MAC Spoofing

Media access control (MAC) is a unique hardware address given for network interfaces [ethernet and wireless] for communication on the physical network segment.

In many situations, we have to change/fake our MAC address in order to protect hardware information.

Fortunately, guys with kali it is one of the easiest things to do.You are just two steps away from faking your MAC address.

We will be using a special tool called “macchanger”. It is quicker and more convenient method to change MAC address.

First, open your terminal and type macchanger -h.
( -h option brings the help menu.It displays options that you can use with macchanger)

Bring Interface Down

Before, changing we must bring our interface down. I am connected to the internet with the wired [ethernet] interface. So if you are connected to the internet with wireless [wi-fi] then type wlan0 instead of eth0.

root@dedsec:~# ifconfig eth0 down

Change MAC

root@dedsec:~# macchanger -r eth0

* -r: flagis for generating a random address.It basically tells macchanger to give any random address.
eth0: Which card you want to change MAC on.If your card is wireless then write wlan0.

Bring Interface Up

Now type the following command to enable the interface back.

root@dedsec:~# ifconfig eth0 up

You can check the MAC address by typing “ifconfig” command. You can see your new MAC address has been successfully assigned.
Advertisements

Become anonymous on the internet

Hey there!

I’m gonna tell you something very important to you when you are browsing on the internet.nowadays we know that the internet is not the secure place.when you are browsing on the internet your IP address is freely opened for everyone.especially if you are doing hacking, penetration testing or something like that it is very important to be anonymous.so the question is how do we do that?actually, it is not much difficult to do.i’ll show you how to do it.

Let’s do it…..

Requirements:

  • Tor Browser

The only thing you need is the Tor browser.hope you guys know what is the Tor browser.anyway, you can get an idea about the Tor browser by reading the description below.it is free.

just download it:https://www.torproject.org/download/download.html.en

What is Tor Browser?

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

This guide is for Windows but you can use this for any other platforms like Linux, Mac.

  1. Download and install Tor browser.
  2. Open the tor browser.

At the very first time, you will be greeted with a screen asking if you would like to connect to the Tor network.all you need to do is click Connect button.

Capture

It will take a little time to connect.afterthat you can see the browser running perfectly.

Capture2.PNG

Alright! this is it.you can check your Tor network by clicking the link appears in the browser window.now you can browse the internet using Tor browser.it is safe.but it is not interesting.browsing the internet using an unfamiliar web browser is not much interesting.so you can use your Tor identity for your favorite browsers.

I’ll show you how to Torify the Google Chrome…..

  • open Google Chrome.
  • go to settings.
  • click on “Show advanced settings…”

Capture3.PNG

  • click on “Change proxy settings…”

Capture4.PNG

Google Chrome is using your computer’s system proxy settings to connect to the network.

  • click on “LAN settings”.

Capture5.PNG

  • check the box “Use a proxy server for your LAN” and click on “Advanced”.

Capture6.PNG

  • in Proxy Settings window, keep the settings as shown in the picture below.make sure to uncheck the “use the same proxy server for all protocols” checkbox.

Capture7.PNG

  • then click OK.

now we are done.you can browse the internet anonymously using Google Chrome.but make sure to keep the Tor Browser opened at all the times when you use the proxy.

You can use the same way to torify Mozilla Firefox, Opera or any other web browser.also, you can torify any other applications which use the internet and support proxies.the only thing you have to do is change the proxy settings.

These are the settings for the proxy server….

Address: 127.0.0.1 (localhost)

Port: 9150

Type: Socks (Socks5)

Actually, Tor is not an HTTP Proxy.It appears you have configured your web browser to use Tor as an HTTP proxy. This is not correct.Tor is a SOCKS proxy, not an HTTP proxy. Please configure your client correctly.

That’s it.We’re almost done.hope you got understand about the Tor and how to be anonymous on the internet.anonymity is a very important thing to the people who do penetration testing.if you wanna be a hacker, first of all, you have to hide from others.you can do it using this method.

This guide is for research and learning purposes.Don’t use this to harm others.

~dedsecagt47

Gmail attack using Kali

Hi there!

I’m going to show you how to attack Gmail.if you wanna get someone’s Gmail account password, this will help you to get it.There are many ways to do that.you can do it using phishing.hope u guys know what is the phishing.but nowadays everyone aware of that type of attack.so phishing is not much better.this is a different method.an easy method.hope you will get this.

prerequisite:

  • The only thing you need is kali linux with xHydra tool (we can do it using Hydra tool.but Hydra runs in terminal.xHydra is the GUI version of Hydra.)

Let’s face it….

  • open kali terminal and type “xhydra” (without quotation marks) or browse into all applications and find “hydra-gtk”.

it will open a window like this.

Capture.PNG

  • in the Target tab, select these settings.

    Single Target: smtp.gmail.com (if you want to attack multiple targets.you have to give the target list.)

    Protocol: smtp

    Port: 465 

SMTP port (TLS): 587
SMTP port (SSL): 465

(these are the values for Gmail.if you want to attack another email instead of Gmail.just use these settings listed below.)

Hotmail
server: smtp.live.com
port: 587


yahoo
server: smtp.mail.yahoo.com
port:587

  • choose these options in output options pane.

Check Be Verbose

Check use SSL

Check Show Attempts

Capture2.PNG

  • next move to the password tab.

Username: victim’s Gmail address

Password: you can give a single password if you know.(actually, this is not the option we want.why do we need to attack if we know the password.stupid things.leave this.)

Password List: browse your password list and select it.

Actually, this is a brute force attack.in brute force attacks, we have to use a password list.there are many password dictionaries in the internet.you can download it.but I recommand you to use your own password dictionary.beacuse in downloaded dictionaries there also have many words but some personal words might be not there.so before going to hack you have to gather information about the victim.there are many ways to do that.this is like a something called Social Engineering.using that information, you can generate your own password list.there are many password generating softwares in the internet.

  • check “try login as password” option

 

Capture3.PNG

  • now move to the start tab and click start.

That’s all.your final result will show after it is finished.your result will be like this.

Capture4.PNG

Conclusion:

Your result will vary with the password list that you gave before.Just do it for your Gmail address by creating password list including your correct password and check how it works.I’m pretty sure it will definitely show your correct password.so I’m not responsible for any loss or damage.before doing this, you have to hide your IP address & etc.this is only for educational purposes.Don’t take this to hurt someone.

~dedsecagt47

 

Continue reading “Gmail attack using Kali”

DoS attack – for beginners

Hey guys,

I’m gonna show you how to perform a DoS attack.it’s not much difficult.hope you know what is a DoS attack.if you don’t know, read the paragraph below.it will give you a basic idea about the DoS attack.

Denial-of-service (DoS) attacks typically flood servers, systems or networks with traffic in order to overwhelm the victim resources and make it difficult or impossible for legitimate users to use them.

Prerequisite:

  • Kali Linux
  • hping3 or nping (Some of are pre-installed in Kali Linux.if not you have to install it)

That’s all! Let’s do it…..

DoS using hping3

  • Log into the kali linux and open the terminal.
  • Type hping3 -h (it will show you the usage of hping3 tool)

Capture1

you can read the usage and identify each syntax.so I’m not going to explain these things.

  • You only need to run a single line command as shown below:

Capture.2.PNG

I’ve done it to my localhost.replace 127.0.0.1 with the IP address or the URL of the website that you need to attack.

before doing this kind of things we have to hide from outsiders.otherwise they can trace back you and you could be caught.you can do it using spoofed IP:

Capture3.PNG

–rand-source : random source address mode (it will randomly generate source address and set it as source IP address of the packets)

DoS using nping -TCP connect flood

Capture4.PNG

to make the DoS attack stronger, you have to increase the packet size or do the same thing in multiple terminals.

That’s it.We’re done now.hope you got understand about DoS attacks.actually, this is a basic method but doing DoS attack is a more complex thing.the only thing that I did by writing this post is giving you a basic idea about the DoS attack and do a simple flood attack.

This guide is for research and learning purposes.Don’t use this to harm others.

~dedsecagt47

Powered by WordPress.com.

Up ↑