In doing hacking process, the most important thing to do is prepare the tool and understand how to configure the tools correctly. Most of the time when the tools not working properly, it is caused by misconfiguration of the tools. In this class, i’m using Kali Linux as the main tools for hacking. Kali Linux not only have hacking and penetration testing tools but also has a built in forensic tools. Forensic is focus on evidence while penetration testing focus on testing the vulnerability of the target.
Most of the tools in kali linux runs on Terminal or Command Prompt and most of the script uses python script. So another important thing to do in this class is to LEARN PYTHON. There are a lot of online tutorial about how to learn python. And python is usually used as prototype to test the hacking tools so it is very important to minimize the mistake while doing the actual hacking.
These are example of tools in Kali Linux
This week i’ll try to explore one of the tools. One of the most useful tool in Kali Linux is wireshark. Wireshark is a networks sniffer used to read the packet received and sent from and to the host computer. This is the network capture of the wireshark while listening to ethernet connection.
In this capture, you can see the source, destination, protocol, length, etc.
Time, determines when the packet is received/sent from when the wireshark is started.
Source, the source IP of the packet.
Destination, the destination of the packet.
Protocol, the protocol used by the packet.
Length, the length of the packet being sent/received.
Info, additional info of the packet.
If you want to follow the pacific packet, you can right click on the packet and follow the packet stream.
The image above is the content of the packet, and wireshark will now only display the packet sent/received by those specific source of the packet.
There are a lot of features of wireshark to be explored, but this is the basic of wireshark. Once again, wireshark is a very important tools mainly used in forensic to analyse the malicious packet, etc.