Download CME Hacking Class 2 Presentation

Hello friends, today there little time changes in our Hacking class. Today’s hacking class will start at 8:00 PM Indian Standard Time ( 1 hour delay is because at 5:00PM presentation was not completely ready).

Also last time we have faced a lot of problems in online conferencing, so this time i came up with final solution to that, we will use Team Viewer Presentation tool. In which i will share my desktop screen with you and audio conference is also available in it. So we can also communicate without using any external service.

Presentation is ready and you all can download it from below:

DOWNLOAD CME HACKING CLASS – 2 PRESENTATION

TIMINGS OF CLASS:

MONDAY ( 19 September) 8:00 PM – 9:00 PM ( INDIAN STANDARD TIME)

I know there is little delay but we have to cover everything in better way so this delay doesn’t matter much for all.

Mode of Joining Hacking Class:

For joining hacking class, download the team viewer ( available for free). Download it( Google team viewer and u will easily get). Install it and the select the presentation mode and then enter the ID to connect with and then pass.

Note: ID and Password will be displayed at right sidebar of website before 10 minutes of start means at 7:50 PM (IST).

Below is sample screenshot:

Sample how to join the Class

I hope you understand my concern… Thanks.. If you have any queries ask me after the hacking class Live..

Pen drive and portable USB hard disks are nowdays become a common method to transfer data between systems. But do you know that you can use any application directly from your pen drive or portable USB hard disk just by connecting your Pen drive to the any PC or laptop. Ahha you all are still in confusion, what actually i am talking about, so lets have better view.

Suppose you gone to your friends or simply college and there you want to use Microsoft excel or any other application but that is not installed on that system. Then what happen you got stuck and your work got halted there but if you have portable application for that which you can keep in your pen drive or portable hard disk and use it where ever you want then you will never face situations like above. But now you all will be thinking we need a lot of portable applications for that, right… yes are thinking in right way but Lupo pensuite has done that for us. Why don’t we keep everything in our pocket and use it whenever , wherever we need the application. What it has done, it has kept all the daily use and critical applications in one portable installation which consist of all daily use applications like:

WEB BROWSERS
E-MAIL CLIENTS
MESSENGERS
P2P CLIENTS
WEB SERVERS
DOWNLOAD MANAGERS
FEED READERS
REMOTE CONTROL
BOOKMARKS MANAGERS:
FTP/SSH CLIENTS
PORTABLE WIKI
LINK CHECKER
PROXY SERVER
VIDEO PLAYERS
AUDIO PLAYERS
MEDIA EDITORS
MEDIA CONVERTERS
CD/DVD RIPPERS
TAG EDITORS
STREAM MANAGERS
CD/DVD BURNERS
VIDEO CAPTURE
IPOD MANAGERS
MEDIA INFO
MEDIA CATALOGERS
CD/DVD TOOLS
TEXT TO SPEECH
MEDIA CENTER
IMAGE VIEWERS
IMAGE EDITORS
GRAPHICS EDITORS
SCREEN CAPTURE
SCREEN ZOOMERS
ICON/CURSOR EDITORS
IMAGE PROCESSING
ALBUM CREATORS
COVER CREATOR
SYSTEM MANAGERS
SYSTEM INFORMATION
NETWORK TOOLS
MONITORING/TESTING TOOLS
PROGRAM LAUNCHERS
STARTUP MANAGERS
SCHEDULING MANAGERS
TWEAKERS
REGISTY TOOLS
DISK DEFRAG
VIRTUAL DESKTOP
UNINSTALL TOOLS
CLIPBOARD TOOLS
MOUSE/KEYBOARD TOOLS
FOLDER/WINDOW TOOLS
SHELL TOOLS
FILE ASSOCIATIONS
DEVICE TOOLS
DESKTOP TOOLS
PARTITION MANAGERS
MALWARE DETECTION
DISK/REGISTRY CLEANERS
ENCRYPTING
PASSWORD MANAGERS
FILE RECOVERY
SECURE DELETION
INTEGRITY CHECKERS
UNLOCKING TOOLS
Office SUITES
WORD PROCESSORS
SPREADSHEETS
TEXT EDITORS
PDF/TEXT READERS
PDF TOOLS
ORGANIZERS
PROJECT MANAGERS
FINANCIAL TOOLS
PUBLISHING
POST-IT
DIAGRAMMING
TEXT PROCESSING
FILE MANAGERS
FILE ARCHIVERS
FILE RENAMERS
FILE LISTERS
FILE SPLITTERS
BACKUP TOOLS
SYNCHRONIZERS
SEARCH/REPLACE TOOLS:
DUPLICATE FINDERS
FOLDER COMPARISON
FILE COPIERS
FONT MANAGERS
ATTRIBUTE TOOLS
DISK SIZE TOOLS
INSTALLER BUILDERS
DATABASE TOOLS
PROGRAMMING TOOLS
HEX EDITORS
EMULATORS
MATHEMATICS
UNIT CONVERTERS
ASTRONOMY
GENEALOGY
MUSIC TOOLS
DIDACTIC TOOLS
GAMES
LOGIC/PUZZLES

The list is little small but when you listen this installers size then you will be more shocked its only 200MB pen drive suite. Basically its a virtual OS that run from your pendrive and contains the all the applications that you need in day to day life…:P contains more than that..

Lupo pen suite snapshot

Also you can add more and more portable application to your pensuite. That’s the beauty of Lupo pensuite. So no need to worry while going to other’s PC or system that he might have this software or not, keep everything in your pocket friends and enjoy the flavor of portability.

How to use Lupo Pensuite to use all applications from pen drive?

1. Download the Lupo Pensuite.

pen drive tips and tricks, portable applications

Best Pendrive suite ever

2. Install the Pen drive suite into you pendrive or portable USB hardisk.

3. Now go anywhere and just start exe to open the suite.

4. Select the application and use it directly from your pen drive.

5. That’s all friends.

I hope you all liked it. If you have any queries ask me in form of comments…

Thanks for reading…

Hello Friends, In our previous tutorial we have discuss about ping sweep, today i will explain you the Trace route or simply routing in windows. I know all you know what is trace route but actually you really don’t. Its quite different and its use is also quite different. I know you always tried to understand the output of trace route but not been able to what each line means in trace route. So after reading this you can understand everything quite clearly. Today i am writing my WHITE PAPER ON TRACE ROUTE..So read on..

What is Trace Route?

As the name suggests trace route, means tracing the path, but which path. Actually whenever any user opens any website in his web browser, from him it opens directly but have you ever tried to understand what background processing is going on. How your web browser actually getting to that address. That working of website i will explain on some other day but for now must know to reach to some web address, our web browser goes to different paths and chooses the best suitable path having the minimum response time.

Trace route is a network based utility which shows the path over the network between two systems and lists all the intermediate routers to get to the final destination. For what purpose trace route is used ? Main purpose of trace route is to fix network problems. This helps you in identifying, while connecting to some network where the connection is actually slowing down, which intermediate router is responsible for that.

Technically trace route is also an ICMP echo based protocol similar to ping.

But its only a primary use, for what else we can use this. As i have already told you how to get an IP address. Now when you do trace route with that IP address what it will show is that which service provider the victim is using means ISP(Internet service provider), this will help you in determining his few basic things like Country, state and sometime more deeper information too. Now how this is going to be helpful for Network forensic experts. Suppose you have made an hacking attempt on some bank or some government or some security concerned website, what they do is that they store an IP address and timestamps of each visitor in their database. Now what network forensic expert will do is that it will trace route your IP address and confirm your ISP and your country( country from which ISP belongs). Now Forensic expert will contact your ISP and provide your IP address and time to ISP and ask him to provide details that at that time this IP was assigned to which person and that how they will get complete address of the hacker and catch him red handed. I hope you got my point why trace route is that much important.

How trace route is done practically?

In windows, trace route is done by using the command tracert in command prompt. You can do it two different ways:

1. To trace route an IP address: This can be of any website or any computer system or of any network.

SYNTAX:

tracert IP(like tracert 127.0.0.1)

2. To trace route websites: When you don’t know website’s IP address let trace route to translate that address for you.

SYNTAX:

tracert websiteaddress(like tracert www.google.com)

More options:

-d Do not resolve address to host-names

-h (maximum hops) Maximum number of hops to search the target system

-j (host-list) Loose source route along with host-list

-w timeout Wait timeout milliseconds for each reply

Linux trace route has more options available.

Note: you will always get less results in case when you try to trace route an Computer system of any victim. Ahhahhh more precisely you will only get around 3 to 10 entries. Three to Four when firewall of the victim doesn’t alter your trace routing and more when firewall blocks ICMP echos.

Note: If you get asterisks(*) after the first entry then it confirms that firewall is playing its part and it doesn’t allowing us to trace route the system but still we will be able to get his ISP address and with that we can get his location overview.

Understanding Trace Route:

Below is snapshot of normal trace route output of victim (normal computer):

Trace route live practical example.

Lets start from very first Line:

1. Very first line after the tracert shows Host Name and IP address which it got using the reverse DNS(domain name system) look up.

2. Over maximum 30 hops: 30 hops means that traceroute will only route first 30 routes between your system and victim’s system. 30 is too much it usually ends in 3 to 15 hops but sometimes it goes deeper based on security and no response(as in our first case when we tries to route 14.97.26.147).

Note: Timings are basically round trip times. There are three round trip times in ping. The round trip times (or RTTs) tell us how long it took a packet to get from me to that system and back again, called the latency between the two systems. By default, three packets are sent to each system along the route, so we get three RTTs.

3. This is the address translation private IP by any one of the services from these ( RIPE, ARIN, APNIC, LACNIC, AfriNIC).

These are the IP address ranges for these private IP’s:

10.0.0.0 – 10.255.255.255,

172.16.0.0 – 172.31.255.255,

192.168.0.0 – 192.168.255.255

and 224.0.0.0 – 239.255.255.255 are reserved IP Addresses for private internet use for network address translations of above mentioned services.

4. This means that the target system could not be reached. More accurately, it means that the packets could not make it there and back; they may actually be reaching the target system but encountering problems on the return trip (more on this later). This is possibly due to some kind of problem, but it may also be an intentional block due to a firewall or other security measures, and the block may affect trace route but not actual server connections.

5. If firewall doesn’t block remote connections then the result will be like this.

Note: This step provides the ISP(Internet service provider).

Now Understanding trace route for websites:

Trace route of website

Since hackingloops is a blog hosted on google that’s why at start it reverse DNS name as ghs.l.google.com and translated IP address of hackingloops is 209.85.175.121. So our destination is 209.85.175.121

Now steps 1 to step 4 shows private internet use addresses as explained above which is used for address translation. Step 5,6 and 9 are also static private IP addresses with which but these are local IP addresses for your localhost with with the DNS communicates.

Step 7 and 8 determines the response from your ISP address. Above clearly predicts i am using tata teleservices ISP.

Step10 and 13, 14 and 15 are also Google IP address responses as this is google blog.

Steps 11 and Step 12 retrieves the different DNS servers of hackingloops.

Step 16 shows our destination..

The above was meaning now lets explain whole process in a go….

First of all my system reverse DNS the IP address of Hackingloops which is found to be 209.85.175.121,Now since i haven’t mentioned any specific hop count so by default it considers maximum value as 30 hops. Now my system contacts to IANA service ( RIPE, ARIN, APNIC, LACNIC, AfriNIC) requesting the response from IANA to get the translated address. After a successful query to IANA service it returns the response back to my local system(192.168.***.***) . In between my system also get response from my ISP which is tata teleservices. Now after a successful acknowledgement our system contacts to Google server(72.14.222.166 and 72.14.232.93) which in return returns the DNS server names( for hackingloops and then google confirms the response and returns back the actual web page.

That’s all my friends, I hope you all now understands what is trace route.

IF you have any queries or questions ask me in form of comments.

Hello friends, in the hacking class that we held on Sunday, we discussed things like how to find an IP address (which I already explained in detail), and a term called a Ping Sweep. Today I will discuss the details of a Ping Sweep and how it helps in reconnaissance, or the information gathering phase. We will cover all the topics that were discussed in the CME hacking class in detail.

What is Ping Sweep?

First of all, you should know that a Ping is a system’s network-based utility which is used to identify that a host is alive or dead. Technically, you can call it an echo reply. By “alive,” I mean that the host (computer, system, network, website etc.) is active, and by “dead,” I mean that the host is in shutdown mode.

Note: Anything can be a host, like a website, computer system, printer, network or any device.

Now, what is a ping sweep? A Ping Sweep is an information gathering technique which is used to identify live hosts by pinging them. Let’s delve into it more technically; a Ping Sweep can also be called a Ping scan, an ICMP sweep (Internet Control Message Protocol) or two-way handshake protocol. It is two-way handshake protocol because one host sends data (packets) and another host validates the data and returns the acknowledgement (again, packets) that the ping was successful or not.

Ping Sweep can be used for several purposes:

1. Normal Ping Sweep

Once we have the IP address of the host, we can ping that IP address and determine whether the host is alive or not. Once the packets are received correctly, then it confirms that host is alive and we can proceed our attack further on the host (or victim).

For a normal Ping Sweep, there are a plethora of tools available, like fping, gping, and Nmap, or you can do this directly by using looping shell script on both windows and linux platforms.

Below, we demonstrate how it’s done on Windows:

Go to START —> RUN —> CMD —-> then type PING 127.0.0.1 (IP address of host).

Below is a snapshot of PING:

Sample of Successful ping Sweep

2. Flood Pinging:

Flood Pinging is a kind of denial of service attack; it occurs when you flood a lot of pings to a website or a host. The result is that a normal or legitimate user will not be able to access that website because every host (website or victim network) has a maximum capacity limit. When Flood Pinging crosses that limit, it jams the network, and the host stops responding. This is done by making automated scripts, or you can do this directly using flood pinging software, like a server attack. Flood Pinging is also sometimes called a “Ping of Death” as it makes the host behave like a dead host which does not respond to anything.

Note: This will only work if the attacker’s bandwidth is more than the host’s. But doing this in groups can do the trick.

Generally, only a few website owners opt for unlimited bandwidth plans, as they are too costly. Instead, they opt for plans like 10Gb bandwidth. Any attempt to Flood Ping from your 2 or 4 Mbps connection will be in vain. But suppose you tackle this with a group of 20 people. Now if you launch the same attack from 20 computers, having a 2 Mbps connection now means you’re hitting the host with 40 Mbps at a time. But now you are thinking bandwidth is 10Gb and we only reached 40mbps, here is the trick: hackers create multiple connections, approximately 1000, from one PC, so 20 means 20000 connections at a time. This will slow down a website’s database and other functionality and the website will stop responding.

To do this to a victim (on an IP address of a PC), you need a faster connection than he has, you don’t need to do that in a group.

Flood Pinging is extremely helpful in Session Hijacking, which will be explained later, so keep reading and keep learning, as learning is the only key to becoming an elite.

I hope you all liked this post, if you have any queries ask me in the form of comments..