Web Exploit 教学演示系统

Reference

http://www.freebuf.com/sectool/126707.html

Creating WordList for Password Cracking

1. Using tool crunch

2. Cracking the password

Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/6355664

WPA Cracking

1. Crack WPS Pin and then crack WPA PSK

Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306338

Fake Authentication the Wificard with Access Point

1. Fake authentication
airplay-ng --fakeauth 0 -a MAC-AP -h MAC-my-wificard mon0


2. Packet injection
- wait for an ARP packet, then capture this packet and inject it into the traffic, this will force AP to generate a new ARP packet with a new IV, we capture this packet and inject into the traffic again, this process is repeated until the number of IV's captured is sufficient enough to crack the key.

> aireplay-ng --arpreplay -b [target MAC] -h [your MAC] [interface]









Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306332

Creating a Fake Access Point (Honeypot)

1.  apt-get install mana-toolkit

2. use a wireless card (through USB) to broadcast the signals

3. leafpad /etc/mana-toolkit/hostpad-mana.conf

- set the configurations of the fake access point


4. leafpad /usr/share/mana-toolkit/run-mana/start-nat-simple.sh

- upstream=eth0

5. bash  /usr/share/mana-toolkit/run-mana/start-nat-simple.sh


6. crack WAP encryption approaches, by collecting enough packets to find packets with same IV


Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306328

Deauthentication attack on any device

Objective:

Disassociate the device from the network

Benefits
- once the target is deauthenticated, the client will try to connect with the AP again, so that the attackers can capture these connection packets for password cracking

Sniffing wireless packets

1. Example

Tracking and Anti-tracking

1. How unique is your browser fingerprint
- https://panopticlick.eff.org
- https://ipleak.net/


2. Check and delete your Google activity history
- https://myactivity.google.com/item

Nmap port scan

1. Scan the 100 most common ports (Fast)

nmap -T4 -F xx.xx.xx.0/24



2. Detect OS and Services

nmap -T4 -A -v xx.xx.xx.1-254

zenmap is the UI for nmap, which help organize and visualize the scanned information

Vulnerability Checking Tools

1. Check the devices that have been scanned to have vulnerabilities

- https://www.shodan.io/



2. Port scanning tools
- pentest-tools
- mxtoolbox



3. Check if your IP is in vulnerable database
- techmonkeys

The Home Router

1. Command to get router address: Desktop$ route -n get default
   route to: default
   destination: default
   mask: default
   gateway: xx.xx.xx.1
   interface: en4
   flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
 recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
       0         0         0         0         0         0      1500         0

Security Courses

• Cyber Security
• Instructor: Robert Bunge
• Rate: ***
• Easiness: *****
• Date taking: 02/06/2017 - 02/08/2017
• Comments: Very basic introduction to security.

• The Complete Cyber Security Course : Network Security!
• Instructor: Nathan House
• Rate: ****
• Easiness: ***
• Date taking: 02/08/2017 - 02/11/2017
• Comments: 
• This course provides hands-on experience by introducing several tools and techniques
• Network Security, WiFi Security, WiFi Hackers, Firewalls, Wireshark. Plus the Best Password Managers

• Learn Ethical Hacking From Scratch
• Instructor:
• Rate:
• Easiness:
• Date taking: 02/14/2017 - 
• Comments:

Security blogs

• http://www.freebuf.com/
• Rate: ****
• Contents: security news, high-level, sometimes it has several hands-on labs
• http://www.kanxue.com/
• Rate: **
• Contents: security news