Hack remote computer via IP and open ports by Shine sreedhar

Literally, hacking is accessing something or somebody in internet without their permission or interest. While, speaking in summary, hacking is very easy job, it is like instead of using front door, finding the hidden door of a house and hijacking the precious things. Among all the hacking, hacking via IP address is one of the most common yet powerful beginning.

You may want to hack the website and put your advertisement there or grab some database information In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer. Because, www.website.com is hosted in separate web server rather than personal computer.

Another can be accessing your friend’s computer from your home. Again this is IP based and this is possible only when your friend’s computer is online. If it is off or not connected to internet then remote IP hacking is totally impossible.

Well, both of the hacking has the same process. Let’s summarize what we must do.

1. Confirm the website or a computer you want to hack.
2. Find or trace their IP address.
3. Make sure that IP address is online
4. Scan for open ports
5. Check for venerable ports 

6. Access through the port
7. Brute-force username and password

Now let me describe in brief in merely basic steps that a child can understand it.
First, getting the IP address of victim.
To get the IP address of the victim website, ping for it in command prompt.

For example,
ping www.google.com

will fetch the IP address of Google.com

This is how we can get the IP address of the victims website.

How about your friend’s PC? You can’t do www.yourfirend’sname.com, can you? Finding your friend’s IP address is little tough job, and tougher it is if he has dynamic IP address that keeps changing.

One of the widely used method to detect IP address of your friend is by chatting with him.

You might find this article helpful

How to get the IP address using MSN/Yahoo/Pidgin messenger

Now you got the IP address right? Is it online?

To know the online status just ping the IP address, if it is online it will reply.

If the IP address is online, scan for the open ports. Open ports are like closed door without locks, you can go inside and outside easily.

Use Advanced Port Scanner to scan all open and venerable ports. 

Now you’ve IP address and open port address of the victim, you can now use telnet to try to access them. Make sure that you’ve telnet enabled in your computer or install it from Control panel > Add remove programs > add windows components.

Now open command prompt and use telnet command to access to the IP address. Use following syntax for connection.

telnet [IP address] [Port]

You’ll be asked to input login information.

If you can guess the informations easily then it’s OK. Or you can use some brute-forcing tools like this one: Brutus, THC Hydra...

In this way you’ll able to hack remove computer using only IP address

BACKTRACK 5 WIRELESS PENETRATION EBOOK [DIRECT LINK]

Chapter 1: Wireless Lab Setup

Hardware requirements
Software requirements
Installing BackTrack
Time for action – installing BackTrack
Setting up the access point
Time for action – configuring the access point
Setting up the wireless card
Time for action – configuring your wireless card
Connecting to the access point
Time for action – configuring your wireless card

Chapter 2: WLAN and Its Inherent

Insecurities
Revisiting WLAN frames
Time for action – creating a monitor mode interface
Time for action – sniffing wireless packets
Time for action – viewing Management,
Control, and Data frames
Time for action – sniffing data packets for our network
Time for action – packet injection
Important note on WLAN sniffing and injection
Time for action – experimenting with your Alfa card
Role of regulatory domains in wireless
Time for action – experimenting with your Alfa card

Chapter 3: Bypassing WLAN

Authentication
Hidden SSIDs
Time for action – uncovering hidden
SSIDs
MAC filters
Time for action – beating MAC filters
Open Authentication
Time for action – bypassing Open
Authentication
Shared Key Authentication
Time for action – bypassing Shared
Authentication

Chapter 4: WLAN Encryption

Flaws
WLAN encryption
WEP encryption
Time for action – cracking WEP
WPA/WPA2
Time for action – cracking WPA-PSK weak passphrase
Speeding up WPA/WPA2 PSK cracking
Time for action – speeding up the cracking process
Decrypting WEP and WPA packets
Time for action – decrypting WEP and
WPA packets
Connecting to WEP and WPA networks
Time for action – connecting to a WEP network
Time for action – connecting to a WPA network

Chapter 5: Attacks on the WLAN

Infrastructure
Default accounts and credentials on the access point
Time for action – cracking default accounts on the access points
Denial of service attacks
Time for action – De-Authentication DoS attack
Evil twin and access point MAC spoofing
Time for action – evil twin with MAC spoofing
Rogue access point
Time for action – Rogue access point

Chapter 6: Attacking the Client

Honeypot and Mis-Association attacks
Time for action – orchestrating a Mis-
Association attack
Caffe Latte attack
Time for action – conducting the Caffe
Latte attack
De-Authentication and Dis-Association attacks
Time for action – De-Authenticating the client
Hirte attack
Time for action – cracking WEP with the
Hirte attack
AP-less WPA-Personal cracking
Time for action – AP-less WPA cracking
Summary

Chapter 7: Advanced WLAN

Attacks
Man-in-the-Middle attack
Time for action – Man-in-the-Middle attack
Wireless Eavesdropping using MITM
Time for action – wireless eavesdropping
Session Hijacking over wireless
Time for action – session hijacking over wireless
Finding security configurations on the client
Time for action – enumerating wireless security profiles
Summary

Chapter 8: Attacking WPA-Enterprise and RADIUS

Setting up FreeRadius-WPE
Time for action – setting up the AP with
FreeRadius-WPE
Attacking PEAP
Time for action – cracking PEAP
Attacking EAP-TTLS
Time for action – cracking EAP-TTLS
Security best practices for Enterprises
Summary

Chapter 9: WLAN Penetration

Testing Methodology
Wireless penetration testing
Planning
Discovery
Time for action – discovering wireless devices
Attack
Finding rogue access points
Finding unauthorized clients
Cracking the encryption
Compromising clients
Reporting
Summary

DOWNLOAD LINK:

http://adf.ly/RAD9c

FACEBOOK HACK EXPOSES CONTACT INFORMATION OF 6 MILLION USERS

Facebook has officially apologised for a bug in its system that led to the contact information of 6 million users being accidentally let out. According to the company, on Friday a bug was encountered that resulted in the contact information, such as email addresses or phone numbers, being accessed by other users who either had some contact information about that user or some mutual connection with them.

In a note that was released by Facebook Security yesterday, the company said that the root cause of the problem is “pretty technical” and was caused due to its "Download Your Information" tool. The Download Your Information tool, as the name suggests, allows users to access and save a copy of their personal account archive. This archive includes pictures and posts which may have connections or mentions of other users who are mutual friends. Facebook has always used the additional information that users upload on the site to streamline the friend suggestions that it provides for users.

And that is where the bug comes in. While tailoring personal data, the bug shifted some of the personal information such that it was accidentally stored in the affected user’s contact information, as a part of their Facebook accounts.

Thus, if someone were to use Download Your Information to get a copy of their account archive, they may have been provided with additional e-mail addresses or telephone numbers for their contacts, or for people that they have some form of connection with on the social networking site. And that is only part of the problem. Because the contact information was provided by other people on Facebook, the accuracy of the information can be questioned.

While the 6 million users who were affected by this represent a fraction of the 1 billion users that Facebook boasts, it is still a security flaw that has the potential to scare away prospective users. Facebook has said that there seemed to be no malicious intent behind the bug, and that it has fixed the problem and will soon inform all affected users via email.

Ironically, the bug was found not by Facebook's security team, but by someone who was taking part in Facebook's "White Hat" hacker programme, which offers a bounty for anyone who can find bugs on the site, paying a minimum reward of $500 per bug. The bounty is awarded "based on [the bug's] severity and creativity," according to Facebook's White Hat page.

YAHOO ADVERTISING SERVICE VULNERABLE TO XSS ATTACKS

Yahoo! Advertising Service has is vulnerable to cross-site scripting security bugs, discovered by Soumyodeep Mondal. Vulnerability is yet unfixed and exploitable using a simple payload as shown in screenshot. There is a demo video also available to show Proof of concept. Back in January, Yahoo! said that it had fixed a cross-site scripting (XSS) vulnerability in its webmail service which was blamed for a spate of account hijackings. The compromised accounts were used to send spam. Also The Yahoo! blog was vulnerable to XSS attacks because it utilized an outdated version of WordPress.

DEMO VIDEO: http://www.youtube.com/watch?v=tFXjvqZ1Q2M - See more at: http://backtrack-page.blogspot.com/2013/06/yahoo-advertising-service-vulnerable-to.html#sthash.5Ucg4cPY.dpuf

HACKING DROPBOX ACCOUNT VULNERABILITY ALLOWS HACKERS TO BYPASS TWO-FACTOR AUTHENTICATION

Q-CERT team found a critical vulnerability that can allow the attacker to by-pass the two-factor authentication in the popular file sharing service ‘DropBox‘.

Two Factor Authentication is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also a unique code that only user can get via SMS or Call.
Zouheir Abdallah demonstrated that, if an attacker already knows the username and password of the victim’s Dropbox account, which is protected by two-factor authentication, it is still possible to hack that Dropbox account.

Because DropBox does not verify the authenticity of the email addresses used to Sign up a new account, so to exploit this flaw hacker just need to create a new fake account similar to the target’s account and append a dot (.) anywhere in the email address.
In Next step, enable 2-factor authentication for the fake account, and save the emergency code generated at the end of the process. This emergency code feature is provided, in case user lost his phone, then using this backup code user can disable two factor authentication from his account.

Next, logout from the the fake account created by attacker and login into the victim’s account using the real credentials (attacker already have using any keylogger or phishing technique). - See more at: http://backtrack-page.blogspot.com/2013/07/hacking-dropbox-account-vulnerability.html#sthash.vKeXs1MT.dpuf

Because 2-Factor authentication was enabled for victim’s account, so website will ask to enter the OTP code. Leave it, just choose “I Lost My Phone” from the same screen. You will be prompted to use the “Emergency Code”. - See more at: http://backtrack-page.blogspot.com/2013/07/hacking-dropbox-account-vulnerability.html#sthash.vKeXs1MT.dpuf

That’s it ! Use the emergency code generated for the fake account to disable 2-Factor authentication from the victim’s account and attacker will gain full access.

Q-CERT worked with DrobBox security team to patch the issue. - See more at: http://backtrack-page.blogspot.com/2013/07/hacking-dropbox-account-vulnerability.html#sthash.vKeXs1MT.dpuf

Black Hat USA 2013 Official Schedule Announced

The organizers of the world renowned security conference Black Hat have announced the official schedule for Black Hat USA 2013, which will take place between July 27 and August 1 at Caesars Palace in Las Vegas.

This year’s keynote speakers are Gen. Keith Alexander, commander of the US Cyber Command and director of the National Security Agency, and Brian Muirhead, chief engineer at NASA's Jet Propulsion Laboratory.

“The quality of this year’s content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process,” explained Trey Ford, general manager, Black Hat.

“The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens.”

For more details and registration, check out the official Black Hat website. - See more at: http://backtrack-page.blogspot.com/2013/07/black-hat-usa-2013-official-schedule.html#sthash.cusuSeLW.dpuf

ANDROID VULNERABILITY ALLOWS HACKERS TO TURN LEGITIMATE APPS INTO MALICIOUS TROJANS

      Researchers have uncovered an Android security hole that can be exploited by cybercriminals to turn any legitimate application into a malicious Trojan by modifying the APK code without breaking the targeted app’s cryptographic signature.

       Experts from Bluebox Labs, the research team of Bluebox Security, say the vulnerability could affect almost 900 million Android devices. More precisely, Android versions starting with 1.6 are said to be impacted.

       Hackers can exploit the flaw for a wide range of purposes, including data theft and the creation of a mobile botnet. And the worst part is that the modified application can go completely unnoticed not only by the end user, but also by the phone and even the app store.

     Modifying regular apps is bad enough, but experts warn that the security hole can also be leveraged against applications that are granted special elevated privileges (System UID access), such as the ones developed by the device manufacturers, or third parties that work with the device manufacturers.

      Installing a Trojan application that has full permissions allows the attacker to read sensitive data from the phone, and basically take complete control of the device.

“Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these ‘zombie’ mobile devices to create a botnet,” Jeff Forristal, Bluebox CTO,explained.

So how does it work?

    All Android applications contain cryptographic signatures that the operating system uses to determine if an application is legitimate, and if it has been tampered with. 

However, the vulnerability leverages the discrepancies in how apps are cryptographically verified and installed, allowing an attacker to modify the APK code without breaking the cryptographic signature.

      The vulnerability has been reported to Google in February 2013. However, now it’s up to the device manufacturers to develop and release firmware updates for their products.

     Technical details of the vulnerability will be presented by experts at the upcoming BlackHat USA 2013 security conference.