CodeXpace

This segment will be about Geometries, Routing Algorithms, Bootstrapping of Structured overlay. Structured P2P overlay A network overlay that connects nodes using a particular data structure or protocol to ensure that node lookup or data discovery is determinsitic. Distributed Hash Table(DHT)x A DHT that stores (key, value) pairs and is used for data lookups using a key. Key Based Routing The principle by which a message is routed to the owner of a key k from node n following the principle that either the node n owns the key or points to a node that is closed to a node that owns k terms of some key space defined by the DHT. Routing Table Data Structure, usually a table, at nodes that maintain links to other nodes in the structure. Churn Rate of node joins and leaves in a peer-to-peer network. Basic Features of Structured P2P Networks One way to understand the structured P2P overlays/networks and to compare various aspects include the geometries or data structures used i

Client Server Architecture In this Architecture, many clients request and receives from the servers. All the content and services are stored and provided by a server. Such centralization of the client-server architecture raises a series of issues which are caused by the limitation of resources at server side, such as network bandwidth, CPU capabilities, Input/Output(IO) speed and storage space. Grid Architecture Grid computing is rapidly emerging from the scientific and academic area to the industrial and commercial world. Current Grid computing systems are promminent implementations of client-server architecture for distributed computing. Main focus of Grid architecture is on interoperability among resource providers and users in order to establish the sharing relationship which needs common protocols at each layer of architecture. Peer to Peer Architecture P2P networks are decentralised distributed systems and enable computers to share and integrate their computing res

Peer to Peer Systems 1. Overview of Peer to Peer Systems 2. Client-Server To Peer-to-Peer Systems 3. Structured Peer-to-Peer Systems

This Segment we will explore the Peer to Peer systems. Napster featured a hybrid architecture in which the directory was stored on a server but peers directly transferred files between them. Applications : Number of peer-to-peer file sharing systems were developed to avoid legal challenges faced by Napster. The Majority of those second-generation file sharing systems were based on unstructured overlays. These systems dont any mechanisms for protecting the rights of content owners. Skype uses a superpeer model, and the superpeers support NAT traversal for connecting peers behind NATs. Characteristics found in most P2P systems: - RESOURCE SHARING - NETWORKED - DECENTRALIZATION - SYMMETRY - AUTONOMY - SCALABLE - STABILITY Within a maximum churn rate, the P2P system should be stable, i.e, it should maintain its connected graph and be able to route deterministically within a practical hop-count bounds. Exact number of nodes or peers that leaves / joins p2p network through

There is no promisc mode for standard bluetooth firmwares. With tools such as hci dump we can only read our own traffic. "hcidump -X -i hci0" So to implement bluetooth sniffer we will use the bluetooth modules once again Lets start digging into the code to sniff bluetooth packets. ##Required Libraries ##Method 'hci_open_dev(0)' opens a raw socket to the first HCI device. ##In socket object we will set the properity HCI_FILTER to be able to recieve all HCI events and packets type. ##now inside while loop we will read 3 bytes from socket 1. first byte represents the type of HCI packet 2. second is HCI byte 3. length of the packet i.e. packet is dumped bytewise in hexedecimal unless type is a HCI_ACLDATA_PKT and if so we print the whole packet as ASCII string you can find the whole code in the following repository Bluetooth Sniffer Checkout some more hacking scripts SECURING SYSTEM

For two different chipsets Ericsson and CSR codes exist that allows us to set new bluetooth address ,which makes spoofing possible. we can examine chipset of our bluetooth dongle by runnning command 'hcidump -a' Lets start digging into the code ##required libraries ##check if bluetooth adddress is passed as an arguement to this script or not and if not simply print usage and exit ##split the bluetooth address by colon into its bytes ##open the raw socket to the hci device with help of 'hci_open_dev()' method ##this is a cryptical vendor command ,here we are appending the new bluetooth address in the CSR-vendor comamnd ##change the command to hexadecimal else ASCII value of single chars get set ##Now finally we send the command via HCI to the firmware. and once we update the bluetooth address we must reset the chip ,as this can be simply done by unplugging dongle and plugging it again. you can check the whole code in this repository bluetooth spoofin

some bluetooth device may contain a hidden channel that is not listed by sdp and to which one connect without any password protection. once connected one can send any AT command and the mobile phone will execute without question. This can be used to completely remote control the device. The possibility of this exploit go from reading the phone book , calender to sending the messages ,making calls etc. Search for nokia AT commands and start executing them while performing this attack. Lets start writing the code ##required libraries ##check if proper arguements are passed to the script or not and if not simply exit ##set the arguement values to the variable ##create a socket object from lightblue library and pass the bluetooth address and the channel id to the connect method of the socket object. and connect to the device. ##once the connection is made start executing the nokia AT commands and once we will exit the loop we will simply close the socket connection You ca

The Blue Snarf exploit connects to an OBEX-Push profile, which is implemented on most devices without any authentication, and tries to retrieve the telephone book as well as the calendar by issuing a OBEX GET. ##Required Libraries ##Check if required arguements are passed to script or not and if not exit ##assign the arguements passed to the variables ##create an object of the obex client and pass the parameters and connect ##open both the 'phonebook.vcf' and 'calender.vcf' files to store the data and use the get() method of lightblue to download the files. get method needs two parameter first is dictionary where key consist of path to the remote file ,and second the parameter is an open writable file handle in which content of file gets written and close the file handle via .close() method ##disconnect the connection made You can check the whole code under this repository blue_snarf_exploit Checkout some more hacking scripts

Bluetooth OBEX (OBject Exchange) is a communications protocol that facilitates binary transfers between bluetooth enabled devices. ##Libraries required ##check if the required arguements passed to script or not and if not exit ##assign the values recieved over arguements to the variables ##firstly we will create a new OBEXClient object by calling the "OBEXClient() and pass the Bluetooth address and channel as parameter" Then method connect tries to connect to the specified tupel ,and if the connection is made we use the put() method to send a file The first parameter for the put() method is dictionary ,this just defines the what the name of the file will be on remote device and second parameter is a file handle to a binary opened file.and the connections and socket are closed. You can check the complete code in this repo : OBEX Checkout some more hacking scripts SECURING SYSTEM

Each service can be listed via SDP ,but its not an actual requirement .So thats where the RCOMM comes into the picture ,it will try to access all the 30 channels to see what is running on the target address. We can consider RCOMM scanning as the port scanning for bluetooth . It is making a full connection to each channel, no packet tricks, no nothing. If it reaches a channel that needs further authorization the owner of the scanned device is asked to authorize it and for an encrypted link layer to even enter a password. If the owner chooses to not authorize the connection the socket connection is closed. The user interaction needs time. Time we can use to determine whether the port is really closed or filtered. ##Implementation details: The Idea is to call the function alarm before executing connect. If the connect call doesn’t return before timeout seconds are reached the signal SIGALRM gets triggered, which executes our handler function sig_alrm_handler(), that was previously

SDP(Service Discovery Protocol) : A bluetooth device can be queried which services it offers. It returns information about the channel the service is running on ,the used protocol ,the service name and a short description. For this we will use the python module `bluetooth` ,for bluetooth related operations. ##Required libraries ##check if the parameters required to this script are passed or not and if not exit and print usage. ##use find_service() method ,it recieves the target address as parameter and return a list of services. As the list contains the dictionaries which items are the described properties service until list returned is not empty. you can clone the whole code in the following git repo : SDP Browser Checkout some more hacking scripts SECURING SYSTEM BLUETOOTH ATTACKS STEALING AND SNIFFING ATTACKS KALI LINUX HACKING COMMANDS CHEATSHEET

Bluetooth is a wireless voice and data transmission technology, which can be built into mobile phones, PDAs, USB sticks, keyboards, mices, headsets, printers, telephone facilities in cars, navigation systems, new modern advertisement posters, umbrellas etc. In contrast to infrared, Bluetooth doesn’t rely on direct visual contact to connect to devices. Lets start the scripting the bluetooth scanner in the python we will use existing libraries for this . ##Modules Required - lightblue - bluetooth First of all we need to start our bluetooth device / turn on the bluetooth ##Method finddevices() returns the list of tuples as (hardware address ,device name ,device class) we can set the optional param getnames=False by doing this we can skip the name resolution but it maye take some extra time as bluetooth makes an extra connection just to resolve every name. you can clone the whole script from this repository : bluetooth_scanner Checkou

Introduction Web scraping is a mechanism of using bots to extract data / content from the internet / website . The web scraping software may directly access the World Wide Web using the Hypertext Transfer Protocol or a web browser. While web scraping can be done manually by a software user, the term typically refers to automated processes implemented using a bot or web crawler. It is a form of copying in which specific data is gathered and copied from the web, typically into a central local database or spreadsheet, for later retrieval or analysis. [source wiki] How to scrap images from google? we will use python as a base language and libraries like beautifulsoap ,selenium ,os ,time etc to create a scraper from scratch. ## Required Libraries ## 'download_image' : Method to download each image with help of requests library and if the status returned is 200 then we will write the image into our machine via file handling. ## 'download_failed : it is a variable with w

This only works in the windows machine since windows only support the command 'netsh wlan show profiles' ##required libraries ##"netsh wlan show profile" is a command to fetch the network names to which the system has connected ,execute this command with help of subprocess library ##fetch all network names from with the help of regex from the output of the netsh command executed with help of subprocess and once we filter the network names we will run another netsh commmand this time with network name as parameter along with key=clear ,this will show the password in plain text ,and then we will add the passwords to our string variable f_output. ##once the passwords are fetched we will start appending them into the text file. ##we can even send this password as mail to ourself from our own mail-id in case this is given to victim's in executable form . we need to fill in the mail-id as well password to make it work. NOTE : we can even add this as the func

##Backdoor based on TCP server and client with python Server side code : 'server.py' "server.py is the code which will be running on the attacker's machine" ##required libraries ## create socket object ## generate_socket_and_listen method is to generate socket (i.e. bind an ip address with the port number) and listen for the incoming connections ## once the victim opens the executable in his/her machine ,and the socket recieved the incoming connection ,then shell method will be executed . since we have the shell from the victims machine we can do anything like perform any os command ,or execute manually written commands like get ,download ,start ,upload "download -> download files from victim's machine" "upload -> upload files to victim's machine" "get -> download files from the internet to victim's machine" "start-> start other applications on victim's machine" ## we will use