Nessus On Windows

Nessus On Windows

---

Nessus is one of the well known and most used vulnerability scanner program. Nessus was built for UNIX platform but now also supports Windows platform. Nessus runs as client server program and available as free and professional version. Download and register your e-mail with them and they will send you information about how to register and use it. Once installation is done you will have two icons one with name Nessus Server another with Nessus Client first of all open Nessus Server and add users in it. Then open Nessus Client and log in, after log in you will see interface as follows,

Hack Digital Affiliate Product To Buy Them At Cheaper Cost

Hack Digital Affiliate Product To Buy Them At Cheaper Cost

---

Sometimes when you find anything appealing on a affiliate marketer's site and make your mind to purchase it, you click on affiliate link and get redirected to checkout page. You put your credit card number and checkout. Now here's a catch most of you might be knowing that an affiliate gets commission to sell product but the marketer who provides affiliate product to sell don't want to lose his/her money by paying commission so they intentionally increase price by 30-40% what we will do here is purchase product at its original price. This is not actually a hack but this trick can help you buy the product at its original price.

First of all click on the affiliate link, look for “Order Now” button on page if it is not there then there might be “read more” or “next” button. Check links until you find “order now” or “Add To Cart” button, let page load completely, now click on close button of your browser. A pop-up will open with “Stay on this page” and “Leave this page”. Now click on “stay on this page”, you'll find reduction in price, repeat this process until no reduction occurs, now you can purchase that product at cost which is nearly 30-40% cheaper than previously offered price. Please be sure affiliate will not lose his commission but marketer will have to sell product at cheaper cost, even he will not loose any profit, nor this kinda hack can lead you to trouble. It might happen this trick will not work on all products but most probable to work with all digital affiliate products like Click Bank product. Don't bother I have tested this, its 100% legal and safe to try, I am also a click bank affiliate and Amazon Associate, that's the reason I took my time to invent this hack. In some cases you will find there is no reduction in price in that case be sure affiliate is compromising on his commission to sell product that means you have been offered product at its original price. Its just kinda bargain you are making to purchase product.

By the way I want to tell something shocking to you. If you have been visiting my blog from a while then you might be knowing that I publish adds because they pay me. The most I advertise about hacking and hacking related products but I was not able to sell many of those since I started advertising them. Do want to know what got sold more from this blog.

Truth About Abs

Quite funny, but true, just because this product really works and has been highest in sells gravity since release, following are some of my affiliate links if you want to try the hack. Purchase if you want, don't if you don't want but at least try the hack.

Truth About Abs (Even recommended by me, if you are planning to buy please buy from my link and help me make some money)

Auto Mass Traffic

Full HD Movies Download

Note: This trick doesn't work on Amazon Products.

Loved this post then please join mailing list and don't forget to tell your friends about this blog, a banklink from your blog or website will also do the job. Thanks for reading and keep visiting.

Create Con Folder In Windows

Create Con Folder In Windows

---

Now many times you might have heard we can't make con folder in windows. The reason is “con” name acts as system device for windows shell. Where “con” means “Console” that is your keyboard its not just con but there are some other names too that are disallowed to use as folder name since they also act as device name. For example,

com1 : communication port-1

com2: communication port-2

lpt1: line printer-1

lpt2: line printer-2

that means is it impossible to create folders with these names, the answer is names. If it was impossible then why the hell I am writing this post for. You can't create con folder using windows GUI by right clicking and adding new folder entry for this you have to use command prompt.

Open command prompt and type,

C:\>mkdir \\.\\c:\con

where c:\con should be full path to the location where you want to create con folder. Once created you'll not be able to delete this directory as you normally delete other directories. To delete it type whole command as it is as you typed to create it and then replace mkdir with rmdir.

In same way you can also create and delete other folder names which windows does not allow by default.

Enumeration | Basic Terminologies

Enumeration | Basic Terminologies

---

What is Enumeration ?

It is process of identifying potential user account that can be used for hacking target system. It is not compulsory that you must get administrative account because in most of the cases privileges of a normal account can be raised to make it super user thus granting him administrative privileges therefore enumeration phase is also known as escalating privilege phase. It may also include identification of devices and shared files and folders.

NetBIOS:

Better known as Network Basic Input Output System it provides services to OSI model(specially session layer) allowing several computers to communicate in Local Area Network (LAN). Main services of NetBIOS includes registering a group name from computer connected in LAN and making them communicate with other computers in LAN and share devices.

Network Shares Or Just Shares:

It means any device or file that is connected in network for sharing. It may include file, folders, hard disks, printers etc. Shares play important role in remote system hacking, so information about shares can help you escalate privileges.

SNMP:

Better known as Simple Network Management Protocol used for managing different devices on network. It may include hubs, switches, routers, printers, hard disks, computers, servers etc.

SMB:

Better known as Server Message Block is Microsoft's protocol defined for sharing file and printing services. Though protocol is old it is still used in most of the systems.

Null Session:

It is process in which a person can log into computer without user-name and password. Though this situation is very rare today we will just have our look on it. NetBIOS null session is vulnerability found in Common Internet File System(CIFS) or SMB due to which a hacker can access computer or device without account and password. Once Null session is got we can find users, devices and policies defined for network.

Dear visitor if you have not yet created your lab setup then please set it up now. To know more about lab setup read Basic Lab Setup For Hacker. Because now onwards the tutorials that we will cover will need more than one PC. I know many of you might not be having multiple PC's for practice hence I have specially covered how to setup your Lab with single PC using VirtualBox. I urge you if you are serious about learning hacking in legal way then install at least two Windows-XP in it and two different Linux distro better if one of them is mini Linux distro. Better setup your lab in requested way so that we can cover enumeration easily. Thanks for reading, please don't forget to tell me about your difficulties be sure I 'll answer them, keep visiting.

Fingerprinting OS

Fingerprinting OS

---

Fingerprinting is a process in scanning phase in which an attacker tries to identify Operating System(OS) of target system. Fingerprinting can be classified into two types

-Active Stack Fingerprinting

-Passive Stack Fingerprinting

Active Stack Fingerprinting involves sending data to the target system and then see how it responds. Based on the fact that each system will respond differently, the response is compared with database and the OS is identified. It is commonly used method though there are high chances of getting detected. It can be performed by following ways.

Using Nmap: Nmap is a port scanning tool that can be used for active stack OS fingerprinting.

Syntax: nmap -O IP_address

Example: nmap -U 127.0.0.1

Using Xprobe: It is UNIX only active stack fingerprinting tool. Also runs on Linux, it can not only detect OS but also devices and their version numbers.

Syntax: xprobe2 -v IP_address

Example: xprobe -v 127.0.0.1

Passive Stack Fingerprinting involves examining traffic on network to determine the operating system. There is no guarantee that the fingerprint will be accurate but usually they are accurate. It generally means sniffing traffic rather than making actual contact and thus this method is stealthier and usually goes undetected. Passive stack fingerprinting can be performed in following ways.

Using p0f: It is passive fingerprinting tool. Both windows and Linux versions are available.

For Windows:

Open command prompt and type

C:\>ipconfig

it will list all Ethernet card available in your system, note the number of Ethernet on which your connection is running, in my case it is two. Now type “p0f -i card_number”

C:\p0f>p0f -i 2

Now try to connect to the system you want to fingerprint leaving command prompt open and p0f will detect OS.

For Linux:

In Linux you will need to install it first. If you are using Red Hat Linux and downloaded a rpm package then browse to the folder where you downloaded rpm package and run following command.

#rpm -i package_name

else if you have configured yum for download from repository type following commands.

# yum clean all

#yum list

#yum install p0f

If you are using Debian based or Gentoo based Linux and downloaded deb package then browse to the folder and type following commands,

#dpkg -i package_name

else if you want to install from repository then use following commands

#apt-get update

#apt-get install p0f

if you are using super user then don't forget to prefix “sudo” before type “ap-get” command.

Now open command prompt and type following commands,

#p0f -i eth0 -vt

where “i” means interface “eth0” is your communicating card “v” means show results in verbose mode and “t” means add timestamps to output. Now try to connect to remote system and fingerprint its OS.

Using NetCraft:

Go to the site of NetCraft and type IP address of target you want to fingerprint in “What's that site is running”. It'll give you its OS.

I hope that was quite easy, if you have any problems using any of the above tools then please don't hesitate to ask. I am here to help, thanks for reading and keep visiting.

Some More Methods To Grab Banners

Some More Methods To Grab Banners

---

I hope you enjoyed reading last post on banner grabbing. Here in this post we will discus some tools that can be used to grab banners and we will also have our look on some of the tools that can be used for preventing our banners from getting grabbed. Following are some tools that helps in banner grabbing.

NetCat:

Net-Cat is TCP/IP debugging tool that can be used for banner grabbing. Download Netcat from its official site, its free. Have a look on its documentation about how to use it. Following command works same as telnet for netcat and helps grabbing banner.

C:\netcat\>nc ip_address 80

(Press enter twice and if it doesn't work then type following)

(HEAD /HTTP/1.0 and press enter twice)

Httprint:

Httprint is web server finger printing tool. It uses server signature to identify version of web application running on server. Download it from its official site again its free. I don't think there is need to explain how it works since their own help documentation is very small and easy to understand. Give it a try if you still don't understand how to use it ask me. I'll include a new post on it.

Miart HTTP Header:

Miart HTTP Header tool identifies banner information from HTTP Header and response type. Using it doesn't require any skill just enter URL in input box and press enter.

Prevention Against Banner Grabbing:

Preventing Apache Server And Its Derivative:

We can't say that there is some tool or specific method available via which we can stop banner of Apache from getting grabbed but if you'll have a look on its documentation, you'll find its not even difficult either. Actually full information about Apache and its derivative related problems and their solutions is included in their documentation and they differ for each version. Since they differ for each version I 'll recommend read its documentation to stop Apache giving out valuable information.

Preventing IIS Server:

IIS shares some advantages over Apache since various tools are available that help IIS server to defend itself against banner grabbing.

IIS Lockdown:

Its works by turning off unnecessary features thus providing multiple layer protection. Download it from www.microsoft.com.

Server Mask:

Server Mask removes every detail from website about it is using IIS server including removing all finger printing traces. It removes HTTP headers and also encrypts signatures thus providing protection against signature based banner grabbing.

Page Xchanger:

It is content negotiation tool. It cleans all URLs from extensions and hence make them appear more clear and navigable. It negotiates with every file and extension making site more secure since your site will show nothing about files, extensions and default error messages.