hping3
--------------------------------------------------------
hping send {ip(daddr=192.168.56.1)+icmp(type8 code=0}
tcpdump -i wlan0
=========================================================
foreach i [list 5 6 7 8 9 10] {hping send "ip(daddr=192.168.56.1,ttl=$i)+icmp(type=8,code=0)"}
sudo tcpdump -i waln0 -x -vv | grep ICMP
============================================================
while 1{
set p [lindex [hping recv eth0]0]
puts "[hping getfield ip saddr $p]-> hping getfield ip ttl $p]"
}
===============================================================
sudo vi attack.sig
sudo hping3 -2 -p 500 192.168.56.1 -d 137 -E attack.sig
wiresharl upd.port==500 icmp
tcpdump -i wlan0 -nX
Sunday, June 27, 2021
Hping3
Saturday, June 26, 2021
Sys Admin
https://riptutorial.com/linux/awesome-learning/course
nmap 192.168.1.6 -oX log.xml
xsltproc -o log.html log.xml
Friday, June 25, 2021
Terminal Note
--------------
Shows all the hidden directory
1. ls -d .[!.]?*
=====
Shortcut key
CTRL+A = Move Backward
CTRL+E = Move Forward
CTRL+F = Move Forward One step @ time
CTRL+B = Move Backward One set @ time
CTRL+D = Delete a Character
CTRL+W = Delete a word
CTRL+T = Switch the 2 letter
ALT+U = Upper
ALT+L = lower
Tuesday, June 22, 2021
SSH TUNNELING
mkfifo /tmp/packet_capture
tcpdumb -i <current interface add> -w - | shh [Destination Name]@[Destination ip] -c [Encryption] -C -p 22 "cat - > /tmp/packet_capture"
Example:
tcpdump -i enp0s3 -w - | ssh admin@192.168.1.3 -c arcfour,blowfish-cbc -C -p 22 " cat - > /tmp/packet_capture
Saturday, June 19, 2021
hacking tips
-------------------------------------------
-----------#monitor mode--------------------
sudo ip link set wlan1 down
sudo iw dev wlan1 set type monitor
sudo ip link set wlan1 up
-------------------------------------------
-----------#install tool--------------------
apt-get install hostapd dnsmasq apache2 aircrack-ng
-----------#checking the monitor mode-------
sudo airodump-ng wlan1
--------------------------------------------
-----------#setup IP for Interface----------
sudo ip link set wlan1 down
sudo ifconfig wlan1 up 192.168.0.1 netmask 255.255.255.0
sudo route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1
sudo ip link set wlan1 up
---------------------------------------------
------------#configure dnsmasq.conf----------
interface-wlan1
dhcp-range=192.168.0.2,192.168.0.30, 255.255.255.0, 12h
dhcp-option=3, 192.168.0.1
dhcp-option=6, 192.168.0.1
server=8.8.8.8
log-queries
log-dhcp
listen-address=127.0.0.1
---------------------------------------------
interface=wlan1
driver=nl80211
ssid=JOiNed to be hacked
hw_mode=g
channel=11
macaddr_acl=0
ignore_broadcast_ssid=0
------------------------------------------------------
#Prevent from DNS clinent running
sudo ss -lp "sport = :domain"
sudo systemctl stop systemd-resolved
#creating firewall
sudo iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
sudo iptables --append FORWARD --in-interface wlan1 -j ACCEPT
sudo iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
sudo iptables --append FORWARD --in-interface wlan1 -j ACCEPT
#ip forwarding
sudo echo 1 > /proc/sys/net/ipv4/ip forward
sudo sysctl net.ipv4.ip_forward=1
=================================
sudo dnsmasq -C dnsmasq.conf -d
sudo hostapd /etc/hostapd.conf
---------------------------------
sudo systemctl unmask systemd-resolved
sudo systemctl enable systemd-resolved
sudo lsof -i -P -n | grep LIST
----------------------------------------------
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables -P FORWARD ACCEPT
Saturday, June 12, 2021
Findibg the Domain and Sub-domains
- subbrute.py
- nmap --script dns-brute
- dnsmap
- fierce -dns
- sublister
Finding similar domain
- urlcrazy -p
sudo nmap --traceroute --script traceroute-geolocation www.google.com
Subscribe to:
Comments (Atom)