DEVIL'S BLOG ON SECURITY


A DEVIL'S BLOG ON COMPUTER AND INFORMATION SECURITY, ETHICAL HACKING AND COUNTERMEASURES


Learn Ethical Hacking | Learn Hacking Online | Learn How To Hack|Hack Counter Hack| Ethical Hacking Tutorials


Home   ||   See All Tutorials  ||   Products  ||   About This Blog   ||  Subscribe To RSS Feed



Join facebook group THE HACKER DEVIL


Prevention Against Google Hacking.

Prevention Against Google Hacking


Previous to this we saw google hacking basics and some advanced google hacking operators. In this section we will see how to provide protection to your website from google hacking queries.
Website Cloaking:
It is a method where website is programmed to give different output to different IP address. For this a programmer first finds out IP with which search engine bot search for web pages then gives it different output when it comes to their website. Please note that not all pages are cloaked just the pages of importance are cloaked.

Google Hack Honeypot:
Google hack honeypot(GHH) is reaction developed to malicious kind of web traffic that hackers use to get information. It is open source and also supported by google itself.

Proper Configuration:
Proper configuration of website is necessary. Companies should not link their internal networks with company website. If it is necessary then make sure there should be proper configuration which should not allow external entity to enter internal networks of company.

Backup Storage:
Backup storage of website should not be kept on same server where the website is running. Use external space to store backup because backup pages can reveal more information than regular information available online.
google hacking

Take Privacy Registration For Website Domain:
Taking privacy for domain will disallow attacker's to gain domain and name information about your site. Many web hosting services now offer you online privacy, this step can hurt attackers information gathering phase very badly.

Banner Grabbing

Banner Grabbing


Banner Grabbing is process in which an attacker tries to find out application version installed in victims PC. In this following tutorial I 'll try to elaborate in short how we can grab banners. Note that errors are best friends as well as worst enemies of programmers as well as hackers since they reveal enough information that can be used against victim for exploitation. After we cover banner grabbing we will have our look on how we can prevent from banner being grabbed.

Banner Grabbing Using Telnet:
Telnet(previously known as Telephone Port) is one of the robust inbuilt tool that every OS has can be used to grab banner. In fact banner is grabbed using this technique is successful just because when we send wrong information to wrong port the victim returns with error message which also has banner information. Type the following in command prompt but before that be sure that telnet port number 23 is open by scanning via nmap.

C:\>telnet victim's_IP 80
HEAD/HTTP/1.1  (now press enter twice)

HTTP/1.1 200 OK
Date: Mon, 11 May 2010 22:10:40 EST
Server: Apache/2.6.01 (Unix) (Red Hat/Linux)
Last-Modified: Thu, 16 Apr 2009 11:20:14 PST
ETag: "1986-69b-123a4bc6"
Accept-Ranges: bytes
Content-Length: 1110
Connection: close
Content-Type: text/html

As you can see if the victim has not configured his/her system properly, we can get information like this which reveals our victim is using Apache server along with its version. Same  also applies to any other server.

Banner Grabbing From Error Pages:
Every server is configured to return some specific type of error message for known types of problems this can be used to grab exact type of server the victim is running. Please have a look on following error page,

Now lets see what information it reveals,
Server: Apache 2.0.63
OS: Red Hat Enterprise Linux 5
SSL Tool: OpenSSL 0.9.8

Above page is displayed by Apache when you type URL that does not exist on victim's server.
If you find any button with input, leave input blank and press button it'll reveal you programming language used for web development. Following error page is got when I pressed submit button leaving input fields blank.

The above error page shows victim is using external web mail program “Squirrel Mail v1.4.6-1” and also used PHP as development language now as per our knowledge is concerned Squirrel Mail needs PHP v5 as a intelligent guess “Squirrel Mail + PHP v5” we can conclude the victim must be running MySQL as its database server. But its just a guess but while port scanning you have found 3036 port open that means we can be 100% sure yes its MySQL server.

In All:
Development Tools: HTML + PHP v5 + MySQL
Mail Agent: Squirrel Mail v1.4.6-1

Grabbing Banner From Page Extensions:
This only means just have a look on URL to find out what application our victim might be using. Here you might need some good knowledge of programming to identify application version. To gain application version you have to save page on your hard disk and view page source then use your experience in programming to deduce version of application, once application is known. I am really sorry this type of version detection is not possible to be taught, it needs programming experience so for this kinda detection you need to be good in web development. 

.asp/.aspx: This sure-shot means victim is running Microsoft Active Server Pages technology.
.jsp:                 Java Based web technology. Most of the time database used is MySQL with JSP, this can be used as guess
.PHP:              PHP + HTML
.cfm:                Macromedia Cold Fusion
.asmx              .Net/J2EE
.jws                  Java web services
.wsdl                Web Service Definition Language (WSDL)

Note that extension may appear anywhere in URL so you must have keen look on it, next when extension doesn't seem familiar, Google with extension and you will surely get what kinda web development tools the victim has used.

Banner Grabbing Using Net Craft:
Net Craft is anti-phishing toolbar which also allows OS detection and banner grabbing. Browse to www.netcraft.com and type name of website you want information after “What's that site running”.

In next section we will discuss some more methods of grabbing banners and prevention against them. Please don't just read, try whatever you learned from this post. Don't forget to tell how was the post and is there anything you need more explanation

Track Email Delivery

Track Email Delivery


Reading this post for the only reason you read the title, track email delivery, isn't it. Whenever you send something important as mail you are always worried about whether it got read or not so here I 'll tell you about two services that will help you track your email messages.

Read Notify:
www.ReadNotify.com is professional e-mail tracking service. Service is paid and hence when you'll register they will offer you only 25 credits for demo. Service is damn good and complete information about your e-mail is traced out. It not only returns information about your mail got read or not but also brings information about IP address, time, location, web browser used and OS used to read sent email. It will also send you information about the mail has been forwarded or not or how many times it got read by recipient. Read Notify is most trusted email tracking service and hence used by many companies and even spammers.
To check out how a receipt appears click here.

Get Notify:
www.GetNotify.com is free counter part to www.ReadNotify.com. It also tracks emails but details are not as detailed as Read Notify. I have heard from many people that its service is not good but believe me they are not as detailed as Read Notify but their service isn't that crap. I am using it since one year and I don't have any complaints just because it never gave me any chance, so if someone has defamed Get Notify in front of you, try it before you accept his/her words, I guarantee you'll find the defamer wrong.

As a personal judgment I don't deny Read Notify is better than Get Notify but its not that bad either and don't forget it's 100% free, you have to compromise a little on free stuff. As a final verdict I 'll say Read Notify is best email tracking service whereas Get Notify is best free email tracking service.

How They Work:
Both use a same kind of strategy they ask you to embed email with a mini image provided by them while sending e-mail(Please note that this image is so small to get detected). When email is opened, this image sends all information about email to the person asked for receipt. No matter images are enabled or disabled this image will surely send information.

Don't bother about how you gonna use service because after registration both provide a cool video that demonstrates how to use their service and get most of it.

Thanks for visiting. Have a nice time and please don't forget to tell me about what you feel about above information about tracking email delivery.


Browse Anonymously

Browse Anonymously


How can I browse anonymously or stay invisible online ? Is these among those questions which bother you for keeping your privacy online. Anonymizers, proxy servers, VPN and VPS are some options that can help you out. All above services are also offered as paid service but for here we will just have our look on free services.
Anonymizers(anonymity server):
Anonymizers are nothing but proxy servers which act as browsers inside browsers for surfing, their advantage is that they digest everything from the page you want to visit and hence can not only protect your privacy but can also prevent you from online malwares. I 'll not recommend you using some specific anonymizer since firewalls block them someday so better visit http://www.proxy4free.com/ which updates list of anonymizers every hour so that you must get a working anonymity server. Alternatively you can use a TOR browser which really guarantees 100% anonymity. Download TOR from http://www.torproject.org/.

Proxy Servers:
Proxy servers needs some manual settings from your internet configurations. Proxy server lift the limitation that anonymizers had of only being used in browser by making proxy IP available for every application that needs internet connection. Visit http://www.proxy-list.org/ for fresh list of proxies.

Alternatively you always have option of using a proxy generating software, following is brief list of proxy software with their download link have your pick.



Please don't ask which is best among them, its hard to say since working of proxy depends upon load on proxy server and it may vary with time. As my personal preference I use TOR and Ultra Surf when need proxy level anonymity. Please don't use transactional type browsing like e-mail, social networking or financial transactions over proxy servers, its not safe and still anyhow you want to use them better not use anything else than TOR.

Virtual Private Network:
VPN's are most trusted way of hiding online even secure than proxy servers and anonymity servers. Following is list of some software that provide free VPN services.
Ultra VPN is one of the most used and most trusted free VPN service of world, if you have problem trusting any other free VPN service better opt this.

The problem with which every VPN suffers it speed and bandwidth penalty. Also they need registration, only usaip can be used without registering by using username and password “demo”. The advantage they have above Anonymizers and proxy servers is that you don't have to bother about transactional browsing.

Virtual Private Server:
Virtual Private Servers are provided by companies in which each concept of running multiple virtual systems on same system is adapted. Though every PC may be residing on same server but for each individual his system acts as completely separate system. These are most reliable source to stay invisible online but are only offered as paid service.

I hope I have covered enough so that you can have your pick. Don't forget to tell us about your views and experience about using above tools. Please note that no matter which tool you use you will have to suffer speed penalty but sorry that is that cheap cost that you have to pay to browse anonymously and stay invisible online.

How To Use Super Scan

How To Use Super Scan



Super Scan be considered as one of the complete tool that can be used for scanning as well as getting domain information about target system along with windows enumeration. It can perform all stages of scanning and hence most of the time becomes best choice for every hacker on windows system. Here in this section we will see how to use Super Scan.
 
Type IP address of target you want to scan in Hostname/IP(1). If you want to add multiple IP/Hosts to scan press key near (4) and then specify another Host/IP in same field(1). To scan range of IP address type Start and End IP even this can be added to batch by pressing key near (2). If you want to add range of IP address then in notepad specify each IP/Host on new line and import it via (5).
 
You don't need to bother about Hosts And Services and Scan Options because they are good enough by default, change them when get habitual of using Super Scan. The nest option is tools, here Super Scan provides you with several options used for getting domain name information and grabbing banner(process to get version of application victim is running).


Hostname/IP: Resolves host name and IP address.
Ping: Check system for being live.
ICMP Traceroute: Traces path by using ICMP packets.
Zone Transfer: It is part of enumerating system, we will discus it when we will cover enumeration.(Click Here)
Bulk Resolve: Import list of IP address and Host-names in form of text file.
HTTP/HTTPS: These options are used to perform banner grabbing in above image you can see when I scanned local host it gave output as Version of Apache server I have installed this helps in finding exploits to run on victim PC.

All other remaining tools will give you domain name information.
Windows Enumeration allows you to find out how much vulnerable the victim is for gaining access but that we will cover later. For now if you have any problem using tool, please ask for help. Let me know if something was difficult to understand.

Different Ways To Hide Files In Windows System

Different Ways To Hide Files In Windows System


Here in this section we will see how we can hide files(not folders) in Windows system without using any third party file hiding software.


1.Using attrib command:
attrib command is used to set file attributes, this command can be used to hide files as well as folders in any windows system. Type following command to hide complete folder,

c:\> attrib /s /d +h +s +r folder_name/file_name

to hide file type,

c:\> attrib /s /d +h +s +r file_name/folder_name

2.Using binary file addition with image:
To use this trick you will need any file compression utility(example, Winrar, Winzip, 7zip, Peazip). First of all compress your folders or files into compressed archive. For example let our archive name be demo.zip and image name be demo.jpeg. Now by taking binary addition of these files as image file can hide archive inside any image without any S-Tool. Type following commands,

c:\>copy /b image_file + archive_file output_image_file

now archive file will be hidden inside output image file. To extract archive file open image in any of file compression tool and extract files.

Example:
c:\>copy /b demo.jpeg + demo.zip out.jpeg

3.By using NTFS stream:
NTFS file system has a new feature added in it known as Alternate Data Stream, this property of NTFS file system can be used o hide files in another file. Press “win+R” then type “cmd.exe” in Run Window and open command prompt. Suppose the file you want to hide is max.exe in folder named hidden then type following command.

C:\hidden\>notepad hide.txt
C:\hidden\>type c:\hidden\max.exe > c:\hidden\hide.txt:max.exe

Now delete original max.exe and note size of hide.txt, you'll find no increase in file size. Your file max.exe is now hidden in hide.txt. To retrieve it simply copy hide.txt in FAT partition and you'll get both files separated.

Free Ethical Hacking Training | Learn Ethical Hacking Online Free | Learn How To Hack | Hack Counter Hack | Ethical Hacking Tutorials | Devil's Blog On Security