DEVIL'S BLOG ON SECURITY


A DEVIL'S BLOG ON COMPUTER AND INFORMATION SECURITY, ETHICAL HACKING AND COUNTERMEASURES


Learn Ethical Hacking | Learn Hacking Online | Learn How To Hack|Hack Counter Hack| Ethical Hacking Tutorials


Home   ||   See All Tutorials  ||   Products  ||   About This Blog   ||  Subscribe To RSS Feed



Join facebook group THE HACKER DEVIL


Chapter VII: Why People May Stop Visiting Your Blog

Now we are in chapter VII. Here we gonna discuss the real reasons why people may stop visiting you. Believe me these are actual and real reasons why people really stop visiting you. If you really care of your blog, following are some tips you must follow,
You Don't Post Frequently: You have been blogger since months but you post 1 or 2 posts each month and still want people to visit you. Please note that for such condition you must be a renowned full time blogger who researches a lot on every post so that whenever it gets published should become block buster. If you are just another blogger who blogs for fun and money then why are you so dull to post 1 post per week or 2 -3 posts per month. When you post frequently your visitors know when they must visit you for update. Don't be that dull to post 1 post per week or 2-3 posts a month, if you really want to be less better post 2-3 articles per week not month.

You Post Too Much: You like writing so you write 4-5 posts everyday and you want people visit and comment on every post. Of course no one will read more than 1 post per day on your blog, people don't even like to read newspaper full then why they'll read 4-5 posts everyday from you. As a frequency people like to read at most 2-3 posts or 3-4 posts on a blog per week, you are filling quota in a day. So once they find out you write too much, they'll think you have no other job and your work will appear futile to them. You might be spending several hours writing nice posts and just due to your this mistake your block buster post suffers tragedy of flop film. If you really wanna go hard post 1 post per day and 2-3 posts sometimes, don't forget to give your readers a break.

You Don't Care About Look Of Your Blog: Since the time I started blogging I thought why to change template and theme, they are just fine to go. I thought my friends will visit my blog at least for sake of friendship but that never happened when I asked them why they replied, “no issue you write good and awesome enough to read but come on can't you see your blog looks damn dull”. From that time I started changing and experimenting templates on my blog so that it should appear cool. There are many people who'll just come and go out no matter how good you write just because your site look monotonous. Word-press offers plenty of such templates for blogspot search for templates online you'll find them in several numbers. If you are still using that old default theme, please change it.

You Never Say Sorry Or Thank You: Everyone is prone to make mistakes. There's absolutely no one who don't make mistakes. So when you make one say sorry. Its necessary to say sorry if you make mistakes, errors and omissions, that'll show you are thankful to your visitors for visiting you and there's no way you want to give them wrong information. Next if some topic on your post is suggested by reader say him/her thanks.

All You Care Is Just You: When you write your opinion on your blog it is mandatory that someone might be there who'll not support you. When you get such visitor just don't bother about their views and don't go on to unnecessary discussion. Because of this you may not only lose that visitor but you'll also lose your regular readers who'll feel that discussion unhealthy.

You Don't Visit Other Bloggers: The biggest funda to getting visitors is visiting other bloggers and showing them you read them. Never forget to visit other bloggers and comment if you like them.

You Never Told Anyone You Are Reading Their Blog: Biggest problem with most of the bloggers. When you'll visit someone how the blogger gonna know you have visited him/her. Most people will say they'll leave a comment on blog, but think again the comment you make will really help the blogger to know you visited him/her. The answer is no, the comment you make sets link to your profile not to your blog. Its better to set an explicit link that will tell him/her you visited his/her blog and you too have one for him/her to visit. So whenever you comment leave a link to your blog or your latest or hottest post like this,
<a href=“Link”>Titlte</a>

Most of the bigger bloggers will not accept this kinda link and may delete your comment. But don't bother about them the people who'll not delete that comment will help you get higher page ranks and listing in google. I think that reason is good enough for you to use this kinda link below your comment. If can't figure out what to comment use any of the following,

If you disliked: “I don't agree with you”, “I am with a different opinion”, “There are many who'll not agree with you”

If you liked: “Nice one”, “Hey! that was cool”, “Interesting”, “Thank you for the nice information”, “That makes you rock”, “Now you said it”, “Hoping more post like this” etc

You don't have less words to show them you were there.

You Don't Have Images On Your Blog: A movie hardly works if it doesn't have a lead actress. A beautiful actress attracts not only men but also women to movie theaters(that's true women like a women in lead, that's why TV soaps are always hit though they always remain with same stories). If you are cleaver enough then you'll understand images acts as attraction part to your post, a video may not put that much influence but an image will put to make your reader stick and read full post. Try to include at least 1 image per post and maximum 4-5 images not more unless they are necessary.

You Don't Want People To Visit You: If you have set user-names passwords, log-ins etc that makes commenting private. You have already set your mind about no one should visit you then how you gonna get hits. Allow people comment without such bullshit and surely number will increase than before.

Your Blog Appears With Less Comments: No matter how many people visit you currently if you don't have comments a new reader will just read you and move on with a mind not to visit once again. Please encourage your readers to comment.

You Don't Have RSS/e-mail Subscription Option: This is very important for everyone who wants visitors to have an e-mail+RSS feed. There are many people who love reading you but just because you don't have these options they'll find for an alternative and you may lose them.

You Never Showed Up Who You Really Are: You are blogger you are awesome at your work, people love reading you and you have put an avatar or cartoon. When I visited CE-VOICE blog for first time the very first article that I read there was “Digital Afterlife: Data Immortal”. The post was so awesome that I became keen to know who actually is the person who wrote this article and to my surprise I just saw a cartoon there with just name of author. It was so irritating to see a cartoon at place of author. When I told my friends about that article they were surprised just because I don't usually praise anyone. Next day when I asked them about how they liked the article this was their answer, “We are not really interested in reading post by a cartoon”. That's true, your name and face should appear below your work not a cartoon. Slowly not only me but all my friends stopped visiting those blogs where blogger has decided to stay anonymous, no matter how good they are on their work. If you are the blogger who generally stays anonymous soon you'll not only go out of my visiting list but also from visit list of others. You don't need to be hot, sexy model like person, be just you and show of that its you who write his/her blog.
Never Make Yourself Appear Like This On Your Blog

I think its going big Ok I am leaving something for next day see you soon. Thanks for visiting.

Recent Posts

An Important Notice

Please don't panic watching several blank posts today, I am just testing source code of new template that I uploaded to change theme. I promise there will be no problem like this from coming Monday. I have posted 10 most recent posts that appeared on this blog on Recent Blog Post so that you must not get problem browsing real stuff due to blank posting. Sorry for inconvenience, thank you.

Some Must Read Articles Of This Blog

Some Must Read Articles Of This Blog


Tutorials

Stories

Some stories that I posted on this blog

Other Articles On Facebook

Following are the posts in which we discussed some of well known facebook hacking tools

Save Your Facebook Account

Following are those posts in which we discussed how to save facebook accounts from getting hacked


The RAT (Remote Administration Tool)-2

Why RAT's Don't Get Detected

So we are back to the second part of The RAT Remote Administration Tool. In this section we will learn how an attacker manages to hide a RAT in victim's computer, if you are new visitor or you haven't read the first part I urge you to please go through previous post on The RAT before you read this.

Before we proceed I want to tell you there's no RAT tool available whose server can not get detected by an Anti-Virus program. At practical level every Anti-Virus program can detect RAT developed by all possible free as well as commercially available RAT developing tools. Then how an attacker manages to implement an attack on you. Following may be the reasons, why you may become victim to his/his attack,

  1. Your Anti-Virus Sucks
  2. The attacker has created his/her own RAT client
  3. He had got a custom RAT client from RAT client vendor
  4. Applied Hex-editing on his RAT server EXE
  5. Attacker has used crypt or

As I always tell you hacking evolves by fractions of minutes to fractions of seconds, RAT clients also gets updated and hence your Anti-Virus too needs to be updated. If you don't update it means you are inviting more and more troubles than just RAT, always update your Anti-Virus programs or let its auto-update option enabled. In any other case than this if your Anti-Virus fails to detect RAT it means it is total crap UN-install it and use some another Anti-Virus program.

The second case is the attacker is master programmer and he/she has used his/her master programmer skill to develop a new custom RAT client. Since the code is new, no Anti-Virus will have its definition ultimately making it Fully UN-Detectable (FUD). It is really very hard to keep yourself safe from such kinda RAT since it is hard to detect before damage is done.

Some vendors also offer custom RAT clients for special price, again due to its code being new any Anti-Virus program will hardly have its definition and hence even this works. Next is hex-editing, it is one of the most difficult thing to do for changing signature of the RAT server(our virus) file. So far as I know it is really very difficult and attacker must be having powerful hand over understanding different number systems and machine level codes, also it is very time consuming process. If you want to know how it is done then Rahul Tyagi has offered a pro tutorial on his blog www.salienthacker.in on hex-editing.

Last is one of the most easiest methods and due to which a VIRUS code becomes Fully Undetectable. The use of crypt-or software avoids the job of recoding and hex-editing and mutates the signature of virus file in such a way that it works fine but its code generates different signature which is not anyhow matches the previous signature, thus making is undetectable.

Other factor that leads to hide RAT in your system is process space sharing. In this the RAT server file shares process space of system processes or well known process like,
explorer.exe
svchost.exe
services.exe

And the last factor that let them do their job is port number. Many RAT clients will use regularly used port numbers to establish connections like HTTP port 80, HTTP proxy port 8080, FTP port 21 and uses any kinda connection may it be TCP or UDP.

So above are some reasons why a RAT server doesn't get detected when all codes are available to Anti-Virus vendors. So the next time we meet we'll discus how you can prevent yourself from a RAT attack.

The RAT (Remote Administration Tool)

In this post we will learn how to create Remote Administration Tool(RAT). But before we proceed let's discus some basic terminologies.

Trojan: Trojan horse or Trojan is a malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system. It is harmful software/code that appears legitimate. They come packed with some other piece of code or software and hence users get tricked to run them. The term Trojan has been derived from the Trojan Horse from Greek Mythology.

Types Of Trojan:
1.Remote Access Tool (RAT)
2.Proxy
3.File Sending Trojan
4.Security Disable rs
5.Denial Of Service (DOS)
6.File Sending Trojans(FTP Trojan)
7.Destructive Trojans

Remote Access Tool(RAT): Remote Administration Tool also known as RAT is used to remotely connect and manage single or multiple computers. RAT is one of the most dangerous Trojan because it compromises features of all types of Trojans. It provides an attacker with nearly unlimited access to host computer along with Screen Capture, File management, shell control and device drivers control. RATs uses reverse connections to connect remote system and hence are more likely to remain undetected. They can hide themselves in process space of legitimate program and hence never appear in task manager or system monitors.

A Trojan generally has two parts Client and Server or Master and Slave. We can say Server is Slave and Client is Master. So a server side is installed on a remote host and the attacker manipulates it with client software. In olden days making a Trojan was a job of master programmer but now a days several Trojan building tools are available. Most of them usually have same kinda interface so its quite easy to use any Trojan client once you have used any one of them . Following is list of some well known Trojans and Trojan Building Tools,

1.Casa RAT
2.Back Orifice
3.Bandook RAT
4.Dark Comet Rat
5.Cerberus
6.Cybergate
7.Blackshades
8.Poison Ivy
9.Schwarze Sonne RAT
10.Syndrome RAT
11.Team Viewer
12.Y3k RAT
13Snoopy
15.5p00f3r.N$ RAT
16.NetBus
17.SpyNet
18.P. Storrie RAT
19.Turkojan Gold
20.Bifrost
21.Lost Door
22.Beast
23.Shark
24.Sub7
25.Pain RAT
26.xHacker Pro RAT
27.Seed RAT
28.Optix Pro RAT
29.Dark Moon
30.NetDevil
31.Deeper RAT
32.MiniMo RAT

If you think the list is very big then I must tell you it's not complete nor it covered 25% of RAT building tools.

Demonstration: How to create a RAT:Since there are several tools available and most of them have same kinda interface we can select any RAT building tool for demonstration. So here we select Cerberus Client to demonstrate working of RAT. Please note that using RAT for hacking is crime please take this demonstration for educational purpose only.

Type “Download Cerberus RAT” in Google search and download Cerberus RAT. Execute Cerberus file and launch program. Accept EULA and following interface will be launched in front of you.
To create server press new button.

As you can see there are several options are available in settings but for our demonstration we will use most common settings. In “Basic Option” type your IP address and then press “+”. In identification name of the server from which your client will identify to which server it's listening, this name is given for your client to identify connection. No need to specify what to put in connection password. Specify the port on which you'll like to listen. Please keep note of this port since you'll have to configure client settings to receive information on this port.
The next option is “Server Installation”. From “Directory Installation” you can select where and in which name folder your RAT server will be installed. In “File Name” option you have to specify name and extension of your server. Boot Methods gives you option to start your server as “System Service” or “User Application” take your pick or leave them untouched. “Anti-Debugging” function allows your RAT to bypass Virtualisation and Sandboxing.

From “Misc Options” you can activate key logging feature as well as you can select how your RAT can hide itself in another process.
Display Message” option gives you power to show custom message on victim's computer.
Black List Item” option allows to set logic for execution of your RAT server with respect to specific process and service. Mostly only advanced users use this feature.
Overview” allows you look of features of your RAT. Now select an icon and press create server to create server.

Now the add file function allows you to bind your RAT with any legitimate file most probable is an executable installation file. To avoid detection don't use custom message box and UN-check “Run in Visible Mode” option while creating server. 
Configuring To Listen On Client: To configure Cerberus to listen on specific port select options and put “Connection Password” and “Connection Ports” that were specified in Server. Wait for victim to execute server and then just right click on listening server and play with options.

Following is video demonstration to above procedures and methods described to create RAT using Cerberus Client.




Now when next time we will discus RAT we will take a look on how you can counter and prevent yourself from RAT attack. Please give us your comments it'll help us improve. Have a nice time and keep visiting.

Save Your Facebook Account-4

So now its our final touch to “SAVE YOUR FACEBOOK ACCOUNT”. Before we proceed again I want to notify you that every online facebook cracking tool that I found in Google search were just scams. I'll not advice any of you to try them just because they will just waste your time.

The final way how an attacker can hack your facebook account by creating a facebook application and sending you request to use it. Please note that hacking facebook does not always include hacking passwords, it may also include getting your e-mail ID, telephone numbers and list of your friends along with their e-mail ids. If you have used any facebook application then you might remember that every application asks for access to your personal information, if you grant access application can take over every possible information that is available on your account.

You may have came across some applications like “Who visited your facebook account”, “Get Free Mobile Recharge”, “Unknown Secrets Of Girls/Boys” and “Get 1000$ wire transferred to your account”. Now even facebook don't have any mechanism to know who visited your profile then how an application will know, free mobile recharge is no doubt is bluff and that secret thing about girls/boys shows you nothing. All these applications just spam on everyone's wall of your friend list and and then they get tempted to use it and it again spams their friend list. Never believe these kinda applications they are just scamming stuff. The last but not the least is that 1000$ wire transfer, no doubt you are biggest fool if you believe that application really works. I think there is no need to explain what it really does.

At last I will just ask you to keep yourself safe from all these kinda facebook applications. If you don't use any application anymore just delete that application from your profile. If any new method will arrive which will claim its possibility to hack facebook then I ll come back with a solution. Thank you, have a nice time and keep visiting.

Save Your Facebook Account-3



Though phishing sites and Facebook Cracking tools work fine they can only be used to trap a user who usually don't know much about computing threats. To capture the one who is not really a shit head , the attacker may installer a key-logger in system. There are many free and commercial Key-loggers available in market that can be used for this purpose. A key-logger can not only help attacker to get your facebook password but might also help him gain access to your e-mail passwords, credit card numbers and other confidential information. Most anti-virus programs can detect free spy-wares and key logging tools but commercially available key-loggers and spy-wares are difficult to catch using anti-virus programs available in market.

So for removing spy-wares and key-loggers you'll need special anti-spy-ware and key-logger detecting tools. Sniper-Spy and Win-Spy are the key-loggers that doesn't get detected by any ant-virus program. It is commercially available and hence strong for any anti-virus program to get detected.

For removing key-loggers and spy-wares you need software like Spyware Detector, Spy Shelter, KL-Detector and Spyware Doctor. All these programs are commercially available anti-spy-ware and anti-key-logger software. Spyware Doctor has been reported as software which can practically remove any commercially and freely available spy-ware or key-logger.

But as you know to install key-logger and spy-ware an attacker may need physical access to your computer with administrative privileges so its better to avoid attacker’s physical contact with your computer, so better not leave your PC alone. But again its not possible, so here's some practical solution to this problem,

-If you use laptop enable boot time password, I know bypassing BIOS password is easy but believe me not that easy if you own a laptop.
-Provide Administrator account a strong password and then create an other account with administrative privileges and disable Administrator account.
-Use syskey utility to enable additional encryption on user accounts database.
-Never disclose your administrative password to anyone.

Above tips can help you prevent your system from facebook hackers as well as key-loggers and spy-wares. So in next issue we’ll discus final method which can be used to hack your facebook account and preventive measures against it. Have a nice time and keep visiting.

Chapter VI:Reasons Why You May Feel To Quit Blogging

When I started blogging I started it with my friends but in course of time they all just quit and I kept my momentum so now I am earning and they are not. There can be several reasons why you may feel to quit blogging, if you are the one who want to start blogging following may be the reason why you may quit.

You Get Less Visitors: The very common reason why many bloggers quit very soon. Please note that no blogger in world got traffic in few days, some got them early and some have to wait for years to get loyal readers. For now its golden age for blogging little wait may give you good results so don't get dishearten by less number of visitors, at least for an year.

You Don't Love Blogging:Ya, if you don't love blogging there's no way you can earn visitors and even if you earn them you will not be able to hold them for long time. Getting readers is difficult but losing them is just very easy. I'll not advise you to blog until you really love blogging as your activity as watching Television or playing Games.

You Blog For Money:Just blogging for money doesn't really pay you anything. Try to blog for maximum readers because number of visitors make huge amount of money. So don't try to sale a product try to bring customer to product if he/she gets attracted of course your balance will increase.

You Don't Know What To Write:You are writing from a long time and now you can't figure out what to write. That generally happens when you don't keep yourself updated with your own work. Try reading books and watching shows related to your blog topic, I guarantee there will be no shortage of content.

You Were Away From Blogging For A Long Time:When you keep yourself away from blogging for a long time you will find it boring to write further please don't ever do that, write at regular intervals.

No One Comments On Your Blog:This is one of the reason why even I felt to quit many times. The reason no one comments on your blog is most probable is that you don't comment on anyone's blog nor you reply to anyone's comment. Try commenting on others blog for one or two months soon you'll find your blog is also flooded with comments.

No Subscribers:You might feel upset because your subscribers are few and may think to quit. Please note that subscribers are nothing but your loyal readers and of course it takes time to build loyal readers, so don't bother they'll come when there is right time.

No Listing In Google:If you are really bothered about getting listed in Google and this is your reason to quit then I'll place a solution as a last chapter to this series. So this should not act as a problem for you to quit for now.

You Run Several Blogs:Managing several blogs is very difficult, try to write for only 1 or 2 blogs.

You Are A Copy Paste Fellow:You usually copy and paste contents from other bloggers just because you lack contents of your own. Being honest I saw many such bloggers quit soon so if you are among them then I know even you'll quit soon. Stay honest with your creation it helps in gaining visitors as well as improves your blogging skills.

Free Ethical Hacking Training | Learn Ethical Hacking Online Free | Learn How To Hack | Hack Counter Hack | Ethical Hacking Tutorials | Devil's Blog On Security