦so lets start Those Tutorials on Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ DNS enum tool DNSenum- for info gathring :
fb.com/UndercOdeTestingCompany
1) DNSenum is a very powerful tool for collecting domain name information.
2) It can guess possible domain names through Google or dictionary files, and perform reverse query on a network segment.
3) it can not only query website host address information, domain name server and mail exchange records, but also perform axfr requests on the domain name server, and then obtain extended domain name information through Google scripts, extract subdomain names and query, finally calculate class C addresses and execute whois Query, perform a reverse query, and write the address segment to a file.
4) This section will introduce checking DNS enumeration using DNSenum tool. Execute the following command in the terminal:
root@kali:~# dnsenum --enum benet.com
dnsenum.pl VERSION:
Warning: can't load Net::Whois::IP module, whois queries disabled.
----- benet.com -----
Host's addresses:
__________________
benet.com. 86400 IN A 192.168.41.131
benet.com. 86400 IN A 127.0.0.1
Name Servers:
______________
benet.com. 86400 IN A 127.0.0.1
benet.com. 86400 IN A 192.168.41.131
www.benet.com. 86400 IN A 192.168.41.131
Mail (MX) Servers:
___________________
mail.benet.com. 86400 IN A 192.168.41.2
> Trying Zone Transfers and getting Bind Versions:
The output shows detailed information about the DNS service.
> These include host addresses, domain name service addresses, and mail service addresses. If you are lucky, you can also see a regional transmission.
> When using the DNSenum tool to check DNS enumeration, you can use some additional options of dnsenum as shown below.
--threads [number]: Sets the number of users running multiple processes simultaneously.
-r: Allows the user to enable recursive queries.
-d: Allows the user to set the number of time delays (in seconds) between WHOIS requests.
-o: Allows the user to specify the output location.
-w: Allow users to enable WHOIS requests.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ DNS enum tool DNSenum- for info gathring :
fb.com/UndercOdeTestingCompany
1) DNSenum is a very powerful tool for collecting domain name information.
2) It can guess possible domain names through Google or dictionary files, and perform reverse query on a network segment.
3) it can not only query website host address information, domain name server and mail exchange records, but also perform axfr requests on the domain name server, and then obtain extended domain name information through Google scripts, extract subdomain names and query, finally calculate class C addresses and execute whois Query, perform a reverse query, and write the address segment to a file.
4) This section will introduce checking DNS enumeration using DNSenum tool. Execute the following command in the terminal:
root@kali:~# dnsenum --enum benet.com
dnsenum.pl VERSION:
Warning: can't load Net::Whois::IP module, whois queries disabled.
----- benet.com -----
Host's addresses:
__________________
benet.com. 86400 IN A 192.168.41.131
benet.com. 86400 IN A 127.0.0.1
Name Servers:
______________
benet.com. 86400 IN A 127.0.0.1
benet.com. 86400 IN A 192.168.41.131
www.benet.com. 86400 IN A 192.168.41.131
Mail (MX) Servers:
___________________
mail.benet.com. 86400 IN A 192.168.41.2
> Trying Zone Transfers and getting Bind Versions:
The output shows detailed information about the DNS service.
> These include host addresses, domain name service addresses, and mail service addresses. If you are lucky, you can also see a regional transmission.
> When using the DNSenum tool to check DNS enumeration, you can use some additional options of dnsenum as shown below.
--threads [number]: Sets the number of users running multiple processes simultaneously.
-r: Allows the user to enable recursive queries.
-d: Allows the user to set the number of time delays (in seconds) between WHOIS requests.
-o: Allows the user to specify the output location.
-w: Allow users to enable WHOIS requests.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SNMP Enumeration Tool Snmpwalk - information gathering :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ
1) Snmpwalk is an SNMP application.
2) It uses the SNMP GETNEXT request to query all specified OID (object identification in SNMP) tree information and display it to the user. This section will demonstrate the use of the Snmpwalk tool.
[Example 4-1] Use the Snmpwalk command to test the Windows host.
π¦ The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 2c
iso.3.6.1.2.1.1.1.0 = STRING: "Hardware: x86 Family 6 Model 42 Stepping 7 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.311.1.1.3.1.1
iso.3.6.1.2.1.1.3.0 = Timeticks: (49046) 0:08:10.46
iso.3.6.1.2.1.1.4.0 = ""
iso.3.6.1.2.1.1.5.0 = STRING: "WIN-RKPKQFBLG6C"
iso.3.6.1.2.1.1.6.0 = ""
iso.3.6.1.2.1.1.7.0 = INTEGER: 76
iso.3.6.1.2.1.2.1.0 = INTEGER: 19
iso.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1
iso.3.6.1.2.1.2.2.1.1.2 = INTEGER: 2
iso.3.6.1.2.1.2.2.1.1.3 = INTEGER: 3
iso.3.6.1.2.1.2.2.1.1.4 = INTEGER: 4
iso.3.6.1.2.1.2.2.1.1.5 = INTEGER: 5
iso.3.6.1.2.1.2.2.1.1.6 = INTEGER: 6
β¦β¦
iso.3.6.1.2.1.2.2.1.1.16 = INTEGER: 16
iso.3.6.1.2.1.2.2.1.1.17 = INTEGER: 17
iso.3.6.1.2.1.2.2.1.1.18 = INTEGER: 18
iso.3.6.1.2.1.2.2.1.1.19 = INTEGER: 19
iso.3.6.1.2.1.2.2.1.2.1 = Hex-STRING: 53 6F 66 74 77 61 72 65 20 4C 6F 6F 70 62 61 63
6B 20 49 6E 74 65 72 66 61 63 65 20 31 00
iso.3.6.1.2.1.2.2.1.2.2 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 53 53
54 50 29 00
iso.3.6.1.2.1.2.2.1.2.3 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 4C 32
54 50 29 00
iso.3.6.1.2.1.2.2.1.2.4 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 50 50
β¦β¦
iso.3.6.1.2.1.55.1.8.1.5.11.16.254.128.0.0.0.0.0.0.149.194.132.179.177.254.120.40 = INTEGER: 1
iso.3.6.1.2.1.55.1.8.1.5.12.16.254.128.0.0.0.0.0.0.0.0.94.254.192.168.41.138 = INTEGER: 1
iso.
iso.3.6.1.2.1.55.1.9.0 = Gauge32: 9
iso.3.6.1.2.1.55.1.10.0 = Counter32: 0
3) The above output shows all the information on the Windows host 192.168.41.138.
4) Users can also use the snmpwalk command to enumerate the installed software.
> The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 1 | grep ftp
The output is as follows:
iso.3.6.1.2.1.25.4.2.1.5.3604 = STRING: "-k ftpsvc"
5) The output indicates that the 192.168.41.138 host has the ftp package installed.
6) The Snmpwalk tool can also be used to enumerate the TCP ports opened on the target host. The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 1 | grep tcpConnState | cut -d "." -f6 | sort -nu
21
25
80
443
7) The output shows the ports opened by the host 192.168.41.138. Such as 21, 25, 80, and 443, a total of 4 port numbers are opened.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SNMP Enumeration Tool Snmpwalk - information gathering :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ
1) Snmpwalk is an SNMP application.
2) It uses the SNMP GETNEXT request to query all specified OID (object identification in SNMP) tree information and display it to the user. This section will demonstrate the use of the Snmpwalk tool.
[Example 4-1] Use the Snmpwalk command to test the Windows host.
π¦ The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 2c
iso.3.6.1.2.1.1.1.0 = STRING: "Hardware: x86 Family 6 Model 42 Stepping 7 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.311.1.1.3.1.1
iso.3.6.1.2.1.1.3.0 = Timeticks: (49046) 0:08:10.46
iso.3.6.1.2.1.1.4.0 = ""
iso.3.6.1.2.1.1.5.0 = STRING: "WIN-RKPKQFBLG6C"
iso.3.6.1.2.1.1.6.0 = ""
iso.3.6.1.2.1.1.7.0 = INTEGER: 76
iso.3.6.1.2.1.2.1.0 = INTEGER: 19
iso.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1
iso.3.6.1.2.1.2.2.1.1.2 = INTEGER: 2
iso.3.6.1.2.1.2.2.1.1.3 = INTEGER: 3
iso.3.6.1.2.1.2.2.1.1.4 = INTEGER: 4
iso.3.6.1.2.1.2.2.1.1.5 = INTEGER: 5
iso.3.6.1.2.1.2.2.1.1.6 = INTEGER: 6
β¦β¦
iso.3.6.1.2.1.2.2.1.1.16 = INTEGER: 16
iso.3.6.1.2.1.2.2.1.1.17 = INTEGER: 17
iso.3.6.1.2.1.2.2.1.1.18 = INTEGER: 18
iso.3.6.1.2.1.2.2.1.1.19 = INTEGER: 19
iso.3.6.1.2.1.2.2.1.2.1 = Hex-STRING: 53 6F 66 74 77 61 72 65 20 4C 6F 6F 70 62 61 63
6B 20 49 6E 74 65 72 66 61 63 65 20 31 00
iso.3.6.1.2.1.2.2.1.2.2 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 53 53
54 50 29 00
iso.3.6.1.2.1.2.2.1.2.3 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 4C 32
54 50 29 00
iso.3.6.1.2.1.2.2.1.2.4 = Hex-STRING: 57 41 4E 20 4D 69 6E 69 70 6F 72 74 20 28 50 50
β¦β¦
iso.3.6.1.2.1.55.1.8.1.5.11.16.254.128.0.0.0.0.0.0.149.194.132.179.177.254.120.40 = INTEGER: 1
iso.3.6.1.2.1.55.1.8.1.5.12.16.254.128.0.0.0.0.0.0.0.0.94.254.192.168.41.138 = INTEGER: 1
iso.
iso.3.6.1.2.1.55.1.9.0 = Gauge32: 9
iso.3.6.1.2.1.55.1.10.0 = Counter32: 0
3) The above output shows all the information on the Windows host 192.168.41.138.
4) Users can also use the snmpwalk command to enumerate the installed software.
> The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 1 | grep ftp
The output is as follows:
iso.3.6.1.2.1.25.4.2.1.5.3604 = STRING: "-k ftpsvc"
5) The output indicates that the 192.168.41.138 host has the ftp package installed.
6) The Snmpwalk tool can also be used to enumerate the TCP ports opened on the target host. The execution command is as follows:
root@kali:~# snmpwalk -c public 192.168.41.138 -v 1 | grep tcpConnState | cut -d "." -f6 | sort -nu
21
25
80
443
7) The output shows the ports opened by the host 192.168.41.138. Such as 21, 25, 80, and 443, a total of 4 port numbers are opened.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Scapy- info gathering-kali-parrot :
1) Scapy is a powerful interactive packet processing tool, packet generator, network scanner, network discovery tool and packet sniffing tool.
2) It provides multiple types of functions such as interactively generating data packets or data packet collections, operating on data packets, sending data packets, packet sniffing, response and feedback matching. .
3) Use Scapy to implement multi-line parallel trace routing function.
π¦ Start the Scapy tool. The execution command is shown below.
1) root@kali:~# scapy
INFO: Can't import python gnuplot wrapper . Won't be able to plot.
WARNING: No route found for IPv6 destination :: (no default route?)
Welcome to Scapy (2.2.0)
>>>
When you see the >>> prompt, it means that the scapy command is successfully logged in.
2) Use the sr () function to send and receive data packets. The execution command is as follows:
>>> ans,unans=sr(IP(dst="www.undercodetestsite.com/30",ttl=(1,6))/TCP())
3) Begin emission:
.****Finished to send 24 packets.
β¦β¦β¦***************β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦..^C #Ctrl+C
Received 70 packets, got 19 answers, remaining 5 packets
After executing the above command, it will automatically establish a connection with www.undercodetestsite.com After a few minutes of execution, use Ctrl + C to terminate receiving packets. From the output information, you can see that 70 data packets were received, 19 response packets were obtained, and 5 packets were retained.
4) View the packet sending situation in the form of a table. The execution command is as follows:
>>> ans.make_table(lambda(s,r):(s.dst,s.ttl,r.src))
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Scapy- info gathering-kali-parrot :
1) Scapy is a powerful interactive packet processing tool, packet generator, network scanner, network discovery tool and packet sniffing tool.
2) It provides multiple types of functions such as interactively generating data packets or data packet collections, operating on data packets, sending data packets, packet sniffing, response and feedback matching. .
3) Use Scapy to implement multi-line parallel trace routing function.
π¦ Start the Scapy tool. The execution command is shown below.
1) root@kali:~# scapy
INFO: Can't import python gnuplot wrapper . Won't be able to plot.
WARNING: No route found for IPv6 destination :: (no default route?)
Welcome to Scapy (2.2.0)
>>>
When you see the >>> prompt, it means that the scapy command is successfully logged in.
2) Use the sr () function to send and receive data packets. The execution command is as follows:
>>> ans,unans=sr(IP(dst="www.undercodetestsite.com/30",ttl=(1,6))/TCP())
3) Begin emission:
.****Finished to send 24 packets.
β¦β¦β¦***************β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦..^C #Ctrl+C
Received 70 packets, got 19 answers, remaining 5 packets
After executing the above command, it will automatically establish a connection with www.undercodetestsite.com After a few minutes of execution, use Ctrl + C to terminate receiving packets. From the output information, you can see that 70 data packets were received, 19 response packets were obtained, and 5 packets were retained.
4) View the packet sending situation in the form of a table. The execution command is as follows:
>>> ans.make_table(lambda(s,r):(s.dst,s.ttl,r.src))
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How To Use Nmap to Identify Active Hosts
The previous section introduced the concepts and functions of the Nmap tool. Use this tool now to test active hosts on a network.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ
1) Use Nmap to see if a host is online. The execution command is as follows:
> root@kali:~# nmap -sP 192.168.41.136
2) Starting Nmap 6.40 ( http://nmap.org ) at 2014-04-21 17:54 CST
Nmap scan report for www.benet.com (192.168.41.136)
Host is up (0.00028s latency).
MAC Address: 00:0C:29:31:02:17 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds
From the output information, you can see the domain name, online and
MAC address of the host 192.168.41.136.
Users can also use Nping (Nmap kit) to view, can get more detailed
π¦information. The execution command is as follows:
> root@kali:~# nping --echo-client "public" echo.nmap.org
> Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-04-21 17:53 CST
> SENT (1.6030s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=1] IP [ttl=64 id=1270 iplen=28 ]
RCVD (1.7971s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64157 iplen=28 ]
SENT (2.6047s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=2] IP [ttl=64 id=1270 iplen=28 ]
RCVD (2.6149s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64159 iplen=28 ]
SENT (3.6289s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=3] IP [ttl=64 id=1270 iplen=28 ]
RCVD (3.6322s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64161 iplen=28 ]
> SENT (5.6454s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=5] IP [ttl=64 id=1270 iplen=28 ]
RCVD (5.6455s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64164 iplen=28 ]
Max rtt: 193.736ms | Min rtt: 0.042ms | Avg rtt: 70.512ms
Raw packets sent: 5 (140B) | Rcvd: 11 (506B) | Lost: 0 (0.00%)| Echoed: 0 (0B)
> Nping done: 1 IP address pinged in 6.72 seconds
π¦ The output information shows the data sent when connected to the echo.nmap.org website, such as the time of sending the packet, the time of receiving, the TTL value, and the round trip time.
The user can also send some hexadecimal data to the specified port, as shown below:
> root@kali:~# nping -tcp -p 445 -data AF56A43D 192.168.41.136
Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-04-21 17:58 CST
SENT (0.0605s) TCP 192.168.41.234:14647 > 192.168.41.136:445 S ttl=64 id=54933 iplen=44 seq=3255055782 win=1480
RCVD (0.0610s) TCP 192.168.41.136:445 > 192.168.41.234:14647 RA ttl=64 id=0 iplen=40 seq=0 win=0
SENT (1.0617s) TCP 192.168.41.234:14647 > 192.168.41.136:445 S ttl=64 id=54933 iplen=44 seq=3255055782 win=1480
RCVD (1.0620s) TCP 192.168.41.136:445 > 192.168.41.234:14647 RA ttl=64 id=0 iplen=40 seq=0 win=0
π¦The output information shows the TCP transmission process between 192.168.41.234 and the target system 192.168.41.136. Some common network layer attacks are simulated by sending data packets to the designated ports to verify the defense of the target system against these tests.
E N J O Y
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How To Use Nmap to Identify Active Hosts
The previous section introduced the concepts and functions of the Nmap tool. Use this tool now to test active hosts on a network.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ
1) Use Nmap to see if a host is online. The execution command is as follows:
> root@kali:~# nmap -sP 192.168.41.136
2) Starting Nmap 6.40 ( http://nmap.org ) at 2014-04-21 17:54 CST
Nmap scan report for www.benet.com (192.168.41.136)
Host is up (0.00028s latency).
MAC Address: 00:0C:29:31:02:17 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds
From the output information, you can see the domain name, online and
MAC address of the host 192.168.41.136.
Users can also use Nping (Nmap kit) to view, can get more detailed
π¦information. The execution command is as follows:
> root@kali:~# nping --echo-client "public" echo.nmap.org
> Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-04-21 17:53 CST
> SENT (1.6030s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=1] IP [ttl=64 id=1270 iplen=28 ]
RCVD (1.7971s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64157 iplen=28 ]
SENT (2.6047s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=2] IP [ttl=64 id=1270 iplen=28 ]
RCVD (2.6149s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64159 iplen=28 ]
SENT (3.6289s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=3] IP [ttl=64 id=1270 iplen=28 ]
RCVD (3.6322s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64161 iplen=28 ]
> SENT (5.6454s) ICMP [192.168.41.234 > 74.207.244.221 Echo request (type=8/code=0) id=45896 seq=5] IP [ttl=64 id=1270 iplen=28 ]
RCVD (5.6455s) ICMP [74.207.244.221 > 192.168.41.234 Echo reply (type=0/code=0) id=45896 seq=1] IP [ttl=128 id=64164 iplen=28 ]
Max rtt: 193.736ms | Min rtt: 0.042ms | Avg rtt: 70.512ms
Raw packets sent: 5 (140B) | Rcvd: 11 (506B) | Lost: 0 (0.00%)| Echoed: 0 (0B)
> Nping done: 1 IP address pinged in 6.72 seconds
π¦ The output information shows the data sent when connected to the echo.nmap.org website, such as the time of sending the packet, the time of receiving, the TTL value, and the round trip time.
The user can also send some hexadecimal data to the specified port, as shown below:
> root@kali:~# nping -tcp -p 445 -data AF56A43D 192.168.41.136
Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-04-21 17:58 CST
SENT (0.0605s) TCP 192.168.41.234:14647 > 192.168.41.136:445 S ttl=64 id=54933 iplen=44 seq=3255055782 win=1480
RCVD (0.0610s) TCP 192.168.41.136:445 > 192.168.41.234:14647 RA ttl=64 id=0 iplen=40 seq=0 win=0
SENT (1.0617s) TCP 192.168.41.234:14647 > 192.168.41.136:445 S ttl=64 id=54933 iplen=44 seq=3255055782 win=1480
RCVD (1.0620s) TCP 192.168.41.136:445 > 192.168.41.234:14647 RA ttl=64 id=0 iplen=40 seq=0 win=0
π¦The output information shows the TCP transmission process between 192.168.41.234 and the target system 192.168.41.136. Some common network layer attacks are simulated by sending data packets to the designated ports to verify the defense of the target system against these tests.
E N J O Y
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
nmap.org
Nmap: the Network Mapper - Free Security Scanner
Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Setting ProxyChains full by Underc0de:
twitter.com/UndercOdeTc
π¦ ππΌππ πππΈβπ
1) ProxyChains is a proxy tool for Linux and other Unices. It can make any program go online through a proxy, allow TCP and DNS to pass through a proxy tunnel, support HTTP, SOCKS4 and SOCKS5 proxy servers, and can configure multiple proxies.
2) ProxyChains forcibly connects the specified application through a user-defined proxy list, and directly disconnects the receiver and the sender.
3) This section describes how to set up ProxyChains.
π¦ The specific steps for setting ProxyChains are shown below.
1) Open the ProxyChains configuration file. The execution command is as follows:
> root@Kali:~# vi /etc/proxychains.conf
2) After executing the above command, the contents of the open file are as follows:
# proxychains.conf VER 3.1
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
The output is the content of the proxychains.conf file. Due to space reasons, only some of them are listed here.
3) Cancel the comment character in front of dynamic_chain in proxychains.conf file. The configuration item to be modified is the bold part above, as shown below:
dynamic_chain
4) Add some proxy servers to the list (at the end of the proxychains.conf file), as shown below:
# ProxyList format
# type host port [user pass]
# (values separated by 'tab' or 'blank')
#
#
Examples:
socks5 192.168.67.78 1080 lamer secret
http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
socks5 98.206.2.3 1893
socks5 76.22.86.170 1658
-- ζε ₯ --
The bold part in the above information is the added proxy server.
5) Resolve the target host through the user's connection agent. The execution command is as follows:
> root@kali:~# proxyresolv www.target.com
By default, when you execute the proxyresolv command, you may see that the command does not find an error message.
6) Because proxyresolv is stored in the / usr / lib / proxychains3 / directory, it cannot be executed. proxyresolv will be called by proxychains, so put these two files in a directory like / usr / bin. The execution command is as follows:
> root@kali:~# cp /usr/lib/proxychains3/proxyresolv /usr/bin/
After executing the above command, the proxyresolv command can be executed.
7) Run ProxyChains through the application that the user wants to use, for example, start msfconsole. The execution command is as follows:
root@kali:~# proxychains msfconsole
ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| 0.0.0.0
|S-chain|-<>-127.0.0.1:9050-<--timeout
|DNS-response|: 0.0.0.0 is not exist
, ,
/ \
((---,,,---))
(_) O O (_)_________
\ _ / |\
o_o \ M S F | \
\ _____ | *
||| WW |||
||| |||
π¦ Setting ProxyChains full by Underc0de:
twitter.com/UndercOdeTc
π¦ ππΌππ πππΈβπ
1) ProxyChains is a proxy tool for Linux and other Unices. It can make any program go online through a proxy, allow TCP and DNS to pass through a proxy tunnel, support HTTP, SOCKS4 and SOCKS5 proxy servers, and can configure multiple proxies.
2) ProxyChains forcibly connects the specified application through a user-defined proxy list, and directly disconnects the receiver and the sender.
3) This section describes how to set up ProxyChains.
π¦ The specific steps for setting ProxyChains are shown below.
1) Open the ProxyChains configuration file. The execution command is as follows:
> root@Kali:~# vi /etc/proxychains.conf
2) After executing the above command, the contents of the open file are as follows:
# proxychains.conf VER 3.1
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
The output is the content of the proxychains.conf file. Due to space reasons, only some of them are listed here.
3) Cancel the comment character in front of dynamic_chain in proxychains.conf file. The configuration item to be modified is the bold part above, as shown below:
dynamic_chain
4) Add some proxy servers to the list (at the end of the proxychains.conf file), as shown below:
# ProxyList format
# type host port [user pass]
# (values separated by 'tab' or 'blank')
#
#
Examples:
socks5 192.168.67.78 1080 lamer secret
http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
socks5 98.206.2.3 1893
socks5 76.22.86.170 1658
-- ζε ₯ --
The bold part in the above information is the added proxy server.
5) Resolve the target host through the user's connection agent. The execution command is as follows:
> root@kali:~# proxyresolv www.target.com
By default, when you execute the proxyresolv command, you may see that the command does not find an error message.
6) Because proxyresolv is stored in the / usr / lib / proxychains3 / directory, it cannot be executed. proxyresolv will be called by proxychains, so put these two files in a directory like / usr / bin. The execution command is as follows:
> root@kali:~# cp /usr/lib/proxychains3/proxyresolv /usr/bin/
After executing the above command, the proxyresolv command can be executed.
7) Run ProxyChains through the application that the user wants to use, for example, start msfconsole. The execution command is as follows:
root@kali:~# proxychains msfconsole
ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| 0.0.0.0
|S-chain|-<>-127.0.0.1:9050-<--timeout
|DNS-response|: 0.0.0.0 is not exist
, ,
/ \
((---,,,---))
(_) O O (_)_________
\ _ / |\
o_o \ M S F | \
\ _____ | *
||| WW |||
||| |||
Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro
-- type 'go_pro' to launch it now.
=[ metasploit v4.7.0-2013082802 [core:4.7 api:1.0]
+ -- --=[ 1161 exploits - 641 auxiliary - 180 post
+ -- --=[ 310 payloads - 30 encoders - 8 nops
msf >
8) After executing the above command, if you see the msf> prompt, it means that msfconsole started successfully. Indicates that ProxyChains is successfully set.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
-- type 'go_pro' to launch it now.
=[ metasploit v4.7.0-2013082802 [core:4.7 api:1.0]
+ -- --=[ 1161 exploits - 641 auxiliary - 180 post
+ -- --=[ 310 payloads - 30 encoders - 8 nops
msf >
8) After executing the above command, if you see the msf> prompt, it means that msfconsole started successfully. Indicates that ProxyChains is successfully set.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β