03/14/10 | Learn Ethical Hacking Tools Free Hacking Tricks How To Hack Hacking Passwords & Email Hacking

Friday, March 19, 2010

What is Rainbow Crack and How to do it: The Time-Memory Tradeoff Hash Cracker : How to Crack Windows passwords

This article has been posted by our fellow members Mr.Amey Anekar, Mr.Rahul and Mr Sachin.

Before going ahead with the discussion let us first explain to you why it is so difficult to crack windows passwords.

Windows uses NTLM, LM or MD5 algorithm to encrypt the plain text passwords and saves it in system32/config folder. The encrypted passes that are saved in the SAM file under system32/config are called hashes. Now dont just browse the SAM file and attempt opening it. It's useless doing this under windows. Even if you get to open this file using another OS eg. a live linux distro, you need the keyhive, coz the SAM file is further encrypted with it's key in the 'system' under the same dir as SAM.

The algorithms NTLM, LM or MD5 are not proprietary. So the first thing you might think is, WOW!! then just get the hashes apply the reverse algorithm on them and recover the password. But it's not so easy smart ass. Read further.

Common features of NTLM, LM and MD5 algo:

The hashes once formed it is computationally infeasible to recover the original string from the cipher. In layman's lang, the algorithm is irreversible.
No two strings can ever have the same hashes.
A minor change in the string causes a considerable change in the hash. This is known as avalanche effect.

So when you login to your box and enter the password, the password you entered gets encrypted in one of the forms above and then the so formed hashes are compared to the saved hashes and if they match you are allowed into the system. So from this you can know that even your computer is not aware of your real password.

The passes of your email accounts are also stored in the similar fashion. That's the reason when you say you forgot your password, the website resets your password and cant show you your original password coz even they dont know it. Click the link below to read the rest of the post.

So the only way to crack the hashes is using brute-force. This is where rainbow tables come into the scene. Rainbow tables sound fancy but are very simple to understand. Rainbow tables are a collection of strings and their relative pre-compiled hashes. Each of the hash in the rainbow table is checked with the original hash and one which matches has it's corresponding string as the password. Sounds complicated?? Don't worry script kiddies. Hacktivism has already binded all that you need to crack these hashes.

One of the most widely used tools for hash cracking is Rainbow Crack. You can download it from http://project-rainbowcrack.com or if you are using backtrack, it is already installed.

Well rainbow crack takes hashes as inputs. So first you have to extract those hashes from the SAM file. Now we assume that you are using BackTrack 4. If you are not, download it and then come back.

In backtrack to make things easy, go to the media where windows is installed, browse to the WINDOWS/System32/config folder and then copy the SAM and system file and place it on the desktop.

Open the terminal and type the following command:

samdump2 SAM system

This will give the following output

Now copy the part which shows all the accounts and their respective hashes and save them in a file, say, hashes.txt

Now you can either use rainbowcrack, john the ripper or ophcrack.

To use rainbowcrack you need the appropriate raindow tables. These rainbow tables are very huge, sometimes ranging in GBs. So they are bulky to download. Alternately, you can make your own Rainbow Tables using RTGen (more on this in the next post) but you can consider downloading some light-weight RT until then.

Download RT from

http://www.project-rainbowcrack.com/table.htm

To start cracking place the downloaded RT in /pentest/passwords/rcrack

Syntax for cracking hashes using rcrack. Go to the BackTrack Menu>Privilege Escalation>Password Attacks>Offline Attacks>Rainbow Crack

Now type

./rcrack rainbow-table-name -f hashes.txt

It may take a long time before finding the correct hash and the corresponding pass. So take a nap and come back...

If you want an easier but less effective way of cracking windows passes refer this post

This post may not be up to the mark, but this is how things are. The methodology can get better. You have to figure out ways to allay the steps. If you want to be a hacker, there is no spoon feeding. So research is the only way to successful hacking.

Happy Hacking!!!

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Thursday, March 18, 2010

What are the Relevant Laws, Responsibilities & Skills of the Ethical Hacker: A step by step explanation video tutorial on Ethical Hacking.

Responsibilities of the Ethical Hacker

Customer Expectations from Ethical Hacker

Skills of the Ethical Hacker

Relevant Laws for ethical hacker

For more..OR to purchase full series CLICK HERE

Online Security Firm Warns Of Rogue Gambling Sites

Continuing to our post Another DDOS Attack against a gambling portal Casinomeister.com

With March Madness gambling right around the corner, many online gambling sites are expecting a surge in Internet gamblers. Unfortunately, many are uneducated to the potential dangers of choosing the wrong online gambling site, and an Internet security provider has recently issued a caution to those who might turn to Internet to place their wagers.

According to BitDefender, a provider of award winning anti-malware security solutions, has issued a statement surrounding rogue gambling sites, phishing attempts, and similar attempts at electronic crime. Most of this crime was designed to steal personal data.

E-mail spam is a chronic problem for most people, and phishing attempts are turning to online gambling offers in order to pull credit card numbers and personal information. A rule of thumb states that if you did not sign up for a newsletter or mailing list, ignore all offers from these online gambling sites, as they are likely a rogue business seeking to harvest personal data. Only the most trusted USA Online Gambling sites should be used.

Fake online gambling sites are becoming more popular over the past few months. According to the press release, February saw a surge of these fake gambling sites, which are attempting to hook players in in order to facilitate identity theft.

Part of the vulnerability USA online gamblers face is that of the lack of regulation of the market in the United States.

“Online gambling exists in a murky grey area and casual gamblers can easily become victim to different types of cybercrimes – of which money and identity thefts are the most common,” stated Catalin Cosoi, BitDefender Senior Researcher.

The need for the regulation of online gambling is at an all time high, as only through the protection of the industry can players truly be safe from thievery. Greed will always be a problem in the entertainment industry, and those who are simply seeking to place wagers will either have to stick only to those gambling sites that have earned trust or find another way to wager without the risk of a thief’s implications.

Written by: Glen on March 17, 2010.

SOURCE: http://www.usaplayers.com

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Wednesday, March 17, 2010

New Cisco Ethernet switches to play broader video, security roles: CISCO also includes energy efficiency, location-awareness into Ethernet switches

Cisco Wednesday is unveiling new Ethernet access switches and enhanced routers designed to take on more of the jobs frequently handled by separate devices, such as those dedicated to handling video traffic or ensuring network security.

Cisco's latest offerings fit into its Borderless Networks strategy, a concept it introduced with its ISR branch routers last fall. Those routers, dubbed ISR G2 , are optimized for video and virtual services, Cisco said at the time.

Also read: Cisco says new monster CRS-3 router paves way for more powerful Internet

This week, Cisco extended video enablement among its Catalyst fixed configuration access Ethernet switches. Cisco also expanded the energy efficiency and security capabilities among some of its switches and routers.

"The days of the standalone appliance that sits alongside a network are over," says Zeus Kerravala, an analyst at the Yankee Group. "Much of this stuff should belong in a network device. The value proposition is that it's much easier to automate a lot of the process that goes into making those modifications" for video, power and security.

"The idea of Borderless Networks…gets away from the traditional idea that the network has to have a ‘hard' edge," says Steve Schuchart of Current Analysis.

Even so, both analysts say Cisco switching rival HP shouldn't be in any rush to try and match or exceed what Cisco's announced. The company will have its hands full closing the 3Com deal and digesting the company; after that, it can focus on what its customers demand in video, power and security support , they say.

As for Cisco customers, they may have a hard time comprehending and literally buying into the company's Borderless Networks scheme.

For full story click here

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Learn how to hack a PC or remote system using Trojan & Backdoor: Download LOST DOOR RAT all versions here for free

Lost Door is a backdoor trojan horse family of more than 10 variants which can infect Windows operating systems from 95 to XP. It was created by OussamiO and built using Visual Basic. It uses the typical server, server builder, and client backdoor program configuration to allow a remote user, who uses client, to execute arbitrary code on the compromised machine (which runs the server whose behavior can be controlled by the server editor). The server component (75,053 bytes) when running, connects to a predefined IP address on TCP port 2185, awaiting commands from the remote user who uses the client component can execute arbitrary code at will on the compromised machine.

Features

Lost Door allows many malicious actions on the victim's machine. Some of its abilities include:

Reverse connection
Webcam shot
Date and time manager
printer
Control panel
PC control
Executor
Dos command
Windows manager
Screen shot
Remote server manager
Server remover
Ip Grabber
Server Downloader
Icon Changer
Audio Streaming
Encrypt Settings
Volume Control
Connection Logs
Installed Application
Infect All USB
Multilanguage
Services Viewer
Remote passwords
MSN Controller
Remote Shell
Chat with server
Send fake messages
files manager
Find files
Change remote screen resolution
Information about remote computer
Clipboard manager
Internet Explorer options
Running Process
Online key-logger
Offline keylogger
Fun Menu

Infection Method

Lost Door has a server creator with features that allow it to be undetected by antivirus and firewall software, and also allow it to stealthily run in the background. The software only runs completely (including rootkit) in Windows XP/2000. Such features include disabling security software, removing and disabling system restore points, and displaying a fake error message to mislead the victim.

CLICK HERE TO DOWNLOAD ALL AVAILABLE VERSIONS FOR FREE

This version is now detectable by ESET NOD32 Antivirus. For other AV's, I have not checked.

Server

Dropped Files:

c:\WINDOWS\system32\dlllhost.exe

Size: 129,808 bytes

Added to Registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Winupdate"

Data: C:\WINDOWS\system32\dlllhost.exe

REFERENCES

http://www.checkpoint.com/defense/advisories/public/2009/cpai-30-Mar.html
http://www.megasecurity.org/trojans/l/lostdoor/Lostdoor_all.html
http://www.techmantras.com/content/lost-door-32-rat

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Tuesday, March 16, 2010

Another DDOS Attack against a gambling portal Casinomeister.com

Yesterday's story on a Distributed Denial of Service attack on the Internet gambling information portal Casinomeister.com has been followed by reports of a similar if less severe attack over the weekend on the Online Casino Reviewer website.

The two websites are idependent of one another and have different owners. In neither case were the attacks accompanied or followed by extortion attempts.

OCR webmaster Dave Sawyer reported that, like Casinomeister's Bryan Bailey, he was away over the weekend when he became aware that his site had gone down. Sawyer was able to interact quickly with his host company, which is not the same firm as that used by Casinomeister, confining the downtime to only five hours.

"The attack was similar to that used on Casinomeister, although not as widely distributed," Sawyer said. "I am working closely with our hosting company to ensure that OCR is adequately protected against any future attacks.

"The manner of the attacks was quite crude and unsophisticated. They basically iframe your site via a third party site and send a lot of traffic that way."

The second attack has triggered more speculation on the possible perpetrators by the many players who frequent both sites. The consensus appears to be that the originators of the attacks are likely to be among the several online casino operators that have come under scrutiny and exposure as questionable or 'rogue' operators.

Casinomeister remained down as we went to press Tuesday morning.

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Iran takes down human rights websites – accuses them of espionage

The Tech Herald recently got the opportunity to speak with Ahmad-Batbi, a spokesman for HRA-Iran.org, and hear his side of the story surrounding the events reported below.

According to Ahmad-Batbi, the recent takedown of 29 Iranian human rights related websites and arrest of 30 suspects, as reported by the IRGC, was not due to hacking, but torture.

The Islamic Revolutionary Guards Corps (IRGC) announced that its cyber teams hacked 29 websites linked to US espionage. In addition, 30 people were arrested on charges of waging a US-backed cyber war. Translation: These sites help dissidents so we took them down.

The official IRNA news agency reports that a number of organized “US-backed war networks” were broken, and 30 people were arrested in connection to the takedown.

The IRNA cited a statement from the Tehran Public and Revolutionary Prosecutor Office, which ties the sites to a CIA operation launched in 2006, operating on a budget of $400 million USD, designed to “destabilize Iran” by working with “elements of anti-revolutionary [groups] like MKO (Mojahedin-e Khalq Organization), monarchists and others…”

The statement from the Tehran Public and Revolutionary Prosecutor Office outlined the war network plans, noting that it was designed to gain access to Iran’s information banks, as well as penetrate and sabotage Iran’s Internet sites, fight against filtering in the country, create security for Internet users, and create a secure telephone and data communication ground for making interviews with Radio Farda, Radio Zamaneh, Voice of America and other western media.

Sadly, aside from a statement, there is no proof of the claims.

The FARS news agency backs the IRNA report and links to a statement from Gerdab, an organization linked to the IRGC’s Center for Combating Organized Crimes, that claims the “hacked websites acted against Iran's national security under the cover of human rights activities.”

Out of the 29 websites listed in the statement from the IRGC, two of them are parked on GoDaddy, and one site, hra-news.org, was listed twice. The duplicate domain shows some interesting statistics, which only account for Sunday and Monday. Seven of the domains are 404, including hra-iran.org, which has 16 of the listed domains pointing to it.

Two other domains, lc-hra.com and hrairan.org, are working normally, and appear unaffected by the “the destruction of organized networks of espionage and cyber-war” as reported by the IRGC in a translated statement. [Source] Looking at the results, it would appear that - hacked or not - the IRGC did manage to take a handful of sites offline.

The question remains, were the domains espionage related, or were they in place to help those who are against current policies in Iran? Would Iran’s government even differentiate between human rights organizations and espionage?

Based on the published rhetoric, the US and “the other arrogant powers” are spreading anti-Iran propaganda, going so far as to call the plan the Iranophobia project. [Source A & B]

“The US is seeking to create an atmosphere of Iranophobia in the region through stationing networks of anti-missile batteries in the Persian Gulf littoral states to secure interests of the United States the Zionist regime of Israel,” said Mohammad Karim Abedi, a member of the Iranian parliament's National Security and Foreign Policy Commission.

So with those statements in mind, the actions taken by the IRGC seem like a political move and an attempt to silence protestors, more than an attack on foreign intelligence. After all, the sites show no links to the CIA or any other government agency. There is no evidence in the cached pages to show anything other than anti-censorship and human rights activism, and most of them link to a single domain.

Yet, to back all their recent claims to the world press, the Iranian government closes the sites and arrests the activists while calling them spies, essentially wrapping things up in a nice tidy package.

Also, there is no real proof that the sites were hacked. IX Webhosting, which until it was taken offline hosted hra-iran.org, would not respond to requests for comments on why the site was taken down. We were told by one IX employee that they could not discuss the domain at all.

The fact is, reading over the news postings from the last few days on FARS and IRNA, Iran sees little difference between those who support Internet freedoms or human rights, and those who are conducting intelligence operations. If you stand against their government policies, you’re a threat to the state.

http://www.thetechherald.com

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Monday, March 15, 2010

Technology drives just about everything we do, and not just at our jobs. From banks to hospitals to the systems that keep the juice flowing to our homes, we are almost entirely dependent on tech. More and more of these systems are interconnected, and many of them are vulnerable. We see it almost every day.

But what if instead of simply a denial-of-service attack against select Websites, the entire Internet suddenly stopped working -- or for that matter, Google could not be reached. What if instead of a mere data breach, our financial institutions were attacked by a weapon that could instantly neutralize all electronic transactions? Or if hackers wormed their way into the systems that control the power grid?

[ Think you’re prepared for every IT contingency? Take the InfoWorld worst-case-scenario quiz to find out. | Every bit of your virtual existence is being monitored -- get scared accordingly with our Top 10 reasons to be paranoid. ]

Heck, what if God decided she'd had enough of us and decided to send a solar storm our way?

If you think these things can't happen, think again. Some already have occurred on a smaller scale. But we thought it might be fun to turn up the volume and see what might happen -- how likely a "tech doomsday" scenario might be, how long it would take us to recover, and how we might prevent it from coming to be.

What could possibly go wrong? Try these scenarios for starters.

Tech doomsday scenario No. 1: America goes dark

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

Dot-com (.com) marks 25th anniversary today on March 15

These days, when everyone seems to have a Facebook friend, is LinkedIn or can Google themselves, it's hard to remember the old days, before the dot-com revolution.

It was 25 years ago -- March 15, 1985 -- that the first dot-com domain name -- Symbolics.com -- appeared on the Internet, ushering in the commercial age of the World Wide Web.

Having a domain name made it simpler for the average person to access a Web site. Instead of having to remember a long series of numbers and dots, you could type in ATT.com, IBM.com or CNN.com.

Development was slow, at first. It took more than two years for the first 100 sites to go online and by 1995, the number had grown to 18,000.

But from those humble beginnings the Internet has grown to more than 80 million dot-com domain names, according to the Information Technology & Innovation Foundation (ITIF).

Crunching the numbers, 99.9 percent of all Internet growth has occurred over the past 15 years.

"The global diffusion of the commercial Internet has occurred with astounding speed," says the ITIF report "The Internet Economy 25 Years After .Com." "Every country on Earth, developed and developing alike, has adopted the Internet."

The impact on the U.S. economy of the Internet sector is estimated at $300 billion or about 2 percent of the total, according to a report issued by Hamilton Consultants and the Harvard Business school last year.

The expansion of the Internet hasn't been without its growing pains. The dot-com bubble burst in the early 2000s, taking billions of investor dollars with it, and fraud has been growing, tripling over the past five years, according to Internet Crime Complaint Center.

In 2005, losses attributable to Internet fraud were estimated at $183 million based on more than 230,000 complaints. By 2009, the number was nearly $560 million on 337,000 complaints.

"The figures contained in this report indicate that criminals are continuing to take full advantage of the anonymity afforded them by the Internet," said Donald Brackman of the National White Collar Crime Center. "They are also developing increasingly sophisticated means of defrauding unsuspecting consumers. Internet crime is evolving in ways we couldn't have imagined just five years ago."

The scams range from the ubiquitous e-mail scheme where someone needs help getting money out of countries such as Nigeria to nondelivery of online purchases.

But despite the downside, the ITIF sees a bright future for the Web.

Not only for conducting business, but for the sharing of information, provided online security is maintained and the Internet is expanded throughout the globe.

"So to the commercial Internet, congratulations on hitting your 25th birthday; you're just starting to enter the prime of your working years," the ITIF said.

SOURCE: www.cnn.com

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.