Hacking For Beginners – Manthan Desai
2010
Hacking tool Nmap
http://www.insecure.org/nmap
Stealth Scan, TCP SYNnmap -v -sS 192.168.0.0/24UDP Scannmap -v -sU 192.168.0.0/24Stealth Scan, No Pingnmap -v -sS -P0 192.168.0.0/24Fingerprintnmap -v -0 192.168.0.0/24 #TCP
Nmap is covered under the GNU General Public License (GPL) and can be downloaded free of charge http://www.insecure.org/nmap . It comes as tarred source as well as RPM format. The usage syntax Nmap is fairlysimple. Options to nmap on the command-line are different types of scans that are specified with the -s flag. A ping scan,for example, is "-sP". Options are then specified, followed by the hosts or networks to be targeted. Nmap's functionality isgreatly increased when run as root.
Nmap is flexible in specifying targets. The user can scan one host or scan entire networks by pointing Nmap to thenetwork address with a "/mask" appended to it. Targeting "victim/24" will the Class C network, whereas"victim/16" will target the Class B. Nmap also allows the user to specify with wild cards, as in 192.168.7.*, whichis the same as 192.168.7.0/24, or 192.168.7.1,4,5-16 to scan the selected that subnet.
Users are able to sweep entire networks looking for targets with This is usually done with a ping scan by using the"-sP" flag. A TCP "ping" will send an ACK to each machine on a network. Machines that are alive on the network willrespond with a TCP RST. To use the TCP "ping" option with a ping "-PT" flag is included to specific port on thetarget network.
Nmap has been covered in detail in module three and readers are advised to refer to that to learn more about the OSfingerprinting and other scan options.
Password cracking in Linux
Xcrack
( http://packetstorm.linuxsecurity.com/Crackers/ )
Xcrack doesn't do much with rules.It will find any passwords that match words in the dictionary file the user provides, but it won't apply anycombinations or modifications of those words.It is a comparatively fast tool.
Xcrack ( http://packetstorm.linuxsecurity.com/Crackers/ )
Xcrack is a simple dictionary based password cracking tool. It will find any passwords that match words in the dictionaryfile the user provide. It does not generate permutation combination of the words provided in the dictionary to arrive atthe right password. For this reason, it is a comparatively faster tool, though efficacy might be less.
www.hackingtech.co.tv
Page 87