tag:blogger.com,1999:blog-7253947051673117336Wed, 30 Jan 2013 20:52:02 +0000frame injection10000 HitsMephishing sitesiis securityVulnerability ScanningJSON CSRF attacksSodokuCSRF attacksCEhacker safe pcDarkChangeSpyware RemoverGenerationFeedbackScamangry ip scannerLinux For Youhacking a websiteEye Openerphishing websitesframe injection vulnerabilitySNMP EnumerationCowsession management attacksPopulationUnicode exploitiexpresshacking iis serverserver certificateframe injection flawsssl cipher suitescountermesures against sniffingChoiceDNS PoisoningARP spoofingdns cache poisoingChild Marriagescross site scripting attacksBrotherfree traffic generationScanningGOOGLESocial Evilspurchase spywareFingerprintingNew In The TownRuleswiresharkInspirationhack yahoo accountViewssecure sslPeopleLifeMistakesBotnetscross site request forgery attacksLovebuy spywareL0phtCrackwormbuffer overflowBrowse AnonymousDNS Zone TransferUnixURL Obfuscationdirectory transversal attackDocumentFootprintingspyware informationEnumerationShort StoryNessusprotect pc from hackerTrojan RemoverHonor KillingsNetwork Scannerportable firefoxBotsSpywarefree ebook downloadParentsethical hacking introductionSuperscanhacking email accountsTetrisPassword HackingComputer Virusskills of a hackerdark comet ratgoogle dorksLanguageforced browsing attackLDAP Enumerationsession hackingCSRFLoad Sheddingsniffing around a networkHomeLawSpamweb application securityFacebookxss attack countermeasureshacking stepsTownJSON Cross Site Request ForgeryTagpacket sniffingbackdoorsql injection attackwebsite hackinghacker skillsAnti-Trojanhost gatorDecisionEngineeringstored cross site scripting attackFunGratefulnessEditorphishingsql injection countermeasuresspyware infoARP PoisoningLinuxhacking a web applicationNetBIOS Enumerationsession attacksDoSssl cipherhavijUbuntuinjectiong commadsPrivilege EscalationCollege LifePassword Crackertrojan mailLAN Safetyos command injectionDenial Of ServiceSystem HackingVisionssl protocolHit ListGeekNmapsql injection attackshack a websiteBLOGGERFearPassword Hacking CountermeasuresReplyreflected xss attackcommand injectionweb server securityGamesWorldRootkitcross site request forgeryCerberusCelebrationssl man in the middle attacksearch engine optimizationbuffer overrunFaceboozSQL injection toolBlogsMalware removerProductssniffingBlogging TipSMSTVCracking Passwordsteps involved in hackingBanner GrabbingChildRemote Administration ToolEssayxss attackhacking introductionforced browsingDogGmailRATpacket sniffing countermeasuressession managementLost Memory1000 HitsPoloticsJusticehack web applicationinjecting frameReconnaissanceRoad FighterTrojanHackingcross site scriptingWindows HackingXSSsetup of hacker labhacker safereflected cross site scripting attackXSRF attacksGoogle HackingUbuntu 10.10Trickdiscount coupon codesFacebook FreezerDDoSXSRFRealityDarknessARP poisioning routingFamilytrack email deliveryXSS countermeasuresLDAP Enumeration CountermeasureJSON XSRF attacksHack FacebookKey LoggersThankshacker lab setupARP Floodingsql injectionProgrammingPoliticsviral trafficTool Tutorialautomatic SQL injection toolVirusstored xss attackNull Sessionssl serverJokehack yahoo passwordE-mail scamswhat is phishingVideo Gameshacking windows server 2003TV Soapsfree downloadgoogle dorks for sql injectionRemote Administrationweb application hackingDarefree softwareMalwareSEOPassword ToolsSolitairewireshark tutorialTimetrojan wrappingsecure your systemnetcatBooksA DEVIL'S BLOG ON COMPUTER SECURITY, INFORMATION SECURITY, ETHICAL HACKING AND COUNTERMEASUREShttp://nrupentheking.blogspot.com/noreply@blogger.com (Nrupen Masram)Blogger281125http://creativecommons.org/licenses/by-nc-nd/3.0/http://creativecommons.org/licenses/by-nc-nd/3.0/http://creativecommons.org/images/public/somerights20.gifblogspot/DOLODhttp://feedburner.google.comSubscribe with My Yahoo!Subscribe with NewsGatorSubscribe with My AOLSubscribe with BloglinesSubscribe with NetvibesSubscribe with GoogleSubscribe with PageflakesSubscribe with PlusmoSubscribe with The Free DictionarySubscribe with Bitty BrowserSubscribe with Live.comSubscribe with Excite MIXSubscribe with WebwagSubscribe with Podcast ReadySubscribe with WikioSubscribe with Daily Rotationtag:blogger.com,1999:blog-7253947051673117336.post-2101526928344469816Tue, 07 Aug 2012 22:07:00 +00002012-08-08T03:38:34.223+05:30buffer overflowbuffer overrun<div dir="ltr" style="text-align: left;" trbidi="on"> <h1> Buffer Overflows | The Basics - 2 For Programmers</h1> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: left;"> <a href="http://3.bp.blogspot.com/-4tqjH0hh2gA/UCGQ3DGielI/AAAAAAAAAfo/QEv_R9RzLKM/s1600/starschnitt.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="http://3.bp.blogspot.com/-4tqjH0hh2gA/UCGQ3DGielI/AAAAAAAAAfo/QEv_R9RzLKM/s320/starschnitt.jpg" width="267"></a></div> <span style="font-size: large;">Hi and welcome back, it has been a long time I had actually written something for Devils Blog On Security. So first of all, to my regular reader I apologize on my behalf. In last post, we discussed basics of buffer overflows or in other words buffer overruns. Here we&#39;ll discus something more about basics, note that buffer overflow is one of the most complex, advanced and big topics in computer security world, so if you lack basic understanding of operating systems, computer networks and communication between them, programming and program execution, computing terms and analogy, and similar things, you&#39;ll get hard time understanding buffer overflows.</span><br> </div></div><a href="http://nrupentheking.blogspot.com/2012/08/buffer-overflows-basics-2-for.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=myimbIwA_Oo:nKEYrSTtj6o:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=myimbIwA_Oo:nKEYrSTtj6o:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=myimbIwA_Oo:nKEYrSTtj6o:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=myimbIwA_Oo:nKEYrSTtj6o:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=myimbIwA_Oo:nKEYrSTtj6o:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=myimbIwA_Oo:nKEYrSTtj6o:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=myimbIwA_Oo:nKEYrSTtj6o:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/myimbIwA_Oo" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/myimbIwA_Oo/buffer-overflows-basics-2-for.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2012/08/buffer-overflows-basics-2-for.htmltag:blogger.com,1999:blog-7253947051673117336.post-6855339340028283233Wed, 21 Sep 2011 14:00:00 +00002011-09-21T19:30:55.083+05:30buffer overflowbuffer overrun<div dir="ltr" style="text-align: left;" trbidi="on"><h1>Buffer Overflow | The Basics</h1><hr><div dir="ltr" style="text-align: left;" trbidi="on"><br> <div align="JUSTIFY" style="margin-bottom: 0in;"><span style="font-size: medium;">Hi, welcome back to Devils Blog On Security, in this post we&#39;ll discus some basics about </span><span style="font-size: medium;"><i><u><b>buffer overflows</b></u></i></span><span style="font-size: medium;"> also known as </span><span style="font-size: medium;"><i><u><b>buffer overruns</b></u></i></span><span style="font-size: medium;">. So before we discus what is buffer overflow or buffer overrun is we will have a look on what exactly is buffer. Computer stores information in form of bits, for example if you want to store number 3 in computer&#39;s memory it will be stored in its binary form which is 11, as you can see 11 will require 2 bits to get stored in memory that indirectly means the number 3 will require 2 bits of computer memory or 2 bits of buffer. In simple words buffer is amount of memory allocated for particular variable or element. </span></div></div></div><a href="http://nrupentheking.blogspot.com/2011/09/buffer-overflow-basics.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=G2_C4cgZep4:WigmlW9atys:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=G2_C4cgZep4:WigmlW9atys:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=G2_C4cgZep4:WigmlW9atys:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=G2_C4cgZep4:WigmlW9atys:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=G2_C4cgZep4:WigmlW9atys:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=G2_C4cgZep4:WigmlW9atys:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=G2_C4cgZep4:WigmlW9atys:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/G2_C4cgZep4" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/G2_C4cgZep4/buffer-overflow-basics.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/09/buffer-overflow-basics.htmltag:blogger.com,1999:blog-7253947051673117336.post-4090991092657756541Wed, 21 Sep 2011 13:58:00 +00002011-09-21T19:28:36.467+05:30<div dir="ltr" style="text-align: left;" trbidi="on"><h1>To All Visitors Of Devils Blog Please Read This</h1><hr><div dir="ltr" style="text-align: left;" trbidi="on"><br> <div align="JUSTIFY" style="margin-bottom: 0in;"><span style="font-size: medium;">After long time I yesterday I posted a new article on Devils Blog. It has been nearly one year this blog is live and since the time it is live I got several suggestions and recommendations by people on how to improve its over all quality. Following are some complaints and suggestions that I received from the time this blog is live,</span></div><div align="JUSTIFY" style="margin-bottom: 0in;"><br> </div></div></div><a href="http://nrupentheking.blogspot.com/2011/09/to-all-visitors-of-devils-blog-please.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=s3fs5Ova2Yw:z6xZ063SM7s:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=s3fs5Ova2Yw:z6xZ063SM7s:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=s3fs5Ova2Yw:z6xZ063SM7s:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=s3fs5Ova2Yw:z6xZ063SM7s:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=s3fs5Ova2Yw:z6xZ063SM7s:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=s3fs5Ova2Yw:z6xZ063SM7s:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=s3fs5Ova2Yw:z6xZ063SM7s:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/s3fs5Ova2Yw" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/s3fs5Ova2Yw/to-all-visitors-of-devils-blog-please.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/09/to-all-visitors-of-devils-blog-please.htmltag:blogger.com,1999:blog-7253947051673117336.post-1031921020684420174Mon, 19 Sep 2011 14:07:00 +00002011-09-19T19:37:19.865+05:30buy spywarepurchase spywarespyware informationspyware info<div dir="ltr" style="text-align: left;" trbidi="on"><h1>Must Read Before You Buy Spyware</h1><hr><div dir="ltr" style="text-align: left;" trbidi="on"><div align="JUSTIFY" style="margin-bottom: 0in;"><div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-Fe19EWevQKM/TndL8lw3gwI/AAAAAAAAAfc/q35PCNZ45c0/s1600/spyware.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="200" src="http://2.bp.blogspot.com/-Fe19EWevQKM/TndL8lw3gwI/AAAAAAAAAfc/q35PCNZ45c0/s200/spyware.jpg" width="200"></a></div><span style="font-size: medium;">Hello visitor, if you are here then surely you are planning to <b><i><u>buy spyware</u></i></b> and you stopped by just to to know what I want to tell you before you buy one. First of all if you are too lazy to read this article completely because it is little lengthy or you don&#39;t want to waste your half second rolling your finger on your mouse and scroll down then please close this window and leave immediately because reading this article incomplete would be good enough to not reading it. </span> </div><div align="JUSTIFY" style="margin-bottom: 0in;"><br> </div><div align="JUSTIFY" style="margin-bottom: 0in;"><span style="font-size: medium;">There are different reasons for which different people <b><u><i>buy spywares</i></u></b>. Following are some of them,</span><br> </div></div></div><a href="http://nrupentheking.blogspot.com/2011/09/must-read-before-you-buy-spyware.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=cxIVPzfASEA:nOIAkpKBioM:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=cxIVPzfASEA:nOIAkpKBioM:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=cxIVPzfASEA:nOIAkpKBioM:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=cxIVPzfASEA:nOIAkpKBioM:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=cxIVPzfASEA:nOIAkpKBioM:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=cxIVPzfASEA:nOIAkpKBioM:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=cxIVPzfASEA:nOIAkpKBioM:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/cxIVPzfASEA" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/cxIVPzfASEA/must-read-before-you-buy-spyware.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/09/must-read-before-you-buy-spyware.htmltag:blogger.com,1999:blog-7253947051673117336.post-188809114652317743Thu, 21 Jul 2011 19:26:00 +00002011-07-22T00:56:24.328+05:30ssl serversecure sslssl cipher suitesssl cipherssl protocolssl man in the middle attack<div dir="ltr" style="text-align: left;" trbidi="on"><h2>SSL And TLS Attacks | SSL Man In The Middle</h2><hr><div dir="ltr" style="text-align: left;" trbidi="on"><div align="JUSTIFY" style="margin-bottom: 0in;"><span style="font-size: large;">In our last post we discussed a little about attacking weak ciphers in this post we will have our look on how a <b>Man In The Middle</b> (MITM) attacks can be performed over <i><u><b>SSL and TSL</b></u></i> encrypted data transfer. The attack uses SSL strip developed by Moxie Marlin Spike with a ARP spoofing tool and a packet sniffer. The attack can be exclusively performed from UNIX and Linux based platforms hence I suggest you to use Dsniff. Practically SSL strip was developed to demonstrate how an attacker can lead visitors to visit his/her site from legitimate site. The attack used misinterpretation of null characters vulnerability which existed in several certificates during 2009. </span><br> </div></div></div><a href="http://nrupentheking.blogspot.com/2011/07/ssl-and-tls-attacks-ssl-man-in-middle.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_JVqIXpzQao:oVpeols49Iw:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_JVqIXpzQao:oVpeols49Iw:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_JVqIXpzQao:oVpeols49Iw:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=_JVqIXpzQao:oVpeols49Iw:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_JVqIXpzQao:oVpeols49Iw:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=_JVqIXpzQao:oVpeols49Iw:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_JVqIXpzQao:oVpeols49Iw:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/_JVqIXpzQao" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/_JVqIXpzQao/ssl-and-tls-attacks-ssl-man-in-middle.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/07/ssl-and-tls-attacks-ssl-man-in-middle.htmltag:blogger.com,1999:blog-7253947051673117336.post-2295960607757785385Mon, 18 Jul 2011 19:42:00 +00002011-07-19T01:12:23.303+05:30search engine optimizationSEO<h1> Working On SEO</h1> <hr /> <hr /> <div style="text-align: justify;"> <span style="font-size: large;">All dear visitors of Devil's Blog On Security. I'll be spending this week on optimizing my site to appear on Google search results in order to increase my blog visitors by SEO (Search Engine Optimization). I'll make small changes several times on my blog template to test results. In this due course you might face several irregularities on templates and blog posts. I urge you to not to bother about them till this week I assure you soon you'll not face such problem.</span></div><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=IWkwfO-S9iY:Lcg4Ig5ow_s:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=IWkwfO-S9iY:Lcg4Ig5ow_s:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=IWkwfO-S9iY:Lcg4Ig5ow_s:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=IWkwfO-S9iY:Lcg4Ig5ow_s:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=IWkwfO-S9iY:Lcg4Ig5ow_s:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=IWkwfO-S9iY:Lcg4Ig5ow_s:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=IWkwfO-S9iY:Lcg4Ig5ow_s:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/IWkwfO-S9iY" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/IWkwfO-S9iY/working-on-seo.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/07/working-on-seo.htmltag:blogger.com,1999:blog-7253947051673117336.post-3492929679516539284Fri, 15 Jul 2011 20:27:00 +00002011-07-19T02:40:23.208+05:30ssl serverssl cipher suitesssl cipherssl protocol<h2> SSL And TLS Attacks | Weak Ciphers</h2> <hr> <div class="separator" style="clear: both; text-align: center;"> <a href="http://3.bp.blogspot.com/-PKCPXMc1vWE/TiCiMD6LP6I/AAAAAAAAAfI/S3Vwit5gyrM/s1600/popup_ssl.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-PKCPXMc1vWE/TiCiMD6LP6I/AAAAAAAAAfI/S3Vwit5gyrM/s1600/popup_ssl.jpg"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Both <i><b>SSL and TLS</b></i> protocols works on the basis of Public Key Infrastructure (PKI) and commonly includes key exchange algorithm to handle security. Apart from just CA authority the strength of SSL cipher depends on length of key, encryption algorithm used to encipher data and <b>Message Authentication Code</b> (also known as <b>SSL MAC</b>). In this post we will have our look on how key length could effect on cipher strength. So depending on the length of initial key generated for data exchange during SSL and TLS communication, ciphers can be divided into following categories. </span></div> <a href="http://nrupentheking.blogspot.com/2011/07/ssl-and-tls-attacks-weak-ciphers.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wqiw3KR48yE:7jtEY3jxMIE:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wqiw3KR48yE:7jtEY3jxMIE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wqiw3KR48yE:7jtEY3jxMIE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=wqiw3KR48yE:7jtEY3jxMIE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wqiw3KR48yE:7jtEY3jxMIE:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=wqiw3KR48yE:7jtEY3jxMIE:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wqiw3KR48yE:7jtEY3jxMIE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/wqiw3KR48yE" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/wqiw3KR48yE/ssl-and-tls-attacks-weak-ciphers.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/07/ssl-and-tls-attacks-weak-ciphers.htmltag:blogger.com,1999:blog-7253947051673117336.post-7689735225352107874Fri, 15 Jul 2011 20:14:00 +00002011-07-19T02:42:10.724+05:30discount coupon codeshost gator<h2> Discount Coupon Codes For All Host Gator Hosting and Resller Plans</h2> <h2> <hr> <div class="separator" style="clear: both; text-align: center;"> <a href="https://tracking.hostgator.com/img/Shared_Green/300x250-animated.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://tracking.hostgator.com/img/Shared_Green/300x250-animated.gif"></a><span style="font-size: large;"></span></div> <span style="font-size: large;">9.94% discount on any Web Hosting Plan.</span><br> <span style="font-size: large;"><u>Coupon code:</u> <b>AFFILIATEK</b></span><br> <span style="font-size: large;"><br> </span><br> <span style="font-size: large;">20.00% discount on any Web Hosting Plan.</span><br> <span style="font-size: large;"><u>Coupon Code:</u> <b>SPRING</b> (will not stay valid for long)</span><br> <span style="font-size: large;"><br> </span><br> <span style="font-size: large;">24.94% discount on any Web Hosting Plan.</span><br> <span style="font-size: large;"><u>Coupon Code:</u> <b>THEAFFKING</b> best discount coupon on hosting plan.</span><br> <span style="font-size: large;"></span><br> </h2><a href="http://nrupentheking.blogspot.com/2011/07/discount-coupon-codes-for-all-host.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=YKh1msoYu10:_T9N1a1PYdE:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=YKh1msoYu10:_T9N1a1PYdE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=YKh1msoYu10:_T9N1a1PYdE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=YKh1msoYu10:_T9N1a1PYdE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=YKh1msoYu10:_T9N1a1PYdE:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=YKh1msoYu10:_T9N1a1PYdE:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=YKh1msoYu10:_T9N1a1PYdE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/YKh1msoYu10" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/YKh1msoYu10/discount-coupon-codes-for-all-host.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/07/discount-coupon-codes-for-all-host.htmltag:blogger.com,1999:blog-7253947051673117336.post-4033200057048807930Sat, 09 Jul 2011 09:18:00 +00002011-07-19T02:41:56.199+05:30ssl serversecure sslssl cipher suitesssl cipherssl protocolserver certificate<h2> Server Certificate Model</h2> <hr> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/--b43zuuChoc/Thgb0BA8WRI/AAAAAAAAAe4/UZkTzuSN_1Y/s1600/popup_ssl.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/--b43zuuChoc/Thgb0BA8WRI/AAAAAAAAAe4/UZkTzuSN_1Y/s1600/popup_ssl.jpg"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">In this post we will discus a little about <i><b>server certificate model</b></i>. Yes you are right we will discus here something about CA certificates and SSL. So lets start from CA certificate. Full form of CA is certificate authority or <i><b>certification authority</b></i> its main task is to provide digital signatures which are known as CA certificates. The digital signatures/certificates certifies the ownership of a public key. There are several CA that provide digital certificates some are free while some are paid. The very common use of CA certificates can be found in SSL or TSL. The introduction of SSL in HTTP protocol has made possible data transfer via network in encrypted form. Due to introduction of SSL in HTTP the three way handshake is also slightly affected to support data transfer in encrypted form.</span></div> <a href="http://nrupentheking.blogspot.com/2011/07/server-certificate-model.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-E55cBw8hQQ:JcjIzRrm0fA:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-E55cBw8hQQ:JcjIzRrm0fA:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-E55cBw8hQQ:JcjIzRrm0fA:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=-E55cBw8hQQ:JcjIzRrm0fA:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-E55cBw8hQQ:JcjIzRrm0fA:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=-E55cBw8hQQ:JcjIzRrm0fA:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-E55cBw8hQQ:JcjIzRrm0fA:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/-E55cBw8hQQ" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/-E55cBw8hQQ/server-certificate-model.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/07/server-certificate-model.htmltag:blogger.com,1999:blog-7253947051673117336.post-2992246447720345500Sat, 25 Jun 2011 12:27:00 +00002011-07-19T02:43:54.713+05:30JSON CSRF attacksJSON Cross Site Request ForgeryJSON XSRF attacks<h2> JSON XSRF Attacks Countermeasurs</h2> <h2> <hr /> <div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s320/hijacking.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s320/hijacking.gif" /></a></div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;">In our previous posts we discussed XSRF, its types then JSON XSRF and attacking methodology. Following is our last post on XSRF in which we will cover preventive measures against JSON XSRF attacks. Following are preventive measures that can be taken against XSRF attacks.</span></div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;"><br /> </span> </div> <ul style="font-weight: normal;"> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">First of all the application must implement all kinds of basic XSRF attacks.</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Always use unpredictable parameter for JSON objects.</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">As told in previous posts JSON XSRF attacks are possible because application can send XMLHttpRequest to retrieve JSON data it can only retrieve data by using GET method, so its better to implement only POST method as an countermeasure against JSON XSRF.</span></div> </li> </ul> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;"><br /> </span> </div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;">I hope you enjoyed learning XSRF in our next post we will cover some other topic in detail, if you have any problem understanding anything or just in case you need any revise, please check out Web Application Security Page on this blog. For now we end XSRF here, thanks for reading, have a nice time and keep visiting.</span></div> </div> </h2><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=xbru-YGLxrs:BfmS-yQ5mk0:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=xbru-YGLxrs:BfmS-yQ5mk0:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=xbru-YGLxrs:BfmS-yQ5mk0:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=xbru-YGLxrs:BfmS-yQ5mk0:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=xbru-YGLxrs:BfmS-yQ5mk0:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=xbru-YGLxrs:BfmS-yQ5mk0:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=xbru-YGLxrs:BfmS-yQ5mk0:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/xbru-YGLxrs" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/xbru-YGLxrs/json-xsrf-attacks-countermeasurs.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/json-xsrf-attacks-countermeasurs.htmltag:blogger.com,1999:blog-7253947051673117336.post-8534699558886076913Sat, 25 Jun 2011 12:24:00 +00002011-07-19T02:45:56.829+05:30portable firefoxprotect pc from hackerhacker safe pchacker safe<h2> Power Of Portable Firefox Makes It Hacker Safe<br /> </h2> <h2> <hr /> <div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s320/hijacking.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s320/hijacking.gif" /></a></div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;">In our previous posts we discussed XSRF, its types then JSON XSRF and attacking methodology. Following is our last post on XSRF in which we will cover preventive measures against JSON XSRF attacks. Following are preventive measures that can be taken against XSRF attacks.</span></div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;"><br /> </span> </div> <ul style="font-weight: normal;"> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">First of all the application must implement all kinds of basic XSRF attacks.</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Always use unpredictable parameter for JSON objects.</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">As told in previous posts JSON XSRF attacks are possible because application can send XMLHttpRequest to retrieve JSON data it can only retrieve data by using GET method, so its better to implement only POST method as an countermeasure against JSON XSRF.</span></div> </li> </ul> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;"><br /> </span> </div> <div align="JUSTIFY" style="font-weight: normal; margin-bottom: 0in;"> <span style="font-size: large;">I hope you enjoyed learning XSRF in our next post we will cover some other topic in detail, if you have any problem understanding anything or just in case you need any revise, please check out Web Application Security Page on this blog. For now we end XSRF here, thanks for reading, have a nice time and keep visiting.</span></div> </div> </h2><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=EVGXwcP1nXI:LZ1aIhcOu1M:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=EVGXwcP1nXI:LZ1aIhcOu1M:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=EVGXwcP1nXI:LZ1aIhcOu1M:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=EVGXwcP1nXI:LZ1aIhcOu1M:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=EVGXwcP1nXI:LZ1aIhcOu1M:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=EVGXwcP1nXI:LZ1aIhcOu1M:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=EVGXwcP1nXI:LZ1aIhcOu1M:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/EVGXwcP1nXI" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/EVGXwcP1nXI/power-of-portable-firefox-makes-it.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/power-of-portable-firefox-makes-it.htmltag:blogger.com,1999:blog-7253947051673117336.post-8374358394956021431Wed, 22 Jun 2011 19:01:00 +00002011-07-19T02:46:47.561+05:30JSON CSRF attackscross site request forgery attacksJSON Cross Site Request ForgeryJSON XSRF attackscross site request forgeryXSRF<h2> JSON XSRF Attacks</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <a href="http://1.bp.blogspot.com/-fWW5jZevBG0/Td_E4NCH3tI/AAAAAAAAAdg/VDrJtzQtI8M/s320/browsing.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-fWW5jZevBG0/Td_E4NCH3tI/AAAAAAAAAdg/VDrJtzQtI8M/s320/browsing.jpg"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">In our last post on JSON XSRF attacks we saw some basics about XSRF attacks. So now in this section we will have our look on how to find and exploit JSON vulnerability for attack. As told in previous post JSON vulnerability exists when JSON data transfer format is used instead of standard XML data transfer format and that happens only in AJAX based web applications so following are your steps to find out whether a site is vulnerable or not.</span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/json-xsrf-attacks_23.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_Tmadg3bJm8:tFsrjdsZ7S8:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_Tmadg3bJm8:tFsrjdsZ7S8:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_Tmadg3bJm8:tFsrjdsZ7S8:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=_Tmadg3bJm8:tFsrjdsZ7S8:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_Tmadg3bJm8:tFsrjdsZ7S8:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=_Tmadg3bJm8:tFsrjdsZ7S8:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=_Tmadg3bJm8:tFsrjdsZ7S8:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/_Tmadg3bJm8" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/_Tmadg3bJm8/json-xsrf-attacks_23.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/json-xsrf-attacks_23.htmltag:blogger.com,1999:blog-7253947051673117336.post-969462793326302957Sun, 19 Jun 2011 16:20:00 +00002011-07-19T02:47:36.501+05:30JSON CSRF attacksJSON Cross Site Request ForgeryJSON XSRF attacks<h2> JSON XSRF Attacks</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"></span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://2.bp.blogspot.com/-L3bYKDTp41E/Tf4bquBwJxI/AAAAAAAAAeU/RQKtYJ-nEwo/s1600/images.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://2.bp.blogspot.com/-L3bYKDTp41E/Tf4bquBwJxI/AAAAAAAAAeU/RQKtYJ-nEwo/s1600/images.jpg"></a></div> <span style="font-size: large;">Welcome to another episode of Cross Site Request Forgery Attacks on DEVILS BLOG ON SECURITY. In this post we will discus a little about JSON hacking. Now you might have question why we haven&#39;t covered JSON XSRF attacks along with other XSRF attacks. This question is little difficult to answer but here&#39;s my explanation. All other XSRF attacks usually depend on session management attacks in one or another way, directly or indirectly XSRF attacks can be called as derivative obtained by adding and integrating Session Management Attacks, Frame Injection Flaws and Cross Site Scripting whereas the case is little different in JSON XSRF attacks. Many professionals even object inclusion of JSON attack as XSRF attack but we have nothing to do with it. So lets see how JSON XSRF attacks are different from other XSRF attacks.</span><br> </div></div><a href="http://nrupentheking.blogspot.com/2011/06/json-xsrf-attacks.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VVoyHMQi1eg:-t23cmAgbFg:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VVoyHMQi1eg:-t23cmAgbFg:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VVoyHMQi1eg:-t23cmAgbFg:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=VVoyHMQi1eg:-t23cmAgbFg:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VVoyHMQi1eg:-t23cmAgbFg:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=VVoyHMQi1eg:-t23cmAgbFg:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VVoyHMQi1eg:-t23cmAgbFg:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/VVoyHMQi1eg" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/VVoyHMQi1eg/json-xsrf-attacks.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/json-xsrf-attacks.htmltag:blogger.com,1999:blog-7253947051673117336.post-5852352843313059Thu, 16 Jun 2011 18:22:00 +00002011-07-19T02:48:34.006+05:30free traffic generationviral traffic<h2> Must Read For All Who Are In Desparate Need Of Web Traffic</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"></span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://www.squidoo.com/workshop/increase-traffic-to-your-site-free" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="319" id=":current_picnik_image" src="http://www.autotrafficmagnet.com/images/site/bundle.jpg" width="320"></a></div> <span style="font-size: large;">Are you a website or blog owner working hard to generate traffic to your website or you are an internet marketer who is struggling to generate traffic to his/her web page so that his/her online venture should turn into money making game. Then here is a system that guarantees you hits and conversions from your online ventures. And the best part of its 100% free. I joined this system 7 days ago and I was able to pull out 922 page-views with with 441 unique page hits in just 7 days to my brand new website. Believe me that&#39;s not joke at all pulling out 922 hits in just 7 days. I personally recommend you to join this system and see results all by your own eyes I guarantee you it does works and the best part about it is its free. You don&#39;t need credit card or Paypal account to join this system registration is just clicks away. </span><br> </div></div></div><a href="http://nrupentheking.blogspot.com/2011/06/must-read-for-all-who-are-in-desparate.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=n4H3eleW3eM:iPT5JEBIouk:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=n4H3eleW3eM:iPT5JEBIouk:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=n4H3eleW3eM:iPT5JEBIouk:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=n4H3eleW3eM:iPT5JEBIouk:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=n4H3eleW3eM:iPT5JEBIouk:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=n4H3eleW3eM:iPT5JEBIouk:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=n4H3eleW3eM:iPT5JEBIouk:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/n4H3eleW3eM" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/n4H3eleW3eM/must-read-for-all-who-are-in-desparate.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/must-read-for-all-who-are-in-desparate.htmltag:blogger.com,1999:blog-7253947051673117336.post-9071109641727296403Thu, 16 Jun 2011 18:14:00 +00002011-07-19T02:49:13.778+05:30cross site request forgery attacksCSRFXSRF attacksCSRF attackscross site request forgeryXSRF<h2> XSRF Countermeasure</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <a href="http://3.bp.blogspot.com/-O_msE5QMe9s/TfpHXrbbm7I/AAAAAAAAAeI/-KxqEENyiss/s1600/XSRF2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://3.bp.blogspot.com/-O_msE5QMe9s/TfpHXrbbm7I/AAAAAAAAAeI/-KxqEENyiss/s1600/XSRF2.jpg"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Welcome back to <a href="http://www.autotrafficmagnet.com/links/3288" target="_blank">Devil&#39;s Blog On Security</a>. Today we&#39;ll cover countermeasures against XSRF attacks. From our previous posts on XSRF attacks it is quite clear that XSRF vulnerabilities arise mostly due to automatic submission of cookies therefore one of the best things you can opt as an countermeasure is not to rely completely on HTTP cookies.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Avoid use of hidden variables in HTML pages for critical applications better use any other alternative.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">A protected session management can even avoid XSRF attacks that can be executed using session hacking.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Don&#39;t ever rely on HTTP for HTTP Referrer header since it can be spoofed.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Keep all plug-ins of your web browser updated.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"></span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/xsrf-countermeasure.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Zi9XQecp7eY:lZ1e-IMP0_A:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Zi9XQecp7eY:lZ1e-IMP0_A:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Zi9XQecp7eY:lZ1e-IMP0_A:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=Zi9XQecp7eY:lZ1e-IMP0_A:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Zi9XQecp7eY:lZ1e-IMP0_A:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=Zi9XQecp7eY:lZ1e-IMP0_A:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Zi9XQecp7eY:lZ1e-IMP0_A:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/Zi9XQecp7eY" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/Zi9XQecp7eY/xsrf-countermeasure.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/xsrf-countermeasure.htmltag:blogger.com,1999:blog-7253947051673117336.post-1723360692976184622Mon, 13 Jun 2011 12:50:00 +00002011-07-19T02:50:04.218+05:30cross site request forgery attackssession hackingCSRFXSRF attackssession management attacksCSRF attackscross site request forgeryXSRF<h2> Hacked Session XSRF Attack</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"><a href="http://4.bp.blogspot.com/-2b94_lzNv9w/TfYGzO89E_I/AAAAAAAAAd4/URrhLj8vw5w/s1600/CSRF.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://4.bp.blogspot.com/-2b94_lzNv9w/TfYGzO89E_I/AAAAAAAAAd4/URrhLj8vw5w/s1600/CSRF.jpg"></a></span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">In our last post we discussed <a href="http://nrupentheking.blogspot.com/2011/06/sessen-management-attacks.html" target="_blank">countermeasures against session hacking</a>. Here we gonna discus one more attack that can be done if session is not protected. Hacked session XSRF attack is combination of session hacking and <a href="http://nrupentheking.blogspot.com/2011/05/cross-site-request-forgery-csrf-xsrf.html" target="_blank">cross site request forgery(XSRF)</a>. Hacked session XSRF vulnerabilities arise where HTTP cookies are used to transmit session tokens. That means once HTTP cookie is set in browser it&#39;ll automatically submit that cookie back to application for every request. </span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/hacked-session-xsrf-attack.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=CQ2NhubwarE:mgPPCywEdJo:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=CQ2NhubwarE:mgPPCywEdJo:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=CQ2NhubwarE:mgPPCywEdJo:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=CQ2NhubwarE:mgPPCywEdJo:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=CQ2NhubwarE:mgPPCywEdJo:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=CQ2NhubwarE:mgPPCywEdJo:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=CQ2NhubwarE:mgPPCywEdJo:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/CQ2NhubwarE" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/CQ2NhubwarE/hacked-session-xsrf-attack.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/hacked-session-xsrf-attack.htmltag:blogger.com,1999:blog-7253947051673117336.post-6537185579019632250Sun, 12 Jun 2011 14:54:00 +00002011-07-19T02:51:38.148+05:30NetBIOS EnumerationEnumerationfree ebook download<h2> Free Ebook Download | The Compelete NetBIOS Enumeration Tutorial</h2> <hr /> <div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"><a href="http://4.bp.blogspot.com/-YoqXCGgtCF4/TfTR9DXJCxI/AAAAAAAAAd0/_9EtIbv_LWQ/s1600/NetBIOS+Enumeration.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="99" src="http://4.bp.blogspot.com/-YoqXCGgtCF4/TfTR9DXJCxI/AAAAAAAAAd0/_9EtIbv_LWQ/s640/NetBIOS+Enumeration.PNG" width="640" /></a></span></div> <br /> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Following ebook on NetBIOS enumeration covers everything you want to and you need to know about enumerating NetBIOS. This ebook covers NetBIOS enumeration with basics to using tools to enumerate it in possible details and in short simple form. Download and have fun.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"><a href="http://bit.ly/lcZbsu">Download Link</a>&nbsp;</span></div> <span style="font-size: large;"> </span></div><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=WDVrtO3z-t0:1J5oqre65rQ:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=WDVrtO3z-t0:1J5oqre65rQ:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=WDVrtO3z-t0:1J5oqre65rQ:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=WDVrtO3z-t0:1J5oqre65rQ:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=WDVrtO3z-t0:1J5oqre65rQ:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=WDVrtO3z-t0:1J5oqre65rQ:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=WDVrtO3z-t0:1J5oqre65rQ:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/WDVrtO3z-t0" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/WDVrtO3z-t0/free-ebook-download-compelete-netbios.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/free-ebook-download-compelete-netbios.htmltag:blogger.com,1999:blog-7253947051673117336.post-2488761272994611197Sun, 12 Jun 2011 10:55:00 +00002011-07-19T02:52:11.267+05:30session hackingsession management attackssession attackssession management<h2> Session Management Attacks Countermeasure</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"><a href="http://2.bp.blogspot.com/-BuhXfpiim6E/TfSaZaUOJQI/AAAAAAAAAdw/CjZuwLW3vs8/s1600/session.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="300" src="http://2.bp.blogspot.com/-BuhXfpiim6E/TfSaZaUOJQI/AAAAAAAAAdw/CjZuwLW3vs8/s320/session.jpg" width="320"></a></span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">From last few posts we are discussing session hacking or we can say attacks against session management. So after having a small look over session hacking and some of its regular types its time to have a look on its countermeasures. Same as any other web application countermeasures session hacking countermeasures also depend upon type of application and its implementation or you can say type of vulnerability a web application can suffer from. In this following post we will discuss some preventive measures which can be practically implemented over any web application against session hacking.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"></span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/sessen-management-attacks.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=6XZU0H6taQM:s04e73OvBcA:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=6XZU0H6taQM:s04e73OvBcA:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=6XZU0H6taQM:s04e73OvBcA:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=6XZU0H6taQM:s04e73OvBcA:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=6XZU0H6taQM:s04e73OvBcA:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=6XZU0H6taQM:s04e73OvBcA:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=6XZU0H6taQM:s04e73OvBcA:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/6XZU0H6taQM" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/6XZU0H6taQM/sessen-management-attacks.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/sessen-management-attacks.htmltag:blogger.com,1999:blog-7253947051673117336.post-9018711063459089615Sat, 11 Jun 2011 03:23:00 +00002011-07-19T02:52:42.366+05:30<h2> Comments And Contact Me Form Closed</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <span style="font-size: large;"><a href="http://4.bp.blogspot.com/-EkJq4SzNfj0/TfLesAwKqZI/AAAAAAAAAds/zwL13-F4Ibw/s1600/closed31.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="300" src="http://4.bp.blogspot.com/-EkJq4SzNfj0/TfLesAwKqZI/AAAAAAAAAds/zwL13-F4Ibw/s400/closed31.jpg" width="400"></a></span></div> <span style="font-size: large;"> </span><br> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Hi guys I was quite busy last few days due to which I was unable to pay attention to my blog for nearly 4-5 days. Day before yesterday when I checked my e-mails I was shocked to see 96 mails from contact me form. As days are passing number of emails are increasing and most of them contain silly and same questions whose answers were already posted on blog. Please note that I am not a kid nor a newbie in hacking I am a Computer and Network Security Professional and I really try my best to keep things as simple as possible but when I see questions from people I see lack in basics and sometimes incredible stupidity.</span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/comments-and-contact-me-form-closed.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wE6fsHwoRt0:UHk0fVqyUx8:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wE6fsHwoRt0:UHk0fVqyUx8:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wE6fsHwoRt0:UHk0fVqyUx8:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=wE6fsHwoRt0:UHk0fVqyUx8:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wE6fsHwoRt0:UHk0fVqyUx8:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=wE6fsHwoRt0:UHk0fVqyUx8:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=wE6fsHwoRt0:UHk0fVqyUx8:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/wE6fsHwoRt0" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/wE6fsHwoRt0/comments-and-contact-me-form-closed.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/comments-and-contact-me-form-closed.htmltag:blogger.com,1999:blog-7253947051673117336.post-2428459553399814650Mon, 06 Jun 2011 18:06:00 +00002011-07-19T02:53:12.921+05:30session hackingsession management attackssession attackssession management<h2> Attacks Against Mishandling Of Tokens</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">In last post to <a href="http://nrupentheking.blogspot.com/2011/05/web-application-security.html" target="_blank">session hacking series</a> we saw how to attack weak token generation methods. In this post we will see how session tokens are mishandled and how they are attacked for mishandling. An important point that you must note that no matter how much secure coding you implement while creating session tokens if they are mishandled there&#39;s no way you can protect session from getting hacked. Next thing that you should keep in mind is that implementation of SSL doesn&#39;t guarantee 100% security against session hacking. Implementation of SSL helps in protecting tokens if implemented properly but honestly speaking there are many websites which does not really implement SSL properly thus leaving even SSL open to attack.</span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/attacks-against-mishandling-of-tokens.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Hsal_uzCwt4:sJXGJqiWLX0:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Hsal_uzCwt4:sJXGJqiWLX0:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Hsal_uzCwt4:sJXGJqiWLX0:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=Hsal_uzCwt4:sJXGJqiWLX0:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Hsal_uzCwt4:sJXGJqiWLX0:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=Hsal_uzCwt4:sJXGJqiWLX0:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=Hsal_uzCwt4:sJXGJqiWLX0:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/Hsal_uzCwt4" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/Hsal_uzCwt4/attacks-against-mishandling-of-tokens.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/attacks-against-mishandling-of-tokens.htmltag:blogger.com,1999:blog-7253947051673117336.post-7150706292817732429Mon, 06 Jun 2011 18:02:00 +00002011-07-19T02:56:58.200+05:30free downloadfree ebook download<h2> Free Ebook Download | Teach Yourself C++ In 21 Days</h2> <hr /> <div dir="ltr" style="text-align: left;" trbidi="on"> <div style="text-align: justify;"> <span style="font-size: large;">Teach Yourself C++ In 21 Days is proprietary release from Sams publication. The following book has been provided by <a href="http://www.mcp.com/">www.mcp.com</a> as free download. So enjoy learning programming if you haven't yet started.&nbsp;</span></div> <div style="text-align: justify;"> <span style="font-size: large;"><a href="http://bit.ly/lMJdlY">Download Teach Yourself C++ In 21 Days</a></span></div> </div><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=5NA_usj0o_o:kYngRDwc2ns:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=5NA_usj0o_o:kYngRDwc2ns:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=5NA_usj0o_o:kYngRDwc2ns:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=5NA_usj0o_o:kYngRDwc2ns:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=5NA_usj0o_o:kYngRDwc2ns:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=5NA_usj0o_o:kYngRDwc2ns:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=5NA_usj0o_o:kYngRDwc2ns:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/5NA_usj0o_o" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/5NA_usj0o_o/free-ebook-download-teach-yourself-c-in.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/free-ebook-download-teach-yourself-c-in.htmltag:blogger.com,1999:blog-7253947051673117336.post-5238394409810343205Sat, 04 Jun 2011 12:52:00 +00002011-07-19T02:54:31.347+05:30session hackingsession management attackssession attackssession management<h1> Attacks Against Weak Token Generation</h1> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">During our last post to this we discusses about basics of <a href="http://nrupentheking.blogspot.com/2011/06/session-hacking-session-management.html" target="_blank">Session Management Attack</a> which is also known as session hacking. In this post we will have a look on how you can attack weak token generation method to attack session management. Following are most common methods of generating weak tokens,</span></div> <ul> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Using meaningful tokens</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Predictable token generation</span></div> </li> <li><div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Adding time dependent variations in tokens</span></div> </li></ul></div><a href="http://nrupentheking.blogspot.com/2011/06/attacks-against-weak-token-generation.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VU25oAjY3Vw:E9txTKMU2nc:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VU25oAjY3Vw:E9txTKMU2nc:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VU25oAjY3Vw:E9txTKMU2nc:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=VU25oAjY3Vw:E9txTKMU2nc:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VU25oAjY3Vw:E9txTKMU2nc:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=VU25oAjY3Vw:E9txTKMU2nc:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=VU25oAjY3Vw:E9txTKMU2nc:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/VU25oAjY3Vw" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/VU25oAjY3Vw/attacks-against-weak-token-generation.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/attacks-against-weak-token-generation.htmltag:blogger.com,1999:blog-7253947051673117336.post-651983930327798190Fri, 03 Jun 2011 15:11:00 +00002011-07-19T02:55:02.867+05:30free download<h2> Free Ebooks For Download</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <a href="http://2.bp.blogspot.com/-w24OZ8K5Ta4/Tej5JosxLKI/AAAAAAAAAdo/KGUBHQxOlvs/s1600/free-download-1.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="238" src="http://2.bp.blogspot.com/-w24OZ8K5Ta4/Tej5JosxLKI/AAAAAAAAAdo/KGUBHQxOlvs/s320/free-download-1.jpg" width="320"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Since several days people are sending me mails about why I don&#39;t offer any free stuff to them for joining mailing list or why I am not offering ebooks for free to download. When such mails began to show up in my inbox I took it easy but now I receive at least 1 email about free stuff everyday and sometimes even 5-10. At an average when I calculated number of emails this month regarding free ebooks they were above 100-120. First of all I want to tell all my readers that I don&#39;t want to promote my blog by providing you with illegal and pirated contents. But as I am getting heavy requests about providing free ebooks I have decided to provide you with it. By the way I&#39;ll not provide you with any pirated contents that means you&#39;ll not get any illegal download from me. So what kind of ebooks I am gonna provide. Internet is full of useful free and legal ebooks which can be downloaded and can be given to anyone for download. So books that you&#39;ll receive will be,</span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/free-ebooks-for-download.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-5nhCjJHS3U:yqgEUml-7Sc:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-5nhCjJHS3U:yqgEUml-7Sc:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-5nhCjJHS3U:yqgEUml-7Sc:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=-5nhCjJHS3U:yqgEUml-7Sc:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-5nhCjJHS3U:yqgEUml-7Sc:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=-5nhCjJHS3U:yqgEUml-7Sc:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=-5nhCjJHS3U:yqgEUml-7Sc:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/-5nhCjJHS3U" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/-5nhCjJHS3U/free-ebooks-for-download.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/free-ebooks-for-download.htmltag:blogger.com,1999:blog-7253947051673117336.post-5597761031955842169Thu, 02 Jun 2011 15:02:00 +00002011-07-19T02:55:40.002+05:30session hackingsession management attackssession attackssession management<h2> Session Hacking | Session Management Attacks | The Basics</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <br> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s1600/hijacking.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="271" src="http://4.bp.blogspot.com/-b8D89PcFfNU/TeelZkBGCkI/AAAAAAAAAdk/IF269PoISKQ/s320/hijacking.gif" width="320"></a></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">So we are here to discus one more topic related to web application hacking, that is session hacking. Note that session hijacking and session hacking are closely related terms but are slightly different. In session hacking application level attacks are concerned where as in session hijacking application level attack as well as TCP/IP level attacks are covered. Session hacking in other terms can also be called as Session Management Attack. So here I must clear we are discussing session hacking not session hijacking. People with confusion in session hacking and session hijacking should read this post carefully I hope that would help them clear up their confusion. </span></div> </div><a href="http://nrupentheking.blogspot.com/2011/06/session-hacking-session-management.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=1j9_T54_OIw:VhLXHkcO9rM:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=1j9_T54_OIw:VhLXHkcO9rM:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=1j9_T54_OIw:VhLXHkcO9rM:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=1j9_T54_OIw:VhLXHkcO9rM:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=1j9_T54_OIw:VhLXHkcO9rM:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=1j9_T54_OIw:VhLXHkcO9rM:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=1j9_T54_OIw:VhLXHkcO9rM:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/1j9_T54_OIw" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/1j9_T54_OIw/session-hacking-session-management.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/06/session-hacking-session-management.htmltag:blogger.com,1999:blog-7253947051673117336.post-4551704961658791948Sun, 29 May 2011 18:08:00 +00002011-07-19T02:56:32.637+05:30protect pc from hackerhacker safe pcsecure your system<h2> How To Create Create A Strong Defense Against Hackers For Your PC</h2> <hr> <div dir="ltr" style="text-align: left;" trbidi="on"> <div dir="ltr" style="text-align: left;" trbidi="on"> <div dir="ltr" style="text-align: left;" trbidi="on"> <span style="font-size: large;"></span><br> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Hello all in this following post we will have a look on how to create a strong defense against hackers for your personal computers. </span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"><br> </span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"><u><b>Selection of Anti-Virus:</b></u></span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;">Stage one of any secured system is anti-virus so selecting a good anti-virus is must. For general users who use their PC for browsing, gaming, movies and music a free anti-virus is good to go. My personal favor is Avast and AVG . Please note that there are several fake free anti-virus online which are nothing but malicious codes so its better to download those which are well known and from their official sites only. For those who use their computer for transactional purposes like online banking, purchase of goods, making online payments, wire transfer, donations, paid subscriptions or services should specially opt for complete Internet Security Suite. Following are my personal recommendations.</span></div> <div align="JUSTIFY" style="margin-bottom: 0in;"> <span style="font-size: large;"></span><br> </div></div></div></div><a href="http://nrupentheking.blogspot.com/2011/05/how-to-create-create-strong-defense.html#more">Continue Reading....</a><div class="feedflare"> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=tPPvw5ac4ms:vhV0j3peinE:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=yIl2AUoC8zA" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=tPPvw5ac4ms:vhV0j3peinE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=tPPvw5ac4ms:vhV0j3peinE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=tPPvw5ac4ms:vhV0j3peinE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=tPPvw5ac4ms:vhV0j3peinE:-BTjWOF_DHI"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?i=tPPvw5ac4ms:vhV0j3peinE:-BTjWOF_DHI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/blogspot/DOLOD?a=tPPvw5ac4ms:vhV0j3peinE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/blogspot/DOLOD?d=YwkR-u9nhCs" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/blogspot/DOLOD/~4/tPPvw5ac4ms" height="1" width="1"/>http://feedproxy.google.com/~r/blogspot/DOLOD/~3/tPPvw5ac4ms/how-to-create-create-strong-defense.htmlnoreply@blogger.com (Nrupen Masram)http://nrupentheking.blogspot.com/2011/05/how-to-create-create-strong-defense.html