Friday, May 27, 2011

Top 5 Hack Tools for Hackers to Investigate Computer System

 Hello Friends, today i will share with you top 5 hack tools for hackers to Investigate or Forensic their computer system or PC. Have you ever felt that your system is compromised or shared ? Do you think your system has unusual softwares or packages installed on it that sends your confidential or secret personal data to other Hackers? Always fears to test any hack tool that it contains viruses or malware or not? Wanna investigate your network that which application is sending which data to whom or where?
If any of the question fits you then this post is for you. But if i speak by heart these tools are must for every normal users and hackers too to investigate their systems from boot to close. Today i am making you a real ethical hacker as today i will teach you how to investigate your system. And how to get rid of noobish antiviruses that do simply nothing on your PC just consumes resources of your system.


List of top 5 hack tools for hackers to Inverstigate or Forensic Computer system or PC:
1. Live View
2. Start up List
3. Open Files View
4. Wireshark
5. Helix 3


Working of above tools stepwise:
1. Live View
Live View is an open source utility that creates a virtual machine of the existing system. Live View creates a virtual disk out of the system that allows you to then safely investigate a copy of the system without interfering with anything installed. So you can easily investigate your system virtually without affecting the original system.
Now restart you PC for further investigations and tools to use.
You can download Live View for free here (Click here to download).


2. Start up List
Now you have a virtual copy of your system and now why you are waiting let's start investigating PC. So download the Start Up List (click here to download startup list).This is a great way to start the investigation of a system and determine what things might have potentially been put on the system to restart each time the system does. It will provide you the list of all programs that system use during the boot time. Great way to find the key-loggers and other remote monitoring tools as they are always added to start up.
Now why i am saying this tool as you can directly do it using MSCONFIG command. Answer is as simple as question, msconfig only displays the list of programs that are attached to start up using registry keys. Normally what happens the viruses attach themself to some of the existing windows service so it will become difficult to identify its instances. Start up list displays all the back ground programs too.


3. Open Files View
The next step in investigating your computer is to find or determine which other files, other than usual are open. In Linux we can directly do this using the ISOF command in the terminal but there is no similar command in windows. Ahhah now what will you do to investigate this.. Don't worry OpenFilesView is there(click here to download openfileview). Openfilesview is a Windows executable that lists all the files and processes that are active currently – both local and network based – on the system. So you can easily identify which unusual file is opened or which unusual process is running. Now how it helps, all key-loggers or remote administration tools always maintains a temporary file on which they write their logs or other details. Now nothing is hidden from you. You can see each and everything and find out easily that which noob virus or keylogger is running on your system.


4. Wireshark
Mine favorite tool out of 5 tools. Now you have researched your system using above there tools, it time to investigate your network traffic. Several times it happens, when you install some software you doubt that it is sending your personal data or information to someone else. Wireshark is a tool that monitors your network packets and analyze them where its sending data. Now how its helpful for you, Most Trojans and key-loggers sends logs using network and upload them to FTP or send them to some email address. Using wireshark you can monitor what they are sending and even the username and password of FTP and email accounts on which it is sending. This is the most promising factor that makes to love wireshark more. So why waiting download the wireshark for free: (Click here to download Wireshark).


5. Helix 3
Now you all will be thinks we have done everything, investigating is done.but i am Destructive Mind. So few more things are striking my mind. What more i can investigate in the PC. Any guesses...
Damn.. i forgot i was teaching you..
Now how will you determine what the noob viruses has changed in your system, which files they have edited or attached their signatures to which of the programs and most important what they have edited or added. This you can do with the help of Helix 3. Helix 3, a newly updated version of the live Linux forensics tool, can be used to examine the disk safely to see what has been finally changed. So guys now how classy you think you have become. But sorry to inform you that its the first part of hacker's life and i guarantee 99.99% guys doesn't know these tools. Ahhh... If they know about these tools then they surely doesn't know how to use them and more important if they know that also they probably never used them as they are LAZY enough and leave everything on noob antiviruses.
(Click here to download helix3)  Its a 30 day trial version guys, as licensed version is for one system only. But i can tell you some awesome tricks to use it as much as you want. For downloading evaluation version again and again just register with new email ID and remove the previous version using WinXP manager which removes registry keys also.


One more suggestion about these noob antiviruses, they detect only those viruses and Trojans that are in their database, if a new virus has come then you have to wait till next database upgrade for getting it detected.

SQL Injection tutorial to Hack websites | Hacking websites

we have already discussed about SQL Injections method of hacking websites here. Some of my website users reported that those articles are little bit difficult to understand for new users who wish to learn hacking. For the sake of new users who wish to learn website hacking and SQL injection, i am writing this article  at such a basic level that the user who didn't even have any prior knowledge of SQL can start SQL Injecting websites. This article is also beneficial for hackers too as it will refresh their concepts that what really we have to do and look into website URL if we want to hack website or its database using SQL injection. So Guys read on very basic SQL injection tutorial...
hacking websites, sql injection attack
SQL injection tutorial to hack websites | Hacking website databse


What is SQL Injection?
Basically SQL Injections or simply called Structured Query Language Injection is a technique that exploits the loop hole in the database layer of the application. This happens when user mistakenly or purposely(hackers) enters the special escape characters into the username password authentication form or in URL of the website. Its basically the coding standard loop hole. Most website owners doesn't have proper knowledge of secure coding standards and that results into the vulnerable websites. For better understanding, suppose you opened a website and went to his Sign in or log in page. Now in username field you have entered something say Adnan and in the password box you pass some escape characters like ',",1=1, etc... Now if the website owner hasn't handled null character strings or escape characters then user will surely get something else that owner never want their users to view.. This is basically called Blind SQL.

Requirements for SQL Injection:
1. You need a web browser to open URL and viewing source codes.
2. Need a good editor like Notepad ++ to view the source codes in colored format so that you can easily distinguish between the things.
3. And very basic knowledge of some SQL queries like SELECT, INSERT, UPDATE, DELETE etc..

What you should look into website to detect is it vulnerable to SQL injection attack or not?
First of all you can hack those websites using SQL injection hacks that allows some input fields from which can provide input to website like log in page, search page, feedback page etc. Nowadays, HTML pages use POST command to send parameters to another ASP/ASPX page. Therefore, you may not see the parameters in the URL. However, you can check the source code of the HTML, and look for "FORM" tag in the HTML code. You may find something like this in some HTML codes:

 < F O R M action=login. aspx method=post>
< i n p u t type=hidden name=user v a l u e=xyz>
< / F O R M>
Everything between the < f o r m >  and < / f o r m > parameters (remove spaces in words) contains the crucial information and can help us to determine things in more detailed way.


There is alternate method for finding vulnerable website, the websites which have extension ASP, ASPX, JSP, CGI or PHP try to look for the URL's in which parameters are passed. Example is shown below:
http://example.com/login.asp?id=10

Now how to detect that this URL is vulnerable or not:
Start with single quote trick, take sample parameter as hi'or1=1--. Now in the above URL id is the parameter and 10 is its value. So when we pass hi'or1=1-- as parameter the URL will look like this:
http://example.com/login.asp?id=hi' or 1=1--

 You can also do this with hidden field, for that you need to save the webpage and had to made changes to URL and parameters field and modify it accordingly. For example:

< F O R M action=http://example.com/login. asp method=p o s t >
< i n p u t  type=hidden name=abc value="hi' or 1=1--">
< / F O R M >

 
 If your luck is favoring you, you will get the login into the website without any username or password.


But why ' or 1=1-- ?
Take an asp page that will link you to another page with the following URL:

http://example.com/search.asp?category=sports
In this URL 'category' is the variable name and 'sports' is it's value.

Here this request fires following query on the database in background.
SELECT * FROM TABLE-NAME WHERE category='sports'
Where 'TABLE-NAME' is the name of table which is already present in some database.
So, this query returns all the possible entries from table 'search' which comes under the category 'sports'.

Now, assume that we change the URL into something like this:
http://example.com/search.asp?category=sports' or 1=1--

Now, our variable 'category' equals to "sports' or 1=1-- ", which fires SQL query on database something like:
SELECT * FROM search WHERE category='sports' or 1=1--'
 
The query should now select everything from the 'search' table regardless if category is equal to 'sports' or not.
A double dash "--" tell MS SQL server to ignore the rest of the query, which will get rid of the last hanging single quote (').
Sometimes, it may be possible to replace double dash with single hash "#".

However, if it is not an SQL server, or you simply cannot ignore the rest of the query, you also may try

' or 'a'='a
 
It should return the same result.
Depending on the actual SQL query, you may have to try some of these possibilities:

' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a
'or''='

How to protect you own websites from SQL injection?
 
Filter out character like   '    "    -    /    \    ;    NULL, etc. in all strings from:
*
Input from users
*
Parameters from URL
*
Values from cookie
That's all for today, 
I hope it really helped you to clear your basics about website hacking or website database hacking using SQL injection.
If you have any queries ask me in form of comments...
Regards
Adnan Anjum

Monday, May 9, 2011

Download BackTrack 5

How to download BackTrack 5
Download BackTrack 5 directly
Download BackTrack 5 from Mirror - Download BackTrack 5 Torrent

Name:     BT5-KDE-32.torrent
   
Size:           1840
   
Flavor:        KDE
   
Arch:          32 bit
   
Image:       ISO
   
Download BackTrack 5 KDE-32Bit  From Here  :     Torrent
   
MD5:     4150643026d292717f77ebb83948a034

     

=================

Name:     BT5-KDE-64.torrent
   
Size:            1800
   
Flavor:         KDE
   
Arch:           64 bit
   
Image:         ISO
   
Download BackTrack 5 KDE-64Bit From here :     Torrent
   
MD5:     80d65610de90ac7ede49b9f7935dfdd2

     

==================


Name:     BT5-GNOME-32.torrent
   
Size:                  1910
   
Flavor:              GNOME
   
Arch:                 32 bit
   
Image:               ISO
   
Download BackTrack 5 Gnome-32Bit From Here :       Torrent
   
MD5:                 b01a93a916fabb6d1640bd0054428e17


============================================

Name:              BT5-GNOME-64.torrent
   
Size:                1870
   
Flavor:            GNOME
   
Arch:               64 bit
   
Image:             ISO
   
Download BackTrack 5 Gnome-64Bit From Here:     Torrent
   
MD5:                75c4e7a969abc873d9e085656b156345

Thursday, May 5, 2011

Now Rip Or Clone Any Website [HTTRACK]

About It :
"It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system"


Download Now.!
HTTrack Version 3.44-1 [Windows 2000/XP/Vista/Seven]