Skip to main content

Posts

Showing posts from January, 2016

Haking On Demand_WireShark - Part 6

Discover How The Attack Happened By WireShark In this article you will learn how to use wireshark effectively to identify how the attack happened and what the attacker do on the compromised machine Discover How The Attack Happened By WireShark: In this scenario a pcap file generated by cyberlympics <ref-here> in the 2013 competition will be used to answer the following questions to identify how the attacker get in and how he extract the data from the compromised machine. The questions are: • What files were transferred to/from the victim? • What malware/unauthorized programs were installed? • What directory were files transferred to or from? • What is the router password? • What were user passwords changed to? •     We will start by loading the pcap file into wireshark After while navigating throw the packet we identify interesting packets. Those packets are using FTP protocol. We will follow the stream to figure out what have bee...
Read more

Haking On Demand_WireShark - Part 5

Detect/Analyze Scanning Traffic Using Wireshark “Wireshark”, the world’s most popular Network Protocol Analyzer is a multipurpose tool. It can be used as a Packet Sniffer, Network Analyser, Protocol Analyser & Forensic tool. Through this article my focus is on how to use Wireshark to detect/analyze any scanning & suspect traffic. Let’s start with Scanning first. As a thief studies surroundings before stealing something from a target, similarly attackers or hackers also perform foot printing and scanning before the actual attack. In this phase, they want to collect all possible information about the target so that they can plan their attack accordingly. If we talk about scanning here they want to collect details like: • Which IP addresses are in use? • Which port/services are active on those IPs? • Which platform (Operating System) is in use? • What are the vulnerabilities & other similar kinds of information. • Now moving to some popular scan methods and ho...
Read more

Haking On Demand_WireShark - Part 4

Traffic Analysis and Capture Passwords It is known that Wireshark is a powerful tool that goes far beyond a simple sniffer. What  many do not know is that there are several ways to harness the potential of this tool, readers, this article will introduce. Let us learn to sniff the network effectively, create filters to find  only the information we want, see it as a black hat would use this tool to steal passwords  and finally, how to use Wireshark to diagnose network problems or if a firewall is blocking  packets correctly. Your password is hard to be broken? Has many characters and you trade with a certain regularity and one day you’re surprised to receive allegations of invasion. Evidence indicates that the invasions third party accounts departed from your account and you have no idea what is happening. That is, someone may have made use of your account and performed such acts as you. How could this have happened? A strong possibility is that you have been the ...
Read more