Error Codes

                                Error Codes 

100 Continue 
101 Switching Protocols 
200 OK Action completed successfully
201 Created Success following a POST command
202 Accepted The request has been accepted for processing, but the processing has not been completed.
203 Partial Information Response to a GET command, indicates that the returned meta information is from a private overlaid web.
204 No Content Server has received the request but there is no information to send back.
205 Reset Content
206 Partial Content The requested file was partially sent. Usually caused by stopping or refreshing a web page.
300 Multiple Choices
301 Moved Permanently Requested a directory instead of a specific file. The web server added the filename index.html, index.htm, home.html, or home.htm to the URL.
302 Moved Temporarily
303 See Other
304 Not Modified The cached version of the requested file is the same as the file to be sent.
305 Use Proxy
400 Bad Request The request had bad syntax or was impossible to be satisified.
401 Unauthorized User failed to provide a valid user name / password required for access to file / directory.
402 Payment Required
403 Forbidden The request does not specify the file name. Or the directory or the file does not have the permission that allows the pages to be viewed from the web.
404 Not Found The requested file was not found.
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Time-Out
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URL Too Large
415 Unsupported Media Type
500 Server Error In most cases, this error is a result of a problem with the code or program you are calling rather than with the web server itself.
501 Not Implemented The server does not support the facility required.
502 Bad Gateway
503 Out of Resources The server cannot process the request due to a system overload. This should be a temporary condition.
504 Gateway Time-Out The service did not respond within the time frame that the gateway was willing to wait.
505 HTTP Version not supported 

Web Vulnerability Scanner

                    Web Vulnerability Scanner

User Guide : http://sec4app.com/download/WebCruiserUserGuide.pdf
Download for Windows
www.mediafire.com/download/mbcgs6bcet6t71h

Key Features:
* Crawler(Site Directories And Files);
* Vulnerability Scanner: SQL Injection, Cross Site Scripting, XPath Injection etc.;
* SQL Injection Scanner;
* SQL Injection Tool: GET/Post/Cookie Injection POC(Proof of Concept);
* SQL Injection for SQL Server: PlainText/Union/Blind Injection;
* SQL Injection for MySQL: PlainText/Union/Blind Injection;
* SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection;
* SQL Injection for DB2: Union/Blind Injection;
* SQL Injection for Access: Union/Blind Injection;
* Post Data Resend;
* Cross Site Scripting Scanner and POC;
* XPath Injection Scanner and POC;
* Auto Get Cookie From Web Browser For Authentication;
* Report Output.
System Requirement: Windows 7\Vista, or Windows with .Net Framework 2.0 or higher

Archive password : WebCruise

             8 ways to access blocked websites

1. Using IP instead of URL
2. Redirection with short URL
service
3. Google cache
Search engines like Google and
Yahoo cache webpages and
these cached pages are stored
in search engines themselves,
which likely will be added to
the blocked list. Click on the
‘cache’ will bring you to a
cache version of the page, as
updated as how Google caches
it.
4. Internet Archive – Wayback
Machine
Wayback Machine is a internet
service that periodically keeps
a copy of almost all websites
in the Internet way from the
date they’re started. Clicking
on the latest copy of what
Wayback Machine have should
be somewhat similar to the
real site.
5. Anonymous surfing
- Hidemyass.com
- anonymizer.com
- wujie.net
- ultrareach.net
6. Use Proxy in Browsers
7. Bypass with translation
services
Use Google translate. Open
Google translate ,type the URL
and translate page.
8. Retrieve web pages via
Email
Web2Mail is a free service
that sends websites you want
to read right into your inbox.
All you need to do is send an
email to www@ web2mail.com
with the URL as subject title.

BackTrack 5 Wireles Penetration Testing

                                             

                           " BackTrack 5 Wireles                              Penetration Testing "

Master bleeding edge wireless testing techniques with BackTrack 5 :

Chapter 1: 
Wireless Lab Setup  
Hardware requirements  
Software requirements  
Installing BackTrack  
Time for action – installing BackTrack  
Setting up the access point  
Time for action – configuring the access point  
Setting up the wireless card  
Time for action – configuring your wireless card  
Connecting to the access point  
Time for action – configuring your wireless card  

Summary  

Wireless Lab Setup :-

Hardware requirements

We will need the following hardware to set up the wireless lab:

 ‹ Two laptops with internal Wi-Fi cards: We will use one of the laptops as the victim 

in our lab and the other as the penetration tester's laptop. Though almost any 

laptop would fit this profile, laptops with at least 3 GB RAM is desirable. This is 

because we may be running a lot of memory-intensive software in our experiments.

 ‹ One Alfa wireless adapter: We need a USB Wi-Fi card that can support packet injection 

and packet sniffing, and that is supported by Backtrack. The best choice seems to be 

the Alfa AWUS036H card from Alfa Networks as BackTrack supports this out-of-the-

box. This is available on Amazon.com for a retail price of $34 at the time of writing.

 ‹ One access point: Any access point which supports WEP/WPA/WPA2 encryption 

standards would fit the bill. I will be using a D-LINK DIR-615 Wireless N Router for 

the purpose of illustration in this entire book. You can purchase it from Amazon.com 

where it is retailing at around $35 at the time of writing.

 ‹ An Internet connection: This will come in handy to perform research, download 

software, and for some of our experiments.

Software requirements :

We will need the following software to set up the wireless lab :

 ‹ BackTrack 5: BackTrack can be downloaded from their official website located at 

http://www.backtrack-linux.org. The software is open source and you 

should be able to download it directly from the website.

 ‹ Windows XP/Vista/7: You will need any one of Windows XP, Windows Vista, or 

Windows 7 installed in one of the laptops. This laptop will be used as the victim 

machine .

Types of Malware

 

Malware exists in many forms, below mentioned are some of the 
common types of malware  :


1. Trojan Horse – Trojan virus or Trojan horse is one of the most 
common types of malware, Trojan virus is mostly used to control the 
victims computer rather than infecting or destroying files on victims 
computer. A Trojan horse once installed into victims computer can 
give a hacker complete access to your computer. Trojans are one of 
the most dangerous forms of malware . 

2. Computer Viruses – A computer virus a malicious program which 
is mostly developed to infect a computer, once it infects a computer it 
replicates or reproduces itself. A virus is just like a parasite and it 

needs another host to attach to in order to infect a computer .

3. Worms – Worms are almost similar to computer viruses the only 
difference unlike computer viruses they do not require another host to 
attach to in order to infect a computer. Once a worm infects a 
computer it replicates itself. Computer worms are major threats to 
large networks.

  

4. Keyloggers - A keylogger is a hardware or software device which 
monitors every keystroke, screen shots, chats etc typed on the 
computer. A keylogger program does not require physical access to 
the user's computer. Any person with a basic knowledge of computer 

can use keylogger .
HARDWARE KEYLOGGER :

SOFTWARE  KEYLOGGER :

5. RATS – RAT is the short of “Remote Administration Tool” and is 
indeed one of the most dangerous types of malware. It’s very similar 
to a Trojan. Once a RAT is installed in a computer the attacker can do 
almost anything on the remote computer such as installing a 
keylogger, shutting down a computer, infecting files etc. 

Some basic commands for Kali Linux

Some basic commands for Kali Linux

File Operations

pwd                          Print Name Of Current/Working Directory
cd                            Changing The Working Directory
cp                            Copy Files Or Directory
rm                            Remove Files And Directory
ls                              List Of Directory Contents
mkdir                        Make Directory
cat                           Concatenate Files And Print On Standard Output
mv                           Move Files
chmod                     Change Files Permissions

Know Your System
                                                 
uname                      Print System Information
who                         Show Who Is Logged On
cal                           Displays Calculator
date                         Print System Date And Time
df                             Report File System Disk Space Usage
du                            Estimate File Space Usage
ps                            Displays Information Of Current Active Processes
kill                            Allows To Kills Process
clear                        Clear The Terminal Screen
cat /proc/cpuinfo      Cpuinfo Display CPU Information
cat /proc/meminfo    Display Memory Information

Compression

tar                            To Store And Extract Files From An Archive File Known As Tar File
gzip                          Compress Or Decompress Named Files


Network

ifconfig                     To Config Network Interface
ping                         Check The Other System Are Reachable From The Host System
wget                        Download Files From Network
ssh                          Remote Login Program
ftp                           Download/Upload Files From/To Remote System
last                          Displays List Of Last Logged In User
telnet                       Used To Communicate With Another Host Using THe Telnet Protocol

Tracing a website using command prompt – hacking tip

Tracing or Routing a website using command prompt. This tip is only meant for educational purpose. I mainly use this trick to find out the hosting provider where a particular domain is hosted.

Follow the below steps:

1.   Start->Run->CMD  ie; open Command prompt

2.  Type the following command and press enter.
       tracert www.websitename.com

in the above command, enter the desired website name.

Once you press enter, it tell you where a particular domain is hosted, Location, Country and some details of that domain.

Disclaimer: I am not responsible for this trick if this is used in a wrong way. I didn’t invent this method rather I myself found it somewhere else. Do not use this for Hacking purpose.