Post Exploitation 2

We had discussion going on the topic Post exploitation when I realized that in my first post I didnt put any special things on windows. So I am adding that information in this second post on this topic.

Like lots of people dont know that there are FOR loop on windows command line using which we can have a ping sweep or port scan from cmd without any thirdparty tools.

Ex.

Ping Sweep: Using following command we can run a ping sweep
FOR /L %i in (1,1,255) do @ping -n 1 10.10.10.%i | find "Reply"

This command will run a ping sweep on 10.10.10.0/24

Command line port scanner using ftp client:
The windows ftp client can be used as a port scanner.
But
C:\> ftp [IP_address]
This is not allowing to put port number and defaults to port 21 for connection.
But... we can specify a destination port in a ftp command file
- open [IP_addr] [port]

FTP client then can read this ftp commands file and execute them.

C:\> ftp -s:[filename]

So using this and FOR loop together...

for /L %i in (1,1,1024) do echo open [IPaddr] %i > ftp.txt & echo quit >> ftp.txt & ftp -s:ftp.txt 2>>ports.txt

Now the ports.txt will have output of the port scanner.

One more option in the FOR command let us use file as input

Ex. There is file with name PTips.txt containing one IP address each line
so following command will iterate through the file.

FOR /F "delims=^" %i in (PTips.txt) do ping %i

C:\>ping 222.222.222.222
Pinging 222.222.222.222 with 32 bytes of data:
Reply from 222.222.222.222: Destination net unreachable.
...
...

One more addition
Having only cmd in windows does put lot of restrictions.
Lots of time I miss the simple commands like in linux to get HTML pages.
Can we download HTML pages on windows without Browser ???
...
...
...
Yes We Can
The problem with telnet is it dont allows us to redirect the output or screen to some file...
So... so we use -f for creating log of the telnet session.
Ex. Windows telnet as simple HTTP GET tool
C:\> telnet -f log.txt
Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet>o in.yahoo.com 80
...
...
Microsoft Telnet>sen GET / HTTP/1.0
...
Html contents will scroll down all of sudden but dont worry,
all that content will be saved to the log file: log.txt
There you go.

web hit counter

Lack of Information Security Conern in India - Part 2

Continuing from where I left...
The only sector which has a little bit of sense of security is the financial sector.
That too they have learned from the foreign financial institutes. There has been lots
of wire frauds, cracking in the financial sector. Lots of time this kind of cracking is
done by a script kiddie.
(For the Dummies: Script Kiddie is a person who just downloads
some programs and try to attack on a computer system without understanding what the program
does. I have also seen conditions where the script kiddies are using some windowz cracking program
against the linux sytems)
The most famous crack in the financial sector is phishing ( pronounced as Fishing).
Phishing is done by using social engineering techniques. Phishers attempt to fraudulently acquire
sensitive information, such as usernames, passwords and credit card details, by acting as a mail came from the financial institute. eBay and PayPal are two of the most targeted companies, and online banks are also common targets.
Phishing also work most of the times when there is no concern about security in the users mind. No I have a concern for
security. i know that no bank in the world will ask me to send my password in the mail. But lots of normal users dont
understand this. Phishing also used Fake websites lots of times. But if the user is carefull to look at the url bar to
see that the url of the site is different that the url user is visiting then harm can be avoided. I know some of you will say that there are some java scripts that try to cover the address bar by a image of the leagal url. But this type
of phishing is more sophisticated and not that much in numbers. (If we disable javascript for unknown site we can stop this kind of attack.) Lot more phishing is done by script kiddies than the pros. I wont say we will be 100% percent secure but with a little bit of awareness we can avoid these script kiddies. So I again say that awareness in people is must.

Lack of Information Security Conern in India

When 2-3 Days Ago I was watching some news of one indian university network was hacked by some nygerian hacker. News channel was telling that he hacked their mail server. And stole their economic information.I am very much surprise that how much ignorance is in theindian people aobut the importance of the information security.
    I have seen in my own university also. When I was university I was able to get the root access of the linux system very easly that was giving shared access to the students. Also I was able to torjen the whole network, every PC wasunder my control. Though I did not do any damage, (damaging system never gains anything, unless you are getting paid to damge the system, but a real hacker will never damage the system) I was very surprise to see the lack of security. There were more than 80 computers having internet access on which I had installed RAT (Remote Access Trojan) So if I wished I could use them as Bot-Network to do any kind of attack.
      I think the history repeats itself, as in america first the hackers and system security were not given any notice. But when cracker get in the situation, they started damaging systems, or shutting down telphone networks, etc. Then one day american governmentgot awake of sudden and started hunting the hackers. India also is on the samepath. You will be surprised to hear that one fren of mine who is in marketing the firewall and IDS (Intruder Detection System) tell me that the product is not sold by how much security it provides but most of the times to just manage the network bandwidth, block the URLs for users. He says he has till this date not mate with a CTO who has genuine interest in the security of his network. After some big attacks by some cracker the people will awake. But do we want this ?
   I think the people should become aware before such things. We should make people aware of things. In my later blogs I will try to handle more such issues.
   -neo