SESSION HIJACKING

• What is Session Hijacking ?

Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user's Web application session while that session is still in progress.

TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine.

• Techniques :

There are mainly three methods used to perpetrate a session hijack. These are:

1. Session Fixation:

The session fixation attack is a class of Session Hijacking, which steals the established session between the client and the Web Server after the user logs in. Instead, the Session Fixation attack fixes an established session on the victim's browser, so the attack starts before the user logs in.


For detailed info on How Session Fixation works click here.

2. Session Sidejacking:

where the attacker uses packet sniffing to read network traffic between two parties to steal the session cookie. Many web sites use SSL encryption for login pages to prevent attackers from seeing the password, but do not use encryption for the rest of the site once authenticated. This allows attackers that can read the network traffic to intercept all the data that is submitted to the server or web pages viewed by the client.

1. First the attacker uses a network sniffer to capture a valid token session called Session ID.

2. Now he manipulates the token session to gain unauthorized access to the Web Server or hijack the victim's web session.



For detailed info on How Session Sidejacking works click here.

3. Cross-Site Scripting:

The attacker can compromise the session token by using malicious code or programs running at the client-side. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker. The example shows how the attacker could use an XSS attack to steal the session token.


For detailed info on How XSS works click here.

• Protection :

1. Regenerating the session id after a successful login. This prevents session fixation because the attacker does not know the session id of the user after he has logged in.

2. Some services make secondary checks against the identity of the user. For example it will change the value of the cookie with each and every request.

3. Users may also wish to log out of websites whenever they are finished using them.

4. Encryption of the data passed between the parties; in particular the session key. This technique is widely relied-upon by web-based banks and other e-commerce services.




Happy Hacking...Enjoy...

For educational purpose only...Do not misuse it...

NETBIOS HACKING

Now I will show you how to hack a remote computer and gain access to its hard disk and printer...This technique is called NetBIOS Hacking...NetBIOS stands for Network Basic Input Output System...It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources...By default it runs on port 139...Ok, let's start NetBIOS :-)

1. Goto "start" and click "Run"...



2. Type "cmd" and click "Ok"...the Command Prompt will appear...



3. First use "nbtstat" command for manually interact with NetBIOS Over TCP/IP...All the attributes (switches) used with nbtstat command and their usage can be viewed...

Syntax: C:\>nbtstat -n



An intruder could use the output from an nbtstat against your machines to begin gathering information about them...Here 192.168.110.29 is an IP address of remote computer and <20> is nothing but the username of that system...

4. Now in the command prompt use "net view" command....It is one of the netbios commands to view the shared resources of the remote computer...

Syntax: C:\>net view \\192.168.110.29

If succeeded a list of HARD-DISK DRIVES and PRINTERS are shown with the massage "The command was completed successfully"...

5. Now use the "net use" command in the command prompt...This command enables a computer to map a share to its local drive...

Syntax: C:\>net use E: \\192.168.110.29\C

Syntax: C:\>net use F: \\192.168.110.29\Myprint

Syntax: C:\>net use G: \\192.168.110.29\SharedDocs

Here E, F AND G are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk...And C, SharedDocs are the names of remote computer’s hard-disk drives that you want to hack..."Myprint" is the name of remote computer’s printer...

6. After succeeding your computer will give a message that "The command completed successfully"...Now open "My Computer" you will see a new "Hard-Disk drive" (Shared) with the specified name...You can open it and access remote computer’s Hard-Drive...

Note: You can scan your network computers with a network scanner...I personally used Angry IP Scanner...It scans IP addresses and ports as well as has many other features...Download the scanner from HERE and find the live hosts...If you face any problem just post your comment...

Extract the file using WinRAR.
Password: xtrmhack.blogspot.com

Note: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios.

Happy Hacking...Enjoy...

For educational purpose only...Do not misuse it...

Wikitude SDK for BlackBerry 10 OS

 

 

With the Wikitude SDK for BlackBerry 10 developers can quickly and easily add an Augmented Reality View to their BlackBerry 10 project using standard web technologies.

• Content is created with HTML5 and JavaScript for maximum flexibility
• Powerful features to handle Augmented Reality content
• Cross-platform development of AR content
• AR content can be pre-packaged or loaded remotely on demand
• Simple and seamless integration with BlackBerry Cascades project

 

Wikitude hosting Augmented Reality Development for BlackBerry 10 webcast

 If you're a developer who is currently making use of the Wikitude augmented reality SDK for BlackBerry 10, you may be interested in tuning into the webcast lined up for tomorrow. Hosted by Wolfgang Damm, Lead Software Architect from Wikitude, the webcast will cover how to integrate augmented reality into BlackBerry 10 games and apps using HTML5/JavaScript/CSS as well as BlackBerry Cascades. Registration for the event is open right now, with things kicking off on November 20th, 2012 at 11:00am EST. If you're looking to take part, use the registration link below.

Register for the Augmented Reality Development on BB10 with Wikitude SDK webcast
Via: BlackBerry Dev Blog

#opIsrael - Hackers hit Israel with mass Cyber Attack over Gaza

Protesting against attacks taking place on Gaza, Anonymous hackers attempts to hack most of the Israel websites in the past few days. "government and private websites are under siege from hackers, who have mounted 44 million cyberattacks in less than a week", the government said.

Today Pakistani  Hackers also deface Israeli Bing, MSN, Skype, Live and other big sites and In counter-attack Israeli Hackers Leak Credit Card Data from Palestine ISP website.

Finance Minister Yuval Steinitz said just one hacking attempt was successful on a site he did not want to name, but it was up and running after 10 minutes of downtime.

Israel said that it generally experiences a few hundred hacking attempts per day. The attacks are reportedly coming from around the world.

Defence force sites have been the hardest hit, while the president’s site has been hit 10-million times, the foreign ministry seven-million times and the prime minister three-million times.

Both sides have been active on social media, with the Israeli Defence Force (IDF) going so far as to live blog some of its manoeuvres on Palestine. Combatants and civilians in Palestine meanwhile have been more active on Twitter, receiving support from hacker collective Anonymous.

Among the group's other high-profile targets were the websites of Israel's Kadima Party, which was taken offline shortly after being hacked, and Bank of Jerusalem. Most of the sites that were hacked appeared to be unavailable, but others displayed pro-Palestinian images and messages.

Top 10 Hacking Softwares 2012

The tools listed here are open source and we are not listing any licensed software here.
Also I would like to add that METASPLOIT" has been excluded from this list because it combines the power of several tools listed in top 10 so here we will only rate individual products.


1. NMAP - And the tradition continues and NMAP still the number one. 
Nmap ,by far is the best security scanning and hacking tool ever made. This software tops every list of top hacking softwares for its two reasons. Firstly,its ease of use and secondly,its wide usage.

It provides a wide range of features like port scanning, fingureprinting, os detection , ping , scanning an IP range , alive hosts etc. It has a rich command mode for advanced users which can combine several commands together to execute ones. Its the most recomended tool for new as well as advanced learners and security experts. It hosts its google  opensource project every year. Download Nmap.

2.SUPER-SCAN-  Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.  If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice. It provides a cool scanning experience with lot of information displayed. Download Superscan.









3. NESSUS vulnerability scanner -  I believe that this is the only tool that can break the top spot of Nmap and reach at number 1. Its a powerful tool but owing to its nature of operation, it is a lot buggy and hangs too. This tool has been the best tool for both network administrators and hackers because of its wide implimentation.The Nessus® vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks. Download Nessus



4. John The Riper - The fastest password cracker. It is available for several versions of unix and windows and has remained the all time favorite brute force password cracker.  currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes. Download JTR.




5. WIRESHARK and KISMET-  Improving by 2 points to reach the number 5th spot is wireshark. The 5th spot is combined spot for kismet as well as wireshark.
 It is the most preferred wireless security assessment tool and a single of its type in this field. It is a must have tool for all wireless junkies. Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames.  Download Wireshark.

Kismet is an 802.11 wireless network detector, sniffer, and intrusion detection system.  Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (devices and drivers permitting). Download Kismet





6. PANGOLIN SQL injection scanner - This is by far the best SQL injection scanner which scans a website for sql injection attacks. It performs test on the database to check if vulnerability exists or not. The tool is built to scan numerous popular databases and works quiet effectively for poorly configured websites. It had a tough competition with Havij but the nature of platform made me to choose Pangolin as the winner in this segment. Download Pangolin







7. NIKTO 2- A fresh arival and a must have. Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated. Download Nikto




8. Low orbit Ion Cannon- LOIC is an effective DOS attack tool which is said to have been made by the popular Anonymous hacking group. This tool can be used to flood a webserver with lots of data packets so that the service goes down and it becomes inaccessible. Recentely this tool was used to bring down PayPal and several other top websites around the globe.Download LOIC







9.CAIN & ABEL- The favourite password cracker of all kind. IT fell several ranks this year owing to its low support for new platform and stiff competition from several similar tools who are constantly updating.
Download Cain and Abel

10. HIDE IP-  There were several tools fighting for this last spot but the high usage of anonymous surfing made me to finally put Hide IP on the 10th spot. It is a great tool foranonymous surfing and having anonymity on the web which is very essential while performing hacks and penetration testing. It had TOR as is closest competitor but owing to the slow speed of TOR i decided Hide IP as the owner of this spot.
Download Platinum Hide IP






Hope you will love playing with these great tools. The list can be never ending as there can are numerous tools around. Before ending this post I will again like to remind my readers that a good hacker is one who understands the crux. Tools are mearly used to simplify our work. So forst understand things manually then only jump to using tools.