Cara Hack Facebook Dengan CMD. Hanya sebagai physical port yang digunakan untuk koneksi ke hardware dan dengan cara yang sama virtual port digunakan untuk koneksi pada software. TCP/IP memiliki 65,535 virtual port. Sebuah window popup telnet dengan daemon yang menjalankan port tersebut menunggu anda mengetikkan perintah.
brut3k1t is a security-oriented research framework for conducting bruteforce attacks against a multitude of protocols and services
0. Credit
The original design that inspired me to write a full-out bruteforce project was @chinoogawa, with the original instaBrute design. Thanks!
1. Introduction
brut3k1t is a bruteforce framework that supports dictionary attacks for several protocols and services.The current protocols that are complete and in support are:
The idea behind how brut3k1t works is deceptively simple.
Libraries for connecting and authenticating to network protocols have existed as part of most programming languages' standard library, and brut3k1t abuses them in order to execute bruteforce attacks.
As for web-based services and sites, by utilizing browser manipulation, brut3k1t relies on a bot to visit the webpage, hooking onto authentication input field elements, and sending the username / password.
2. Installation
Requirements:
- firefox (as your browser)
- python (2.7.x)
- pip2.7
- wget
- tar
brut3k1t is available on PyPI! You can install using
pip
:Or, if you choose to build from source:
3. Troubleshooting
Can't load the profile. Profile Dir: /some/path
, or'geckodriver' executable needs to be in PATH.
geckodriver
is not in the PATH
. Make sure that you have run the installer before-hand, and that there is a geckodriver
in your PATH
(e.g /usr/bin
). If not, you may have to manually put it there by downloading the executable here, and placing it in your PATH
.- Twitter/Facebook/Instagram login page is not rendering / brut3k1t is not hooking onto page!
Web-based services often change their authentication page front-end. If this is the case and new extraneous elements are introduced (such as unnecessary 'loading bars'), use a higher delay. This way, the program is able to wait until they go away, and then inject the username/password.
4. Usage
Utilizing brut3k1t is a little more complicated than just running a Python file.
Typing
brut3k1t -h
shows the help menu:Note that with the new release of the hashcrack feature, the
--username
flag is used to supply the target hashstring for hash cracking!5. Examples of usage:
Cracking SSH server running on
192.168.1.3
using root
and wordlist.txt
as a wordlist.The program will automatically set the port to 22, but if it is different, specify with
-p
flag.Cracking email
[email protected]
with wordlist.txt
on port 25
with a 3 second delay. For email it is necessary to use the SMTP server's address. For e.g Gmail = smtp.gmail.com
. You can research this using Google.Cracking XMPP
[email protected]
with wordlist.txt
on default port 5222
. XMPP also is similar to SMTP, whereas you will need to provide the address of the XMPP server, in this case creep.im
.Cracking Facebook requires either the username (preferable, in this case,
test
), email, phone number, or even ID.Cracking Instagram with username
test
with wordlist wordlist.txt
and a 5 second delayCracking Twitter with username
test
with wordlist wordlist.txt
Cracking a MD5 hash (where username is the hashstring) with wordlist
wordlist.txt
6. KEY NOTES TO REMEMBER
- If you do not supply the port
-p
flag, the default port for that service will be used. You do not need to provide it for Facebook and Instagram, since they are um... web-based. :) - If you do not supply the delay
-d
flag, the default delay in seconds will be 1. - Remember, use the SMTP server address (i.e smtp.gmail.com) and XMPP server address for the address
-a
flag, when cracking SMTP and XMPP, respectively. - Make sure the wordlist and its directory is specified. If it is in
/usr/local/wordlists/wordlist.txt
specify that for the wordlist-w
flag. - Remember that some protocols are not based on their default port. A FTP server will not necessarily always be on port
21
. Please keep that in mind. - Use this for educational and ethical hacking purposes, as well as the sake of learning code and security-oriented practices. No script kiddies!
Thanks for trying out brut3k1t! I've been pretty lazy in terms of development and keeping this code updated and in track, so please PLEASE report any sort of errors that arise (including false-positives).
Contributing
If you have any proposed changes, please make a pull request or issue!
brut3k1t was designed as a pragmatic approach towards testing bruteforce attacks on various platforms. In no way does it endorse malicious hacking. Please do not support the use of this code as a method of advancing black-hat activites.
License
Computers communicate using networks. These networks could be on a local area network LAN or exposed to the internet. Network Sniffers are programs that capture low-level package data that is transmitted over a network. An attacker can analyze this information to discover valuable information such as user ids and passwords.
In this article, we will introduce you to common network sniffing techniques and tools used to sniff networks. We will also look at countermeasures that you can put in place to protect sensitive information been transmitted over a network.
Topics covered in this tutorial
What is network sniffing?
Computers communicate by broadcasting messages on a network using IP addresses. Once a message has been sent on a network, the recipient computer with the matching IP address responds with its MAC address.
Network sniffing is the process of intercepting data packets sent over a network.This can be done by the specialized software program or hardware equipment. Sniffing can be used to;
- Capture sensitive data such as login credentials
- Eavesdrop on chat messages
- Capture files have been transmitted over a network
The following are protocols that are vulnerable to sniffing
- Telnet
- Rlogin
- HTTP
- SMTP
- NNTP
- POP
- FTP
- IMAP
The above protocols are vulnerable if login details are sent in plain text
Passive and Active Sniffing
Before we look at passive and active sniffing, let’s look at two major devices used to network computers; hubs and switches.
A hub works by sending broadcast messages to all output ports on it except the one that has sent the broadcast. The recipient computer responds to the broadcast message if the IP address matches. This means when using a hub, all the computers on a network can see the broadcast message. It operates at the physical layer (layer 1) of the OSI Model.
The diagram below illustrates how the hub works.
A switch works differently; it maps IP/MAC addresses to physical ports on it. Broadcast messages are sent to the physical ports that match the IP/MAC address configurations for the recipient computer. This means broadcast messages are only seen by the recipient computer. Switches operate at the data link layer (layer 2) and network layer (layer 3).
The diagram below illustrates how the switch works.
Passive sniffing is intercepting packages transmitted over a network that uses a hub. It is called passive sniffing because it is difficult to detect. It is also easy to perform as the hub sends broadcast messages to all the computers on the network.
Active sniffing is intercepting packages transmitted over a network that uses a switch. There are two main methods used to sniff switch linked networks, ARP Poisoning, and MAC flooding.
Hacking Activity: Sniff network traffic
In this practical scenario, we are going to use Wireshark to sniff data packets as they are transmitted over HTTP protocol. For this example, we will sniff the network using Wireshark, then login to a web application that does not use secure communication. We will login to a web application on http://www.techpanda.org/
The login address is This email address is being protected from spambots. You need JavaScript enabled to view it., and the password is Password2010.
Note: we will login to the web app for demonstration purposes only. The technique can also sniff data packets from other computers that are on the same network as the one that you are using to sniff. The sniffing is not only limited to techpanda.org, but also sniffs all HTTP and other protocols data packets.
Sniffing the network using Wireshark
The illustration below shows you the steps that you will carry out to complete this exercise without confusion
Download Wireshark from this link http://www.wireshark.org/download.html
- Open Wireshark
- You will get the following screen
- Select the network interface you want to sniff. Note for this demonstration, we are using a wireless network connection. If you are on a local area network, then you should select the local area network interface.
- Click on start button as shown above
- Open your web browser and type in http://www.techpanda.org/
- The login email is This email address is being protected from spambots. You need JavaScript enabled to view it. and the password is Password2010
- Click on submit button
- A successful logon should give you the following dashboard
- Go back to Wireshark and stop the live capture
- Filter for HTTP protocol results only using the filter textbox
- Locate the Info column and look for entries with the HTTP verb POST and click on it
- Just below the log entries, there is a panel with a summary of captured data. Look for the summary that says Line-based text data: application/x-www-form-urlencoded
- You should be able to view the plaintext values of all the POST variables submitted to the server via HTTP protocol.
What is a MAC Flooding?
MAC flooding is a network sniffing technique that floods the switch MAC table with fake MAC addresses. This leads to overloading the switch memory and makes it act as a hub. Once the switch has been compromised, it sends the broadcast messages to all computers on a network. This makes it possible to sniff data packets as they sent on the network.
Counter Measures against MAC flooding
- Some switches have the port security feature. This feature can be used to limit the number of MAC addresses on the ports. It can also be used to maintain a secure MAC address table in addition to the one provided by the switch.
- Authentication, Authorization and Accounting servers can be used to filter discovered MAC addresses.
Sniffing Counter Measures
- Restriction to network physical media highly reduces the chances of a network sniffer been installed
- Encrypting messages as they are transmitted over the network greatly reduces their value as they are difficult to decrypt.
- Changing the network to a Secure Shell (SSH)network also reduces the chances of the network been sniffed.
Summary
- Network sniffing is intercepting packages as they are transmitted over the network
- Passive sniffing is done on a network that uses a hub. It is difficult to detect.
- Active sniffing is done on a network that uses a switch. It is easy to detect.
- MAC flooding works by flooding the MAC table address list with fake MAC addresses. This makes the switch to operate like a HUB
- Security measures as outlined above can help protect the network against sniffing.