Pages

Friday, July 8, 2022

WAFW00F | Firewall DETECTION

WAF

WAF (Web Application Firewall) helps protect the web application by filtering and monitoring HTTP traffic. It generally protects web applications from attacks such as cross-site scripting (XSS),DOS attack and SQL injection. WAF is not designed to defend against any attack.

                             wafw00f

The Wafw00f tool is a simple firewall detection tool pre-install in kali. Since the tool is very simple to use. Just type wafw00f and provide domain name.

Wafw00f Tool


So what is wafw00f actually doing? It first sends and analyzes normal HTTP requests, then sends out abnormal requests such as injection methods, for example, and analyzes the answers again, if there is a familiar WAF ahead, it looks at the signature in the response.

Installation

sudo apt install wafw00f


Firewall that the Wafw00f can Detect:

Barracuda Application Firewall

BinarySec

Cisco ACE XML Gateway

Citrix NetScaler

Cloudflare

DenyALL WAF

eEye Digital Security – SecureIIS

F5 FirePass

F5 TrafficShield

F5 BIG-IP (LTM, APM, ASM)

IBM Web Application Security

IBM DataPower

Imperva SecureSphere

InfoGuard Airlock

Incapsula WAF

Juniper WebApp Secure

Microsoft ISA Server

Microsoft UrlScan

NetContinuum

Profense

TrustWave ModSecurity

Teros WAF

USP Secure Entry Server

Applicant dotDefender

Art of Defence HyperGuard

Aqtronix WebKnight


Demostration :



No comments:

Tuesday, July 5, 2022

Kalibrate rtl

What is Kalibrate-rtl?

Kalibrate or (kal), can scan for GSM base stations in a given frequency band (GSM850,GSM900) and can use those GSM base stations to calculate the local oscillator frequency offset.

  •     So first of all connect Your RTL-SDR device. For conformation Type : lsusb

Here You can see the SDR Device is connected

Installation :
                           sudo apt install kalibrate-rtl
 

  • After the instalation type kalibrate-rtl or just type kal ( So it will show the help ).


  • Now start Scaning by specifying the GSM Band.
kal -s (specifying the GSM Band ) -g (Gain in number)

  • Now the scanning is started it will give all the downlink frequencies of each channel.

Finding frequency offset :
  • For finding frequency offset type : kal -c (channel number which you find in scanning) -g (gain) or if it does not show any result add -e option also.

DEMONSTRATION :




No comments:

Friday, July 1, 2022

FTP CRACKING

 FTP CRACKING USING METASPLOIT

What is FTP (File Transfer Protocol)?

FTP (File Transfer Protocol) is a network protocol for transmitting files between computers over Transmission Control Protocol/Internet Protocol (TCP/IP) connections.

First Run KALI Linux or any other linux operation system in which metasploit is install


After that open Terminal and scan for live Hosts and its open port using Nmap.


All the live Hosts and its open ports are successfully scan.


Here we found the ftp on port 21/tcp, But it is protected by password, so lets crack this ftp service password.

Lunch the: msfconsole.


use this auxiliary : auxiliary/scanner/ftp/ftp_login


After that type : Show option . It will show all the required and optional options. 


  • set RHOST ( Victim IP Address )
  • set PASS_FILE ( Provide password File path )
  • set USER_FILE ( Provide USername File Path )
  • set THREADs (number of threads , speed )
  • Type : exploit

FOR FULL TUTORIAL WATCH THIS :



1 comment:

Thursday, June 30, 2022

ssl-strip: Tool for Exploiting SSL Stripping Attack

 

SSL Strip Attack

The SSL Strip attack is a typical man-in-the-middle attack used to circumvent the security enforced by SSL certificates on HTTPS-enabled websites. It’s a technique that downgrades your connection from secure HTTPS to insecure HTTP and exposes you to eavesdropping and data manipulation.

The SSL (Secure Sockets Layer) protocol is a transport layer protocol targets to provide communication security and data integrity for internet. Specifically for the website browsing, it’s utilized by HTTPS to protect the confidentiality and integrity of website communication with browsers. HTTPS wraps HTTP data into secured SSL packets before sending and receiving via SSL certificates. The use of SSL certificates in HTTPS makes man-in-the-middle attacks challenging. However, SSL Strip attacks the effectiveness of HTTPS by stripping the SSL layer.

A hacker conducting this attack intervenes in the redirection of the HTTP to the secure HTTPS protocol. A hacker can start by using ARP poisoning to first intercept communication between the victim and a server. The hacker will then continue to establish an HTTPS connection between themselves and the server, and an unsecured HTTP connection with the user, acting as a “bridge” between them.


Demonstration

No comments:
Subscribe to: Comments (Atom)