All posts by Rushabh Gedam

Victimize the target: DDoS Attack

What is DDoS attack?

DDoS  It stands for Distributed Denial of Service. Distributed Denial of Service attacks a single target to make it unavailable to serve the services like website or etc.

There were numerous tools present for the DDoS attack is performing tools but as obviously we are here discussing about best tool ever.

LOIC DDoS tool.

LOIC stands for Low Orbit Ion Cannon. It sends the multiple packets to the victims when they are loaded from the Hackers Device. Hackers use this tool on Kali Linux where as the Windows user developed it to be used on the Windows Operating System, now-a-days it becomes available for nearly all popular Operating Systems.

Let’s start.

Before getting started go through the warning


Warning: Hacking anything owner’s permission is illegal. According to the particular country might be it is crime. This tutorial is only for educational purpose, even any website didn’t get harmed by us,  #TeamKnowledgeSuttra is neither encourage you nor advise you to do so. Do this at your own risk. We don’t take any responsibilities.  Hacking is skill. But try to be Ethical.


LOIC tutorial

This tools task we have discussed earlier. Now we will check for steps.

As you can see the Software has only one Panel, wherein 1 User Interface portions are subdivided into Five portions. Now check every step and then give it a try

Step 1:

Go to victims website or account or its URL or try to access it through Network by IP. Even you can try this option also which is never ever posted.

Then Open Application and paste the URL

Step 2

Select which type of attack should be from the drop down menu.

Step 3

Then Enter how many threads should be passed at a time.

Step 4

Check or uncheck the box and after that move for the next step

Step 5

Click on this button and everything started.

One thing that must be focused is the speed of the attack, it can be Re-assembled again & again.

Role of 9 essential animo acid

Today we are taking about Amino Acids,It helps to build up our muscle. Their are 20 animo acid in that 11 are non essential and 9 are essential. Today we talk about 9 essential animo Acid ,  this 9 essential animo acid can not be  produce by our body therefore we need to give this 9 essential animo acid from food like meat and fish.

                Role of 9 Essential Animo Acid?

There are 9 animo acids are follow :-

Phenylalanine
Valine
Threonine
Tryptophan1
Methionine
Leucine
Isoleucine
Lysine
Histidine

                    Role of 9 essential animo acids

Phenylalanine :-

It has very important work to do .  It play the role for structure and function for proteins and enzymes and the production of other amino acids.


Valine:-

valine is one of the three branched chain of animo acid it means it repair the muscles as well as growth and regeneration and it involve in energy production.

Threonine:-

it is principal part for protein which  such as collagen and elastin. this are important components of the skin and connective tissue.it also play the role for fat metabolism and immune system.

Tryptophan:-

it has play the very important role it maintain the nitrogen balance and is a precursor to serotonin. It has neurotransmitter whivh help for our sleep and mood. metabolism and detoxification

Methionine:-

It is necessary for absorption of zinc and selenium and minerals that are absolutely necessary to your health. It has also part of play role of metabolism and detoxification.


Leucine:-

like valine leucine also branched chain of animo acid. It also help to regulate blood sugar level and importance thing it produces growth Hormones. It help to repair muscle


Isoleucine:-

like lecine and valine it also branched chain of animo acid. It helps hemoglobin production and energy regulation. It also involve muscle metabolism.


Lysine:-

It is helps in the production of collagen and elastin and also important for energy production. Lysine plays major roles in protein synthesis,hormone and enzymes production.


Histidine:-

It is last and important animo acids which maintaining the myelin sheath, a protective barrier that surrounds your nerve cells
Histidine is produced histamine it is neurotransmitters that is importantly necessary to immune response, digestion, sexual function and sleep-wake cycles.

Comet 46p/Wirtanen will pass near earth on December


Hello everyone welcome to KnowledgeSuttra. Skywatchers will get an exceptional treat one week from now as the year’s most splendid comet flies over the night sky. Comet 46p/Wirtanen will pass near earth, which for this situation close is a relative term as the comet will really go about 7.2 million miles from our divine home in mid-December.

While Wirtanen will be close enough to be seen with the exposed eye, specialists say you shouldn’t expect an awesome presentation as the comet is little with a width of not exactly a mile. Given its size, the comet will resemble a brilliant fluffy star, keeping pace with the stars in the enormous scoop, and it won’t have a tail as its flotsam and jetsam field is generally gas which implies the tail is exceptionally black out. The best time for review the comet will be somewhere in the range of 9:30 and 10:00pm on December 16 if the sky is clear.

Rather, what we are managing is a little and naturally swoon comet; ground-based perceptions joined with pictures taken with the Hubble Space Telescope in 1996 uncovered the core of 46P to have a distance across altruistically evaluated to associate with seven-tenths of a mile (1.1 km) — one of the littlest cometary cores to be estimated up until now. That is just around one-tenth the extent of Halley’s Comet and maybe just a single thirtieth the span of Comet Hale-Bopp.

As December opens, 46P is close to the Cetus/Eridanus outskirt at a declination close – 20 degrees. By New Year’s Eve, it will have soared on a north-upper east direction to a declination of +56 degrees into the group of stars Lynx. For most midnorthern scope areas, it will wind up circumpolar on the day after Christmas; at the end of the day, similarly as the Big Dipper or Cassiopeia show up for most northern areas, it will neither ascent nor set, but instead be noticeable in the northern sky throughout the night.

What is Android?

Android is a popular, free, Open-Source mobile platform that has taken the wireless world by storm. With the worldwide proliferation of mobile devices, reliability, availability, connectivity as well as performance related concerns, similar to once encountered on traditional IT servers systems, became paramount.

On the smartphone and internet tablet side, One of the fastest growing solution are android based product.


Also read :-    Introduction to Android Application development


Here, we discuss the major component that comprise the android operating environment, elaborating on the android design and architecture.

The mobile development community is at a tipping point. Mobile user demand more choice, more opportunities to customize their phones and more functionality.

Mobile operator want to provide value added content to their subscriber in a manageable way.

Mobile developers want the freedom to develop the powerful mobile applications users demand with minimal road blocks to success.

Finally, handset manufacturers want a stable, secure and affordable platform to power their devices. An innovative and open platform, android is well positioned to address the growing nets of the mobile marketplace.

Here Complete explanation on Android.

Linux kernel :

The modified Linux kernel operates as the Hardware Abstraction Layer. It provides device driver, memory management, process management, and Networking functionalities. The android specific Libraries located in this layer.

Libraries:

A set of C/C++ Libraries used by various components of the android systems are as follows

  • System C library
  • Media Library
  • Open core support playback and \recording of audio and video format.

Android runtime layer:

The android runtime layer holds the Dalvik virtual machine (DVM) and the core libraries(such as JAVA or io). Most of the functionalities available in android are provided via android core libraries.

Every android app runs in its own process with its own instances of the Dalvik Virtual Machine. The DVM executes files in the dex files (Dalvik Executable Files).

Application Framework:  

Android offers developers the ability to build rich and innovative applications and provide them full access to the same framework API used by the core applications. On the top of the application framework are the built-in, as well as the user applications , respectively.

Application:

The various application are placed here. Some preinstalled applications such as SMS client app, Dialer, Web browser, Contact Manager.

QRL Jacking/ QR code hacking + Whats App hacking 

Hi,welcome to KnowledgeSuttra. Well as earlier we have seen that QR codes small info. Here is the next blog on QR code hacking. Just get up and fire your kali linux machine and clone the directory from github on your desktop folder.

Click on terminal, and move to the directory of Desktop.

cd Desktop

git clone:-  https://github.com/OWASP/QRLJacking

Now you have successfully cloned the directory on your desktop. Checkout the folder after it shows the above screen.

Once you are in the Desktop directory, type

cd QRLJacking

This will show you the existing directories like



Now go folder QrlJacking-Framework

cd QrlJacking-Framework

ls

Now you will see this



Now type

pip install –r requirements.txt

It will install the required dependencies which are not preinstalled, if already installed then it will verify whether they are compatible or not.

Now Launch the QRLJacker

python QRLJacker.py

It will brings you the screen which is completely same as given below

This is the list of attacks that can be performed. Go ahead and try with each and every option, let us know about your experience by your comments.

Graphical codes Hacking : QR code.

Welcome to the first ever introducing blog where the codes and its hacking will be completely explained. Before wasting time in lots of blaa blaa, directly jump to our session. As I already given a blog on complete hacking process, we will go in the same manner. If you don’t know about it go through Phases of hacking.

QR codes stands for Quick Replies. Where in the data hided behind the Checked type structure i.e Square shaped structure of encoding. Now-a-days it was feature of android to share Wi-Fi by just scanning the QR code, i.e Quick Replies.

It was stored in the format of

WIFI:S:<SSID>;T:<WPA|WEP|>;P:<PASSWORD>;H:<true|false|>;

If QR stores any Link the format changes with respect to the encoding patterns.

QR stores the data as well. It is in the various patterns, few of them are listed below.

Images given below are originally taken from the Wikipedia

This is the small information about the Codes and their standard patterns and encodings behind this. Let’s see how it is used and where it is used.

There are very large amount of industry moved on Codes. For ex. India’s transaction UPI’s including Paytm, Bhim as well as social media i.e WhatsApp, Instagram(Uses name scan),etc.

How QR codes can be hacked ?

Ohhhhh….It’s not possible…What can be done ?

Well, this is what hackers do. So I am promising this can be done by just hacking. Coming soon with another blog completely on QR code hacking in our world it is called as QRL jacking.

These How you can Break the HTTPS secured connection

Hi,welcome to KnowledgeSuttra. Let’s have quick guide on How to break HTTPS secured connection. HTTPS provide security as well authority to your site as well it helps to increment in Page rank in Google search .  Earlier I have upload a blog on difference between HTTP and HTTPS. If you didn’t know about what exactly HTTP and HTTPS, then kindly go through the earlier blog. Let’s get through the Breaking the Security of SSL layer.

SSL layer is for Secured Socket Layer.

Working of SSL layer.

“passing the user end data to the server end with encryption and decryption techniques with security”

Breaking SSL layer requires the Backtrack OS(Operating System). Which comes with the built-in feature of Python Built with SSLSTRIP configures. There’s just a need of opening it.

How to do so ?

  • move to the directory /pentest/web/sslstrip
  • and open the root terminal there
  • type the following commands
  • chmod +x sslstrip.py
  • python sslstrip.py

Now it will prompt as

Sslstrip 0.8 by moxie MarlinSpike running

What can be done ?

What are the benefits ?

Get through the screenshot provided. You will get everything that can be done.

Quick Guide on “nmap : Cheat Sheet”

There is need of some basics commands for information gathering. But a single tool can have multiple commands as many of us played any Video Game, PlayStation, PS2, PS3, PS4 games, nearly every games have some Cheat Sheets. For ex. GTA on PC have cheat of leavemealone, seaways, etc. In the same manner our main tools of information gathering also have Cheat Sheets.

Also Raed:- Information Gathering Online Tools

Here we are discussing about the well known tool called as nmap.

Many commands surely everyone knows. But that are 2 out of 10, here I am giving you a total commands of nmap.

Before proceeding its humble request to go through the warning.

Warning : Scanning any website, webapp, organization without the owner’s permission is illegal. According to the particular country might be it is crime. This is only for educational purpose, #TeamKnowledgeSuttra is neither encourage you nor advise you to do so. Do this at your own risk.

 

Target Specification

nmap 192.168.1.1
Scan a single IP
nmap 192.168.1.1 192.168.2.1
Scan specific IPs
nmap 192.168.1.1-254
Scan a range
nmap scanme.nmap.org
Scan a domain
nmap -iL targets.txt
 Scan using CIDR notation
nmap 192.168.1.0/24
 Scan targets from a file
nmap -iR 100 Scan 100
 random hosts
nmap –exclude 192.168.1.1
 Exclude listed hosts
nmap 192.168.1.1 -sS
 TCP SYN port scan (Default)

 Scan Techniques

nmap 192.168.1.1 –sTTCP connect port scan
nmap 192.168.1.1 -sU  UDP port scan
nmap 192.168.1.1-sA TCP ACK port scan
nmap 192.168.1.1 -sW TCP Window port scan
nmap 192.168.1.1 -sMTCP Maimon port scan

 

 

  Host Discovery
nmap 192.168.1.1-3 -sL
No Scan. List targets only
nmap 192.168.1.1/24 -sn
Disable port scanning
nmap 192.168.1.1-5 -Pn
 Disable host discovery. Port scan only
nmap 192.168.1.1-5 -PS22-25,80
 TCP SYN discovery on port x. Port 80 by default
nmap 192.168.1.1-5 -PA22-25,80
TCP ACK discovery on port x. Port 80 by default
nmap 192.168.1.1-5 -PU53
UDP discovery on port x. Port 40125 by default
nmap 192.168.1.1-1/24 -PR
 ARP discovery on local network
nmap 192.168.1.1 -n
 Never do DNS resolution

 

 Port Specification
nmap 192.168.1.1 -p 21 Port scan for port x
nmap 192.168.1.1 -p 21-100 Port range
nmap 192.168.1.1 -p U:53,T:21-25,80 Port scan multiple TCP and UDP ports
 nmap 192.168.1.1 -p- Port scan all ports
nmap 192.168.1.1 -p http,https Port scan from service name
nmap 192.168.1.1 -F Fast port scan (100 ports)
nmap 192.168.1.1 –top-ports 2000 Port scan the top x ports
nmap 192.168.1.1 -p-65535 Leaving off initial port in range makes the scan start at port 1
nmap 192.168.1.1 -p0- Leaving off end port in range makes the scan go through to port 65535

Service and Version Detection

nmap 192.168.1.1 -sVAttempts to determine the version of the service running on port
nmap 192.168.1.1 -sV –version-intensity 8 Intensity level 0 to 9. Higher number increases possibility of correctness
 nmap 192.168.1.1 -sV –version-light Enable light mode. Lower possibility of correctness. Faster
 nmap 192.168.1.1 -sV –version-all Enable intensity level 9. Higher possibility of correctness. Slower
nmap 192.168.1.1 -AEnables OS detection, version detection, script scanning, and traceroute
nmap 192.168.1.1 -O Remote OS detection using TCP/IP stack fingerprinting
nmap 192.168.1.1 -O –osscan-limit If at least one open and one closed TCP port are not found it will not try OS detection against hosts
nmap 192.168.1.1 -O –osscan-guess Makes Nmap guess more aggressively
nmap 192.168.1.1 -O –max-os-tries 1 Set the maximum number x of OS detection tries against a target
nmap 192.168.1.1 -A Enables OS detection, version detection, script scanning, and traceroute.

Timing and Performance

nmap 192.168.1.1 -T0 Paranoid (0) Intrusion Detection System evasion
nmap 192.168.1.1 -T1 Sneaky (1) Intrusion Detection System evasion
nmap 192.168.1.1 -T2 Polite (2) slows down the scan to use less bandwidth and use less target machine resources
nmap 192.168.1.1 -T3 Normal (3) which is default speed
nmap 192.168.1.1 -T4Aggressive (4) speeds scans; assumes you are on a reasonably fast and reliable network
nmap 192.168.1.1 -T5 Insane (5) speeds scan; assumes you are on an extraordinarily fast network

NSE Scripts

nmap 192.168.1.1 -sC Scan with default NSE scripts. Considered useful for discovery and safe
nmap 192.168.1.1 –script default Scan with default NSE scripts. Considered useful for discovery and safe
nmap 192.168.1.1 –script=banner Scan with a single script. Example banner
nmap 192.168.1.1 –script=http* Scan with a wildcard. Example http
nmap 192.168.1.1 –script=http,banner Scan with two scripts. Example http and banner
nmap 192.168.1.1 –script “not intrusive” Scan default, but remove intrusive scripts
nmap –script snmp-sysdescr –script-args snmpcommunity=admin 192.168.1.1 NSE script with arguments

 Firewall / IDS Evasion and Spoofing

-f nmap 192.168.1.1 -f Requested scan (including ping scans) use tiny fragmented IP packets. Harder for packet filters
nmap 192.168.1.1 –mtu 32 Set your own offset size
nmap -D   192.168.1.101,192.168.1.102,192.168.1.103,192.168.1.23 192.168.1.1 Send scans from spoofed IPs
nmap -D decoy-ip1,decoy-ip2,your-own-ip,decoy-ip3,decoy-ip4 remote-host-ip Above example explained
nmap -S www.microso.com www.facebook.com Scan Facebook from Microso (-e eth0 -Pn may be required)
nmap -g 53 192.168.1.1 Use given source port number
nmap –proxies http://192.168.1.1:8080, http://192.168.1.2:8080 192.168.1.1Relay connections through HTTP/SOCKS4 proxies
nmap –data-length 200 192.168.1.1 Appends random data to sent packets

Output 

-oN nmap 192.168.1.1 -oN normal.file Normal output to the file normal.file
nmap 192.168.1.1 -oX xml.file XML output to the file xml.file
nmap 192.168.1.1 -oG grep.fileGrepable output to the file grep.file
nmap 192.168.1.1 -oA results Output in the three major formats at once
nmap 192.168.1.1 -oG – Grepable output to screen. -oN -, -oX – also usable
 nmap 192.168.1.1 -oN file.file –append-outputAppend a scan to a previous scan file
nmap 192.168.1.1 -v  Increase the verbosity level (use -vv or more for greater effect)
nmap 192.168.1.1 -d Increase debugging level (use -dd or more for greater effect)
nmap 192.168.1.1 –reason Display the reason a port is in a particular state, same output as –vv
nmap 192.168.1.1 –open Only show open (or possibly open) ports
nmap 192.168.1.1 -T4 –packet-traceShow all packets sent and received

Miscellaneous Options

nmap –iflist Shows the host interfaces and routes
nmap –resume results.file Resume a scan
-6 nmap -6 2607:f0d0:1002:51::4 Enable IPv6 scanning
nmap -h nmap help screen
nmap -iR 10 -PS22-25,80,113,1050,35000 -v -sn Discovery only on ports x, no port scan
nmap 192.168.1.1-1/24 -PR -sn -vv Arp discovery only on local network, no port scan
nmap -iR 10 -sn -traceroute Traceroute to random targets, no port scan
nmap 192.168.1.1-50 -sL –dns-server 192.168.1.1 Query the Internal DNS for hosts, list targets only

 

 

 

 

 

 

 

 

Know anyone’s location by sending link through message(WhatsApp, Facebook, etc).

Where’s my boy/girlfriend ? Where he/she spend maximum time ? Do you think he/she lied to you ?

Well know about his/her location by sending just a link to them. How is it possible ? There are many services available which are providing such details, we are going to discuss one of the trusted credential provider which is Grabify. It is the worldwide based IP provider. Today we will use Grabify as your primary weapon and later on we will use  IP2LOCATION to get the exact location of our victim.

Steps to get locations :

  • Go to Grabify

You will see the page looks like



Rather than getting confused Enter any available existing live site URL which you want to show to your victims and then click on Create URL.


Also Read :-   Internet Response Codes with meaning.


Now it will create any temporary link which grabs the information of victims. If you are unable to understand jumo to its dashboard, it will automatically jump to the dashboard, no need to do anything.



The URL that has been pasted earlier. And this is the page on which our victim will be redirected.

  1. URL which we will send to our victims.
  2. In the other link you will have options to select other type of URL shortners.
  3. This is the Access token that is used for accessing the our account and regain the session
  4. This is very important link that used to access our session without creating an account on grabify.

Now deceive the intended user/victim to click on the link. Once he/she clicks on the link your important data will start generating. And resultant you can see the Date and time, IP address of the user, Country, service used by user to access the link, whether it was referred by Facebook/Whatsapp/Twitter, etc. As well as you can see the Host name and ISP service provider name.

I tried mine, and successfully got the better result.



Now what about location.

Get that IP address and paste it in IP2LOCATION



Paste that grabbed IP in this search box. Now its done.



This is what we wanted ever. Latitude and Longitude. Now use the Google maps. And get the exact location of the victim.

Note :- Gathering anyone’s information without their permission is illegal, don’t do this even if you are having qualities. I never did this to compromise anyone’s safety. If you want to know anyone’s location just call them and ask about their respective location. #TeamKnowledgeSuttra neither encourages you nor advice you to do such illegitimate things. This is just for knowledge purpose.

 

 

 

 

Internet Response Codes with meaning.

Started the web pentesting the thing which we missed out is response codes. Today you will get the whole and sole knowledge about the exact codes and what do they means. For example get through some cases.

  1. You fired up the browser and missed to connect the internet it will give you a page, which looks like this
  2. If you setup a proxy connection, but proxy refuses connection then it will prompt as

Ohk… Now you got an internet Connection which properly responds, But after also there are some cases we will discuss them.

  1. If you typed any wrong URL, or any wrong address for website it will return like
  2. If you are completely able to connect with the internet and after also something went wrong, this is not end user problem for technical issues. It may be server error, service provider error, or anything else. Then it will return page in which server, web domain and problem statement will be given. And luckily I would like to introduce that our site is well configured and not having such issues. Let’s get through the codes.
Sr. No.
Response Codes
Meaning
1.      100Continue
2.      101Switching Protocols
3.      102Processing
4.      103Checkpoint
5.      103Early Hints
6.      200OK
7.      201Created
8.      202Accepted
9.      203Non-Authoritative Information(Since HTTP/1.1)
10.   204No Content
11.   205Reset Content
12.   206Partial Content
13.   207Multi Status
14.   208Already Reported
15.   218This Is fine
16.   226IM used
17.   300Multiple Choices
18.   301Moved Permanently
19.   302Found(which is preciously removed)
20.   303See Other
21.   304Not modified
22.   305Use Proxy(Since HTTP/1.1)
23.   306Switch Proxy
24.   307Temporary Redirect
25.   308Permanent Redirect(Since HTTP/1.1)
26.   400Bad Request
27.   401Unauthorized Access
28.   402Payment Required
29.   403Forbidden
30.   404Not found
31.   405Method Not Allowed
32.   406Not Acceptable
33.   407Proxy Authentication required
34.   408Request Time Out
35.   409Conflict
36.   410Gone
37.   411Length Required
38.   412Precondition Failed
39.   413Payload Too Large
40.   414URI Too Long
41.   415Unsupported Media Type
42.   416Range Not Satisfiable
43.   417Expectation Failed
44.   418I’m a Teapot
45.   419Page Expired
46.   420Method Failure
47.   420Enhance your Calm
48.   421Misdirect Request
49.   422Unprocessable Entity
50.   423Locked
51.   424Failed Dependency
52.   426Upgrade Required
53.   428Precondition Required
54.   429Too Many Request
55.   431Request Header Field Too large
56.   450Blocked by windows  Parental Control
57.   451Unavailable for Legal Reason
58.   498Invalid Token
59.   499Token Required
60.   500Internal Server Error
61.   501Not Implemented
62.   502Bad Gateway
63.   503Service Unavailable
64.   504Gateway Timeout
65.   505HTTP version Not supported
66.   506Variant also negotiates
67.   507Insufficient Storage
68.   508Loop Detected
69.   509Bandwidth Limit Extended
70.   510Not Extended
71.   511Network Authentication Requirred
72.   520Unknown Error(Cloudfare)
73.   521Web Server is down(Cloudfare)
74.   522Connection Timed Out(Cloudfare)
75.   523Origin is unreachable(Cloudfare)
76.   524A timeout Occur(Cloudfare)
77.   525SSL handshake Failed(Cloudfare)
78.   526Invalid SSL Certificate(Cloudfare)
79.   527Railgun Error(Cloudfare)
80.   530Site is Frozen
81.   530Origin DNS Error(Cloudfare)
2.598Network Read Timeout Error

Once you have gone through this you might see that there is one sequence which is unique, i.e series of 1XX, 2XX, 3XX, 4XX, 5XX.

1xx (Informational):

The request was received, continuing process

2xx (Successful):

The request was successfully received, understood, and accepted

3xx (Redirection):

Further action needs to be taken in order to complete the request

4xx (Client Error):

The request contains bad syntax or cannot be fulfilled

5xx (Server Error):

The server failed to fulfill an apparently valid request