Archives

All posts for the month June, 2013

One day, I was intently searching for a method to emulate a router or switch in Oracle VirtualBox  After a long search, I didn’t find a method but I found  another virtualizing software called GNS3.  GNS3 is a network emulation software which can be really helpful to someone preparing for CCNA,CCNP,CCIE,JNCIA,JNCIS and JNCIE. It can emulate  Cisco IOS’s, Junos routers and also  complex networks functioning as close as possible to the real networks without needing the network hardware like routers and switches. The best part of it is that it is open source. However we will have to download Cisco IOS and Junos separately.

GNS3 is available for Windows,Linux and MacOS X. In this article, I am going to show you how to install GNS3 in Windows step by step.

Download the software suitable for your Windows from here. The all-in-one download is recommended.

Click on the executable file downloaded. The welcome message pops up.Click on “Next”.

w1

Then the License Agreement is displayed.Click on “I Agree”.

w2

 

Then you are asked to choose the start menu folder in which your  program’s shortcuts will be stored. If you choose the default folder, click “Next”. You can also create a new folder if you want.

w3

 

Then you can choose which components you want to install from the components shown. I suggest you to choose all the options. Click on “Next”.

w4

 

Then you are asked to choose where you want to install your program. you can choose a different folder if you want but the default folder should be OK. Click on “Install”.

w5

 

Then the WinPcap installation wizard starts. WinPcap is an opensource library for packet capture and network analysis for Win32 platforms. Click on “Next”.

w6

 

Click on “Next”.

w7

 

On the WinPcap License Agreement, click on “I Agree”.

w8

 

On the review WinPcap installation options, Click on “Install”.

w9

 

The installation starts.

w10

 

After the installation is finished, Click on “Finish”.

w11

 

Then the  Wireshark installation wizard” opens (only if you selected the component for installation above). Wireshark is a network sniffer. Click on “Next”.

w12

 

You are shown the License Agreement of Wireshark. Click on “I Agree”.

w13

 

Then you are prompted to select the components of Wireshark you want to install. Choose all and Click on “Next”.

w14

 

Then you are prompted to select which shortcuts you want to create. The choice is yours. Click on “Next”.

w15

 

 

Then choose the directory in which you want to install Wireshark and click on “Next”.

w16

 

Then Wireshark starts installing.

w17

 

After the installation is completed, Click on “Next”.

w18

 

Then Completion of Wireshark installation Wizard appears. You are prompted to choose if you want to run Wireshark. Don’t make any selection. Click on “Finish”.

w19

 

Then the installation of GNS3 starts.

w20

 

After the installation is completed, click on “Next”.

w21

 

Completion of GNS3 wizard appears. Click on “Finish”.

w22

 

Start GNS3. The following window appears when we start GNS3 for the first time. Click on 1(the space enclosed in a red box).

w23

 

This is to check whether path to Dynamips and the path to its working directory are valid or not. Dynamips is the core program that allows IOS simulation.Click “OK”.

w24

 

Let’s go to Step 2. Here we configure path to our IOS image directory.We have to store all our images in this directory.Make changes to the path if you want otherwise click on “OK”.

w25

 

Step 3: In this step, we will add one or more uncompressed IOS images of a router or switch. As already said, IOS images should be downloaded separately due to license agreements.

w26

Browse to the folder where your IOS image is.I am adding a CISCO c3700 router for example. Click on Save and your window should like this.

w27

 

Click on “Close” and your GNS3  windows appears.

w28

 

In the Node Types section, click on C700 (the type we just added)  and drag it to the right to see if our router has been added or not. If it is like below, then your installation is success. Happy practising.

w29

 

The latest release of Ubuntu Server is the 13.04 which includes the latest features including Grizzly release of OpenStack but this release is only supported for nine months. So in this guide I am going to show how to install Ubuntu server 12.04 LTS which is supported till 2017  here. If you want a torrent download, you can get it here. After downloading the image, burn it to a CD/DVD. Load the CD/DVD to drive and boot from it. The system will prompt us to select the language. Select English or whatever language you prefer.

us1

 

Then click on “Install Ubuntu Server”.

us2

 

Then choose the language to be used for the installation process which will also be set for the installed system. I chose English.

us3

 

Then the system will ask you to select your location. This location will be used automatically set your time zone. There is a list of some countries. If your country is not displayed in the list click “Other otherwise click on your country. I selected India.

us4

 

Then the system will ask whether you want it to detect the keyboard layout. If you don’t know your keyboard layout, select “Yes otherwise select “No”.

us5

 

If you select No, it will ask you to select the keyboard layout. My selection is “English(US)”.

us6

 

us7

 

 

Then the system will start loading additional components.

us8

 

Then the system will autoconfigure your network with DHCP.

us9

 

Then the system will prompt you to enter a hostname for the computer. I named it as ubuntu.

us10

 

Then the system will ask you to create an user account. The username should start with a lowercase letter and can be a combination of letters and numbers.

us11

 

Then you are asked to set a password for the user account created. The password should contain a mixture of letters,numbers and punctuation.

us13

 

Then you are asked to verify the password by typing it once again.

us14

 

Then you are asked if you want to encrypt your home directory or not. Encryption prevents your files to be compromised even if your computer is stolen. I recommend you to select “Yes”.

us15

 

Based on the location we chose above, our time zone is selected. If your time zone is correct, select “Yes” otherwise No to change it.

us16

 

Then you are asked to choose your partitioning method.

us17

 

Then you are asked to select the disk to be partitioned.

us18

 

Then you are shown the summary of partitions to be formatted and whether you want to write the changes to the disks. Select “Yes”.

us19

 

Then installation of base system is started.

us20

 

If you want to connect with the outside world through HTTP proxy, give the information otherwise leave it blank.

us21

 

Then configuration of apt starts.

us22

 

After the configuration, installation of software starts.

us23

 

Then you are asked to select how do you manage upgrades to the system. I recommend you to select “Automatic security updates”.

us24

 

Then you are given a choice to install  predefined software applications. If you intend to set a web server,you can select LAMP server here.

us25

 

The system will install the selected features and it will clean up.

us26

 

If this the only OS on your computer, the system will ask you if you want to install the GRUB bootloader.

us27

 

After GRUB is installed, installation is completed. Remove your DVD.

us28

 

You are asked to provide your authentication.Enter the credentials you gave while installing the system and this screen below should greet you.

us29

 

       “Whoever, fraudulently or dishonestly makes use of the electronic signature, password or any  other unique identification feature of any other person, shall be punished with imprisonment of either  description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.”

Information Technology Act 2008

Yes, that’s what Law in India says about identity theft. Then why make this tutorial? Well, Let me make this very clear that this is only for educative purposes and I will not be held responsible for any action coming out of this article. To take a line from the movie Mission Impossible – 2  “to create bellerophon we always create chimera.” I hope this article will be more helpful than the other articles available about phishing on the internet.

What is phishing? Phishing is an act of presenting a fake page resembling the original webpage you intend to visit with the sole intention of stealing your credentials. Although this article explains how to hack facebook account via phishing, this method can be used to phish any website. Phishing is the most popular method of hacking a facebook account. So now let’s phish.

In your browser, open website of facebook. Right click on the webpage, click on “view page source”.

phish1

The source of the page is displayed in the browser. Right click on the page and click on “Save As”. Save the page as “index.html” on your computer.

phish2

Now open index.html using notepad and hit CTRL+F”.In the Find box opened, type “action” and  click on “Find Next”. Look at the value of action.

phish3

Now change the value of action to “phish.php”. We are doing this so when the user enters his credentials the page that loads will be “phish.php” and not the page Facebook wants.

phish4

Now let’s create the page phish.php. Open Notepad and type the following script into it and save it as “phish.php”. What this script does is it logs the user credentials and saves it to a file named “pass.txt”.

phish5

Now our files are ready.Next step is to upload these files to any free web hosting site available on the internet. Google for free web hosting sites, select any one of them(I selected bytehost7), create an account with username as close to Facebook as possible and delete the index.html file available in the htdocs folder.Then using Online File Management upload your own index.html and phish.php files to the htdocs folder. Your htdocs folder will look like below.

phish6

 Let’s check if our phishing page is ready by typing the address of our site. If the page is like below, then our phishing page is working.

phish7

The next thing we have to do is to send address of our fake website to the victim. We will do this through sending him an email but in order for the victim not to smell something fishy, we will obfuscate the url of the fake page we are about to send him. The sending email address should be as convincingly close to facebook as possible.

phish8

 When the victim clicks on the obfuscated url, it will bring him to our fake site.

phish9

 If the victim is not cautious enough as to observing the url and enters  his username and password, our attempt is a success. To show this, I will enter random values in both username field and password field and hit Enter.

phish10

Now a txt file with name pass.txt will be created in the htdocs folder containing both the username and the password.

phish11

 Click on the file. We can see both the email and the password i have entered. The email is “don’t get hacked” and the password is “like me”.

phish12

Find it difficult? See how to do phishing with Weeman HTTP server

 Counter Point:

If you don’t want to fall victim to phishing, you can take a few precautions . If you want to open a site type the address directly in the url and don’t open any redirected links. Don’t click on any mails which look malicious like asking for your login credentials.

Cisco Certified Network Associate certification has become must for anybody who wishes to start  a career in networking. This certification validates that you have the ability to install,configure and troubleshoot a network. You need  lot of practice for achieving success in this exam. Apart from the labs where you are getting trained for CCNA what if you had a chance to practice at home. Or what if you want to self learn for CCNA? Well for both of the questions above, Cisco Packet Tracer is the perfect answer. To quote from Cisco’s official website,Packet tracer is

“a powerful network simulation program that allows students to experiment with network behavior and ask “what if” questions.”

It further says,

“The simulation-based learning environment helps students develop 21st century skills such as decision making, creative and critical thinking, and problem solving. Packet Tracer complements the Networking Academy curricula, allowing instructors to easily teach and demonstrate complex technical concepts and networking systems design.”

Nothing could have defined that better. This software is available for free from Cisco’s website provided you are a registered Networking Academy student, alumni, instructor, or administrator. Even if you are not one among the above you could still get hold of this software,just google it.

Now I’m gonna show you how to install packet tracer in Windows and Linux.

1.Windows

Any installation in Windows is just clicks and mouse and the same applies to Packet tracer. Click on the exe file downloaded. The below screen appears.Select “I accept the agreement” and click on “Next”.

pt1

Setup will show the folder in which the program’s shortcuts will be created. If you want to change the folder, you can change it. Click on “Next”.

pt2

 

Then the program will ask whether to create a Desktop icon and create a Quick Launch icon. Make your own choice and click on “Next”.

pt3

 

Then the summary of the settings we selected is displayed. Click on “Install”.

pt4

The installation starts as shown below.

pt5

 

In seconds,installation gets completed and the below screen is shown.Click on “Finish”.

pt6

 

Then the below popup appears asking you to close or restart your computer. Click on “OK”.

pt7

As we selected Launch option, Packet tracer is automatically launched.

pt8

2. Linux

To install Packet Tracer in Linux, we need a .deb package of Packet tracer which can be downloaded from here. Now I am going to install it in Ubuntu Precise Pangolin (12.04). Download the above file to the desktop.

pt9

 

Start the terminal and see your current working directory by typing “pwd”. If the current directory is not desktop move to the Desktop directory using “cd”. After reaching the Desktop directory, type “ls” to see if the packet tracer binary is there.

pt10

 

Left click on the packet tracer .bin file displayed after typing “ls” above,the entire word will be selected. Then right click and select copy. Now type “chmod +x” and then hit “CTRL+SHIFT+V “to paste the text we copied above. Our command should look like this.

                       chmod +x  PacketTracer533_i386_installer-deb.bin

What chmod +x command does is that it gives all users permission to execute.

pt11

 

Then type “./PacketTracer533_i386_installer-deb.bin” in the terminal.This will start extracting the binary package.

pt12

 

Then terminal prompts us to hit Enter to read the End User License Agreement.Hit Enter.

pt13

 

After displaying a rather long EULA, terminal asks us if we accept the terms of EULA. Type “Y”.

pt14

 

Then system asks us for the sudo password.Type the password and hit Enter.

pt15

 

When the installation is finished, close the terminal,go to Dashboard, if packet tracer is not seen,type ‘pac’ in the search box. When Packet Tracer is shown, click on it.

pt16

 

A messagebox shows up saying that we are starting packet tracer for the first time and our files will be stored in a specific folder. Click on “OK”.

pt17

 

Another message box pops up.Click on OK”.

pt18

 

Packet tracer is started.

pt19

 

Hi Friends, Today we will see how to install and promote a domain controller in Windows server 2012. It has seen a change while installing a domain controller.The “dcpromo.exe” present in previous versions has been deprecated. We need to install domain controller from Server Manager only.Before we start installing the domain controller let’s change our server’s name to ‘Server‘ and IP address to “10.10.10.1″.

wdc1

wdc2

Now let’s go to Server Manager and start adding Active Directory Domain Services” role from Add Roles and Features.Click on “Add Roles and Features”.

wdc3

 

Before we begin,we are presented with basic information on IP addresses,Windows updates and configuring strong passwords.Click “Next”.

wdc4

 

Then we are prompted for the type of installation.Select Role Based or Feature based installation” and click Next”.

wdc5

 

Then we are prompted to select the destination server.Select the server we just named and click “Next”.

wdc6

 

Then we are asked to select the roles we want to install.Select Active Directory Domain Services and click “Next”.

wdc7

 

Then we get a pop-up to add features that are required for Active Directory domain services. These features are automatically selected.Click on Add Features”.

wdc8

 

We can see that Group Policy Management which is required for Active Directory Domain services has been automatically selected.

wdc9

 

Then we are given a brief description about Active Directory domain services and some basic things to note.Click Next”.

wdc10

 

Then we are shown the roles that will be installed on the server as a confirmation.Click on Install”.

wdc11

 

Then the installation starts.

wdc12

 

As the installation is finished,we get a message ‘Configuration required.Installation succeeded on server’. Click on Close”.

wdc13

 

We have successfully installed Active Directory Domain Services on our server.Now we need to promote the domain controller.In the previous versions of Windows server, it is here we used dcpromo.exe. In our Server Manager, we have a notification flag with a yellow triangle with an exclamation mark inside it.Click on it.

wdc14

 

Click on ‘Promote this server as domain controller’.

wdc15

We are prompted to choose the configuration of our domain controller. Choose Add a new forest and specify the root domain name as shunya.com. Click on Next”.

wdc16

 

We are asked to choose the domain controller options. Set the forest functional level and domain functional level as Windows Server 2012. Select DNS server.Since this is the root domain in the forest it is automatically Read only domain controller. Enter the DSRM password and click on Next”.

wdc17

 

 

Then DNS options screen appears. Click on Next”.

wdc18

 

Look at the NETBIOS name which is automatically assigned.It is shunya.

wdc19

 

The location where the AD DS database,log files and SYSVOL are shown. We can specify different locations if we choose to be. Click on Next”.

wdc20

 

Then we see a review of our selections.Click on Next”.

wdc21

 

Then we see a Windows Powershell script for AD DS deployment.

wdc22

 

Then we get a prerequsites check window.Click on Install”.

wdc23

 

After all the prerequisites are validated successfully,the server is successfully configured as a domain controller and the system is restarted.

wdc24

 

After the system restarts, we are asked to login into the shunya domain.

wdc25

 

Scanning plays a very important role in hacking a system. Scanning is a phase in which we  find out the ports which are open and the services listening on those ports. Nmap is the most popular port scanner being used security guys nowadays. However it is very important to understand classification of ports by Nmap while scanning. Nmap classifies ports into six states. They are, open, closed, filtered, unfiltered, open | filtered and closed | filtered. Let us find out when Nmap classifies ports into specific states. For this, I use two virtual machines,

1. Kali Linux as attacker (with IP 10.10.10.2)

classn1

2. XP as victim (with IP 10.10.10.3)

classn2

On the victim machine, Telnet server is running and an exception is provided for it in windows firewall.

open

1. Open


Nmap classifies a port as open if an application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port.

When I perform a default Nmap scan from the attacker of port 23 of the victim,

Nmap  –p 23 10.10.10.3

The result I get is open. This is because the Telnet server is actively accepting connections.

classn4

2. Closed

Nmap classifies a port as closed when the port is accessible but there is no application listening on it.  On our victim machine, let’s stop the the telnet service as shown below.

classn5

Now when we perform the above scan again, the port is shown as closed because although the port is accessible we don’t have any application listening on it.(i.e telnet is stopped)

classn6

 

3. filtered

Nmap classifies a port as filtered when it can’t determine whether the port is open or closed because packet filtering prevents its probes from reaching the port. On our victim machine, let’s  select ‘Don’t Allow Exceptions’ option in the firewall settings.

classn7

When we perform the above scan once again, the port is classified as filtered because firewall filtering blocks the probes of Nmap. When Nmap classifies a port as filtered, it is most likely that a firewall is blocking our probes.

classn8

4. Unfiltered.

Nmap classifies a port as unfiltered when a port is accessible but it can’t determine whether it is open or closed. A port is classified as unfiltered only with the ACK scan.

Let’s start the telnet service again on our victim machine and allow an exception for telnet in the firewall.

classn9

 

classn10

 

Then let us perform the ACK scan.

nmap  -sA –p 23 10.10.10.3

classn11

The scan couldn’t determine whether the port is open or closed.

5. open | filtered

A port is classified as open | filtered when Nmap is unable to determine whether a port is open or filtered. This happens for scan types in which open ports give no response. The UDP,IP protocol, FIN, NULL and XMAS scans classify ports this way. Let’s go to our machine and once again block telnet using firewall.

classn12

And then perform FIN scan and NULL scan respectively.

classn13

The port is classified as open | filtered in both cases because Nmap can’t determine whether the port is open or filtered.

6. closed | filtered

Nmap can’t find out whether a port is closed or filtered. A port is classified this way only for IP IDLE scan. Now what is IDLE scan? Idle scan is a scan in which we use a zombie host to scan the victim. In our example, we use another host with IP 10.10.10.3 as a zombie to perform IDL scan on our victim.

classn14

In our victim, firewall is still blocking telnet. Let’s perform a IP IDLE scan.

nmap –sI  10.10.10.1 –p 23 10.10.10.3

classn15

The scan shows result as closed | filtered because it could’nt determine whether a port is closed or filtered.