How to Anonymously Scan a Website using Linux Nmap
This short tutorial assumes you have at least some experience of using Linux CLI & is for Educational Purposes ONLY
If you're reading this, then I guess I got your attention by the post subject - it is an attention grabber, and "How to" is one of the highest rated questions asked on Google (filter bubbles) & SEO.
Like most people in security with Linux I prefer the CLI rather than GUI's.
Firstly, you will need a Debian-based Linux distribution, for this I will use the popular Ubuntu. Please note I have sudo installed
Kali Linux comes with all these tools right from the box. So, you can skip the installation instructions.
Open a Terminal window
Install Nmap
Nmap is the tool most hackers use to conduct reconnaissance on a remote target. So, in this tutorial, we will suppose that you have a minimal knowledge of how to use this tool.
To install Nmap, use the command line below:
sudo apt-get install nmap
Install TOR
Tor is the most used software in the world to protect privacy while surfing the internet and sometimes to access the deep/dark web. So, in order to protect your privacy, you just have to download and install the tor browser from; https://www.torproject.org we are going to use the command line version of TOR.
To install it, just type the following command:
sudo apt-get install tor
Install Proxychains
Proxychains is the tool used to send an application’s traffic through the network while staying anonymous. It is used to route all network traffic incoming and outgoing from an application to a local or remote proxy address. We will use it to route all the Nmap traffic through the anonymous network TOR.
To install proxy chains, just type:
sudo apt-get install proxychains
Start scanning anonymously
Once all these tools are installed, everything is correctly configured with the default setting, so you can start surfing anonymously without any problem.
sudo proxychains nmap -sT example.com
Additional Notes
If you are unsure if you have the latest version of any program then update it using the following:
sudo apt-get update name_of_program
NOTE: Configuring Proxychains
To configure proxychains, you have to modify its configuration file situated in : /etc/proxychains.conf
Just type the following:
#nano /etc/proxychains.conf
when it opens the file, go to the last line, and you should see this:
socks4 127.0.0.1 9050
This line refers to the default port on which tor is connected to.
But, you can add as much lines as you want in order to add proxy sites.
NB: You have to be root in order to modify this file, otherway the modification will not be applied.
Here is how to configure the proxychains - Until I get a few minutes on how to do this and add it on to this post.
https://null-byte.wonderhowto.com/ho...hains-0154619/
I really need to cover Configuring Proxychains in much more detail than I have entered above, therefore I will cover this is a separate tutorial.
NOTE for "Script-Kiddies"
Script-kiddies normally make the same mistake when trying public hack1ng using old hackers scripts, they don't cover their digital-footprint, or even their IP addresses, and then wonder how they get caught.
Re: How to Anonymously Scan a Website using Linux Nmap
My daughter's boyfriend is a right cunt and he's pissing her about. Could I use something like this to wipe his hard drive or take control of his Renault Twingo?
Re: How to Anonymously Scan a Website using Linux Nmap
When you exit tor ,how do you go about
Showing a specific geo location .
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
plug1
When you exit tor ,how do you go about
Showing a specific geo location .
That is part I intend to follow up, but it is pretty simple to setup, please check the following website:
https://null-byte.wonderhowto.com/ho...hains-0154619/
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
CzarJunkie
My daughter's boyfriend is a right cunt and he's pissing her about. Could I use something like this to wipe his hard drive or take control of his Renault Twingo?
Well, CzarJunkie,
Nothing in the world is 100% secure, but the Renault Twingo lol, that is out of the question. Yesterday, Apple announced they are testing their new iCar...
There are ways and means of destroying hard drives, and you could use the proxychain & TOR to hide yourself.
We need to conduct reconnaissance on our victim
If you look at Stuxnet, which destroyed many computers - it only goes to show it is possible to damage hardware using software, with a C+ null-loop.
A null-loop is not the same as an indefinite loop, it only runs to a predetermined number. We can use null-loops to takedown websites using a very basic computer.
All you do is send a function for "Connection: Keep-Alive" but at the same time we have a null-loop which can run in C+ or python, by placing a delay on pings, it will keep the connection alive, the server cannot close the connection due to data still being sent.
It is not the same as trying to send multiple packets of data using a standard Ping, the server or system your connected to would close the connection. We need to 'keep the connection alive', this is where we need a good set of proxy connections.
Using a null-loop and a "Connection: Keep-Alive", allows a person using just a single PC to cause a DDOS attack, the packet data is small, and does a burst on the victim with 1,000's of packet data. A standard ping from a computer cannot handle sending thousands of packets a second, but building a back-log will cause problems to a victim.
You may ask what the above has to do with your hard drive question, the answer is very simple both need an open connection which must stay open, while other information can be sent. So, what we have done so far is bypassed a standard firewall on any system.
The next part would be, bypassing any AV solutions. We can build our own polymorpher in C+ and push it thru the Keep-alive pinging. There's 3 parts to any malware, non of them can be executable. All antivirus systems use definition files & zero-day exploitation methods, but this only works, if the AV solution recognizes the first 2 lines of code, which must be similar to its own definitions and have the properties of malware. In C+ we can push all 3 parts thru the connection, when we push we also specify a path where all 3 files are.
Now we can remotely assemble the malware, ransomware, etc using the 2nd file to pull the 1st and 3rd files in and compile them. Now, if we left off the polymorpher and we got to this stage you would cause the AV to flag your file.
At this point, you would normally uploaded a live copy to VirusTotal to see which AV's will flag it, if it is only around 2 then you should be fine, all green ticks would be good, but not always possible.
No, AV will flag the malware because the polymorpher will move it around the system, and changes it's checksum each time.
If you sent a variation of ransomware then you will encrypt all files, including any log files so make sure .log is in the list, depending on the config of the main 1st config file that was sent.
I would recommend Kali Linux to do all this because you have many more tools at hand and its one of the fav's for hackers. Ransomware variants can cause a SSD drive to brick on reboot, or a HDD into a piece of junk.
You can do a lot of damage these days SMiShing, most people fall for it, because it is quite new, the figures of people with any sort of AV solution on a mobile is very low.
Re: How to Anonymously Scan a Website using Linux Nmap
My friend Harry, well I say he's my friend but really he is someone I have met as my girlfriend Brenda has really bad feet and goes to the chiropodist anyway Harry is the chiropodist's son and while I was waiting for Brenda to finish having her feet sorted out he was waiting in the waiting room for his dad to finish as he was taking him to his speech therapy class as he has a really bad stutter told me, well I say told me it did take quite a long time for him to get it across and I'm not sure but I think he was getting annoyed when I kept guessing the word that a guy on Facebook tried 'grooming' his 15 year old sister! Would this help to get back at him please.
Thank you in advance
Brian
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
BrianSnail
My friend Harry, well I say he's my friend but really he is someone I have met as my girlfriend Brenda has really bad feet and goes to the chiropodist anyway Harry is the chiropodist's son and while I was waiting for Brenda to finish having her feet sorted out he was waiting in the waiting room for his dad to finish as he was taking him to his speech therapy class as he has a really bad stutter told me, well I say told me it did take quite a long time for him to get it across and I'm not sure but I think he was getting annoyed when I kept guessing the word that a guy on Facebook tried 'grooming' his 15 year old sister! Would this help to get back at him please.
Thank you in advance
Brian
What the fuck ?
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
piggzy
What the fuck ?
Welcome to the weird world of BrianSnail.
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
piggzy
What the fuck ?
Search for 'facebook' on DF...
1 Attachment(s)
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
BrianSnail
My friend Harry, well I say he's my friend but really he is someone I have met as my girlfriend Brenda has really bad feet and goes to the chiropodist anyway Harry is the chiropodist's son and while I was waiting for Brenda to finish having her feet sorted out he was waiting in the waiting room for his dad to finish as he was taking him to his speech therapy class as he has a really bad stutter told me, well I say told me it did take quite a long time for him to get it across and I'm not sure but I think he was getting annoyed when I kept guessing the word that a guy on Facebook tried 'grooming' his 15 year old sister! Would this help to get back at him please.
Thank you in advance
Brian
Hi there, I normally do not get involved in such cases, but I will give you details on the latest Facebook hacking procedures.
You could search the internet, but you'll probably hit many tutorials that will fail to get you in to any account. Many people say this is guaranteed to hack facebook accounts.
Try these hacks first...
https://null-byte.wonderhowto.com/ho...m-them-0139532
Facebook changes everyday, if you're not sure how to do it after reading those steps then come back here and I'll show you how to reverse-engineer the header code. It is a bit more difficult to do and the chance of success is higher.
Make sure you are logged out of Facebook before making any attacks. And, make sure your IP is hidden, before hitting Facebook.
Use their search if need be, thousands of accounts are hacked everyday, but the highest used part of Facebook is their Search for email addresses, mobile numbers or memberIDs - this accounts to over 2 billion requests per day.
Re: How to Anonymously Scan a Website using Linux Nmap
Thank you for the great and quick reply Mr Threatbot1 I have tried to pass this onto Harry the email message is returning bounced I don't really know what this means but I did try ringing him as he gave me his phone number but I think he made a mistake on the number because every time I ring it gets answered by Doves Funeral Directors, they are a local funeral directors and actually did the funeral my gran when she died and they were very polite and helpful but they didn't know Harry even when I described him although they did know his dads shop but they had to go because they were very busy, I still miss her loads now anyway I did ring the chiropodists to ask his dad but it's bank holiday Monday and it's not open but the Funeral directors was open I guess they still do funerals on bank holidays but not feet anyway I got a recorded message which said we are not open today but I could leave a message so I said could you ask Harry's dad to ring me and gave my number so hopefully he will, I was going to walk round there before I phoned as it's only about 1 mile although I normally take my bike but it has a puncture but my hay fever is playing up and even when I put Vaseline up my nose it does not seem to help and I know it's a bit off topic but do you know any good home remedies for Hay fever as you seem so knowledgeable and helpful.
Many thanks in advance
Brian
Re: How to Anonymously Scan a Website using Linux Nmap
I find it really hard work reading your fucking posts Mr Snail
Re: How to Anonymously Scan a Website using Linux Nmap
I am sorry to hear that Mr piggzy I do my best to make sure I get what I need to say across as best I can and try not to ramble on as my old school teacher Mrs Morris used to say 'Brian you are a lovely little boy but sometimes I wish you would take a breath' which is funny because you would die if you didn't but I used to just say ok Mrs Morris because she could be really strict as one time she caught David Burrage passing messages and made him read it out to the whole class and it said he really liked Angela Jenkins and he went really red anyway I will try and make my messages easier to read, do you know any home remedies for Hay fever, I don't know if you suffer from it but you might know anyway.
Thank you in advance
Brian
Re: How to Anonymously Scan a Website using Linux Nmap
I do suffer from hay fever and fuck all helps in my case. You could try a squirt of expanding foam up each nostril..
Re: How to Anonymously Scan a Website using Linux Nmap
Quote:
Originally Posted by
piggzy
I do suffer from hay fever and fuck all helps in my case. You could try a squirt of expanding foam up each nostril..
I'm sorry to hear you do suffer with hay fever I know how nasty it is, I have tried putting cotton wool up my nose but I sneezed on the bus last summer with it in and they both shot out across the bus and they had some nasty stuff on and a man was very rude and threatened me because he thought I threw them at him so have not used it since, I have not heard of using expanding foam how does that work? I did ask my doctor for help but he wanted to give me some steroid spray he said would help but I was scared of growing breasts so refused and there is a boy in our street has breasts but he is rather large, not sure if he has hay fever though, have you tried steroid spray? and if you have did you grow breasts?
Thank you in advance
Brian