Monday, 9 January 2017

How to Hack ADSL Router with kali linux

Hack adsl router with kali linux

bsnl using adsl connection to provide internet for its home and office users. and half of them modems are vulnerable to a simple attack. attacker cut off internet, change dns after exploit this vulnerabilities.

so lets see how attack is possible?

how to hack adsl router

Step 1:

check your public ip address.
just type “my ip” in google.








Step 2: Search for Vulnerable Routers.

 Using linux

open terminal type:

“nmap -sS -sV -vv -n -Pn -T5 117.212.120.16-255 -p80 -oG – | grep ‘open’ | grep -v ‘tcpwrapped’”




Now you have some results, this time you need to find the open devices with open ports. In search Result page:

Step 3:

pick an ip that have open port and place it in your browser and hit enter.

you will see an authenticate page like below image,

put admin as username and admin as password.



if client did not change default username and password, then it will be lucky for you and you entered in router admin page, if you not get success then try different ip and check default username and password for some router on searching google.

 

you can do some further action after enter in router admin area, for example change dns and cut off internet.

this is illegal and you may go to jail for this action, so try at your own risk.




 

 

what is sqlmap and how to use it.

sqlmap is an open source penetration testing tool, that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. it comes pre-installed with kali linux. sqlmap written in powerful language python.


sqlmap developed by Bernardo Damele and Miroslav Stampar. it support all major database management systems, including MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB and Informix.

 
it support to enumerate users, password hashes, privileges, roles, databases, tables and columns.

it support many SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries and out-of-band.


Sqlmap is popular and powerful sql injection automation tool. there is no programming knowledge need for hack a website database through it, it completes  all process automate.


in this post we will learn how to exploit sql injection vulnerability, to hack a website.


How to hack a website with sqlmap.

Find a vulnerable website:
First scan a website. if you are using windows then scan with acunetix and if you are using kali then scan with zaproxy.


Find vulnerable url:
if acunetix and zaproxy show a sql injection vulnerability, then next step to exploit it with sqlmap. sometimes these scanner result are false positive,but you can try with different scanner.

Start exploit:
open terminal type:
“sqlmap -u example.com/index.php?id=16 ”






Find Database:





Find tables:

it extract all tables. find admin user and password in tables to get access in website. once you get admin user and password find admin panel url and takeover website. Download to find admin panel url are  here


  

 

Tuesday, 23 August 2016

Install android sdk (adb and fastboot) on kali linux.




many users now using debian (ubuntu, kali).
for android development on kali linux you will need to install android sdk.

today i will explain how to install android sdk on kali,

 if you want to install only adb and fastboot(without whole android sdk) then follow this link

Method 1:

1. First download android sdk by following command:

wget http://dl.google.com/android/android-sdk_r24.2-linux.tgz

2. Extract package:

 tar -xvf android-sdk_r24.2-linux.tgz

3. Change Directory:

cd android-sdk-linux/tools


4.  install sdk package:
  ./android update sdk --no-ui

5. set sdk path:


export PATH=${PATH}:/usr/share/android-sdk/tools:/usr/share/android-sdk/platform-tools










Method 2:(Easy and command line)

1.  apt-get install android-sdk

it will take some time to download and install whole android sdk,




Install adb and fastboot(without whole sdk) on kali/ubuntu.

To install adb and fastboot without installing whole android sdk on kali you need to follow these step:

  • open terminal 
  • type:
  • apt-get install android-tools-adb android-tools-fastboot

it will install adb and fastboot on your debian system

for working properly adb and fastboot make sure your system have proper repositories installed.

if you have problem running adb and fastboot then tryt o install ib32stdc++6 by following command:

apt-get install lib32stdc++6 lib32z1 lib32z1-dev
 
 
 
it will solve your problem.
 
 

Saturday, 7 May 2016

How to jam wifi

today i find a python script that will jam your area wifi that come in wireless range.
so i am sharing this.
here a that script i am sharing with you.
wifi jammer
How to use wifi jammer python script.
1. Download zip file from github.


2. extract it.

3. go to terminal and change directory where your python script is located.

4. run the script:

python wifijammer.py
 
 
5. it will stop all wireless network that in your laptop wireless range.
thanx.

comment here if any issue is arise.
 

How to Create a Kali Bootable USB Drive from ubuntu.

1. insert your usb drive.
2. run the command below.
 it will show all drive
sudo fdisk -l

3. the output will look somthing like this, showing an additional device.


4. change directory where your iso file is located.

5. type in terminal

dd if=filename.iso of=/dev/sdb bs=512k

6. hit enter

after sometime you will see like this:

5823+1 records in
5823+1 records out
3053371392 bytes (3.1 GB) copied, 746.211 s, 4.1 MB/s

you have successfully made your kali bootable.