Passcode

 WHAT YOU NEED TO KNOW ABOUT WEB SERVERS A web server is just a piece of software running on the operating system of a server that allows connections to access a web application. The most common web servers are Internet Information Services (IIS) on a Windows server and Apache Hypertext Transfer Protocol (HTTP) Server on a Linux server. These serv-ers have normal directory structures like any other computer, and it’s these direc-fories that house the web application. If you follow the Windows next, next, next, finish approach to installing an IIS web server, you will end up with the default C:\Inetpub\wwwroot directory struc-ture where each application will have its own directories within wwwroot and all vital web application resources are contained within it. Linux is more varied in the file structure, but most web applications are housed in the /var/www/ directory. There are several other directories on a Linux web server that are especially relevant to web hacking: ■ /etc/shadow...

 INTRODUCTION There is a lot of ground to cover before you start to look at specific tools and how to configure and execute them to best suit your desires to exploit web applica-tions. This chapter covers all the areas you need to be comfortable with before we get into these tools and techniques of web hacking. In order to have the strong foundation you will need for many years of happy hacking, these are core fun damentals you need to fully understand and comprehend. These fundamentals iincludematerial related to the most common vulnerabilities that continue to plague the web even though some of them have been around for what seems like forever. Some of the most damaging web application vulnerabilities “in the wild” are still as widespread and just as damaging over 10 years after being discovered. It’s also important to understand the time and place for appropriate and ethni-cal use of the tools and techniques you will learn in the chapters that follow. As one of my friends and co...

 Creating Password Lists From the OSINT searches, we have learned a great deal about SUCK and their organization. The next step is to find more targeted information about the company, the people, the location, and their customers by developing more customized password lists. We have all used large password lists in the past and specifically in THP1, but we are looking to crack that 70%+ rate. To achieve this, we need to create custom and smart word lists based on our victim companies and related industries. In the last book, we used the crackstation list, which we will definitely use again, but after having a great password base, you need to also build a list of custom passwords. Wordhound (https://bitbucket.org/mattinfosec/wordhound.git) (Kali Linux) Wordhound is a tool that creates word lists and dictionaries based on Twitter searches, PDF documents, and even Reddit sub-reddits. So to target our victim company, we can grab all the results from their tweets and even words that mig...

 The Entire Communication Process in Networking Now let us look at the entire communication process considering all the layers collectively. Assume we are sending an email to the address bhushan@glsict.org. Here 'bhushan' is a mailbox on the mail server of "glsict.org'. It is like having a few mailboxes at the entry of an apartment for each of its residents. Here the address "glsict.org' is similar to an apartment address which is common for all mailbox holders at the same place. All of us who work at 'glsict' are given a separate mailbox to store received mails. Whenever a postman has to deliver a mail to a mailbox X belonging to apartment Y, he first of all finds out the apartment Y and then drops the letter in the mailbox X. So the first job is to find out the address of Y. The email ID bhushan@glsict.org is not the actual address. It gets converted to a 32 bit integer known as the IP address. A process known as Domain Name Service is invited to fin...

 Function of Each OSI Model Layer We have had several descriptions of layers in this chapter using metaphors. What are these layers actually accountable for? The following sections provide a brief summary of what different layers do. We will start with the physical layer and move up gradually up to the application layer. In later chapters, we will describe the applications of each layer at length. The Physical Layer As mentioned earlier in the example, the physical layer's job is that of a transporter; to carry the bits from one end to another. It has to use the communication medium available, i.e., a wired or a wireless connection to transfer the bits to the other end. It is interesting to note that there is more than one mechanism to transfer the bits from one end another using the same medium (Figure 1.4). The study of physical layer describes different ways of transferring bits from one end to another and their pros and cons. In the next chapter, we will see two basic ways to t...

 The Difference Between TCP/IP and OSI Models A few important differences between the two models are discussed here. 1. One difference has already been discussed; the difference in the number of layers. OSI has seven layers, while the TCP/IP has only five layers.  2. The OSI layering scheme was based on the decisions made by their committee members, most of them telecoms. They preferred the mechanism called connection oriented transfer for their communication. It worked like telephones where a connection is established first, then the data transfer takes place, and at last the connection is closed. On the other way round, the TCP/IP model was based on connectionless transfer where the data is pumped into the network without establishing any connection to the recipient. This mechanism is more like sending a telegram to somebody. That is why the data chunks travelling in the network are usually referred to as datagrams. We just send it without really knowing if the recipient's a...

 Connection-oriented vs. Connectionless Transfer When we call abroad using telephone lines, the entire telephone line including the expensive intercontinental trunk is occupied for the duration of the call. This is known as connection oriented solution. Almost half of our verbal communication is punctuated with pauses without which our sentences don't make sense. The problem with connection-oriented transfer is that it keeps the line busy even though there is no data transfer. The connectionless mechanism does not establish the connection beforehand, so the entire line is not occupied throughout the duration of the call. The only line which is transferring our packet (the voice travels as small digitized chunks known as packets in connectionless mechanism) is occupied. Consider the following example depicted in Figure 1.3 to understand connection-oriented communication. The caller calls from Ahmedabad. The call is connected to an exchange at Vadodara. From Vadodara, it gets connect...

The TCP/IP and OSI Layering Models There are two layering schemes available to network designers. The OSI layering mechanism was designed by Open System Interconnection group from ISO. The OSI model employed a seven layer scheme which was heavily influenced by a model known as SNA from IBM The TCP-IP model is a retrofit to a practical solution provided by the Internet community. The OSI model is almost non-existent in terms of its implementation. Al most all the machines use the TCP/IP model for communication. Our discussion in the book follows the TCP/ IP model for discussion and whenever necessary, we may consider the OSI model as well. Let us try to understand the difference between these two models by means of an example. Suppose we are planning to arrange a birthday party. There are two approaches to go about that. One is an ad hoc solution mechanism (read TCP/IP model). Just go ahead and organize the party with whatever resources you have at your disposal. Learn what the problems...

 Pregame - The Setup Before we can start attacking Secure Universal Cyber Kittens, Inc. (SUCK), we need to build ourt testinglab to test our attacks, develop our attacking machines, and understand how our exploits work. Practiceand testing are invaluable when it comes to running a full scale attack. You don’t want to be theaverage Joe on a test using untested exploits which inadvertently takes down a critical system, getting you identified and tossed out of the company. Building A Lab It might be hard to build a full lab with all the applications, operating systems, and network appliances but you need to make sure you have the core components. These include basic Linux servers and Windows systems. Since Microsoft Windows operating systems aren’t free, you may have to purchase some software. If you are a student, you can generally get free software through your school. You can also check Microsoft DreamSpark (https://www.dreamspark.com/) to see if you qualify. I think with a default...

Disadvantages of Layering Mechanism in Networking 1.2.3 Disadvantages of Layering The first disadvantage of layering architecture is that it is inefficient when applied to small problems. It is like dividing a small work into pieces. When a work is divided, it produces two additional overheads. The first is that somebody must divide the work, assign them to different workers, and get it back when completed and collate them. The second problem is to synchronize and regulate the function of all the workers. It is more important when multiple workers are working in a system. Suppose the route operator is to manage multiple consignments from various offices and each consignment requires a different kind of treatment. Take the example of a consignment of crockery that is to be handled with special care. A consignment of medicines requires temperature regulation; a consignment of perishable items like food requires quick delivery and so on. The route manager must synchronize among all such r...

 Hacker play book 2 :- Introduction You have been hired as a penetration tester for a large industrial company called Secure Universal Cyber Kittens, Inc. or SUCK, for short. They are developing future weapons to be used by the highest bidder and you have been given the license to kill…okay, maybe not kill, but the license to hack. This authorization gives you full approval to use any tactic in your arsenal to try to break into and steal the company’s trade secrets. As you pack your laptop, drop boxes, rubber duckies, Proxmarks, and cables, you almost forget the most important thing…The Hacker Playbook 2 (THP). You know that THP will help get you out of some of the stickiest situations. Your mind begins hazing back to your last engagement… After cloning some badges and deploying your drop box on the network, you run out of the office, barely sneaking past the security guards. Your drop box connects back to your SSH server and now you are on their network. You want to stay pretty qu...

Advantages of Layering Mechanism in Networking What is the relation of the example provided in the previous section with the concept of layering? The network that we use in our day-to-day life is made up of a few layers very similar to the ones mentioned in the example. Following is a list of some of the networking applications that we encounter in our day-to-day life. • Telnet for remote logging! • FTP for downloading or uploading a file². . Web browsers like Firefox or Internet Explore to access a website or email We are running telnet, FTP or browser (Internet Explorer or Firefox) like programs for these applications. These programs work like the manager mentioned in the above example. These programs instruct the transport layer entity or the secretary in our example (in most of the cases, the TCP or Transmission Control Protocol) to do the required job. The TCP in turn passes it down to the IP, a routing operator which decides how to route the data to the destination. The data link...