Slack space

     

      Slack space file slack is space is already in use by the file, but the space is used, is not spent entirely for storing data. resulting in slack space. or an area between the end of a file and end of the last cluster or sector used by the file in question. Area is an area that will not be used again to store the information there, so the area is "wasted" useless.

MBR and struktur filesystem

1. MBR
MBR is a partition table and a number of executable code for purposes of dividing the boot start in the file system. function to split that will be read by the bios
The structure of hard disk partitioning schemes Master Boot Record (MBR).
In the Master Boot Record, there is a partition table that describes where the partitions are put in the hard disk. This partitioning scheme is only available in the Intel x86 system, and implemented in the system BIOS of the system.
In this partitioning scheme, the partition is divided into three types, namely:

Beef and Metasploit

1. open apps -> exploitation tools -> social engineering tools -> BEEF XSS -> BEEF

 

2. open http://127.0.0.1/beef/

Social engineering and Social engineering toolkit

Social engineering
Social engineering is the acquisition of information, or edicts, secret / sensitive by cheating the owner of such information. Social engineering is typically done via telephone or Internet. Social engineering is one of the methods used by hackers to gain information about the target, by requesting the information directly to the victim or others who have that information.

Auxiliary to metasploit

1. Auxiliary metasploid see anything that could be used

msfpayload understanding of msfencode

msfpayload is a command-line instance of Metasploit that is used to generate and output all of the various types of shellcode that are available in Metasploit. The most common use of this tool is for the generation of shellcode for an exploit that is not currently in the Metasploit Framework or for testing different types of shellcode and options before finalizing a module.

linux exploit

1. turn off ASLR

2. make fuzzer

SEH ELECARD

SEH BIGANT

1 to make a broken application, then the first step taken is to create a fuzzer, as below. Here we use the USV BigAnt Service have his due. Most of the chat-based applications using the USV

bufferoverflow direct return VUplayer

To make the process exploid process is the following:

EIP - DEAD BEEF - JMP ESP - payload

      to break through the music application that can be done by creating a file in the form: ram, m3u, pls and other.     here I will try to create a m3u file with the form (perl) and pls (python). example bufferoverflow application VUplayer

1. Create a fuzzer, try almost equal to rmmp3. but here I try and get smaller. as below fuzzernya

Bufferoverflow Exploid rm-mp3

To make the process exploid process is the following:

EIP - DEAD BEEF - JMP ESP - payload

      to break through the music application that can be done by creating a file in the form: ram, m3u and pls.     here I will try to create a m3u file with the form (perl) and pls (python). as I try, it's easier to use than the m3u file pls shaped. such as the following example:

dvwa with sqlmap

to run dvwa. turn on apache and mysql

- /etc/init.d/apache2
- start mysql

WarFTP

War FTP is an FTP server that can unify Unix-style security features, a look of Windows for the system operator, extreme flexibility, multithreading design and advanced software technology and performance.
War FTP Daemon is a free FTP server and popular developed by Jarle (jgaa) Aase Norway do. This application is to be the best FTP server for Windows
example of the exploitation of War FTP with fuzz:

1. bt connect with the target with netcat

About The Direct Return And SEH Basic Exploid

     SEH (Structure Exception Handling) is a set of processes owned by a software and hardware to handle an exception. There are two kinds of exception, namely hardware and software. exception to be raised by the CPU hardware. hardware exception usually occurs due to the execution of the instruction that produces something that is defective or an error.
     SEH be useful for programmers on application made to control the full error that pops up and threw it into the function of SEH. and be taken over by SEH.
    Direct return system is a process for using the shortest path darisuatu process directly back to the system. Be a direct return path is the shortest and the best that can be passed

REGISTER MEMORY

    Registers are memory size is very small with very high-speed access. Registers used to store data and instructions are being processed, while that data and other instructions waiting to be processed are stored in main memory.

Registers in the CPU consists of:

A. Instruction Register (IR) is used to store instructions that are being processed.  

Fuzzing In Reverse Engineering

    Reverse Engineering process is someone to look for and find technology that works behind a system, device or object through the analysis of the structure of the system working. Essentially reverse engineering is a process of extraction of information on a system. essentially reverse engineering is a process of extraction of information on a system
     fuzzing is a process or method used to find a logic error and failure of treatment processes on an application by providing an abnormal input into an application and see and learn how the application handles the exception that there

SHODAN

      Shodan is a search engine that allows us to find the full specifications of a particular computer such as routers, servers, IP and others using a variety of filters that we want to get a scan of the existing port. Shodan can be used to find a host of vulnerabilities.


      Shodan works by taking data from a host banner, then the meta-data captured by the crawler Shodan is given by the client. With this, the obtained information about the server software, support services, etc. to use it then go and register to http://www.shodanhq.com/

IG By Proxy TOR

For an attack, which began in the attack step is IG (informasition gathering). For the IG to do when we do find information in a system or website that is not in the know and the more secure it is better to use the TOR network to IG. In order for the search process more secure and not in the know. example:

http://www.4shared.com/file/TRkWqfAd/Detiktargz.html

Buffer Overflow

     Buffer overflow is a computer process which shows a peculiar behavior due to the stored data exceeds the capacity of buffer memory. used by the buffer overflow is not responsible for the weakness of the buffer overflow exploit this. The weakness of this type can be used in remote access or local access, because it can give the attacker the opportunity to melanjarkan moves by coding the target computer.

Cymothoa

       cymothoa is a tool to create backdoors on a target. cymothoa advantage of this tool is unknown processes running on the system, while browsing in a target system. cymothoa process:

1. nc or netcat connect from Backtrack (attacker) to connect to ubuntu (target)

SQL injection and blin SQL injection

SQL INJECTION

      Sql Injection is a technique to explore the web application using data from the client supplies the SQL syntax. SQL Injection is a type of hack or attack that only requires port 80 and does not require any other port. SQL Injection is a programmer error when coding web.

      SQL injection to attack web-based application-server-side scripting such as ASP, JSP, PHP, CGI, and similar to it. With SQL Injection is very possible for us to send the user name and password and are considered true by the web because of errors on the web.

Backdoor to the NC (Net Cat)

The process of sending NC (Cat Net) file from localhost (backtrack) to the target (ubuntu) to send a backdoor on the target.

IP BT(backtrack)

IP UBUNTU

Privilege Escalation Website

Privilege Escalation is a process of action for assault or exploit any damage or cracks, or flaws in a system or an operating system. in order to get access to central systems that are usually protected. Or type of network intrusion that takes advantage of programming errors or design flaws to give the attacker access to the network and related data and applications.

A. There are two types of privilege escalation: vertical and horizontal.
vertical privilege requires the attacker to give himself a higher right. This is usually accomplished by performing a kernel-level operations that allow an attacker to run unauthorized code.

Horizontal privilege requires the attacker to use the same privilege level he had been given, but assumes the identity of another user with the same permissions. For example, someone gained access to online banking accounts of others would be a horizontal privilege escalation

Example Privilege Escalation process to do:1. IG with nmap * suspicious look like port 10000 (webmin is sought)

Hacking Backtrack exploid to windows xp SP3

       In the process of hacking there are several processes that have to do is (IG) Information Gathering (collecting information) -> (SE) Service information (see the running processes and open) -> (VA) Vull Abeliti Asesemen ( find vulnerabilities)-> Eksploid

1. Proccess First IG with ping backtrak and windows xp -> scan with tool nessus to know SI (process running) and VA (find vurnerabilities to windows xp) .
 
a. ip window and ping windows xp -> backtrack
scan ipconfig windows


scan ping to backtrack

Instalation Nessus for backtrack 5

       Nessus is a scanning software, which can be used to audit the security of a system, such as vulnerability, misconfiguration, security patches that have not been applied, the default password, and denial of serviceNessus function for monitoring network traffic. Proses instalation :

1.open terminal download nessus

apt-get install nessus

2. search http://www.nessus.org/register/ to register nessus

Examples Information Gathering of websites

Try to Website is2c-dojo.com

1. Outcome scan with nmap to Information Gathering

IG ( information gathering )

     A way to enter a network or security then we have to do some process, to begin entering the network or systems then perform the IG (information  gathering ). IG (information  gathering ) is a process to collect information passively or actively. with technical and non technical processes. Examples results to scan local host:

1. result scan GUI tool autoscan
 

Examples of Cybercrime Cases in Indonesia

In Indonesia are many examples of violations of law on cybercrime, including :

1. video case luna and ariel
2. Carding, one type of cyber crime that occurred in Bandung around the year 2003.
3. piercing the bank through the Internet 10 January 1991
   

instalisasi virtualbox

      Oracle VM VirtualBox is a virtualization software, which can be used to run other operating systems in an operating system. there are examples on backtrack ubuntu and windows operating system.hen this example experiment in backtrack VM VirtualBox, with windows and ubuntu containing

INSTALASION UBUNTU

1. open system -> VM virtual box -> NEW (create name)->next->give name
   
   
   
   
   
   
   
   
2. give the size of the memory -> create new hardish -> VDI->dynamically allocated-> major regulatory hardish ->finish