Friday 2 December 2011

[TUT]\ Become able to hack any computer


In this tutorial I will talk a little about.
# Making it all ready for an attack
# Port forwarding
# Being anonymous
# Fingerprinting the attack host
# Attacking it
# Clearing logs/tracks


Okey let`s get started


# First of all when you want to hack another computer (ex. from another country), you have to have everything set up and ready.

I you wan`t to exploit the slave, you find exploit libraries on the web, if you want to make a payload attack, you set up your server and create the handler, or if you are going to make a DoS/DDoS attack you make webhost`s and configure the connections, the same with like SQL injections or RAT`s/trojans.
Next thing you have to do, is to have some program where you store DATA, strings and info.
When you have this set up and ready you move to the next step.

# To make any attack working, there are some things that have to be in order. First off you find out what ports the exploits, payloads, RAT`s, trojans, Sql injection or any other infection software uses, you write them down. Secondly you go into your router`s configuration (ex. 192.168.1.1), and set up port forwarding for the desired ports (this makes is possible to hack/crack/infect through your network and into another).

# When you know what attack you want to try, you take it from there. The most important thing is that you don`t get caught doing this, and because of that here are some ways to slow the WHH "IF" they get a track of you.
# Use proxy
# MAC spoofing
# SSH tunneling (Secure shell tunneling)
# Make a botnet on a random network and use them as cover up`s

# When you have this set up you can slowly begin to scan the slave computer (if you have their static IP or know their network/what ISP they use)
I recommend using nmap (remember to use -sS "stealth mode") to not make a traffic overflow on the slave`s network (if it has good firewalls it will log, and block your IP if you use it without -sS).
Then check the host either with a full scan, or a desired scan (like port:21 "ftp", to check if it`s open or not).
When you are finished with the scan you write the info down (which ports are open and which are not).
After that you should use nmap zenmap GUI to fingerprint the victims OS and what SP its using (and write that down).

# Now you know which ports are open and what OS is installed, what firewall is in use and if there`s any Anti Virus, and ofc you have -ping`ed the host to see if its alive. Now you can filter the attacks you planned, and use one that matches (if port 443 id open you can use a payload attack etc.).
Then when you have everything ready you make the attack (remember to always use stealth mode when hacking (not just trying to smash your way through).

# When you have successfully attacked the slave (planted the RAT, reverse_tcp meterpreter, Reverse Shell, infected it or made an overload) it is very important that you know what you did and that you are capable to clear off your logs. Ex. clear the logs in the firewall (foreign connection logs), windows command logs (DOS prompt) etc.

When you have cleared all logs you have successfully hacked a computer..Yeye



Okey, remember this was not a walk by tutorial, but it show you what you have to remember when you are in cyber warfare. Hope you liked it

0 comments:

Post a Comment

CEX.io