Spying on your victim with Screenspy of Metasploit in Ubuntu!


Screenspy is a feature in Meterpreter which allows you to view what your targeted host is doing on his workstation.  It captures the images on your targeted host, sends it back to you on a set interval (in seconds) and you will look at it as if its live on your local machine.

Source: http://eromang.zataz.com/2011/02/08/metasploit-meterpreter-screenshot-and-screenspy-stdapi/

Cracking SMBNT with Medusa


As I am learning more about the SMB protocol for Windows, I came across Medusa.  So first thing I did was try and hook it up with a dictionary and attack my Windows OS which is on Windows 7.  After installing it, (see here to know how), I looked at the arguments and start cracking!  I tried cracking using THC-HYDRA but I had some difficulties at first.  The commands are pretty much the same if you look at it. Read the rest of this entry »

Medusa Parallel Network Login Auditor by Foofus


Something similar to THC-HYDRA, Medusa was written by JoMo-Kun from Foofus.

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:

  • Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
  • Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
  • Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing. Read the rest of this entry »

Setting up Karmetasploit in Ubuntu 10.10


This is one old post that I have never written on after saving the draf on the link that teaches how to run Karmetasploit.  Basically, what we will be doing in this post is to run the Karmetasploit module and start sniffing cookies into our database.  In this post, we will look into the commands we type until we are able to sniff cookies using Karmetasploit. Read the rest of this entry »

THC-HYDRA


Read on to find out more on what hydra is and how it is used by hackers to crack password in matter of hours! Be it email, ftp or Facebook! With the right set of skills, you can do whatever you want with it as long as it is in the area you are allowed to. In this article, I will be writing a quick description on how to install it and how to use it on a basic level.

Read the rest of this entry »

Pentest result from HYDRA-THC


A finding I made today was, if you were to use hydra to crack a SMTP email, the email account would generally be logged out and requires verification if he were to login his IM or email account.  Which made me suspect what would happen if hydra actually gotten into the actual correct password but due to verification it would not show a success.  What I did was I froze my account by sending thousands of invalid login to my email account via hydra.  After that, I verified that I am not able to login to my email account, as it requires verification.  Without entering the verification code or logging in, I continued hydra but with the correct password of mine this time.  What I found out was hydra had successfully gotten my email’s password.  My finding is that you do not need to be worried about verification code at all.

John the Ripper


John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus many more with contributed patches.

Source: http://www.openwall.com/john/
How To Install: http://www.openwall.com/john/doc/INSTALL.shtml