BlackSheep – Detect Users Of FireSheep On The Network

As you surely know, things blew up recently at Toorcon 12 with the release of the much talked about Firefox plugin called Firesheep.

There were various discussions about how to mitigate against it like using Firefox plug-ins to force SSL connections (where available). Microsoft also tried to secure Hotmail with SSL but kinda b0rked that too.

For the 1 person in the World left that doesn’t know, Firesheep allowed any user to seamlessly hijack the web session of another user on the same local network. Although such attacks are not new, the ease of use presented by Firesheep brought session hijacking to the masses.

BlackSheep, also a Firefox plugin is designed to combat Firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:

t should be noted that Firesheep and BlackSheep cannot be installed on the same Firefox instance as they share much of the same code base. If you want to run both Firesheep and BlackSheep on the same machine, they should be installed in separate Firefox profiles.

Requirements

In order to install BlackSheep, you need:

  • Mac OS X: 10.5 or newer on an Intel processor.
  • Windows: XP or newer. Install Winpcap first!
  • Firefox: 3.5 or newer. 32-bit only.
  • Linux : details here

You can download BlackSheep here:

blacksheep-latest.xpi

Advertisements

Network Hacking

Network Hacking is generally means gathering information about domain by using tools like Telnet, NslookUp, Ping, Tracert, Netstat, etc.
It also includes OS Fingerprinting, Port Scaning and Port Surfing using various tools.

Ping :- Ping is part of ICMP (Internet Control Message Protocol) which is used to troubleshoot TCP/IP networks. So, Ping is basically a command that allows you to check whether the host is alive or not.
To ping a particular host the syntax is (at command prompt)–

c:/>ping hostname.com

example:- c:/>ping http://www.google.comVarious attributes used with ‘Ping’ command and their usage can be viewed by just typing c:/>ping at the command prompt.

Netstat :- It displays protocol statistics and current TCP/IP network connections. i.e. local address, remote address, port number, etc.
It’s syntax is (at command prompt)–

c:/>netstat -n

IP address is also being given, But I am hiding my IP here for security purpose.

Telnet :- Telnet is a program which runs on TCP/IP. Using it we can connect to the remote computer on particular port. When connected it grabs the daemon running on that port.
The basic syntax of Telnet is (at command prompt)–

c:/>telnet hostname.com

By default telnet connects to port 23 of remote computer.
So, the complete syntax is-

c:/>telnet http://www.hostname.com port
Tracert :- It is used to trace out the route taken by the certain information i.e. data packets from source to destination.
It’s syntax is (at command prompt)–

example:- c:/>tracert http://www.insecure.inHere “*    *    *    Request timed out.” indicates that firewall installed on that system block the request and hence we can’t obtain it’s IP address.

various attributes used with tracert command and their usage can be viewed by just typing c:/>tracert at the command prompt.

The information obtained by using tracert command can be further used to find out exact operating system running on target system.

example:- c:/>telnet http://www.yahoo.com 21 or c:/>telnet 192.168.0.5 21

Join(Concatenate) Video Files using Command Prompt – Hack

Yes, that’s right. In this post I am going to show you a simple tip to join video of various formats like Mpeg, dat, mpg.. If you have questions like,

1. How to join various video files into one?

2. Join two video files?

3. How to Join videos taken from mobile phone?

Then, the best method to follow is shown below. You can join your video files using just the windows Command Prompt. No need of any video joining software’s.

Step 1: For example if you have 3 videos in your hardrive root drive: video1.mpg, video2.mpg and video3.mpg just rename them to a, b, and c (just the letter withoug the file extension).

Example:
ren video1.mpg a
ren video2.mpg b
ren video3.mpg c

Step 2: Open Command Prompt.  Start–>Run–>type “cmd”.

Step 3: Type the location of the drive like d: or C:

Step 4: Type: Copy /b a + b + c videoname.mpg
and click enter

Step 5: Now wait till you see: 1 files<s> copied.

And type exit and press enter. Thats it.You are done!

Note: If you want to join two files then those files must have the same extension.

Alternative Method to Join multiple video files using freeware software:

What is Easy Video Joiner?

Easy Video Joiner can help you join multiple AVI, MPEG (MPG), RM (Real Media) or WMV/ASF (Window Media) files into one large movie file. You can add an unlimited number of video files as you like to the list and easily rearrange their order if needed. With just a few mouse clicks, you can enjoy your movie clips without interruption.

Key Features

1. Can join AVI files(*.avi, *.wav), MPEG-4 and DivX are supported;
2. Can join MPEG files(*.mpeg, *.mpg, *.m2p, *.m1v, *.m2v, *.mp3, *.mpga), MPEG-1 and MPEG-2 are supported;
3. Can join Real Media files(*.rm, *.ram);
4. Can join Windows Media files(*.wmv, *.asf, *.wma);
5. Not only join video files, but also join most audio files with popular format(*.mp3, *.mpga, *.rm, *.wma, *.wav);
6. Very easy to use and very fast to work.

download link

How to surf web anonymously with TOR

We all many times use proxies for staying anonymous on internet. Lets quickly check out , what we are actually doing while using proxies. We first connect to a proxy server which brings resources requested by us from the web server.

Thus a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing. Suppose we break into a server using a proxy server thinking that we are anonymous. But what if owner of web server starts enquiring about the clients connecting to it using the proxy server  and it is possible that owners of proxy server might  reveal our identity. This means we cant actually rely on proxy servers for being anonymous online. Here comes the concept of THE ONION ROUTING (TOR) into picture. By using this , the client traffic is supposed to be passed from three different servers or nodes before reaching to actual web server. It may randomly take any path through any three nodes.

Lets consider it has taken path shown by green arrows. Now

* Node 1 knows only actual origin(client) but not actual destinantion(web server).
*Node 5 neither knows actual origin nor actual destinantion.
*Node 9 knows actual destination but not actual origin.

Thus no one exactly knows which client is accessing which web server. So it is highly anonymous.

Installing and Using TOR:

Step 1. Download the TOR client from the given link and run the setup .

http://www.ziddu.com/download/12331095/vidalia-bundle-0.2.1.26-0.2.10-1.exe.html

Note: You need to install a Mozilla firefox add on which is included in package you have downloaded to use Tor.

Step 2. Open the ‘Vidalia Control Panel’ from the task bar and Click on ‘Start Tor’.

Step3. Now open Mozilla Firefox browser, single click on red highlighted ‘Tor Disabled’ on right corner of browser and it will turn to green highlighted ‘Tor Enabled’.

Now just log on to ‘www.whatismyip.com‘ and you will see your new public IP address that will keep changing after an interval of time according to the path randomly taken by web traffic through three different nodes.

Firesheep Makes Facebook Hacking Easy

Recently a new firefox addon Firesheep have been a cause of thousands of email accounts, As reported by techcurnch,  Firesheep has been downloaded more than 104,000 times in roughly last 24 hours, With Firesheep the hacker can control  any account without even knowing the username and password of the desired account, As Facebook is worlds most popular Social Networking website, therefore it has been the major victim of it, Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account.

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies, Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account.

How can a Hacker use Firesheep to Hack a Facebook or any other account?

Now I will tell you how can a hacker use firesheep to hack a facebook or any other account, You will need the following things:

Method

1. First of all download “Firesheep” from the above link and use the “openwith” option in the firefox browser.

2. Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebar and click on Firesheep.

3. Now click on the top left button “Start capturing” and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly.

Prevent ur Account from Hackers

Here I will be discussing how u can protect ur account’s from Hackers or for the right word Crackers.

1. Beware of Phishing :-

Phishing is one of the most widely used and simplest ways of gaining access to one’s account thru hacking.Phishers are pages which are uploaded into hosting sites and then given away to victims….

In appearance the phisher looks exactly as ur common login page.

For eg :-taking into consideration an orkut account and u received a link by someone asking u to click on that link.

Now when u click on that link , it takes u to a new page that looks like ur orkut account login page.

Don’t be fooled by that , now most of the people will without a second thought enter their username and passcode and press enter.But u will not be logged into ur account.It is a phisher , ur login info will be sent to the person who sent u the link.

So no matter who and however trusty that person is do not login on any other page except.

Or else ur account might be on the verge of getting hacked……

PHISHING DONE IN ANOTHER WAY

MANY TIMES .. PHISHERS WILL SEND U A MAIL IN UR EMAIL ID .. WITH THE ID — GMAILPASSWORDRECOVERE .. ET ETC .. AND TELLING U TO VERIFY UR ACCOUNT OR ELSE UR ACCOUNT WILL BE DELETED .

DON’T EVER LOGIN AT ANY PAGE OTHER THAN THE ORIGINAL WEBSITE

2. Keep a strong password :-

Always have a passcode with many characters , minimum 6 characters having a combination of small and big letters and number and special characters like “$”.Then there are very minimal chances that ur passcode will be hacked…..

3. Keyloggers :-

Many times u make online friends that u do not know personally.Then after many chats the person tells u he created a game and wanted u to see it and give a review.U gladly accept it, the game might actually be a keylogger.Keyloggers have become very common nowadays.Now when u double click on the keylogger it gets activated.The next time u login into any page ur username and passocode will be sent to the other guy…..

So do not accept such things from people u do not trust very much…….

4. Keeping ur antivirus up-to-date :-

Many people believe that antiviruses do nothing and hence they do not install them , and think that if a virus infects their PC then they will format the PC.But this is wrong , whenever a virus enters ur PC then there is a very strong possibility that a bad sector is created in ur PC.Antiviruses thus protect ur PC….

Most famous Black Hat Hackers

This article is about Most famous Black Hat Hackers in this world.

1. Jonathan James:

James gained notoriety when he became the first juvenile to be sent to prison for hacking. He was sentenced at 16 years old. In an  anonymous PBS interview, he professes, “I was just looking around, playing around. What was fun for me was a challenge to see what I  could pull off.”

James’s major intrusions targeted high-profile organizations. He installed a backdoor into a Defense Threat Reduction Agency server. The  DTRA is an agency of the Department of Defense charged with reducing the threat to the U.S. and its allies from nuclear, biological,  chemical, conventional and special weapons. The backdoor he created enabled him to view sensitive emails and capture employee  usernames and passwords.

James also cracked into NASA computers, stealing software worth approximately $1.7 million. According to the Department of Justice, “The software supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.” NASA was forced to shut down its computer systems, ultimately racking up a $41,000 cost. James explained that he downloaded the code to supplement his studies on C programming, but contended, “The code itself was crappy . . . certainly not worth $1.7 million like they claimed.”

Given the extent of his intrusions, if James, also known as “c0mrade,” had been an adult he likely would have served at least 10 years. Instead, he was banned from recreational computer use and was slated to serve a six-month sentence under house arrest with probation. However, he served six months in prison for violation of parole. Today, James asserts that he’s learned his lesson and might start a computer security company.

2. Adrian Lamo:

Lamo’s claim to fame is his break-ins at major organizations like The New York Times and Microsoft. Dubbed the “homeless hacker,” he used  Internet connections at Kinko’s, coffee shops and libraries to do his intrusions. In a profile article, “He Hacks by Day, Squats by Night,” Lamo  reflects, “I have a laptop in Pittsburgh, a change of clothes in D.C. It kind of redefines the term multi-jurisdictional.”

Lamo’s intrusions consisted mainly of penetration testing, in which he found flaws in security, exploited them and then informed companies of  their shortcomings. His hits include Yahoo!, Bank of America, Citigroup and Cingular. When white hat hackers are hired by companies to do  penetration testing, it’s legal. What Lamo did is not.

When he broke into The New York Times’ intranet, things got serious. He added himself to a list of experts and viewed personal information on contributors, including Social Security numbers. Lamo also hacked into The Times’ LexisNexis account to research high-profile subject matter.

For his intrusion at The New York Times, Lamo was ordered to pay approximately $65,000 in restitution. He was also sentenced to six months of home confinement and two years of probation, which expired January 16, 2007. Lamo is currently working as an award-winning journalist and public speaker.

3. Kevin Mitnick:

A self-proclaimed “hacker poster boy,” Mitnick went through a highly publicized pursuit by authorities. His mischief was hyped by the  media but his actual offenses may be less notable than his notoriety suggests. The Department of Justice describes him as “the most  wanted computer criminal in United States history.” His exploits were detailed in two movies: Freedom Downtime and Takedown.

Mitnick had a bit of hacking experience before committing the offenses that made him famous. He started out exploiting the Los Angeles  bus punch card system to get free rides. Then, like Apple co-founder Steve Wozniak, dabbled in phone phreaking. Although there were  numerous offenses, Mitnick was ultimately convicted for breaking into the Digital Equipment Corporation’s computer network and  stealing software.

Mitnick’s mischief got serious when he went on a two and a half year “coast-to-coast hacking spree.” The CNN article, “Legendary computer hacker released from prison,” explains that “he hacked into computers, stole corporate secrets, scrambled phone networks and broke into the national defense warning system.” He then hacked into computer expert and fellow hacker Tsutomu Shimomura’s home computer, which led to his undoing.

Today, Mitnick has been able to move past his role as a black hat hacker and become a productive member of society. He served five years, about 8 months of it in solitary confinement, and is now a computer security consultant, author and speaker.