scapy for hacking

Scapy is a Python based program. It's using for packet building. Actually you can build the complete IP packet using scapy. It's very useful achieve following hacking techniques.

1. IP spooifng.
2. ARP spoofing.
3. SYN flood.
4. Traceroute.

And more more other things can be done using this tool.
First we will start from Traceroute.

Traceroute.
Traceroute is a tool used in Windows to trace the route to a particular destination address. That's means the intermediate hops situated between the destination and source. In Windows cmd simply type tracert <destination> . Then it will gives you a clear image of what are the intermediate hops. But pathping in cmd gives us comprehensive view of what are the hosts between destination and the source and also the packet loss also between each intermediate host.
This tool can be written using scapy module in python. Actually how the traceroute happens. Every IP packet has a field called ttl(time to live). This field define how many hops the packet can go. If ttl equals to 5, that's mean it can only go through 5 hops.When it received to the nearest host it will reduce the ttl value by one. So let's say we put the ttl value of a packet to 2 and we send it as a ICMP packet...Then the replies came are from the 2nd hop from the source. If we look at the received packet's source address we can determine who are the 2nd hop from the source. So following is the code to achieve these things in Python.

#! /usr/bin/python
from scapy.all import IP,UDP,ICMP
packet = IP(dst = destination add. ttl = 5) / ICMP()
reply = sr(packet)
print reply.src 

This code will print the 5 hosts between the source and the destination.

IP Spoofing.

How to make your own Decompression bomb

What is a decompression bomb.

Decompression bomb is a file which is compressed that apparently looks very small file but when it decompressed it becomes a huge file which will eat your disk space and memory to copy. It may be freeze your machine or corrupt files and may be damage to OS.

What is the technique behind this.

The technique is compression. ZIP TAR RAR ...etc. These compression tools get the files' bits and match the patterns. For these patterns they adds certain bits to identify at the decompression. Advantage of this use to make a decompression bomb.

Let's make it.

I will introduce here you 2 ways to make a Decompression bomb your self.

Using Linux

Get terminal and type as follow

dd if=/dev/zero bs=1024 count=1000000 | zip bomb.zip -

  /dev/zero is a device file which is null. This will create a 1gig null file and zip it as bomb.zip. bs is for Block Size and as count you can specify the size of the bomb. Remember to put the Dash at the end.

In this method I've tested it created 1Gb file into 1Mb zip.
Using Notepad in windows.

Using notepad also we can create a Decompression bomb. We can write a null file using Alt+255.

Open notepad, turn on num and hold Alt , type 255 with Alt. Then you can see null (zero) block written. Type this for several times , select all , copy it and paste it. Paste several times and select all again and then you can copy a big block. Like that you can create a huge txt file with zeros.

After you've create the txt you can see the size of your file. This may be 500mb or may be few Gbs. Copy the txt and make several copies of this txt in the same folder. Open the cmd in the same directory and type copy /b *.txt bomb.txt 
This will be create a one file called bomb.txt including all copies that you created. Make a zip file by this bomb.txt.

In this method i tested it created a 4Gb txt into 8Mb zip

How to Reset Linux Root password without login

Access Single User Mode (Reset Root Password)

To reset the root password of your server, you will need to boot into single user mode.
Access the Manage section of your server in the customer portal and follow these steps. The option depends on the bootloader version on the machine:

CentOS 6

1. Click [View Console] to access the console and click the send CTRL+ALT+DEL button on the top right. Alternatively, you can also click [RESTART] to restart the server.
2. You will see a GRUB boot prompt telling you to press any key - you have only a few seconds to press a key to stop the automated booting process. (If you miss this prompt you will need to restart the VM again)
3. At the GRUB prompt, type "a" to append to the boot command.
4. Add the text "single" and press enter.
5. System will boot and you will see the root prompt. Type "passwd" to change the root-password and then reboot again.

Debian, Ubuntu, CentOS 7

1. Click [View Console] to access the console and click the send CTRL+ALT+DEL button on the top right. Alternatively, you can also click [RESTART] to restart the server.
2. As soon as the boot process starts, press ESC to bring up the GRUB boot prompt. You may need to turn the system off from the control panel and then back on to reach the GRUB boot prompt.
3. You will see a GRUB boot prompt - press "e" to edit the first boot option. (If you do not see the GRUB prompt, you may need to press any key to bring it up before the machine boots)
4. Find the kernel line (starts with "linux /boot/") and add init="/bin/bash" at the end of the line
5. Press CTRL-X or F10 to boot.
6. System will boot and you will see the root prompt. Type "mount -rw -o remount /" and then "passwd" to change the root password and then reboot again.