Pentester’s Guide – War Dialing & Port Scanning

December 16, 2016 | Views: 8901

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

When you hear “attack on a computer”, what do you think?

You probably think it’s some guy sitting behind a computer, using the internet to conduct attacks.

What people do not realize is that even if a computer is not connected to the internet, it’s still vulnerable to an attack through the magic of war dialers.

What are war dialers?

War dialers. also known as hammer dialers, are special programs that call some phone number and wait for feedback. If the feedback is received within the first ring, the program knows it’s a computer. Otherwise, it hangs up and dials a different number.

The word war dialing was popularized by the movie War Games.  Although most networks nowadays have protection against war dialing, a more modern approach would be a port scan.

Currently Juliar doesn’t support any war dialing (unless someone already created a module for it); however, it does have two operations:

  1. Port scanning,
  2. Figuring out whether someone is port scanning your computer.

Let’s talk about operations, first. We can easily do a port scan by using the Juliar fetch command with a range of ports (can be generated with a loop). So, by using something like *fetch=0,*range 80 1000 *  127.0.0.1 * we can do a full scan of open ports on our computers. This is done in Juliar by trying to connect to ports and seeing whether it can connect. If it can, it displays the results. You can probably speed it up by using *block * in Juliar where you have something like *set=x  *block *fetch=0,*range 80 500 * 127.0.0.1 *  **

*set=y *block *fetch=0, *range 500 1000* 127.0.0.1* ** **

*deblock *get x** *deblock * get y**

We can find if someone is port scanning our computer by setting a dummy Juliar program that, when activated, will output results to the screen. That’s right, we can use *socketset=x 80 *

*block *loop=Infinity  *socket_onconnect=x Someone is scanning us! *  *wait 1**

Hopefully, you enjoyed this tutorial!

Thanks for your time, and comment below if you have any questions!


Please sign a petition at https://www.ipetitions.com/petition/juliartokali to bring Juliar to Kali

If you like Juliar, please consider visiting https://www.juliar.org/forums

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
13 Comments
  1. Please change the TITLE..

  2. You should change the title to “War Dialing using Juliar”.
    I expect war dialing in general instead of this one.

  3. very informative, thanks for sharing!

  4. This taught me nothing

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel