SecurityHunk

A Beginners Guide to Ethical Hacking



Download
Why you should buy this book?

• Are you interested in ethical hacking but donot know where to start then this book by Rafay Baloch is the most reliable source and i too also recommend it. 
• "A Beginners Guide to Ethical Hacking" is really a great book for newbie hackers those who are really curious for ethical hacking and lead them to become a master hacker.
• Amaze your friends with awesome hacking tricks from this book and apply them to real world situation.
• It will help you learn how to make your computer secure and free from future hack attacks.
• This book will certainly make your dream come true.
• This book is a unique of its kind and you can have you copy from the vendor.

Bonus 1:  



1000 Hacking Tutorials 

For a limited time only , with the purchase of “A Beginner’s Guide to Ethical Hacking” you will receive the following bonus package! 1000 Hacking Tutorials contains 1000 of the best hacking tutorials of 2010 leaked on the internet!

Set of Phishers

With the purchase of A beginners Guide to Ethical Hacking you will also get a set of 30+ phishers(Fake login page) already created by Rafay.

Its Decision Time!
Now you have heard it all so what are you waiting for.

• This book does not demand any prior knowledge about Hacking. So if you are a newbie to the concept of hacking and want to master it from the basics, then this book is for you.
• The information given in this underground handbook will put you into a hacker’s mindset and teach you all of the hacker’s secret.So what are you waiting for! Grab "A Beginners Guide to Ethical hacking" and start your Hacking journey.

Note: A Beginners guide to Ethical Hacking is in PDF format to make it easy for you to apply the information in real world.

A Beginner's Guide to Ethical Hacking

Regular Price $67.00  Today's Price $20.00

Download Me

Attacker or Black Hats are very creative and clever people...lol,suppose you download a file say a .mp3 format and start enjoying the music but that can cause you lethal damage....you may be thinking how...??this is because the .mp3 you downloaded may be binded with an executable file which is a malware,that malware can be executed silently when you play the .mp3 which can bypass the anti-virus and even firewall to send data from your PC to the attacker.The malware can be RATS(Remote Administration Tools),Keylogger,a Virus etc.
So,lets see how to find if the file is binded or not.

NOTE:Click on the images to zoom it.

1.Download BinText Tool (Download),now open the suspicious file with Bintext as shown in the image below.
Look for Email id,Instant messenger names,No-IP,DUC,Mozilla Account Manager,IE Account Manager...etc...I mentioned all these because these are the elements where password are either enter or saved and the backdoored tool access them.If you find these string names in the file opened in bintext then it is binded.

2.You can also use Hex Workshop(or any hex editor) to do the above work as shown in the image below.
Now find the strings as in Step 1. then the file is binded.

Note:The above two methods may not be effective if the file is crypted using a good crypter.

3.We can also use Resource Hacker (Download) to find if a file is binded or not as shown in the image below.
After opening the file with Resource Hacker check the "RCDATA" section if you find more than one values as shown in the above image then the file is binded.

4.Now a days most of the RATS have anti-sandboxie option but still then this method is effective.Open the suspicious file with Sandboxie(Download).Now check the sandboxie if there are more than one process running then the file is binded.

5.If the file's size is less than 20mb then scan it with a Multi-Engine AntiVirus ie. NoVirusthanks.org


If you find this post worthy enough then do drop a comment,it will be appreciated.... :)

IF YOU LIKED THE CONTENT OF THIS BLOG THEN DO "VOTE" FOR IT........

Note: Earlier CompufreakS.blogspot.com is now SECURITYHUNK.

Spying on Remote PC can be done in many ways....but today we are going to see how it can be done using RATS(Remote Administration Tools).This tutorial is a general one which can be followed for installing server of all types of RATS.Only thing that you have to notice are the terms associated and data that are to be filled.

This is a Black Hat Tutorial so I would suggest my readers to go through the DISCLAIMER before reading the tutorial.

For carrying out this attack you will need......

a)A Remote Administration Tool (Here i will be using Spy Net2.7Beta)

b)A FTP service and a host under No-Ip.com (How to?....Read here )

Note:Click on the images to Zoom them.

 So lets start......

1.First download the RAT,here i will use Spy Net 2.7Beta.

Purposefully I have not given the download  link,you can take the help of our best friend.... "Google"

2.Run it and click the "START  BUTTON"select your suitable language as shown in the image below.

3.Then click on "CREATE SERVER " and give a suitable name to it as shown in the image below.

4.After step 3. a user with the desired name has been created,now select that and click on "FORWARD"as shown in the image below.

5.Now you will be guided to the server installation process,so fill in the details as shown in the image below...inorder to know  how to fill  read this.


6.After that hop up to the next tab and fill that excatly as show in the image below,i have chosen "svchost.exe" as these are found in multiple in  MS boxes..... lol.

7.The next tab is the message...which means if  you enable this then that message will pop-up when the server is run on the victim's computer,here I am not using it.

8.Then open up the keylogger tab and fillup as shown below but in step 2. fill as said  described here.

9.Now hop up to "Create server" tab and fill as shown in the image below.

10.Now since the server is ready so make it FUD(Fully UnDetectable) by using crypter and you may bind it to some other file using a binder and scan it with novirusthanks.org(do not click on distribute option.)This part will be covered in detail my later post.

For Countermeasures read from below.....



( RATS:Remote Administration Tools & Spying on Remote PC )


If you find this post worth reading do drop a comment it will be appreciated...... :)

This is black hat tutorial is for Educational purpose,Compufreaks condemns black hat.(Disclaimer).

IF YOU LIKED THE CONTENT OF THIS BLOG THEN DO "VOTE" FOR IT........

Have you ever noticed your CD/DVD drive ejecting automatically,Taskmanager showing error,folder options not working,Anti-Virus crippled ,Unkown listening ports,unwanted messages poping up or windows restarting on its own?.....lol then its a great worry for you because you are infected by trojan(RATs) and someone may be spying on you...lol.


What are RATs?
Remote Administration Tools/Remote Administration Trojans are abbreviated as RATS.These are also called as backdoor  tools because they enter to the box of the victim with out his knowledge just like a  a thief enters our house without our knowledge so,the name backdoor is assigned to it.Once the tool is installed on the victim's box  then the attacker has full or administrative privileges over it,by it i mean to say the attacker can do all the tasks that the victim himself  does in his box.

Tasks performed by  RATs.

1.Screen logging,Keylogging,Web logging,Clipboard logging.

2.File control

3.Registry control

4.PC control.(Format the hard disk,Shut down/Restart the PC,Lock the PC )

5.and other application related functions.

Now i feel you all are quite familiar with the functionality of RATS.
So,lets discuss few fundamentals......

Note:Click on the images to zoom them.

1.A RAT has two part  ie. a client and a server.The server is  installed in the victim's box and client part is used by the attacker.

2.A FTP(File Transfer Protocol) service is needed.Lets see how to get that.....
I would recommend to use  http://www.drivehq.com.  First sign-up to it.

In the FTP services settings of RATs  the url used is http://ftp.drivehq.com. and the "Username" and "Password" is same as that used during sign-up to drivehq.com
The data stolen by the RAT is stored in the log folder as mentioned in the image so, the same "log" directory has to be mentioned in the FTP settings of the RAT while installing the server.

3.For installing a server few RATS require a Dynamic service. I would recommend to use No-IP.Com
and setup a host in it as shown in the image below.

After Sign-up then a host is added as shown in the image below.


A  desktop client called  "No-IP DUC" is to be used to keep track of the updates.(Download)

4.Lastly after the server is ready a Binder and Crypter is needed to make it Full UnDetectable(FUD).This portion will be covered in detail in my later posts.


COUNTERMEASURES:

1.An  Anti-logger is must,i would recommend "ZEMANA" anti-logger.
2.Use a good firewall,i would recommend "ZoneAlarm" and Anti-virus I use Avira premium security suite,which is the best.

3.When testing RATS  use it in a virtual environment like Sandoxie , Virtual Box , VMware.

4.Look out for unwanted open ports.To see it open up command prompt and type in
"netstat -a -o -n",the ports those are marked "Listening" are open.There are few ports which are for particular type of Trojans.(DOWNLOAD)  the list.

5.Scan a file with Dr.Web Link Checker before downloading.

6.A file less than 20mb can be scanned online with Multi-Engine Anti-Virus  provided by  noVirusthanks.org

I hope this will help you to get  a fundamental idea about RATS.
If you find this worth reading then do drop a comment,it will be appreciated..... :)

IF YOU FIND THIS BLOG WORTH READING THEN DO "VOTE" FOR IT........

 A small mistake can indeed cause a fatal damage if not monitored at proper time,after reading this article you all will be vigilant about this.Those who are using XP os in their box must be knowing that there is a feature to hide extension of the files,this is usually disabled  by default when ever we install a fresh copy of the OS.This is what i was talking about in the first line,if this is disabled so we cannot see the extension of the file we are opening and downloading therefore it becomes easier on part of the attacker to send file of  undesirable extension and fool the user with ease.The file that we may be opening without knowing the extension  can be a server part of a Keylogger,R.A.T(Remote Administration Tools) etc which may appear to be an image file icon or a text file icon but having .exe extension isn't it interesting...??.....look the image below.


SOLUTION:
1.Always keep the "hide extensions for known file types" enabled in your XP box/pc.
2.Never get driven by the icon of the file because .exe file can have the icon of  an image file as shown above.

3.On keeping the "hide extensions for known file types" enabled look out  for extensions like...few are listed below.

----EXE - Application
----DLL - Dynamic Link Library
----HTA - HTML Applications
----INF - Setup Information File
----OCX - ActiveX Objects
----VBS - VBScript Script File
----BAT - Batch File
----JSE - JScript Encoded Script File

there are more extensions available which are executable file extensions,to see the list (DOWNLOAD).

If you fInd this article worth reading so please  drop a comment!!!

In my last post I told how to protect your email account but few days back one of my friend asked me how to protect a twitter account so i have come up with this post.The twitter account can be hacked in different methods as under Email hacking.Once the twitter account is hacked it can hit badly to a person's online reputation and cause nightmare by twitting spam links on porn,unfriendly language and vulgar images.I will not make this post a stress to read rather i will prefer making it more pictorial.There are few things one need to follow from becoming fool in the hands of the attacker.Lets start.....

NOTE:Click on the images below inorder to view them clearly.

1.Inorder to avoid Phishing attack or fake login page sent by the attacker always login to your account by typing the login url in the browser as it may also contain some malicious script.





2.Make your tweets private ie. only the people whom you approve as your followers can see your updates.By doing this one can decrease the chance of being hacked by 50%, as the spammers will not be interested since your tweets are private but they look out for public display of tweets.Follow the steps in the image shown below.
3.Be careful while clicking any link in the direct message section as most of them are spams and malicious scripts to lure the user to click on them.You can expand the url  by using a firefox addon ie.DeTiny URL Expander or LongURL.org

A new feature has been added to twitter search(search.twitter.com) to expand an url as shown in the image below.

4.It is wise to link your phone number with your twitter account in device tab
by doing this one can retrieve his/her password incase the email and the account is compromised.

5.Always backup your tweets as it may hurt you once your account is hacked and the attacked has manipulated your tweets.There are few services that allow his feature are

-BackupmyTweets.

-TweetBackup.

-TweeTake.

-Twistory.

6.Always check the authenticity of the application that asks for twitter password before login to it.

7.Many times people forget that to how many applications they have provided the access to their account so,keep an eye on it.You can revoke the access of an application by clicking on the revoke link as shown in the image below.
8.Another very common thing is that one should always use an unique and difficult to guess password because it makes  difficult on part of the attacker to guess.

Follow these steps and i can guarantee that your account will be 90% protected.


If you find this post  worthy enough to read....then do drop drop a comment it will be appreciated.

Nowadays email have become very essential in bussiness transaction,sharing vital info and keeping contacts.So,when an email account get hacked or compromised it become complete nightmare on part of the innocent user to recover it back.Today i have come up with this article to let you all know about common email hacking methods that can be employed.If a person know in what way he/she can be fooled or can be put in a trap before hand then he/she can adapt some preventive measures to overcome it and in that way can omit or avoid that attack.A very important thing i want to let you all know that email account cannot be hacked solely by the attacker but in some way or other the attacker needs the help of the user,the sense of the word "help" means the user has to do some fault or unknowingly do some mistake like click on some link sent by the attacker.
So let start with common email hacking methods:

Learn how to Hack a Facebook Account One of the most successful Social engineering method of email hacking which employs spoof web pages or fake web pages inorder to fool the legitimate user.The attacker create pages which look excatly like the real one so, the user is fooled and login into it and in that process gives away his/her password to the attacker.
(See the complete procedure)

PREVENTION:
-Always type the complete url of the intended webpage fo login.
 -Use Anti-virus which has web browser integration facility to combat phishing like Bitdefender,Kaspersky.
-Never click a link in an email before verifing its authenticity.

2.RATS:
It is called the "Remote Administration Tools".It is a bit difficult process compared to phishing and its rate of success is also less.Nowadays one can find these tools installed hidden in the cybercafe so whenever you logging to your email account in a cybercafe do it at your own risk.These RATS can also be named as "password stealers".
 Learn how to do this with ease.

PREVENTION:
-Avoid using email account in cybercafe and follow the security tips I mentioned.
-Never save your password in the web browser or click the remember password option.
-Use an updated Anti-Virus if possible an internet security package.

3.KEYLOGGING:The attacker deploy a software or hardware keylogger and monitor all the keystrokes of the user.The software keylogger is binded with many torrent files and online downloads.
(See the complete procedure)

PREVENTION:
-Scan the file with "Dr.Web link checker" before downloading.
-Scan the file with online multiple anti-virus engine ie. www.novirusthanks.org
-One can use anti-keyloggers like ZEMANA,KEYSCRAMBLER etc

4.SOCIAL ENGINEERING:
"Forgot password attack" is a form of social engineering,here the attacker tries to guess the security question of the email account and in that way reset the password and put his/her own password and login into the account.Here the attacker tries to compromise the account by penetrating the human intelligence.Social engineering was popularize by hacker turned consultant KEVIN MITNICK.

PREVENTION:
-Always give a very personal and difficult security question.
-Always give a secondary email address in the email account.
-Never leak out your personal and private details to any stranger or a person you do not trust.

5.SIDEJACKING:
An attacker can use this method to access the user's account without even knowing the password.Here the attacker can capture the seesion cookies to login to the account.Recently the addon of firefox called Firesheep was on news for this type of attack and we posted a tutorial on it.

PREVENTION:
-SSH tunneling is a very good option to avoid this type of attack.
-Use a VPN when access internet from a public wifi hot spot.
-It is recommended not to access personal accounts through public wifi.

6.FROM THE MAIL SERVER:
This is a method where the attacker need to be very professional and he/she doesnot need the help of the user to crack into the account,the attacker penetrates the google server and retrieves the password for the corresponding username.

Key logging or Key stroke logging is an unethical way of monitoring the key strokes of a person without his knowledge.This is a very successful attack with success rate of 80-90%.This can also be used to grab the form or screen image of the person.This is carried out in form of hard ware or software.

"In this article we will basically concentrate on software based keylogging"



Hardware keylogger:
It does not need any software it is purely hardware based,it is connected in between the computer and the keyboard ie. it is inline with the keyboard cable connector and computer.It carries a drawback that is it needs physical installation and sometimes it may came to the notice of the user.


Software keylogger:
It has a greater success rate than its counter part because of its remotely administrative facility.he main drawback with it is that some times it get caught by some security tools installed in the system.It has also more functionalities than the hardware based one.Nowadays anti-sanboxie,anti-av option keyloggers are available which has increased its success rate.How an attack through software keylogger is carried out?

1.The main thing is choosing a proper keylogger otherwise the attacker himself will be infected and give away his own password to some other person.

2.One would prefer "EasyLogger1.1.1"(image shown above) ,it is a freeware and stores the keystrokes in the email account mentioned in it.

3.It has anti-sanboxie/vmware and anti-Avs functionalities.

4.The most important thing is that as you can see it asks only for "Gmail username" and not the password which increases its popularity in comparision to its counter parts.

5.After entering all the information it makes a sever which is an .exe file

6.One should look out for a good stub file for it.

7.It should be made fully undetectable (FUD) to hide it from security tools.
by using  a good crypter software or use hexing after making the sever.

8.Then a binder is used to bind it to some other file which can draw the victims attention like a torrent file,game,music file,image etc as we know virus comes with many extension.