IP address

All posts tagged IP address

Kali Linux is the most advanced penetration testing distribution with a number of tools. While using these tools a measure of anonymity is required. Today we are going to see how to spoof your IP address in Kali Linux. First, check your IP address by visiting any website which shows your IP address ( http://www.whatismyip.com ). Then go to the site www.vpnbook.com.

Download the Euro1 Server OpenVPN certificate bundle as shown below. Note down the username and password given. We will need it in later steps.

kalivpn1

 

When you click on the download link, the following window opens. Since it is a zip package, system will prompt whether to open it with unzip ( the default option ). Click on “OK”.

kalivpn2

 

Open the terminal and navigate to the directory where the cocntents of the zip archive have been unzipped. Type the command “ls” to see the unzipped files. We are going to use the vpnbook-euro1-udp53.ovpn package.

kalivpn3

 

OpenVPN has been installed by default in the Kali Linux distribution. Type the command “openvpn vpnbook-euro1-udp53.ovpn” to start the process.

kalivpn4

 

The installation starts.  Enter the username and password we noted above when prompted.

kalivpn5

 

After a short time, the process is completed. Check your IP address again. If everything goes well, your IP address will be changed.

Good evening everybody. Sometime back, I wrote an article on how to set up a virtual penetration testing lab using Vmware Workstation. But Vmware Workstation is a commercial product.

Today I am going to show you how to create a pentest lab in VirtualBox absolutely free of cost. I hope this tutorial will be helpful for many beginners into cyber security domain.

What do we need?

1. Oracle VirtualBox. (Download)

2. Kali Linux. (Download)

3. Metasploitable 2. (Download)

Oracle VirtualBox is the virtualization software we will be using to create our lab. We will be using Kali Linux as the attacker machine and Metasploitable 2 as the victim machine. Install Kali Linux and Metasploitable 2 in VirtualBox.

See how to install Kali Linux in VirtualBox.

See how to install Metasploitable in VirtualBox.

pentestlab1

 

Select Kali Linux, Go to settings > network. Enable “network adapter 1″. Set the “Attached to” option to “internal network”. Set the name of the network adapter to “intnet”. Click on “OK” to save the settings.

pentestlab2

 

Do the same for Metasploitable virtual machine.

pentestlab3

 

Power on the metasploitable VM. Log into the system. Default username and password are “msfadmin”.

pentestlab4

 

Type the command “ifconfig” to see the IP addresses of interfaces.

pentestlab5

 

The ‘lo’ interface is the loopback. Now we are going to set the IP address on the interface “eth0”. Type the command “sudo ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up”. The sudo password is “msfadmin. Verify that the IP address is set by typing command “ifconfig”.

pentestlab6

 

Power on Kali Linux. In the terminal, type command “ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up”. Verify if the IP address is set by typing command “ifconfig”.

pentestlab7

 

Test whether this system can communicate with victim system by pinging the victim machine as shown below.

pentestlab8

 

The connection is successful. Our penetration testing lab is ready. Happy practising.

Understanding subnetting is very important not only for those preparing for CCNA exam but also network administrators. Today, I am going to teach you how to create a subnet in a network. For this, I will use Packet Tracer software. To know what is subnetting and why we need it go here. So let’s start.

Imagine I formed a small software company named shunya whose network looks like below. I hired one Java developer, one software tester, one HR and one network administrator. I have been assigned the IP address range from 192.168.10.1 to 192.168.10.255.

subnet1

 

I have enabled DHCP on my router as below.

subnet2

 

subnet3

After one year, imagine my company has received Abrahamic blessings from GOD and has seen rapid growth. Now the company has three Java developers, three software testers and  a dedicated HR team. Not only that, my company now has moved into Remote Infrastructure Management(RIM) and has a Network Operation Center(NOC) and Security Operation Center(SOC).  Total I have 15 computers in my network which looks like below.

subnet4

 

Now see the image below. Here the machine “JD1″ sends a packet to machine “Testing3″. We can see here that for communication between machines “JD1: and “Testing3″ other machines have also been disturbed.

subnet5

 

So for this reason, I decided to subnet the network. I decide to divide the network into three subnets as shown below.

subnet6

 

To create a subnet, first we need to have proper planning as to how many subnets we need and how many we may need in the future. Presently, I need three subnets. The number of subnets should always be calcutated in the powers of 2.

2 to the power of 1 = 2

This doesn’t satisfy our requirement as we need three subnets.

2 to the power of 2 = 4

This satisfies our requirement. So we need to take two bits from the host portion of the IP address. 192.168.10.1 to 192.168.10.255 is the address range available to us with subnet mask 255.255.255.0,  Writing the subnet mask in the binary notation, it is

11111111 11111111 11111111 00000000

 255            255          255             0  

The first 24 bits are network bits and the last eight bits are host bits. To create three subnets, we need to take two bits from the host portion of the address as explained above.

11111111 111111111 11111111 11000000

   255              255            255         192

Four subnets which can be created from the above subnet mask are,

192.168.10.0 to 192.168.10.63 ( with host bits 00000000 )

192.168.10.64 to 192.168.10.127 ( with host bits 01000000 )

192.168.10.128 to 192.168.10.191 ( with host bits 10000000 )

192.168.10.192 to 192.168.10.255 ( with host bits 11000000 )

Since we require only three subnets, we will create the first three subnets. The first subnet ( 192.168.10.1 to 192.168.10.63 ) comprises of Java Developers and Software testers. The commands are as below on the interface.

subnet7

 

If you go to any machine on this subnet and look at its IP address, it will be like below.

subnet8

Now the subnet for the Human Resource Department ( 192.168.10.128 to 192.168.10.191 ) . This will be like below.

subnet9

 

 

subnet10

 

The third subnet ( 192.168.10.64 to 192.168.10.127 ) comprises of NOC and SOC.

subnet11

 

 

subnet12

 

 

Now our network has been successfully subnetted into three subnets and we still have another subnet to use for future use.

subnet13

 

 

Hope this was helpful. If you have any doubts regarding this article please comment below. Thank you.

 

I am self learning for CCNA. A few months back, I got a thought if we can simulate routers in Vmware Workstation. While I was searching for it I found a different solution, GNS3. After simulating routers in GNS3 and practising CLI interface, I had another idea if we can simulate CISCO Graphical User Interface on our PC. This article is  result of that.

In this article, we are not only going to see how to connect Vmware and GNS3 but also see how to simulate CISCO Graphical user Interface (GUI). For this I use,

1. Vmware Workstation 9.

2. Windows XP as Guest OS.

3. Cisco Security Device Manager v25.

4. GNS3.

5.  C7200 Router Image.

Open Vmware Workstation. On the menu Select “Edit>Virtual Network Editor”. On the Virtal network editor, click on “Vmnet1″ network. It is a default Host-only type network adapter of Vmware. Observe its settings. Enable DHCP server.

vmgns1

 

Install Windows XP as a guest. On its virtual machine settings, change the network adapter to “Vmnet1″.

vmgns2

 

Power on the machine. Install Cisco SDM ( I leave the getting Cisco SDM part to you ). Open CMD and type “ipconfig” to see its IP address. Take note of this.

vmgns3

Open GNS3. Click on “Browse all devices”.

vmgns4

 

Select Router “c7200″ and drag it to the workspace. Do the same with “Cloud”.

vmgns5

 

Close the All Devices tab. Right click on the Cloud.  Select “Configure”, a ‘node configurator’ window will open. On this window, click on “C1″.

vmgns6

On the NIO Ethernet tab, in the “Generic Ethernet NIO tab” dropdown menu, select our network adapter (Vmnet1) from the dropdown menu and click on “Add”. Click on “OK” to close the window.

vmgns7

Right click on the router. Select “Configure”, click on “R1″. Select slots tab. In the Slot 1 dropdown menu, select “PA-4E”. Click on Apply an close the window. The selection PA-4E creates four Ethernet ports on the router. Right click on the router and start the router.

vmgns8

Add a link from “cloud( Vmnet1)” adapter to the “e1/0″ port on the router.

vmgns9

Hover your mouse over the router. We can see all the ports.

vmgns10

Similarly hover your mouse over the cloud to see its connections.

vmgns11

 

Right click on the router and select “Console”. In the global configuration mode, type the following commands.

ip http server”

ip http secure-server”

These commands set up http and https servers respectively which are needed for Cisco SDM.

vmgns12

Type the command “interface Ethernet 1/0″. We are entering into specific configuration mode of our connected interface. Type the command “ip address 192.168.10.3 255.255.255.0″. This sets the interface IP address and subnet mask. Make sure the router IP address is in the same subnet as that of our guest OS in Vmware workstation. Type “no shut” and exit to the privileged mode.

vmgns13

Let’s ping our guest from the router. to ensure that we are connected to Vmware Guest.

vmgns14

Since success rate is 100%  we have successfully connected Vmware and GNS3. Now let’s do the Cisco SDM part. On our Guest machine click on Cisco SDM. A SDM launcher window will open. Type the IP address of the router and click on Launch.

n16

 

Internet Explorer will open as below. Make sure Internet Explorer is configured to allow pop ups and to allow Activex to run from the computer.

n17

 

After some time the following popup will open. Don’t close it.

n18

 

Then we might see a certificate warning. Click on Yes.

n19

 

After some processing, Cisco SDM will open.

n20

 

We have successfully simulated Cisco GUI on our PC. Happy practice friends.

Virtual penetration testing lab is a lab created on a single system using any virtualization software. It can be very helpful for people practising for CEH or similar certification. Any penetration testing lab has two machines, attacker and victim. In this lab we will set up Kali Linux as the attacker and Windows XP( most favourite victim machine ) as the victim. I am going to set up this lab in Vmware Workstation 9. Hope this will be helpful.

First of all install Kali Linux and Windows XP in Vmware Workstation.

vpl1

 

vpl2

Shut them down. In the Vmware Workstation menu, Select Edit” and click on Virtual Network editor.

vpl3

The window below will open showing the virtual network adapters. Click on “Add network”.

vpl4

Vmware provides nine virtual networks from 0 to 9. Vmnet0, Vmnet1 and Vmnet8 are automatically assigned for  bridged, Host-only and NAT types of network respectively. Select the network “Vmnet3″.

vpl5

We can see that our network is added as Host-Type with a automatically assigned subnet IP.

vpl6

 

Click on our network. We can see its settings below.

vpl7

 

Deselect the option ‘Connect a host virtual adapter to the network‘.This will make our network a custom type. Change the subnet IP to 10.10.10.0( choice is yours).  Select the ‘Use local DHCP service to distribute IP address to VMs‘ option. This will automatically assign IP addresses to our machines. Click on ‘DHCP settings‘.

vpl8

You will see the below window. Make changes if you like. I am going to leave it default. Click OK twice to exit.

vpl9

 

We have successfully created our custom network. Now let’s add our machines to the network. Open the tab of Kali Linux and click on ‘network adapter‘ setting.

vpl10

In the settings, select the ‘custom radio button and select the network Vmnet3 from the dropdown menu. Click on OK.

vpl11

Do the same for Windows XP. Then let’s boot up our victim machine and check it’s IP address by typing ‘ipconfig‘ in the command line.The DHCP server has automatically assigned it the IP address 10.10.10.129.

vpl12

 

Boot the attacker machine and check it’s ip address by typing ‘ifconfig’ in the terminal. It has been assigned the address 10.10.10.128.

vpl13

Ping the victim IP machine (10.10.10.129) to see whether the two machines can communicate.

vpl14

 

We have successfully created a virtual penetration testing lab. Happy testing.

In this article, we are going to see how to set up a web server in Ubuntu Server. Before that, I want to give  credit for this article to Mike of www.funwithlinux.net. I learnt how to install the web server from this article, made some mistakes initially but finally successful.

What is a web server? It is a server which hosts websites. Each and every website has a  server. Most web servers are set up on Linux for the primary reason that it is free. I am going to set up my web server on Ubuntu Server 12.04.

To set up a web server we are going to install four components, Apache (server software), PHP (scripting language used to create webpages), MYSQL (database), PHP-MYSQL (MySQL support in PHP ). Login as root into Ubuntu server.

In the terminal type “apt-get install apache2″ to install Apache package. Type ‘Y’ when system prompts you to continue.

uws1

 

To check whether apache packages have been installed or not type the command “wget localhost index.html” in the terminal. This will download the index.html file to the local directory. Type “ls” to see if the file has been downloaded or not. If it is present, apache has been correctly installed.

uws2

The apache2 config file is located at “/etc/apache2/”. In this same directory we have a directory named ‘conf.d’. Configuration files( files with the suffix .conf ) in this directory will be parsed by apache2 during startup.  If we intend to run multiple sites from the same server, we need to put our config files here. Let’s create a file name “shunya.com.conf”.

uws3

In the file shunya.com.conf, add the following text and save the file. The first line tells  Apache to  listen on port 80. The second line shows the ServerAdmin and is optional. The third line shows our web server’s root directory. The fourth line is host header Apache2 will listen for, as sent by the end user’s browser. The fifith line is the file used for logging errors. This line is also optional but is very helpful.  The settings not configured under <VirtualHost> tags will be inherted from apache2.conf or other configuration files. Close the file by typing “:wq”.

uws4

 

As we created the config file of our host, we need to create our root directory referenced in the config file i.e “/var/www/shunya.com”. Navigate to the directory by typing “cd /var/www/”. Create new direcory named ‘shunya.com’ by typing “mkdir shunya.com”. Make the root user the owner of the directory by typing the command “chown root:www-data /var/www/shunya.com -R”. Make this directory readable and executable by typing the command “chmod 550 /var/www/shunya.com -R”.

uws5

 

Create a file named index.php in our root directory shunya.com.

uws6

 

Edit the file as below. We will echo some Archimedes in our index.php file. Save and exit the file.

uws7

 

Next, we have to install PHP. Type the command “apt-get install php5″. Type Y at appropriate prompts.

uws8

 

Reload the apache config file by typing “service apache2 reload”. Then restart the apache service using “service apache2 restart”.

uws9

 

Let’s see if our website is working. From a remote machine which has access to ur web server open the browser and type the IP address of the web server. If we get “Eureka Eureka” displayed, then our server is working.

uws10

 

Install Mysql server by typing “apt-get install mysql-server”. 

uws11

 

The system will prompt you to set a root user password for MYSQL. Set the password and confirm it again.

uws12

 

uws13

Type the command “apt-get install php5-mysql” to install Mysql support for PHP.

uws14

 

We have set up our web server successfully.

Nmap is a popular port scanner. Today we are going to see target specification in nmap. In Nmap target can be specified in six different ways. We are going to look at each one of them. For this, I am using Kali Linux connected internally with IP address 10.10.10.2.

1. nmap -iL <input filename>

This option reads targets from a specific file. Let’s create a file named alpha with a few   newline separated or tab-limited or space separated IP addresses using vi on Desktop.

nt1

 

Then, move to Desktop directory and type the command “nmap -iL alpha” as shown below. It scans the four IP addresses listed in our file.

nts2

2. nmap -iR <number of hosts>

This option is used to specify random hosts to scan. Nmap generates its own targets to scan. The <number of hosts> argument tells nmap the number of IP’s to generate. Let’s type command “nmap -iR 5″. We can see that nmap generated five random targets to scan. The scan failed to determine route to the generated IP addresses because my system is not connected to Internet. Why didn’t it generate any internal IP addresses? Because in this scan private, multicast and unallocated address ranges are automatically skipped.

nts3

 

3. nmap <IP address/dir>

This option is used to scan the entire subnet.  Assuming you know CIDR let’s type the command nmap 10.10.10.1/29 to scan eight IP addresses from 10.10.10.1 to 10.10.10.8 and see the result below.

nts4

 

4. nmap [targets] -exclude[targets]

This option specifies a comma separated list of targets to be excluded from the scan even if they are part of overall network range we specify. For example, in our previous scan we saw that one host 10.10.10.2( which is the system I am working on) is alive. Now I decided to exclude that host and another host from the scan. So I type the command “nmap 10.10.10.0/29 -exclude 10.10.10.2,10.10.10.7″ and press “Enter”. We can see that nmap has only scanned six IP addresses.

nts5

 

5. nmap [targets] -excludefile[file name]

Now what if the subnet was very big and there are more number of hosts to be excluded from the scan. The above option helps us to achieve this. Remember the file “alpha”( with four IP addresses) we created. Now let’s specify nmap to quit scanning the hosts listed in the file. Type command “nmap 10.10.10.0/29 -excludefile alpha”. We can see that nmap scanned only four hosts in the subnet.

nts6

 

6. nmap [target1 target2  target3]

This option specfies nmap to scan multiple targets separated by space. Type the command  “nmap 10.10.10.1 10.10.10.2″. We can see the result below.

nts7

 

Hope this was helpful.

Hi everybody, today I’m gonna show you remote password cracking with Brutus. For the newbies, script kiddie is a person with little knowledge  of hacking or any programming languages and instead searches for automatic tools to hack the computers. In this scenario, script kiddie is using a Windows XP machine and two tools Zenmap and Brutus avilable for free to download. As you will see, Zenmap is used for scanning for any open ports of  live machines and Brutus is a password cracker.



Imagine I am the script kiddie, I  first find out my own computer’s  ip address by typing the command “ipconfig” in the command line.

The ip address of my system happens to be 10.10.10.1. I decide to scan the following range of ip addresses to look for any live hosts. In the target option, I specify ip address as 10.10.10.2-10 and I choose profile as intense scan to get maximum information about the target. After performing the scan, the results show that only one system 10.10.10.3 is alive.

The scan  also shows that the victim machine which is live  is running a ftp server and its operating system is Windows XP.

I decide to use Brutus to crack the remote FTP password. Brutus has both dictionary and bruteforce attack options. I decide to choose dictionary attack since it is faster than bruteforcing. Brutus comes with a built in username(users.txt) and password list(pass.txt).As the victim machine is running Windows xp which comes with a default administrator account, I decide to  add “administrator” to the users.txt file.

I choose type as FTP since I am about  to crack a FTP server.

Then I select the file pass.txt containing some common passwords and just hope to crack the password.

Then after starting the cracker, Brutus runs and gives one positive authentication result.

Username : administrator

Password: 123456

Then I try to log into the FTP server of the remote machine using cmd with the authentication result achieved above.

I successfully logged into the FTP server.Once I am into the remote machine I try some ftp commands but before that I change my local directory to Desktop.

Then I use DIR command to list the directories in the FTP server.

There are four directories in the FTP server:Detroit,Images,lena and users. I  go to the users directory using command cd users and then list the files in the directory by using command ls. There is one text file named users.txt in the directory.

I decide to download the file users.txt to my machine using the command get users.txt. Since I had set my local directory to desktop it will be downloaded to desktop.

Let’s see the contents of the users.txt file just downloaded. It contains some usernames and passwords.

In the same way, I enter into another directory of interest to me “Images” and download the only image present in it to my desktop.

In this way, I can download any number of files from the remote server to my local machine. That’s all for now.