How to Find the IP Address of a Remote Computer

Tuesday, April 19, 2011 11:32 PM Posted by Budi Satria
Labels:
Most of you may be curious to know how to find the IP address of your friend’s computer or to find the IP address of the person with whom you are chatting in Yahoo messenger or Gtalk. In this post I’ll show you how to find the IP address of a remote computer in simple steps.

I have created a PHP script to make it easier for you to find the IP address of the remote computer of your choice. Here is a step-by-step process to find out the IP address.
1. Download the IP Finder script (IP_Finder.ZIP) that I have created.
2. Open a new account in X10Hosting (or any free host that supports PHP).
3. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.
4. You can rename the ip.php to any name of your choice.
5. Set the permission to 777 on ip_log.txt.
Now you are all set to find the IP address of your friend or any remote computer of your choice. All you have to do is send the link of ip.php to your friend or the person with whom you’re chatting. Once the person click’s on the link, his/her IP address is recorded in the file ip_log.txt.
For your better understanding let’s take up the following example.
Suppose you open a new account in X10hosting.com with the subdomain as abc, then your IP Finder link would be


You have to send the above link to you friend via email or while chatting and ask him to visit that link. Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.
To find the recorded IP address check the logs using the following link.


The sample log will be in the following format
79.92.144.237 Thursday 07th of May 2009 05:31:27 PM
59.45.144.237 Thursday 07th of May 2009 05:31:28 PM
123.92.144.237 Thursday 07th of May 2009 05:31:31 PM
NOTE: You have to replace abc with your subdomain name. 
I hope this helps. Express your opinion and suggestions through comments.
Read more ...
0 comments

Hackers Use European Storm to Spread E-Mail Attack

Sunday, April 17, 2011 10:49 PM Posted by Budi Satria
Labels: ,
A massive malware attack spread throughout the world Thursday and Friday by teasing e-mail recipients to open infected messages supposedly about European wind storms. The attackers use of the subject line "230 dead as storm batters Europe" was an effective way to lure careless computer users into opening mail infected with the "Storm Worm" virus.



"Storm Worm" is the name that seems to have stuck for a massive malware Webroot AntiSpyware 30-Day Free Trial. Click here. attack that spread Thursday and Friday by teasing e-mail E-Mail Marketing Software - Free Trial. Click Here. recipients to open infected messages supposedly about European wind storms.


The attackers use of the subject line "230 dead as storm batters Europe" was an effective way to lure careless computer users into opening mail infected with the Small.DAM Trojan. Fierce winds were battering Europe simultaneously with the release of the messages.


The Trojan was launched when users clicked on attachments to the messages that said "Full Clip.exe," "Full Story.exe," "Read More.exe" and "Video.exe."
Different Variations


However, the perpetrators also sent similarly infected, but differently titled, messages to thousands of other inboxes. These messages titillated readers into clicking the attachments by suggesting they would see videos of U.S. Secretary of State Condoleeza Rice kicking German Chancellor Angela Merkel which, unlike the storm, did not actually happen.


Others offered information or video pertaining to "British Muslims Genocide," "Naked teens attack home director" and "A killer at 11, he's free at 21 and kill again!"


The interesting part of the attack was the creativity and timing, according to Graham Cluley, senior technology consultant for Sophos Latest News about Sophos. "Everyone is concentrating on the storm angle of it, which is only one headline of course," he said. "That was topical in Europe, where we've had some very, very bad weather. But another worthwhile thing to consider is the way they were trying to use humor to get people to open the mail as well."


Many people enjoy reading jokes or weird news tidbits sent by e-mail, Cluley noted. "People who receive that and think they got a video attached to the e-mail might think, 'That sounds funny. I might just click on it to have a look.' This is taking advantage of the way people share jokes and videos. It's not just the news aspect of it. There is all sorts of social engineering going on here."
Topical Messages Enhance Effectiveness


The attack shows that hackers are staying abreast of world news. The European storm message was "created and launched literally as the storm raged," according to Helsinki, Finland-based security company F-Secure Latest News about F-Secure.


The attack was powerful and widespread but, apparently, short-lived, F-Secure's Chief Research Officer Mikko Hypponen told TechNewsWorld.


"This is over," he added. "They stopped the attack. Whoever sent this isn't doing it anymore. Looking at the rate of e-mails being sent, we believe they were targeting European users and it was a nine-hour window starting [Thursday] night and finishing at about 10 a.m. [Friday morning]."


The storm-related message was apparently meant to be awaiting users in the morning, according to Hypponen.


"The people woke up and saw news about a massive storm," he explained. "They went to work and found an e-mail about the storm in their inboxes. Of course it's going to work much better than the usual attack. They gained access to probably tens of thousands of computers in Europe."
Zombie Network


The hackers, before the Thursday-through-Friday attack, had already gained control of thousands of PCs by prior malware infection, Hypponen noted. "They instructed those computers to do this 10-hour spam run. They had a very large [zombie] network See the HP StorageWorks All-in-One Storage System. Click here.. Now it's much larger."


The "huge attack" might have worked too well, in a sense, suggested Sophos' Cluley. "The fact that this is making headlines actually works against the hackers" because so many people and antivirus companies are now aware of the incident, thanks to its creative and "colorful" nature.
Posted in , , by bcracker
Read more ...
0 comments

How To Hack Websites Using Phishing Method

Tuesday, April 12, 2011 7:28 PM Posted by Budi Satria
Labels: , , , ,
Phishing is the other most commonly used trick to hack passwords. This method involves the use of Fake Login Pages whose look and feel are almost identical to that of legitimate websites. Fake login pages are created by many hackers which appear exactly as Gmail ,Photobucke, facebook, Yahoo login pages and similar

Once you enter your login details on such a fake login page, they are actually stolen away by the hacker.
Here are the best step by step tutorials that explains how to hack websites using phishing method.
1) How To Hack Facebook – explains how to hack facebook account with fake login page
2)How To Hack Facebook Accounts | Video Tutorial
3)How To Hack Gmail - part 1
4) How To Hack Gmail - part 2
5)How To Hack A Photobucket Account
6) How To Hack Yahoo Password

How To Hack Websites Using Remote Spying Software
Once installed on the remote PC you wish, you only need to login to your own personal remote spying account to view all recorded data of the remote PC and to control target PC’ with remote access . Here are the best tutorials from hackspc.com that explains how to hack websites using remote spying software
1)How To Use Sniperspy To Hack Passwords
2) How To Hack A Computer

How To Hack Websites Using Social Engineering Method
Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking and fooling other people to break normal security procedures.
How To Hack Hotmail
Read more ...
0 comments

Top 10 Tricks to exploit SQL Server Systems

Monday, April 11, 2011 10:34 PM Posted by Budi Satria
Labels:
Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield's Port Report shows just how many systems are sitting out there waiting to be attacked. I don't understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning

Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.'s NGSSquirrel for SQL Server (for database-specific scanning). They're easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.


Figure 1: Common SQL injection vulnerabilities found using WebInspect.

3. Enumerating the SQL Server Resolution Service

Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews' SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren't listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords

Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.

5. Direct-exploit attacks

Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

 Figure 2: SQL Server vulnerability exploitable using Metasploit's MSFConsole.

6. SQL injection

SQL injection attacks are executed via front-end Web applications that don't properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually -- if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics' SQL Injector, shown in Figure 3.

 Figure 3: SPI Dynamics' SQL Injector tool automates the SQL injection process.

7. Blind SQL injection

These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn't receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that's where Absinthe, shown in Figure 4, comes in handy.

 Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.

8. Reverse engineering the system

The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you'll find a discussion about reverse engineering ploys.

9. Google hacks

Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors -- such as "Incorrect syntax near" -- leaking from publicly accessible systems. Several Google queries are available at Johnny Long's Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google's 'site:' operator often turns up juicy info you never imagined you could unearth.

10. Perusing Web site source code

Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.
Posted in , by bcraker   
Read more ...
0 comments
Subscribe to: Posts (Atom)
Powered by Blogger