SplashData has announced its annual list of the 25 most common passwords found on the Internet. For the first time since SplashData began compiling its annual list, “password” has lost its title as the most common and therefore Worst Password, and two-time runner-up “123456″ took the dubious honor. “Password” fell to #2.
The 2013 list of worst passwords, influenced by postings from the Adobe breach, demonstrates the importance of not basing passwords on the application or website being accessed.
SplashData has announced its annual list of the 25 most common passwords found on the Internet. For the first time since SplashData began compiling its annual list, “password” has lost its title as the most common and therefore Worst Password, and two-time runner-up “123456″ took the dubious honor. “Password” fell to #2.
0 Comments
On the car forum 1Addicts, a one-time poster by the name of “stolen1m” uploaded the video showing how his BMW was stolen in under three minutes. He suspects the thieves used devices that plug into the car’s On-Board Diagnostic (ODB) port to program a new keyfob.
In this particular video, there are a few security flaws that the hackers are exploiting simultaneously: there is no sensor that is triggered when the thieves initially break the window, the internal ultrasonic sensor system has a “blind spot” just in front of the OBD port, the OBD port is constantly powered (even when the car is off), and last but not least, it does not require a password. All of this means the thieves can gain complete access to the car without even entering it. BMW has acknowledged that there is a problem, but is downplaying this particular issue by saying the whole industry struggles with thievery. This is unfortunate given that the evidence seems to point towards BMWs being specifically targeted. Whether that’s because they are luxury cars or because they have a security loophole doesn’t matter: the point is BMW needs to do something about it. If you want to protect yourself from this hack, look into how you can disable the OBD port on your BMW by disconnecting the corresponding wires. If you or your dealer needs it, you can always reenable it. Alternatively, you can try to further secure the port in your own custom way. Yahoo is investigating the claims of a hacker who is selling an exploit that apparently hijacks Yahoo mail accounts. The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a cross-site scripting (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users. Such a flaw would let attackers send or read email from the victim’s account. In a typical XSS attack, an attacker sends a malicious link to an unsuspecting user; if the user clicks the link, the script is executed, and can access cookies, session tokens or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page. Demonstrating an apparent flair for marketing, the hacker, under the alias “TheHell” also posted a video on YouTube, providing a demo for potential customers. He claims it works with all browsers and does not require a bypass of XSS filters in either Chrome or Internet Explorer. He also says the exploit will be sold only to trusted individuals who are not likely to turn it over to Yahoo, which would undoubtedly develop a patch that will foil the attack. “TheHell” claims that his exploit attacks a “stored” XSS flaw. This type of attack injects a code that is permanently stored on targeted servers until it is found and deleted. The malicious code is then passed to the victim’s machine when that particular server is accessed for legitimate download. A standard phishing attempt is used to access the user’s cookies, from which the attacker can access the person’s email, or take full control of the account. As of Tuesday morning, Yahoo was in the process of trying to identify the infected URL. Once the identification is successful, the malicious portion of code will be deleted. Mirror link will redirect you to your own profile page. If you share the link with your friend, when he/she click on it, it reopen his/her page. Just like am mirror, it reflects user's own profile.
http://facebook.com/profile.php?=1000000982382771 Click it, share it & have fun... A new variant of the Ramnit worm has managed to steal log-in credentials for several thousand Facebook accounts, most of which were from the United Kingdom and France, according to researchers at Seculert. Evidence recovered from a command-and-control server used to coordinate the evolving Ramnit worm confirms that the malware has already stolen 45,000 Facebook passwords and associated email addresses.Discovered in April 2010, the Microsoft Malware Protection Center (MMPC) described Ramnit as “a multi-component malware family which infects Windows executable as well as HTML files”, “stealing sensitive information such as stored FTP credentials and browser cookies”. In July 2011 a Symantec report [PDF] estimated that Ramnit worm variants accounted for 17.3 percent of all new malicious software infections. Trusteer previously reported in August of last year Ramnit gained the ability to “bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks.” Seculert, using Sinkhole, found that 800,000 machines had been infected with the worm in the last quarter of 2011. All email communications on the internet are possible by two protocols:
1) Simple Mail Transfer Protocol (SMTP port-25) 2) Post Office Protocol (POP port-110) E-Mail hacking consists of various techniques as discussed below. 1) EMail Tracing :- Generally, the path taken by an email while traveling from sender to receiver can be explained by following diagram. Sender's Outbox----->Source Mail Server----->Interim Mail Server----->Destination Mail Server------>Destination Inbox. The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this: From Barr Thu Jan 3 05:33:26 2008 X-Apparently-To: [email protected] via 203.104.16.34; Thu, 03 Jan 2008 05:25:38 +0530 X-YahooFilteredBulk: 189.160.34.89 X-Originating-IP: [189.160.34.89] Return-Path: <[email protected]> Authentication-Results: mta113.mail.in.yahoo.com from=destatis.de; domainkeys=neutral (no sig) Received: from 189.160.34.89 (HELO dsl-189-160-34-89.prod-infinitum.com.mx) (189.160.34.89) by mta113.mail.in.yahoo.com with SMTP; Thu, 03 Jan 2008 05:25:38 +0530 Received: from dvapa ([141.203.33.92]) by dsl-189-160-34-89.prod-infinitum.com.mx with Microsoft SMTPSVC(6.0.3790.0); Wed, 2 Jan 2008 18:03:26 -0600 Message-ID: <[email protected]> Date: Wed, 2 Jan 2008 18:03:26 -0600 From: "Barr" <[email protected]> Add to Address Book User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: [email protected] Subject: angel rubberneck Content-Type: multipart/related; boundary="------------030604060204000701040304" Content-Length: 16433 The above email header gives us the following information about it's origin and path: a) Sender's email address :- [email protected] b) Source IP address :- 141.203.33.92 c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx d) Email client :- Thunderbird 2.0.0.6 There are lots of ready-made tools available on the internet which performs email tracing very effectively and shows exact geographical location for email sender on the world map. Recommended Tools : NeoTrace VisualRoute E-MailTracker Download from the above link & enjoy!!! Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows- 1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions. To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack. Here’s the buffer test, calling on Perl from the command line: $ echo –e “GET /login.php?user=\ > `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \ nc –vv website 80 This sends a string of 500 “a” characters for the user value to the login.php file. Buffer overflow can be tested by sending repeated requests to the application and recording the server's response. 2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following- /menu.asp?dimlDisplayer=menu.asp /webacc?User.asp=login.htt /SWEditServlet?station_path=Z&publication_id=2043&template=login.tem /Getfile.asp?/scripts/Client/login.js /includes/printable.asp?Link=customers/overview.htm 3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc. We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this: http://website/inc/errors.asp?Error=Invalid%20password This displays a custom access denied page that says, “Invalid password”. Seeing a string on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as: http://website/inc/errors.asp?Error=<script%20src=... That is, place the script tags on the URL. 4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted. The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server. example:- http://www.domain.com/index.asp?querystring=sports' or 1=1-- enjoy!!! Users of Google Talk (GTalk) can also let GTalk go to polygamy, that\92s running multiple instances of Google Talk and login to multiple Google accounts on Google Talk. The polygamy trick can be done without any crack, patch or hack, with just a simple command line parameter or switch /nomutex appended to the Google Talk shortcut. Ability to polygamy running multiple Google Talk is useful if users have multiple Google Talk accounts (or Google or Gmail accounts that used to login to GTalk) or multiple profiles or personalities, and don\92t want to log on and off from one account to another account every time when want to switch, or want to log in to all accounts at the same time on the same computer. You can add the /nomutex switch or parameter to existing Google Talk shortcut, or create a new shortcut with the /nomutex command line parameter. To edit existing Google Talk shortcut: 1) Right click on the Google Talk shortcut. 2) On the right click contextual menu, click on Properties. 3) Go to Shortcut tab on Google Talk Properties window. 4) On the Target textbox, add in the /nomutex to the end of the line so that it looks like below (or you can simply copy and paste the below syntax and replace the original). Target: "C:\Program Files\Google\Google Talk\googletalk.exe" /nomutex 5) Click on OK. To create a new shortcut for Google Talk: 1) Right-click on the desktop or anywhere you want to place the GTalk shortcut. 2) Select New on the right click context menu. 3) Then select Shortcut. 4) Copy and paste the following line to the text box when prompted to type the location of the item: \93C:\Program Files\Google\Google Talk\googletalk.exe\94 /nomutex 5) Click on Next. 6) Give the shortcut a proper name such as Google Talk or Google Talk Multiple or Google Talk Polygamy. 7) Click OK until you are done. If you have hex editor, you can act like a hacker and modify the bits in Google Talk program so that it will always allow multiple instances of GTalk to be launched whether the /nomutex switch is specified or not. Launch hex editor and open googletalk.exe, then search for the following patterns in the hex editor: 004536FD . 3BC6 CMP EAX,ESI 004536FF . 75 05 JNZ SHORT googleta.00453706 Modify the string to look like the following: 004536FD . 8BC1 MOV EAX,ECX 004536FF . EB 05 JMP SHORT googleta.00453706 How this Works? The mutex is short for mutual exclusion object. A mutex is a program object that allows multiple program threads to share the same resource, but not simultaneously. So, in the hack above, we used nomutex (no-mutex) to use the same resources simultaneously. Share it with friends & have fun..!!! _Process-1:
First of all u have to get an static IP-Address. Need a a static ip-address for ur FTP Server.Necessity for getting this static ip-address is ur not suppose to use ur own IP-Address.The main reason is u dont want to show ur IP-Address to everyone , there are many other reasons too but leave them aside.. 1) Goto no-ip & create urself a free account. 2) Now ur account been created & ll receive ur account password via mail to ur email address. 3) After getting ur password login to ur account of no-ip.com 4.After getting logged in, click upon add a HOST its on the left menu. 5) Type any hostname u want (eg:-abc) & select any domain from da given list (eg:-ftpserve.com) Click on Submit. 6) Now u have owned ur own static address (example: abc.serveftp.com) 7) Now click downloads button which is present above on the page & click on which operating system ur using & den download DNS update client or u can download it from here directly, this is for microsoft window users.. 8) After getting downloaded, u have to install this software & login here with ur email addresss & p/w wen asked for it. 9) At last tick on da check box present at the static address. 10) U have ur own static web address. Process-2: Installation & setting of the FTP-Server 1) You have to install Serv-U 4.1.03 , download this software from here 2) Run Serv-U & use da wizard to setup ur FTP. 3) Click on next until u have been asked for IP-Address, leave it as it is & click upon next. 4) Enter ur domain name u have registered (example: abc.serveftp.com) it above in da domain field & click upon next. 5) U ll be asked for anonymous access, select No & click upon next. 6) Next u ll be asked for creating a named account, select yes & click upon next. 7) Choose any user name u wish (eg:-xyz) & clcik upon next. 8) Enter password for dis account (eg:-adc341) for security purpose choose difficult password. 9) U ll be asked for da home directory for the account which u have created above.Select directory & click upon next. 10) Click on yes for locking dis account to da home directory, doing dis da user cannot further move up into home directory, click upon next. 11) At last ur account has been created click finish. Process-3: Configuring the user accounts which u have been created. 1) On the left tree-menu, select da account which u have been created above & den click upon General Tab. 2) Goto Hide 'Hidden' Files. 3) Check Allow only and enter the number one in the box. 4) Set da maximum downloading speed upto wat extent u want.As this is an account so many ll be using so set it low(eg:-10-20) to save ur bandwidth.Don't leave it blank as uers can download with full bandwidth. 5) choose how many users u want to login at on time.It depends on ur connection speed try these (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.) 6) Click upon Dir Access Tab. 7) Now u can c home folder here.Highlight it & make ur permission. 8) If u want only users to download check only these Read,List & Inherit. 9) If u want ur users to upload into ur server & bu tto only 1 particular folder but not to downlaod, click upon dat add button & then select dat folder, Now u have to highlight dat folder & set these permissions on dat folder.Check,Write,Appened,List,Create & Inherit after setting these permissions click on the arrow which is present at the bottom right-hand corner.U want dis upload folder 2 be list first, before da home folder. 10) If der is any folder which u dont want anyone to access it, & it is present in the home folder, den click da add button & den select da folder.Now u have to highlight dat folder & see dat no all da checkboxes are left.After doing this click upon upper arrow which is present at bottom right hand corner. 11) There are many things u can do, These are only the basics.... 12) Your server is now ready to be connected.. 13) Login with your username & password... Have fun buddy! |
Saumen Das
B.Tech. (Software Engineer), Archives
February 2015
Categories
All
Help Us To Grow |