Skip to main content

Sparta - Recon Part 3




Hello Hackers ! Welcome back to AnonzHub. This is out third  tutorial on recon series if You haven't gone through the first two tutorials of the series please Click the Links Below.



What is Sparta ?


Sparta which is an python GUI tool used for reconnaissance. Sparta is actually the Combination of following tools, many of which we have already used throughout this series on recon and Rest of it will be discussed later on:

Nmap
Hydra
Nikto
CutyCapt
Mysql-default
Snmp-enum
Smtp-enum-vrfy
Snmp-default
Snmp-check
Netcat




Installation:

>>apt-get install sparta


  • if You are facing some errors while installing the tool just update your System Executing these commands:
>>apt-get update
>>apt-get install sparta

Fire Up The Kali:


the first step is to fire up Kali. In this case, I will be using Kali 2.0 as Sparta is already built in. Go to Applications -> Information Gathering -> sparta and Right after Clicking The Icon The gui should Popup on the Screen.




Add Hosts:


To get started with Sparta, we need to provide it with hosts to scan and enumerate. If we click on the space that says "Click here to add host(s) to scope," it opens a window where we can add the IP addresses or the range of IP addresses to scan. We are also able to use CIDR notation to indicate an entire subnet such as 192.168.181.0/24.





Wait for The process to Finish Up:


During This Process The Sparta will perform Diffferent  Tasks (automatically) and the fallowing information will be obtained:


  • Open Ports on Target Server
  • Running Services of target Server.
  • Nikto Results Against Target server. (port 80)
  • Nikto Results Against Target Server (Port 443)
  • Performs Mysql Bruteforce for Common Password/Usernames.
  • Screenshot of Server (port 80)
  • Screenshot of Server (port 443).
  • FTP Bruteforce Test.




Sparta Results:


Sparta identified those two IP addresses and provided OS fingerprinting, identifying one as Linux and one as Windows. When I highlight the Windows system IP, it provides details of all the ports it found open and the services running.

Nmap results:

Sparta performs different nmap scans to find the open ports and services running on Open ports on the target server.







Nikto Results:

Interestingly, Sparta also runs a Nikto scan on the system if it finds port 80 open. We can click on the "nikto" tab to see results of the nikto web app vulnerability scan.




Sparta Tools:


One of the beauties of Sparta is that it integrates so many tools into this one single GUI. When we click on the "Tools" tab, Sparta displays numerous tools that we can apply to this target system including:

Mysql-default
Nikto
Snmp-enum
Smtp-enum-vrfy
Snmp-default
Snmp-check


Bruteforce Passwords:

Sparta can also brute-force passwords. Using Hydra, you can specify the IP, port, and service, then brute-force it.



For those who want a single scanning and enumeration tool with an easy-to-use GUI, Sparta is the perfect reconnaissance tool.
For More Tutorials on Hacky Shacky !Keep coming back, 
Labels:

Comments

Post a Comment

Popular posts from this blog

New Working Shopping Site SQLi Dorks

Post a Comment
Read more

Most Important XSS Cheat Sheet

8 comments
Read more

How to Install Mosh on you Linux ec2 Instance

174 comments
Read more