Google Hacking Google hacking is about searching the google search engine of things that are not supposed to be publicly seen. These could include files, data, other sensitive information and even access to hardware devices like webcams. In this post we are going to see how easy it is to find online webcams that are accessible over the internet (ofcourse due to wrong network configuration by their IT guys). Most webcams provide a web based [...]

Signed Java Applet exploit In this demonstration of metasploit we shall see how to hack almost any kind of windows machine using the signed java applet technique. This is a social engineering attack that would require the victim to open a url and allow the java applet to run in the browser. This exploit works in any browser but requires the java plugin to be installed. Technically it is not a exploit, just a bad [...]

In this post I am going to show you, how to discover windows machines online. These windows machines are desktop users connected to the internet. Many windows versions are known to have vulnerabilities that can be exploited with metasploit by just using the ip address of the system. So the first step would be to find out such machines if any. SMB version scanner Metasploit has an auxiliary scanner module for scanning the samba service [...]

Ping Sweep Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do this quickly and effectively. Here is the command $ nmap -sP 192.168.1.1-255 Starting Nmap 6.00 ( http://nmap.org ) at 2013-04-16 18:16 IST Nmap scan report for 192.168.1.1 Host is up (0.0079s latency). Nmap scan report for 192.168.1.92 Host is up (0.010s latency). Nmap [...]

Social Engineering Toolkit Social engineering toolkit is the most powerful tool for performing social engineering attacks. It is the metasploit of social engineering in a way. It provides a very easy user interface to perform attacks like phishing, browser exploitation etc. In this tutorial we are going to see how it can be used to perform phishing attack to try to hack the gmail password of someone. Credential Harvester Attack Credential Harvester attack is one [...]

In the previous post on we learnt how to use sqlmap to hack a vulnerable web application and fetch the list of databases, tables, columns and data rows. In this post we shall see how to do some simple fingerprinting on the remote database to find valuable information that can be used to assist in further exploitation of a system. So lets say we have a vulnerable url http://localhost/weak.php?id=10 where the id parameter is not [...]

Once you are able to gain access to a remote website or server such that you can upload any arbitrary file to it, the next thing you want to try out is get a shell on the system. If the system is running php then a php file can be uploaded to it which will give us a reverse shell. There are many web based shell scripts but getting a terminal based shell is far [...]

Database schemas Databases are present in almost all kinds of application that need to store information in some form or the other. Web applications like blogs, cms, social networking sites or business applications etc all have a database along with the code. The database design or schema determines how the tables and their relationships are constructed. Database design is a crucial component in the overall efficiency of a database application. In this series of posts, [...]

SSL certificates Some websites, specially restricted ones might require you to use a client side ssl certificate to open the pages. The certificate is used as an authentication factor, in place of username/password. When opening such websites in browsers, the browser must provide the ssl certificate. Over here we shall see how to do that in firefox. Setup in firefox 1. Open the options/preferences dialog. 2. Go to Advanced section 3. Switch to Encryption tab. [...]

Chat application In our previous article on we learned about the basics of creating a socket server and client in python. In this post we are going to write a very simple chat application in python that is powered by sockets. The chat application we are going to make will be more like a chat room, rather than a peer to peer chat. So this means that multiple users can connect to the chat server [...]