DNS-Poison attack






The job of a DNS is to convert the human readable addresses entered  into machine readable IP addresses.

For example when you type the URL (http://www.google.com) into the address bar the first thing that occurs is the nearest DNS server is contacted and the IP address of google domain is retrieved. Based on this IP address the website is opened.
So a DNS is a huge database that stores IP addresses of different domains. These are cached and updated on a regular basis.

DNS poisoning is also called DNS cache poisoning, and refers to the corruption of DNS tables and caches so that a domain name points to a malicious IP address. Once the user is re-directed to the malicious IP address his/her computer can be infected with worms, viruses, spy ware etc. Cache poisoning is mostly done through spam emails, or through web-links and banners that attracts users to click on them. A simple click causes the user to be re-directed to a DNS poisoned server.

How to create DNS-poison attack:



1: If your target DNS server is running Microsoft’s DNS server, on W2K SP 1 or 2, you can poison DNS using an alias. You have to have control of a zone (yourname.com) and a DNS server. You create a zone on your dns server under the name you want to poison (example.com). Your DNS server thinks it is authoritative for the example.com zone.

2: Next you create a host record in example.com that points to a host you control. In your real zone (yourname.com), you create a CNAME record for a host like spoof that points to hostname at example.com, like www.example.com. Then you point your local stub resolver at the target DNS server (most DNS servers will resolve for anyone by default). When you try to lookup spoof.yourname.com, the target DNS server will find your dns server. Your dns server will see that spoof.yourname.com is a CNAME for www.example.com and look that up. Since it thinks it is authoritative for example.com, it will ask itself, and return that IP address to the target DNS server. Now it is in the targets DNS cache. Anyone who tried to resolve www.example.com from that DNS server will get the IP address of the host you defined in the example.com zone.

3: Another way is to sniff the traffic of the target DNS server and when it tries to resolve a host name, feed it the result of your choosing before the recursive query finishes. The first response wins.



How to recover from a DNS-Poison attack:


1: You need to be absolutely positive that you have not been infected with spyware. Many spyware/adware programs today will modify the DNS settings or local hosts file on Windows machines. So you should run your personal spyware/adware detection tool.

2: Try to find out the IP address of the malicious DNS server(s) (check site to see if it has been reported)

3: You may want to block the IP address of the malicious DNS server at your border routers/firewalls so that your so that you cache does not become poisoned again.

4: Cleaning up from a site-wide DNS cache poisoning may require flushing the cache on all of your DNS servers in your organization probably starting with the most externally facing DNS boxes first.

5: On Windows DNS servers, you can stop/start the DNS service to clear the cache. You can also use the dnscmd.exe command from the
6: resource kit:

7. dnscmd.exe /ClearCache

8: On Windows 2000, XP, and 2003 clients, you can flush the client cache by running "ipconfig /flushdns". (Please note that this will do nothing to clean-up a poisoned DNS caching server upstream.)

9: On BIND 9, you can clear the cache by running "rndc" command and executing the "flush" command. On     BIND 8 or below, it appears that you have to restart the server.




 

Sniff VoIP Calls


Hello friends Cyberwarriors are back with Amazing Tutorial Sniffing VoIP Calls With Wireshark.......

VoIP phones are implemented in every major organization and they are providing an attack surface for every malicious user that’s knows the basics of hacking. If there is no encryption in the communication media then an attacker could eavesdrop phone conversations which might impact the business in case that calls are classified as confidential.

A pentester should be able to identify if eavesdropping is possible on the voice network via the following technique.

ARP Poisoning:


The first step before implementing a Man-in-the-Middle attack is to enable IP forwarding in order to be able to route traffic from your system to the gateway with the following command:

echo 1 > /proc/sys/net/ipv4/ip_forward

Now you can perform a Man-in-the-Middle attack in order to be able to intercept VoIP traffic. This can be achieved really easy with the command below:




Capturing and Decoding VoIP Traffic


Now that the traffic is being routed to your box you can use Wireshark in order to sniff any SIP traffic. We are particularly interested for the RTP packets as they contain the actual conversation of a VoIP call.



Wireshark contains a built-in utility called VoIP calls which can decode RTP data into a playable audio format.




Secure your Network form this Attack:

As we saw it is very easy and fast to eavesdrop a phone call conversation just by performing a MiTM attack and having a tool like wireshark to sniff the traffic. In a VoIP assessments pentesters should try to implement this attack in order to identify if eavesdropping is possible. To prevent this attack companies should use the SRTP which is a secure protocol and provides encryption of the data being transferred so even if an attacker is able to capture the call it will be difficult to decrypt the data and to listen the message or we add voip pohens in different voip vlans................

 






 

Email Spoofer by CyberWarriors



Email is the most comprehensive surveillance system ever created.

It’s easy for us to think that we are safe behind our web browsers and that nobody is watching what we do. The reality is that your online activities are constantly logged, tracked, and indexed by big business and government agencies. To keep your emails away from prying eyes, use an anonymous email address.


So, here we are, use our free  anonymous PhP Emailer

This Emailer sent mail in inbox folder 100%

Step 1:Upload life on free hosting 

Step 2:Fill the information and click on send ..!!!

Passwd=cyberwarriors













 

What is 'write-protection'?


'Write protection' is a type of security measure which places a 'lock' on digital files. The locking action prevents modifications from being made to the stored data, and is a simple way to avoid changes being made to important files without your permission. So far, so logical; but occasionally these security measures can backfire, essentially locking you out of your own home.
Write-protection is often a physical (rather than a virtual) security measure; lifting it usually involves flicking a switch on the mass storage device. The trick is to first find the switch, and or to change the virtual settings on your computer to accept the physical changes.


Insert the memory stick into the computer
Step 1:Go to My Computer and under Devices with Removable Storage look for your card reader
Step 2:Right-click on it and click Properties In the pop-up box, sometimes there's an option to Remove write-protection. Change the status of this option and try again.

Still not working??

Remove your memory stick from the drive
Step 1:Click Start > Run... In the box type regedit and press OK
Step 2:A new window will appear. Goto:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies
Step 3:If you can't locate StorageDevicePolicies then you will need to create this folder
Step 4:Right-click on Control and click on New > Key. Name this StorageDevicePolicies
Step 5:Right-click on the new folder you created called StorageDevicePolicies and click New >DWORD Value.
Step 6:Name this WriteProtect
Step 7:Double-click on Write Protect and change the Value Data to 0 and then click OK
Step 8:Close the Registry Editor and insert the memory stick into your computer



 

Installing TOR browser



What is Tor?

Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. This guide guides your through installing tor in Kali Linux.

Installing Tor in Kali Linux:

Step1: Downloading and Running Tor bundle
After Downloading the architecture-appropriate file above, save it anywhere, then run one of the following two commands to extract the package archive

Step 2:TO extract the Package use this command in terminal
----------------------------------------------------------------------
tar -xvzf tor-browser-gnu-linux-i686-2.3.25-15-dev-LANG.tar.gz
----------------------------------------------------------------------

If you useing 64-bit version use this Command

----------------------------------------------------------------------
tar -xvzf tor-browser-gnu-linux-x86_64-2.3.25-16-dev-LANG.tar.gz
-----------------------------------------------------------------------

Step 3:Once that’s done, switch to the Tor browser directory by running

Step 4:To run the Tor Browser Bundle, execute the start-tor-browser script:

-----------------------------------------------------------------------
./start-tor-browser
-----------------------------------------------------------------------









 

NMAP EBook



Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

Nmap was named “Security Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.

Nmap is ...

Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, firewalls, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), OS detection, version detection, ping sweeps, and more. See the documentation page.
Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.
Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.
Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.
Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.
Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.
Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.
Acclaimed: Nmap has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.
Popular: Thousands of people download Nmap every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities

About EBook:

Introduction....................................................................................... 15
Section 1: Installing Nmap .................................................................. 19
Section 2: Basic Scanning Techniques .................................................. 33
Section 3: Discovery Options .............................................................. 45
Section 4: Advanced Scanning Options ................................................ 65
Section 5: Port Scanning Options ........................................................ 79
Section 6: Operating System and Service Detection ............................. 89
Section 7: Timing Options .................................................................. 97
Section 8: Evading Firewalls .............................................................. 115
Section 9: Output Options ................................................................ 127
Section 10: Troubleshooting and Debugging ...................................... 135
Section 11: Zenmap .......................................................................... 147
Section 12: Nmap Scripting Engine (NSE)........................................... 161
Section 13: Ndiff .............................................................................. 171
Section 14: Tips and Tricks ................................................................ 177
Appendix A - Nmap Cheat Sheet ....................................................... 187
Appendix B - Nmap Port States ......................................................... 191
Appendix C - CIDR Cross Reference ................................................... 193
Appendix D - Common TCP/IP Ports .................................................. 195
6
7
Table of Contents
Introduction....................................................................................... 15
Conventions Used In This Book ............................................................. 18
Section 1: Installing Nmap .................................................................. 19
Installation Overview ............................................................................ 20
Installing Nmap on Windows ................................................................ 21
Installing Nmap on Unix and Linux systems .......................................... 25
Installing Precompiled Packages for Linux ........................................ 25
Compiling Nmap from Source for Unix and Linux ............................ 26
Installing Nmap on Mac OS X ................................................................ 29
Section 2: Basic Scanning Techniques .................................................. 33
Basic Scanning Overview ....................................................................... 34
Scan a Single Target............................................................................... 35
Scan Multiple Targets ............................................................................ 36
Scan a Range of IP Addresses ................................................................ 37
Scan an Entire Subnet ........................................................................... 38
Scan a List of Targets ............................................................................. 39
Scan Random Targets ............................................................................ 40
Exclude Targets from a Scan.................................................................. 41
Exclude Targets Using a List .................................................................. 42
Perform an Aggressive Scan .................................................................. 43
Scan an IPv6 Target ............................................................................... 44
Section 3: Discovery Options .............................................................. 45
Discovery Options Overview ................................................................. 46
Don’t Ping ............................................................................................. 47
Ping Only Scan ....................................................................................... 48
TCP SYN Ping ......................................................................................... 49
TCP ACK Ping ......................................................................................... 50
UDP Ping ............................................................................................... 51
SCTP INIT Ping ....................................................................................... 52
8
ICMP Echo Ping ..................................................................................... 53
ICMP Timestamp Ping .......................................................................... 54
ICMP Address Mask Ping ...................................................................... 55
IP Protocol Ping .................................................................................... 56
ARP Ping ............................................................................................... 57
Traceroute ............................................................................................ 58
Force Reverse DNS Resolution.............................................................. 59
Disable Reverse DNS Resolution ........................................................... 60
Alternative DNS Lookup Method.......................................................... 61
Manually Specify DNS Server(s) ........................................................... 62
Create a Host List .................................................................................. 63
Section 4: Advanced Scanning Options ................................................ 65
Advanced Scanning Functions Overview .............................................. 66
TCP SYN Scan ........................................................................................ 67
TCP Connect Scan ................................................................................. 68
UDP Scan .............................................................................................. 69
TCP NULL Scan ...................................................................................... 70
TCP FIN Scan ......................................................................................... 71
Xmas Scan ............................................................................................. 72
Custom TCP Scan .................................................................................. 73
TCP ACK Scan ........................................................................................ 74
IP Protocol Scan .................................................................................... 75
Send Raw Ethernet Packets .................................................................. 76
Send IP Packets ..................................................................................... 77
Section 5: Port Scanning Options ........................................................ 79
Port Scanning Options Overview .......................................................... 80
Perform a Fast Scan .............................................................................. 81
Scan Specific Ports ................................................................................ 82
Scan Ports by Name .............................................................................. 83
Scan Ports by Protocol .......................................................................... 84
9
Scan All Ports......................................................................................... 85
Scan Top Ports ....................................................................................... 86
Perform a Sequential Port Scan ............................................................ 87
Section 6: Operating System and Service Detection ............................. 89
Version Detection Overview ................................................................. 90
Operating System Detection ................................................................. 91
Submitting TCP/IP Fingerprints ............................................................. 92
Attempt to Guess an Unknown Operating System ............................... 93
Service Version Detection ..................................................................... 94
Troubleshooting Version Scans ............................................................. 95
Perform an RPC Scan ............................................................................. 96
Section 7: Timing Options .................................................................. 97
Timing Options Overview ..................................................................... 98
Timing Parameters ................................................................................ 99
Timing Templates ................................................................................ 100
Minimum Number of Parallel Operations........................................... 101
Maximum Number of Parallel Operations .......................................... 102
Minimum Host Group Size .................................................................. 103
Maximum Host Group Size ................................................................. 104
Initial RTT Timeout ............................................................................. 105
Maximum RTT Timeout ...................................................................... 106
Maximum Retries ................................................................................ 107
Set the Packet TTL ............................................................................... 108
Host Timeout ...................................................................................... 109
Minimum Scan Delay .......................................................................... 110
Maximum Scan Delay .......................................................................... 111
Minimum Packet Rate ......................................................................... 112
Maximum Packet Rate ........................................................................ 113
Defeat Reset Rate Limits ..................................................................... 114
10
Section 8: Evading Firewalls .............................................................. 115
Firewall Evasion Techniques Overview ............................................... 116
Fragment Packets ............................................................................... 117
Specify a Specific MTU ....................................................................... 118
Use a Decoy ........................................................................................ 119
Idle Zombie Scan ................................................................................ 120
Manually Specify a Source Port Number ............................................ 121
Append Random Data ........................................................................ 122
Randomize Target Scan Order ............................................................ 123
Spoof MAC Address ............................................................................ 124
Send Bad Checksums .......................................................................... 125
Section 9: Output Options ................................................................ 127
Output Options Overview .................................................................. 128
Save Output to a Text File................................................................... 129
Save Output to a XML File .................................................................. 130
Grepable Output ................................................................................ 131
Output All Supported File Types......................................................... 132
Display Scan Statistics ......................................................................... 133
133t Output ........................................................................................ 134
Section 10: Troubleshooting and Debugging ...................................... 135
Troubleshooting and Debugging Overview ........................................ 136
Getting Help ....................................................................................... 137
Display Nmap Version ......................................................................... 138
Verbose Output .................................................................................. 139
Debugging .......................................................................................... 140
Display Port State Reason Codes ........................................................ 141
Only Display Open Ports ..................................................................... 142
Trace Packets ...................................................................................... 143
Display Host Networking Configuration ............................................. 144
Specify Which Network Interface to Use ........................................... 145
11
Section 11: Zenmap .......................................................................... 147
Zenmap Overview ............................................................................... 148
Launching Zenmap .............................................................................. 149
Basic Zenmap Operations ................................................................... 150
Zenmap Results ................................................................................... 151
Scanning Profiles ................................................................................. 152
Profile Editor ....................................................................................... 153
Viewing Open Ports ............................................................................ 154
Viewing a Network Map ..................................................................... 155
Saving Network Maps ......................................................................... 156
Viewing Host Details ........................................................................... 157
Viewing Scan History .......................................................................... 158
Comparing Scan Results ...................................................................... 159
Saving Scans ........................................................................................ 160
Section 12: Nmap Scripting Engine (NSE)........................................... 161
Nmap Scripting Engine Overview........................................................ 162
Execute Individual Scripts ................................................................... 163
Execute Multiple Scripts ..................................................................... 164
Script Categories ................................................................................. 165
Execute Scripts by Category ................................................................ 166
Execute Multiple Script Categories ..................................................... 167
Troubleshoot Scripts ........................................................................... 168
Update the Script Database ................................................................ 169
Section 13: Ndiff .............................................................................. 171
Ndiff Overview .................................................................................... 172
Scan Comparison Using Ndiff .............................................................. 173
Ndiff Verbose Mode ............................................................................ 174
XML Output Mode .............................................................................. 175
Section 14: Tips and Tricks ................................................................ 177
Tips and Tricks Overview .................................................................... 178
12
Combine Multiple Options ................................................................. 179
Scan Using Interactive Mode .............................................................. 180
Runtime Interaction ........................................................................... 181
Remotely Scan Your Network ............................................................. 182
Wireshark ........................................................................................... 183
Scanme.Insecure.org .......................................................................... 184
Nmap Online Resources ..................................................................... 185
Appendix A - Nmap Cheat Sheet ....................................................... 187
Appendix B - Nmap Port States ......................................................... 191
Appendix C - CIDR Cross Reference ................................................... 193
Appendix D - Common TCP/IP Ports .................................................. 195








 

Dmitry Deepmagic Information Gathering Tool in kali linux


DMitry

(Deepmagic Information Gathering Tool) is a Linux Command Line Application coded in C language.
DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. 

The information are gathered with following methods:

*        Perform an Internet Number whois lookup.
*        Retrieve possible uptime data, system and server data.
*         Perform a SubDomain search on a target host.
*        Perform an E-Mail address search on a target host.
*        Perform a TCP Portscan on the host target.
*        A Modular program allowing user specified modules

open dmitry in Kali Linux

Application ==> Kali Linux ==> Information gathering ==> Live Host Identification ==> dmitry



Syntax:

dmitry -(Switches)  (victim) 

Example:

dmitry -p 192.168.1.5

-o  


This command is used to save output specify with a given name our output the default is host.txt you could name it anything you want.
Syntax: dmitry –s domain –o filename
Ex:dmitry –s google.com –o filename

-i


Thiscommand is used to perform a whois lookup of the IP address of a host, this tells us that if we only no the name that dmitry will find the IP for us.
Syntax:         dmitry –i IP address
Ex:               dmitry –i 192.168.71.128

-w


This command is used to perform a whois lookup on the domain name of a host.
Syntax:         dmitry –w domain
Ex:               dmitry –w google.com

-n


This command is used to give us Netcraft.com information on a host.
Syntax:         dmitry –n domain
Ex:               dmitry –n facebook.com

-s


This command is used to  performs a search for possible subdomains.
Syntax:         dmitry –s domain
Ex:               dmitry –s yahoo.com

-e


This command is used to perform a search for possible email addresses.
Syntax:         dmitry –e domain
Ex:               dmitry –e yahoo.com

-P

This command is used to perform a TCP port scan on a host.
Syntax:         dmitry –p IP address
Ex:               dmitry –p 192.1681.10

-f

This command is used to  perform a TCP port scan on a host showing output reporting filtered ports (useful if there is a firewall in place). For running successfully this command -p must be set.
Syntax:        dmitry –pf domain
Ex:              dmitry –pf google.com
























 

Alert: Tor Browser app in the Apple Store is fake, spreading Malwares and Spywares! Do not download!

Tor Browser app in the Apple app store is fake and have been found spreading adware and spywares.



According to the official website of Tor Browser, the Browser app available in Apple store on iTunes is fake and has nothing to do with the official version. The developers of Tor said that:

Tor Browser in the Apple App Store is fake. It’s full of adware and spyware. Two users have called to complain. We should have it removed.

The company has been complaining to Apple Inc. for over two months. However, Apple didn’t removed the app until now.