Business

Hacker Sniffing Tutorial Using Netsniff-ng Commands.

Hello guys and welcome to this video tutorial about sniffing.

If you find anything helpful in this post or funny, will you please leave a like because you will feel great helping other people find it?

Hacker Sniffing Tutorial! Netsniff-ng Commands and Ettercap Wireshark for Poisoning & Spoofing

In this video, we’ll go quickly through Netsniff-ng. I’ll show you how to use it and some commands with it and also how to get around with ‘help‘.

Then we’ll move on to Ettercap. I will show you how to use Ettercap’s interface, some additional features of Ettercap, how to start poisoning and actually spoofing with Ettercap and then a great combination of Ettercap with Wireshark.

Then we are going to try to make a little demonstration and how traffic between two machines on the network is getting captured by a third one and how it could also be read.

So stick with me and let’s start.

First of all, to start Netsniff-ng you usually go to Applications, Sniffing & Spoofing and then just click on the Netsniff-ng.

It will load a terminal window and it will already have the help preloaded for you.

So if you get up in the window, you can see all the help you need here as well as some examples of commands. We can go through these examples.

I can at least go through one of them and give you some brief information on what it does.

So this is the interface.

This is the output file.

This means silent.

This is choosing a type of the pcap file to be created after that.

This is the actual type.

I will get into details about that later.

This is the information about how to bind it to a CPU and what kind of packet to capture.

So for example, if you type netsniff-ng -D it will give you additional information about that hex value that we found.

The hex value should be found here.

So this hex value will actually be ‘0xa1b2c3d4′.

Basically, what it says is that the packet capture will be TcpDump capable. You can read it with TcpDump and these are some specifics about the capture.

There are different types of capture so you can go around to all of them and play with them.

But for now we are going to use this example here just to give you a brief overview of how to use Netsniff-ng which is pretty much similar to TcpDump.

When we started out, since it’s silent, it’s running but it doesn’t give us any information.

If we quit with Ctrl + C it will give us the statistics of that capture. So let’s just try and quit it.

I think this is enough.

It has captured 51 packets for roughly about 17 seconds.

And now if I want to read these packets I can do tcpdump -tttt -r./ and then the file name is dump.pcap.

And there it is.

If I want to ‘pipe’ it to less I will be able to read it a little bit easier and I can move around going up and down.

There aren’t too many packets so that’s okay.

Okay, as you see here it doesn’t try to do any particular changes to the capture so I will have to use -nn, because I can see here it tried to resolve the machines and the machine names based on the IP address.

So let me just type that -nn.

Now we have only IP addresses and ports as well as flags for the packet which is sync, reset and so on.

Okay, for Netsniff-ng that’s pretty much it.

So we can move to Ettercap.

I’ll just close the window quickly and start Ettercap. Again, from spoofing there we will find Ettercap.

As you can see the interface is at the moment pretty simple. There are only a few options. This is because we haven’t really started anything. Ettercap is just waiting for us to start.

And to start using Ettercap what you need to do is first click on ‘unified sniffing’.

Next you will choose the interface you want to sniff on and here are all the interfaces that Ettercap is able to see here on this machine.

Next, click on ‘Okay’.

It gives us some sort of statistic about the actual software, the version, the IP address and the MAC address, all the modules loaded and everything and then it started to populate the menus.

As you can see here we have targets, hosts, man in the middle(Mitm) already and things like that.

So our next step would be looking for targets or looking for hosts.

So go to ‘Hosts‘ and click on ‘Scan for hosts’.

It will fill up pretty quick. And now when you go to ‘Host‘, if you click on ‘Hosts list’ we’ll have all the hosts in my network.

So there it is. This is the gateway and these are some machines connected to the network.

For our test, we will try to sniff the traffic between the machine with an IP address .1.2 and the machine with an IP address .1.6. As you see I added first one to a target 1 and the other one to target 2.

If you go to current targets, in order to do man in the middle you have to be in the middle of two machines. And in this case we will be here in the middle sitting between 1.2 and .1.6 machines.

You can add as many targets as you like.

Some other information that might be useful, if you go to ‘View’ and ‘Connections’ you have what is similar to a Wireshark statistics with some predefined filters here that, for example, you can exclude everything but UDP or everything but the TCP.

So you can also filter by yourself for a host which could be an IP address as well and if you are only interested in active connections, you can filter by active connections.

So at the moment we are actually listening, but let me start a man in the middle attack or actual ARP poisoning.

When I start this, it will start poisoning the ARP tables for these two targets, 1.2 and .1.6. I should start seeing more connections between them if there are any, of course.

At the moment there isn’t a connection going on between those two machines, but I’m going to start one and I’m going to try and show it to you in Wireshark.

So let’s just go to Applications, sniffing and start Wireshark as well.

It started listening as you can see.

We’re going to apply a filter here which would be IP address .1.2 and IP address .1.6.

Currently, we don’t see any traffic going on between those two, but hopefully something will show up.

Okay, let’s start some traffic between those two machines and see if it will show up in our Wireshark.

Let me just go to my other machine and here we can start an NC to that machine on port 23.

“This is test. Please reply. I reply.”

Okay, that should be enough and we’re moving on to our Wireshark. As you see, there is traffic between those two machines on a TCP as well as the Telnet port.

So if I follow the TCP stream, I can see that I already captured “This is test” and if I keep sniffing, I will capture other packets that are exchanged between those two machines and not intended for me.

And as you see, the source is .1.6, the destination is .1.2, and of course we can also verify that our IP is .1.6.

So this is a practical ‘man in the middle‘ with ARP cache poisoning using Ettercap.

You can also use Ettercap to kill connections by modifying packets and sending them to the actual source and destination. It will destroy the connection.

So let’s try to kill a connection using Ettercap.

Okay, this one. This is the one we’re looking for.

So at the moment it is still going on. It should show up here as well.

Yeah. “Telnet.” “This is another test.” You can see that here.

So it’s still going on. It says “idle” because currently there is no data being transmitted, but the connection is there.

Let me try and “kill the connection”.

Connection was killed.

It says it’s killed. It doesn’t show it here in the list.

So let me see what will happen if I go to the terminal of my other machine. Yep, it is killed.

And I can confirm that this happened on the other machine as well.

So that proves that you can also not only listen to connections, but you can prevent a connection or you can just intermit it or you can destroy a connection between hosts.

If you want to prevent someone from talking to another one, you can do that as well.

And now when I select, ‘killed’, there it is.

I can also see how this connection formed, packets, number of bytes and so on and so forth.

So pretty much that’s it about Ettercap and Wireshark and I hope you like it. I hope you found something interesting and I’ll catch you in the next video.

Thank you very much and goodbye.

More from Jerry Banfield.

Thank you very much for watching all the way to the end of this tutorial.

The video you’ve seen is a part of How to Hack in 2019: Noob to Certified Ethical Hacker with CEH Version 10!

This is a video course with 30-plus hours of video in it, hundreds of lectures that covers each individual module that is in the Certified Ethical Hacking exam for version 10.

Now, this course will not give you a certification. It prepares you to take the CEH Version 10 exam. You can see this course has a ton of videos in it.

I’m imagining since you made it to the end of this tutorial, you will love this course. It’s $27.81 on uthena.com which is a platform. I’m Jerry Banfield, the founder of this platform.

You can also get this course within the Ethical Hacking Forever course bundle for $48.81. You buy this bundle once. We will add new Ethical Hacking courses forever to it.

For example we have a Python Hacking course coming out now that will be added to this bundle very shortly. This bundle has six courses currently in it and a hundred plus hours of video. It’s one of the best options in the world to learn ethical hacking.

Three courses right here are all from 2019 and we will keep this bundle updated forever for you.

If you check the links in the description of the video, you will also find some additional coupons. You may be able to get to take the course for less, to take different courses, to subscribe, and even find different stores that may have the same course.

I appreciate you watching here with us today. I imagine if this is helpful you’ll leave a like on it, because you will feel good about leaving a like on the video and giving something back.

If you subscribe, you will have the chance to watch more videos like this every day.

If you take a look in the description of the video you’ll find playlists related to this video with more videos for free on YouTube.

I love you.

You’re awesome.

I hope you have a wonderful day today.

Final Words.

If you’ve got this far in I imagine you will love seeing the videos we keep creating for you each day.

Will you please subscribe on YouTube and like on Facebook, because that will give you two ways to see the same videos every single day and you will be like, “Oh, my god, stop spamming my newsfeed. Oh, I’m sick of you. I’m not subscribing and I am not liking.”

I mean, you’re going to have a great time. You’re going to love the videos we put out every single day. It’s going to be a blast.

We’re going to do a journey together of a lifetime starting or continuing today.

Web Penetration Testing: SQL and SQL Injection Basics on Kali Linux.

Hello everybody and welcome back to another tutorial in Web penetration testing.

If you find anything helpful in this post or funny, will you please leave a like because you will feel great helping other people find it?

Right now we will start off by covering some of the basics of SQL and the basics of SQL injection.

So, first of all, for those of you who don’t know, with the SQL injection we basically make an interaction with the database itself.

Now, the database is mostly used to store information. For example, usernames and passwords can be stored in a database and once you type them in a form the server queries the database and compares the password you typed in with the password stored in the database and if they match it will allow you to log in.

So an example would be, for any login form that you encounter, whether it is on Instagram, Twitter or any social media account, what it will do is once you type in your password, first of all it will probably hash your password and compare the hash password with the hash password stored in the database and if they match you will be able to log in.

So the problem here happens if the person who created that website didn’t filter the user input well enough and didn’t forbid some of the characters used to query the database.

Now, it can potentially allow the user to send SQL queries and gather a bunch of the information that he shouldn’t really gather.

It can also allow the user to delete the entire database if he wanted to.

Now, before we begin let me just open Leafpad right here and explain a little bit more what SQL is and how you query the database.

First of all, the database is just a bunch of tables that are connected with the same system and that are also connected between each other.

Now, what I mean by tables is basically, a table is a list that contains information for the same type of elements, for example, table of users.

So facebook.com, for example, probably has a database with a bunch of tables of users and those tables are basically consisted of rows and columns.

So for example, you could have the row of users and below a row of passwords for the users then below a row of some of the other information for users such as mobile phone, email or basically any other information you want. It doesn’t have to be anything linked with the user itself.

It could be, for example, you visit an online shop and it sells flowers, for example, and you could have a table of different types of flowers right there and different types of information for those flowers.

Once you search the online shop, it queries for that database.

Now, how do we query a database? How do we actually interact with the database itself?

Now, there is the SQL language. It is not that hard to learn, but in the SQL injection it might seem a little tricky to get used to it. But once you learn some of the basic commands it is not that hard to continue learning it.

Now, some of the top commands could be CREATE, SELECT, UPDATE, INSERT, DELETE, and DROP.

Now, these commands are used to query the database and they basically do as they say.

Create’ will create database.

‘Select’ will select a specific table in that database or specific column or row.

Update’ will basically update the database.

Insert’ will insert a new element to the database or to the table itself.

Delete’ will delete a certain part of the database. For example, you want to delete a user. He decided to, for example, close the account and you want to delete it from the database. You will do it with the delete command.

Drop’ basically deletes the entire database itself. It can be very dangerous if the site is vulnerable to the SQL injection. So for example, let’s say that Facebook was vulnerable to the SQL injection and you just type ‘drop’ and the name of the database, you would basically delete the entire database of users and passwords.

That would become a really big problem, but luckily Facebook is not vulnerable to SQL injection and most of the bigger websites aren’t vulnerable to SQL injection either. But some of the less known websites could be.

So, one more thing. The commands ‘delete’ and ‘drop’ are not really used that much by the attacker since loss of information is not a preferred method of the attack itself since the attacker in most cases wants to gather information and not delete them.

Now, put yourself in the shoes of the attacker. What is valuable to the attacker is the passwords and usernames that he could gather for that account rather than deleting every account.

If he deleted every account he would just create a big problem. But if he gathered all usernames and passwords, he could basically log in as anybody to that website.

That could present a huge problem if that website was for example, PayPal.

He could send bunch of money to himself and he would probably get caught after some time, but that isn’t the point right here.

Now, the command out of all of these that you will use always is the ‘select’ command.

So this command is used to query the database. So for example, if you found a website that is vulnerable to SQL injection, you want to select the table with the passwords. You will do that with this command.

Now, the basic SQL query will look something like this.

So, SELECT elements FROM table WHERE condition.

So this is the basic query for the SQL database. We SELECT some elements FROM some table, WHERE, and then a certain condition.

The example for this command would be something like this.

SELECT name, description, price FROM products WHERE price<599.

Now, this is the basic query database for a website that would possibly be some kind of an online shop.

So we select the name of the product that we are searching for, the description of that name, and the price of that name from all of the products where price is less than 599. And then once the user selects that somewhere the server prints out back all of the responses that are below 599 and that have a name, description and price with them.

So it doesn’t have to be a single thing that we specify. We can specify two things.

So, for example, you could just type SELECT columnA FROM tableX WHERE columnE = ‘employee’ AND columnF = 100;.

Now, as you can see you can also use these logical conditions which basically allows us to set two things right here.

So we SELECT columnA FROM tableX WHERE columnE= ‘employee’ AND columnF =100;.

So this is how the basic SQL query looks like. Now, you might find it a little bit tricky, but you should be able to understand it.

If you don’t however, just search on the internet some of the SQL basics and you will get used to it real fast. It is one of the easier languages, but its syntax can be a little bit weird as we can see right here.

This ‘SELECT’ ‘FROM’ and ‘WHERE’ is typed in capital letters. You don’t have to if you don’t want to. I just wanted to type it in capital so I can show you the different parts of it.

So this columnA is the part of the database, this tableX is part of the database, the columnE is also part of the database that’s why I typed it in the lower letters and the ‘SELECT’, ‘FROM’ and ‘WHERE’ and ‘AND’ are basically conditions that we use to query the database.

Now, those are some of the basics of SQL. Let us continue in the next lecture with the exploitation and the attack of the SQL injection on our OWASP virtual machine.

So, this was about it for this lecture. As I said, if you want to learn more about SQL you can easily research more on the Internet.

I will see you in the next video or blog post where we will be attacking our first target.

So, I hope I see you there and take care.

Final Words.

Yes, you even can have electronic music from me. I think you might love and enjoy some of my music on iTunes, Amazon Music, and Spotify.

Love,

Jerry Banfield.

GoTranscript

Transcriptions and Closed Captions by GoTranscript and Rev.com?

[av_heading heading=’Transcriptions and Closed Captions by GoTranscript and Rev.com?’ tag=’h1′ link_apply=” link=’manually,http://’ link_target=” style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ margin=” margin_sync=’true’ padding=’10’ color=” custom_font=” av-medium-font-size-title=” av-small-font-size-title=” av-mini-font-size-title=” av-medium-font-size=” av-small-font-size=” av-mini-font-size=” av_uid=’av-juus5lgp’ admin_preview_bg=”][/av_heading] [av_textblock size=” …

Transcriptions and Closed Captions by GoTranscript and Rev.com? Read More »

Is ActiveCampaign the Best Email Marketing Software for 2019?

Email Marketing Automation for JerryBanfield.com by ActiveCampaign!

[av_heading heading=’Email Marketing Automation for JerryBanfield.com by ActiveCampaign!’ tag=’h1′ link_apply=” link=’manually,http://’ link_target=” style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ margin=” margin_sync=’true’ padding=’10’ color=” custom_font=” av-medium-font-size-title=” av-small-font-size-title=” av-mini-font-size-title=” av-medium-font-size=” av-small-font-size=” av-mini-font-size=” av_uid=’av-juuqcoor’ admin_preview_bg=”][/av_heading] [av_textblock size=” font_color=” …

Email Marketing Automation for JerryBanfield.com by ActiveCampaign! Read More »

Video Course Hosting for Uthena by Thinkific!

[av_heading heading=’Video Course Hosting for Uthena by Thinkific!’ tag=’h1′ link_apply=” link=’manually,http://’ link_target=” style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ margin=” padding=’10’ color=” custom_font=” custom_class=” admin_preview_bg=” av-desktop-hide=” av-medium-hide=” av-small-hide=” av-mini-hide=” av-medium-font-size-title=” av-small-font-size-title=” av-mini-font-size-title=” av-medium-font-size=” av-small-font-size=” av-mini-font-size=”][/av_heading] …

Video Course Hosting for Uthena by Thinkific! Read More »

27,000+ Online Classes Available Free for 2 months on Skillshare!

[av_heading heading=’27,000+ Online Classes Available Free for 2 months on Skillshare!’ tag=’h1′ link_apply=” link=’manually,http://’ link_target=” style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ margin=” margin_sync=’true’ padding=’10’ color=” custom_font=” av-medium-font-size-title=” av-small-font-size-title=” av-mini-font-size-title=” av-medium-font-size=” av-small-font-size=” av-mini-font-size=” av_uid=’av-juunw0jf’ admin_preview_bg=”][/av_heading] …

27,000+ Online Classes Available Free for 2 months on Skillshare! Read More »