Saturday, 6 October 2012

Session Hijacking


Session Hijacking is Stealing the existing active Session. The main purpose of Session Hijacking is to bypass authentication process and gain unauthorized access to the computer or Website. In simple words , hackers will login as some other client using their Sessions

TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine

Different Session Hijacking methods:
Session stealing is achieved by following methods

1. Session fixation: In this method, the Hacker sets a user's session id to known victim. For example, Hacker will send email to known victim with a link that contains a particular session id. If the victim followed that link, the hacker can use that session and gain access.

2. Session SideJacking(session Sniffing): In this method, the attacker use packet sniffing to and steal the Session cookie. In order to prevent this, some websites use SSL(encrypts the session). but do not use encryption for the rest of the site once authenticated. This allows attackers that can read the network traffic to intercept all the data that is submitted to the server or web pages viewed by the client.

Unsecured Hotspots are vulnerable to this type of Session Hijacking.

3. Client-side attacks (XSS, Malicious JavaScript Codes, Trojans, etc): Hacker can steal the Session by running the Malicious Javascript codes in client system. Usually hackers attack some websites using XSS and insert their own Malicious Javascript codes.

In client point view it is trusted website, he will visit the website. When victim visit the link , Malicious Javascript will executed. It will steal the Session cookies and other confidential data.

4. Physical access: If the hacker has physical access, it is easy for him to steal the Session. Usually this will occur in public cafe. In public cafe , one use login to some websites(facebook, gmail). A hacker come after victim can steal the session cookies.
Posted by at No comments:

IP ADDRESS SPOOFING


In this post we will discuss IP spoofing. IP stands for internet protocol and is basically a number assigned to your computer when it connects to the internet by your ISP ( Internet Service Provider). Your ISP is the company you get internet through whether it is with your cable or with your phone they are the ones who assign your IP address for internet use. Your IP address is basically an address for your computer similar to your mailing address for your home. The IP address can be used for many things in the modern world and I would give caution with using it. I would recommend using a proxy as much as possible regardless of your browsing habits as hackers and other people online like to grab your IP address and use it for attacking your computer, putting viruses on it and a myriad of other reasons.

Almost every single website you visit has a log and in that log is a record of the different IP addresses that visit the webpage. With this information they can know where you are located and if it is a law agency they can easily find out who you are and much more personal information about you. Many people have been contacted by their ISP as a warning for what they were downloading whether it be movies or music. Usually a law enforcement agency will contact your ISP and ask for records and logs of visited websites if they are suspicious of your internet activity. And then depending on whether they want to warn you of press federal charges they will have your ISP warn you or just show up at your door at the wee hours of night or morning.

So knowing that and how our IP address seriously affects our privacy and surgfing habits I would recommend spoofing it on a consistent level for personal privacy reasons. I do not condone or recommend using it for illegal purposes as you will pay the price eventually. So how do we go about spoofing our IP adress? There are a number of ways to do this so to start the most simple and easy way to do this is by using what is called a CGI proxy.

Basically how a proxy works is instead of asking for a website from our internet service we connect to another internet service and ask them for the information. Basically the request to visit bobspage.com would be redirected through the proxy server and we would receive the information through them and then instead of directly from our ISP. This is also known as bouncing your IP address. This is how a proxy works and proxy basically means to go through. A CGI proxy means COMMON GATEWAY INTERFACE proxy. It is basically an online website that offers a proxy in such a way that all you need to do is go to the CGI proxy website and type in the website you are trying to access spoofed. A lot of ISP's have blocks on certain websites and the same goes with school and work computers. With a CGI proxy you go to its page, enter the site that is blocked you want to visit and you will be taken their through their server unblocked.
Posted by at No comments:

Is your smartphone safe from online threats?

As the security industry kicks off National Cyber Security Awareness Month today, a new report from McAfee has found that 90 per cent of people do not feel completely safe from online viruses, malware and hackers.

In partnership with the National Cyber Security Alliance (NCSA), McAfee surveyed 1,000 adult Internet users, and found disparities between online safety perceptions and actual practices.

While the majority of those surveyed agree that a safe and secure Internet is important, the same amount are concerned about identity theft, viruses, hackers, loss of privacy, and other Internet security maladies.

"The Internet is central to our daily lives and our economy and this new survey shows that the overwhelming majority of Americans believe keeping this system safe and secure is vital," Michael Kaiser, executive director of the NCSA, said in a statement. "The Internet is a shared resource for so many of our daily activities, which is why protecting it is a shared responsibility."

Smartphone security and password protection issues have grown as more people have started using smartphones to access the Web. According to the NCSA/McAfee survey, an even 50 per cent reportedly turn to their mobile device for Internet use, up 6 per cent from last year.

Among them, 63 per cent believe their device is safe from cyber-criminality, with 15 per cent saying they feel "very safe." But 29 per cent are concerned about an attack on their smartphone.

The NCSA reminded smartphone and tablet users that it is just as important to install security software or apps on a mobile device as it is on a PC, where, according to the survey, most people feel safest accessing the Internet.

Chris Boyer, NCSA president and AT&T assistant vice president for public policy, said October's awareness month is a time to reflect on past security measures, and determine how to improve upon them.

"We want all audiences to understand that protecting the Internet is increasingly becoming a matter of public safety," Boyer said in a statement.

McAfee and NCSA reminded Internet users to stay safe online by keeping security software current, limiting shared personal information, creating strong passwords, and protecting all Internet-enabled devices, including computers, smartphones, and gaming systems.
Posted by at No comments:

Imp Info To Be Safe On The Internet.......


Adware, malware, spyware and viruses can bring your system to its knees. They are detrimental, lowering the performance of your computer. You might need to replace data. You might lose unique files. Keep the nasties away from your computer using these ten simple tips.

1. Use Firefox:
Internet Explorer is the most popular browser on the market, controlling over 50% of the market share. The virus and adware creators specifically look for exploitable vulnerabilities within IE because they know that they will receive the best return on investment. Your switch to Firefox prevents some adware from infecting your machine.

2. Scan your PC once a week:
Sometimes adware programmers take a sneaky approach. They will set up their programs to run quietly in the background to spy upon your activities. This once a week scan is necessary to remove any of those sneaky bugs.

3. Download from known sites:
New sites for installing adware are popping up all the time. If you find something that you want to download, make sure that it is from a known site. A company like Amazon will not steer you wrong, but Bob’s House of Wares might be a little less trustable. If you are not sure whether you can trust a site, perform a quick search.

4. Install Adaware:
Ad-Aware is the most popular free adware removal program on the market. It detects, quarantines and removes adware. It searches for other programs which may have been installed, highlighting them in an easy to use interface. This program does not have an anti-virus attached.

5. Do not click on unsolicited email:
You are constantly receiving offers to increase this or improve that through unsolicited email. Your curiosity may be killing you, but don’t click on these emails. They accept your click as permission to install adware, spyware and malware on your PC.

6. Install Antivirus software:
Installing two programs for virus and adware protection is a smart idea. It caters to the strengths of each program, increasing the overall strength of your antiadware and antiviral campaign. Some of the best antivirus software is free, providing real time protection.

7. Don’t install toolbars:
Even some reputable sites install custom toolbars. They slow your system down and collect information about your surfing habits. While a toolbar might offer some perks, it may also diminish your experience by dragging your system to a halt. Toolbars from less reputable places install adware and sometimes infect your system outright.

8. Look at your task manager:
If anything seems out of place with your computer, take a look at your task manager. This tells you about all of the programs and processes which are running on your computer. Examine the processes tab for anything which you don’t immediately recognize. Perform a web search for unfamiliar processes.

9. Do not click on popups:
Clicking on a popup usually spells certain doom for your computer. It opens the door for the viruses and adware that want to infect your machine, telling these malicious applications to make themselves at home. Stay away from those constantly advertised screensavers and icons.

10. Trust your gut:
If you don’t feel right about a site, don’t go there. If you are receiving warnings from the antivirus and antiadware programs which you’ve installed, don’t go there. If you don’t like the layout of a site, don’t go there. Trust your instincts about sites.

With proper vigilance, you can keep aggravating adware, spyware and malware from your machine. Trust your instincts. Install Ad-Aware and an antivirus program. Play it safe. The care you spend in preventing adware from infecting your machine can save money and tim
Posted by at No comments:

All About Torjans

Follows are some indications that are common symptoms of getting infected with Trojan horse.


♠Opening and closing of CD/DVD-ROM
♠Computer screen blinks, turns upside down, changes resolution.
♠Wallpaper changes automatically.
♠Disable of task manager.
♠Task bar disappears for while.
♠Unusual messages.
♠Sudden opening of web pages.
♠Change in data and time of system.
♠Right click and left click swaps their functions.
♠Freezing of mouse and keyboard.
♠Auto movement of mouse pointer.
♠Playing of music even though you haven't turned on any music player.
♠Mouse pointer disappears.
♠Unusual restart and shutdown of PC.
♠Unwanted software installation.
♠Disable of Anti-Virus and Firewall.
♠Change in screen saver.
♠Disappear of task manager, tray icons, quick launch, start button and desktop icons.
♠Fluctuation in screen light intensity and volume.
♠Changing of screen savers.
♠Others receiving emails from you which aren't sent by you.
 

Anti Torjans

Anti-Trojans are software that are specially designed to help you detect and protect yourself from Trojans. They can also detect presence of virus and worms but are specially crafted to remove Trojans from your system. However no Trojan Remover is 100% effective. Therefore its good to regularly update your anti-Trojan software along with anti-virus and firewall

Following is list of Anti-Trojan Softwares

◘Trojan Guard
◘Trojan Hunter
◘Zone Alarm
◘Win Patrol
◘Leak Test
◘Kerio Personal Firewall
◘Sub-Net
◘TAVScan
◘SpyBot Search & Destroy
◘Anti-Trojan
◘Anti-Trojan Elite
◘Cleaner
◘Comodo BOClean
◘XoftspySE
◘Spyware Doctor
◘Spyware Fighter

A Trojan infection can be avoided by the following measures:


◘Do not download any file from unknown people or site without making sure that the file is genuine.
◘While opening file make sure what the file is, even if the file comes from a friend.
◘Do not make use of attributes in programs that automatically get or preview files.
◘The user should not be lulled into a false sense of security just because an anti-virus program is running on the system.
◘Ensure that the corporate perimeter defenses are kept continuously up-to-date.
◘Filter and scan all content at the perimeter defense line that could contain malicious content.
◘Run local versions of anti-virus, firewalls, and intrusion detection software at the desktop.
◘Rigorously control user's permission within the desktop environment to prevent the installation of malicious applications.
◘Manage local workstation file integrity through check-sums, practice auditing, and port scanning.
◘Monitor internal network traffic for odd ports or encrypted traffic.
◘Use multiple virus scanners
◘Install software for identifying and removing adware/malware/spyware.
Posted by at No comments:

Hack windows XP administrator Password

Procedure To Hack windows XP administrator Password

Here is how to do that -


1.Go to C:/windows/system32
2.Copy cmd.exe and paste it on desktop
3.Rename cmd.exe to sethc.exe
4.Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
5.Now Log out from your guest account and at the user select window,press shift key 5 times.
6.Instead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.
7.Now type “ NET USER ADMINISTRATOR aaa" where “aaa" can be any password you like and press enter.
8.You will see “ The Command completed successfully" and then exit the command prompt and log in into
administrator with your new password.
9.Congrats You have hacked admin through guest account.
Posted by at No comments:

Saturday, 4 February 2012

MAC Spoofing | How to Change MAC Address with SMAC


Most people among us change their IP address and thinks they are anonymous on internet but one thing they forgot that they can be tracked down with MAC address which is still there non spoofed. So what to do then? Its practically impossible to change your MAC address but yes virtually its possible :). Here is a application called SMAC that can help you to spoof your MAC address to maintain your anonymity on internet.

SMAC is a powerful, yet an easy-to-use and intuitive Windows MAC Address Modifying Utility (MAC Address spoofing) which allows users to change MAC address for almost any Network Interface Cards (NIC) on the Windows VISTA, XP, 2003, and 2000 systems, regardless of whether the manufacturers allow this option or not.

SMAC does not change the hardware burned-in MAC addresses.  SMAC changes the "software based" MAC addresses, and the new MAC addresses you change will sustain from reboots.SMAC helps people to protect their privacy by hiding their real MAC Addresses in the widely available wifi Wireless Network.  SMAC also helps Network and IT Security professionals to troubleshoot network problems, test Intrusion Detection / Prevention Systems (IDS/IPS,) test Incident Response plans, build high-availability solutions, recover (MAC Address based) software licenses, and etc...

Download SMACK(click here)
Posted by at No comments:
Subscribe to: Posts (Atom)