Thursday, February 16, 2012

collection of Network hacking tools


THC Hydra is one of the most famous network logon cracking tool. This tool gets an updated and released  THC-HYDRA 7.2. This tool supports  Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.


Changelog v7.2

  • Speed-up http modules auth mechanism detection
  • Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting)
  • The -f switch was not working for postgres, afp, socks5,
  • firebird and ncp, thanks to Richard Whitcroft for reporting!
  • Fixed NTLM auth in http-proxy/http-proxy-url module
  • Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at
  • Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com
  • Fix http form module: optional headers and 3xx status redirect, thx to Gash
  • Fix in configure script for –prefix option, thanks to dazzlepod
  • Update of the dpl4hydra script by Roland Kessler, thanks!
  • Small fix for hydra man page, thanks to brad(at)comstyle(dot)com

Download THC-Hydra v7.2



Introduction to ping sweep



Before writing about Ping sweep, i would like to introduce Ping. Ping is a network based utility which is used to know if a host is alive or dead on the network. Suppose i want to check for hackingtricks.in
 if we get the response it means website is live. You can check for a system by its IP address or a website by its domain name. We can use this program to detect host like website, computer system, printer, network or any device.


Ping Sweep:Ping Sweep also known as ICMP sweep is a network scanning technique which is used to determine which of a range of IP addresses map to live hosts. As we have seen in Ping, which is used for single computer. This is used for a renge of IP address for various computers. ping sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a system (HOST) is live, it will reply with ICMP ECHO reply.
There are a various tools available that can be used to do a ping sweep, such as fping, gping, and nmap.
Download Fping here:  http://fping.sourceforge.net/


NetworkMiner v.1.1 Released | Network Forensic Analysis Tool



NetworkMiner v.1.1 Released


NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. 


The new version supports features such as:

  •  Extraction of Google Analytics data
  •  Better parsing of SMB data
  •  Support for PPP frames
  •  Even more stable than the 1.0 release 
Download Here:


NetSecL v.3.2 Released



NetSecL v.3.2 Released

NetSecL is a hardened,live and installable OS based on OpenSuse suitable for Desktop/Server and Penetration testing. Once installed you can fully enjoy the features of GrSecurity hardened kernel and penetration tools OR use the penetration tools directly from your live DVD. 


NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible.GrSecurity kernel is updated to 2.6.32.8 


Download Here:
http://www.netsecl.com/download


download Ncrack - High-speed network authentication cracker



Ncrack - High-speed network authentication cracker


Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.


Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more.


Ncrack was started as a "Google Summer of Code" Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool and can be downloaded from below.

Download Here


Intrusion Detection for your Network by Security Onion Live CD



Intrusion Detection for your Network


The Security Onion LiveDVD is a bootable DVD that contains software used for installing, configuring, and testing Intrusion Detection Systems. It is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Xplico, nmap, metasploit, Armitage, scapy, hping, netcat, tcpreplay, and many other security tools. 


Changelog:
All Xubuntu 10.04 updates as of release date.
Snort updated to 2.9.0.3.
Suricata updated to 1.1beta1.
Barnyard2 updated to 1.9 Stable.
Vortex updated to 2.9.0.
Installed OSSEC for host-based intrusion detection.
Installed Squert web interface for Sguil.
Installed Armitage GUI interface for Metasploit.
Many improvements to Setup script for user-friendliness and capability

Download:
 
 

pytbull – Intrusion Detection/Prevention System (IDS/IPS) Testing Framework



pytbull – Intrusion Detection/Prevention System (IDS/IPS) Testing Framework



pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations.



The framework is shipped with about 300 tests grouped in 9 testing modules:
clientSideAttacks: this module uses a reverse shell to provide the server with instructions to download remote malicious files. This module tests the ability of the IDS/IPS to protect against client-side attacks.
testRules: basic rules testing. These attacks are supposed to be detected by the rules sets shipped with the IDS/IPS.
badTraffic: Non RFC compliant packets are sent to the server to test how packets are processed.
fragmentedPackets: various fragmented payloads are sent to server to test its ability to recompose them and detect the attacks.
multipleFailedLogins: tests the ability of the server to track multiple failed logins (e.g. FTP). Makes use of custom rules on Snort and Suricata.
evasionTechniques: various evasion techniques are used to check if the IDS/IPS can detect them.
shellCodes: send various shellcodes to the server on port 21/tcp to test the ability of the server to detect/reject shellcodes.
denialOfService: tests the ability of the IDS/IPS to protect against DoS attempts
pcapReplay: enables to replay pcap files
It is easily configurable and could integrate new modules in the future.


There are basically 6 types of tests:


socket: open a socket on a given port and send the payloads to the remote target on that port.
command: send command to the remote target with the subprocess.call() python function.
scapy: send special crafted payloads based on the Scapy syntax
multiple failed logins: open a socket on port 21/tcp (FTP) and attempt to login 5 times with bad credentials.
client side attacks: use a reverse shell on the remote target and send commands to it to make them processed by the server (typically wget commands).
pcap replay: enables to replay traffic based on pcap files
The official documentations is available here: pytbull documentation.


SOURCE


Download Here:
http://pytbull.googlecode.com/files/pytbull-1.1.tar.bz2
http://pytbull.sourceforge.net/




Yersinia | a network exploitation tool

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.
Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). Attacks for the following network protocols are implemented (but of course you are free for implementing new ones):
  1. Spanning Tree Protocol (STP)
  2. Cisco Discovery Protocol (CDP)
  3. Dynamic Trunking Protocol (DTP)
  4. Dynamic Host Configuration Protocol (DHCP)
  5. Hot Standby Router Protocol (HSRP)
  6. IEEE 802.1Q
  7. IEEE 802.1X
  8. Inter-Switch Link Protocol (ISL)
  9. VLAN Trunking Protocol (VTP)

Attacks
Spanning Tree Protocol
  1. Sending RAW Configuration BPDU
  2. Sending RAW TCN BPDU
  3. DoS sending RAW Configuration BPDU
  4. DoS sending RAW TCN BPDU
  5. Claiming Root Role
  6. Claiming Other Role
  7. Claiming Root Role dual home (MITM)

Cisco Discovery Protocol
  1. Sending RAW CDP packet
  2. DoS flooding CDP neighbors table
  3. Setting up a virtual device

Dynamic Host Configuration Protocol
  1. Sending RAW DHCP packet
  2. DoS sending DISCOVER packet (exhausting ip pool)
  3. Setting up rogue DHCP server
  4. DoS sending RELEASE packet (releasing assigned ip)

Hot Standby Router Protocol
  1. Sending RAW HSRP packet
  2. Becoming active router
  3. Becoming active router (MITM)

Dynamic Trunking Protocol
  1. Sending RAW DTP packet
  2. Enabling trunking

802.1Q
  1. Sending RAW 802.1Q packet
  2. Sending double encapsulated 802.1Q packet
  3. Sending 802.1Q ARP Poisoning

802.1X
  1. Sending RAW 802.1X packet
  2. Mitm 802.1X with 2 interfaces

VLAN Trunking Protocol
  1. Sending RAW VTP packet
  2. Deleting ALL VLANs
  3. Deleting selected VLAN
  4. Adding one VLAN
  5. Catalyst crash


Download Here:
http://www.yersinia.net/download.htm

Collection of Dos attcking tools





DOS attack is also known as Denial Of Service attack in which attacker make the resource unavailable from the legit users. This attack is performed by flooding server request queue with false requests so that no valid user can request on the server. Thus server down. If we take a look on the biggest cyber attack of past few months, DOS attack was main. DOS attack is even more powerful when it is performed by the number of systems on the same server. When many systems performs DOS attack on the same server, this attack is known as DDOS attack. This attack is most powerful attack and hard to prevent when performed by multiple systems. There are various tools available on the internet which can be used to attack on the server. 


This is the list of some popular DOS attacking tool.


Have you ever wanted to DOS attack on a website. Here I am going to write about a tool which is really helpful but it wouldn't be effective on big servers. 


NOTE: Please do not try to this tutorial to harm any other's website. I will not be responsible in any case. If you are not agree, please leave this website without reading further tutorial


for cool computer tricks click here
You need:

  1. Port Scanner  Download Here
  2. rDOS               Download Here
  3. Ip Hiding tool  Download Here


Follow these steps:

1: First of all you need to know the IP address of the website you want to crash.
Use ping command in windows to get the ip address of the website.
open CMD and enter ping www.website.com
see the snap
Now you have the IP address of the website.

2: Now use Port scanner to check whether PORT 80 is open or not. If PORT 80 is not open choose another website to hack :P
otherwise you can crash this website.

3: Now open your  rDos. Enter your victims ip that you got from step 1.
It will ask you for the port to attack use port 80 that’s why we scanned to make sure that 80 was open! If it is closed it will not work.

comment if you have any problem
free download Dos Attacking tool | LOIC 1.0.4



If you want to attack on a website by Denial of service attack and you are in search of a tool which can help you in this. Today i have a tool which performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP packets, UDP packets, or HTTP requests with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.



LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal.


But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered.


this is a nice tool to perform dos or ddos attack but try it on your own risk. It has no ability to hide your IP address. So attacking on a website may cause a trouble for you.


Download Here

LOIC





Tev Dos Tool | Dos attacking tool


Today i found a nice tool on a blog, which is really helpful for understanding and performing dos attack on a website. The name of this tool is Tev Dos tool. i had already posted some tools which can be used for performing dos attack on websites. Go and get those in dos attacking tool section.


This tool is simple to use and please try it on your risk because you will be easily traced. So be prepare before attacking on a website. This tool will not work good for big servers.




Download Here
#RefRef- DDos tool developed by Anonymous



Amomymous are building a new Denial of service attack tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. This is called #RefRef and developed in Javascript. This was very effective in a 17 minute attack from a single machine resulting in a 42-minute outage on Pastebin yesterday.  This was confirmed by the Pastebin via twitter.
This tool will e released in September. The tool uses a simple GUI to operate. As it turns out, the attack is launched client side, and will send a separate script in the connection request made to the target server. This request is actually the exploit itself, and once the server renders the code, it will continue to render it until crashing. In essence, the stronger the server, the faster it crashes. 

hack websites by using ddosim v0.2 (Application Layer DDOS Simulator)




DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server). Can be used only in a laboratory environment to test the capacity of the target server to handle application specific DDOS attacks.


Features
  • HTTP DDoS with valid requests
  • HTTP DDoS with invalid requests (similar to a DC++ attack)
  • SMTP DDoS
  • TCP connection flood on random port
In order to simulate such an attack in a lab environment we need to setup a network like this:
On the victim machine ddosim creates full TCP connections – which are only simulated connections on the attacker side.
There are a lot of options that make the tool  quite flexible:
Usage: ./ddosim
-d IP                   Target IP address
-p PORT            Target port
[-k NET]             Source IP from class C network (ex. 10.4.4.0)
[-i IFNAME]      Output interface name
[-c COUNT]       Number of connections to establish
[-w DELAY]       Delay (in milliseconds) between SYN packets
[-r TYPE]             Request to send after TCP 3-way handshake. TYPE can be HTTP_VALID or HTTP_INVALID or SMTP_EHLO
[-t NRTHREADS]   Number of threads to use when sending packets (default 1)
[-n]                       Do not spoof source address (use local address)
[-v]                       Verbose mode (slower)
[-h]                       Print this help message



No comments: