Attacking Windows Platform with EternalBlue Exploit via Android Phones | MS17-010

Image
Introduction On 14 April 2017, a hacker group know by the name of Shadow Brokers leaked exploitation toolkit used by the National Security Agency (NSA). The leak was also used as part of a worldwide WannaCry ransomware attack. EternalBlue is also an exploit developed and used by the NSA according to former NSA employees. Lab Environment Target Machine: Windows 7 Ultimate x64 bit Attacker Machine: Android 5.1  What is EternalBlue EternalBlue actually exploits a vulnerability found in Server Message Block (SMB) protocol of Microsoft Windows various platforms. This vulnerability can be found under CVE-2017-0144 in the CVE catalog.The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. Windows 7 Operating with Release Effected by EternalBlue Installing Metasploit Framework on Android Step 1: Download Termux from play store....
Post a Comment

Introduction to The Wireshark

WIRE SHARK :

 Wireshark is a free and open source packet analyser tool.

  -> Originally its name is Ethereal but due to trade mark issue they change its name to wireshark.
-> Its is cross-plateform Application.
-> It runs on the various different plateforms like
            > Linux
            >MacOS
            >BSD      (Berkeley Software Distribution Unix Operating System)
            >Solaris    (Unix Operating System)
            > Windows

->Wireshark uses Pcap (packet capture consists of application programming interface i.e API for capturing network traffic).

 ->In unix like system implements Pcap in the libpcap library.

 ->Window uses a port of libpcap known as Winpcap i.e windows packet capture

 -> Extension of wireshark file is .pcap

 ->Wireshark is gui based application (graphical user interface application).
  
-> Like wireshark there is a application which is non-gui based i.e terminal based application known as Tshark.

 -> Wireshark is similar to the application Tcpdump but it is having graphical user interface at the front end and having some additional features like filtering options.

 Nows Lets come To lets Features:

 -> Data can be captured from the live network.

 -> Live data can be read from various different types of network like Ethernet, PPP , loopback and IEEE 802.11
        
      where PPP stands for Point-To-Point protocol
       where Loopback is a communication channel with endpoint it allows user client software to communicate with server in the same computer.
        where IEEE 802.11 is for the wlan wireless local area network

-> captured packets can be browsed using gui i.e graphical user interface and can also be browsed with help of terminal.

-> captured packets can be edited in the in the editpcap programs.

 -> Display packets can be refined using Filters options .
For the filters of the wireshark you can go through the below link :-
   
http://packetlife.net/library/cheat-sheets/  
         there is the complete list of the filters of wireshark

You can download wireshark from
      https://www.wireshark.org/#download

In kali linux it is preinstalled.

Comments

Post a Comment

Popular posts from this blog

Practical of XSS cross site attack

Image
XSS (CROSS SITE SCRIPTING) It is a attack to the websites in this attacker attack the website from the client side. Basically attacker enter malicious code/script/payload in the website from the user end. Concept of this attack is already told in my previous post XSS cross site scripting Now lets come to the practical ones  For do this attack we First need a  SEarch box in the website  So Now see the Practical of Xss  Site Where I performed this Attack  Target Site:-   glbitm.org Now we Enter the script/payload/code to check whether the site is vulnerable or not. Entering the script <Script>alert (“welcome to glbajaj”)</script> If the site is vulnerable then the site pop the message welcome to glbajaj, if not then it will not pop up any message Let’s see:-  See the site Pop the message means the site is vulnerable to cross site scripting Now let’s check the same with ano...
Read more

Beware ! viral sarahah App secretly steals Your entire contact List

Beware ! viral sarahah App secretly steals Your entire contact List----------- Are you also one of those 18 Million users using SARAHAH? You should beware of this app because the anonymous feedback application may not be as private as it really sounds. Sarahah is a newly launched app that has become one of the hottest iPhone and Android apps in the past couple of weeks, allowing its users to sign up to receive anonymised, candid messages from other Sarahah users. However, it turns out that the app silently uploads users' phone contacts to the company's servers for no good reason, spotted by security analyst Zachary Julian.   When an Android or iOS user downloads and installs the app for the first time, the app immediately harvests and uploads all phone numbers and email addresses from the user's address book, according to  The Intercept .   While an app requesting access to the user's phonebook is quite common if the app provides any feature ...
Read more

How Hackers Cash out the Bitcoins Received in ransomWare Attack

How Hackers Cash out the Bitcoins Received in ransomWare Attack  Digital currencies have emerged as a favorite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransom ware attacks— WannaCry ,  Petya ,  LeakerLocker ,  Locky and  Cerber  to name a few. Also, every other day we hear about some incidents of hacking of crypto currency exchange or digital wallets, in which hackers stole millions of dollars in Bitcoin or Ethereum. It's obvious that after ripping off hundreds of thousands of cryptocurrencies from exchanges, wallets and ransomware victims, cyber criminals would not hold them in just digital form—the next step is to cash them out into real-world money. If you are unaware, there are some crypto currency exchanges involved in money laundering, who are ill...
Read more