Ethical hacking

     Nagios XI 5.2.6-5.4.12 -Chained Remote Code Execution(Metasploit) Introduction:- As the new exploit(CVE-2018-8733) is published which is capable to exploit the Nagios XI between version 5.2.6 to 5.4.12.Nagios is available in all the platform so i download the nagios virtual machine version 5.4.10 for my lab and download the exploit from www.exploit-db.com and paste it in the sub directory “exploit” of the metasploit framework and initialise the database or you can easily update the metasploit-framework by updating the OS. About Nagios XI:- Nagios is the most powerful,trusted,free and open source computer software application which helps in network monitoring,server monitoring and application monitoring and entire infrastructure and ensuring systems,applications,services and business process are functioning properly.It is easy to configure package along with advanced alerting and reporting. Lab environment:- Software:-VMware Workstation Pro ...

POC OF AIRGEDDON FRAMEWORK Introduction:- Airgeddon is a automated tools by which we can crack wifi password. Lab environment:- Atacker’s Operating system:-linux kali 4.13.0-kali-amd64 Wifi adapter:-TP-Link TL-WN727N 150Mbps Wireless N USB Adapter Framework:- airgeddon Step 1:- Copy the github link( https://github.com/v1s1t0r1sh3r3/airgeddon ) and clone it in the desktop. Step 2:- Then i check the permission of all the file inside the airgedden i found that airgedden is not a executable file. Step 3:- Then change the permission of airgeddon.sh form -rw-r--r-- to -rwxrwxrwx by typing chmod 777 airgeddon.sh Step 4:- Connect wifi adoptar and Run airgeddon.sh.We have the framework in front of us. Step 5:- Then check the requirement what this script need for running this script.there is some error show in this script but we don't want any package for cracking the password so hit enter do ahead. Step 6:- Then select the interface to work wit...

POC OF sslstrip with dns2proxy Introduction:- This is a POC of sslstrip. Here We intercept the traffic and get all the juicy data enter by the victim by using the sslstrip-master,dns2proxy-master Lab Environment:- Attacker’s operating system:-linux kali 4.13.0-kali-amd64 Victim’s operating system:-window 7 Required tools:-sslstrip-master,dns2proxy-master Steps of attack:- Step 1: #cd sslstrip-master/(change directory to sslstrip-master) #python setup.py install(install sslstrip-master) Step 2: #echo “1” > /proc/sys/net/ipv4/ip_forward(Enables IP forwarding) #iptables --flush( Removing all firewall rules ) #iptables --flush -t nat() #iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000(forward all the traffic to port number 9000) #iptables -t nat -A PREROUTING -p udp --destination-port 53 -j REDIRECT --to-port 53 Step 3: #ifconfig(for finding the ip address of the attacker’s machine 192.168.29...