SecureSlash.com

When i was sitting workless just thought of testing my browser with java script and also my system capability to work on stress.I did two test in two browsers

1.Internet Explorer 6.0

2.Firefox 3.1X
(more…)

Learn how to get Admin access in a XP machine.


Source: http://fadeproofonline.com/?p=171

Latest MSN hacking video. Just watch is closely and learn the tricks.

Contributed by:http://youtube.com/user/haolunliasd

Another one got caught today, it’s all over the papers. “Teenager arrested in computer crime scandal”, “Hacker arrested after bank tampering”…

Damn Kids. They’re all alike.

But did you, in your three piece psychology and 1970′s technobrain ever take a look behind the eyes of a hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him?

I am a hacker, enter my world…

Mine is a world that begins with school. I’ve listened to the teacher explain for the fifteenth time how to reduce a fraction. I understand it. “No, Miss Shaw, I didn’t show my work. I did it in my head…”

Damn kid. Probably copied it. They’re all alike.

I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to do. If it makes a mistake, it’s because I screwed up. Not because it doesn’t like me…or feels threatened by me…or thinks I’m a smart ass…or doesn’t like teaching and shouldn’t be here…

Damn kid. All he does is play games. They’re all alike.

And then it happened… A door opened to a world… Rushing through the phone line like heroin through an addict’s veins, an electronic pulse is sent out, a refuge from the day to day incompetencies is sought… A board is found.

“This is it… This is where I belong…”

I know everyone here… Even if I’ve never met them, never talked to them, may never hear from them again… I know you all…

Damn kid. Tying up the phone line again. They’re all alike…

You bet your ass we’re all alike… We’ve been spoon fed baby food at school when we hungered for steak… The bits of meat that you did let slip through were pre chewed and tasteless. We’ve been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now… The world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt cheap if it wasn’t run by profiteering gluttons, and you call us criminals. We explore… And you call us criminals. We exist without skin color, without nationality, without religious bias… And you call us criminals. You build atomic bombs, you wage wars, you murder, you cheat, and lie to us and try to make us believe it’s for our own good, yet we’re the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can’t stop us all… After all, We’re all alike.

Tom Beam

Here is the list of basics. You can follow below basic steps for “Securing your System/Network”

Before starting steps, download the latest version of world’s popular security tool nmap. & know the basic usage of nmap.

1. Try to know what ports are opened in the target system.

Example command: nmap -sS 12.12.12.21

Result will look like below,

Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2007-07-12 05:07 EST
Interesting ports on 12.12.12.21
(The 1637 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp filtered ftp
22/tcp open ssh
23/tcp open telnet
111/tcp open sunrpc
139/tcp open netbios-ssn
1024/tcp open kdm
6000/tcp open X11

2. Try to find the exact version of services

Example command: nmap -sV –version-all host.com

3. Search for existing vulnerabilities for this exact service version.
4. Analyze the changelog details of soft wares in their release notes.
5. Now, you can know the security problems of this abc service and its 1.xx version.
6. Understand how the attacks will be deployed for this.

These are not just steps; you have to work/retry hard to get positive results. And don’t try these against google.com or yahoo.com

After the basics, you have to consider about your anonymity. Don’t use simple proxies for anonymity. Try different networks such as TOR . Don’t use the formal techniques always.

All above things are just basics to understand security problems and attacks. Start preventing your system/network from attackers after knowing everything about attacks.

Don’t Search for “Learn Hacking” anymore. The word Hacking doesn’t mean about “Breaking security” or “Destroying other’s computer or network” .

This is not about hacking paypal.com. Paypal knows enough about securing itself. Are you using Paypal IPN script in your websites? Then you have to take care on something.

First of all plan and decide your product delivery strategy.

Product delivery methods

1.Email product after a successful payment

2.Redirect user to product page to download directly

Invalidated data always put you in a hell.

See the below example:

<form action=”https://www.paypal.com/cgi-bin/webscr” method=”post”>
<input type=”hidden” name=”cmd” value=”_xclick”>
<input type=”hidden” name=”business” value=”see the #Hidden Code#below”>
<input type=”hidden” name=”item_name” value=”Your Product”>
<input type=”hidden” name=”item_number” value=”100″>
<input type=”hidden” name=”amount” value=”15.00″>
<input type=”hidden” name=”return”
value=”hxxp://www.yourbusiness.com/secret-location/product.zip”>
<input type=”image” src=”hxxp://www.paypal.com/images/x-click-butcc.gif”
border=”0″ name=”submit”>
</form>

#Hidden Code #

<!– var prefix = ‘ma’ + ‘il’ + ‘to’; var path = ‘hr’ + ‘ef’ + ‘=’; var addy81733 = ‘you’ + ‘@’ + ‘yourbusiness’ + ‘.’ + ‘com’; document.write( ‘<a ‘ + path + ‘\” + prefix + ‘:’ + addy81733 + ‘\’>’ + addy81733 + ‘</a>’ ); //–>

This is for redirecting user to your exact product page after a successful payment. Don’t do such a worse code ever. Just give some transaction or purchase code to user and ask that code while they trying to download.

Encrypted values

$hash = $paypal_transcation_id.$productno.$user_id;
$purchase_code = md5($hash);

Put this $purchase_code in a `transactions` table for the user and email to them.

Ok now user is trying to download product. What should we check?

Considerations:
1.Ask the purchase code in a <form>
2. Force user to login in your site.
3. Check weather you have any rows in `transactions` table for the user.
4. If yes then fetch row and arrange one checker variable
$checker = $row[‘paypal_transaction’].$row[‘productno’].$user_id;
$user_entered_hash = $_POST[‘purchase_id’];
$our_checker_hash = md5($checker);
If($our_checker_hash == $user_entered_hash)

By this manner you can proceed.
You have to take care on url encode.
Temporary product url generation. It must expire after some hours.
All information should be encoded and highly validated.
Then only you can see profit. So don’t just install/write ipn scripts as it is. Take care on input and url validation always.

An Orkut user by the name of Tantek has exposed a flaw in Orkut’s security system.Orkut is the Microsoft ASP.NET and Google-powered Web community. Every user can define a variety of details (like hometown, sexual orientation, activities) and additionally set those details to be viewed by friends only. And you choose who your friends are… well, unless someone is tricking the system.

A simple inline-frame, hidden in the browser by absolute-positioning it with negative values, can trigger the “add as friend” or “join community” command. An anonymous poster in Orkut writes:

“This is a clear example of why it would be very silly to trust Orkut’s permissions system for sharing your information with only your trusted friends.

Web developers who don’t even understand basic cross site scripting precautions shouldn’t be trusted with more than the cookies they give us. Surely most google coders have a little more sense than the ones that wrote this particular app.”

The page in question with the possible Orkut exploit can be found at

[and I suggest to not open this if you logged in to Orkut with this browser] <http://tantek.com/log/2004/02.html>. After I went there to try it out I automatically became part of the “Training Program” (in other words I was joined to a community with no doing of my own other than going to Tantek’s webpage). Tantek writes:

“This community is another training program designed to teach you one thing.

When you remain logged into Orkut and browse the web, any page you access can automatically change your Orkut membership without you knowing it.

This is due to the fact that Orkut uses HTTP GET URLs to alter your state.

The W3C long ago recognized this general vulnerability.

http://www.w3.org/2001/tag/doc/whenToUseGet.html”
– Tantek in Orkut

Tantek further urges webmasters to spread the word about this Orkut vulnerability by pasting the following code on their webpages:

<iframe style=”width:1px;height:1px;position:absolute;top:-31337px;
left:-31337px” src=”http://www.orkut.com/Community.aspx?cmm=19657&
cmd=add”></iframe>

Source: blog.outer-court

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

Why we need Tor

Using Tor protects you against a common form of Internet surveillance known as “traffic analysis.” Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you’re travelling abroad and you connect to your employer’s computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.

How does traffic analysis work? Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that’s an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you’re doing and, possibly, what you’re saying. That’s because it focuses on the header, which discloses source, destination, size, timing, and so on.

Useful Links:
Tor Home Page
Tor Overview
Download Links:
Linux/Unix packages
Mac OS X 10.4 (Tiger)
Windows Installer

Hackers are Great Programmers . Hackers solve problems and build things, and they believe in freedom and voluntary mutual help. To be accepted as a hacker, you have to behave as though you have this kind of attitude yourself. And to behave as though you have the attitude, you have to really believe the attitude.

Don’ts

No one will search for “how to become a hacker” & Learn Hacking in Google except newbie. People like to be a Hacker, and burst the network, server and so on. You can get a clear idea here. After reading this article you can get an idea about becoming as a Hacker.

Don’ts

Hacking Tools
Don’t search for “Download Hacking tools” , “Windows hacking tool” , “Hacking software” , “Email hacking”,’ Yahoo password cracking” or any thing.

Download tools
Don’t download such tools by above results. And don’t download and install tools from Yahoo chat room people or individuals. Because those tools may open your system’s backdoor and you will be hacked and your system will be used for Spamming proxy.

Key Loggers and Spy
Don’t download and install spy or key loggers to trace your roommates or your brother/sister. Don’t be proud of yourself that you successfully traced them. They will trace you for its Owner.

Start Hacking
Don’t test installed tools yourself against Yahoo.com or any other site. Don’t think Yahoo’s server will be hacked by you and that Lame tool.

Teach me how to hack
Don’t beg others by asking “teach me how to hack”, “Tell me how to hack”,” Help me in cracking this Y! Id”

Black/White Hat
Don’t punch tattoos like “Black Hat Hacker”, “The Hacker” & “Hack me if you can”

Username & Email
Don’t create Yahoo Ids like “HackMeAlive”, “Thomas_A_Peterson” and any suffix or prefix with the words Hacker, BlackHat & so on.

Hacker and Films
Don’t think yourself as a hacker after seeing “The Matrix” film and don’t try to dodge the dogs while they try to bite you.

How you can become a Hacker?

Learn Hacking

Improve Skills First learn things and improve your Skills. learn php for web development.

#A
Start writing small and small tools yourself, like port scanner, service scanner etc. In python,perl or such a simple but effective languages.

#B
Use them to protect your system and server.

#C
Read more articles about Bugs and fixes.

#D
Tune up yourself as a troubleshooter.

#E
Every backdoor has a Lock.Try to find the Locks or Make a better one.

#F
Try to understand the core things. For example Understand what is the kernel,Understand the Protocols, Start writing own protocols, Try to write a patch for linux kernal yourself.

#G
Be a Best Programmer.

Hacking is not means fully about exploiting and entering in to a network or server.

Modern Zen Poem:

To follow the path:
look to the master,
follow the master,
walk with the master,
see through the master,
become the master.

I really appreciate your interest to become a hacker. Start learning and improving your skills. Best of luck.

Cain and Abel : The top password recovery tool for Windows

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.

John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

THC Hydra : A Fast network authentication cracker which support many different services
When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.

Aircrack : The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

L0phtcrack : Windows password auditing and recovery application
L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, but you can still find the LC5 installer floating around. The free trial only lasts 15 days, and Symantec won’t sell you a key, so you’ll either have to cease using it or find a key generator. Since it is no longer maintained, you are probably better off trying Cain and Abel, John the Ripper, or Ophcrack instead.

Airsnort : 802.11 WEP Encryption Cracking Tool
AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack.

SolarWinds : A plethora of network discovery/monitoring/attack tools
SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.

Pwdump : A window password recovery tool
Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.

RainbowCrack : An Innovative Password Hash Cracker
The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called “rainbow tables”. It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.

Brutus : A network brute-force authentication cracker
This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra.

Angry IP Scanner : A fast windows IP scanner and port scanner

Angry IP Scanner can perform basic host discovery and port scans on Windows. Its binary file size is very small compared to other scanners and other pieces of information about the target hosts can be extended with a few plugins.

Superscan : A Windows-only port scanner, pinger, and resolver
SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.

Unicornscan : Not your mother’s port scanner
Unicornscan is an attempt at a User-land Distributed TCP/IP stack for information gathering and correlation. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Some of its features include asynchronous stateless TCP scanning with all variations of TCP flags, asynchronous stateless TCP banner grabbing, and active/passive remote OS, application, and component identification by analyzing responses. it isn’t for the faint of heart.

Scanrand : An unusually fast stateless network service and topology discovery system
Scanrand is a stateless host-discovery and port-scanner similar in design to Unicornscan. It trades off reliability for amazingly fast speeds and uses cryptographic techniques to prevent attackers from manipulating scan results. This utility is a part of a software package called Paketto Keiretsu which was written by Dan Kaminsky.

P0f : A versatile passive OS fingerprinting tool

P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall. P0f does not generate ANY additional network traffic, direct or indirect. No name lookups, no mysterious probes, no ARIN queries, nothing. In the hands of advanced users, P0f can detect firewall presence, NAT use, existence of load balancers, and more!

Xprobe2 : Active OS fingerprinting tool
XProbe is a tool for determining the operating system of a remote host. They do this using some of the same techniques as Nmap as well as some of their own ideas. Xprobe has always emphasized the ICMP protocol in its fingerprinting approach.