Showing posts with label Network Hacking. Show all posts

Monday, 25 June 2012

Chrome and Firefox showing JavaScript improvements

With new betas for both Firefox and Chrome being released, CNET decided to find out how good their JavaScript performance was. Both browsers got a performance boost with Firefox slightly edging out Chrome. You have to turn on TraceMonkey, Firefox’s new Javascript engine in 3.1b1, to get the improvement. We never thought Google was that serious about building a new browser. They just want wanted Firefox to get their act together and suck less. It seems to be working.

Faster browsing with RAM disks

A coworker approached us today wondering if they could get a performance boost using Samsung’s newly announced 256GB SSD. Most of their work is done in browser, so we said “no”. They’d only see benefit if they were reading/writing large files. Their system has plenty of RAM, and we decided to take a different approach. By creating a filesystem in RAM, you can read and write files much faster than on a typical hard drive. We decided to put the browser’s file cache into RAM.
We installed the Espérance DV preference pane in OSX to facilitate RAM disk creation. It’s really simple to setup. Just select how much space you want to dedicate to the disk and create it. You can have Espérance DV recreate the RAM disk on start and even have it automatically restore from a disk image. There is a check box for moving Safari’s Web Cache to the RAM disk, which creates the necessary symlink. You can also use it to speed up Xcode builds. Moving Firefox’s cache is fairly simple:

$ rm -r ~/Library/Caches/Firefox

$ ln -s /Volumes/RamDisk/Firefox ~/Library/Caches/Firefox

Since the browser isn’t having to hit the hard disk on every page load anymore, the performance is much snappier. Xbench says our random reads from RAM are now 86.19MB/sec instead of 0.61MB/sec when the cache was on the hard drive.
We immediately began looking for ways to get the entire OS into RAM; Tin Hat is a version of Linux that does that.
We’re very happy with the results of our RAM disk browser upgrade. Let us know in the comments if you’ve had a similar experience doing this in Windows.

Thursday, 2 February 2012

Hacking Webpages: The Ultimate Guide

Well sd wrote one of the most helpful unix text files in hacker space but with

 the mail that we recieved after the release of our famous 36 page Unix Bible we

 realised that unix isn't for everybody so we decided that we should write on

another aspect of hacking..... Virtual Circuit and Psychotic is proud to release,

 "Hacking Webpages With a few Other Techniques."  We will discuss a few various

ways of hacking webpages and getting root.  We are also going to interview and

question other REAL hackers on the subjects.

Getting the Password File Through FTP

Ok well one of the easiest ways of getting superuser access is through anonymous

ftp access into a webpage. First you need learn a little about the password file...

root:User:d7Bdg:1n2HG2:1127:20:Superuser
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh

Hacking kit 2.0

This summary is not available. Please click here to view the post.

Secret Tip How I Make Free Calls from Computer to Mobile Phone Anywhere in the world with yahoo messenger or Skype

You can now make free calls from your pc to any mobile in the world. All you need is a mic with ear phones, a decent internet connection and Yahoo Messenger or Skype Installed.I’m now using this free call method and the great thing is that, this trick can be used to make unlimited call to mobiles all over the world and not limited to United states. It even works to make free local mobile calls in India.

So how do we make a call from pc to mobile phone for free?

Install Yahoo messenger or Skype. In case you don’t have it Google it and download the latest version.

Sign into your yahoo messenger or Skype using your yahoo id and password. Configure your microphone and headset if you have installed a fresh yahoo or skype software
Inside your Yahoo messenger dial +18003733411 and press enter(as shown in figure).

Make Free Call from computer to mobile using Yahoo messenger or Skype

Now a small window pops up like the one shown below.

Free Call from Computer To mobile using Yahoo Messenger

An operator greets you with a recorded welcome message along with an advertisement and asks you to select one of the Free411 service. Just hear the services options until they say the last one as “Free Call”. When you hear this, don’t press any number on your keyboard and instead SAY “Free call” loudly on your microphone connected to your PC.
After this voice message is detected by their system, they will run a short advertisement of their sponsor and make sure you don’t press any number at this time.
WAIT UNTIL YOU HEAR A BEEP SOUND after the following message “Please dial the phone number country code first, don’t forget to dial 1 for north America”
After you hear this message ,immediately dial the destination number of your choice along with the country code.(e.g. for north America it’s 1 and for India it’s 91)

Your call will get connected and you can talk for 7 minutes continuous for free. When it gets disconnected, repeat the same procedure again. You can make multiple and unlimited calls with this service.
It was never easy to make a free international call like this before.
So what’s the catch?
FREE411 service toll-free number is based in USA. This company gets paid for the advertisements from sponsors.
Are there any limits on the number of call which we can make?
No. There is no limit on the number of free calls which can be made through this system.
So enjoy this trick to make free international and local calls and make sure you don’t abuse the system.

Browse anonymously using Torpark Browser – For downloading multiple files Rapidshare Hacking

I have posted about Skipping or Bypassing Rapidshare or Megaupload, hotfile waiting time.

In this post I have a new Rapidshare hacking tip for you. Well, you might be aware of Browsers like Firefox, or Internet Explorer. I would like to introduce you to a browser known as Torpark Browser, which works as a anonymous web browser. It is like a proxy browser where you can change your permanent IP Address to dynamic IP Address. So, when ever you run this browser you get a new IP address. Now download mutliple files at the same time. Yes you read it right, you can download multiple rapidshare files or megaupload, hotfile files at the same time. You can even skip or bypass the time limit on downloading files. The most amazing thing is IDM works with this browser.
Note: You need to close the browser window after each download coz it will reset the ip address.
download
Description of Torpark Browser:

As a way of avoiding spyware and pop-ups, Torpark successfully allows you to surf the Web anonymously, although the publisher warns of possible connection slowdowns.
The self-extracting file installs quickly, and you can run it from your hard drive, or as the publisher suggests, from a jump drive. Torpark adds to your browser’s toolbar a few unobtrusive buttons, which allow you to activate/deactivate the tool and configure its privacy settings according to your specifications. The tool effectively restricts pop-ups; blocks surreptitious installations of adware, spyware, and cookies; and hides any traces of your surfing. You can check the Torpark Tools menu while visiting a site and build a list of blocked items for the current page; from the same list box, you may add to a white list any or all of the displayed items.
The publisher cautions that using Torpark may slow your Internet connection speed, particularly if you’re using a dial-up, but we noticed no slowdown during our tests. Torpark is free, easy to use, and suitable for all users interested in protecting their privacy while visiting Web sites.

How to detect a keylogger in a system

Keylogger is the software program or a hardware which reads and store all the key stroke by a user in the system it is installed. Read more about the keyloggers on my older articles.

Having a keylogger in the system means you are going to loose some thing big. If your system is infected by a keylogger, your email id, facebook account, bank account and all other secure data is on the risk. Now a days hackers are active enough and many website offering free software download with keyloggers attached in it. So you need to know how to protect your system from keyloggers. If you want to know how to detect a keyloggers in a system, you can follow these points:

Check the task list by press ctrl+alt+del in windows. Examine all the tasks running in your system, if you are unsure about a task look it up on a search engine.

Run your antivirus checker, it's possible this will pick up the Keylogger on your system.

Use the system configuration utility to determine which task are loaded at start-up (type "msconfig" in the run box to start).

Download a specific keylogger detector program, and see if it detects anything.

Scan your hard disk for the most recent files stored. Look at the contents of any files continually updating (these might be logs created by antivirus).

Google Search Tricks

Well let me tell You what actually google tricks mean. Google tricks/google tips, does not mean hacking google, Using the below Google operators, we can get the desired google result very quickly. Well we can name this as hidden google secrets or Advanced google searching. . Google Search Tricks tips

Google Trick -1 :- GOOGLE OPERATOR

Type the following highlited words in google search box.

Google has several google operators that can help you find specific information, specific websites or inquire about the indexing of your own site, below you will find the most important ones:

define: - This google operator will find definitions for a certain term or word over the Internet. Very useful when you come across a strange word when writing a post. I use this as a google dictionary. example : (define computer)

info: - The google info operator will list the sets of information that Google has from a specific website (i.e. info:http://hack2007.50webs.com)

site: - This google operator can be used to see the number of indexed pages on your site (i.e.site:www.hack2007.50webs.com). Alternative it can also be used to search for information inside a specific site or class of sites.

link: - This google link operator allows you to find backlinks pointing to your site. Unfortunately the count is not updated frequently and not all backlinks are shown

allinurl: - Using this Google operator will limit the search to results that contain the desired keywords on the URL structure. (i.e. allinurl:dailyblogtips)

fileformat: - Useful Google operator for finding specific file formats. Sometimes you know that the information you are looking for is likely to be contained in a PDF document or on a PowerPoint presentation, for instance. (i.e. “fileformat:.pdf market research” will search for PDF documents that contain the terms “market” and “research”)

Google trick -2 Top 10 Cool Google Search Tricks

well as we have gained enough knowledge regarding google operators, lets have a look at the following 10 cool google search tricks.

Google trick to search different file formats (keyword filetype:doc)

Google trick to search educational resources (keyword site:.edu) example (computer site:.edu)
Finding the time of any location (time romania)
Finding the weather of any location (boston weather)
Tracking commentary of live events (Olympic games Beijing 2008)
Using Google as a calculator (9 * 10)(143+234)(119-8)
Converting currencies (1 USD in INR)(10 US Dollars in Indian Rupee)
Find how many teaspoons are in a quarter cup (quarter cup in teaspoons)
how many seconds there are in a year (seconds in a year)
Tracking stocks (stocks:MSFT)
Finding faces (add imgtype=face to the URL)

google trick -3 Top Essential Google Search shortcuts

#1: Get Local Weather

Type: “weather [city name or zip/postal code]” Example: “weather 500054″ or “weather boston”

#2: Check Flight Status

Google automagically pulls flight data from FlightStats.com. All you have to do is enter the flight number. Type: [flight name and/or number] Example: “bc254″ or “newyork21″

#3: Convert Distances

Type: “[value] [first distance unit] to [second distance unit]” Example: “100 kilometers to miles”

#4: Find a Phone Number

Find a Person:

Type: “[person’s name], [city or zip/postal code]” Example: “john smith, london”

Find a Business/store:

Type: “[business name or type], [city or zip/postal code]” Example: “book store, boston”

Google trick -4 :Google search trick for Rapidshare files search:

#1 site:rapidshare.com inurl:users "*"

#2 site:rapidshare.de inurl:users "*"

#3 site:rapidshare.com inurl:files "*"

#4 site:rapidshare.de inurl:files "*"

#5 site:rapidshare.com inurl:users (pass|password)

#6 site:rapidshare.de inurl:users (pass|password)

Suppose u need some info on ebooks. Then u can try following keyword to see all rapidshare folders having any hacking related thing in it

site:rapidshare.com inurl:users "ebooks"

Tuesday, 27 December 2011

Telnet

Telnet :- Telnet is a program which runs on TCP/IP. Using it we can connect to the remote computer on particular port. When connected it grabs the daemon running on that port.
The basic syntax of Telnet is (at command prompt)--

c:/>telnet hostname.com

By default telnet connects to port 23 of remote computer.
So, the complete syntax is-

c:/>telnet www.hostname.com port

example:- c:/>telnet www.yahoo.com 21 or c:/>telnet 192.168.0.5 21

Netstat

Netstat :- It displays protocol statistics and current TCP/IP network connections. i.e. local address, remote address, port number, etc.
It's syntax is (at command prompt)--

c:/>netstat -n

http://www.insecure.in/images/netstat.gif

Tracert

Tracert :- It is used to trace out the route taken by the certain information i.e. data packets from source to destination.
It's syntax is (at command prompt)--

c:/>tracert www.hostname.com

example:- c:/>tracert www.insecure.in

Here "* * * Request timed out." indicates that firewall installed on that system block the request and hence we can't obtain it's IP address.

various attributes used with tracert command and their usage can be viewed by just typing c:/>tracert at the command prompt.

The information obtained by using tracert command can be further used to find out exact operating system running on target system.

OS Fingerprinting

OS Fingerprinting :- OS Fingerprinting refers to detection of target computer's operating system.
Since, different operating system responds differently to the same kind of ICMP message, it is very important for an attacker to determine the exact operating system running on target system.
Also attacker can carry out attacks by taking over the vulnerabilities/bugs found in that particular operating system.
There are four areas that we will look at to determine the operating system (however there are other signatures that can be used). These signatures are:

1) TTL - What the operating system sets the Time To Live on the outbound packet.
2) Window Size - What the operating system sets the Window Size at.
3) DF - Does the operating system set the Don't Fragment bit.
4) TOS - Does the operating system set the Type of Service, and if so, at what.

There are two different types of OS Fingerprinting technique -

1) Active OS Fingerprinting :- Remote active operating system fingerprinting is the process of actively determining a targeted network node’s underlying operating system by probing the
targeted system with several packets and examining the response(s), or lack thereof, received? The traditional approach is to examine the TCP/IP stack behavior (IP, TCP, UDP, and ICMP protocols) of a targeted network element when probed with several legitimate and/or malformed packets.

2) Passive OS Fingerprinting :-Passive fingerprinting is based on sniffer traces from the remote system. Instead of actively querying the remote system, all you need to do is capture packets sent from the remote system. Based on the sniffer traces of these packets, you can determine the operating system of the remote host. Just like in active fingerprinting, passive fingerprinting is
based on the principle that every operating system's IP stack has its own idiosyncrasies. By analyzing sniffer traces and identifying these differences, you may be able determine the operating system of the remote host.

Port Scanning

Port Scanning :- Port scanning is carried out to determine a list of open ports on the remote host that have certain services or daemons running. In port scanning, the attacker connects to various TCP and UDP ports and tries to determine which ports are in listening mode.

1) TCP Ports Scanning :- Almost all port scans are based on the client sending a packet containing a particular flag to the target port of the remote system to determine whether the port is open. Following table lists the type of flags a TCP packet header can contain.

Flag	Meaning
URG (urgent)	This flag tells the receiver that the data pointed at by the urgent pointer required urgently.
ACK (acknowledgment)	This flag is turned on whenever sender wants to acknowledge the receipt of all data send by the receiving end.
PSH (push)	The data must be passed on to the application as soon as possible.
RST (reset)	There has been a problem with the connection and one wants to reset the connection with another.
SYN (synchronize)	If system X wants to establish TCP connection with system Y, then it sends it's own sequence number to Y, requesting that a connection be established. Such apacket is known as synchronize sequence numbers or SYN packet.
FIN (finish)	If system X has finished sending all data packets and wants to end the TCP/IP connection that it has established with Y, then it sends a packet with a FIN flag to system Y.

A typical TCP/IP three way handshake can be described as follows :
1) The client sends a SYN packet to the server.
2) The server replies with a SYN packet and acknowledges the client's SYN packet by sending an ACK packet.
3) The client acknowledges the SYN sent by the server.

Different techniques of TCP port scanning are :-
1) TCP connect port scanning
2) TCP SYN scanning (half open scanning)
3) SYN/ACK scanning
4) TCP FIN scanning
5) TCP NULL scanning
6) TCP Xmas tree scanning

2) UDP Ports Scanning :- In UDP port scanning, aUDP packet is sent to each port on the target host one by one.
If the remote port is closed, then the server replies with a Port Unreachable ICMP error message. If the port is open then no such error message is generated.

3) FTP Bounce Port Scanning :- The FTP bounce port scanning technique was discovered by Hobbit. He revealed a very interesting loophole in the FTP protocol that allowed users connected to the FTP service of a particular system to connect to any port of another system. This loophole allows anonymous port scanning.

Ping

Ping :- Ping is part of ICMP (Internet Control Message Protocol) which is used to troubleshoot TCP/IP networks. So, Ping is basically a command that allows you to check whether the host is alive or not.
To ping a particular host the syntax is (at command prompt)--

c:/>ping hostname.com

example:- c:/>ping www.google.com

Various attributes used with 'Ping' command and their usage can be viewed by just typing c:/>ping at the command prompt.

Hacker's Space

Pages