DDOSIM – Layer 7 DDoS Simulator

ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, ddosim starts the conversation with the listening application (e.g. HTTP server).

ddosim is written in C++ and runs on Linux. Its current functionalities include:

  • HTTP DDoS with valid requests
  • HTTP DDoS with invalid requests (similar to a DC++ attack)
  • SMTP DDoS
  • TCP connection flood on random port

In order to simulate such an attack in a lab environment we need to setup a network like this:

Download : ddosim-0.2.tar.gz

Advertisements

Shutdown Computer With Command Prompt or shortcut for shutdown

Here is a trick to shutdown your computer  at a specific time. You might be thinking what great about it, well you can shutdown your computer without the use of any software. Just shutdown your computer at specific time from RUN Command. For example if you wish to shutdown at 09:45 am. Type this

Start=>Run

Type Code:        at 11:35 shutdown -s

To cancel or Abort the shutdown:

Type Code:                   shutdown -a

Type  Code:  “shutdown –s –m\\computername –t60”. This command will shutdown the computer on network if you have administrative access.  Here computername needs to be replaced by the exact computer name of the computer on the network to work.

Alternative method to create a shutdown timer or simply computer shutdown shortcut

Step 1: Right click on your desktop and choose “New=>shortcuts”.
Step 2: In the box that says “Type the location of the shortcut”,
type in “shutdown -s -t 3600” without the quotation marks and click next.

Note: 3600 are the amount of seconds before your computer shuts down. So , this means 3600 seconds = 60 mints (1 hour). You can change the value in the above code. You can even create multiple shutdown shortcuts. For example a computer shutdown shortcut for 30 minutes, 1 hour, 2 hours, 5 hours etc.,

Step 3: Make up a name for the shortcut and you’re done.

Optional Step 4 : You can change the icon by right clicking=>properties=>change icon=>browse

To abort or cancel the shutdown:
To make an abort key to stop the shutdown timer just create another shortcut and make
the “location of the shortcut” to ” shutdown -a” without the quotes.

Rename A Start Button – Windows xp

To rename the start button, you will just need to do is download Resource hacker.

Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Win95, Win98, WinME, WinNT, Win2000 and WinXP operating systems.

To Download Click here

First Step : The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe
The category we are going to be using is String Table In Resource Hacker. Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable as shown in Fig. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.

There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry.

Compile and save (actually save as) with another name like expmann.exe

Second Step: Modify the Registry Now that the modified expmann.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open: field. Navigate to:
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon

the Right pane, double click the Shell entry to open the Edit String dialog box as shown in Fig.  In Value data: line, enter the name that was used to save the modified expmann.exe file. Click OK.

Close Registry Editor and reboot the entire system. If all went as planned you should see your new Start button with the revised text.

Prevent ur Account from Hackers

Here I will be discussing how u can protect ur account’s from Hackers or for the right word Crackers.

1. Beware of Phishing :-

Phishing is one of the most widely used and simplest ways of gaining access to one’s account thru hacking.Phishers are pages which are uploaded into hosting sites and then given away to victims….

In appearance the phisher looks exactly as ur common login page.

For eg :-taking into consideration an orkut account and u received a link by someone asking u to click on that link.

Now when u click on that link , it takes u to a new page that looks like ur orkut account login page.

Don’t be fooled by that , now most of the people will without a second thought enter their username and passcode and press enter.But u will not be logged into ur account.It is a phisher , ur login info will be sent to the person who sent u the link.

So no matter who and however trusty that person is do not login on any other page except.

Or else ur account might be on the verge of getting hacked……

PHISHING DONE IN ANOTHER WAY

MANY TIMES .. PHISHERS WILL SEND U A MAIL IN UR EMAIL ID .. WITH THE ID — GMAILPASSWORDRECOVERE .. ET ETC .. AND TELLING U TO VERIFY UR ACCOUNT OR ELSE UR ACCOUNT WILL BE DELETED .

DON’T EVER LOGIN AT ANY PAGE OTHER THAN THE ORIGINAL WEBSITE

2. Keep a strong password :-

Always have a passcode with many characters , minimum 6 characters having a combination of small and big letters and number and special characters like “$”.Then there are very minimal chances that ur passcode will be hacked…..

3. Keyloggers :-

Many times u make online friends that u do not know personally.Then after many chats the person tells u he created a game and wanted u to see it and give a review.U gladly accept it, the game might actually be a keylogger.Keyloggers have become very common nowadays.Now when u double click on the keylogger it gets activated.The next time u login into any page ur username and passocode will be sent to the other guy…..

So do not accept such things from people u do not trust very much…….

4. Keeping ur antivirus up-to-date :-

Many people believe that antiviruses do nothing and hence they do not install them , and think that if a virus infects their PC then they will format the PC.But this is wrong , whenever a virus enters ur PC then there is a very strong possibility that a bad sector is created in ur PC.Antiviruses thus protect ur PC….

Most famous Black Hat Hackers

This article is about Most famous Black Hat Hackers in this world.

1. Jonathan James:

James gained notoriety when he became the first juvenile to be sent to prison for hacking. He was sentenced at 16 years old. In an  anonymous PBS interview, he professes, “I was just looking around, playing around. What was fun for me was a challenge to see what I  could pull off.”

James’s major intrusions targeted high-profile organizations. He installed a backdoor into a Defense Threat Reduction Agency server. The  DTRA is an agency of the Department of Defense charged with reducing the threat to the U.S. and its allies from nuclear, biological,  chemical, conventional and special weapons. The backdoor he created enabled him to view sensitive emails and capture employee  usernames and passwords.

James also cracked into NASA computers, stealing software worth approximately $1.7 million. According to the Department of Justice, “The software supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.” NASA was forced to shut down its computer systems, ultimately racking up a $41,000 cost. James explained that he downloaded the code to supplement his studies on C programming, but contended, “The code itself was crappy . . . certainly not worth $1.7 million like they claimed.”

Given the extent of his intrusions, if James, also known as “c0mrade,” had been an adult he likely would have served at least 10 years. Instead, he was banned from recreational computer use and was slated to serve a six-month sentence under house arrest with probation. However, he served six months in prison for violation of parole. Today, James asserts that he’s learned his lesson and might start a computer security company.

2. Adrian Lamo:

Lamo’s claim to fame is his break-ins at major organizations like The New York Times and Microsoft. Dubbed the “homeless hacker,” he used  Internet connections at Kinko’s, coffee shops and libraries to do his intrusions. In a profile article, “He Hacks by Day, Squats by Night,” Lamo  reflects, “I have a laptop in Pittsburgh, a change of clothes in D.C. It kind of redefines the term multi-jurisdictional.”

Lamo’s intrusions consisted mainly of penetration testing, in which he found flaws in security, exploited them and then informed companies of  their shortcomings. His hits include Yahoo!, Bank of America, Citigroup and Cingular. When white hat hackers are hired by companies to do  penetration testing, it’s legal. What Lamo did is not.

When he broke into The New York Times’ intranet, things got serious. He added himself to a list of experts and viewed personal information on contributors, including Social Security numbers. Lamo also hacked into The Times’ LexisNexis account to research high-profile subject matter.

For his intrusion at The New York Times, Lamo was ordered to pay approximately $65,000 in restitution. He was also sentenced to six months of home confinement and two years of probation, which expired January 16, 2007. Lamo is currently working as an award-winning journalist and public speaker.

3. Kevin Mitnick:

A self-proclaimed “hacker poster boy,” Mitnick went through a highly publicized pursuit by authorities. His mischief was hyped by the  media but his actual offenses may be less notable than his notoriety suggests. The Department of Justice describes him as “the most  wanted computer criminal in United States history.” His exploits were detailed in two movies: Freedom Downtime and Takedown.

Mitnick had a bit of hacking experience before committing the offenses that made him famous. He started out exploiting the Los Angeles  bus punch card system to get free rides. Then, like Apple co-founder Steve Wozniak, dabbled in phone phreaking. Although there were  numerous offenses, Mitnick was ultimately convicted for breaking into the Digital Equipment Corporation’s computer network and  stealing software.

Mitnick’s mischief got serious when he went on a two and a half year “coast-to-coast hacking spree.” The CNN article, “Legendary computer hacker released from prison,” explains that “he hacked into computers, stole corporate secrets, scrambled phone networks and broke into the national defense warning system.” He then hacked into computer expert and fellow hacker Tsutomu Shimomura’s home computer, which led to his undoing.

Today, Mitnick has been able to move past his role as a black hat hacker and become a productive member of society. He served five years, about 8 months of it in solitary confinement, and is now a computer security consultant, author and speaker.