[BlueBorne Bluetooth Hacking Attack] What is BlueBorne Exploit?

By Admin
 Hello guys , In this post today i am going to teach you  about “Blue Borne Exploit”  what is Blue Born Exploit, and how can we avoid this? Friends Recently, Armes Lab has a Bluetooth vulnerability search, named Blue Born. The device which is Bluetooth enabled by this attack can be hacked. The attack vector “BlueBorne” Exposes almost every connected device.
Blue Borne is an attack vector by which hackers can leverage blutooth connection to penetrate and take complete control over targeted devices. Blue Borne affects ordinary computers, mobile phone and the expanding realm of lot devices. The new attack vector endangering major mobile, desktop and lot operating system , including Android ,Windows, iOS , Linux and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air (airbone) and attacks devices via Blutooth. The attack does not require any malicious file, link or the targeted devices to be paired to the attacker device, or even to be set discoverable mode. The attacker locates active Bluetooth connections and device can be identified.


BlueBorne Bluetooth Hacking Attack@myteachworld.com


It allows an attacker to strike completely undetected , it attack occur without victim’s knowledge.
Suppose a hacker has accessed your smartphone via Blue Brone Attack, then he can take away all the data on your phone and transfer it to his system. Hackers can send viruses or malware to your system, hackers can be hacked from any other device through your device via Bluetooth.
Blue Borne provide a number of opportunities for the attacker. Frist spreading through the air renders the attack much more contagious, and allows it to spread with minimum effort. Second , it allows the attack to bypass current security measures and remain undetected. The attacker obtains the device’s MAC address. Which is a unique identifier of that specific device. By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly.
This is true hacking attack, and this Zero Day vulnerability has been discovered by Armes Lab.

Read More:


How do you find Blue Born vulnerability in your device?

All Android phones, tablets, and wearables(except those using only Bluetooth low energy) of all version are affected by four vulnerabilities found in the Android operating system, two of which allow remote code execution(CVE-2017-0781 and CVE-2017-0782). One results in information leak(CVE-2017-0785) and the last allows an attacker to perform a Man-in-the-middle-attack(CVE-2017-0783).

All Windows computers since WindowS Vista are affected by the ”Blutooth Pineapple” vulnerability which allow an attacker to perform a MAN-IN-THE-MIDDLE-ATTACK(CVE-2017-8628).

All Linux device running BlueZ are affected by the information leak vulnerability(CVE-2017-1000250). All Linux device from version 3.3-rc1 (released in October 2011) are affected by the remote code execution vulnerability(CVE-2017-1000251)

To find Blue Born vulnerability in your device, install the app given below.


Download BlueBorne Vulnerability Scanner 

BlueBorne Bluetooth Hacking Attack@myteachworld.com



If you liked this post, please do not forget to share it, without your support, I can not reach this knowledge even further, so help me by sharing my post so that I can bring you a tricks more than one To share the post ,you can use the share buttons given below, and , If you face some problem in any steps please drop your email by going to contact us section of this site. thank you

[DNS Spoofing Attack] What is DNS Spoofing And How to DNS spoof with KaliLinux?

By Admin
Hello guys once again welcome here in this advance hacking blog. I'm going to teach you full detailed guide on DNS Spoofing and How to DNS Spoof with KaliLinux . So friends know first what is DNS?

DNS Spoofing@mytechworld.com


What is DNS(Domain Name System)?

A Domain Name System server translate a human readable domain name (like as XYZ.com) into a numerical IP address that is used to route communications between nodes.
Friends, the website that we open in our browser, the system does not understand the names of those websites, it understands the Ip address. Every website has its own 1 unique IP address. The main work of the dns system is Translator, it is not necessary that you can open the website only by its name, you can also open the website through ip address.  As you all know that it is very difficult to remember the ip of all the websites, The main reason of creating the domain name system was this.

DNS spoofing is a part of computer hacking. A domain name is diverted to an incorrect IP address via DNS spoofing. A domain name is diverted to an incorrect IP address via DNS spoofing. Because of this, traffic of victim system is diverted to the attacker system.
So let's see how the DNS spoof attack ?

MOST READ:


How to DNS Spoof with KaliLinux (Step by Step Follow me)

There are many tools to attack DNS spoofing but I will use the Ettercap tool here which is by default in Kali linux. Ettercap is a very easy and popular tool.

Step1; Before using this tool some configuration settings have to be done, first of all you have to open the terminal window in the Kali linux machine.

Step2; Type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.conf

Step3; Now  will open a leafpad window, scroll down there and setup ip table in linux portion. Screenshots are given below

DNS Spoofing@myteachworld.com


Step4; Activate the both commands that are below the ip table. To activate the command  remove the # symbol and save the file.

Step5; You are doing this attack on the local network, check your local IP and copy it.

Note- Type the ifconfig command to check ip of your local network. 
Step6; Now again type the following command in your terminal window and press enter.
Command:
leafpad /etc/ettercap/etter.dns

Step7; Now  will be again open a leafpad window, scroll down there and Here you have to set the target, you will be seeing Microsoft.com, you can change it, I did xyz.com, now as the Victim will open xyz.com, then here victim will redirect to whatever ip is located.
 Screenshots are given below

DNS Spoofing@myteachworld.com


Step8; Now save the file and close it.

Step9; Now you type the following command in your terminal window and press enter.
Command:
ettercap –G

You will now see that the ettercap in front of you is open in GUI mode.

Step10; Now Click “Sniff->Unified Sniffing, It will list the available network interface as shown below.

DNS Spoofing@myteachworld.com


Step11;  And you have chose the interface the following window will open .

DNS Spoofing@myteachworld.com


Step12; Now the next step is add  the target  for performing the ARP poisoning.

Step13; Now  Click on“Hosts >Scan for Host”, and you will see start to scan the hosts present in the network.

Step14; Now among the list, select “192.168.1.44” and click “Add to Target 1” and select “192.168.1.10” and click on “Add to Target 2”

Step15; Now select “Mitm >Arp Poisoning”, dialog box will open and Select “Sniff Remote Connection” and click on “ok”. Then click “Start->Start Sniffing.

Step16; Next step is Click on “Plugins >Manage Plugins” and Select the “dns_spoof” plugin and double click to activate it.

Step17; You can see that it returns a local machine’s IP address which we have given in the configuration.

Step18; ARP Poisoning and DNS Spoofing. Once everything is done, remember to stop MITM attack, you goto the Mitm tab and click on “Stop mitm attack”

So friends this is the end of the article ,if you like this post please share it your friends.If you face some problem in any steps please drop your email by going to contact us section of this site. thank you




How to secure the website by finding the Website's Vulnerabilities using Kali Linux?

By Admin
Hello Friends, today we will know how to find websites' vulnerabilities? First of all, why do you need it? So friends, its main two uses , First, to secure the website and second, to hack the website.Ethical hackers find the drawbacks of the website and make it secure, And the same black hat hacker hacks the website by finding those vulnerabilities.To perform this process you will need kali Linux OS. As you all know, Kali Linux is one of the best passion operating systems of white hat hackers, security researchers and pentester. It offers advanced penetration testing tool and its ease of use.  If you are beginning an ethical hacking or you want to learn to find a website vulnerabilities, then read this post to the last.

how to find websites' vulnerabilities@myteachworld.com


How To Find  Website Vulnerabilities Using Kali Linux [Step by Step follow me]

I'll tell you about a very popular tool called uniscan which is installed by default in kali linux operating system.It is a web vulnerability scanner and It is very powerful tool. And the best thing about this uniscan tool is ,you can use this tool as CLI (command line interface) or GUI (graphical user interface) mode.

READ MORE:


Method1: Command Line Interface(CLI)

Step1; Friends, first you open the terminal window in your Kali linux machine.

Step2; Now type the command uniscan in the terminal window of  Kali linux , and hit enter button.

Step3; Now you will see that the whole detail will be seen in front of you, you found many options or feature of uniscan tool for example enable directory check,enable file check,robot.txt check,enable static change etc.

how to find websites' vulnerabilities@myteachworld.com


Basic scan of a website:

Step4; Friends like I have to  scan of a website named www.myteachworld.com then simply execute this command unscan -u http://www.myteachworld.com .

how to find websites' vulnerabilities@myteachworld.com


Step5; Now you will get the basic details of the website, such as domain name, server, ip, Also these information are saved in the uniscan report folder ,the path of report folder given on the screen. 

Step6; By typing the command given below, you can see the report of the website.
Command:
cd /usr/share/uniscan/report      (hit enter button)

how to find websites' vulnerabilities@myteachworld.com

then type ls command . you can see the list of folder . and again type the command given blow.
Command:
firefox www.myteachworld.com.html    (Your case may be your website.)

how to find websites' vulnerabilities@myteachworld.com


Deep scan of a website:

Step1; You know the information of that website www.myteachworld.com in detail then you need to execute this command unscan -u http://www.myteachworld.com -qwtds and press enter button.
Note: here  -q To check the directory of that website, w to check the file's website, e to check website's sitemap and robot text, after that d for dynamic check and s for static check.
Step2; Now the uniscan tool will start to scan the full website in depth, and provide you full detail about that website such as which php version is used, emails are using  on that site or not,external host, msql is vulnerable or not ,and many more detail and option will get.

Step3; Now All the information is saved in the report folder automatically. 


Method2: Graphical User Interface(GUI)

Friends, this is a very good tool, because we can work with this tool in gui mode. Many people who feel boring to work on cli mode, but both are necessary for an ethical hacker.

Step1; First you open the terminal window of Kali linux.

Step2; Now then simply execute this command uniscan-gui and hit enter button. You will now see that the gui mode of uniscan tool is open in front of you.


Step3; Now you can enter the url of the site which you want to scan .And there are many more option you can choose.

      In the same way you can easily check Vulnerabilitie of any website easily.
So friends this is the end of the article ,if you like this post please share it your friends.If you face some problem in any steps please drop your email by going to contact us section of this site. thank you so much ,stay tune with this blog and blog's admin Mr. Aditya Singh

[Facebook Trick] How to delete all messages from Facebook in one click ?

By Admin
Hello guys , in this psot today i am going to show you “How to delete all messages from Facebook in one click?” Friends, this happens sometimes, especially for those people who are scared that a family member does not read their Facebook messages because you are doing a lot of activity on Facebook like photo sharing, event making, chat with Gf / Bf, and if you have a lot of chats in your Facebook, then obviously you will take a lot of time to delete them.

facebook all massage delete@myteachworld.com


As you know, you can delete a single chat on Facebook at once, so you will be very time wasted in doing this. So friends, in this case, the trick that has come in this post in today, with the help of which you will be able to delete all your messages only after a single click. If you also have to delete all the messages on facebook, then you can read this post till the last.

READ MORE


How To Delete All Messages On Facebook Step by Step follow me 

Step1; Well your pc or laptop will be google chrome if you do not have Google chrome in your PC or laptop, then First of all you have to install Chrome Web browser in your laptop or pc. Download link is given below

Download Chrome  

Step2; After the chorme is installed in the computer, after opening it, after installing it, an extension must be installed in the name of facebook-delete all messages, the download link is given below.
Download - Delete All Messages
facebook all massage delete@myteachworld.com


Step3; After installing the extension, restarting your Chrome browser, Now you will see in browser  top right side of the top side has come up as a small icon, you have installed this extension now.

facebook all massage delete@myteachworld.com


Step4; Now you have to open your Facebook account, go to Facebook.com and login with your username and password.


Step5; Now when you open your Facebook account, the extension you just installed was clicked on the icon in the Chrome browser, which will be up-side in the menu.


Step6; As soon as you click on the extension, a confirmation message will appear, which will ask you if you want to delete all the messages  really, then just click on yes.


Step7; Now all your messages will be deleted automatically and your 1 hour work will be completed in just one click.


            If you liked this post, please do not forget to share it, without your support, I can not reach this knowledge, you can use the share button given below to share the post,  If you face some problem in any steps please drop your email by going to contact us section of this site. thank you