The Hack o blog

Reinventing the weel

Tag Archives: Security

The Comodo Hacker Released Mozilla certificate for “real dumbs”

Category:WikiProject Cryptography participants

Image via Wikipedia

The Hacker that fraudulently obtained the Comodo.com SSL certificate published it on paste bin, i have not had time to verify yet, so subscribe for updates. ( Hes English is all most a good as mine)

Read more of this post

Advertisements

Dump utility to dump process/binary SAFESEH handlers

Sample of the Metasploit Framework 3.0 Beta ru...

Image via Wikipedia

This utility will dump the SAFESEH exception handlers in a process or binary. It is intended for the vulnerability researcher trying to exploit a vulnerability that requires bypassing SAFESEH.

https://code.google.com/p/safeseh-dump/

Hotmail exploit that allows changing of a large percentage of peoples passwords.

Windows Live Hotmail logo

Image via Wikipedia

It is now fixed, but here is the Hotmail exploit.

The link: https://maccount.live.com/ac/resetpwdmain.aspx

How it worked:

  1. Type in the Hotmail email you want to change the password for.
  2. Fill out the captcha.
  3. View page source on the next page and see what the users secondary email is (if it exists).
  4. Check to see if the email is registered (alot of people don’t even bother registering them). If it is, do the same thing you just did and keep going back until you have control over the first account you can.
  5. Reset passwords to those emails address in a daisy-chain fashion until you have control.

The old email used to be a hidden input element on the password reset form, but they just fixed it.

(source)

How to get all the local passwords on a windows PC

Screenshot of Ophcrack version 3.2.0

Image via Wikipedia

So many of my friends have been asking lately “I forgot my password on my PC how do I find it” Or “Dude how do I get the password to my boyfriends / girlfriends PC” or my favorite “how did you get admin access on the University system”, well the fact of the matter is that there are many methods of breaking into a computer system.

Like most hacking some are really freaking stupidly simple and others would take me an age to explain. As I have been really busy on some other things this week I’m going to demonstrate the simple method, I mean the really simple method to all you beginner hackers out there.

I will focus on windows for now, I have Linux and Mac tutorials but they can get a little more complicated, also you need access to the pc not just remote access for this method to work.

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

Step one: Go and get ophcrack:

http://ophcrack.sourceforge.net/download.php?type=livecd

Step two: Burn the ISO (The disk image you just downloaded) to a DVD. I use imgburn on windows.

Step three: Ophcrack runs from boot so press the boot order list during post usually F8 or F10, and select the DVD drive to boot from.

Step four: waste some time for a while and let the magic happen, it usually takes between 5 – 15 minutes to find and crack all the local passwords.

And there you go.

4Chan screen Protector V.1.1

While I dissect last week’s JavaScript for all you budding hackers, another question emerged how did I find out that 4chan was behind the attack, well bob like anything odd and daft on the internet the first place I look is 4chan someone will be posting about it, so I put on my 4Chan screen Protector V.1.1 and go and break rules 1 and 2, “4Chan screen Protector V.1.1” what is that I here you shout.  Well it’s this;

4Chan screen Protector V.1.1

4Chan screen Protector V.1.1

I developed this PC extension last year to stay safe will browsing the bowels of the internet <^_^>,To be quite honest I don’t know how any sane person could ever venture in to the /B/ without blindness, and just so you know indecent images on your PC are counted as downloaded even if they are in your browsers cache.

How to bypass a router password

A picture of the BT Home Hub

Image via Wikipedia

How to bypass a router password

Quite often in normal home networks a small router or a home Hub is used, they aren’t really routers and are usually a hybrid of a ADSL modem and a switch, they usually come pre-packaged with a default password if it has not changed then you can normally find the password here.

http://www.routerpasswords.com/

But if the password has been changed then you have two options, the first being using the reset button if you have one, this will reset all the settings and you should only do this in extreme situations.

Bypassing the routers password , this can be usually accomplished with 3rd party tools, most routers use a CGI (conman gateway interface) script to protect the system , they are commonly seen on adult web sites members areas , this attack can be also used to bypass there passwords.

The attack we will be using is a brute force dictionary attack ,this isn’t hacking in it’s normal sense mearly an attack using a overwhelming number of user names and passwords.

Step one: The Tools

This was the first tool I ever used, it introduced me to this world o so long ago. It’s old but not redundant and it works.

Access Diver

A word list, you will not need a user name list, just make a text file and type a list of common user names  main, administrator, user, and so on.

http://www.outpost9.com/files/WordLists.html

Proxy list, you don’t need this if you are on the home network but you will need it if you are connected over the internet then you will need some lists.

http://www.proxylist.net/

Step two: Locating The Router

Eyes step open up a command prompt and type ipconfig

IPv4 Address. . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

You will see commuting like this the Default Gateway is the routers IP address, told you it was simples.

If you are trying to access web site, then right click the login link and copy the link

If you are connected through the internet see this guide>

Step Three: Prepare the attack

Load the word list

Enter the proxies ( if needed)

Pass the IP address or URL in the Server box at the top.

Step Fore: Fire Everything

Fire Every ting

Fire Every ting

Click go and after some time you should get a password

A web crawler in bash

Web-crawler !!

Web-crawler !!

A web crawler in bash.

Forum master Scubudus posted on one of my favorite forums, a simple web crawler in bash. so I thought I would let you all in.

#!/bin/bash
#
#  [ 3/6/2009 ]       Bash Crawler       Scubidus[at]darckoncepts.org
#
#  Parse all Passwords and  Usernames from cirt.net and put them into a file
# with the following  format.   :product:user:pass:
#
#
url='http://www.cirt.net/passwords'
output='pass.lst'
cfile='.cookies.txt'
buffer='.buffer.txt'
pbuf='.parseBuffer.txt'</code>

declare  vflag=0

function error {
echo "Failed To Parse Data, No  Content Was found."
}

trap "rm -f ${cfile} ${buffer} ${pbuf};  exit" 0 1
trap "echo ' Ctrl+C Detected, output deprecated.'; exit" 2 3

while  getopts ":av:" flag; do
case $flag in
a) echo '[+]  Default Router Password Parser, Coded By Scubidus[at]darckoncepts.org'  &amp;&amp; exit;;
*) vflag=1;;
#?) echo 'Usage: No  Parameters Are Needed; -a for an about, -v for verbose';;
esac
done

echo  -n &gt; "${buffer}"; echo -n &gt; "${output}"

wget -q -O -  ${url} --referer="${url}" --keep-session-cookies  --save-cookies="${cfile}" &gt; "${buffer}"

spos=`cat "${buffer}" |  grep -n "table width" | awk -F: '{ print $1 }'`
epos=`cat  "${buffer}" | grep -n "/table&gt;" | awk -F: '{ print $1 }'`
lineCount=$(($epos-$spos))

cat  ${buffer} | head -$((${epos})) | tail -$((${lineCount}-1)) &gt;  ${buffer}

count=1
for each in `grep vendor "${buffer}" | cut  -f 2 -d ? | cut -f 1 -d '"' | sed s/\ /+/g`; do
url_buf="${url}?${each}"

if [ $vflag -eq 1 ]; then
echo ${count}  ${url_buf}
fi

let count=$((${count}+1))
wget -q -O - ${url_buf} --referer="${url}" --load-cookies="${cfile}"  --keep-session-cookies --save-cookies="${cfile}" &gt; "${buffer}"

epos=`grep -n '&lt;div id="block-block-7"&gt;' "${buffer}" | awk -F: '{ print $1 }'`
spos=`grep  -n '&gt;1. &amp;nbsp;' "${buffer}" | awk -F: '{print $1}'`

head -$epos "${buffer}" | tail -$(($epos-$spos)) &gt; "${buffer}" ||  error
vals=`cat "${buffer}" | grep -n "&lt;/table&gt;" | awk -F:  '{print $1}'`

lastVal=0
for i in $vals; do
if [  ${lastVal} -eq 0 ]; then
head -$i ${buffer} &gt; "${pbuf}"

echo -n ":`grep 'Product' ${pbuf} | cut -f 2 -d % | cut -f 2 -d  \&gt; | cut -f 1 -d \&lt;`" &gt;&gt; ${output}
echo -n  ":`grep 'User ID' ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1  -d \&lt;`" &gt;&gt; ${output}
echo ":`grep 'Password'  ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1 -d \&lt;`:"  &gt;&gt; ${output}

lastVal=$i
else
head -$i ${buffer} | tail -$(($i-$lastVal)) &gt; "${pbuf}"

echo -n ":`grep 'Product' ${pbuf} | cut -f 2 -d % | cut -f 2 -d  \&gt; | cut -f 1 -d \&lt;`" &gt;&gt; ${output}
echo -n  ":`grep 'User ID' ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1  -d \&lt;`" &gt;&gt; ${output}
echo ":`grep 'Password'  ${pbuf} | cut -f 2 -d % | cut -f 2 -d \&gt; | cut -f 1 -d \&lt;`"  &gt;&gt; ${output}

lastVal=$i
fi
done
done

http://www.grayhoods.org/viewtopic.php?f=57&t=1526

So you have a Virus / Malware / Spybot / RAT

Password

Image via Wikipedia

So you have a Virus / Malware / Spy-bot / RAT

To get rid of all of them download all of these

http://www.filehippo.com/download_hijackthis/
http://www.filehippo.com/download_spyware_terminator/
http://www.filehippo.com/download_ccleaner/
http://www.filehippo.com/download_spybot_search_destroy/

  1. Install and reboot.
  2. Press f8 and boot in to safe mode.
  3. Run them all.
  4. Turn off the router for about 10 minutes ( do this wile in safe mode).
  5. Update Windows.
  6. Create a new non-privileged user from the control panel in windows, you will use this for day to day use.
  7. Change all your passwords make a strong password by using this.

Steps to build a strong password

The strongest passwords look like a random string of characters to attackers. But random strings of characters are hard to remember.

Make a random string of characters based on a sentence that is memorable to you but is difficult for others to guess.

  • Think of a sentence that you will remember
    Example: “My son Aiden is three years old.”
  • Turn your sentence into a password
    Use the first letter of each word of your memorable sentence to create a string, in this case: “msaityo”.
  • Add complexity to your password or pass phrase,Mix uppercase and lowercase letters and numbers. Introduce intentional misspellings.
    For example, in the sentence above, you might substitute the number 3 for the word “three”, so a password might be “MsAi3yo”.
  • Substitute some special characters
    Use symbols that look like letters, combine words, or replace letters with numbers to make the password complex.
    Using these strategies, you might end up with the password “M$8ni3y0.”
  • Test your new password with Password Checker
    Password Checker evaluates your password’s strength as you type.
  • Keep your password a secret
    Treat your passwords with as much care as the information that they protect.

This is a made simple post for the non IT people I know it’s just a reference so I can tell them what to do. It’s not for all you pro hackers out there.

Also I don’t know where I found the pass word tips if the original writer could contact me I will give you credit.