Cybexin's Blog - Network Security Blog

Cracking WPA2 Password Using Pyrit

2009-11-09T04:13:00.003-06:00

In this video its shown how to attack Wireless Networks using Pyrit tool. Pyrit is a GPU cracker for attacking WPA/WPA2 PSK protocols. It allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff.Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK.Download and other details can be found here.

Nmap Using TOR Networks

2009-09-24T04:15:00.002-05:00

A good video showing how to scan networks with Nmap using Tor network to stay anonymous.
An Attacker downloads and configure TorTunnel,TOR bundle and proxychains.After setting up everything an attacker uses nmap to find out running services on different IPs.The main purpose of this video to stay anoanymous while scanning different networks.......

Milw0rm Exploits Archive

2009-09-17T06:22:00.000-05:00

A live demo on how to use latest exploits from milw0rm on backtrack live distro in detail. In this video Attacker lauches an attack against Dream FTP Server to crack Administrator's password on a windows box.

Gerix WiFi Cracker

2009-09-02T05:14:00.003-05:00

Gerix Wifi Cracker NG is pre-installed on the BackTrack 4 Final version and is available on all the different Debian Based distributions, like Ubuntu etc...This software requires Aircrack-ng, xterm, zenity and obviously python-qt3. It has a nice GUI interface with the help of which there is very little or no manual work left.

Karma Exploit

2009-08-21T09:09:00.003-05:00

This video is on using karma exploit from metasploit on Backtrack 4.An Attacker setup his own fake Accesspoint in monitor mode, DHCP daemon and a web server daemon.Attacker runs Metasploit's karma exploit.The moment IP is assigned to victim's PC , all the activity is logged at the attacker's machine including the URL visit and credentials used for mail and web.
Attacker now has full comtrol on victim's machine....

Sniffing And HTML Injection

2009-08-05T06:14:00.003-05:00

This video explains various examples of network sniffing and HTML injection with Ettercap-NG tool on BackTrack-4 on a Local Area Network.Shows how an attacker can change text of chat messages within LiveMessanger using ettercap filters and also using Ettercap plugin,Filters,filterf_modify,file-inject. An Attacker can even find who else is ARP poising on LAN using search_poisoning ettercap plugin.

Wireless Key Grabber

2009-07-27T07:37:00.003-05:00

This video is showing how to use Wireless Key Grabber. It requires lighttpd and it runs a fake wireless access point to grab wireless keys.whenever a user tries to connect to any website after connecting to this fake access point his browser is forwarded to a customised URL.Metasploit DLL injection is used to grab wireless key.Download link is available here.

DNS Spoofing And Browser Spying

2009-07-18T00:31:00.004-05:00

In this video an attacker sniffs network traffic from a remote machine using ARP and DNS Spoofing with Ettercap.Uses Driftnet program to listens to network traffic and sniff out images from TCP streams on the network.And finally uses remote_browser plugin of ettercap which sends visited URLs of the victim to attackers browser.Like this an attacker's browser follows what ever the victim is browsing. Just watch this.....

Hacking and decrypting SSL and TLS traffic

2009-07-10T08:13:00.005-05:00

A Video demonstrating how a Attacker can sniff wireless networks using veriety of different tools like arpspoof for ARP Spoofing so that victim's computer routes all internet traffic via attacker's network interface.DNSSpoof is used to send the IP of an infected machine which is setup by an attacker.And finally WebMitm tool is used to send a spoofed certificate.When ever a user opens up any SSL encrypted web site,WebMitm issues a fake certificate.once the user accepts that certificate,Attacker can then sniff complete network traffic using wireshark.When attacker collect enough data,he can use SSLDump to decrypt everything using the certificate issued by WebMitm.Like this attacker can have complete details about user's credentials.

Sniffing SSL Secured Logins With Ettercap

2009-07-09T09:01:00.002-05:00

A Small video showing how easy it is to intercept HTTPS traffic from switched local network by spoofing the SSL certificate using man in the middle attack with Ettercap. The attacker uses one way ARP poisoning on victim and issues a fake spoofed SSL certificates on a switched Ethernet network.

How to hack a phone using BlueTooth

2009-07-01T08:55:00.003-05:00

This video is live demonstration of hacking a cell phone using Bluetooth hacking tool called Super Bluetooth hack.This Java based tool allows to remotely make calls, view messages,remotely do any thing as if attacker is using the phone himself.

DHCP Spoofing MITM attack

2009-06-26T03:07:00.004-05:00

This video is showing how to spoof DHCP IP assignment using Ettercap. When a new PC is added on the network which is configured to have IP address dynamically from a DHCP address. An attcker can spoof this IP assignment process and provide his own IPs, like a gateway which has been configured to sniff their usernames and passwords.

Sniffing Remote Router Traffic via GRE Tunnels

2009-06-23T04:25:00.003-05:00

A good demo of sniffing network traffic remotely via setting up IP tunnel interface on remote router using WHAX live distro. Attackers makes configuration changes on router to start a tunnel interface and route all of the network traffic from that tunnel interface. Later they can sniff the traffic when ever they wants.

Bluetooth Sniffing in Linux

2009-06-17T05:02:00.002-05:00

A very good video showing how to sniff BlueTooth Pin while pairing two BlueTooth devices and crack it.

Securing Web Services

2009-06-16T00:30:00.002-05:00

Securing Web Services

This presentation is on Web Services Security , pointing at almost all of the fields requires attention for web application security.Shows how to effectively manage application development lifecycle and how to integrate Top 10 OWASP projects to develop any application keeping security in mind.

A1 - Cross Site Scripting (XSS)

A2 - Injection Flaws

A3 - Malicious File Execution

A4 - Insecure Direct Object Reference

A5 - Cross Site Request Forgery (CSRF)

A6 - Information Leakage and Improper Error Handling

A7 - Broken Authentication and Session Management

A8 - Insecure Cryptographic Storage

A9 - Insecure Communications

A10 - Failure to Restrict URL Access

Windows SMB Relay Exploit

2009-06-08T03:25:00.000-05:00

A live demonstration of obtaining admin access on a Windows XP SP3 Machine. Exploits a flaw in Windows Server Message Block (SMB) which provides shared access to files and folders on network. Hacker utilizes Metasploits Framework to run the exploit.It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer and can even get a reverse shell.Hacker forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter.For authentication target computer is forwarded to Metasploit.

Remote shell with a Word document

2009-06-05T09:29:00.003-05:00

Using a Metasploit payload on Backtrack 4 to create a macro enabled Microsoft Word document which on executing opens a remote shell.

Honey Pots

2009-06-04T08:20:00.003-05:00

Honey Pot

View more OpenOffice presentations from iradarji.

Honeypots are the machines used for intrusion detection.It's basically a trap for hackers and seems to contain wealth of information in which hackers are interested in.

These computors are configured with lots of monitoring tools which keeps an eye on each and every step of hackers which helps in studying their mind set later on. Softwares installed on these computers are dual purpose.At first glance they are inviting in nature, intruders gets attracted to them and on the other hand it helps in intelligence gathering.Once the hacker breaks into the system,later studies of these machines by security administrators helps in finding the ways which attacker used to break into these systems and helps in blocking those intrusion techniques.

More details on Honey Pots can be found here

PHP Remote File Inclusion

2009-05-27T06:11:00.002-05:00

Remote File Inclusion is a technique used to attack websites from a remote computer.RFI allow malicious users to run their own PHP code on a vulnerable website.This allows the attacker to use and run any remote file just by editing the URL. Like a webshell can display the files and folders on the server and can add,edit or delete files and folders,send spams and even get hold of root.

More details on PHP Webshell are here.

Top Ten Web Hacking Techniques

2009-05-23T03:44:00.002-05:00

Top Ten Web Hacking Techniques 2008 by Jeremiah Grossman,Founder & Chief Technology Officer of WhiteHat Security.

Aircrack-ng

2009-05-21T00:12:00.002-05:00

This is a demonstration of hacking wireless access points networks with Aircrack-NG.Before running airodump we need to find an adaptor driver which can be downloaded from the here.

Please note few points regarding wireless as mentioned below -

Channels are the channel your Access Point is Broadcasting on.
ESSID is the Name of your wireless network.
BSSID is the MAC address of your Access Point.

We will have to put the wireless card in monitor mode before capturing the data.Complete step by step documentation can be found here.

SSH Hacking

2009-05-18T05:57:00.003-05:00

A Dictionary attack is launched against SSH using a Shell Script to crack Passwords.

Using NetCat as a Backdoor

2009-05-15T05:22:00.002-05:00

In this video a windows RPC exploit is used with the help of Metasploit on Backtrack.After exploiting the RPC vulnerability in windows,hacker uploads Netcat tool to regain access when ever he wants.

Metasploit Autopwn tool

2009-05-14T00:57:00.002-05:00

This Video shows MetaSploit Autopwn tool in action.After identifying a victim's machine using port scanning techniques,Just run the Metasploit framework and connect to sqlite database.Again run a port scan on victim's machine so that the result is saved in the database.Then run the Autopwn tool against the port scan result,Autopwn will automatically run all the exploits against the open port.When the attack completes successfully, we get open sessions. Job Done !!!!

This can also be achived by running Autopwn exploits against the result saved by Nessus in NBE format.

Dump Cleartext Passwords From Windows Memory

2009-05-13T02:07:00.003-05:00

This video shows how you can dump the cleartext passwords from a memory dump of a Windows system by using a tool called MDD.

DNS Spoof Virutal Hosts

2009-05-11T02:40:00.001-05:00

DNS Spoofing is a type of MITM attack in which victim's computer is sent a fake DNS reply for a particular website,forcing his machine to visit a different site.But when this Spoofed IP is hosting multiple virtual sites with multiple Host Headers and attacker wants to use this IP as a fake DNS reply for DNS Spoofing then the server will not be able to determine the proper destination as Host Header will be missing in the request.Hence DNS Spoofing attack will not success.

In this video , Ettercap is combined with a C program to change the host header on the fly and submits a new get request to the web server, which allows an attacker to successfully launch DNS Spoofing attack with a IP hosting multiple virtual web sites.

More info can be found here.

Attacking Oracle with the Metasploit Framework

2009-05-09T09:10:00.001-05:00

Auditing Anti-Virus Configuration and Installation with Nessus 3

2009-05-06T03:07:00.000-05:00

Exploiting XP with SAINT

2009-05-05T08:13:00.002-05:00

Exploiting Windows Vista with Core Impact 8

2009-05-04T08:51:00.000-05:00

How To Send Keyloggers

2009-04-30T05:37:00.001-05:00

How To Crack WPA-WPA2

2009-04-29T02:51:00.001-05:00

Hacking a Guestbook

2009-04-27T02:55:00.000-05:00

SSLStrip

2009-04-23T06:00:00.002-05:00

Owning with Nessus and Metasploit

2009-04-21T08:34:00.001-05:00

Packing Metasploit's Meterpreter with Calculator using IExpress

2009-04-17T08:14:00.001-05:00

Wireless Threats

2009-04-16T07:03:00.001-05:00

Uploaded on authorSTREAM by Riccardino

Meterpreter as a Backdoor

2009-04-16T00:16:00.000-05:00

Pass the Hash

2009-04-15T01:46:00.001-05:00

Cracking Tutorial

2009-04-13T07:15:00.001-05:00

Hash Cracking

2009-04-09T08:49:00.001-05:00

Amazon EC2 Service In Depth

2009-04-06T03:15:00.002-05:00

Reset Passwords on Windows XP and Vista using Backtrack 4

2009-04-01T09:07:00.001-05:00

Secret messages in a photo

2009-04-01T08:37:00.001-05:00

How to hack a wireless network

2009-03-31T08:11:00.002-05:00

Installing PHP 5 on IIS 7 with FastCGI

2009-03-28T00:19:00.001-05:00

Terminal Server / RDP Cracking

2009-03-16T02:22:00.001-05:00

Firewalls

2009-03-14T07:09:00.001-05:00

Firewall

View more presentations from manikyam.

Fake Rogue Anti-Virus & Anti-Spyware in Action

2009-03-14T03:06:00.001-05:00

The Hacker's Nightmare

2009-03-14T00:30:00.000-05:00

What is the Best Network Management Tool

2009-03-13T01:14:00.002-05:00

Samurai Web Assessment Framework

2009-03-12T07:59:00.002-05:00

Cracking a serial number

2009-03-04T03:05:00.002-06:00

Fun with Windows login

2009-03-04T02:09:00.001-06:00

Arp Poisoning Demonstrated

2009-03-03T23:19:00.002-06:00

Breaking Into a Macbook Wi-Fi exploit

2009-03-03T02:25:00.000-06:00

Grey Hat Guru Secret Video

2009-03-02T08:38:00.000-06:00

Creating a Win32 Reverse Connect Back Trojan

2009-02-26T08:07:00.001-06:00

US Bank phishing attack exposed

2009-02-26T07:48:00.001-06:00

Anonymous Voice VLan Hack

2009-02-24T08:03:00.001-06:00

Presentation On Tactical Exploitation

2009-02-23T07:44:00.001-06:00

Tactical Exploitation - hdm valsmith

View more presentations from amiable_indian. (tags: metasploit hacking)

IDS And Your Network

2009-02-23T02:27:00.001-06:00

Uploaded on authorSTREAM by Sharck

Installing Backtrack 3 to USB

2009-02-19T05:36:00.001-06:00

Invisible Undetectable Keylogger

2009-02-18T08:10:00.000-06:00

Dont trust just one antivirus or firewall

2009-02-17T23:00:00.000-06:00

Testing your firewall for IRC

2009-02-16T07:48:00.001-06:00

SSL Hacking and DNS Spoofing with Backtrack

2009-02-16T03:48:00.001-06:00

Hacking web sites using XSS

2009-02-16T03:36:00.002-06:00

XSS Hacking

2009-02-12T03:43:00.000-06:00

Bluetooth Vulnerabilities

2009-02-11T02:23:00.000-06:00

Bluetooth Vulnerabilities

View more presentations from VictorYee. (tags: security bluetooth)

Tunneling VNC Securely on a Mac

2009-02-10T07:14:00.001-06:00

Monitor your network with Backtrack

2009-02-10T07:01:00.002-06:00

SMB Exploit

2009-02-10T06:19:00.002-06:00

Bluesnarfing

2009-02-09T04:46:00.000-06:00

WI-FI Hacking

2009-02-09T04:00:00.001-06:00

Wardriving - Street Hacking

2009-02-09T02:19:00.001-06:00

Wireless Security

2009-02-09T00:42:00.000-06:00

Browser Exploits - ClickJacking

2009-02-06T08:36:00.001-06:00

Proof Of Concept -Yahoo Security Failure

2009-02-06T02:05:00.000-06:00

How to Hack a phpBB2 Forum

2009-02-05T08:58:00.001-06:00

SQL Injection

2009-02-05T08:33:00.002-06:00

How XSS Hack works

2009-02-04T06:52:00.000-06:00

Laptop as a Access Point

2009-02-03T04:50:00.001-06:00

Cracking Wireless Networks

2009-02-02T02:26:00.003-06:00

Keeping VOIP secure

2009-02-02T02:18:00.002-06:00

Hacking SSH Tunneling Exploit

2009-01-31T05:18:00.000-06:00

What Is Steganography

2009-01-30T08:00:00.001-06:00

Forensic Toolkit

2009-01-29T08:12:00.001-06:00

Honeyd

2009-01-29T07:50:00.000-06:00

Privilege Escalation Hack

2009-01-29T04:43:00.001-06:00

Writing Exploits in Metasploit

2009-01-29T01:09:00.000-06:00

Remotely installing VNC

2009-01-28T05:54:00.003-06:00

Hack with tunneling

2009-01-27T03:34:00.000-06:00

netcat reverse connection at startup

2009-01-26T09:23:00.001-06:00

Port scan using netcat

2009-01-26T09:05:00.001-06:00

Firewalls And IDS

2009-01-24T05:05:00.003-06:00

Uploaded on authorSTREAM by Hufflepuff

Reconnaissance Demo

2009-01-23T10:30:00.000-06:00

What is an MD5 Checksum

2009-01-22T06:47:00.001-06:00

Telnet Bruteforce

2009-01-22T05:12:00.001-06:00

Rainbow Cracking - MD2, MD4, MD5, SHA1

2009-01-21T23:30:00.000-06:00