Skip to content
November 17, 2008 / technocrawl

Information Gathering using Firefox

The First and foremost step in hacking would be the “Information Gathering“, many of them use various different Tools for the network Reconnaissance, but here is a trick that reveals you how to gather Information about the target system just by using a Browser “Firefox”.

The Information Gathering includes the following basics,….

Domain name and IP address
Open Ports
Daemon Banner Grabbing
OS Finger Printing
Server name and Type

Well, Domain name is the prime thing that you need, at least to identify the target, obtaining the IP address can be done just by pinging.

For the Open port detection, you might better go for third party tools and once the open ports are obtained you can use the telnet for the Daemon Banner grabbing, to know what the actual process thats running on the port along with its version info, so that you can easily launch an exploit to compromise the security if the daemon running on the target is a vulnerable one.

Here comes the real tough part “OS Fingerprinting“, most of them use ‘Nmap’ for obtaining OS info and also it is the right choice for doing so.

Whois” – database will reveal what type of server is running on the target machine, but you can find it out just by using Firefox. You can really launch hell a lot of exploits if you know the server type on the target machine, and if it is IIS 6.0 or lesser, then it would make the task easier.

Open up the Firefox browser, and browse the target website just like a legitimate user, and once done with it open up a new tab (CTRL + T) and close the previous tab, type “about:cache” in the URL and hit enter and it will list you the following…

Memory cache device
Disk cache device
Offline cache device

Down below the “Disk cache device” click on the link that says “List Cache Entries“,
there you can see a brief history of the sites that you visited. Click on your target site’s link and it will display you the server type along with its version in a clear text, also you ca find the packet Header, Request method whether it is a Post or Get.
and down below you can analyze the payload of the datagram shown in hexa-decimal values.
This part is real interesting and looks similar to a Sniffer.

Now you got the server type and its version, and now you can launch exploits according to the version.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: