Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Mass Scanning/Hacking - Having fun with ZMap and a script I wrote

  • 0 Vote(s) - 0 Average


04-17-2017, 05:21 AM #1
Ammar_Ahmad Offline Junior Administrator **********
Junior Administrator
Posts:29 Threads:2 Joined:Jun 2012 Reputation: 0
Mood: None
Before I write about my own script, I would like to introduce you to ZMap. 
ZMap is a tool which can be used to scan a port on the internet very quickly. What it basically does is sends out SYN packets without waiting for the ACK from the server to be returned. By sending out packets in this configuration, the tool is able to scan the internet for active IP's very quickly.

Now in order to use ZMap, all you need to do is get it from:
Code:
https://zmap.io/download.html

As I am running Ubuntu as my primary machine, I can use the following command to begin the scan:
Code:
zmap -p 80 -i wlan0 -o result.csv -r 10000

*** the tool requires root permissions so run this under 'sudo' command.

flags:
port_number: -p 80 (use port 80 for scans)
interface: -i wlan0 (It will scan wireless for me. If you are connected via a LAN cable, your interface name might be eth0 or something else. You can get a list of all interfaces by doing 'ifconfig' command in the terminal)
output: -o result.csv (Save the output file as result.csv)
rate: -r 10000 (The rate at which to send the packets out at. Depends on how good your internet connection is) 

So this is what the output will look like once you run the command:
[Image: INrLo90.png]

Let it run for a while and then do 'ctrl+c' to stop it.
A file containing all the IP addresses will be saved in the home directory.
[Image: JOH2rFc.png]

Basically now you got a list of targets to hack. Most of them are back-ends to big companies. Here is an example of someone I recently hacked:
[Image: MfszVAr.png]
[Image: XZNolYv.png]
[Image: rxlCMNa.png]

'Now hold on ammar. You want us to visit each and every one of those IP's one by one and look at them? Whats the point of this when I can use google to do the searching for me?' - Random_forum_user_9000

This is where my script comes handy. What my script basically does is it reads each and every IP from that list and then visits it and stores basic details about it such as the title, description and the IP itself into a nice SQL database for you to search easily.

My python script is attached in the URL below:
Code:
https://gist.github.com/ammarx/a9fb922099cbcd3fc512982be3cab273

Make sure to change the file path '/home/ammar/result.csv' to the file pointing on your computer and the settings for the connection string (mine are 'root', 'root', localhost)

Before running the script make sure you create the following table in your database:

Code:
https://gist.github.com/ammarx/a9a2290df4e86a4c42c6fe078b6536a1

Here is what the output will look like when your run my script:
[Image: 7L7sWt9.png]

And the database:
[Image: PAjeMBQ.png]

And the number of actual data I have:
[Image: iSxj2Rx.png]

Now you got a list of targets. Yes a lot of those are easily hack-able as I have demonstrated above. A lot of those are backup servers or back-ends, so the destruction you can do is a lot!

Using an SQL Query like:
[Image: UUXdlo9.png]

Usually gets you some interesting results *aham*entire website backups*aham*

Have fun (:

I make nice applications.  Follow me on twitter: https://twitter.com/#!/Ammar_Ahmadx

04-17-2017, 07:32 AM #2
zHypnogaja Offline # **
Registered
Posts:3 Threads:1 Joined:Mar 2017 Reputation: 0
Mood: In Love
good, thx Smiley1

04-18-2017, 02:17 AM #3
1337 Offline Don't PM me for help, post it on forum ! *******
Administrators
Posts:520 Threads:106 Joined:Jun 2012 Reputation: 21
Mood: Hacker
Great share bro Biggrinsmiley

[Image: 28jeale.jpg]
[Image: 2mzgpld.jpg]
------------------------------------------------
[#] CodeName: 1337
[#] Email: [email protected]
[#] Zone-H: http://zone-h.org/archive/special=1/notifier=1337
[#] Facebook: https://www.facebook.com/MaDLeeTs.phtm

-------------------------------------------------

[Image: o8rq6s.jpg]

04-18-2017, 06:18 PM #4
h3llcat Offline IfrahIman **
Registered
Posts:10 Threads:2 Joined:Mar 2017 Reputation: 0
Mood: Hacker
wow great 1337






Forum Jump:


Users browsing this thread:1 Guest(s)