Sie sind auf Seite 1von 5

Walllock cyber security and

computer hacking forensic


investigation

INFORMATION GATHERING
0

With Sir War10ck


Page
INFORMATION GATHERING AND SCANNING WITH SIR WAR10CK BY TANYARADZWA MARWA M

8. Information gathering and Scanning

Why Information gathering?


• Information Gathering can reveal online footprints of criminal.

• Information Gathering can help investigator to profile criminals

Information gathering of websites


We need to gather the following information about the website :

• Whois Information

• Owner of website.

• Email id used to register domain.

• Domain registrar.

• Domain name server information.

• Releted websites.

We can use website www.domaintools.com for this puropse.

Whois
Whois is query to database to get following information.

1.Owner of website.

2.Email id used to register domain.

3.Domain registrar.

4. Domain name server information.

5. Releted websites.

Reverse IP mapping
INFORMATION GATHERING AND SCANNING WITH SIR WAR10CK BY TANYARADZWA MARWA M

• Reverse IP will give number of websites hosted on same server.

• If one website is vulnerable on the server then hacker can easily root the server.

• Domainbyip.com

• Trace Route

Information Gathering Using Search

Engine
• Search engines are efficient mediums to get specific results according to your requirements.

• Google & yahoo search engine gives best results out of all.

• But Specifically using www.kartoo.com will give us good information about the search.

• This type of search engines retrieves results from different search engine & make relation or

connections between

those results.

• Maltego is an open source intelligence and forensics application.

• It allows for the mining and gathering of information as well as the representation of this

information in a meaningful

way.

• Coupled with its graphing libraries, Maltego, allows you to identify key relationships between

information and identify

previously unknown relationships between them.

• Almost 80% internet users use blogs/forums for knowledge sharing purpose.

• Information gathering from specific blog will also helpful in investigations.

• Information gathering from Social Networking websites can also reveal personal info about

suspect.
INFORMATION GATHERING AND SCANNING WITH SIR WAR10CK BY TANYARADZWA MARWA M

• Many websites stored email id lists for newsletters. These email ids can also be retrieved using

email spiders.

Detecting ‘live’ systems on target network


Why Detecting ‘live’ systems on tagret network ?

To determine the perimeter of the target network /system

To facilitate network mapping

To build an inventory of accessible systems on target network

Tools used for this

War Dialers

Ping Utilities

War Dialers
A war dialer is a tool used to scan a large pool of telephone numbers to detect vulnerable modems

to provide

access to the system.

A demon dialer is a tool used to monitor a specific phone number and target its modem to gain

access to the

system.

Threat is high in systems with poorly configured remote access products providing entry to larger

networks.

Tools include THC-Scan, ToneLoc, TBA etc.

The term war dialing implies the exploitation of an organization's telephone, dial, and private branch

exchange (PBX)

systems to infiltrate the internal network and use of computing resources during the actual attack. It
INFORMATION GATHERING AND SCANNING WITH SIR WAR10CK BY TANYARADZWA MARWA M

may be surprising

why we are discussing war dialing here as more PBX systems are coming with increased security

configurations. However,

the fact remains that there are as many insecure modems out there that can be compromised to

gain access into the

target system. What had initially caught the fancy of hackers in the movie 'war games', still manages

to find carriers

leading to compromise of systems. The war dialer in War Games is not very sophisticated as it only

finds phone numbers

which are suspected to be computer dial-in lines. A more aggressive version might actually attempt

to determine the

operating system, and a very aggressive version might attempt to perform some automated break -

in attempts itself. If A

real scanner with this functionality will attempt to analyze the carrier information, the negotiation

and presence of

protocols and/or banners to attempt to determine the remote system. It will then attempt to use

default

username/password combinations for that system.