Disqus for Cyber Fort

Friday 31 May 2013

HOW TO HACK REMOTE COMPUTER OR WEBSITE USING IP ADDRESS

1 Comment

NOTE : THIS IS FOR ONLY EDUCATIONAL PURPOSE.

     FIRSTLY I WILL TELL YOU THAT WHAT IS INTERNET PROTOCOL(IP) ??

The Internet Protocol is the principal communications protocol used for relaying datagram (packets) across an inter network using the Internet Protocol Suite. Responsible for routing packets across network boundaries, it is the primary protocol that establishes the Internet.

IP is the primary protocol in the Internet layer of the Internet Protocol Suite and has the task of delivering datagrams from the source host to the destination host solely based on their addresses. For this Purpose, IP defines addressing methods and structures for datagram encapsulation

You may want to hack the website and put your advertisement there or grab some database information In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer. Because, www.website.com is hosted in separate web server rather than personal computer.
Another can be accessing your friend’s computer from your home. Again this is IP based and this is possible only when your friend’s computer is online. If it is off or not connected to internet then remote IP hacking is totally impossible.
Well, both of the hacking has the same process. Let’s summarize what we must do.

  • Confirm the website or a computer you want to hack.
  • Find or trace their IP address.
  • Make sure that IP address is online.
  • Scan for open ports
  • Check for vulnerable ports
  • Access through the ports
  • Brute-force user and password 
Now let me describe in brief in merely basic steps that a child can understand it. First getting the IP address of the victim.

To get the IP address of the victim website,ping for its command prompt.
For example,
ping www.google.com
will fetch the IP address of Goole.com
This is how we can get the IP address of the victims website.
How about your friend’s PC? You can’t do www.yourfirend’sname.com, can you? Finding your friend’s IP address is little tough job, and tougher it is if he has dynamic IP address that keeps changing.
One of the widely used method to detect IP address of your friend is by chatting with him.

If u know the ip address? Is it online? To know the online status just ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like closed door without locks, you can go inside and outside easily.
Use Advance port scanner to scan or open vulnerable ports.
Now you’ve IP address and open port address of the victim, you can now use telnet to try to access them. Make sure that you’ve telnet enabled in your computer or install it from Control panel > Add remove programs > add windows components
Now open command prompt and use telnet command to access to the IP address. Use following syntax for connection.
telnet [IP address] [Port]
 
You’ll be asked to input login information.


If you can guess the information easily then it’s OK. Or you can use some brute-forcing tools like.
In this way you’ll able to hack remove computer using only IP address.

Remember this is only for educational purpose...

Read More

Thursday 30 May 2013

Learn difrent types of DoS & DDoS

1 Comment
 A denial of service (DoS) attack is an attack that clogs up so much memory on the target system that it can not serve it's users, or it causes the target system to crash, reboot, or otherwise deny services to legitimate users.There are several different kinds of dos attacks as discussed below:-

1) Ping Of Death :- The ping of death attack sends oversized ICMP datagrams (encapsulated in IP packets) to the victim.The Ping command makes use of the ICMP echo request and echo reply messages and it's commonly used to determine whether the remote host is alive. In a ping of death attack, however, ping causes the remote system to hang, reboot or crash. To do so the attacker uses, the ping command in conjuction with -l argument (used to specify the size of the packet sent) to ping the target system that exceeds the maximum bytes allowed by TCP/IP (65,536).
example:- c:/>ping -l 65540 hostname
Fortunately, nearly all operating systems these days are not vulnerable to the ping of death attack.

2) Teardrop Attack :- Whenever data is sent over the internet, it is broken into fragments at the source system and reassembled at the destination system. For example you need to send 3,000 bytes of data from one system to another. Rather than sending the entire chunk in a single packet, the data is broken down into smaller packets as given below:
* packet 1 will carry bytes 1-1000.
* packet 2 will carry bytes 1001-2000.
* packet 3 will carry bytes 2001-3000.
In teardrop attack, however, the data packets sent to the target computer contains bytes that overlaps with each other.
(bytes 1-1500) (bytes 1001-2000) (bytes 1500-2500)
When the target system receives such a series of packets, it can not reassemble the data and therefore will crash, hang, or reboot.
Old Linux systems, Windows NT/95 are vulnerable.

3) SYN - Flood Attack :- In SYN flooding attack, several SYN packets are sent to the target host, all with an invalid source IP address. When the target system receives these SYN packets, it tries to respond to each one with a SYN/ACK packet but as all the source IP addresses are invalid the target system goes into wait state for ACK message to receive from source. Eventually, due to large number of connection requests, the target systems' memory is consumed. In order to actually affect the target system, a large number of SYN packets with invalid IP addresses must be sent.

4) Land Attack :- A land attack is similar to SYN attack, the only difference being that instead of including an invalid IP address, the SYN packet include the IP address of the target system itself. As a result an infinite loop is created within the target system, which ultimately hangs and crashes.Windows NT before Service Pack 4 are vulnerable to this attack.

5) Smurf Attack :- There are 3 players in the smurf attack–the attacker,the intermediary (which can also be a victim) and the victim. In most scenarios the attacker spoofs the IP source address as the IP of the intended victim to the intermediary network broadcast address. Every host on the intermediary network replies, flooding the victim and the intermediary network with network traffic.
Smurf Attack Result:- Performance may be degraded such that the victim, the victim and intermediary networks become congested and unusable, i.e. clogging the network and preventing legitimate users from obtaining network services.

6) UDP - Flood Attack :- Two UDP services: echo (which echos back any character received) and chargen (which generates character) were used in the past for network testing and are enabled by default on most systems. These services can be used to launch a DOS by connecting the chargen to echo ports on the same or another machine and generating large amounts of network traffic.

7) Distributed Denial Of Service (DDoS) :- In Distributed DoS attack, there are 100 or more different attackers (systems) attacking the single system. Due to higher number of attackers DDoS attack is more effective and dangerous than regular DoS attack. The attackers have control over master zombies, which, in turn, have control over slave zombies, as shown in figure.

No system connected to the internet is safe from DDoS attacks. All platforms, including Unix and Windows NT, are vulnerable to such attacks. Even Mac OS machines have been used to conduct DDoS attacks.

The most popular DDoS tools are:-

a) Trin00 (WinTrinoo)
b) Tribe Flood Network (TFN) (TFN2k)
c) Shaft
d) Stacheldraht
e) MStream

8) Distributed Denial Of Service with Reflectors (DRDoS) :-
In DRDoS attacks the army of the attacker consists of master zombies, slave zombies, and reflectors. The difference in this type of attack is that slave zombies are led by master zombies to send a stream of packets with the victim's IP address as the source IP address to other uninfected machines (known as reflectors), exhorting these machines to connect with the victim. Then the reflectors send the victim a greater volume of traffic, as a reply to its exhortation for the opening of a new connection, because they believe that the victim was the host that asked for it. Therefore, in DRDoS attacks, the attack is mounted by non-compromised machines, which mount the attack without being aware of the action.

a DRDoS attack creates a greater volume of traffic because of its more distributed nature, as shown in the figure below.

Read More

What is the difference between a Hacker, Security Professional, Security Researcher, and Certified Ethical Hacker ?

Be The First To Comment
What is the difference between a Hacker, Security Professional, Security Researcher, and Certified Ethical Hacker ?

1. Hacker :-

The Hacker is one of the Security w0rm of Computer, who search for Vulnerability (Vulnerability means Weakness Point of any Program
or web application) and Explode it for his Popularity, Profit or warn someone like (Government). Basically Just
Hacker word is for Black Hat hackers, All Black hat hackers considered as a Cyber Criminal until they do Cyber Crime such as Defacing websites, Stealing data, Exploding Bank data's
and I-llegal Contenting in Word Wide.
Hacker's earn in their own way from Internet Marketing service or working for Cyber Hacker's group such as Anonymous, Lulz Sec or Null/Crew etc.

2. Security Professional :- Security

Professional is one of the higher and Greater Security Master, no one is higher then Security Professional, Basically Sec Pro Work for Cyber Space Investigation Department or he
search for Vulnerability and solve it to Prevent and Care System. In India there are very less Sec Pro and Cyber Crime in India is increasing day by day, that's
the reason Indian Cyber Space require education in Computer Security. In today's generation Indian Cyber Space Demand's of Security Professional and studies in Computer Security.
In Simple words Security Professional have complete knowledge of Computer
Security even more then Black hat
hacker's.

3. Security Researcher :- Security

Researcher is also called a White Hat hacker, Security researcher are real Hero of Internet. They search for Bugs or Vulnerability in Website and report it to admin or Cyber Space Investigation
Cell. Security Researcher just report the vulnerability and Security Professional Fix the vulnerability and writing of Exploit Code, Security
researcher basically are hired by many IT's Company to save their data and prevent hacking.

4. Certified Ethical Hacker :-

CEH is the base of the Hacking field which give you 3rd option to become in your Life :-

1.Black Hat
2.Security Professional
3.Security Researcher

And that all depends upon you in which field you want to make your future carrier.
All beginner hackers and learner have to start with CEH and get ceritified. It'just a base to enter's into HACKING WORLD..

comment and like...share this information to the others...
 
Read More

How to Shutdown a Computer with a Cell Phone.

Be The First To Comment


 Using this method, a user can shutdown, restart, hibernate, etc. his or her computer, just by sending an email from his or her phone.
  • To do this, all you will need is Microsoft Outlook which should come with Microsoft Office, which most people have. This will need to be on the computer wish you wish to shutdown.
  • So, this is how you do this:
  • 1. First, you need the batch files to perform the Shutdown, Hibernate etc. You can write them down yourselves or can download them from here
                            (www.timmatheson.com/downloads/howtos/sms_shutdown/sms_functions.zip).
  • 2. Extract them to your C:\ drive so the path to the shutdown batch file is C:\sms_functions\shutdown.bat (Important this is a must the path must be exact) or you can modify the rule once you import it to point to the new destination, it's your call.
  • 3. Open up Microsoft Outlook. Make sure that you have already configured it for your email.Now we will need to make it so that Outlook checks your inbox about every minute (1 minute for testing time can be increased if a delayed shutdown is desired). You can do this by going to Tools: Options .
  • 4. Then click the Mail Setup tab, and afterwards, the Send/Receive button.
  • 5. Make sure that the Schedule an automatic send/receive every... box is checked, and set the number of minutes to 1. Now you may close all of these dialog boxes.
  • 6. Now go to Tools: Rules and Alerts... Next click the options button in the upper right hand corner and press the Import Rules button.
  • 7. Now select the shutdown.rwz file that was found in the zip file named sms_functions that you downloaded.
  • 8. Now, when you send a message from your phone to your e-mail address with the subject smsshutdown%%, your computer will shutdown.
  • You can also make your own rule, so that you can use your own batch file, and may specify the phrase you want to trigger the action
Read More

Cyber Fort: Top 25 People Who Changed the Internet Forever ---...

Be The First To Comment
Cyber Fort: Top 25 People Who Changed the Internet Forever ---...: Top 25 People Who Changed the Internet Forever --- 1. Sir Tim Berners-Lee – World Wide Web 2. Vint Cerf And Bob Kahn – TCP/IP 3. Lar...
Read More

Top 25 People Who Changed the Internet Forever ---

1 Comment


Top 25 People Who Changed the Internet Forever ---

1. Sir Tim Berners-Lee – World Wide Web

2. Vint Cerf And Bob Kahn – TCP/IP

3. Larry Page and Sergey Brin – Google Inc.

4. David Filo and Jerry Yang – Yahoo! Inc.

5. Bill Gates – Microsoft

6. Steven Paul Jobs – Apple Inc.

7. Mark Zuckerberg – Facebook

8. Chad Hurley and Steve Chen – YouTube

9. Linus Torvalds – Linux

10. Jack Dorsey – Twitter

11. Kevin Rose – Digg

12. Bram Cohen – BitTorrent

13. Mike Morhaime – Blizzard Entertainment

14. Jimmy Wales – Wikipedia

15. Jeff Preston Bezos – Amazon

16. Shawn Fanning – Napster, Rupture

17. Pierre Omidyar – eBay

18. Jack Ma – Alibaba

19. Craig Newmark – Craigslist

20. Matt Mullenweg – WordPress

21. Thomas Anderson – MySpace

22. Garrett Camp – StumbleUpon

23. Jon Postel – Internet Pioneer

24. Caterina Fake – Flickr

25. Marc Andreessen – Netscape

hope u like and share the information to the others...
 
Read More