Category Archives: (B) Basics

Why Your Encryption/Passwords Suck ? New Security Methods : 3D Face Analysis, Bio Metrics, ETC

” Treat Your Passwords Like you treat your Toothbrush, Don’t Let anyone Use it and Change it every 6 Months ” – Clifford Stoll, Scientist.
Thousands of Online Services uses Password, Be it Banks, Shops, Social Networking Sites, Email’s And Every other service. These Passwords are lying on the Databases of the companies, Which frequently have very basic security.
And These sites Do Get Hacked, Here Are Some Of The Greatest Attacks :

Sony PlayStation Network : 77 Million Accounts Hacked. Site Down For 24 Days.
Evernote : 50 Million Accounts Hacked, Including Addresses.
LinkedIn : 6.5 Million Accounts Hacked.
Gamigo : 8.24 Million Accounts Exploited.
Yahoo Voices : 450,000 Accounts Hacked.
Twitter : 250,000 Accounts Hacked.

Most Of the Accounts Get Hacked Because the Main Site Server Gets Exploited, But Many Individual Accounts Get Hacked Because people are too damn dumb to use complex password, A Survey done by Mark Burnett for 12 years Indicates that 78% of online users use These passwords :

123456 jordan george yankees
1234 superman charlie 123123
12345678 harley andrew ashley
qwerty 1234567 michelle 666666
dragon fuck love hello
sex asshole jessica amanda
12345 hunter boobs orange
baseball trustno1 legend-ary biteme
football ranger 6969 freedom
letmein buster pepper computer
monkey thomas daniel fuckme
696969 tiger access nicole
abc123 robert 123456789 thunder
mustang soccer 654321 ginger
micheal porn joshua heather
shadow batman maggie hammer
master test starwars summer
wintwe jennifer pass silver
fucking carlover killer william

 

What And How Hackers Do What They Do !

I Don’t Know How, But somebody tricked us into thinking Hackers are Geeks on Laptops ( which we are) but you should also remember that Hackers have great observation skills. Hackers Follow you everywhere, Once they lay their eyes on a target, they dig out every bit of information available about you. They spy on your online photos, They know your cat’s name, Your Car’s Model and everything you might have mentioned in online world.
Hackers Can attack you on many fronts, like : Cracking your Social networking website password, Stealing Data from your personal computer, Phishing you or even using your E-Mail ID to send messages to terrorists.

Methods To Confuse And Avoid Hackers :

Two Factor Authentication :

Many E-mail Providers use Two Factor Authentication like Gmail And Yahoo, And it the strongest method to protect yourself from getting hacked. To access your account, First you have to sign in Using your E-mail and Password, And then An Eight Digit Code is sent to your mobile within a few seconds, Which you have to fill online to get access to your account.
Pros :
Strongest Security Method.
You know when your account is being accessed.
Alert On Your Mobile if someone tries to brute-force your account.
Cons :
Not so Time Efficient.
You Need Your Mobile And Good Signal Reception.

Total Rating :
Security :

Comfort :

 

OPENID :

A Universally Usable ID Is given to you if you use OPENID. UUID are mostly URL specially crafted for you. To Log In into any service, You’ll have to just insert your OpenId, Not your password. Using OpenID is also a good Idea as password have a habit of getting hacked. OpenID is usable on Google, Yahoo, LiveJournal, Hyves, Blogger, Flickr And other sites.

Pros :
One-For-All Username and Password.
Saves Time.
Cons :
Not So-Many Sites Supported.

Total Rating :
Security :

Comfort :

 

Swipe Gestures :

Swipe gestures are a popular way to lock your Android Phones, And they very Are Simple to use, Thus easily crack-able. Anybody can remember your Swipe by seeing it first time, Also Somebody can find out your swipe by observing the scratches on the surface of your screen.
Pros :
Easy And Simple.
Cons :
Easily Hack-able.

Total Rating :
Security :

Comfort :

 

Password Stick :

On Many Operating Systems, You Can create a password stick which can unlock your computer by plugging it in. It is a time saving and secure method, Unless Your hacker is also good at picking pockets.We are not very fond of this method, as your brain is the safest place to store sensitive information.
Pros :
Time Saving.
Easy.
Secure.
Cons :
Danger Of Getting Hacked if stick is stolen.

Total Rating :
Security :

Comfort :

 

Finger Print Scan :

One of the oldest method of securing, Finger print scanners are widely available on Laptops, Netbooks, External USB Scanner etc. Also a rumor has it that the new iPhone Might have a Fingerprint scanner in the home button. It is a good and secure way to protect your data.
Pros :
Easy To Use.
Widely Available.
Cons :
Remember to clear the scanner after each scan or the print left on the scanner can be easily used by hacker.

Total Rating :
Security :

Comfort :

3D Face Analysis :

On Mobile Since Android 4.0, 3D Face Scan is an awkward way to unlock your mobile, It uses your  mobile/laptop camera to take a video of your whole face each time to unlock your device. But we don’t think this type of security method is useful in Mobiles, Tough it is very useful in PC Security and Other stuff that you don’t need to unlock every other second.
Pros :
Very Secure.
Very Difficult To Hack.
Cons :
Good Lightning needed.
Can be cracked by a video of your’s.

Total Rating :
Security :

Comfort :

 

Behavior Pattern :

Everybody has different way of interacting with technology, And the Swedish Firm BehavioSac Has used it to create a new security system. In this method, You Need to enter your password and have to do it in the same way you did before. Other Factors Include : Typing Rhythm, Speed, And on touchscreen Devices : Angle of gestures, pressure of angles and other stuff !
Pros :
Highly Secure.
Easy To Use.
Cons :
Not available on the market Yet.
Could be a pain in the ass when you’re drunk or sleepy.

Total Rating :
Security :

Comfort :

Conclusion :
With the increasing security risk, It Would be a good idea if the services we use everyday would get a security upgrade, And If the users follow some basic security tips, It would make them much more secure in the online world.

How to Chat Using Command Prompt

1) All you need is your friend’s IP Address and your Command Prompt.

2) Open Notepad and write this code as it is…..!

@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A

3) Now save this as “Messenger.Bat”.

4) Open Command Prompt.

5) Drag this file (.bat file) over to Command Prompt and press Enter.

6) You would then see something like this:

7) Now, type the IP Address of the computer you want to contact and press enter
You will see something like this:

8) Now all you need to do is type your message and press Enter.
Start Chatting…….!

 

 

Reveiw Us On Google Play

Cross Site Scripting Attack Simply Explained

Points to start :
  • XSS is most common web application vulnerability that allows a hacker to run malicious scripts in client side.
  • These scripts are maliciously crafted by a hacker to perform malicious tasks in client side.
  • When users clicks on a malicious link, the malicious script will run on users machine, such scripts can steal your session ID(your accounts) or infect you with a worm.

 

What Are The Types Of XSS ?

Based on the one persistent capability, XSS can be categorized into two types :
  • Persistent XSS
  • Non Persistent XSS

What Is Persistent XSS ?

The Persistent or Stored XSS attack occurs, when the malicious code submitted by the attacker is saved by the server in the database, and then permanently it will be run in the normal page.

What Is Non-Persistent XSS ?

In Non-Persistent XSS(Reflected XSS), the injected code sends to the server via HTTP request. The server embed the input with the html file and return the file(HTTP response) to  the browser.  When a browser renders the HTML file, it executes the embedded script.

How Do They Do It ?

First the attacker identifies a vulnerable site and then he/she injects malicious scripts into the website for stealing users’ accounts by stealing session cookies from their browser or infect users with a worm to gain control over users’ device.

What is an FTP Bounce Attack ?

How is FTP Bounce Attack perpetrated
This attack is possible when FTP Server in middle-man.com supports passive mode.
Let’s look into what is passive mode of FTP connection.
FTP protocol normally uses two connections – one control connection and one data connection. Commands are transferred using control connection and data travels through the data connection.
In Active FTP, the FTP client first initiates the control connection from its port N to FTP Server’s command port – port 21. The client then listens to port N+1 and sends the port N+1 to FTP Server. FTP Server then initiates the data connection, from its port M to the port N+1 of the FTP Client.
But, if the FTP Client has a firewall setup that controls the incoming data connections from outside, then active FTP may be a problem. And, a feasible solution for that is Passive FTP.
In Passive FTP, the client initiates the control connection from its port N to the port 21 of FTP Server. After this, the client issues a passv comand. The server then sends the client one of its port number M. And the client initiates the data connection from its port P to port M of the FTP Server.
In FTP Bounce Attack, the attacker exploits the passive mode of the FTP Server. He performs the following steps :
  • X opens an FTP connection from attacker.com to the FTP Server middle-man.com
  • X issues a port command and asks the server to open a data connection to port M. But, he tricks the FTP Server. Instead of specifying IP address of attacker.com, he gives the IP address of target.com.
  • X now sends the FTP Server a file of listed commands and requests it to execute that.
  • The file has the following set of commands :
    1. Open an FTP connection to target.com
    2. middle-man.com uses passive mode. So, it must send a port number to which target.com should open a data connection. middle-man.com specifies that with a port command, but instead of giving IP address of middle-man.com, the file specifies IP address of attacker.com.
    3. Transfer the required file over the connection thus established.
So, at this point, middle-man.com is tricked to request target.com to open a data connection from target.com to actually attacker.com.
And this is how FTP Bounce Attack is performed.

Countermeasures

A commonly used countermeasure is to configure the FTP Server not to allow connections to be established with any other host other than the FTP Client.
This was an informative article on FTP Bounce Attack. Hope you enjoyed it.

Understanding Password Vulnerabilities

Here are the two general classifications of password vulnerabilities:
✓ Organizational or user vulnerabilities: This includes lack of password policies that are enforced within the organization and lack of security awareness on the part of users.
✓ Technical vulnerabilities: This includes weak encryption methods and unsecure storage of passwords on computer systems.

 

 

Unless users are educated and reminded about using strong passwords, their passwords usually are
✓ Easy to guess.

✓ Seldom changed.

✓ Reused for many security points.

When bad guys crack one password, they can often access other systems with that same password and username. Using the same password across multiple systems and websites is nothing but a breach waiting to happen. Everyone is guilty of it, but that doesn’t make it right. Do what you can to protect your own credentials and spread the word to your users about how this practice can get you into a real bind. ✓ Written down in unsecure places. The more complex a password is, the more difficult it is to crack. However, when users create complex passwords, they’re more likely to write them down. External attackers and malicious insiders can find these passwords and use them against you and your business.

 

Technical password vulnerabilities You can often find these serious technical vulnerabilities after exploiting organizational password vulnerabilities:

✓ Weak password encryption schemes.

✓ Programs that store their passwords in memory, unsecured files, and easily accessed databases.

✓ Unencrypted databases that provide direct access to sensitive information to anyone with database access, regardless of whether they have a business need to know.

✓ User applications that display passwords on the screen while the user is typing.

How to Setup Your Laptop with Tracking Software in Case You Ever Lose It

laptop-on-subway

Apple offers a “Find My Mac” service to track a lost or stolen stolen Mac computer. However, Microsoft doesn’t provide an equivalent service for Windows PCs — not even for tablets running Windows 8.

If you’re using Windows and want the ability to track your laptop should it ever become lost or stolen, you’ll need to install some third-party software. There are many paid services that offer this feature, but there are also good free options.

The Basics

All such tracking services work similarly. You install a piece of software on your device and set up an account with the service. If you ever lose your device, you go to the service’s website, log into your account, and you can view the device’s location and control it remotely.

Be aware that it will likely be more difficult to track a laptop than a smartphone. A smartphone will probably be connected to a data network and be in standby mode, so it can communicate its location back to you. However, if a laptop is powered off or just not connected to Wi-Fi, it won’t be able to report back to you. A tracking service can offer some additional protection should you ever lose your laptop, but it will be harder to locate a lost laptop than it is to locate a lost smartphone.

Installing Prey

Prey offers tracking software for Windows, Mac, and even Linux PCs. Prey also offers tracking apps for Android and iOS, so you could use this one service to track all of your devices.

This service has paid pro plans, but the basic tracking service is completely free. The free service allows you to have three devices linked to your account and store up to ten location reports per device.

After installing Prey, you’ll be prompted to create a new user account or enter your current user account details.

prey-user-setup

Once you’ve logged in, Prey will immediately be up and running. Prey runs as a Windows service by default. If you want to configure it, you can open the Configure Prey shortcut in the Prey folder in your Start menu’s programs group.

configure-prey-on-windows

To have Prey check in more frequently so you’ll receive reports more quickly if you ever lose your laptop, select Options for Execution, and modify the Frequency of reports and actions setting.

prey-frequency-of-reports

Tracking Your Lost Laptop

You can now visit the Prey project’s website and log in with the same account details you entered on your computer. You’ll see your computer and any other linked devices.

prey-project-website

If you lose your laptop, you’ll need to click its name on your Prey control panel and set the slider from “OK” to “Missing.” Prey only tracks your device when it’s missing, so it isn’t constantly tracking your laptop’s location. Be sure to also enable the Geo feature, which uses your laptop’s internal GPS hardware or the names of nearby Wi-Fi hotspots to report its location.

You can also have Prey perform specific actions, such as setting off an alarm — this is useful if you misplace the laptop nearby. Of course, it’s not as reliable as sending an alarm to a phone, because the laptop must be powered on and connected to the Internet to receive this message and begin the alarm.

Be sure to save your changes afterwards.

prey-report-device-as-missing

Once you’ve set your laptop to missing, its status will become “Tracked, waiting for report.” When the Prey software on your laptop checks in with the Prey server, it will receive a message that it has been marked as lost and generate a report. You’ll only receive an alert if the laptop is powered on, connected to the Internet, and the Prey software is still installed.

There’s an “on-demand” mode where you can request a report immediately, but this feature is unavailable in the free version. If you can wait a few minutes for your report, the free version will work just as well.

prey-laptop-tracked-waiting-for-report

Once a report arrives, you’ll see it on the Reports tab. The report includes the information you selected, such as the laptop’s geographic location, its network status and IP address, and a screenshot of the computer’s desktop and webcam capture of its user. This information may help you get the laptop back, or may be helpful evidence when you report the laptop as stolen.

geolocate-lost-or-stolen-laptop


If you don’t want to use Prey for some reason, you may want to try LockItTight, which is also free.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

 

What is man in the middle attack? according to wikipedia:

In cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

And what is ARP poisoning or ARP spoofing? according to wikipedia:

a technique whereby an attacker sends fake (“spoofed”) Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker’s MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

The man in the middle attack can happen because the attacker modified the ARP table(ARP spoofing) and change the ARP mapping to malicious attacker computer. Here I try to describe using picture(courtesy of: irongeek.com).

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

If we as a human absolutely we will know who is Alan and who is Brian by recognizing them from their face, but for our computer they depend on the ARP table network mapping (OSI layer 2 and layer 3).

<table border=”1″ cellpadding=”1″ cellspacing=”1″ style=”width: 500px;”>

Name IP Address MAC Address Alan 192.168.1.2 00-00-00-00-00-00-00-01 Brian 192.168.1.3 00-00-00-00-00-00-00-02 Cracker 192.168.1.88 00-00-00-00-00-00-00-03

table>

So if Alan want to connect to Brian, the computer will translate Brian IP address(192.168.1.3) to its MAC address 00-00-00-00-00-00-00-02. The correct way is should be like that, but because the attacker doing an ARP spoofing or ARP poisoning they will change the ARP mapping. If the network already poisoned, when Alan want to send packet to Brian, Alan will translate Brian(192.168.1.3) with MAC 00-00-00-00-00-00-00-03 and vice versa.

In this tutorial I will show you how the ARP spoofing can be happen and how to prevent it in your own computer so you will not be the victim.

The scenario for today tutorial I will use Windows 7 as victim and Kali Linux as attacker.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN:

Before start, you can download the Static ARP changer tools to change the ARP routing automatically (128% virus free guaranteed)

Download Static ARP Changer

1. First I will show you my Windows 7 ARP table before poisoned by the attacker

arp -a

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

the red box in the picture above is victim router address and router MAC address is xx-xx-xx-5a-26-94. Victim IP address is 192.168.8.100.

Here is the attacker IP and MAC info:

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

2. When attacker doing ARP spoofing by using arpspoof and attacking the victim:

arpspoof -i eth0 -t 192.168.8.100 -r 192.168.8.8

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

Description:

-i eth0 –> attacker use the eth0 interface to perform the attack.

-t 192.168.8.100 –> attacker targeting the IP address 192.168.8.100.

-r 192.168.8.8 –> attacker will intercept the traffic between -t and -r where -r is the remote host or the router

3. When victim run the arp -a command again in his computer, the router MAC address was changed into the attacker computer.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

that’s mean every transaction the victim made will go through attacker computer first and then go to the real router. We need to protect the ARP mapping table to make the attacker cannot do this to us.

4. We need to run this command in our Windows PC

arp -s 192.168.8.8 xx-xx-xx-5a-26-94

Description:

-s –> add a static ARP table

192.168.8.8 –> your router IP address

xx-xx-xx-5a-26-94 –> your router MAC address

Note: If you get this error “The ARP entry addition failed: Access is denied.

try to run this command to know your interface name:

netsh interface show interface

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

and then run this command to add static ARP:

netsh interface ip add neighbors “Wireless Network Connection” “192.168.8.8” “xx-xx-xx-5a-26-94”

now when we run again the arp -a command, our ARP table changed to static

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

and when attacker run ARP spoofing again, our ARP table won’t changed because we already make it static :-)

Conclusions:

1. To prevent ARP spoofing and man in the middle attack in your local area network you need to add a static ARP.

2. This trick become troublesome if your router changed frequently, so if you use this prevention method you need to delete the old one and add the new one if it changed

3. You can download and use my Static ARP routing changer to change your ARP static routing automatically

Download Static ARP Changer

 

Why you should hide IP(Internet protocol)address?

What is IP Address?
 IP address is Unique Identification Number that is assigned to your Internet Connection.Each house has unique address ,right? Likewise, In Internet each machine some unique Address .   This will be used to identify your computer in Internet.  Using IP address, we can trace the location of the User.

 
IP(internet protocol) address traced
when you click or open webpage or send mail a request will be send to associate server with your IP address in header of request. This IP address can be tracked by their server using the header. So website owners can track your IP address easily. Intruders/attackers can get your IP address by website logs.

What will do intruders?
if intruders track your IP address, they can access to your computer remotely and steal confidential data(credit card details,accounts details and etc).

banned in forum or website
sometimes website/forums owners can ban your IP address(eg: 212.1.1.1) or your region/country IP address(eg: 212.1.0.0 to 212.255.255.255) because of your or your region illegal activity . So you may not able to access your favorite website.

Why i should hide ip address

  • To protect your computer from being hacked by attackers.
  • To stop being tracked your online surfing
  • To access blocked websites/forums/social network
  • Access websites/forums banned your IP address
  • Multiple registration in forum/websites

How to hide Ip address
Proxy servers are used to hide the IP.(read how proxy server working?)
In two ways , you can use proxy server IP address.

    • set it manually.
    • use IP hiding software tools

.in this method, easy to use proxy server than manual process.

Hacking Using Doxing

 

Definiton of Doxing:

Doxing is derived from Document Tracing. Doxing is tracing the information from internet resources about particular person.

Usually internet users left their information(like gender,name,city,..) in some websites(like social network,..).  So using some searching Techniques, we can gather complete data about a person.  This type of searching(tracing) is known as Doxing. This data can be used to hack their account or trace them.

What you can find using Doxing?
  • Real Name, age,gender
  • Email id, registered websites
  • Social Network Page(facebook,twitter links)
  • Address, Phone Number
  • Parent’s Names and their Jobs
  • Place of Education (School/University etc.)
  • Relatives
  • and more data

 

From where you are going to start?

Yes, if you know person real name, then start from his name.  If you know the username then start from there. or if you know any other data, start from there  Using name or username , search for other information in google.

How to do Doxing?
Just assume you want to gather information about one of forum member.  Let us assume his username is peter.  If you search in google as “peter” , you will get thousands results about peter. So what you are going to  do?

You have to some other information about peter in that forum itself.  For example , You got his birthday.  Now you can continue your searching with “peter xx/xx/xxx”.  This will reduce the resutls.

Not only birthday, you can use some other info like signature.  For example if he put signature in forum as “Dare Devil”.  You can continue searching using “Peter Dare Devil”.  This will reduce the Results.

Sometime your target person registered in multiple forums, websites,social networks… So while searching ,you will get result of registered website of him using that username or info.

Read Each posts of target person, he might left some more information about him any one of forums or websites.

Using Email Address for Tracing:
If you got the email address of target person, it is much easier to trace the person. You can search using in the following sites. you may get some data.

Websites that will be useful for Doxing:

www.myspace.com
www.bebo.com
www.facebook.com
www.google.com
www.pipl.com
www.wink.com
www.123people.com
www.zabasearch.com

You can find any other site related to target person and search for his data.

Doxing needs Intelligence:
Doxing needs Intelligence and searching ability.  You have to guess where to search and what to search about person.  Depending on searching ability, you will get what you required.

Security Question:

Hacker can get the victim’s security question answer using doxing.

For example, if your questions is “What is your pet?”, he may guess. He will search with email or username . you may left your my pet is xxx. So now you are the victim.

Dictionary Attack:
Hackers can gather information about the victim and create a dictionary file(wordlist) for a target person alone.  Using that dictionary file , he can crack your passwords.

Conclusion:
Doxing is one of powerful hacking method

WHAT IS A SMURF ATTACK

Smurf is a network layer distributed denial of service (DDoS) attack, named after the DDoS.Smurf malware that enables it execution.

Smurf attacks are somewhat similar to ping floods, as both are carried out by sending a slews of ICMP Echo request packets.

Unlike the regular ping flood, however, Smurf is an amplification attack vector that boosts its damage potential by exploiting characteristics of broadcast networks.

 

A Smurf attack scenario can be broken down as follows:

  • Smurf malware is used to generate a fake Echo request containing a spoofed source IP, which is actually the target server address.
  • The request is sent to an intermediate IP broadcast network.
  • The request is transmitted to all of the network hosts on the network.
  • Each host sends an ICMP response to the spoofed source address.
  • With enough ICMP responses forwarded, the target server is brought down.

The amplification factor of the Smurf attack correlates to the number of the hosts on the intermediate network. For example, an IP broadcast network with 500 hosts will produce 500 responses for each fake Echo requests. Typically, each of the relies is of the same size as the original ping request.

It should be noted that, during the attack, the service on the intermediate network is likely to be degraded.

In addition to showing good internet citizenship, this should incentivize operators to prevent their networks from being unwitting Smurf attack participants.

To accomplish this you can:

  • Disable IP-directed broadcasts on your router.
  • Reconfigure your operating system to disallow ICMP responses to IP broadcast requests.
  • Reconfigure the perimeter firewall to disallow pings originating from outside your network.