Today i was reading interesting post by Zone-h.org Which says 1.5 million websites were defaced and reported on Zong-h. Most of the attacks were SQL Injections, LFI, RFI, Web Dav and misconfiguration of the web server or application itself.

The report further says, large number of attacks happened on Linux Operating System. We talk too much about Linux kernel but the first thing is code which need to be written in efficient way.

Some interesting numbers in chart is mentioned on this page too, Up to date stats

MySQL.com was compromised via amazing blind SQL injection. You can see the database, tables & users informations on full disclosure website.

Vulnerable Target : http://mysql.com/customers/view/index.html?id=1170
Host IP : 213.136.52.29
Web Server : Apache/2.2.15 (Fedora)
Powered-by : PHP/5.2.13
Injection Type : MySQL Blind
Current DB : web

The worse is they posted passwords dump and hundreds of people have already cracked it. We recommend you to change your password on urgent basis as it is the normal bad practice people use same password for all online portals e.g web mail, paypal and so on.

 

The good or bad guy who had fun with it is ;

[+] Author: Jackh4xor @ w4ck1ng
[+] Site: http://www.jackh4xor.com
Nmap for android phone

Nmap on Android phone

Nmap is open source security scanner used for network exploration. We have been using it widely on Linux and windows operating system.  And now we have finally got Nmap for android. This is really great to see.

Download :

Nmap for Android

http://ftp.linux.hr/android/nmap/nmap-5.50-android-bin.tar.bz2
Network-Miner-Packet-sniffer

Network Miner

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.

Network Miner is for those who are not much familiar with using WireShark. Network Miner made easy to sniff packets from the network and categories and sort it in different tabs so you can interesting sniffed stuff. You can also analyze pcap files which are dumped using WireShark.

Some cool features can be found :

  • Fully GUI application run on Windows platform.
  • Open source application.
  • Sniff User names of any mailing or social website e.g facebook,twitter,gmail and paypal so on…
  • All sort of cookies can be sniffed with one click.
  • Extraction of Facebook, Twitter, Yahoo, Windows Live(Hotmail) messages. (You don’t need password of someone to see his emails ;-) )

and more detailed features can be seen on official Network Miner web

Network miner has recently launched payware Professional version which provide some extra features e.g reporting, geo localization, command line script support.

Although the free version is so powerful, you will love it. We have been using it for long time.

Latest version is announced today.

Download :

Application : NetworkMiner_1-0.zip

Source code : NetworkMiner_1-0_source.zip

ChangeLog : ChangeLog

Netsparker-False-Positive-Free-Web-Application-Security-Scanner

Netsparker- False Positive Free Web Application Security Scanner

 

False-Positive Free

All web application security scanners report false-positives, which means they report vulnerabilities that don’t exist.

Netsparker will try lots of different things to confirm identified issues. If it can’t confirm it and if it requires manual inspection, it’ll inform you about a potential issue generally prefixed as [Possible], but if it’s confirmed, that’s it. It’s a vulnerability. You can trust it.

Netsparker confirms vulnerabilities by exploiting them in a safe manner. If a vulnerability is successfully exploited it can’t be a false-positive. Exploitation is carried out in a non-destructive way.

Technical Details

When Netsparker identifies an SQL Injection, it can identify how to exploit it automatically and extract the version information from the application. When the version is successfully extracted Netsparker will report the issue as confirmed so that you can make sure that the issue is not a false-positive.

Same applies to other vulnerabilities such as XSS (Cross-site Scripting) where Netsparker loads the injection in an actual browser and observes the execution of JavaScript to confirm that the injection will actually get executed in the browser.

Some of great features supported by Netsparker

  • JavaScript / AJAX / Web 2.0 Support
  • Detailed Issue Reporting
  • Automation
  • Logging
  • Reporting

XML
RTF / Word
PDF

  • Integrated Exploitation Engine

Exploitation of SQL Injection Vulnerabilities
Getting a reverse shell from SQL Injection vulnerabilities
Exploitation of LFI (Local File Inclusion) Vulnerabilities
Downloading source code of all crawled pages via LFI (Local File Inclusion)
Downloading known OS files via LFI (Local File Inclusion)
Post-Exploitation

  • Authentication

Basic Authentication
Form Authentication

  • Custom 404 Detection
  • Heuristic URL Rewrite Detection
  • List of Vulnerability Checks
  • List of issues Netsparker is looking for.
  • SQL Injection
  • XSS (Cross-site Scripting)
  • XSS (Cross-site Scripting) via Remote File Injection
  • XSS (Cross-site Scripting) in URLs
  • Local File Inclusions & Arbitrary File Reading
  • Remote File Inclusions
  • Remote Code Injection / Evaluation
  • OS Level Command Injection
  • CRLF / HTTP Header Injection / Response Splitting
  • Find Backup Files
  • Crossdomain.xml Analysis
  • Finds and Analyse Potential Issues in Robots.txt
  • Finds and Analyse Google Sitemap Files
  • Detect TRACE / TRACK Method Support
  • Detect ASP.NET Debugging
  • Netsparker identifies if ASP.NET Debugging is enabled.
  • Detect ASP.NET Trace
  • Netsparker detects if ASP.NET Tracing is enabled and accessible.
  • Checks for CVS, GIT and SVN Information and Source Code Disclosure Issues
  • Finds PHPInfo() pages and PHPInfo() disclosure in other pages
  • Finds Apache Server-Status and Apache Server-Info pages
  • Find Hidden Resources
  • Basic Authentication over HTTP
  • Source Code Disclosure
  • Auto Complete Enabled
  • ASP.NET ViewState Analysis
  • ViewState is not Signed
  • ViewState is not Encrypted
  • E-mail Address Disclosure
  • Internal IP Disclosure
  • Cookies are not marked as Secure
  • Cookies are not marked as HTTPOnly
  • Directory Listing
  • Stack Trace Disclosure
  • Version Disclosure
  • Access Denied Resources
  • Internal Path Disclosure
  • Programming Error Messages
  • Database Error Messages

For more detailed features screen shots & demo click here

What is hacking?

It is a technique of modification in computer software and hardware to achieve the concerning goal outside of the creator’s original purpose.

In common usage, a hacker is a person who breaks into computers, usually by gaining access to administrative controls. The subculture that has evolved around hackers is often referred to as the computer underground.

via Wikipedia

Unauthorized attempts to bypass the security mechanisms of an information system or network.
via Wiktionary

Hacking or getting unauthorized access to a system is not a hot cake. A good hacker must be an outstanding programmer and he must be aware with the systematic working of computing. Or a good scripts kidy can be a good hacker if and until he knows the process of penetrating into a system.

What is Social Engineering?

Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.

“Social engineering” as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick. The term had previously been associated with the social sciences, but its usage has caught on among computer professionals.

via Wikipedia

Social Engineering is God gifted skill. For this you don’t need to be expertise in computing or in hacking.

Simply it helps you in controlling your nerves system against social threats in your daily activities or in your professional life.

Recommended book from BackTrack Community. Following is the title image taken from book title page.

Social Engineering - The art of human hacking.

Social Engineering - The art of human hacking.

Author starts with a story,

I set at an empty table wearing a business suite. I placed my briefcase on the table and waited for a suitable victim. In a few moments, just such a victim arrived with a friend and sat at the table next to mine, placing her bag on the seat beside her. As was probably her habit, she pulled the seat close and kept her hand on the bag at all times.

I needed to steal the entire bag, but, with her hand resting on it and her friend sitting opposite, she was beginning to look like bad news. But, after a few minutes, her friend left to find a restroom. The mark was alone so i gave Alex and Jess the signal.

Playing the part of a couple, Alex and Jess asked the mark if she would take a picture of them both. She was happy to do so. She removed her hand from her bag to take the camera and snap a picture of the “Happy couple” and, while distracted, i casually reached over, took her bag, and calmly locked it inside my briefcase. My victim was yet to notice the empty chair as Alex and Jess left the cafe. Once out of sight, Alex headed quickly for the parking garage.
It didn’t take long for her to realize her bag was gone. Instantly, she began to panic. She tood up and looked around, frantically. This was exactly what we were hoping for so, i asked her if she needed help.
She started to ask if i had seen anything. I told her i hadn’t but convinced her to sit down and think abuot what was in the bag. A phone,  Make-up. A little cash. And her credit cards. Bingo!! I asked who she banked with and then told her that i worked for that bank. What a stroke of luck! I reasurred her that everything would be fine but she would need to cancel her credit card right away. I called the “Help desk” number, which was actually

Alex, and handed my phone to her. She was hooked and it was now up to Alex to reel her in. Alex was downstairs in the van. On the dashboard, a CD player was playing office noises we had downloaded from the Internet. He kept the mark calm, strung her along, and then assured her that her card could easily be canceled but, to verify her identity, she needed to enter her PIN on the keypad of the phone she was using.

My phone and my keypad. You can guess the rest. Once we had her PIN, i left her with her friend and headed for the door. If we were real thiieves, we would have had access to her account via ATM withdrawals and chip and PIN purchases.

Fortunately for her, it was just a TV show and she was so happy when i came back to return her bag and tell her it was all a fake scam. She even thanked me for giving her bag back to which i replied. “Don’t thank me. I’m the one who stole it.”

No matter how secure a system is, there’s always a way to break through. Often, the human elements of the system are the easiest to manipulate and deceive. Creating a state of panic, using influence, manipulation tactics, or causing feelings of trust are all method use to put a victim at ease.”

You can buy this book from Amazon