Krunal gaudani

requirement :- 1. kali Linux 2. router  step :-- Download and Install SNORT in Kali Linux. use command apt install snort move to snort directory. use command cd /etc/snortg Original configuration file was snort.config, but for backup we will create a clone of this file and make changes in that file. Use command cp snort.config test_snort.configg We have to put our network and ip range in test_config file, for that we will edit this file. use command nano test_snort.conf g After that put your network IP and range as shown in screenshot.. Then save and close the file. Now we have to make rules, for that we have to move to rules directory. use command cd rules Here now the SNORT has so many rules files for defining rules we have to define on local.rules files, but for backup we can create secondary file by the command cp local.rules custom.rules SNORT will not directly take rules from our custom file, for that we have to include custom file in that local.rules file. For that we

  Requirements:- OS – Linux Target – Windows Machine – Virtual Box Tools – Ettercap How DNS poisoning works? - User searches ‘abc.com’ in browser. When your browser goes out to the internet, it starts by asking a local DNS server to find the address for a name. The local DNS server will ask the root servers that own that domain.   - When a malicious actor intrudes in the process, and supplies false or fraudulent output, then it is DNS poisoning. These types of man-in-the-middle attacks are often called DNS spoofing attacks.   - By this process attacker will able to redirect request of victim to malicious website. Procedure: 1. Open the kali linux , open terminal and type "nano /etc/ttercap/etter.conf" scroll down and find linux and in this remove both #. save the file by pressing 'Ctrl+X' and 'y' 2. Then type “nano /etc/ttercap/etter.dns” in the terminal. In this file add domain which you want to redirect. Enter your IP address. If victim opens

Metasploit .vul   :- 1   FTP vsftpd 2.3.4   Backdoor command vulnerability   Steps:           Scan the network using nmap. Nmap –v –A –T4 192.168.5.235 Now open your metasploit framework and search vsftpd    Now use exploit/unix/ftp/vsftpd_234_backdoor.and exploit it         Now search shell_to_meterpreter. Use /multi/manage/shell_to_meterpreter. Now interact both sessions.   Now run the basic commands.  Metasploit .vul :- 2        TCP-22 SSH      Open SSH 4.7p1 Debian 8unbuntu1 (protocol2.0)       Steps:-        Scan the network using nmap. Nmap –sV 192.168.5.237    Open Metasploit and Search for the auxiliary for SSH Login. Command will be “search ssh_login”     Use the appropriate auxiliary module by typing command “Use 0” and Set the IP of victim machine as RHOSTS global variable by typing command “set rhosts 192.168.5.237”   For setting the options, type “options” for finding out required field and Set the path of username and password file to USERPASS_FILE option