SPARTA INTRO:- Sparta is the GUI (Graphical User Interface) Kali application used in information gathering of the target. This application is written in Python. If the target is in the attacker's network. Attackers can scan IP ranges and can gather information in Sparta, mention ethical hacking professors. Sparta gives different services and all the tools that are used in the scanning of the victim. It offers different features like – hydra, nikto, nmap, and mysql. An attacker can also use this tool to brute-force on the scanned IP ranges.
This tool comes pre-installed in Kali Linux. For using Sparta simply type Sparta in Linux terminal and Sparta will start in GUI as shown below.
USAGE OF SPARTA:-
- After starting Sparta, click on the “click here to add host(s) to scope“
- enter the IP ranges 192.168.1.1/24 or you can enter your IP ranges.
- After entering the IP ranges click on “Add to Scope“
- After clicking, Sparta will start the scan on the given IP ranges and the list host will appear in the host list as shown below.
- In the above screenshot, Sparta has scanned 5 hosts. From here different tools can be used to gather information on the target.
- The above screenshot, below it shows the progress of the no. of scans that Sparta is using.
- By default, Sparta runs an Nmap scan on IP ranges and tries to gather information such as open ports.
- Open ports can be used to attack particular services that are bound with such ports.
INFORMATION:-
- Click on the information tab.
- By clicking on the information tab, Sparta gathers information like IPv4 or Mac address. This information can be used in other hacking activities, say ethical hacking teachers.
- Sparta uses nikto with port 80 to scan the IP 192.168.1.1. It shows the router company and showing XSS header is not set which means an XSS script attack can be done.
- The above screenshot shows SSL info. This information can be used in other hacking activities.
- Separate scanning can also be done by Sparta. Sparta offers different methods which are used in pentesting and as well as in information gathering.
- Open the router IP in the browser to check the router default page.
- Sparta also offers to send the listed IP to a brute. Using brute, it will use a dictionary attack to gain access to the target IP.
- The above information can be used in other hacking activities because Sparta offers many pen-testing tools in simple GUI.
- Sparta can also be used to brute force the IP. From the above list of active hosts. We have taken one of the IPs to brute force.
- For brute-forcing on selected IP. Go to open ports. Right-click on port 445 and then click on send to brute.
- Then go to the brute tab.
- Enter the details username and password assuming username and password and click on run.
- You can also use a wordlist of your choice or generate one using Crunch to crack the username & password.
- After clicking on run Sparta has found one password of the following IP. This tool can be used to brute force and gather information.
- Sparta also uses enum4linux to enumerate the target and tries to gather information as possible.
DICTIONARY ATTACK :-
- Dictionary attack can also be done using Sparta as it offers to choose a list of dictionaries or you can create your wordlist using Crunch & use your own list of your choice as shown below.
- Simply click on Browse and select the list to use.
- Then click on run.
- In the above screenshot, a dictionary attack has cracked the password of the target IP.
Ethical hacking researcher of the International Institute of Cyber Security says that Sparta offers many features which can be used in information gathering and pentesting.
