I will now describe the hacker's gentleman's kit. We will use these tools occasionally in the future.
- Brute Force
- Port Scanner
- Security Scanner
- Joyner
- Mail Bomber
- Hacking Windows passwords
- View passwords
- Trojan
- KeyLogger
- IP Hideer (proxy/sox)
- Spoofing of HTTP requests
Let's start in order:
Port scanners check a given range of IP addresses for a given open port. If the port is open, this IP is added to the list.
Where does this apply? The creators of so-called "Trojans" sometimes include a port scanner in their creations. The fact is that the server when the Trojan gets on the machine, it opens a port in the system where it receives client commands. For those who haven't figured it out yet, I'll explain
, which port our Trojan opens, we "ask each computer in the range" if this port is open, and if so, then on this machine our Troy is sitting there - you can safely connect and control this computer. I recommend using Essential Net Tools, as it is a good scanner with an additional set of functions. It's not just a scanner - keep in mind. During its existence, it has become legendary, and still not losing its relevance. It's paid. My brother bought and gave me a serial number from version 1.1:
Name: Jan Klaassen
S/N: 2957888021
SAMInside - a program for hacking the SAM file.
PWLinside - similarly, only this is for the now-dead Windows 95/98, where passwords (including on the Internet) are stored in the Windows directory in files with the *.PWL extension.
MD5inside - decrypts the MD5 hash used in many authorization systems.
PasswordsPro is a powerful tool for working with passwords. It has all the MD5inside functions, hash generation, and it can also show passwords hidden behind asterisks.
- Brute Force
- Port Scanner
- Security Scanner
- Joyner
- Mail Bomber
- Hacking Windows passwords
- View passwords
- Trojan
- KeyLogger
- IP Hideer (proxy/sox)
- Spoofing of HTTP requests
Let's start in order:
(translated from English as "brute force") is used for selecting passwords from e-mail and ftp servers. There are many types of brute-forcing programs, but their abilities are similar. When using such programs on dial-up connections, where the speed does not exceed 56 Kbit/s, the selection can take a long and tedious time, while when using high-speed Internet (ADSL, fiber, satellite, etc.), the selection speed increases, but then a lot of traffic is consumed. The best option is to use a dictionary. [email protected], then most often the server will be pop.pupkin.com. If we do not break the e-mail, but the site pupkin.com, then you need to specify the ftp server, this will be ftp.pupkin.com. Brute-forces have a lot of useful settings, for example, if you spied that your friend enters a password of 5 characters, and its first character is L, then you need to use a matching mask. The mask will look like this: L#### . I gave a general description, and for a closer acquaintance, I advise you to download wwwHack from here.
Since this lesson is an introduction, I will torment you with network technologies another time, but you still need to know this.
Port scanners check a given range of IP addresses for a given open port. If the port is open, this IP is added to the list.
Where does this apply? The creators of so-called "Trojans" sometimes include a port scanner in their creations. The fact is that the server when the Trojan gets on the machine, it opens a port in the system where it receives client commands. For those who haven't figured it out yet, I'll explain
, which port our Trojan opens, we "ask each computer in the range" if this port is open, and if so, then on this machine our Troy is sitting there - you can safely connect and control this computer. I recommend using Essential Net Tools, as it is a good scanner with an additional set of functions. It's not just a scanner - keep in mind. During its existence, it has become legendary, and still not losing its relevance. It's paid. My brother bought and gave me a serial number from version 1.1:Name: Jan Klaassen
S/N: 2957888021
There are two types of pages on the Internet: static(HTML) and dynamic(PHP,ASP,CGI). If the page extension is htm, html, this means that the page content is independent of the user and always unchanged - "static". Dynamic pages process data received from the user, roughly speaking, they know how to think. Of course, there are no holes in html pages. Only dynamic page scripts have holes. The most common vulnerabilities are XSS. They were well described by DrWeb in the article "XSS for beginners", so I will not explain their essence.
Joyner is a program that allows you to combine several files into one, with the ability to paste any icon to the resulting file. Thus, using a joyner, a hacker can glue a Trojan horse with some useful utility, and push it to the victim. That, in turn, opening the file, believes that it is launching its own program, although in fact there are two of them running(three, four, etc.), just the Trojan does not give itself away. The disadvantage of this approach is that most joiners are detected by antivirus programs.
This type of program is designed to "bomb" e-mail, i.e. throw a huge number of emails.
I respect InsidePro's products, and I advise you to download them from here.
SAMInside - a program for hacking the SAM file.
PWLinside - similarly, only this is for the now-dead Windows 95/98, where passwords (including on the Internet) are stored in the Windows directory in files with the *.PWL extension.
MD5inside - decrypts the MD5 hash used in many authorization systems.
PasswordsPro is a powerful tool for working with passwords. It has all the MD5inside functions, hash generation, and it can also show passwords hidden behind asterisks.
If you are interested to know what a friend writes to your fiancee by e-mail, just go to his house and send him to make coffee, and at this time we take out a floppy disk and run the program that shows all his passes, including soap. Magic? No! The whole point is that for convenience, in order to save you from the buzz, every time you log in on the site, in ICQ, etc. enter a password, browsers/ICQ / mailers remember it. That's what they're being punished for). There are many programs that show all sorts of saved passwords.
So we got to the most interesting part). This subspecies of animals is so called because it acts like the famous Trojan horse. By getting into the user's system, he gets used to it and works for the owner. What do I mean? Unlike a virus, a Trojan is harmless if you are offline.
It catches all your keystrokes and writes them to a file, after which it can send them to its creator, or save them to a screw. It is useful to put it at a friend's place - it will record everything that she writes to in social networks.
If you are doing something that is not entirely legal, then you are unlikely to be satisfied with the fact that your IP address will remain on the server that you hacked, and you will not be able to figure it out. And in that case, what is it? There is such a thing called a proxy server, or sox server. I won't go into the subtleties and explain to you how they differ - at this stage it doesn't matter to you. The bottom line is the same - your IP address is replaced with the proxy server address.
I will also describe this in more detail in future lessons. All information on the Network is transmitted in so-called "packets". Like packets of classified information in war, HTTP packets have a stuffing and an inscription: to / where, etc., with the only difference that THIS information is not considered particularly secret, but it is of interest. The packet header contains information about the browser, where we came from, and which scripts are being passed what data. As you understand, we are talking about the substitution of this data. This raises a question: "And why?". And then
