Friday, July 25, 2008

Using vulnerabilities for Hacking

First of all we need to know the list of open ports using Port Scanner.

Complete list of ports used by trojan

Suppose we find that port number "1080" is open, we search it in above list of trojan ports.
we find that 1083 is vulnerabilities related to winhole.

How to use this vulnerabilities?

It is much easier than what we have done in port Scanning , now search in google about this 1080 port.

Download Metasploit framework from internet.

To use Metasploit framework you need good tutorial with images.
And one of the best tutorial available about metasploit is Don Parker's .

you can use this framework to hack any system with any vulnerable port open.

Using Port Scanning for Hacking

One of the most popular and sometime necessary method is port scanning. It is one of the easiest way to to find out vulnerabilities in the system. But as you know more easier the method more are the risks.

Note:-Port scanning is illegal. All methods like telnet, ping dns query are legal but port scanning is not.

Why?
I know, u wanna ask me this question. The reason behind is that this method is only used for the hacking purposes. There is not any other use of it.

What actually Port scanner do?
Port Scanner find out open ports of the target computer.
List of some free Port Scanner's available for download.

What can we do with open ports?
We do everything, because this is the most valuable information of the target computer.
I explain you how :-
Suppose we find out "x" port open.
We search in google about x number port.
We find out that it is open because of trojan. Then we do not need to do anything extra for hacking. We use already installed trojan for our hacking work. We use server version of that trojan to get access on target computer.

List of Tcp and Udp ports

DNS Query use to find IP Address

DNS Query is Domain Name system Query.

Domain Name system
is a server who stores IP address of each website.
And we will learn to use tools for getting IP address from DNS server.

We will use here Webmasters-Toolkit.

1. First of all we will open the site Webmasters-Toolkit , and write URL of our target Site. Here I am targeting my blog "5steps2hack.blogspot.com".



2.After executing the query we noticed that this blog do not have its own IP Address , because it is one of the directory of server whose owner is google.com. We know that google is the owner of blogger.com , and here too ip address which is given is google's ip address. We will prove it in third step. For now it is sufficient for us to know that ip address we find is http://209.85.133.191/




3.I used here the same address http://209.85.133.191/ and see the result. It proves that DNS is one of the best way to get information about server as well as IP address.

How to use tracert?

Practical use of Tracert :-
  • Get Ip address of the target system.
  • To find out location so we get some idea about current time of target system.

First of all open Command prompt from Program->Accesories-> command Prompt



2. Use command " tracert us.rd.yahoo.com" us.rd.yahoo.com is server of yahoo in India.





3. We will see if we get ip address.




Windows Networking article about tracer route

Use of Ping to get IP Address

Ping is one of the easiest way to get IP address.

We need three steps to learn this method :-

  1. Open Command prompt from start-> Program-> Accecories -> command prompt

2.write "ping website name" on c prompt to get its ip




3. We noticed that Ip address of google.com is 64.233.167.99. Now its time to check whether we are right .

What is Hacking?

Hacking is a technique to get access on other computer without its permission or we can say without using the ways which are available and developing own ways of doing it.

Ethical Hackers :- These are the Hacker who has got permission from the organization to hack their systems.

Things we need?

To learn Hacking we need target computer.

There are two ways to reach at target computer :-

Physically :- we need to at the place where computer has. To go there we need Address of that place.

Using wires :- Again we need to reach near our target computer. Here too we need address and this time address of a computer is its IP Address.

Simple Technique to get other's user name and password

One of the most simplest technique which i often use is key logger.

These are the following steps you need to do with key logger :-

1. Download it from here. Want to download free key logger.

2. Install its setup to public libraries, cyber cafes, your friend computer or your office computer.

3. Hide it after mentioning your email id into this software.

4. Check your email, you start getting user name and password of everybody who use that computer. And their is very basic thing about user name and password. People often have same password for all the services they used.

Learn Hacking in 5 easy steps

First of all I wanna tell you that hacking is a art. I am teaching you this art so that you can make yourself more secure. I don't want you to use my techniques to harm others because hackers never harm others, crackers do. And we are Hackers not cracker.

There are 5 easy steps to learn Hacking :-

1. Take all safety Measures to hide yourself from target.

There are lots of techniques to hide yourself from target computer. I recommend you to use as much techniques as you can.

I am mentioning few important tricks below :-
  • Use Hide Ip Software :- This software will help you to hide your IP address.
  • Use Firewall :- Firewall secure your computer as well as restrict any personal information from going outside.
  • Use Proxy servers :- Whenever you want to surf the computer of your target use proxy servers.
  • Use others username and password :- Try to avoid using your own user name and password for internet connection. Learn the technique to get other's user name and password.



2. Find out the IP Address of Target Computer.
  • what is Ip address :- It's full form is Internet Protocol Address. Protocol means the way computer talks to each other and Internet protocol means , way in which two computer talks to each on internet. So the complete meaning of Ip address is address of a computer who wants to talk to other computers on internet.
    • There are two important things about ip address :-
      • it is unique for every computer.
      • it is needed every time we connect to internet.
  • Use of IP address in Hacking :- Ip address is one of the most important part of hacking. To learn its importance in hacking first of all we need to know what is hacking. All i can say here is that if we don't know the ip address of target computer we can't able to move single step forward in getting access to target computer.
  • Ways to find out IP address :-


3.Gather information about target computer such as its operating system ,time,date etc etc .
  • What 's the need ?
    • To be able to know weaknesses of target computer.
    • To exploit those weakness.
    • Learn more how we can exploit it.
  • How to gather information?


4.Use Search engine (according to information obtained from above steps) to get tools which will help us to hack target computer.

Search engines like google are very close friends of hackers. If we do all the things mentioned above we know exactly where vulnerability lies in target computer. To use that vulnerability we search for available tools on google.com. After downloading specific tools we need IP Address of target computer ( we already know) to get access on other computer.

Learn to use that vulnerability


5. Leave one or two files on the target computer so to get easy access in future.
To get access again and again hackers usually leave files on target computer. For eg Net cat which allow them to get access again and again. Download netcat