This tool comes pre-installed in Kali-Linux. For using the sparta simply type sparta in linux terminal and sparta will start in GUI as shown below.

USAGE OF SPARTA :-

• After starting sparta, click on the “click here to add host(s) to scope“
• enter the IP ranges 192.168.1.1/24 or you can enter your own IP ranges.

• After entering the IP ranges click on “Add to Scope“

• After clicking, sparta will start the scan on the given IP ranges and list host will appear in the host list as shown below.

• In the above screenshot, sparta has scanned 5 host. From here different tools can be used to gather information of the target.
• In the above screenshot, below it shows the progress of the no. of scans which sparta is using.
• By default sparta runs nmap scan on IP ranges and try to gathers information such as open ports.
• Open ports can be used to attack on particular services that are bind with such ports.

INFORMATION :-

• Click on information tab.

• By clicking on the information tab, sparta gathers information like IPv4 or mac address. This information can be used in other hacking activities, say ethical hacking teachers.

• Sparta uses nikto with port 80 to scan the IP 192.168.1.1. It shows the router company and showing XSS header is not set which means XSS script attack can be done.

• The above screen shot shows SSL info. This information can be used in other hacking activities.

• Separate scanning can also be done by Sparta. Sparta offers different methods which is used in pentesting and as well as in information gathering.
• Open router IP in browser to check router default page.
• Sparta also offers to send listed IP to brute. Using brute, it will use dictionary attack to gaining access to the target IP.
• The above information can be used in other hacking activities because sparta offers many penstesting tool in simple GUI.

• The sparta can also be used to bruteforce the the IP. From the above list of active hosts. We have taken one of the IP to bruteforce.
• For bruteforcing on selected IP. Go to open ports. Right click on port 445 and then click on send to brute.
• Then go to brute tab.
• Enter the details username and password assuming username and password and click on run.
• You can also use wordlist of your choice or generate one using crunch in cracking the username & password.

• After clicking on run Sparta has found one password of the following IP. This tool can be used to bruteforce and gather information.
• Sparta also uses enum4linux to  enumerate the target and tries to gather information as possible.

DICTIONARY ATTACK :-

• Dictionary attack can also be done using sparta as it offers to choose list of dictionary or you can create your own wordlist using crunch & use your own list also of your choice as shown below.
• Simply click on Browse and select the list to use.
• Then click on run.

• In the above screen shot, dictionary attack has cracked the password of the target IP.

Ethical hacking researcher of international institute of cyber security say that sparta offers many features which can be used in information gathering and pentesting.

The post Scan, Crack passwords using Sparta appeared first on Information Security Newspaper | Hacking News.

As all of you know, reconnaissance is critical to being successful in a pentest or hack. Recon is where we gather all the information we need to determine the best strategy for hacking. Without good recon, we are likely to waste many hours and be unsuccessful. Professional hackers know that good recon is key to success.

In this tutorial, I’d like to demonstrate another recon/enumeration tool named Sparta—a Python script that integrates several recon and enumeration tools into a single, simple to use GUI. Sparta integrates the following tools, many of which we have already used throughout this series on recon:

• Nmap
• Hydra
• Nikto
• CutyCapt
• Mysql-default
• Snmp-enum
• Smtp-enum-vrfy
• Snmp-default
• Snmp-check
• Netcat

Sparta is built into Kali 2.0, but if you don’t have it, you can get it from the Kali repository by typing:

kali > apt-get install sparta

Step 1: Fire Up Kali

Of course, the first step is to fire up Kali. In this case, I will be using Kali 2.0 as Sparta is already built in. Go to Applications -> Information Gathering ->sparta.

When you click on it, a GUI like that below will open.

Step 2: Add Hosts

To get started with Sparta, we need to provide it with hosts to scan and enumerate. If we click on the space that says “Click here to add host(s) to scope,” it opens a window where we can add the IP addresses or the range of IP addresses to scan. We are also able to use CIDR notation to indicate an entire subnet such as 192.168.181.0/24.

After adding our IP host range in the Window, click “Add to scope.” Sparta will start scanning your hosts now.

Step 3: Sparta Results

When Sparta is done scanning, it will provide you results like that below. My subnet had only two machines on it. As you can see, Sparta identified those two IP addresses and provided OS fingerprinting, identifying one as Linux and one as Windows. When I highlight the Windows system IP, it provides details of all the ports it found open and the services running.

Step 4: More Information

If we go the “Information” tab, we can get more detailed information on the particular highlighted system. Notice at the bottom of this screen that we get more specific information on the operating system of the target.

Interestingly, Sparta also runs a Nikto scan on the system if it finds port 80 open. We can click on the “nikto” tab to see results of the nikto web app vulnerability scan.

Step 5: Tools

One of the beauties of Sparta is that it integrates so many tools into this one single GUI. When we click on the “Tools” tab, Sparta displays numerous tools that we can apply to this target system including:

• Mysql-default
• Nikto
• Snmp-enum
• Smtp-enum-vrfy
• Snmp-default
• Snmp-check

Step 6: Brute-Force Passwords

Sparta can also brute-force passwords. Using Hydra, you can specify the IP, port, and service, then brute-force it.

For those who want a single scanning and enumeration tool with an easy-to-use GUI, Sparta is the perfect reconnaissance tool.

In this tutorial, I introduced you to the basics of this tool, but because it integrates so many tools into one, it will require additional tutorials to demonstrate all its capabilities. On the other hand, because it is relatively intuitive, many of you should be able to decipher its capabilities by just playing with it a bit. In any case, Sparta is one more excellent tool in our reconnaissance toolset.

Keep coming back, my novice hackers, as we explore the tools and techniques of the most important skill set of the 21st century—hacking!

Source:https://null-byte.wonderhowto.com/

The post Hack Like a Pro: Using Sparta for Reconnaissance appeared first on Information Security Newspaper | Hacking News.