Posts

Showing posts from April, 2020

From the browser to the website

Basics When we have to connect to a website/webpage/server using the world wide web, we use a browser.
A browser follows the standard OSI model to initiate a data exchange between the browser and web host.
One can also  connect using their terminal and a preferred terminal tool for the same is Curl. The browser and terminal follow the same procedure.
First off when you type the URL into the browser, the browser uses the DNS system to find the IP address and the port on which in needs to connect.
After that starts the OSI model:

Application and Presentation layer: The browser accepts the URL, converts it to the HTTP or HTTPS and passes it on. Burp suite can be used at this layer.
HTTP stands for Hyper Text transmission Protocol

Example
GET /hello.htm HTTP/1.1
Session layer: The browser then builds a session with the web server and checks if the port and IP address given can be used or not. NMAP is a helpful tool for this layer

Transport layer: The data is now made into packets and the t…

Hacking passwords with USB? Extracting saved passwords by browsers? How to use LaZagne tool?

Hey Hackers! Today we will see how to use LaZagne tool and hack victim's passwords which are saved in browers. This tool can also be used as password recovery tool. Lets see how this works-

INSTALLATION-

Click on this link-https://github.com/AlessandroZ/LaZagne/releases/tag/0.9

Download the windows version, you can also go for linux version.

After you download, extract the file and you will find the LaZagne tool.

EXECUTING-

Now a command prompt window will open, now type  LaZagne.exe -h and press Enter.

Now open Notepad and type
laZagne.exe all > paswd.txt 

Save this and name it as run.bat

Now in the command prompt window type laZagne.exe all > paswd.txt  and press Enter.

Open the run.bat file using notepad and you will find all passwords which were saved in the browser.

To get this into USB, all you need to do is copy the run.bat file and paste it in USB and insert it in victim's pc and run the run.bat and you are done.

NOTE- But this tool only extracts passwords which are…