Jump to content

A nice little group of rather n00bish questions.

Paralys

By Paralys
in Questions

 Share

Recommended Posts

Paralys Newbie

Paralys

Posted
Posted

Well, I don't mean to sound like a skiddie, and this will. But I have a few questions. Nor do I intend to use these tools for anything malicious, only very curious as to how they work and how secure they actually are. Well here we go (flame away if you find it n00bish, and yeah, I read the documentation for all this stuff too so RTFM wont help lol) I've been trying to learn more programming and hacking by using my own knowledge not skiddie tools. Though after this long, I've decided even though theyre sorta n00bish, I at least should understand how to use them.

1.) When I'm running Cain and Abel, it has a choice for IP Spoofing, I assume I can put a proxy server in here, if I'm incorrect someone please explain how IP Spoofing works.

2.) When I tried scanning my own home network with Cain and Abel, I get an error message and the program closes itself when I try to read the packets that it's caught. It's the whole "process has preformed an illegal action and needs to close" spill.

3.) If I ran a packet sniffer on a network what data would it give away that could be traced back to me. (once again, I only wish to know how to do this because how the programs work interest me greatly.)

4.) Where can I get more wordlists for Brutus (I realize that brute forcing is a last resort, extremely obvious option.)

5.) When I'm using a proxy on the net, does it keep logs of my actions, and also, am I tracable if I'm on a proxy? Could someone teach me how to trace myself when I'm behind a proxy?

6.) And finally, if I disconnect from a proxy, am I still tracable?

Please don't flame, I've not really bothered working with these tools until now, and I'm having a small amount of trouble understanding them. Thanks everyone. Have a nice '07.

Paralys

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted
1.) When I'm running Cain and Abel, it has a choice for IP Spoofing, I assume I can put a proxy server in here, if I'm incorrect someone please explain how IP Spoofing works.

IP spoofing is where the packets you transmit are 'miss labelled' with an IP address that isn't the one assigned to your computer.

2.) When I tried scanning my own home network with Cain and Abel, I get an error message and the program closes itself when I try to read the packets that it's caught. It's the whole "process has preformed an illegal action and needs to close" spill.

Try reinstalling cain

3.) If I ran a packet sniffer on a network what data would it give away that could be traced back to me. (once again, I only wish to know how to do this because how the programs work interest me greatly.)

The idea of packet sniffing is to listening to network traffic (the key word here been listening).

5.) When I'm using a proxy on the net, does it keep logs of my actions, and also, am I tracable if I'm on a proxy? Could someone teach me how to trace myself when I'm behind a proxy?

Yes and yes, usually you will only be 'traced' (as you put it) if any actions you performer that you are not supposed to are brought to the attention of the server admin.

6.) And finally, if I disconnect from a proxy, am I still tracable?

What do you mean by this?

Link to comment
Share on other sites
Paralys Newbie

Paralys

Posted
  • Author
Posted

@ Sparda

As far as the spoofing goes, I'm still a bit confused, can I use a proxy as the fake IP or do I use another IP that is on the network already?

and also, what I mean about the last proxy question is, lets say I did something and then someone tried to find me even though I was behind a proxy, if I disconnected from the proxy am I still traceable? or is my IP recorded in the logs of that proxy server.

(Also, if anyone could show me how to find myself when I'm behind a proxy, that would be cool too.)

Link to comment
Share on other sites
ichthuz Newbie

ichthuz

Posted
Posted

<offtopic>

this is a perfect example of good newbie questions that are not like

1 am t3h l33tzor haxor now h0w dooox i h4x teh m$ hotm4ail. adresses. tell me or i will f0x y0ur m0mxxx

you'll notice that when people are bs ing sparda takes them down. on this one he recognised good questions and responded respectfully.

way to go Paralys.

</offtopic>

6.) And finally, if I disconnect from a proxy, am I still tracable?

i think he means can he be traced after the fact. like if he uses anonymizer can the FBI subpoena them for logs and trace him a month later.

the answer is yes... but you arent doing anything you shouldnt anyway ;-)

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted
As far as the spoofing goes, I'm still a bit confused, can I use a proxy as the fake IP or do I use another IP that is on the network already?

You can use any IP address, you can even use the local loop back address.

and also, what I mean about the last proxy question is, lets say I did something and then someone tried to find me even though I was behind a proxy, if I disconnected from the proxy am I still traceable? or is my IP recorded in the logs of that proxy server.

Yes, all activity is usually logged and stored for a certain amount of time.

Link to comment
Share on other sites
VaKo Newbie

VaKo

Posted
Posted

You could just compromise someone else's server or VPS, and proxy threw that. Yeah, its illegal and isn't nice for the server owner, so if you do it, don't take the piss, keep the traffic low and keep your entry points secure so no one else can follow you in. When you don't need it anymore, lock yourself out of the server again. That way your at least being an honest & respectful criminal.

The public proxy's you can find with google should never be used for anything you don't want other people knowing about. You could also try tor or similar.

Link to comment
Share on other sites
Paralys Newbie

Paralys

Posted
  • Author
Posted

@ ichthuz

Thanks, that was exactly what I was asking about the proxy, I figured they were logged but I wasn't sure.

@ Sparda

Thanks for all the help on this, though I don't plan on using Cain and tools of that nature often, I though it would be rather useful to understand how they work, not only for hacking, but I was also seeing how much I could spy on myself (just to know how secure all the stuff on my own network is).

@ Vako

I've heard of people going through others computers to do that before, If you could send me some sort of tutorial on how to do this (and more preferably, how to make my network safe against it.)

Thanks for all the help so far everyone. Also, still curious as to how to trace myself back through a proxy.

Link to comment
Share on other sites
ichthuz Newbie

ichthuz

Posted
Posted

[quote="Teengeek"and from my understanding of TOR its very hard to trace

quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted
quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable

Nothing is impossible.

Link to comment
Share on other sites
SomeoneE1se Newbie

SomeoneE1se

Posted
Posted
and from my understanding of TOR its very hard to trace

quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable

quite obviously you dont understand TOR's exploits.

There are a few ways to get the IP from someone using TOR

Link to comment
Share on other sites
Paralys Newbie

Paralys

Posted
  • Author
Posted

Ok, this'll sound worse than my other questions probably lol but I'm assuming TOR is the same as TORpark?

Also, my laptop has a small slot/tray sort of thing on the front which is where my HD goes in, since the drive and the door for it still holds on well without the screws for it, I took them out and can now switch hard drives in somewhere around 25 seconds. Let's say I was using one of these tools (or doing anything as far as a hack goes) that could be traced by IP address, and then I spoofed my IP, out of curiosity, if I switched my drive then would it be possible to find out that that computer was the one running the tools? (I'm not aware of any way that it could store anything about it on the new hard disk.)

Link to comment
Share on other sites
Paralys Newbie

Paralys

Posted
  • Author
Posted
I think the only way to identify the computer after switching disks would be the NIC's MAC. This can be spoofed though so it's still not 100% identification.

I hate to ask for so much, but do you have any links on how to spoof a MAC, I'll be googling for it until I come back to check this thread.

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

The way I understand it it's something like this:

By default, the computer will tell the card to just send *THIS* as a packet out there. The card will wrap it up in an ethernet frame, filling in all the fields for you, and sending it on it's way.

An alternative if to tell the card to just inject a bunch of bits into the network. This will require elevated privileges on the sending machine, as it does quite literally allow you to send any sequence of bits that you feel like, even though the machine is supposed to adhere to the network protocols and such. When you do things like this however, you can format that bunch of bits in such a way that it becomes a legal ethernet frame, but with the contents of your choosing. You can replace any field in the frame, including the part that hols your MAC address.

Link to comment
Share on other sites
VaKo Newbie

VaKo

Posted
Posted
@ Vako

I've heard of people going through others computers to do that before, If you could send me some sort of tutorial on how to do this (and more preferably, how to make my network safe against it.)

1: find somewhere with simple admin passwords (like the guy who complained to me that his dedicated windows server, with a admin pass set to "Password1", had been hacked).

2: get in, and install a proxy

3: route your traffic threw that.

(for bonus points - 4: When your done, email/message the admin and tell him/her that there server is wide open to the world. Explain how this should be fixed.)

When it comes to hacking people's servers, I have no real skill at all. I just look for the ones run by people with less sense than me, and work out what they've left open. No point in trying to fight your way threw semi-decent sercurity when the guy next door has none. Blank or stupid passwords are like living in the hood and forgetting to install locks.

Link to comment
Share on other sites
Paralys Newbie

Paralys

Posted
  • Author
Posted
The way I understand it it's something like this:

By default, the computer will tell the card to just send *THIS* as a packet out there. The card will wrap it up in an ethernet frame, filling in all the fields for you, and sending it on it's way.

Card? I assume you meant wireless card, however, in this case I was running Cain though a wired network. It does still catch packets from a wired network as long as I'm plugged in doesn't it?

@ Vako

Though I like the whole White Hat aspect of sending them a mail to fix it before someone does something really stupid to their network, doesn't it make you feel a bit uncomfortable to send an email to someones network that you just hacked? I mean, kinda like you're letting out too much information about yourself?

Link to comment
Share on other sites
VaKo Newbie

VaKo

Posted
Posted
@ Vako

Though I like the whole White Hat aspect of sending them a mail to fix it before someone does something really stupid to their network, doesn't it make you feel a bit uncomfortable to send an email to someones network that you just hacked? I mean, kinda like you're letting out too much information about yourself?

If you cover your tracks you should be able to get away with it. Obviously saying "hey hey hey fool, I be pwning massive hard on your b0x. Port 8443 be wicked unsecured. Word." with your personal email is a bad idea. But a throw away mail account, tor and a quick email saying "I've noticed that your server isn't setup in the most secure fashion, here is a list of the problems, here is how to fix it and here are the details of the tech support team you need to contact if you need to discuss this with anyone." If you have been stealing someone else's resources for your own needs, telling them that much is kinda a karma balancer imo.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...