Saturday, 13 April 2013

HPing As Port Scanner

Hping Tutorial:

First of all Download Hping From Here

HPING as a port scanner.



Crafting TCP packets is the default behavior of HPING.
By specifying the TCP flags, a destination port and a target IP
address, one can easily construct TCP packets.





-F --fin set FIN flag
-S --syn set SYN flag
-R --rst set RST flag
-P --push set PUSH flag
-A --ack set ACK flag
-U --urg set URG flag
-X --xmas set X unused flag (0x40)
-Y --ymas set Y unused flag (0x80)





[root@localhost root]# hping -I eth0 -S 192.168.10.1 -p 80
HPING 192.168.10.1 (eth0 192.168.10.1): S set, 40 headers + 0 data
bytes
len=46 ip=192.168.10.1 flags=SA DF seq=0 ttl=64 id=11101 win=16080
rtt=2.7 ms
len=46 ip=192.168.10.1 flags=SA DF seq=1 ttl=64 id=11102 win=16080
rtt=2.4 ms
len=46 ip=192.168.10.1 flags=SA DF seq=2 ttl=64 id=11103 win=16080
rtt=2.4 ms



An open port is indicated by a SA return packet, closed ports by a RA
packets. Remember the TCP 3-way handshake!
This is similar to a very known way of scanning, called a SYN scan or
Stealth scan.






A nice build in feature is the ++, which will increase the destination
port in the packets by one.




You can also press ‘ctrl+z’, instead of using ++, to increase the port
number during the scan.





[root@localhost root]# hping -I eth0 -S 192.168.10.1 -p ++79
HPING 192.168.10.1 (eth0 192.168.10.1): S set, 40 headers + 0 data
bytes
len=46 ip=192.168.10.1 sport=79 flags=RA seq=0 ttl=255 id=17491 win=0
rtt=2.4 ms
len=46 ip=192.168.10.1 sport=80 flags=SA DF seq=1 ttl=64 id=17492
win=16080 rtt=3.1 ms
len=46 ip=192.168.10.1 sport=81 flags=RA seq=2 ttl=255 id=17493 win=0
rtt=1.7 ms
len=46 ip=192.168.10.1 sport=82 flags=RA seq=3 ttl=255 id=17494 win=0
rtt=1.8 ms
len=46 ip=192.168.10.1 sport=83 flags=RA seq=4 ttl=255 id=17495 win=0
rtt=1.4 ms
len=46 ip=192.168.10.1 sport=84 flags=RA seq=5 ttl=255 id=17496 win=0
rtt=3.6 ms




or




[root@localhost root]# hping -I eth0 -S 192.168.10.1 -p ++79 | grep SA
len=46 ip=192.168.10.1 sport=80 flags=SA DF seq=1 ttl=64 id=17498
win=16080 rtt=2.1 ms




All known NMAP scanning techniques can be easily reproduced (accept a
CONNECT scan), but a finer (don’t get me wrong, not a bad word about
NMAP!!!) control on the packets can be obtained. Take a look at the
following options that can be set.




-s --baseport base source port (default random)
-p --destport [+][+]<port> destination port(default 0)
or ctrl+z inc/dec
-k --keep keep still source port
-w --win winsize (default 64)
-O --tcpoff set fake tcp data offset (instead of
tcphdrlen / 4)
-Q --seqnum shows only tcp sequence number
-b --badcksum (try to) send packets with a bad IP checksum
many systems will fix the IP checksum sending
the packet you'll get bad UDP/TCP checksum
instead.
-M --setseq set TCP sequence number
-L --setack set TCP ack




You can easily combine flags and other parameters as follows




[root@localhost root]# hping -I eth0 -M 3000 -SA 192.168.10.1 -p 80
HPING 192.168.10.1 (eth0 192.168.10.1): SA set, 40 headers + 0 data
bytes
len=46 ip=192.168.10.1 flags=R seq=3000 ttl=255 id=11118 win=0 rtt=1.8
ms
len=46 ip=192.168.10.1 flags=R seq=3001 ttl=255 id=11119 win=0 rtt=1.9
ms
len=46 ip=192.168.10.1 flags=R seq=3002 ttl=255 id=11120 win=0 rtt=1.9
ms.

Enjoy...:)

Thursday, 14 June 2012

Twitter-account-hacked

23:02 Posted by Unknown No comments

10000 Twitter User oauth token hacked and Exposed by Anonymous

data

Anonymous Hackers, with Twitter account "LulzsecReborn" Hack into TweetGif (http://tweetgif.com) and Hack complete Database, Later they publish that on Internet also. TweetGif is a website which allow you to use animated GIF image as your twitter picture.



How Hackers and Spammer can use this?
OAuth is an authentication protocol that allows users to approve application to act on their behalf without sharing their password. If your Twitter oauth Secret Key and Token get compromised , then application or Hacker can user your Twitter account on Behalf of Your access. You can get sample script here. These accounts can be used to spam over 10000 of compromised twitter accounts.

Also if hackers are able to compromise the keys of popular applications like TweetGif and use those keys to evade Twitter's abuse controls. By using the consumer key and consumer secret key from a popular third-party Twitter application, a spammer can make it harder for Twitter to lock out all of his spam accounts at once without also locking out a large number of legitimate users of the compromised application.

How you can Protect your Twitter Account: If you are also TweetGif  User, you need to go to settings > apps > deauthorize app. #TweetGif. "Revoke Access".

Saturday, 2 June 2012

Remove-harddisk-partition

00:27 Posted by Unknown , , No comments

DISABLE DISPLAY OF DRIVES (PARTITIONS) IN MY COMPUTER

With this trick you can play with u'r college pc...after this hack if some one opens my computer he/she'll not see any drive in my computer.
step 1:
Open run and write diskpart....

step 2:
write "list volume"
 on writing this you will find list of your volumes with volume numbers

step 3:

write "select volume x"      "x for volume number that you want to remove"



step 4:
write " remove"
will remove your drive


or

write "assign"
will assign your drive back


Enjoy....
Don;t forget to like and comment.....:)

Remove-autorun-viruses

00:03 Posted by Unknown , , 2 comments

Remove AUTORUN.INF from infected computers

Hello Guys,


Are you bored with autorun virus and also not able to delete via your antiviruses....here i m gonna explain how to remove it manually???

First of all find a autorun file that's virus......!!!!!! shocked.....i write like this as autorun file is a launch program of a install program......using this autorun script you can manualy open .EXE file that you want

So find out a VIRUS autorun file......than by right click on it...open it in notepad and find out which .EXE is being open using that file

Now after getting this thing restart your computer and before it get started go in the computer repair and there you will have command prompt....

In command prompt write notepad.exe and you will have notepad there......press CTRL+O and you will find your computer there......delete .EXE file first and than autorun file nextly.....it's up.....





You have to delete this files before booting as all autorun are starting as computer starts and when your computer starts you are unable to delete a file that is already in use.....so you have to do it before your computer starts....


Stay safe.....
Don;t forget to like and comment....:)