Saturday, July 21, 2012

fp os


Fingerprinting OS

Fingerprinting is a process in scanning phase in which an attacker tries to identify Operating System(OS) of target system. Fingerprinting can be classified into two types
-Active Stack Fingerprinting
-Passive Stack Fingerprinting
Active Stack Fingerprinting involves sending data to the target system and then see how it responds. Based on the fact that each system will respond differently, the response is compared with database and the OS is identified. It is commonly used method though there are high chances of getting detected. It can be performed by following ways.
Using Nmap: Nmap is a port scanning tool that can be used for active stack OS fingerprinting.
Syntax: nmap -O IP_address
Example: nmap -U 127.0.0.1
Using Xprobe: It is UNIX only active stack fingerprinting tool. Also runs on Linux, it can not only detect OS but also devices and their version numbers.
Syntax: xprobe2 -v IP_address
Example: xprobe -v 127.0.0.1

Passive Stack Fingerprinting involves examining traffic on network to determine the operating system. There is no guarantee that the fingerprint will be accurate but usually they are accurate. It generally means sniffing traffic rather than making actual contact and thus this method is stealthier and usually goes undetected. Passive stack fingerprinting can be performed in following ways.
Using p0f: It is passive fingerprinting tool. Both windows and Linux versions are available.
For Windows:
Open command prompt and type
C:\>ipconfig
it will list all Ethernet card available in your system, note the number of Ethernet on which your connection is running, in my case it is two. Now type “p0f -i card_number”

C:\p0f>p0f -i 2
Now try to connect to the system you want to fingerprint leaving command prompt open and p0f will detect OS.
For Linux:
In Linux you will need to install it first. If you are using Red Hat Linux and downloaded a rpm package then browse to the folder where you downloaded rpm package and run following command.
#rpm -i package_name
else if you have configured yum for download from repository type following commands.
# yum clean all
#yum list
#yum install p0f
If you are using Debian based or Gentoo based Linux and downloaded deb package then browse to the folder and type following commands,
#dpkg -i package_name
else if you want to install from repository then use following commands
#apt-get update
#apt-get install p0f
if you are using super user then don't forget to prefix “sudo” before type “ap-get” command.
Now open command prompt and type following commands,
#p0f -i eth0 -vt
where “i” means interface “eth0” is your communicating card “v” means show results in verbose mode and “t” means add timestamps to output. Now try to connect to remote system and fingerprint its OS.
Using NetCraft:
Go to the site of NetCraft and type IP address of target you want to fingerprint in “What's that site is running”. It'll give you its OS.
I hope that was quite easy, if you have any problems using any of the above tools then please don't hesitate to ask. I am here to help, thanks for reading and keep visiting and also comment the thoughts and problems about any computer technology........aspect u like it.
Posted by at 3 comments:

track email del


Track Email Delivery

Reading this post for the only reason you read the title, track email delivery, isn't it. Whenever you send something important as mail you are always worried about whether it got read or not so here I 'll tell you about two services that will help you track your email messages.

Read Notify: 
ww.ReadNotify.com is professional e-mail tracking service. Service is paid and hence when you'll register they will offer you only 25 credits for demo. Service is damn good and complete information about your e-mail is traced out. It not only returns information about your mail got read or not but also brings information about IP address, time, location, web browser used and OS used to read sent email. It will also send you information about the mail has been forwarded or not or how many times it got read by recipient. Read Notify is most trusted email tracking service and hence used by many companies and even spammers.
To check out how a receipt appears click here.
Get Notify:
www.GetNotify.com is free counter part to www.ReadNotify.com. It also tracks emails but details are not as detailed as Read Notify. I have heard from many people that its service is not good but believe me they are not as detailed as Read Notify but their service isn't that crap. I am using it since one year and I don't have any complaints just because it never gave me any chance, so if someone has defamed Get Notify in front of you, try it before you accept his/her words, I guarantee you'll find the defamer wrong.

As a personal judgment I don't deny Read Notify is better than Get Notify but its not that bad either and don't forget it's 100% free, you have to compromise a little on free stuff. As a final verdict I 'll say Read Notify is best email tracking service whereas Get Notify is best free email tracking service.

How They Work:
Both use a same kind of strategy they ask you to embed email with a mini image provided by them while sending e-mail(Please note that this image is so small to get detected). When email is opened, this image sends all information about email to the person asked for receipt. No matter images are enabled or disabled this image will surely send information.

Don't bother about how you gonna use service because after registration both provide a cool video that demonstrates how to use their service and get most of it.

Thanks for visiting. Have a nice time and please don't forget to tell me about what you feel about above information about tracking email delivery.
Posted by at 6 comments:

hacking google2


Advanced Google Hacking Operators

This is next part to Google Hacking, here we will discus some more search queries used for foot-printing. So following are your new queries, don't just read them practice them, you'll need a good practice of advanced operators just because they are more prone to give false positives.

 Related:
This query will search web pages for the word specified after related. Please copy paste example in search engine and press enter.

 Example: related:bill gates

 define:
This query not only brings you definition and dictionary meaning of word but can also reveal you information about victims company. Try following query.

 define:microsoft
define:your name
define:google

 info:
This query is used to reveal history geography of word typed after it. Try following queries,

 info:days of life of devil
info:microsoft
info:google

 intext:
This will search every occurrence of word typed after it, it will not only search URL and title but also the text in body. Try this,

 intext: google hacking
intext:days of life of devil

 links:
This will search links to the URL that you will specify after it. Try following queries,

 links:http://nrupentheking.blogspot.com
links:links:google.com

 Now following are some other queries try them and see results yourself,

 cache:http://nrupentheking.blogspot.com
phonebook:bill gates
stocks:microsoft
stocks:linux
intitle:linux
inurl:linux

Please try them and let me know if you are facing any problem or any of those queries are not performing as you expected. Once you are good enough to use them we will discus how to use search queries to find files, folders, songs, movies, user-names and passwords.
Posted by at 2 comments:

hacking google.


Google Hacking

Google hacking, most commonly misunderstood words by newbies as making queries on Google search to find out songs and movies. But it is just part of scope that Google hacking covers, experienced hackers will find this article as incomplete though it is stuffed with lot of things.

What is Google hacking:
Google hacking is term given to create and use complex queries on search box to get expected results from Google. But in reality it includes using each and every tool that is provided by Google as hacking weapon. Did I forget to mention Google Hacking is part of Reconnaissance, that means if you have skipped previous posts then it will be harder for you to understand power of Google Hacking. In this section I 'll show you using some of its applications as hacking related tool rest is left to your creativity.

Cached Pages:
I know each and everyone of you have some day used Google in spite of what your favorite search engine is. You must have seen a link to “Cached Similar” pages whenever you run any search query. Cached pages store history pages for its users like you and me. Cached pages is good source of tracking down website activities. Suppose site contains a file whose link is removed from main website, now you want access to that file, cached pages can help you out.

OK now please type “DAYS OF LIFE OF DEVIL” in Google and browse for cached pages, note differences between main site and cached site.

Google Translator:
You might not be knowing but you don't need proxy servers to bypass security because we already have a online proxy tool known as “Google Website Language Convertor”. This is Google’s online tool for converting language of website to your native language(The Language Convertor you can see on this website is nothing but derivative of this tool), the powerful feature of this Google applications is that it can be used as proxy server. When you'll type “Google Website Language Convertor” it'll open for you following link,
http://www.google.com/language_tools?hl=EN
Now type URL of website you want select language conversion and press enter, if your page is already in language you want to browse it then select any language from “from” section and select your language in “to” section.

Basic Search Queries:

link:
This query searches for all links that ends to site mentioned after query.
Syntax: link:“http://nrupentheking.blogspot.com
 inurl:
This query will search occurrences of word specified in URL 's.
Syntax: inurl:“NRUPEN

site:
This query is used by combining it with other queries. So we will discus it later.

Intitle:
This query will search occurrences of word specified in title or website.
Syntax: intitle:“NRUPEN

filetype:
This query will search occurrences of filetype specified.
Syntax: filetype:doc “Google hacking”
Directories And Files Listing:
Apache server by default uses “Index of ” type title to transverse navigation which can be exploited using Google queries to get specific file or folder.
Syntax: intitle:index.of “songs”
Now try to figure out what what above query will do.
Grabbing Banner:
Banner Grabbing is method in Scanning phase which is used for getting type and version of application. Here for now, we will skip it and will open our look for it while discussing scanning phase.
Combining Queries:
Now all above queries mentioned above can be combined to get powerful information from search engine via victim. It can open nearly everything about victim about software, hardware, documents if victim is unprotected against Google Crawlers. Depending upon your skills we leave how to use them combined for purpose but will show you how to combine them.
Try following one by one, one you use them you'll know which combination can be used when,
site:nrupentheking.blogspot.com + inurl:hacking
site:nrupentheking.blogspot.com inurl:hacking
inurl:admin inurl:php
Johnny Long:
Johnny Long maintains a website which keeps a brief database of using Google search queries. Browse for his name and you'll be lead to his website were you can click on Google Hacking Database to learn more than what we discussed here.
Google Hacking Tools:
There are several search quires that you can make using Google but remembering them is not that easy task so we have some ready made tools that do our job for us. Following are some of them,
Site Digger Tool: Uses Google hacking database to give out results from caches and also traces errors.
Gooscan: This tool also uses Google Hacking database and is also able to mark out vulnerabilities.
Google Hacks: It is one the most used Google hacking tools. Have very easy and understandable user interface, can solve all your download needs, must use tool for everyone.
Note: Please be sure we have not covered everything related to Google Hacking. I just gave some brush up so that you can practice them then I 'll cover Advanced Google Hacking, please note that maximum of our Google hacking queries are formed using above search queries so please practice, advanced Google hacking will be covered at last stage of reconnaissance phase. Please don't forget to ask whatever you were unable to understand in this post. Thanks for reading and keep visiting.
Posted by at 2 comments:

Wednesday, July 11, 2012


please give comments for more information..............
Posted by at 2 comments:
Subscribe to: Posts (Atom)