Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Microsoft Fails To Patch Bug In Time,so Google Discloses Vulnerability

Microsoft Fails To Patch Bug In Time,so Google Discloses Vulnerability

Google's Project Zero has uncovered a bug in Windows, and as Microsoft neglected to fix it inside 90 days of being advised, info of the blemish have been made open. 

The bug being referred to is in the gdi32.dll file that is utilized by a noteworthy number of projects. It is influencing Microsoft's Windows working frameworks extending from Windows Vista Service Pack 2 to the most recent Windows 10, which are yet to be fixed. 

Google gives organization 90 days after revelation of vulnerabilities to settle the issue. In any case, if the time slips by without a fix that is made accessible to the general population, the bug is then unveiled to people in general so clients can ensure themselves by making fundamental strides. 

In a post, Google's Mateusz Jurczyk clarifies how the bug functions. The post - entitled "Windows gdi32.dll pile based too far out peruses/memory divulgence in EMR_SETDIBITSTODEVICE and potentially different records" - says that Microsoft issued a fix that settled a related issue, yet not all the memory get to issues were tended to. 

As a component of MS16-074, a portion of the bugs were without a doubt settled, for example, the EMR_STRETCHBLT record, which the first confirmation of-idea picture depended on. Notwithstanding, we've found that not all the DIB-related issues are no more. Subsequently, it is conceivable to reveal uninitialized or outside the field of play store bytes by means of pixel hues, in Internet Explorer and other GDI customers which permit the extraction of showed picture information back to the aggressor. 

Jurczyk educated Microsoft about the bug on 16 November, giving the Windows-creator 90 days to get things sorted before opening up to the world. With the current month's cluster of security patches from Microsoft being postponed, the organization missed the due date, so the points of interest of the bug are presently accessible for the general public's viewing pleasure.

Vulnerability Researcher earns More Than $35,000 By Finding a Critical Bug In Google Chrome

Vulnerability Researcher earns More Than $35,000 By Finding a Critical Bug In Google Chrome




















For the second time in under a year, scientist Mariusz Mlynski has been compensated more than $30,000 through Google's Chrome Rewards program. 

Google on Wednesday discharged Chrome 56.0.02924.76 for Windows, Mac and Linux stages, and Mlynski was recognized with finding and unveiling four high-seriousness vulnerabilities that were fixed. The vulnerabilities earned Mlynski $32,337; last May, he stashed $45,000 subsequent to finding various high-seriousness issues that were fixed in the program. 

Mlynski has been a dynamic program powerlessness analyst, specifically at the yearly Pwn2Own challenge. In 2015, he utilized a cross-source bug in Firefox to pick up Windows administrator benefits on a machine, procuring himself $55,000; in 2014 he won another $50,000 with fastening together two Firefox defects to pick up benefit acceleration on a Windows machine. 

The most recent rendition of Chrome incorporates patches for 51 vulnerabilities, seven of which that were evaluated high seriousness fit the bill for prizes. Google fixed 14 high-seriousness bugs altogether, with the rest of inside. 

Google is additionally anticipated that would start deploring SHA-1 in this variant of Chrome. In accordance with the other program producers, Google said in November that it would evacuate bolster for SHA-1 declarations beginning with Chrome 56; Microsoft and Mozilla have reported comparable censure plans through the following month. 

SHA-1 has for quite some time been viewed as a debilitated hashing calculation and powerless to impacts assaults. Specialists are asking site proprietors and application engineers to move to SHA-2 or other advanced calculations, however accomplishment on that front has been blended.

Facebook has added a New Security Feature For It's Users

Facebook has added a New Security Feature For It's Users
















Facebook has included another security highlight that will be extreme for hackers to trade off accounts. 

Presently, Facebook clients can initiate their security key to verify their individuality amid the login process.Users are required to enact their login through the security key , so that if hackers won't have the capacity to hack the record regardless of the possibility that they know clients login and password subtle elements. 

The new security framework depends on two layers of validation that will produce two diverse keys with an additional discretionary layer of security that will help in character amid the login procedure. 

Amid this security convention , the client will enter their username and password during login and the site will return them a OTP which will be entered by the client so site can validate whether its appropriate client of the record or another person with the stolen password. 

While this additional option of key will include additional layer of assurance , this strategy has its own particular downside , an attacker can reset the sim for the client's telephone and catch SMS messages , as a few hackers have done in past with De Ray McKesson the previous summer . 

Security keys take care of this issue by slicing the need to transmit the confirmation code to the client. Keys like made by Yuvico fit into USB port and can create a one-time code at the tap of finger and not at all like SMS , these codes can't be gotten to without physical get to , and the security key verification makes it all the more speedier thusly . While SMS benefit relies on upon telephone association particularly , this kind of framework security is all the more speedier and doesn't require cell benefit . 

Brad Hill, a security design at Facebook, says it was simple for the organization to reveal the component in light of the fact that Facebook effectively utilized this security framework for in-house building staff to login to the frameworks so it was quite recently matter of stretching out element to Facebook clients . 

"We don't consider two-figure a required thing," Hill clarifies. "We see account security as our duty paying little respect to innovations you utilize. For individuals who need to remain in control, this would be a decent decision for somebody who needs to remain in front of even the most exceptional assaults." 

Shockingly, there's not an incredible approach to coordinate security keys with most cell phones yet. When signing into their Facebook accounts on portable, most clients will in any case need to experience the consistent old two-figure SMS prepare (Facebook likewise gives clients a chance to produce their check code through the Facebook application). Clients with NFC-able Android gadgets and the most recent renditions of Chrome and Google Authentication can utilize a NFC-able key to confirm their personality on the Facebook versatile site. 

The test of utilizing a security key with a cell phone is one Hill hopes to see tended to later on. In spite of the fact that get to is at present constrained to certain Android users, Hill says he envisions more APIs on the Android platform that will support security keys — and that different stages will take action accordingly. 

On the off chance that you are prepared to initiate your security key? Go to Security Settings in your account and click “Add Key.” (Note: This will only work if you’re using the Chrome or Opera browser.)

Around 200,000 Websites are Still Vulnerable to Heartbleed

Around 200,000 Websites are Still Vulnerable to Heartbleed














Heartbleed (CVE-2014-0160) was a genuine bug in the OpenSSL's execution of the TLS/DTLS pulse expansion that permitted assailants to peruse segments of the influenced server's memory, possibly uncovering clients information that the server isn't proposed to uncover. 

As per Shodan CEO John Matherly, around 199,500 administrations stay exploitable by the Heartbleed helplessness due to unpatched OpenSSL examples. 

The nations most influenced by Heartbleed still remain the United States, trailed by Korea, China, Germany, France, Russian Federation, United Kingdom, India Brazil and Italy. 

Matherly found 42,032 heartbleed-exploitable administrations in the United States, 15,380 in Korea, 14,116 in China, and 14,072 administrations in Germany. 

With top associations defenseless against the OpenSSL bug is SK Broadband and Amazon.com, and around 75,000 of the powerless administrations utilize lapsed SSL declarations and run Linux 3.x. 

Actually, it is one of many defects that frequently exist unpatched in the wild, and now that the bug has been more than two and half years old and known to everyone, anybody can just utilize it to do assaults against the still influenced frameworks. 

Around 200,000 is truly an alarming number, and one can envision the risk and harms created by the bug if misused. 

Programming bugs may go back and forth, however this imperfection is more basic and likely the greatest Internet blemish in late history as it cleared out the substance of a server's memory, where the most delicate information is put away, presented to the aggressors.

How To Crash a iPhone or iPad With a Emoji Text Message

How To Crash a iPhone or iPad With a Emoji Text Message
















A newfound bug in Apple's iOS portable working framework is being misused in a trick that gives anybody a chance to crash your iPhone or iPad by simply sending an emoji-filled iMessage, as indicated by a few reports. 

YouTube star EverythingApplePro distributed a video highlighting an arrangement of characters that briefly solidify and restart an iPhone, which individuals can send to their iPhone amigos to inconvenience them. You can watch the video exhibit underneath. 

Here's the main troublesome content: A white Flag emoji, the digit "0" and a Rainbow emoji. 

This straightforward numeric character, banner, and rainbow emojis befuddle iOS 10 gadgets when it tries to join them into a rainbow hail. 

When this content is gotten, the iPhone's product endeavors to join the emojis however comes up short, and the informing application crashes and in the long run reboots in almost no time. The beneficiaries don't need to open or read the message. 

Both the strategies said above will crash and iPhone or iPad to changing degrees, in spite of the fact that the straightforward content string sent by means of a standard iMessage seems to influence iPhones and iPads running iOS 10.1 or beneath. 

Be that as it may, the boobytrapped contact card influences all renditions of iOS 10, including Apple's most recent iOS 10.2 working framework. 

There is nothing you can do to ensure yourself against this issue, as these iPhone-smashing issues can crash and reboot your iPhone or iPad without your cooperation. 

Along these lines, we trust that Apple discharges a fix rapidly to plug the issues, however the organization has declined to remark on the issue.




Stolen NSA "Windows Hacking Tools" Are Now On Sale!!

Stolen NSA "Windows Hacking Tools" Are Now On Sale!!















The Shadow Brokers who beforehand stole and released a segment of the NSA hacking apparatuses and endeavors is back with a Bang! 

The hacking gathering is currently offering another bundle of hacking apparatuses, "Condition Group Windows Warez," which incorporates Windows misuses and antivirus sidestep devices, stolen from the NSA-connected hacking unit, The Equation Group. 

For those new to the theme, The Shadow Brokers is an infamous gathering of dark cap programmers who, in August 2016, spilled misuses, security vulnerabilities, and "intense secret activities instruments" made by The Equation Group. 

On Saturday, the Shadow Brokers posted a message on their ZeroNet based site, reporting the offer of the whole "Windows Warez" accumulation for 750 Bitcoin (around US$678,630). 

The information dump contains numerous windows hacking devices, arranged as taking after: 

  • Fluffing apparatuses (used to find mistakes and security escape clauses) 


  • Misuse Framework 


  • Organize Implants 


  • Remote Administration Tools (RAT) 


  • Remote Code Execution Exploits for IIS, RDP, RPC, SMB Protocols (Some Zero-Days) 


  • SMB BackDoor (Implant) 

Strangely, the Remote Administration Tool (RAT) "DanderSpritz" incorporated into the rundown is the one already spilled in the NSA's records uncovered by Edward Snowden. 

Other than this, malware scientist Jacob Williams examined the file of "screenshots and yield of the discover order over the landfill" gave by the programmer as a proof of authenticity and evaluated that the devices may likewise incorporate a Fully Undetectable Malware (FUD) toolbox.

A Simple Guide to Stay Anonymous On the Internet

A Simple Guide to Stay Anonymous On the Internet















Here is a tutorial on the essentials of staying "anonymous". From the films you see a hoodie-wearing figure in a internet cafe utilizing open wifi and "an all in one tool" for not getting caught, and utilizing a RAT (Remote Access tool). All things considered, it isn't so much that straightforward. There are some incredible OSs for anonymity and for the individuals who consider utilizing pen-testing, here are connections to some awesome tools and additional items: 

These are the top six additional add-ons and things we can do for anonymity.

1.Firefox: https://www.mozilla.org/en-US/firefox/products/ 

  • As I would like to think firefox is an absolute necessity for all who are security cognizant and for the individuals who cherish creating and debuging 

2.No script 

  • It is an absolute necessity have for any individual who needs better control of your web understanding and it pieces pictures, recordings, and any mixed media that can be controlled to get your personality. It's a programmed include in TOR which I'll speak more about later. 

3.Ublock 

  • This, as I would like to think, is an extraordinary tool that pieces pop-ups and pennant promotion's and makes my web encounter more charming on destinations tormented with them, similar to the privateer sound or for all intents and purposes any site these days. 

4.Disconnect

  • Is a blend amongst unblock and no script yet it has its employments. It demonstrates a rundown of substance that is programmed and other substance and squares. It will you permit it to be seen not at all like ublock and no script it records where, how, and what is happening in the background. 

5.Hide My Ass 

  • It's an extraordinary free VPN that permits you to look into blocked substance on any open wifi and in your home. It functions admirably on ios, android, and windows versatile renditions, however it is somewhat surrey and ease back because of the promotions. It permits you to take a gander at grown-up substance however to the extent looking into imperative or " mystery" things don't believe it. I just included this for newbs searching for a free VPN. 

6.Duck Duck Go 

  • is a web search engine that won't store, track, or spare history. 

Presently we proceed onward to OS based security – 

  • TAILS 

Tails is a live Cd or USB working framework that utilizations TOR as its fundamental web source however accompanies a risky program to login into catch entryways at any open wifi. It accompanies the capacity to utilize a disguise win xp or win 7 desktop topic. As thus, it doesnt draw in consideration in case you're in a rush to leave climate you're going to complete saw or you're, just haul the usb out or launch the compact disc it should wipe the slam and its follows. In any case, in case you're all alone PC, I would encourage you to ensure you generally boot utilizing the compact disc or usb and evacuate your hdd and slam to be 100% safe nothing was spared. It is additionally vital to note that if you're wanting to spare anything, ensure you boot with persistanece. It utilizes luks encryption, which is military review. Just utilize it in the event that you plan to leave follows on your usb. DVD has no place for persistance and just if it's DVD-RW. On the off chance that it's DVD-R, which I recomend, just becuse DVD-RW can store things not planned to be stored on that media, DVD-R is a one and done arrangement. Once an iOS is scorched to it, it gets to be non-writable ( no follows ). Tails likewise naturally parodies your macintosh address. 

  • Kali Linux 

Made by Hostile Security and the creators of Backtrack Linux and Adventure database, I'll be discussing this diamond later. In the event that you visit my presents and need on know more about it, please visit their site. I could meander endlessly about its uses and its security examination however to remain on point, I should push ahead. 

  • Liberte Linux 

Is a Gentoo-based OS solidified by grsecurity/PaX and is an incredibly 192 mb in size and accompanies highlights, one of which is caricaturing. It can parody your macintosh like Tails however not at all like Tails it utilizes the cms links correspondence standard which, dissimilar to pop 3 or penguine messages, is completely encoded all the way utilizing Tor and HTTPS. It is a serverless email customer. 

The accompanying is a fundamental manual for remain anonymous in view of my examination and tools recorded: 

  1. Never utilize your name, nick name or any data that can recognize you. 
  2. On the off chance that you need to remain anonymous, never utilize your genuine email or even one connected with you for a temp email go to ttps://www.guerrillamail.com. If not appropriate, make a fake email account with Google, MSN, and so forth and utilize all false data. 
  3. On the off chance that you are a individual or group, just utilize individuals you can trust.
  4. Try not to utilize youtube, facebook, or other online networking. On the off chance that I need to state it – Kindly DON'T SIGN IN WITH YOUR Unique Data!

"ImageGate" - New Ransomware spreading through JPG Files over Social Media

"ImageGate" - New Ransomware spreading through JPG Files over Social Media














"Locky" ransomware was initially found not long ago. As the name infers, it bolts up a casualty's PC by encoding their documents and requesting a payoff of .5 bitcoins (about $365) in return for a key. Not long ago, Programmer News reported that a Facebook spam crusade was spreading Locky through picture records in the SVG arrange. At the time, Facebook denied this was going on. Presently, security firm Check Point says that Locky is being implanted into a few realistic configurations and spread through "online networking applications, for example, Facebook and LinkedIn." The firm has assembled a supportive video with an absurdly foreboding soundtrack for you: 




Check Point says that programmers have been centered around discovering misuses in informal communities since they are generally "white recorded." The company's exploration found that programmers have found "another capacity to install vindictive code into a picture document and effectively transfer it to the online networking site." When a casualty taps on the picture, the picture is naturally downloaded. At the point when the picture is opened, the ransomware consequently bolts up every one of their information and leaves a content document in each scrambled catalog. That record focuses to servers on the anonymising Tor organize where the casualty can make an installment to recover their poop. 


For the time being, Check Point says that they aren't discharging full specialized subtle elements until they know the issue has been settled. They say they educated Facebook and LinkedIn back in September. Those are the main two informal organizations that they say by name however they don't determine if those are the main two that are being utilized for assaults. 


Essentially, simply realize that in the event that you click a picture via web-based networking media and it naturally downloads you shouldn't open it. Also, don't open picture documents with "strange expansions, for example, SVG, JS or HTA."


Step by step instructions to remain secured: 

  • On the off chance that you have tapped on a picture and your program begins downloading a picture document, don't open it. Any online networking site ought to show the photo without downloading any record. 



  • Try not to open any picture document with uncommon extension, (for example, SVG, JS or HTA).

Top 10 Security Testing Techniques Must Be Known To Every Hacker

Top 10 Security Testing Techniques Must Be Known To Every Hacker





















To keep the greater part of the security testing dangers/defects and perform security testing on a web application, it is required to have great information of the HTTP convention and a comprehension of customer (program) – server correspondence through HTTP. Likewise, essential information of SQL injection and XSS is required. The accompanying procedures will help in performing quality security testing: 

Cross Site Scripting (XSS)

The analyzer ought to furthermore check the web application for XSS (Cross site scripting). Any HTML e.g. <HTML> or any script e.g. <SCRIPT> ought not be acknowledged by the application. In the event that it is, the application can be inclined to an assault by Cross Site Scripting. 

Aggressors can utilize this technique to execute malicious scripts or URLs on a casualty's program. Utilizing cross-site scripting assailants can utilize scripts like JavaScript to take client treats and data put away in the treats. 

Ethical Hacking 

Ethical hacking implies hacking performed by an organization or individual to recognize potential dangers on a PC or system. A moral programmer endeavors to sidestep the framework security and hunt down any vulnerability that could be misused by malicious programmers otherwise known as Dark caps. White caps may recommend changes to frameworks that make them less inclined to be entered by dark caps. 

Password Cracking 

Password cracking is the most basic part while doing framework testing. So as to get to the private territories of an application, programmers can utilize a password cracking device or can figure a typical username/password. Basic usernames and passwords are effortlessly accessible online alongside open source password cracking applications. Until a web application authorizes a mind boggling password (e.g. a long password with a blend of numbers, letters, and uncommon characters), it is anything but difficult to split the username and password. Another method for cracking the password is if username/password is to target treats if treats are put away without encryption. 

Penetration Testing 

An pentest is an assault on a PC framework with the goal of discovering security escape clauses, possibly accessing it, its usefulness and information. 

Risk Assessment 

This is a procedure of surveying and settling on the risk required with the kind of misfortune and the likelihood of vulnerability event. This is resolved inside the association by different meetings, dialogs and examination. 

Security Auditing 

A security review is a deliberate assessment of the security of an organization's data framework by measuring how well it fits in with an arrangement of set up criteria. 

Security Scanning 

This is a program which speaks with a web application through the web front-end so as to distinguish potential security vulnerabilities in the web application, OS and Systems. 

SQL Injection

The following thing that ought to be checked is SQL injection. Entering a solitary quote (') in any textbox ought to be dismisses by the application. Rather, if the analyzer experiences a database blunder, it implies that the client info is embedded in some question which is then executed by the application. In such a case, the application is powerless against SQL injection. 

SQL injection assaults are exceptionally basic as assailants can get key data from the server database. To check SQL injection passage focuses into your web application, discover code from your code base where coordinate MySQL inquiries are executed on the database by tolerating some client inputs. 

Vulnerability Scanning 

The mechanized PC program to proactively distinguish security vulnerabilities of processing frameworks in a system to figure out where a framework can be abused as well as debilitated. 

Buffer Overflow Testing 

  • Limit esteem testing on Lengths of strings e.g. 128 bytes, 256 bytes, 1024 bytes 


  • Long strings of a sole character 


  • Changed string designs

"Deseat" - The Website which can Delete your Existence From The Internet

"Deseat" - The Website which can Delete your Existence From The Internet














Deseat.me is a basic site that can help you with erasing every single such record you made. Once you're on the site, you have to sign-in utilizing your Google account and the site will show a rundown of each one of those online records which are connected with your Gmail address. 

Remember the way that the site doesn't furnish you with an enchantment wand so you can vanish every one of those records by waving your hands. After you're done separating the records you need to erase, you should tap the erase choice for each of the records in the erase line. 

Tapping the erase alternative will lead you to the erasure page for the separate record where you may need to sign-into that record so as to erase it. It's particularly conceivable you don't recollect the secret word as you didn't get to the record in a while. You can attempt to reset the secret word. 

The entire procedure is tedious however it permits you to erase a major hint of yourself from the web. 

Furthermore, before you begin lashing out at me in the remarks. Keep in mind that nothing desires free, not by any means computerized suicide. It costs your valuable time.

8 Steps To Prevent SQL Injection Attacks

8 Steps To Prevent SQL Injection Attacks

Step by step instructions to Anticipate SQL Injection Attacks

The uplifting news is that there really is a considerable measure that site proprietors can do to avert SQL injection. In spite of the fact that there is no such thing as a 100 percent ensure in system security, considerable hindrances can be put in the way of SQL injection endeavors.

1. Utilize thorough information cleansing. Sites must channel all client input. In a perfect world, client information ought to be separated for setting. For instance, email locations ought to be sifted to permit just the characters permitted in an email address, telephone numbers ought to be separated to permit just the characters permitted in a telephone number, etc.

2. Utilize a web application firewall. A software case is the free, open source module ModSecurity which is accessible for Apache, Microsoft IIS, and nginx web servers. ModSecurity gives an advanced and perpetually developing arrangement of tenets to channel conceivably perilous web demands. Its SQL injection guards can get most endeavors to sneak SQL through web channels.

3. Confine database benefits by setting. Make various database client accounts with the base levels of benefit for their use surroundings. For instance, the code behind a login page ought to question the database utilizing a record constrained just to the relevent credentials table. Along these lines, a break through this channel can't be utilized to trade off the whole database.

4. Abstain from building SQL queries with client input. Indeed, even information cleansing schedules can be defective. In a perfect world, utilizing SQL variable authoritative with arranged statements or put away methodology is much more secure than developing full queries.

5. Take out pointless database abilities, particularly those that raise database benefits and those that produce summon shells.

6. Consistently apply programming patches. Since SQL injection vulnerabilities are routinely recognized in business programming, it is essential to remain progressive on fixing.

7. Stifle mistake messages. These messages are an essential observation device for assailants, so keep them nearby if conceivable. In the event that outside messages are essential, keep them bland.

8. Consistently screen SQL statements from database-associated applications. This will recognize rebel SQL statements and vulnerabilities. Observing devices that use machine learning and additionally behavioral examination can be particularly helpful.

Any of these safeguards altogether lessens the odds of an effective SQL injection attack. Executing every one of them will give a high level of SQL injection prevention. Regardless of its boundless utilize, your site does not need to be SQL injection's next casualty.

How To Be 100% Anonymous when Connected to VPN

How to Be 100% Anonymous When Connected to VPN

Well connecting to a Free or Paid VPN doesn't assure you 100% anonymity,some corrections should also be performed from user side too,the browser which you use leaks some confidential information which reveals your true IP address.There are some elements in the browser which should be disabled.

The options which should be disabled are :



  • Web RTC Leak
  • Javascript
  • Adobe Flash
  • DoNotTrack
These options should be disabled from browser settings.

Steps to Check your Anonymity when connected to VPN:

  • Connect to VPN ( to any country).
  • Open whoer.net in browser
Better check this video below to know your anonymity level when connected to VPN:





Also Read: How to Check your Anonymity Level when Connected to VPN

Once after opening whoer.net , now click on the " Your Anonymity " and see what are all the options which reduces the anonymity level.


  • You may see " DoNotTrack" to be disabled , you can do that by going into your setting -> advanced settings -> then tick on " DoNotTrack " request to send.
  • Like wise disable Javascript.
  • And then open a new tab in chrome and go to chrome://plugins to disable Adobe Flash. If you are using any other browser such Firefox , then you can find Flash in Addons or Plugins sections in the settings.
  • And finally , you have to install a extension for chrome foe Web RTC Leak , which cannot be disabled in your chrome browser.Go to the following url to add the extension here.
  • And the main thing is , you should change the time in your PC according to the country which you are connected in your VPN.
Better watch the below video to understand better:


How to Hide IP Address Using Open VPN In Kali Linux

Kali Linux

OpenVPN is that the ASCII text file VPN (Virtual private Network) consumer, used over the PPTP (Point to purpose Tunneling Protocol). It permits you to attach to a foreign network over a secure, encrypted affiliation and mask your IP addresses over all ports. Since there's just one "hop," the network speeds are barely established and are much more secure.

VPNs will shield you from AN arsenal of threats. MITM attacks, packet sniffing, web privacy, etc. they will be additional beneficiary than a SSH in some circumstances.
I created a VPN tutorial for Windows antecedently, however during this Null computer memory unit i {would like|i need} to assist the LINUX and OS users who would like to use OpenVPN, however cannot thanks to the to a fault sophisticated setup and configuration.

I will be teaching you this under Kali Linux 

Requirements


  • A Unix-based OS
  • Root privileges

Let's start. we are going to be learning OpenVPN's configuration and setup via the subsequent video guide. 


How to Check your Anonymity When Connected to a VPN

Hi Fellas!! many may be thinking " How anonymous I am while surfing on the internet using any trusted VPN" and there is a way to check your anonymity level when connected to an VPN.

As said there are lot of free and paid VPNs all over the internet,but even though the paid VPNs has also low level of anonymity.Better check your level of anonymity when connected to a VPN.

Follow the below steps:

  • First connect to your Internet and then connect to any VPN you use.You can connect to any country you wish.

  • Once connection is established with a particular country ,now open a new tab and type "whoer.net".
Anonymity Checking


Now you can see the details of your connection like IP address,Country and City connected and many more....and in the right hand side , you can also see the percentage level of anonymity with the country you are connected.

Clicking on the percentage shows your stats of anonymity.So this is the way to check your anonymity level when connected to an VPN.

Better watch or download the Video:

How to crack Rainbow Hash Passwords using Rainbow Tables

Rainbow Table
The multi-platform password cracker Ophcrack-[Download it here] is unbelievably quick. however fast? It will crack the word "Fgpyyih804423" in a hundred and sixty seconds. the majority would take into account that password fairly secure. The Microsoft password strength checker rates it "strong". The Geekwisdom password strength meter-[Download it here] rates it "mediocre".


Why is Ophcrack thus fast? as a result of it uses Rainbow Tables.

To understand however rainbow tables work, you initially have to be compelled to perceive however passwords are hold on on computers, whether or not on your own desktop, or on a distant net server somewhere.

Passwords square measure ne'er hold on in plaintext. a minimum of they should not be, unless you are building the world's most insecure system exploitation the world's most naive programmers. Instead, passwords square measure hold on because the output of a hash perform. Hashes square measure unidirectional operations. even though AN aggressor gained access to the hashed version of your parole, it is not attainable to structure the parole from the hash worth alone.

But it's attainable to attack the hashed worth of your parole victimisation rainbow tables: monumental, pre-computed hash values for each attainable combination of characters. AN offensive computer might definitely calculate of these hashes on the fly, however taking advantage of a colossal table of pre-computed hash values allows the attack to proceed many orders of magnitude faster-- assumptive the offensive machine has enough RAM to store the whole table (or a minimum of most of it) in memory. it is a classic time-memory trade-off, precisely the type of cheating crosscut you'd expect a black hat aggressor to require.

How huge are rainbow tables? The installation dialog for Ophcrack ought to offer you AN idea:

rainbow-hash-table-sizes

It takes a protracted time to get these large rainbow tables, however once they are out there, each offensive pc will leverage those tables to form their attacks on hashed passwords that way more potent.

The smallest rainbow table obtainable is that the basic alphamerical one, and even it's 388 megabytes. that is the default table you get with the Ophcrack bootable ISO. Even that small-ish table is remarkably effective. I used it to attack some passwords I started in an exceedingly Windows XP virtual machine with the subsequent results:

                             found?                      seconds
Password1!                                700
Fgpyyih804423 yes                        159
Fgpyyih80442%                        700
saMejus9                 yes                        140
thequickbrownfoxjumpsoverthelazydog700

You wouldn't expect this rainbow table to figure on the passwords with non-alphanumeric characters (%&amp;^$# and therefore the like) as a result of the table does not contain those characters. you may additionally note that that passphrases, that i'm a giant fan of, are proof against this system thanks to their length. on the other hand} again, this attack lined ninety nine.9% of all attainable fourteen character alphamerical passwords in eleven minutes, which was with the tiniest of the obtainable rainbow tables. we tend to might do higher by victimisation larger, additional complete rainbow tables. The Ophcrack documentation describes the variations between the obtainable rainbow tables it uses:

Alphanumeric 10k,388 MB Contains the LanManager hashes of ninety nine.9% of all alphamerical passwords. These are passwords made from mixed case letters and numbers (about eighty billion hashes). as a result of the LanManager hash cuts passwords into 2 items of seven characters, passwords of length one to fourteen will be cracked with this table set. Since the LanManager hash is additionally not case sensitive, the eighty billion hashes during this table set corresponds to twelve septillion (or 283) passwords.
Alphanumeric 5k,720 MB Contains the LanManager hashes of ninety nine.9% of all alphamerical passwords. However, as a result of the tables are doubly as giant, cracking is concerning fourfold quicker if you've got a minimum of one GB of RAM.

Extended 7.5 GB Contains the LanManager hashes of ninety six of all passwords made from up to fourteen mixed case letters, numbers and therefore the following thirty three special characters: !"#$%&amp;'()*+,-./:;&lt;=&gt;?@[]^_` ~. There are concerning seven trillion hashes during this table set covering five octillion (or 292) passwords.

NT 8.5 GB You will use this table set to crack the NT hashes on machines wherever the LanManager hash has been disabled. The set contains ninety nine.0% of the hashes of the passwords made from the subsequent characters:

up to six mixed case letters, numbers and thirty three special characters (same as above)
7 mixed-case letters and numbers
8 lower-case letters and numbers
There are seven trillion hashes during this table, similar to seven trillion passwords (the NT hash doesn't suffer from the weaknesses of the LanManager hash).

Note that every one rainbow tables have specific lengths and character sets they add. Passwords that are too long, or contain a personality not within the table's listing, are utterly proof against attack from that rainbow table.

Unfortunately, Windows servers are significantly susceptible to rainbow table attack, thanks to inexcusably weak legacy LAN Manager hashes. i am surprised that the legacy LAN Manager support "feature" remains enabled by default in Windows Server 2003. It's extremely suggested that you simply disable LAN Manager hashes, significantly on Windows servers that happen to store domain credentials for each single user. it might be AN awful shame to inconvenience all of your Windows 98 users, however i feel the rise in security is worthwhile.

I scan that Windows Server 2008 can finally kill luminous flux unit hashes once it's free next year. Windows visual image already removed support for these obsolete hashes on the desktop. Running OphCrack on my visual image box ends up in this dialog:

All luminous flux unit hashes are empty. Please use NT hash tables to crack the remaining hashes.
I'd like to, however i am unable to notice a reliable supply for the eight.5 GB rainbow table of NT hashes that i would like to proceed.

The Ophcrack tool is not very versatile. It does not permit you to get your own rainbow tables. For that, you will need to use the Project Rainbow Crack tools, which might be wont to attack virtually any listing and any hashing algorithmic rule. But beware. there is a reason rainbow table attacks have solely emerged recently, because the worth of two to four gigabytes of memory in an exceedingly desktop machine have approached realistic levels. once I said large, I meant it. Here are some generated rainbow table sizes for the safer NT hash:

Character Set                                                             Length                            Table Size
ABCDEFGHIJKLMNOPQRSTUVWXYZ                          14                               0.6 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789  14                               3 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&amp;*()-_+= 14 24 GB
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&amp;*()- _+=~`[]|:;"'&lt;&gt;,.?/  14  64 GB

A rainbow table attack is sometimes overkill for a desktop machine. If hackers have physical access to the machine, security is tangential. that is rule variety three within the ten immutable  Laws of pc Security. There are any variety of tools which will reset passwords given physical access to the machine.

But once a distant hacker obtains an oversized list of hashed passwords from a server or info, we're in bother. there is vital risk from a rainbow table attack. that is why you must ne'er have confidence hashes alone-- invariably add some salt to your hash therefore the ensuing hash values are distinctive. seasoning a hash sounds sophisticated (and mistily delicious), however it's quite easy. You prefix a singular worth to the parole before hashing it:

hash = md5('deliciously-salty-' + password)
If you have preserved your parole hashes, AN attacker cannot use a rainbow table attack against you-- the hash results from "password" and "deliciously-salty-password" will not match. Unless your hacker somehow is aware of that every one your hashes are "delicously-salty-" ones. Even then, he or she would have to be compelled to generate a custom rainbow table specifically for you.