Attacking Windows Platform with EternalBlue Exploit via Android Phones | MS17-010

Image
Introduction On 14 April 2017, a hacker group know by the name of Shadow Brokers leaked exploitation toolkit used by the National Security Agency (NSA). The leak was also used as part of a worldwide WannaCry ransomware attack. EternalBlue is also an exploit developed and used by the NSA according to former NSA employees. Lab Environment Target Machine: Windows 7 Ultimate x64 bit Attacker Machine: Android 5.1  What is EternalBlue EternalBlue actually exploits a vulnerability found in Server Message Block (SMB) protocol of Microsoft Windows various platforms. This vulnerability can be found under CVE-2017-0144 in the CVE catalog.The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. Windows 7 Operating with Release Effected by EternalBlue Installing Metasploit Framework on Android Step 1: Download Termux from play store....
Post a Comment

Web Technologies Part-1

WeB  TechNOLogy Part-1:-

The Technology Used By the Web Application To implement its Functionality is called Web Technology or Web Application Technology.

THE HTTP Protocol:-

* HTTP is stand as hyper text transfer protocol
* It is the core communication protocol used for accessing World Wide Web.
* It is the Simple Protocol.
* It is Originally Developed To retrieve  static text-based Resources.
*HTTP uses the message model
      
      client----------------------------------------->server
             client sends request message to server       
                <--------------------------------------- 
              server sends response message to client

 *HTTP is a connectionless protocol but is uses stateful TCP protocol for transport mechanisms for 
   the implementation of message model.

HTTP REQUEST:-

All HTTP message contains more than one or more Header , each one on seperate line ,followed by a mandatory blank line , followed by an optional Message


* First of all it tell about the HTTP method ,  In this case the Method is GET which work is to retrieve resources from web server. GET method does have a message Body.

 * Requested URLS

 *HTTP version Being Used , the most common version of http is version 1.0 and 1.1 but most of the browser uses http version 1.1 by default. In version 1.1 host Header is compulsory.

 *Referer Header indicates from where is request Orginates.

 *user-agent Header indicates or tells information about the browser or software used to generates the  request.

 * Host Header is used to specifies the host name.

 * cookie Header used to indicates the additional parameters issued to the client by the server.

HTTP Response:-



* HTTP version

 *Status Code to tell the status or result of the request . Mostly 200 is used to show successfully result of the request.

 *Additional  Textual reason Phase For the result of the Request.

 *SErver Header indicates the server software being used. Sometimes it tells installed modules and operating system on the server 
  But note that the information it provide is accurate or may not.

*Set-cookie Header issues the browser a further cookie

 *pragma Header instruct the browser not to store the response in the cache.

 *Expires Header indicates that the response content expired in the past and should not be cached.

 *content-type Header indicates the body of this message contain html documents.

 *content-length Header indicates the Length of message body in bytes.

HTTP Methods:-

The most commonly used method in HTTP are:-

 * GET
*POST

 Both the methods are different in themselves and provides different security.

 Many Others HTTP MeTHoDS ARE:-

 *HEAD

 *PUT

 *TRACE

 *OPTION

 I will discuss HTTP Methods in detail in WEB technology part-2 !!!!!!!!!!!!!!!!!

Comments

Post a Comment

Popular posts from this blog

Practical of XSS cross site attack

Image
XSS (CROSS SITE SCRIPTING) It is a attack to the websites in this attacker attack the website from the client side. Basically attacker enter malicious code/script/payload in the website from the user end. Concept of this attack is already told in my previous post XSS cross site scripting Now lets come to the practical ones  For do this attack we First need a  SEarch box in the website  So Now see the Practical of Xss  Site Where I performed this Attack  Target Site:-   glbitm.org Now we Enter the script/payload/code to check whether the site is vulnerable or not. Entering the script <Script>alert (“welcome to glbajaj”)</script> If the site is vulnerable then the site pop the message welcome to glbajaj, if not then it will not pop up any message Let’s see:-  See the site Pop the message means the site is vulnerable to cross site scripting Now let’s check the same with ano...
Read more

Beware ! viral sarahah App secretly steals Your entire contact List

Beware ! viral sarahah App secretly steals Your entire contact List----------- Are you also one of those 18 Million users using SARAHAH? You should beware of this app because the anonymous feedback application may not be as private as it really sounds. Sarahah is a newly launched app that has become one of the hottest iPhone and Android apps in the past couple of weeks, allowing its users to sign up to receive anonymised, candid messages from other Sarahah users. However, it turns out that the app silently uploads users' phone contacts to the company's servers for no good reason, spotted by security analyst Zachary Julian.   When an Android or iOS user downloads and installs the app for the first time, the app immediately harvests and uploads all phone numbers and email addresses from the user's address book, according to  The Intercept .   While an app requesting access to the user's phonebook is quite common if the app provides any feature ...
Read more

How Hackers Cash out the Bitcoins Received in ransomWare Attack

How Hackers Cash out the Bitcoins Received in ransomWare Attack  Digital currencies have emerged as a favorite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransom ware attacks— WannaCry ,  Petya ,  LeakerLocker ,  Locky and  Cerber  to name a few. Also, every other day we hear about some incidents of hacking of crypto currency exchange or digital wallets, in which hackers stole millions of dollars in Bitcoin or Ethereum. It's obvious that after ripping off hundreds of thousands of cryptocurrencies from exchanges, wallets and ransomware victims, cyber criminals would not hold them in just digital form—the next step is to cash them out into real-world money. If you are unaware, there are some crypto currency exchanges involved in money laundering, who are ill...
Read more