Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / Archives for April 2012

WebSploit Toolkit version 1.6 released

Posted by Deepanker Verma Monday, April 30, 2012 0 comments





WebSploit is an open source project which is used to scan and analysis remote system in order to fnd various type of vulnerabilites. This tool is very poerful and support multiple vulnerabilities. All the scripts of this tool is written on the python and users can also modify the source code to customize the working according to their need.


These are main vulnerabilities which can be found and exploited with the help of this tool


Description :
Autopwn - Used From Metasploit For Scan and Exploit Target Service
wmap - Scan,Crawler Target Used From Metasploit wmap plugin
format infector - inject reverse & bind payload into file format
phpmyadmin - Search Target phpmyadmin login page
lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF
apache users - search server username directory (if use from apache webserver)
Dir Bruter - brute target directory with wordlist
admin finder - search admin & login page of target
MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
MITM - Man In The Middle Attack
Java Applet Attack - Java Signed Applet Attack
MFOD Attack Vector - Middle Finger Of Doom Attack Vector
USB Infection Attack - Create Executable Backdoor For Infect USB For Windows


Read More


Download
Categories: , , , , ,

Tips to protect Facebook account from hackers

Posted by Deepanker Verma Sunday, April 29, 2012 1 comments

Facebook, the social networking website or we can say our virtual world. Most of the people live more in this virtual world than their real world. We share our photos, moods and thoughts with our friends. But with the increase in use of Facebook, Hackers are also very active and they always try to hack innocent people's facebook account.


Many people do not care about their Facebook account security. According to them, "There is no loss to me if my facebook account is hacked." But they easily forget that they also have some of their private information. And if there is no private information, the account represents you. These are the people who never care about their account security and then request me to help in getting back their facebook account because some one is using it and doing abusive things. 


Why should you always try to protect your account: Facebook is your online identity. If you account is hacked, you will have to face following problems:
1. Now someone else is living your life in Facebook. All the abusive and criminals activities done by hacker will represent you.
2. He will ruin your reputation.
3. Your private photos can be misused in porn industry.
4. Your personal data wil be sold to the internet marketing firms
5. If you are a girl, then i do not think i have to explain the problem.


Myths about facebook hacking: Some people think that hackers have some nice hacking tools which easily gra their passwords. So they can not do any thing to protect their account. There is not a single percent truth in this. No tool exists which can grab your password. Yeah some hackers use facebook security services as a security bug to take over your facebook account. But facebook has given so many ways to recover facebook account. You are never going to lose your facebook account if you will follow all the security points which i am goinf to describe in this post.
Most of the time hackers use phishing and keyloggers to hack facebook account. Protection against these attacks are easy.


Read: How to access any deleted and unavailable photo on facebook

Security settings for facebook:
1. Hide your primary Email account and phone number from your profile. This should only be visible to you. It should not be available to your friends too.
To do this click on your name on the top navigation bar and go to your time line. Now click on About to open your profile info. Here scroll down to contact info and click on Edit. Here you will see some icons with a down arrow key in front of each info. click on drop down in front of emails to change it to "only me." 


You must hide your email id and phone number and change the visibility to "only me" option.
Hackers can use your email id and phone number to perform phising attack.
2. Go to "Account settings" and then Security tab. Turn on "Secure Browsing". Click on Edit to enable the setting.
Enable "login notifications." This wil help you to know the unauthorize activity each time your account has been tried to access by you or someone else.
3. Add your phone number as a recovery option. This is the best way to recover the password.
4. Use a good Antivirus and internet security to protect system from keyloggers and trojans. Most of the internet security tools also warns against phishing page.
5. Regular update your browser and windows for latest patches. Updated browsers has inbuilt security tools which protects against malicious downloads and phishing links.
6. Avoid clicking on suspicious links and spams on Facebook. There are various type of scams running on the Facebook which attracts users by many offers. 
7. For girls, avoid adding strange smart boys.. profile pics can be fake. And if added any, never reveal your personal information such as address, phone number, about family and some other which can cause a trouble for you. Because many fake boys started blackmailing girls by saying that they will mail chats to her father or post pics on public websites.


These are some facebook security tips which must follow in order to protect your facebooka account.


Read: How to hack Facebook Account
Categories: ,

WordPress 3.3.1 Suffers Multiple CSRF Vulnerabilities

Posted by Deepanker Verma 0 comments


WordPress version 3.3.1 suffers from multiple cross site request forgery vulnerabilities. These CSRF vulnerabilities allow attackers to add administrators/users, delete administrators/users, change post title, approve and unapprove comment, delete comment, change background image, change Site Address, insert custom header image, change site title, change administrator's email, change Wordpress Address, when an authenticated user/admin browses a special crafted web page. There may be some other parameters which can be modified by this CSRF vulnerability.

These vulnerabilities are found by Ivano Binetti (http://www.ivanobinetti.com).
According to research, this CSRF vulnerability is caused by a security flaw in anti-CSRF token (_wpnonce, _wpnonce_create-user, _ajax_nonce, _wpnonce-custom-background-upload, _wpnonce-custom-header-upload) generation.

This vulnerability allows an attacker, who has sniffed anti-CSRF token, to have 12 hour to perform a CSRF attack and perform following operations:
  • ·         Add Admin/User
  • ·         Delete Admin/User
  • ·         Approve comment
  • ·         Unapprove comment
  • ·         Delete comment
  • ·         Change background image
  • ·         Insert custom header image
  • ·         Change site title
  • ·         Change administrator's email
  • ·         Change WordPress Address
  • ·         Change Site Address

·         Other operations (like insert a new post) are not affected by this CSRF vulnerability.

Webmasters, running WordPress version 3.3.1 for their website and blog,  are advised to upgrade to the latest version of the WordPress.

Read More


Categories: , ,

90% SSL websites are vulnerable to the BEAST SSL attack

Posted by Deepanker Verma Saturday, April 28, 2012 0 comments

According to the latest cyber report by the Trustworthy Internet Movement (TIM), a nonprofit organization dedicated to solving Internet security, privacy and reliability problems, 90% of the websites running on HTTPS enabled secure protocol are vulnerable to the SSL attack, BEAST.


This report is based on the data provided by SSL Pulse project. This project scanned top 1 million websites with the automated scanning technology developed by security vendor Qualys and then generated a report on strength of HTTPS implementations. It checks what protocols are supported by the HTTPS-enabled websites (SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, etc.), the key length used for securing communications (512 bits, 1024 bits, 2048 bits, etc.) and the strength of the supported ciphers (256 bits, 128 bits or lower).


90% od the websites scanned are vulnerable to the known type of attack BEAST. This SSL attack takes advantage of a flaw in SSL 3.0, allowing the attacker to grab and decrypt HTTPS cookies on an end user’s browser, effectively hijacking the victim’s session. This could be achieved either through an iframe injection or by loading the BEAST JavaScript into the victim’s browser, but BEAST is known to be especially hard to execute.


Trustworthy Internet Movement has also created a taskforce which includes various security experts who will review SSL governance issues and develop proposals aimed at fixing both SSL and the certificate authority systems. The taskforce members include Michael Barrett, chief information security officer at PayPal; Taher Elgamal, one of the creators of the SSL protocol; Adam Langley, a Google software engineer responsible for SSL in Chrome and on the company's front-end servers; Moxie Marlinspike, the creator of the Convergence project, which offers an alternative method for SSL certificate validation; Ivan Ristic, the creator of the Qualys SSL Labs and Ryan Hurst, chief technology officer at certificate authority GlobalSign.


SOURCE
Categories: ,

Collection of Windows password recovery tools

Posted by Deepanker Verma Tuesday, April 24, 2012 0 comments

Being human forgetting ones windows password is a common thing, I am sure you have come across or heard that one of your friends or family members has just forgotten his/her password and can't access the content of their computer. Well, we all are bound to experience a blonde moment one time or several times but when it comes to forgetting your windows login password it can be quite irritating and even costly.
If you do happen to experience such an unlucky episode then you don't have to bang your laptop or desktop computer to the floor in frustration because it isn't your computers fault, it is your fault, your computer is just following your instructions so it is up to you to correct the mistake that you made.

There are several windows password recovery tools both free and premium that one can use to get you back into your machine so that you can finish that business report which is due tomorrow, or finish your class assignment or so that you can chat with your friends in facebook or twitter.


Here is a list of some of these incredible life saver tools:

1. Ophcrack progam and Ophcrack Live CD: Ophcrack is a free software program that helps one to retrieve their passwords.
The program is available in two formats either as a executable program or a live CD.
It is a fast and easy to use program that can be used by anybody with basic knowledge about windows.

-If you are using the installed executable version of Ophcrack just run the program and it will retrieve your passwords from the windows registry.

-If you are using a live CD just place the CD in your DVD drive and boot from the CD which start its work of retrieving your window passwords.

This program can be used in Windows XP, Windows 7 and Windows vista.


2. Active password changer professional: This is a premium software that unlike Ophcrack works by deleting passwords, hence your computer doesn't have a password anymore so you can login without entering one. It is an installable program so one doesn't need a bootable CD.

This software can be purchased at a fee of $ 49.95 and can be used in Windows XP, Windows 7, Windows server 2003 and 2008 and Windows Vista.


3. PC login now: This is a free software that works like Active password changer by deleting passwords stored in your computer turning your computer becomes defenseless and you can just log in with no password.

4. Windows Password reset: This is a commercial software that is run as a bootable CD.  It doesn't come with a fancy graphical user interface but it does the work pretty well and it’s easy to create a Live CD from it.

You only need to place your CD in the DVD drive boot from it and this sofware will let you reset your password.

It works in windows XP, Windows vista, Windows 7, windows server 2003 and 2008 and Windows NT and can be purchased at a fee of $ 19.95.

5. Cain and Abel: This is yet another effective free installable software. To use this program run it as administrator and the software will recover your passwords. It tends to have a complicated user interface so one might opt to read a manual or tutorial on how to use it before giving it a try.
It is compatible with windows Xp, Windows 7 and widows vista

6. Login recovery: This is a commercial software that is run as a bootable CD. Place your bootable and boot from it and if you have an internet connection on your machine then the software will retrieve the encrypted password and send it to the makers of Login recovery servers, which will decrypt it and send your decrypted email to your email account. Then use the password you have received to gain access to your computer.

7. Kon boot:  This is yet another free windows recovery tool that also requires a bootable CD inorder to work. It can be used to delete passwords or reset them.  However it is not compatible with 64 bit Windows operating systems.



About the author: Claudia is a blogger by profession. She loves writing on luxury and technology. She recently read an article on lawnmower reviews that attracted her attention. These days she is busy in writing an article on Sony Vaio Zreview


Categories: , , ,

Response Analysis and Further Testing Tool - RAFT

Posted by Deepanker Verma Monday, April 23, 2012 0 comments

This post is about one more vulnerabilities identification tool. Although this tool is not so famous but works good. RAFT is a suit of security tools which are used as a testing tool for the vulnerability identification in web applications. RAFT utilize common shared elements to make testing and analysis easier. The tool provides visibility in to areas that other tools do not such as various client side storage.

RAFT is written in Python and PyQT.   
It requires Python 2.6.5 and above. Python 3 is not supported.


Download and Read more

Categories: , ,

Rootdabitch version 0.1 released, Multithreaded Linux root password Bruteforcer

Posted by Deepanker Verma Friday, April 20, 2012 0 comments



Rootdabitch v0.1 is released. It is a multithreaded Linux/UNIX tool to crack local root through brute-force.
For Brute-forcing, it uses Sucrack which is a multithreaded Linux/UNIX tool for brute-force cracking local user accounts via su. 
This tool is fast and works in background so you can easily do some other works. It is a local brute forcer which uses 10 passwords in 3 seconds. When root is cracked it will email the user using /bin/mail .
All for this, you need to have a php shell/reverse shell/ssh access to the target to run thistool and run it as a normal user, Upload this script into it and give it the execution permission and execute the script like:


 ~ ./rootdabitch youremail@address.com


If the password is cracked you will have a mail with the root password and the password will be stored into password.txt . 

Download and read more


Categories: , ,

“Switch to Green Facebook Profile,” New Survey Scam Hits Facebook

Posted by Deepanker Verma Thursday, April 19, 2012 0 comments

Facebook, a billion dollars company has been trying to protect its users. Every time Facebook takes some protection step, a new scam arrives. But Users are more responsible than Facebook in the success of scammers. They always fall in the false claims and offers of scammer such as Timeline removal, pink facebook and so on. 
This time a new scam arrives on Facebook which offers to turn Facebook Green.
This scam posted a message on users timeline and claims, users can switch Facebook Profiles to green by clicking a link to an event. 
"For a limited amount of time, Facebook will allow you to change your profile color from BLUE to GREEN :) It Looks so cools and it’s something that you MUST try!!! Follow the instructions bellow to switch your color now!" message on the scam post reads.
While clicking on the link, users will be redirected to the event page which instructs users to share the event and post a message on the event wall.
It also instruct users to click on a link to go to the app and allow app to install into users' Facebook profile. 
After clicking on Go to app, it will show a demo page of green Facebook. It alsp ask users to click on links according to their country.
While clicking on country specific link, it will show a popup offring a prize. After clicking on "OK" buttom, it will take users to a survey before receiving their green Facebook profile.  Some of the "survey" pages ask users to provide personal information including name, address and contact details, ostensibly to allow them to go in the draw for a prize. Others invite them to download dubious toolbars, games or software. 
People behind this scam will earn commision for each survey a user completes.
Users are advised not to click on any this type of links or scams.
Categories: ,

New version of Sabpab Mac Trojan discovered

Posted by Deepanker Verma Wednesday, April 18, 2012 0 comments
Yesterday, i reported a new Mac Trojan Sabpab. This new Mac Trojan is a backdoor malware which uses a HTTP channel and sends logs to the attacker. Now a new version of Sabpab has been discovered which do not use java to infect ths system. It exploit malformed word documents to infect Mac system.
If you try to open the boobytrapped Word document on any vulnerable Mac system, this new version of the OSX/Sabpab Trojan horse will automatically installs on that Mac computer. It also creates a backdoor for remote hackers to steal information or install further code.
This new version of Sabpab is totally different from the Flashback Trojan which has some similarities with older version of Sabpab.
This type of infection trick was earlier used by some attackers on Mac. In that Mac malware attacked on system embedding itself inside boobytrapped Word documents. Now the same method is being used in Sabpab.


Source:
Categories: , ,

New Mac OS Trojan discovered as Sabpab

Posted by Deepanker Verma Tuesday, April 17, 2012 0 comments

It seems that Mac is not yet safe as Apple claims it to be most secure operating system. Apple has been already trying to remove Flashback Trojan which has already infected more than 70,000 Mac systems around the world.
Now a new Trojan Horse has been discovered that does not require any user interaction to infect a MAC system. The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.
This is a basic backdoor malware which uses an HTTP connection to connect with server. From server, hacker gives commands to the Trojan. Thus hacker can do many tasks on the infected computers. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely.
The Trojan creates the files


/Users//Library/Preferences/com.apple.PubSabAgent.pfile
/Users//Library/LaunchAgents/com.apple.PubSabAGent.plist


It also creates a log file which has data in encrypted form. Encrypted logs are sent back to the control server.
Although this Trojan is not as widespread as Flashback but it is also harmful. So Mac owners should try to protect their MAC system with a nice Antivirus solution.
Categories: , , , , ,

web-sorrow – Remote Web Security Scanner

Posted by Deepanker Verma Monday, April 16, 2012 0 comments

Web-sorrow is a web server security scanner which is used for checking a Web server for misconfiguration, version detection, enumeration, and server information. This tool is based on PERL. Mos important thing about this tool is that it is not an exploitation framework ofvculnerability scanner. It is a simple tool for checking web server misconfiguration


Current Functionality


-S – stands for standard. a set of Standard tests and includes: indexing of directories testing, banner grabbing, language detection (should be obvious), robots.txt, and 200 response testing (some servers send a 200 ok for every req)
-Eb – stands for error bagging. The default config for servers is to put the server daemon and version and sometimes even the OS inside of error pages. web-sorrow reqs a URl of 20 random bytes with get and post methods.
-auth – looks for login pages with a list of some of the most common login files and dirs. We don’t need to be very big list of URLs because what else are going to name it?
-cmsPlugins – run a huge list of plugins dirs for cms servers. the list is a bit old (2010)
-I – searches the responses for interesting strings
-Ws – looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info
-Fd – look for generally things people don’t want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting.
-proxy – send all http reqs via a proxy. example: 255.255.255.254:8080
-e – run all the scans in the scanner
web-sorrow also has false positives checking on most of it’s requests (it pretty accurate but not perfect).


Download

Read More
Categories: , ,

How to choose a smart Password

Posted by Deepanker Verma Friday, April 13, 2012 0 comments

Password is the only thing which keeps your data secure in this virtual digital world. So it is necessary to choose a smart password which is hard to guess and hard to crack. We should always take care while choosing passwords and select the one which is private and hard to crack.

Before writing some tips to create a strong password, i want to give an advice to all readers not to use same password on every website. I saw many people who use same password on all other websites. You're likely to have dozens of accounts across the web, and you can't guarantee the security of all of those accounts. Many smaller companies don't have security technology capable of guarding your data from cyber criminals. This allows hackers to access your important accounts if they manage to steal your password from a less secure website. So you should keep your banking and email passwords different from the common password which you use on all other websites.

You must follow these simple tips. These will help you to choose a strong password.
  • Use a unique password for all your important accounts
  • Use a password with a mix of letters, numbers, and symbols
  • Create a password that is hard for others to guess
  • Make sure your password recovery options are up-to-date and secure
  • Keep your passwords in a secret place that is not easily visible

Only having a smart and hard to crack password is not enough. You must have some recovery options to recover your account in case of hacked. The best recovery option is phone call or sms recovery. You must enable all security options as much website offers. On Gmail and Facebook, you can also use 2-step verification to make your account more secure.
Categories: ,

Enema v.1.6 SQL Injection Tool Released

Posted by Deepanker Verma 0 comments
Enema gets an update and releases version v.1.6. Enema is a SQL injection tool but not an automatic tool. So this tool is not so popular and used. This tool is for those who knows what to do. This tool has one more drawback that it only supports latest version of database servers.


Features:

  • Multi-platform.
  • User-friendly graphical interface.
  • Multithreaded.
  • Dump.
  • Customize your queries
  • Plugins to automate attacks

Supported for today:
  • POST, GET, Cookies
  • MSSQL >=2000 and MySQL>=5.0
Injection methods supported:
  • Error based injection.
  • Union based injection (using subquery).
  • Blind Time-based MSSQL(waitfor), MySQL(sleep) 
Download: http://code.google.com/p/enema/downloads/list

Categories: , ,

FlashBack Checker- Tool to detect latest Mac Malware

Posted by Deepanker Verma Tuesday, April 10, 2012 0 comments

Few days back, a new Trojan was detected which was found in more than 600,000 mac computers around the globe. This new Trojan was named as FlashBack Trojan. 
Now a Mac developer has develped a tool which is able to detect this popular and harmful malware infection in a Mac computer. This new tool is very small in size which is approx 38 KB. This tool is created by Juan Leon, a software engineer at Garmin International, the Kansas-based company best known for its GPS devices.
This tool is available to download from github and can be run on Mac OS X10.5. This tool is posted as opensource software. So interested developers can see the code to know more how it works.
Flashback checker runs the tests described in the F-Secure Bulletin


Download
Categories: ,

Clickjacking, Likejacking and Cursorjacking

Posted by Deepanker Verma Thursday, April 5, 2012 0 comments

Clickjacking is the less known vulnerability of web applications.


Clickjacking: Clickjacking is he process of hijacking user's click to perform some desired operation on the web page. tricking a user to click on a link which is different to what the user is clicking. This attack is also known as User Interface redress attack, UI redress attack or UI redressing.  It means a user will try click on a different link, but the action will be performed on different link. 


Likejacking: This is the type of clikjacking attack which is performed on facebook. Attacker tricks users to like some facebook posts and pages with the help of this attack.


Cursorjacking: Cursorjacking is also a typr of clickjacking. In this attack cursor of the users screen is displaced from the position user perceives. So user thinks cursor some other place while it is not there. Thus attacker managed to hijack user’s actions on the webpage.


Read the full article written by me on Infosec Institute page. 

CLICKJACKING, CURSORJACKING AND COMMON FACEBOOK VULNERABILITIES


Interested in learning Web Application Penetration Testing, we recommend the best course "Web Application Penetration Testing"

Categories: ,

LOIC Dos attacking tool

Posted by Deepanker Verma 0 comments


LOIC is the popular dos attacking tool. This tool is also known as the main wepon of most (in)famous hacker group anonymous. This group use the modified version of the tool to perform ddos attack. They are also distriuting this tool around the globe and inviting users to join force.
This tool is available for free on all the platform and any one can use this tool to crash small website. But you need a network of computer to perform the attack on the big website.






LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal.


Read the full review of the tool   LOIC (LOW ORBIT ION CANNON) – DOS ATTACKING TOOL



Interested in learning more about Ethical hacking, we recommend the best course "Ethical Hacking by Infosec Institute"

Categories: ,

How to permanently delete a message on Facebook

Posted by Deepanker Verma 0 comments

There is one bad thing in Facebook. It do not want to delete anything from the server. So it has made the deletion work hard. You can not delete your Facebook profile. It also do not allow users to delete messages directly. So it has made an option of archiving messages. So most of the users send Facebook messages to archive in place of deletion. When you open any message on Facebook, you will only see 2 options in front of it. These are "Mark as Unread" and "Archive." So most of the users think that Archive is the way to delete the message. But all the messages which are archived can easily be accessed.


If you also want to access all the messages you have saved in the archive. Follow these steps and see:

  • Login to your Facebook account.
  • Go to messages.
  • Scroll down  the message page and see the links under the label "View". Here you will find a link "Archived".
  • Click on this link and see the new list of messages.
  • These are the messages which you have sent in the archive.



There is one more important thing about Facebook messages. Facebook links all your messages into a single conversation. If you have sent a conversation to archive. It will no longer appear in inbox. But it will re-appear and will be back into inbox when you again have a new conversation with the same person. 


So you should delete message permanently if you really want to delete message. Sending it to archive can create privacy trouble in future.


Follow these steps to delete the message permanently.

  • Login to your facebook account.
  • Now go to messages and see the list of messages.
  • Here open the message which you want to delete.
  • Now click on the action button just above the conversation near the conversation search.
  • Select "Delete Messages..." in the drop down menu.
  • Now this deleted message is no more in your inbox and cannot be recovered.
Categories: ,

IP Spoofing Attack and Defenses

Posted by Deepanker Verma Wednesday, April 4, 2012 0 comments

IP Spoofing is the type of attack in which hacker modify the packets and replace the original source IP with a false IP address. In this case, receiver will say that the packets is received from the fake ID.
The term spoofing is also sometimes used to refer to header forgery because attacker forges the header of the packets with fake information.


Hacker often use this method to hide their identity and making fool on the internet by showing that the packets was sent by different computer system.


This process is used to send fake mail, requests or other information with a fake IP address to mislead others about the information being sent. Hackers often use IP spoofing for sending spam mail and denial of service attacks. 


In this attack, hacker modify the packets and change the source IP address.
Most popular tools used to modify packet headers:
Tools - For Windows
·         Engage Packet Builder - Scriptable packet builder for Windows
·         HPing - Command-line oriented TCP/IP packet assembler/analyzer
·         Nemesis  - Command-line portable IP stack
·         PacketExcalibur  - Graphical and scriptable network packet engine
·         Scapy  - Interactive packet manipulation tool
·         Spoofer  - IP Spoofing Tester
·         Colasoft Packet Builder  - Tool for creating custom network packets
·         Colasoft Packet Player - Packet replay tool
·         NMap - Utility for network exploration and security auditing

      Tools - For Linux

·         LSRscan - Loose Source Route Scanning Tool
·         Scapy - Interactive packet manipulation tool
·         Spoofer - IP Spoofing Tester
·         Yersina - Tool to exploit weaknesses’ in different network protocols
·         Sendip - Send completely arbitrary packets out over the network
·         HPing - Command-line TCP/IP packet assembler/analyzer
·         IRPAS - Internetwork Routing Portocol Attack Suite (File2Cable etc.)
·         LSRtunnel - Loose Source Route Tunneling Tool
·         Nemesis  - Command-line portable IP stack
·         NMap - Utility for network exploration and security auditing
PacketExcalibur - Graphical and scriptable network packet
Defenses against IP Spoofing
There are a few precautions that can be taken to prevent IP Spoofing attack on the network:
Filtering packets at the Router - Implementing ingress and egress filtering on your routers is the best defense against the IP Spoofing attack. Ingress filtering is the process of blocking of packets from outside the network with a source address inside the network while egress filtering is blocking of packets from inside the network with a source address that is not inside. You will also need to implement an ACL (access control list) that blocks private IP addresses on your downstream interface. On the upstream interface, you should restrict source addresses outside of your valid range, which will prevent someone on your network from sending spoofed traffic to the Internet.
Encryption and Authentication - Implementing encryption and authentication will also reduce spoofing threats. Both of these features are included in Ipv6, which will eliminate current spoofing threats. Host IP based authentication must not be used based on the IP address. It is recommended to design network protocols and services so that they do not rely on the IP source address for authentication.

Conclusion: IP Spoofing is really easy now a day because there are many tools available which allow users to edit packets and send packets from the IP as per they want. So performing IP spoofing really simple which leads to some big hacking operations. Although many servers have secure mechanism to spoofed packets but all those mechanisms are limited. Most of the network still does not consider this attack. So their authentication based on IP address fails.


Categories: ,

Command Line Google Dork Tool - GooDork

Posted by Deepanker Verma Tuesday, April 3, 2012 0 comments

Google Dork are some special Google search queires which allows hackers to get some specific information they need.


Read: Google Hacking with Google Dorks


GooDork is a nice python script which is designed to allow users to use the Google Dork direct from the command line. The main thing about the tool is that it combines the power of Google Dork and Regular Expressions.


GooDork allows you to apply regular expressions to any and all of the follow attributes of web applications:

  1. URL
  2. Displayable Text
  3. Anchors
  4. Many more options will shortly be made available
  5. Dependencies

GooDork uses the following python packages, please make sure all of them are available

  1. python beautifulsoup4
  2. python-httplib
  3. python-urllib
  4. python-urlparse
  5. If you are using Python 2.6 you’ll most likely have all of these (except BeautifulSoup).

You can download GooDork here (using git):


Download
Categories: ,

SSLyze v0.4 Released – SSL Server Configuration Scanner

Posted by Deepanker Verma Sunday, April 1, 2012 0 comments

SSLyze v0.4 is released and available for download. SSLyze is a fast SSL scanner which scans and analyze the SSL configuration of servers. This tool support OpenSSL 1.0.1 and TLS 1.1 and 1.2 and detect security holes. Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more. It is based on OpenSSL and a custom SSL Python wrapper.
It is tested on various platforms including Python 2.6 & 2.7 with Ubuntu and Windows 7, both 32 and 64 bits. It will also work on lower platforms mentioned.


New in v0.4

  • Support for OpenSSL 1.0.1 and TLS 1.1 and 1.2 scanning. See –tlsv1_1 and –tlsv1_2.
  • Support for HTTP CONNECT proxies. See –https_tunnel.
  • Support for StartTLS with SMTP and XMPP. See –starttls.
  • Improved/clarified output.
  • Various bug fixes.


Categories: ,
Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz