Tuesday 10 December 2013

What is Tabnabbing?

What is Tabnabbing?

Tabnabbing is a computer exploit and phishing attack, which persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack's name was coined in early 2010 by Aza Raskin, a security researcher and design expert.

The attack takes advantage of user trust and inattention to detail in regard to tabs, and the ability of modern web pages to rewrite tabs and their contents a long time after the page is loaded. Tabnabbing operates in reverse of most phishing attacks in that it doesn’t ask users to click on an obfuscated link but instead loads a fake page in one of the open tabs in your browser.

The exploit employs scripts to rewrite a page of average interest with an impersonation of a well-known website, when left unattended for some time. A user who returns after a while and sees the rewritten page may be induced to believe the page is legitimate and enter their login, password and other details that will be used for improper purposes.

The attack can be made more likely to succeed if the script checks for well known Web sites the user has loaded in the past or in other tabs, and loads a simulation of the same sites. This attack can be done even if JavaScript is disabled, using the "meta refresh" meta element, an HTML attribute used for page redirection that causes a reload of a specified new page after a given time interval.

The NoScript extension for Mozilla Firefox defends both from the JavaScript-based and from the scriptless attack, based on meta refresh, by preventing inactive tabs from changing the location of the page.
Admin at No comments:
Labels:

Some Important Programming Language

List of must know programming languages

1. C Language:
C language was developed in 1972 by Dennis Ritchie which was initially designed for Unix. Its a compiled, procedural language. C program are still very fast in execution however because of its platform dependency C programs need to compile with different architecture and operating system.

2. JAVA:
This object oriented language was designed in 1995 by Sun microsystem which is currently owned by Oracle. Java is very popular among developers because of its security and platform dependency though the speed of execution is still not very impressive. Its large library makes it easier to build complex applications though you may can miss the freedom in code.

3. PHP:
PHP was originally developed by Rasmus Lerdorf in 1996 in order to create dynamic web pages. Being a server side language, its really powerful due to its flexibility and frequently picked by Hackers while performing various attacks mail spoofing, mail bombing and phishing. PHP folks keep updating their libraries and its really better since its version 5. Overtime it eventually grow up into a fully featured object oriented language.

4. Android:
Android is getting popular these days because of its simple structure, open source and flexible nature. Since you can make cool and tricky features and can simply run them holding the in your palm. Android is really cool technology to hand out with for both career and fun.

5. Python:
Python was developed in late 1980's by Guido van Rossum intended for general programming purpose. In the early 2000, python actually gained popularity among geeks and now its fully accepted by many organizations like Google and Ubuntu.

6. C#:
C# is mainly used of .NET framework intended to work with Windows platform. Its first preference for windows guys because of its huge library and java like similar programming structure.

7. Ruby:
Ruby was initially developed in 1995 written by Yukihiro Matsumoto as one of the most object oriented languages. If you're an object oriented nerd then Ruby is something you can simply neglect, here numbers and even letters can have method calls.

8. Delphi:
Delphi has pioneered an era of rapid application development by introducing crucial features that have notably decreased application prototyping times. It has great advantages over Visual Basic both in terms of speed and library. Delphi can be used for writing some cool hack stuff like spy software and malware.
Admin at No comments:
Labels:

Monday 9 December 2013

Alternates Softwares For Linux

,
These alternatives are more reliable, less buggy, more secure, easy-to-upgrade, easy-to-install, large user-group-support and that don’t crashes similar to their alternatives for windows. Get ready to change the prevailing notion, along the article.

1. Microsoft Office

If you had worked on Windows you would probably be familiar with Microsoft Office.Microsoft Office is the only office suit that Windows Ships that is used to create or edit formatted text document, and you have to buy it separately i.e., this package doesn’t comes with the Windows OS. The alternative to Microsoft Office is Libreoffice.
Libreoffice is fast, contains necessary plugins like PDF converter inbuilt and installed, does not break oftenly, comes bundled with many distros (e.g., Debian). A file created in Ms Officecould be opened and/or edited in LibreOffice but the vice-versa is not true. A file can be created to be Ms Office compatible in LibreOffice but the vice-versa is again not true. The main installer of LibreOffice is nearly 175 MB as compared to Ms Office which is over 500 MB.
Certain other alternatives are OpenOfficeAbiWord, etc.
  1. Libreoffice Download and Installation
  2. Open Office Download and Installation
  3. AbiWord Download: Download
All of them are available for Windows too, however Ms Office is not supported in Linux but you can certainly use wine to install MS office to Linux, that’s the power of Linux.

2. MS Notepad

MS Notepad is another program that is pre-built in Windows box. Some of the alternatives ofNotepad are.
  1. gedit Download: Download
  2. jEdit Download: Download
  3. Kate Download: Download
  4. leafpad Downlaod: Download
  5. NEdit Download: Download
  6. Scribes Download: Download
  7. tpad Download: Download

3. Microsoft Internet Explorer

Internet surfing is the most widely used task one perform using a computer. Windows ships their OS with Internet Explorer or IExplorer as Browser. Before Saying anything aboutIExplorer, one quotation that is too hilarious, commonly shared as – “IExplorer is the best browser available, to download another browser”. You will rarely find anyone using IExplorereven on Windows platform (I Fear, if Bill Gates himself is using another browser for his personal computing). The alternative to Ms IExplorer is Firefox.
Firefox is highly customisable, according to users’ need. Firefox Supports a number of plugins and when it comes to security, IExplorer is a way far behind Firefox.
Certain other alternatives are EpiphanyKonqueror, Opera, etc.
  1. Firefox: Download
  2. Epiphany: Download
  3. Konqueror: Download
  4. Opera: Download
Most of them are available for Windows too and some of them are even available for Mobile Devices.

4. Windows AOL

Windows AOL Instant Messenger, commonly called as AIM, is the Instant Messenger, provided by Windows. Some of the alternatives of AIM are.
  1. Instantbird: Download
  2. Kopete: Download
  3. Pidgin: Download
  4. PSI: Download

5. Adobe Photoshop

Why should one use a program that is too high on processor as well as money and when theFoss alternative of the software is low on processor and provides you with more tools and is very easy to use. Gimp is a very nice alternative of Adobe Photoshop.
Gimp is written in C and GTK+ and Photoshop in C++ which makes photoshop a nice tool but it’s constraint is being close source program that cost too much on cost and processor load.Gimp comes packed with almost all the distros. Another alternatives is CinePaint.
  1. Gimp Download: Download
  2. CinePaint Downlaod: Download
Gimp too can be installed on Windows.

6. Ms Paint

Ms Paint is another tool that however comes bundled with the Windows box. Why don’t you try yourself the alternative of this program and tell us which one you liked the most?
  1. KolourPaint Download: Download
  2. Pencil Download: Download
  3. Pinta Download: Download
  4. Tuxpaint Download: Download

7. Nero Burning ROM

Nero provide tools for burning optical disk. There lies many strong reason to find an alternative software of Nero. Firstly Nero is not supported in Linux followed by Nero makes the Drive and Disk to freeze, it is closed source and it costs too high on purse. Brasero is a very nice alternative to Nero.
Brasero is free, open source tool, the output of which is very reliable. Other alternatives ofNero are:
  1. Brasero Download: Download
  2. GnomeBaker: Download Download
  3. Graveman! Download: Download
  4. K3b Download: Download
  5. X-CD-Roast Download: Download

8. Microsoft Windows Media Center

PC entertainment system that comes with Windows 7 and later, however it is not available for Windows prior to Windows7. It requires high-end graphics card for full functionality and results in Windows freezing oftenly. Why don’t you try the alternative of this, without any constraints and walls and tell us your experience.
Alternatives of Microsoft Windows Media Center are:
  1. Freevo Download: Download
  2. LinuxMCE Download: Download
  3. Moovida Download: Download
  4. MythTV Download: Download
  5. XBMC Media Center Download: Download

9. Windows Media PLayer

Windows Media Player is shipped with the Windows, but the same look and feel for years, frequent resulting into BSOD (Blue Screen Of Death), bugs and poor codec support are the backdraws of Windows Media PlayerVLC is a very pleasing alternative for Windows media player and all other media player for all the platform.
VLC gets frequent updates, resulting in less bugs, plenty of codecs support and a sneak look.
Other Alternatives of Windows Media Player are:
  1. VLC Player Download: Download
  2. KPlayer Download: Download
  3. Mplayer Download: Download
  4. Xine Download: Download
There are certain fancy media players that can run from terminal, giving you a Geeky feeling viz., CMUS.

10. Windows Movie Maker

Many of the newbie believes that Linux is a too Geeky thing and perhaps there is no support for high quality videos editing. So they appraise Linux Environment for their Geekyproductivity environment but when it comes to video editing, they sees towards either Windows or MacCinlerra is much advanced alternative of Windows Movie Maker.
Alternative of Movie Maker are:
  1. Cinelerra Download: Download
  2. Kdenlive Download: Download
  3. LiVES Download: Download
  4. Open Movie Editor Download: Download
  5. OpenShot Download: Download
  6. PiTiVi Download: Download
  7. VideoLAN Movie Creator Download: Download

11. Partition Magic

Partition Magic is a tool for creating or repartitioning a mass storage device or block. Ok, if you don’t know about the alternative of this closed source software then give a look at these alternatives, you surely will love the power provided to you with these Foss software’s.
  1. GParted Download: Download
  2. Palimpsest Download: Download
  3. Partimage Download: Download
  4. QtParted Download: Download

12. utorrent

A general user come across torrent download most oftenly, when in a closed source,utorrent could be a good option but certainly there exist a better plan. Try Transmission orqBittorent.
  1. qBittorrent Download: Download
  2. Transmission Download: Download

13. Adobe Acrobat Reader

To view Portable Document file, a Windows user must have Adobe Acrobat Reader installed in their system. Well if you have used the above, you might be aware that adobe for no reason prompts you to download and install updates every second day, and you have the same software from the first day you installed to the day you installed 100th update.
Moreover it provides you with the feature only to view the portable file. Just move your sight from proprietary software to Foss and give a try to the below mentioned packages. At least one of them comes with almost every Linux distribution pre-built and installed.
  1. Evince Download: Download
  2. okular Download: Download
  3. Xpdf Download: Download
This is the power and popularity of Linux that a FOSS Project has several Alternative Foss Project. So our competition is not with other platform but within the same platform, giving choice of use without any bottleneck. This healthy competition is a sign of good future forFoss World but certainly a threatening to other platforms.
Admin at No comments:
Labels:

Sunday 1 December 2013

Remove Bios Password

*                           Remove BIOS Password                            *



If you encounter a password prompt at boot or the BIOS or CMOS setup is locked as shown below and you do not know the password you will need to clear the BIOS password using the suggestions listed below.
CMOS setup locked password screen
Clear using jumper (recommended)
Caution: When inside the computer be sure you're aware of the potential damage that can be caused by ESD.
Computer jumperOn the computer motherboard locate the BIOS clear or password jumper or dip switch and change its position. This jumper is often labeled CLEAR, CLEAR CMOS, JCMOS1, CLR, CLRPWD, PASSWD, PASSWORD, PSWD or PWD as shown in the picture to the right. To change the jumper remove it from the two pins its currently on so that it covers the pin that is not covered. For example, in the picture to the right pins 1 and 2 are covered, you'd remove the jumper and put it on pins 2 and 3. Some computers may also clear the password by keeping the jumper open (only one or no pins covered.)
Once this jumper has been changed, turn on the computer and the password should be cleared. Once cleared, turn the computer off and return the jumper or dip switch to its original position.
The location of the jumpers or dip switches are dependent on the manufacturer of the computer and motherboard. However, below are some general ideas on where to find it. Remember that most motherboards could have dozens of different jumpers, make sure you're changing the CMOS jumper and not something else. If these general suggestions do not help refer to your motherboard or computer documentation or skip to the next step.
  1. On the edge of the motherboard - Most jumpers are located on the side of the motherboard for easy accessibility, verify by looking at all visible edges of the motherboard.
  2. By the CMOS battery - Some manufactures will place the jumper to clear the CMOS or BIOS password by the actual CMOSbattery.
  3. By the processor - Some manufactures will place the jumpers by the processor of the computer.
  4. Under the keyboard or bottom of laptop - If you are working on a laptop computer the location of the dip switch (almost never a jumper) can be under the keyboard or on the bottom of the laptop in a compartment such as the memory compartment.
  5. Other visible location - While it is possible that the jumpers or dip switches may not be in a visible location, most manufactures try to make things easier by placing the jumpers or dip switches in another visible location.
Generic passwords
Try using Backdoor Password. Note: many of these generic passwords are no longer used or only used with older computers.
Use a BIOS password utility
This is a live cd tool live linux distros just burn it in a cd and then you can use it. To Burn it you can use a linux live cd and boot up and then download the live cd from here and burn it. Most linux distros like Ubuntu, Kali already had utilities for burning cd.
So Simple Just Burn the downloaded iso file and remove you BIOS PAssword   Download.
Remove CMOS battery
Removing the CMOS battery like the one shown in the picture to the right will cause the system to lose all CMOS settings including the password. To do this locate and remove the CMOS battery on the motherboard for at least five-minutes. After this has been done put the battery back into the computer and turn it back on.
CMOS battery
Jump the CMOS solder beads
Older computers and especially older laptops don't have jumpers or dip switches and require the user to jump a pair of solder beads on a circuit board. The identification and location of these solder beads can vary and if not available in computer documentation is only obtainable through the computer manufacturer.
If you've identified the solder beads they can be jumped by placing a flat-head screwdriver over the two beads and leaving it on those beads while turning on the computer. Once the computer has booted turn off the computer and then remove the screwdriver.
Admin at No comments:
Labels: , , ,

Backdoor Passwords for BIOS

Topic

Backdoor Passwords for BIOS

Cause

If a password is mistakenly forgotten or set without your knowledge, it may be necessary to use a generic password to bypass or change the password.

Solutions

If a BIOS or CMOS password is forgotten in some cases it may be possible to use a generic BIOS password to bypass the unknown password. By using a generic BIOS password you may be able to change the password to a different password. Below is a listing of generic passwords for each of the major BIOS manufacturers.


AMI BIOS
A.M.I.
AMI
AMI_SW
AMI?SW
BIOS
HEWLITT RAND
LKWPETER
PASSWORD
Oder

AWARD BIOS
01322222
589589
589721
595595
598598
aLLy
aLLY
ALLY
ALFAROME
aPAf
_award
AWARD SW
AWARD PW
AWARD_SW
AWARD?SW
AWKWARD
BIOSTAR
CONCAT
Condo
d8on
djonet
HLT
J64
J256
J262
j332
j322
KDD
LKWPETER
lkwpeter
PINT
pint
SER
SKY_FOX
SYXZ
TTPTHA
ZAAADA
ZBAAACA
ZJAAADC

Russian Award Passwords:
% p%
% p%

IBM APTIVA BIOS
Press both mouse buttons repeatedly during the boot

PHOENIX BIOS
phoenix


OTHER BIOS
ALFAROME
BIOSTAR
biostar
biosstar
CMOS
cmos
LKWPETER
lkwpeter
setup
SETUP
Syxz
Wodj

SOME COMPUTERS WITH TOSHIBA BIOS
Hold down the Shift key as the computer is booting.
Admin at No comments:
Labels: , , ,

Wednesday 27 November 2013

Make Ubuntu Pentest OS

MakePentest OS on Ubuntu by LukaSikic

hi,today i will show you how to make pentest OS from Ubuntu

1.Enable ROOT
2.Install Desktop environment (i will use XFCE/XUBUNTU session)
3.Install Pentest tools (from Kali Linux)



1.Enable ROOT:

Commands:

$sudo passwd root

$sudo sh -c 'echo "greeter-show-manual-login=true" >>/etc/lightdm/lightdm.conf'

Restartyour Computer.

Clickon “Login” and type “root” as username, type your passwordyou set it before.



  1. Install Desktop environment:
Thats easy, we willinstall xubuntu desktop environment using apt-get
Command:$ sudoadd-apt-repository ppa:xubuntu-dev/xfce-4.10
$apt-get install xubuntu-desktop
Log out/reboot and use rootusername for login and click on ubuntu logo in right-up side in LoginForm and choose “xubuntu”



When you login you will see xubuntu desktop, it dont have pentest tools, but in next step I willshow you how to install Kali Linux tools.

  1. Install Pentest tools:
In this step I will show you howto install pentest tools from best pentest OS named “Kali Linux”.

a.)Install synaptic: $ apt-getinstall gdebi && apt-get install synaptic
b.)Open with file editor /etc/apt/sources.list and add these lines:

deb http://ppa.launchpad.net/wagungs/kali-linux/ubuntuprecise main
deb-srchttp://ppa.launchpad.net/wagungs/kali-linux/ubuntuprecise main
debhttp://ppa.launchpad.net/wagungs/kali-linux2/ubuntuprecise main
deb-srchttp://ppa.launchpad.net/wagungs/kali-linux2/ubuntuprecise main

      c.) Make new file on desktop named “pgp-key.txt”, open it and paste this:
      -----BEGIN PGP PUBLIC KEY BLOCK-----
      Version: SKS 1.1.4
      Comment: Hostname: keyserver.ubuntu.com

      mI0ET324YwEEANbSlISrOlAGjxgFRxiN6jk0JIl/vxQ8lapRdxZ4DHDAQdXbX4AuigMBkP5e
      sOxhMpDnkgMRtEVpaBMdQheA0/431pPQYqkr3jdeZw5JS5opiyJ4qr/QrcoSFHSluEkWkbZ6
      RYOkA25vW31KK2FB2LQVRYk580llXAVgIUznm2ATABEBAAG0GExhdW5jaHBhZCBQUEEgZm9y
      IHdhZ3VuZ4i4BBMBAgAiBQJPfbhjAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAb
      IuuNj9/bVxabBADSGN8cp+hqkdZqwq263wdz/UGsiuB1bCrH06/HznC/ZC5rjfH3aQ1Dwwag
      zYCrSD3c0cKNAqD10009N76RMlzZBH8kKL9khH3zPL/k4/lYuVP7y6NKFbBsnawEUc0mWcCa
      mH4ScTdWWPXP/mOQiUUjnQ1bZhzpcbQOb+hEUAqExg==
      =fJ+8
      -----END PGP PUBLIC KEY BLOCK-----

      d.) Now , open synaptic , go to : settings >>> repositories , In software sources go to : Authentication >>> Import key file.
      Navigate to your Desktop and double clic on the pgp-key txt file.
      Close everything and in Terminal : apt-get update && apt-get dist-upgrade.
      e.) Now Open Synaptic and clic on ORIGINE tab on the bottom left . You will see repositories links appearing on the top left of Synaptic.
      Highlite the 2nd and the 3rd repository line as shown in the video .
      Start installing your tools using Synaptic . ( Install 10 tools at the time , if any tool will mark itself in red color , untick it and proceed , You can come back to it later on and re-install it , sometime you need some extra dependencies , so some tools will install them for you )
TUTORIALBY LACERATUS

Admin at No comments:
Labels: , , , ,

Monday 25 November 2013

How to remove Dual-Boot

Hello everyone
                            Today I will teach you how to get back to single operating system after dual boot

So first the sceneiro is that Alex uses Windows 7 and wants to learn Linux but he doesnt wants to use virtualbox for some reason so he wants it to be dualboot.
So he installed Kali linux from live cd as a second OS now after some months he understood Linux and now doesnt wants to keep Windows so what will he do now ?

Well if he delets the partition then yeah windows will be removed but what about the space left in the HDD well to get the linux full HDD what should he do ?

(Before you do this please keep a backup of your files )

1. Boot up in you live cd e.g Kali Linux
2. Open Gparted and resize the linux partition but remember It is a RISK so while you resize dont interfere the process or else you will looose alll your files and you will be OS-less .

-Admin (Zakir)
Have a good day

Admin at No comments:
Labels:

Change Hostname In Kali Linux

Hello Everyone Today I will Teach You how to change hostname in Kali linux

1. What is hostname ?

 Hostname is the name of the computer user or you can say the administrator of the computer .

 e.g  the text after root@  is called hostname here it is 

 root@13373XP1017

By default it will be something like root or admin or kali , so to change it ...

 1. Open terminal and type hostname [the name you want ] and press enter
e.g hostname ethicalhacker 

 2. type [text editor] /etc/hostname and press enter
e.g leafpad /etc.hostname 

 A text will apper the old hostname change the text to the hostname you entered in terminal and save it .

 Doneeee

 Check this video to understand better 

Admin at No comments:
Labels: , ,
Subscribe to: Posts (Atom)