THC Hydra is one of the most famous network logon cracking tool. This tool gets an updated and released THC-HYDRA 7.2. This tool supports Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.
- Speed-up http modules auth mechanism detection
- Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting)
- The -f switch was not working for postgres, afp, socks5,
- firebird and ncp, thanks to Richard Whitcroft for reporting!
- Fixed NTLM auth in http-proxy/http-proxy-url module
- Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at
- Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com
- Fix http form module: optional headers and 3xx status redirect, thx to Gash
- Fix in configure script for –prefix option, thanks to dazzlepod
- Update of the dpl4hydra script by Roland Kessler, thanks!
- Small fix for hydra man page, thanks to brad(at)comstyle(dot)com
Download THC-Hydra v7.2
Before writing about Ping sweep, i would like to introduce Ping. Ping is a network based utility which is used to know if a host is alive or dead on the network. Suppose i want to check for hackingtricks.in
if we get the response it means website is live. You can check for a system by its IP address or a website by its domain name. We can use this program to detect host like website, computer system, printer, network or any device.
Ping Sweep:Ping Sweep also known as ICMP sweep is a network scanning technique which is used to determine which of a range of IP addresses map to live hosts. As we have seen in Ping, which is used for single computer. This is used for a renge of IP address for various computers. ping sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a system (HOST) is live, it will reply with ICMP ECHO reply.
There are a various tools available that can be used to do a ping sweep, such as fping, gping, and nmap.
Download Fping here: http://fping.sourceforge.net/
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
The new version supports features such as:
- Extraction of Google Analytics data
- Better parsing of SMB data
- Support for PPP frames
- Even more stable than the 1.0 release
NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible.GrSecurity kernel is updated to 22.214.171.124
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more.
Ncrack was started as a "Google Summer of Code" Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool and can be downloaded from below.
The Security Onion LiveDVD is a bootable DVD that contains software used for installing, configuring, and testing Intrusion Detection Systems. It is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Xplico, nmap, metasploit, Armitage, scapy, hping, netcat, tcpreplay, and many other security tools.
All Xubuntu 10.04 updates as of release date.
Snort updated to 126.96.36.199.
Suricata updated to 1.1beta1.
Barnyard2 updated to 1.9 Stable.
Vortex updated to 2.9.0.
Installed OSSEC for host-based intrusion detection.
Installed Squert web interface for Sguil.
Installed Armitage GUI interface for Metasploit.
Many improvements to Setup script for user-friendliness and capability
pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.
The framework is shipped with about 300 tests grouped in 9 testing modules:
clientSideAttacks: this module uses a reverse shell to provide the server with instructions to download remote malicious files. This module tests the ability of the IDS/IPS to protect against client-side attacks.
testRules: basic rules testing. These attacks are supposed to be detected by the rules sets shipped with the IDS/IPS.
badTraffic: Non RFC compliant packets are sent to the server to test how packets are processed.
fragmentedPackets: various fragmented payloads are sent to server to test its ability to recompose them and detect the attacks.
multipleFailedLogins: tests the ability of the server to track multiple failed logins (e.g. FTP). Makes use of custom rules on Snort and Suricata.
evasionTechniques: various evasion techniques are used to check if the IDS/IPS can detect them.
shellCodes: send various shellcodes to the server on port 21/tcp to test the ability of the server to detect/reject shellcodes.
denialOfService: tests the ability of the IDS/IPS to protect against DoS attempts
pcapReplay: enables to replay pcap files
It is easily configurable and could integrate new modules in the future.
There are basically 6 types of tests:
socket: open a socket on a given port and send the payloads to the remote target on that port.
command: send command to the remote target with the subprocess.call() python function.
scapy: send special crafted payloads based on the Scapy syntax
multiple failed logins: open a socket on port 21/tcp (FTP) and attempt to login 5 times with bad credentials.
client side attacks: use a reverse shell on the remote target and send commands to it to make them processed by the server (typically wget commands).
pcap replay: enables to replay traffic based on pcap files
The official documentations is available here: pytbull documentation.
- Spanning Tree Protocol (STP)
- Cisco Discovery Protocol (CDP)
- Dynamic Trunking Protocol (DTP)
- Dynamic Host Configuration Protocol (DHCP)
- Hot Standby Router Protocol (HSRP)
- IEEE 802.1Q
- IEEE 802.1X
- Inter-Switch Link Protocol (ISL)
- VLAN Trunking Protocol (VTP)
- Sending RAW Configuration BPDU
- Sending RAW TCN BPDU
- DoS sending RAW Configuration BPDU
- DoS sending RAW TCN BPDU
- Claiming Root Role
- Claiming Other Role
- Claiming Root Role dual home (MITM)
- Sending RAW CDP packet
- DoS flooding CDP neighbors table
- Setting up a virtual device
- Sending RAW DHCP packet
- DoS sending DISCOVER packet (exhausting ip pool)
- Setting up rogue DHCP server
- DoS sending RELEASE packet (releasing assigned ip)
- Sending RAW HSRP packet
- Becoming active router
- Becoming active router (MITM)
- Sending RAW DTP packet
- Enabling trunking
- Sending RAW 802.1Q packet
- Sending double encapsulated 802.1Q packet
- Sending 802.1Q ARP Poisoning
- Sending RAW 802.1X packet
- Mitm 802.1X with 2 interfaces
- Sending RAW VTP packet
- Deleting ALL VLANs
- Deleting selected VLAN
- Adding one VLAN
- Catalyst crash
is also known as Denial Of Service attack in which attacker make the resource unavailable from the legit users. This attack is performed by flooding server request queue with false requests so that no valid user can request on the server. Thus server down. If we take a look on the biggest cyber attack of past few months, DOS attack was main. DOS attack is even more powerful when it is performed by the number of systems on the same server. When many systems performs DOS attack on the same server, this attack is known as DDOS attack. This attack is most powerful attack and hard to prevent when performed by multiple systems. There are various tools available on the internet which can be used to attack on the server.
This is the list of some popular DOS attacking tool.
Have you ever wanted to DOS attack on a website. Here I am going to write about a tool which is really helpful but it wouldn't be effective on big servers.
NOTE: Please do not try to this tutorial to harm any other's website. I will not be responsible in any case. If you are not agree, please leave this website without reading further tutorial
for cool computer tricks click here
Use ping command in windows to get the ip address of the website.
open CMD and enter ping www.website.com
see the snap
If you want to attack on a website by Denial of service attack and you are in search of a tool which can help you in this. Today i have a tool which performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP packets, UDP packets, or HTTP requests with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.
LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal.
But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered.
this is a nice tool to perform dos or ddos attack but try it on your own risk. It has no ability to hide your IP address. So attacking on a website may cause a trouble for you.
Today i found a nice tool on a blog, which is really helpful for understanding and performing dos attack on a website. The name of this tool is Tev Dos tool. i had already posted some tools which can be used for performing dos attack on websites. Go and get those in dos attacking tool section.
This tool is simple to use and please try it on your risk because you will be easily traced. So be prepare before attacking on a website. This tool will not work good for big servers.
This tool will e released in September. The tool uses a simple GUI to operate. As it turns out, the attack is launched client side, and will send a separate script in the connection request made to the target server. This request is actually the exploit itself, and once the server renders the code, it will continue to render it until crashing. In essence, the stronger the server, the faster it crashes.