Saturday, May 11, 2013

0 SQL Injection


Please Leave A Comment~ Thank You...!!!

SQL injection and buffer overflows are hacking techniques used to exploit weaknesses in applications. When programs are written, some parameters used in the creation of the application code can leave weaknesses in the program. SQL injection and buffer overflows are covered in the same chapter because they both are methods used to attack application and are generally caused by programming flaws. Generally, the purpose of SQL injection is to convince the application to run SQL code that was not intended. SQL injection is a hacking method used to attack SQL databases, whereas buffer overflows can exist in many different types of applications. SQL injection and buffer overflows are similar exploits in that they’re both usually delivered via a user input field. The input field is where a user may enter a username and password on a website, add data to a URL, or perform a search for a keyword in another application. The SQL injection vulnerability is caused primarily by unverified or unsanitized user input via these fields. Both SQL Server injection and buffer overflow vulnerabilities are caused by the same issue: invalid parameters that are not verified by the application. If programmers don’t take the time to validate the variables a user can enter into a variable field, the results can be serious and unpredictable. Sophisticated hackers can exploit this vulnerability, causing
an execution fault and shutdown of the system or application, or a command shell to be executed for the hacker. SQL injection and buffer overflow countermeasures are designed to utilize secure programming
methods. By changing the variables used by the application code, weaknesses in applications can be greatly minimized. This chapter will detail how to perform a SQL injection and a buffer overflow attack and explore the best countermeasures to prevent the attack. SQL injection occurs when an application processes user-provided data to create a SQL statement without first validating the input. The user input is then submitted to a web application database server for execution. When successfully exploited, SQL injection can give an attacker access to database content or allow the hacker to remotely execute system commands. In the worst-case scenario, the hacker can take control of the server that is hosting the database. This exploit can give a hacker access to a remote shell into the server file system. The impact of a SQL injection attacks depends on where the vulnerability is in the code, how easy it is to exploit the vulnerability, and what level of access the application has to the database. Theoretically, SQL injection can occur in any type of application, but it is most commonly associated with web applications because they are most often attacked. Web applications are easy targets because by their very nature they are open to being accessed from the Internet. You should have a basic understanding of how databases work and how SQL commands are used to access the information in the databases. During a web application SQL injection attack, malicious code is inserted into a web form field or the website’s code to make a system execute a command shell or other arbitrary commands. Just as a legitimate user enters queries and additions to the SQL database via a web form, the hacker can insert commands to the SQL Server through the same web form field. For example, an arbitrary command from a hacker might open a command prompt or display a table from the database. A database table may contain personal information such as credit card numbers, social security numbers, or passwords. SQL Servers are very common database servers and used by many organizations to store confidential data. This makes a SQL Server a high-value target and therefore a system that is very attractive to hackers.

0 The Purpose of SQL Injection


Please Leave A Comment~ Thank You...!!!

SQL injection attacks are used by hackers to achieve certain results. Some SQL exploits will produce valuable user data stored in the database, and some are just precursors to other attacks.

 The following are the most common purposes of a SQL injection attack:

Identifying SQL Injection Vulnerability. The purpose is to probe a web application to discover which parameters and user input fields are vulnerable to SQL injection.

Performing Database Finger-Printing. The purpose is to discover the type and version of database that a web application is using and “fingerprint” the database. Knowing the type and version of the database used by a web application allows an attacker to craft databasespecific attacks.

Determining Database Schema To correctly extract data from a database, the attacker often needs to know database schema information, such as table names, column names, and column data types. This information can be used in a follow-on attack.

Extracting Data. These types of attacks employ techniques that will extract data values from the database. Depending on the type of web application, this information could be sensitive and highly desirable to the attacker.

Adding or Modifying Data. The purpose is to add or change information in a database.

Performing Denial of Service. These attacks are performed to shut down access to a web application, thus denying service to other users. Attacks involving locking or dropping database tables also fall under this category.

Evading Detection. This category refers to certain attack techniques that are employed to avoid auditing and detection.

Bypassing Authentication. The purpose is to allow the attacker to bypass database and application authentication mechanisms. Bypassing such mechanisms could allow the attacker to assume the rights and privileges associated with another application user.


Executing Remote Commands. These types of attacks attempt to execute arbitrary commands on the database. These commands can be stored procedures or functions available to database users.

Performing Privilege Escalation. These attacks take advantage of implementation errors or logical flaws in the database in order to escalate the privileges of the attacker.


0 Rogue Access Points


Please Leave A Comment~ Thank You...!!!

Rogue access points are WLAN access points that aren’t authorized to connect to a network. Rogue APs open a wireless hole into the network. A hacker can plant a rogue AP, or an employee may unknowingly create a security hole by plugging an access point into the network. The resulting rogue AP can be used by anyone who can connect to the AP, including a hacker, giving them access to the wired LAN. This is why it’s critical for organizations to scan for rogue access points. Even organizations that have a “no wireless”
policy need to perform wireless scanning to ensure no rogue APs are connected to the network.

Rogue APs are probably the most dangerous wireless threat that exists because they give a potential hacker direct access to the wired LAN. Clients connecting to rogue access points will usually receive an IP address directly from the network or from the AP and then the traffic is bridged directly on the wired LAN. From there a hacker can perform scanning, enumeration, and system hacking against targets on the wired LAN. Countermeasures to detect and remove rogue access points exist and should be implemented by all organizations. Many enterprise WLAN controller–based management solutions have the ability to perform rogue access point detection. These controller-based solutions include the ability to monitor the air using either access points or sensors/monitors, or both. Access points by nature must remain on a channel while clients are connected in order to service those clients, whereas sensors and monitors are able to continually scan the air on all channels in the frequency band to capture possible rogue access point wireless transmissions. These wireless MAC addresses are compared to addresses received on the wire to determine if the AP is connected to the same LAN as the wireless intrusion detection system (WIDS) or wireless intrusion prevention system (WIPS). Some WIPSs can also keep clients from connecting to rogue access points by sending spoofed deauthentication frames to any client attempting to connect to the rogue AP thus keeping clients from sending data through the rogue AP. Overlay WIDS/WIPS systems can also be helpful in detecting rogue access points by triangulating the position of the rogue AP. Enterprise WLAN WIPS and overlay WIPS are only temporary detection and containment options. The primary goal should be to locate the rogue AP and remove it from the network.

0 Wireless Hacking Techniques


Please Leave A Comment~ Thank You...!!!

Most wireless hacking attacks can be categorized as follows:

Cracking Encryption and Authentication Mechanisms. These mechanisms include cracking WEP, WPA preshared key authentication passphrases, and Cisco’s Lightweight EAP authentication (LEAP). Hackers can use these mechanisms to connect to the WLAN using stolen credentials or can capture other users’ data and decrypt or encrypt it. A protection against this attack is to implement a stronger type of encryption, such as AES.

Eavesdropping or Sniffing. This type of attack involves capturing passwords or other confidential information from an unencrypted WLAN or hotspot. A protection against this attack is to use SSL application-layer encryption or a VPN to secure user data.

Denial of Service. DoS can be performed at the physical layer by creating a louder RF signature than the AP with an RF transmitter, causing an approved AP to fail so users connect to a rogue AP. DoS can be performed at the Logical Link Control (LLC) layer by generating deauthentication frames (deauth attacks), by continuously generating bogus frames, or by having a wireless NIC send a constant stream of raw RF (Queensland attack). A countermeasure is to enforce a security perimeter around your WLAN and detect and remove sources of DoS attacks using an IDS.

AP Masquerading or Spoofing Rogue. APs pretend to be legitimate APs by using the same configuration SSID settings or network name. A countermeasure to AP masquerading is to use a WIDS to detect and locate spoofed APs.

MAC Spoofing. The hacker pretends to be a legitimate WLAN client and bypasses MAC filters by spoofing another user’s MAC address. WIDSs can detect MAC spoofing, and not using MAC filtering is a way to avoid MAC spoofing attacks.

Planting Rogue Access Points. The most dangerous attack is a rogue AP that has been planted to allow a hacker access to the target LAN. A countermeasure is to use a WIPS to detect and locate rogue APs.

Wireless networks give a hacker an easy way into the network if the AP isn’t secured properly. There are many ways to hack or exploit the vulnerabilities of a WLAN. There are also effective countermeasures to many of these attacks.

0 Securing Home Wireless Networks


Please Leave A Comment~ Thank You...!!!
Many people setting up wireless home networks rush through the job to get their Internet connectivity working as quickly as possible. The small office, home office (SOHO) networking products on the market make setup quick and easy but not necessarily secure. Configuring additional security features can be time consuming and nonintuitive for some home users, and therefore they may not implement any security mechanism at all. These days wireless networking products are so ubiquitous and inexpensive that just about anyone can set up a WLAN in a matter of minutes with less than $100 worth of equipment. This widespread use of wireless networks means that there may be dozens of potential network intruders within range of your home or office WLAN. Most WLAN hardware has gotten easy enough to set up that many users simply plug it in and start using the network without giving much thought to security. Nevertheless, taking a few extra minutes to configure the security features of your wireless router or access point is time well spent.

The following recommendations will improve the security of your home wireless network:

Change default administrator passwords and usernames. When configuring your home access point, you usually use a web browser to access the configuration interface. Almost all routers and access points have an administrator password that’s needed to log into the device and modify any configuration settings. To set up these pieces of equipment, manufacturers provide a default username and password. Many of the default logins are simple (such as username=admin and password=admin) and very well known to hackers on the Internet. Most devices use a weak default password like “password” or the manufacturer’s name, and some don’t have a default password at all. You should change the default password on your home AP as soon as possible. As soon as you set up a new WLAN router or access point, your first step should be to change the default administrative password to something else.

Use WEP/WPA encryption. Most Wi-Fi equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by hackers. You should configure the strongest form of encryption that works with your wireless clients. 802.11’s WEP (Wired Equivalency Privacy) encryption has wellknown weaknesses that make it relatively easy for a determined user with the right equipment to crack the encryption and access the wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPA provides much better protection and is also easier to use, since your password characters aren’t limited to 0–9 and A–F as they are with WEP. (Note: WEP can also use ASCII keys.)

Change the default SSID. Access points use a network name called an SSID to advertise the network to wireless users. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally “Linksys.” Just knowing the SSID does not by itself allow your neighbors to break into your network, but it is a start. More importantly, when someone finds a default SSID, it is usually an indication of a poorly configured network. You should change the default SSID immediately when configuring wireless security on your network.

Do not auto-connect to open Wi-Fi networks. Connecting to an open Wi-Fi network such as a free wireless hotspot or an unknown WLAN exposes your computer to security risks. Most computers have a setting available allowing these connections to happen automatically without notifying you. Most versions of Windows will reconnect to a previously connected SSID. This setting should not be enabled except in temporary situations.

Enable firewall settings on your laptop and home access point. Most network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router’s firewall is turned on. You should always install and configure personal firewall software on each computer connected to the router.

Reduce your WLAN transmitter power. You won’t find this feature on all wireless routers and access points, but some allow you to lower the power of your WLAN transmitter and thus reduce the range of the signal. (Normally this feature is only available with enterpriseclass access points.) Although it’s usually impossible to fine-tune a signal so precisely that it won’t leak outside your home or business, with some trial and error you can often limit how far outside your premises the signal reaches, minimizing the opportunity for outsiders to access your WLAN. This will also improve your throughput on your access point by limiting the wireless cell to just your premise.

Disable remote administration. Most WLAN routers have the ability to be remotely administered via the Internet. Ideally, you should use this feature only if it lets you define a specific IP address or limited range of addresses that will be able to access the router. Otherwise, almost anyone anywhere could potentially find and access your router. As a rule, unless you absolutely need this capability, it’s best to keep remote administration turned off.


0 Linux System


Please Leave A Comment~ Thank You...!!!

Linux is a popular operating system with system administrators because of its open source code and its flexibility, which allows anyone to modify it. Because of the open source nature of Linux, there are many different versions, known as distributions (or distros). Several of the Linux distributions have become robust commercial operating systems for use on workstations as well as servers. Popular commercial distributions include Red Hat, Debian, Mandrake, and SUSE; some of the most common free versions are Gentoo and Knoppix. Linux’s flexibility and the fact that it’s open source, together with the increase in Linux applications, have made Linux the operating system of choice for many systems. Although Linux has inherently tighter security than Windows operating systems, it also has vulnerabilities that can be exploited. This chapter covers the basics of getting started using Linux as an operating system and knowing how to harden the system to attacks.

Linux is loosely based on Unix, and anyone familiar with working in a Unix environment should be able to use a Linux system. All standard commands and utilities are included on most distros. Many text editors are available inside a Linux system, including vi, ex, pico, jove, and GNU emacs. Many Unix users prefer “simple” editors like vi. But vi has many limitations due to its age, and most modern editors like emacs have gained popularity in recent years. Most of the basic Linux utilities are GNU software, meaning they are freely distributed to the community. GNU utilities also support advanced features that are not found in the standard versions of BSD and UNIX System. However, GNU utilities are intended to remain compatible with BSD.

A shell is a command-line program interface that allows a user to enter commands, and the system executes commands from the user. In addition, many shells provide features like job control, the ability to manage several processes at once, input and output redirection, and a command language for writing shell scripts. A shell script is a program written in the shell’s command language and is similar to an MS-DOS batch file. Many types of shells are available for Linux. The most important difference among shells is the command language. For example, the C SHell (csh) uses a command language similar to the C programming language. The classic Bourne SHell (sh) uses another command language. The choice of a shell is often based on the command language it provides, and determines which features will be available to the user.


0 How ARP Works


Please Leave A Comment~ Thank You...!!!

ARP allows the network to translate IP addresses into MAC addresses. When one host using TCP/IP on a LAN tries to contact another, it needs the MAC address or hardware address of the host it’s trying to reach. It first looks in its ARP cache to see if it already has the MAC address; if it doesn’t, it broadcasts an ARP request asking, “Who has the IP address I’m looking for?” If the host that has that IP address hears the ARP query, it responds with its own MAC address, and a conversation can begin using TCP/IP. ARP poisoning is a technique that’s used to attack an Ethernet network and that may let an attacker sniff data frames on a switched LAN or stop the traffic altogether. ARP poisoning utilizes ARP spoofing, where the purpose is to send fake, or spoofed, ARP messages to an Ethernet LAN. These frames contain false MAC addresses that confuse network devices such as network switches. As a result, frames intended for one machine can be mistakenly sent to another (allowing the packets to be sniffed) or to an unreachable host (a denial-ofservice, or DoS, attack). ARP spoofing can also be used in a man-in-the-middle attack, in which all traffic is forwarded through a host by means of ARP spoofing and analyzed for passwords and other information.

0 How a Sniffer Works


Please Leave A Comment~ Thank You...!!!


Sniffer software works by capturing packets not destined for the sniffer system’s MAC address but rather for a target’s destination MAC address. This is known as promiscuous mode. Normally, a system on the network reads and responds only to traffic sent directly to its MAC address. However, many hacking tools change the system’s NIC to promiscuous mode. In promiscuous mode, a NIC reads all traffic and sends it to the sniffer for processing. Promiscuous mode is enabled on a network card with the installation of special driver software. Many of the hacking tools for sniffing include a promiscuous-mode driver to facilitate this process. Not all Windows drivers support promiscuous mode, so when using hacking tools ensure that the driver will support the necessary mode. Any protocols that don’t encrypt data are susceptible to sniffing. Protocols such as HTTP, POP3, Simple Network Management Protocol (SNMP), and FTP are most commonly captured using a sniffer and viewed by a hacker to gather valuable information such as usernames and passwords. There are two different types of sniffing: passive and active. Passive sniffing involves listening and capturing traffic, and is useful in a network connected by hubs; active sniffing involves launching an Address Resolution Protocol (ARP) spoofing or traffic-flooding attack against a switch in order to capture traffic. As the names indicate, active sniffing is detectable but passive sniffing is not detectable. In networks that use hubs or wireless media to connect systems, all hosts on the network can see all traffic; therefore, a passive packet sniffer can capture traffic going to and from all hosts connected via the hub. A switched network operates differently. The switch looks at the data sent to it and tries to forward packets to their intended recipients based on MAC address. The switch maintains a MAC table of all the systems and the port numbers to which they’re connected. This enables the switch to segment the network traffic and send traffic only to the correct destination MAC addresses. A switch network has greatly improved throughput and is more secure than a shared network connected via hubs. Another way to sniff data through a switch is to use a span port or port mirroring to enable all data sent to a physical switch port to be duplicated to another port. In many cases, span ports are used by network administrators to monitor traffic for legitimate purposes.

0 Gathering Data from Networks: Sniffers


Please Leave A Comment~ Thank You...!!!

A sniffer is a packet-capturing or frame-capturing tool. It basically captures and displays the data as it is being transmitted from host to host on the network. Generally a sniffer intercepts traffic on the network and displays it in either a command-line or GUI format for a hacker to view. Most sniffers display both the Layer 2 (frame) or Layer 3 (packet) headers and the data payload. Some sophisticated sniffers interpret the packets and can reassemble the packet stream into the original data, such as an email or a document. Sniffers are used to capture traffic sent between two systems, but they can also provide a lot of other information. Depending on how the sniffer is used and the security measures in place, a hacker can use a sniffer to discover usernames, passwords, and other confidential information transmitted on the network. Several hacking attacks and various hacking tools require the use of a sniffer to obtain important information sent from the target system. This chapter will describe how sniffers work and identify the most common sniffer hacking tools.



Sunday, May 5, 2013

0 Types Of Computer Virus


Please Leave A Comment~ Thank You...!!!

Computer viruses can be classified into several different types. The first and most common type is the virus which infects any application program. On IBM PC’s and clones running under PC-DOS or MS-DOS, most programs and data which do not belong to the operating system itself are stored as files. Each file has a file name eight characters long, and an extent which is three characters long. A typical file might be called “TRUE.TXT”, where “TRUE” is the name and “TXT” is the extent. The extent normally gives some information about the nature of a file—in this case “TRUE.TXT” might be a text file. Programs must always have an extent of “COM”, “EXE”, or “SYS”. Under DOS, only files with these extents can be executed by the central processing unit. If the user tries to execute any other type of file, DOS will generate an error and reject the attempt to execute the file.


Since a virus’ goal is to get executed by the computer, it must attach itself to a COM, EXE or SYS file. If it attaches to any other file, it may corrupt some data, but it won’t normally get executed, and it won’t reproduce. Since each of these types of executable files has a different structure, a virus must be designed to attach itself to a particular type of file. A virus designed to attack COM files cannot attack EXE files, and vice versa, and neither can attack SYS files. Of course, one could design a virus that would attack two or even three kinds of files, but it would require a separate reproduction method for each file type.


The next major type of virus seeks to attach itself to a specific file, rather than attacking any file of a given type. Thus, we might call it an application-specific virus. These viruses make use of a detailed knowledge of the files they attack to hide better than would be possible if they were able to infiltrate just any file. For example, they might hide in a data area inside the program rather than lengthening the file. However, in order to do that, the virus must know where the data area is located in the program, and that differs from program to program.


This second type of virus usually concentrates on the files associated to DOS, like COMMAND.COM, since they are on virtually every PC in existence. Regardless of which file such a virus attacks, though, it must be very, very common, or the virus will never be able to find another copy of that file to reproduce in, and so it will not go anywhere. Only with a file like COMMAND.COM would it be possible to begin leaping from machine to machine and travel around the world.

The final type of virus is known as a “boot sector virus.” This virus is a further refinement of the application-specific virus, which attacks a specific location on a computer’s disk drive, known as the boot sector. The boot sector is the first thing a computer loads into memory from disk and executes when it is turned on. By attacking this area of the disk, the virus can gain control of the computer immediately, every time it is turned on, before any other program can execute. In this way, the virus can execute before any other program or person can detect its existence.





0 Land Attacks,Smurf Attacks,UDP Flooding


Please Leave A Comment~ Thank You...!!!

Land Attacks
A Land attack is similar to a SYN attack, the only difference being that instead of a bad IP Address, the IP address of the target system itself is used. This creates an infinite loop between the target system and the target system itself. However, almost all systems have filters or firewalls against such attacks.

Smurf Attacks
A Smurf attack is a sort of Brute Force DOS Attack, in which a huge number of Ping Requests are sent to a system (normally the router) in the Target Network, using Spoofed IP Addresses from within the target network. As and when the router gets a PING message, it will route it or echo it back, in turn flooding the Network with Packets, and jamming the traffic. If there are a large number of nodes, hosts etc in the Network, then it can easily clog the entire network and prevent any use of the services provided by it.

UDP Flooding
This kind of flooding is done against two target systems and can be used to stop the services offered by any of the two systems. Both of the target systems are connected to each other, one generating a series of characters for each packet received or in other words, requesting UDP character generating service while the other system, echoes all characters it receives. This creates an infinite non-stopping loop between the two systems, making them useless for any data exchange or service provision.

0 Distributed DOS Attacks


Please Leave A Comment~ Thank You...!!!

DOS attacks are not new; in fact they have been around for a long time. However there has been a recent wave of Distributed Denial of Services attacks which pose a great threat to Security and are on the verge of overtaking Viruses/Trojans to become the deadliest threat to Internet Security. Now you see, in almost all of the above TCP/IP vulnerabilities, which are being exploited by hackers, there is a huge chance of the target's system administrator or the authorities tracing the attacks and getting hold of the attacker.

Now what is commonly being done is, say a group of 5 Hackers join and decide to bring a Fortune 500 company's server down. Now each one of them breaks into a smaller less protected network and takes over it. So now they have 5 networks and supposing there are around 20 systems in each network, it gives these Hackers, around 100 systems in all to attack from. So they sitting on there home computer, connect to the hacked less protected Network, install a Denial of Service Tool on these hacked networks and using these hacked systems in the various networks launch Attacks on the actual Fortune 500 Company. This makes the hackers less easy to detect and helps them to do what they wanted to do without getting caught. As they have full control over the smaller less protected network they can easily remove all traces before the authorities get there.

Not even a single system connected to the Internet is safe from such DDOS attacks. All platforms Including Unix, Windows NT are vulnerable to such attacks. Even MacOS has not been spared, as some of them are being used to conduct such DDOS attacks.

0 SYN Attack


Please Leave A Comment~ Thank You...!!!
The SYN attack exploits TCP/IP's three-way handshake. Thus in order to understand as to how SYN Attacks work, you need to first know how TCP/IP establishes a connection between two systems. Whenever a client wants to establish a connection with a host, then three steps take place. These three steps are referred to as the three-way handshake. In a normal three way handshake, what happens is that, the client sends a SYN packet to the host, the host replies to this packet with a SYN ACK packet. Then the client responds with a ACK (Acknowledgement) packet. This will be clearer after the following depiction of these steps-:

1. Client --------SYN Packet--------------à Host

In the first step the client sends a SYN packet to the host, with whom it wants to establish a three-way connection. The SYN packet requests the remote system for a connection. It also contains the Initial Sequence Number or ISN of the client, which is needed by the host to put back the fragmented data in the correct sequence.

2. Host -------------SYN/ACK Packet----------à Client

In the second step, the host replies to the client with a SYN/ACK packet. This packet acknowledges the SYN packet sent by the client and sends the client its own ISN.

3. Client --------------ACK-----------------------à Host
In the last step the client acknowledges the SYN/ACK packet sent by the host by replying with a ACK packet. 

These three steps together are known as the 3-way handshake and only when they are completed is a complete TCP/IP connection established. In a SYN attack, several SYN packets are sent to the server but all these SYN packets have a bad source IP Address. When the target system receives these SYN Packets with Bad IP Addresses, it tries to respond to each one of them with a SYN ACK packet. Now the target system waits for an ACK message to come from the bad IP address. However, as the bad IP does not actually exist, the target system never actually receives the ACK packet. It thus queues up all these requests until it receives an ACK message. The requests are not removed unless and until, the remote target system gets an ACK message. Hence these requests take up or occupy valuable resources of the target machine.

To actually affect the target system, a large number of SYN bad IP packets have to be sent. As these packets have a Bad Source IP, they queue up, use up resources and memory or the target system and eventually crash, hang or reboot the system.

0 Teardrop


Please Leave A Comment~ Thank You...!!!

The Teardrop attack exploits the vulnerability present in the reassembling of data packets. Whenever data is being sent over the Internet, it is broken down into smaller fragments at the source system and put together at the destination system. Say you need to send 4000 bytes of data from one system to the other, then not all of the 4000 bytes is sent at one go. This entire chunk of data is first broken down into smaller parts and divided into a number of The Teardrop attack exploits the vulnerability present in the reassembling of data packets. Whenever data is being sent over the Internet, it is broken down into smaller fragments at the source system and put together at the destination system. Say you need to send 4000 bytes of data from one system to the other, then not all of the 4000 bytes is sent at one go. This entire chunk of data is first broken down into smaller parts and divided into a number of  packets, with each packet carrying a specified range of data. For Example, say 4000 bytes is divided into 3 packets,then:

The first Packet will carry data from 1 byte to 1500 bytes
The second Packet will carry data from 1501 bytes to 3000 bytes
The third packet will carry data from 3001 bytes to 4000 bytes

These packets have an OFFSET field in their TCP header part. This Offset field specifies from which byte to which byte does that particular data packet carries data or the range of data that it is carrying. This along with the sequence numbers helps the destination system to reassemble the data packets in the correct order. Now in this attack, a series of data packets are sent to the target system with overlapping Offset field values. As a result, the target system is not able to reassemble the packets and is forced to crash, hang or reboot. 

For example, consider the following scenario-:

 (Note: _ _ _ = 1 Data Packet) Normally a system receives data packets in the following form, with no overlapping Offset values.
_ _ _ _ _ _ _ _ _
(1 to 1500 bytes) (1501 to 3000 bytes) (3001 to 4500 bytes)
Now in a Teardrop attack, the data packets are sent to the target computer in the following format:
_ _ _ _ _ _ _ _ _
(1 to 1500 bytes) (1500 to 3000 bytes) (1001 to 3600 bytes)

When the target system receives something like the above, it simply cannot handle it and will crash or hang or reboot.

0 Ping Of Death


Please Leave A Comment~ Thank You...!!!

This vulnerability is quite well known and was earlier commonly used to hang remote systems (or even force them to reboot) so that no users can use its services. This exploit no longer works, as almost all system administrators would have upgraded their systems making them safe from such attacks. In this attack, the target system is pinged with a data packet that exceeds the maximum bytes allowed by TCP/IP, which is 65 536. This would have almost always caused the remote system to hang, reboot or crash. This DOS attack could be carried out even through the command line, in the following manner:

The following Ping command creates a giant datagram of the size 65540 for Ping. It might hang the victim's
computer:

C:\windows>ping -l 65540

0 DOS Attacked


Please Leave A Comment~ Thank You...!!!

DOS Attacks or Denial Of Services Attack have become very common amongst Hackers who use them as a path to fame and respect in the underground groups of the Internet. Denial of Service Attacks basically means denying valid Internet and Network users from using the services of the target network or server. It basically means, launching an attack, which will temporarily make the services, offered by the Network unusable by legitimate users. In others words one can describe a DOS attack, saying that a DOS attack is one in which you clog up so much memory on the target system that it cannot serve legitimate users. Or you send the target system data packets, which cannot be handled by it and thus causes it to either crash, reboot or more commonly deny services to legitimate users.

DOS Attacks are of the following different types-:
1. Those that exploit vulnerabilities in the TCP/IP protocols suite.
2. Those that exploit vulnerabilities in the Ipv4 implementation.
3 There are also some brute force attacks, which try to use up all resources of the target system and make
the services unusable.


Saturday, May 4, 2013

2 Movie Download Site List


Please Leave A Comment~ Thank You...!!!


ENJOY WATCHING/DOWNLOAD ONLINE

http://jieazzmovie.net/ 
http://kerangsedut.net/ 
http://torrent.jiwang.cc/ 
http://jiwang.ws/
http://jiwang.org/
http://jiwang.net/
http://amsmuvee.blogspot.com/
http://www.teamhanna.org
http://720pmkv.com/
http://urgrove.com/ 
http://www.yify-torrents.com/
http://malaysubs.com/ 
http://gudguy.bplaced.net/movies/ 
http://our-debrid.com/ [
http://say-blu-ray.com/ 
http://www.uniquerelease.com/ 
http://fullm0vie.blogspot.com 
http://www.ddmf.biz/ 
http://fullmovietube.net/
http://www.hdbitz.org
http://www.1channel.ch/ 
http://www.myrls.eu/ 
http://www.Xesion-Tube.com 
http://collb9.blogspot.com/
http://www.movies-games-and-music.com/ 
http://divxcrawler.com/
http://www.movie2b.com/
http://www.syok.org/
http://akumuzikhampa.blogspot.com/
http://www.mediafire4u.com/
http://www.teamaryzs.com/
http://www.sedut.org/
http://www.kraetiv.net/
http://www.ohcerita.com/
http://loadedmovies.com/
http://www.youtube.com/movies
http://directdownloadheaven.blogspot.com/
http://tvmoviedownload.net/
http://iwatchfilm.com/
http://www.usharing.blogspot.com/
http://malaysiatvtube.blogspot.com/
http://thepiratebay.org/
http://mediafiremoviez.com/
http://www.moviesubtitles.org/
http://download2movies.com/
http://torrentz.eu/
http://www.ftmovie.com/
http://www.100kmovie.com/
http://www.movie4people.net/
http://www.likecinema.net/
http://www.downloadmoviesforfree.co/
http://www.soulfilms.com/
http://www.movies-tv.com/
http://all-movies.in/
http://movielab.tv/
http://www.torrentreactor.net/
http://www.vertor.com/
http://www.ionlinemovie.com/
http://www.moviemotion.me/
http://full-movie-downloads.net/
http://moviedatalist.com/
http://www.ahashare.com/
http://www.globalmovies.net/
http://downloadmovienow.com/
http://www.mediafire-movie.com/
http://www.torrentshq.com/
http://powerddl.com/
http://okfilm.com/
http://mydownloadtwou.blogspot.com/
http://directdownloadmoviefree.blogspot.com/
http://myasiancinema.com/
http://143movie.blogspot.com/
http://mediafiremalaysia.blogspot.com/
http://lanuninternet.com/
http://www.teambalqis.com/
http://berdesup.com/
http://www.ganool.com/
http://www.loadzoom.com
http://divxcrawler.com/
http://www.movie2b.com/
http://www.moviewatchlist.com/
http://www.kraetiv.net/
http://www.ohcerita.com/
http://loadedmovies.com/
http://directdownloadheaven.blogspot.com/
http://tvmoviedownload.net/
http://iwatchfilm.com/
http://www.usharing.blogspot.com/
http://malaysiatvtube.blogspot.com/
http://thepiratebay.org/
http://mediafiremoviez.com/
http://www.moviesubtitles.org/ 
http://download2movies.com
http://torrentz.eu/
http://www.ftmovie.com/
http://www.100kmovie.com/
http://www.movie4people.net/
http://www.likecinema.net/
http://www.downloadmoviesforfree.co/
http://www.soulfilms.com/
http://www.movies-tv.com/
http://all-movies.in/
http://movielab.tv/
http://www.torrentreactor.net
http://www.vertor.com/
http://www.ionlinemovie.com/
http://www.moviemotion.me/
http://full-movie-downloads.net/
http://moviedatalist.com/
http://www.ahashare.com/
http://www.globalmovies.net/
http://downloadmovienow.com/
http://www.mediafire-movie.com/
http://www.torrentshq.com/
http://powerddl.com/
http://okfilm.com/
http://mydownloadtwou.blogspot.com/
http://directdownloadmoviefree.blogspot.com/
http://myasiancinema.com/
http://143movie.blogspot.com/
http://mediafiremalaysia.blogspot.com/
http://lanuninternet.com/
http://berdesup.com/
http://amoviesz.com/
http://www.shaanig.com/
http://www.deepseamovies.com/
http://gangkakidownload.blogspot.com/
http://hdbitz.org/
http://300mbunited.com/
http://www.vanspablo.com/
http://www.alluc.org/


Credit to - Malaysia Cyber Hacker

0 ShellCode HandBook Download


Please Leave A Comment~ Thank You...!!!

What is Shellcode?
In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine, but any piece of code that performs a similar task can be called shellcode. Because the function of a payload is not limited to merely spawning a shell, some have suggested that the name shellcode is insufficient. However, attempts at replacing the term have not gained wide acceptance. Shellcode is commonly written in machine code.

Today i will sharing a ShellCode HandBook

Download 


Password Rar - mrkudau

0 What is Google+ (Google Plus) and do I need it?


Please Leave A Comment~ Thank You...!!!


If you listen carefully to what Googles are saying you will get some nice insights into what the intentions from Google are. They are going to change the online world with Google Plus and the crux is data, identification, personalization and integration.

"The internet needs and identity server and people have been confused and talked of this many times. But the issue in the internet is not the lack of Facebook and the internet is the lack of identity."