Thursday, November 7, 2013

5 Best Tools For Hacking Web Applications

In an earlier post, I listed the top 10 general hacking tools. This time, I have listed 5 of the best tools specifically  to hack websites and web applications. Most of these tools are free and are very easy to use.
 If you want to hack a website or web application, knowledge of PHP, ASP, SQL etc are necessary. If you know these languages and technologies, you will be able to hack the website without the need for any tool. These tools make the life of a hacker easy by automating the tasks.
                                                              Image courtesy of chanpipat/
So, here is the list of the top 5 web application hacking tools. Starting off with..

Burp suite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments. It is free, however, if you need the advanced features, you can always buy the premium version.

Acunetix Web Vulnerability Scanner provides a comprehensive environment to automatically  scan a website for vulnerabilities.  It scans the web application as well as the web server. Once Acunetix identifies the vulnerabilities in the website, you can go ahead and exploit it manually or use any of the other tools in this list.  Acunetix is however, a paid software, but if you are resourceful, you will know where to get it for free ;)

ZAP  OWASP is similar to Burp Suite in functionality. However, ZAP is completely free.
According to the official website:
"The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing."

4. Havij

Havij is one of the best Automatic SQL injection tools. It is extremely easy to use, thanks to its GUI. All you have to do is provide a vulnerable link to Havij, and it will spew out database details such as tables, columns and rows.

Mozilla Firefox is a web browser. Why then, is it in this list? That is because every web application hacking will take place through a web browser. And what better browser than Firefox? Google Chrome is too simplistic, Internet explorer is too buggy and slow. Firefox is the preferred web hacking tool because it is fast, supports proxy (to be used with Burp Suite) and supports many  plug-ins  such as cookie editor.

Not successful in hacking that website? Crash it instead with my other article How to perform denial of service to crash a website.

Thursday, October 17, 2013

How to perform a Denial of Service attack to crash a website?

Denial of service is a very aggressive attack usually launched against websites as a form of protest or activism. The ultimate aim is to bring down or crash the web server. There are many readymade tools for this. Here, I will give instructions on how to use a very simple DoS tool called Low Orbit Ion Cannon (LOIC). LOIC is a free and open source and can be found in Sourceforge.

Please note that the information provides here is only for educational purpose. 

First download LOIC from here. The original version requires Microsoft .net to run. If you are using a Linux system, then you can use the java version, Java LOIC.
Once downloaded, you can go ahead and run the tool. The directions are pretty straight forward.

1. Enter the URL of the website you are planning to attack. There is also an option to enter the IP address.
2. Once the URL is entered, click on "Lock On"
3. Select the protocol you want to use. TCP is fine.
4. Enter the no of simultaneous threads. (In other words, the severity of your attack) 500 to 1000 threads will do.
5.Finally, click on the large button labelled as "IMMA CHARGIN MAH LAZER"

That will start the attack.  In the bottom, you will see a substantial increase in the no. of requested connections. This means your attack is on. After some time, the website will slow down and eventually stop responding(crash). The best way to observe this is by creating a web server in a virtual lab and attacking it. You can then analyze the web server logs  for more information.

Note: Please don't use tool on any website other than your own. It is a very powerful tool and you could get in trouble with the law.

What are Denial of Service (DOS) attacks?

Denial of Service attacks have become more widely known due to extensive media coverage. But what exactly is a denial of service attack? Simply put, a denial of service attack is a type of cyber attack wherein a website or service is brought down by a hacker or a group of hackers by flooding it with bogus traffic. The web server becomes overloaded with this bogus traffic and the service eventually crashes.

This means that if a hacker performs a denial of service attack against a website, say for example a bank website, then all the online transitions of that bank will be halted. Both companies and individuals are no long able to log into their netbanking accounts for the duration of the attack, leading to loss in revenue for the bank. The bank will also lose reputation and credibility for failing to protect their IT infrastructure.  Similarly, if Gmail was attacked, millions of users will not be able to access their email accounts. In a typical DoS attack, one hacker performs the attack using a DoS tool or script. This is easy to mitigate. The only thing one needs to do is block the IP address of the attacker. To overcome this, hackers use a technique called Distributed Denial of Service or DDoS.

What are Distributed Denial of Service(DDoS) Attacks?

DDoS attacks involve hundreds, if not thousands of "volunteers" who install the DoS tool in their systems and launch a coordinated attack on the target at a specified time. This was the case when Anonymous hacker group took down Paypal  and Mastercard websites some time back. In case there are no "volunteers" involved, hackers use a networks of zombies called botnets to perform the same attack. These zombies are basically normal home computers which have been hacked and infected with the DoS tool. The controller is able to issue remote commands to these "bots" so that they can start attacking a particular website without the owners even noticing. 
Hackers and hactivists perform denial of service attacks by using an array of readymade tools. one such tools is called the Low Orbit Ion Cannon(LOIC). It is a simple GUI tool and volunteers can use it to launch attacks once they receive the green light from the controllers, usually via IRC or social networks. There are many other DoS tools such as HOIC,Hulk Web server, RUDY (R-U-Dead-Yet), Silent  DDoSer etc.

This disruption in service is one of the biggest challenges for companies today. There is no fool proof method to protect against DDoS attacks.  There are many ongoing research on how to mitigate DDoS attacks. As of now, big companies rely on IDS and firewalls and the cooperation of the ISPs to mitigate such attacks.

Would you like to know how to perform a denial of service yourself? Read my other article on how to perform DoS attack here.

Monday, October 14, 2013

Netbeans IDE: Is It Any Good? [OPINION]

 In 2009, CBSE, the Indian board of secondary education changed the IP or Informatics Practices (Informatics Practices is an additional subject) text books of Class XI and Class XII. A new syllabus, Java Swing under Netbeans was introduced. This is a welcome change from the earlier, Visual Basic 6. I'm guessing the choice was because CBSE wanted to make programming fun by letting students develop GUI applications by drag and drop method. Visual Basic fulfilled that role as it had drag and drop features to create GUIs and it was easy to learn. But visual basic is outdated and the interface looks primitive. Microsoft stopped releasing any new updates since 1998, and it Officially ended support for Visual Basic 6 in 2008. That means the last stable version, VB6 was released in 1998. With VB 6 out of the picture, I guess the intelligent choice was Java Swing under Netbeans IDE.

When I was in Class XI, we were the first batch of CBSE students to start using the Netbeans IDE. For all those years, our teachers were used to VB6, and the sudden change meant they also had to adapt to the new language and environment. It took them some time to get used to it, but they eventually got used to it since they already knew java core. The new syllabus for Informatics Practices was actually a combination of Netbeans, MySQL and a bit of web technologies like HTML and XML.

So, all over India, students started learning Java Swing programming without any prior programming knowledge or experience. I think learning swing programming without learning core java first is not a very good idea. The only consolation is that GUI programming is relatively fun compared to the usual  command line interface. This is good for getting students to like programming.  

Since Netbeans was relatively new for all these students (me included), a lot of questions were raised on whether it  can be used to develop "real life" applications or  what programs can be developed in it. Well the answer is, simply put, there is no limit to the applications you can develop using Netbeans. In fact, Netbeans is a popular IDE for developing a huge number of high end enterprise applications and programs. Here is a huge list of extremely sophisticated projects developed using the Netbeans IDE. Also, here is an interesting project on home automation called Jarvis. It was developed using Netbeans IDE. You can create your college projects, socket programs, database driven programs, enterprise applications etc. The sky is the limit. And the best part? You program will run in every operating system as Java is platform Independent. 

A java program running on Linux and Windows

The programs that are taught in class is not enough to develop real life applications. So how does one go about learning Netbeans? There are excellent tutorials on YouTube. Check out ProgrammingKnowledge and VertexDigitalArts. Have a look at this blog for Netbeans related stuff. You can get help about Netbeans from the official Netbeans forum or on stackoverflow. You can also download the NCERT text books for Class 11 and Class 12.
In my third year of college we learnt Java core but I wasn't able to develop any GUI applications using it. The only GUI we learnt was Java applets, and in  that, everything  had  to be hand coded. So, I had to switch back to Swing whenever I needed to develop GUI applications. . I wish Netbeans IDE was a part of our curriculum.

Common Netbeans Questions:

How to run Netbeans programs from the desktop?
So, you want to run an application with a double click from the desktop? Goto your project tree in Netbeans and right click on it. Click on the option Clean and Build.  Once that is done, navigate to the Netbeans folder where your project is stored. You will see a folder called dist. Inside that folder, you will find the JAR executable. Double click on that to run your program. You can create a shortcut to your program in the desktop.

How to convert Netbeans jar files to .exe
You can convert your JAR file into exe in different ways. You can use JSmooth Exe wrapper. You can also use JarToExe. Once you download these programs, the process is pretty straightforward.

How to create an installer to distribute your Netbeans application.
So, you created your first project using Netbeans and want to distribute it to your friends? Sending the jar file is hardly professional, so you need to create an installer. Excelsior Installer is an excellent tool which lets you do just that. Here is a video tutorial on how to create an exe installer using Excelsior.

How to distribute a Netbeans application with MySQL database?
If you want to distribute your database application, it is best to use single file databases such as SQLite or JavaDB instead of MySQL or Oracle. If you need the program to function in a client server environment, then you have no choice but to use MySQL, but then you will have to manually install the database server or create scripts to create the tables.

If you have any queries, you can ask in the comment section and I will try my best to answer them.

Friday, October 4, 2013

5 simple ways you can protect yourself from hackers

1. Use Two-step verification

Most of us use free email providers like Yahoo and Gmail. These email services have the option to enable  2-step verification.  All you need is a mobile phone number. Whenever you login to your Gmail account from  any new or unknown computer, Gmail will send a verification code to your mobile via SMS. Once you enter this code in the website, you are granted access. The advantage here is that even if by any chance someone manages to get hold of your password, they still  won't be able to access your account. Here is an article on Two-step verification.

2. Encrypt your files using TrueCrypt  TrueCrypt is no longer secure

When hackers get into your computer, depending on the purpose of the hack, they will look for your photos, important documents, credit card details, usernames and passwords etc. This is dangerous, especially because many people have the tendency to store credit card or net banking details in plain text for ease access. In order to prevent this, you can use a free encryption tool known as TrueCrypt.  TrueCrypt is one of the most powerful encryption tools and is thought to be unbreakable. Here is an article on how to set up TrueCrypt

3. Use a password manager such as KeePass

Nowadays, we have many online accounts in different websites and it is advisable to use a different password for each of those accounts to stay secure. Now, how does one remember all these passwords? It may be manageable to some extent if you have a sharp memory, but if you are like me, you will need a password manager to help you remember your passwords. KeePass is an excellent software that does just that. It uses a Master password that will secure your other passwords inside the database. You can then store this (tiny) database file in the cloud and access it from anywhere using Dropbox. The plus side is that you just have to remember one (preferably long) password.

4. Use VPN when accessing internet from public networks

As illustrated in my previous article on man in the middle attack, we know it is extremely easy for a hacker to sniff your username and password over the LAN or wifi. This is especially true if you are accessing the internet from a public wifi network such as airports or coffee shops. This is because normal web traffic is unencrypted. So, how do we protect ourselves from this? We use a VPN connection to encrypt the internet traffic. For this, you may want to use free VPN providers. Here is an article on how to set up VPN on Windows 7.

5. Install antivirus and firewall

This is the most basic and fundamental guideline for computer safety. Even in today's world of viruses and other malware, many people continue to ignore the antivirus. An antivirus protects your computer from all kinds of malware. It is not just enough to install an antivirus, it has to be updated regularly. For a hacker, it is extremely easy to hack into computer which has no antivirus installed. Avast is an excellent free antivirus. A personal firewall is also an added safety. ZoneAlarm is a good free firewall.

Wednesday, September 25, 2013

Top 10 Best Hacking Tools

Hacking always involves tools. A good hacker knows how to use tools to his best advantage. An even better hacker writes his own tools. Here I have listed the top 10 most popular tools used in hacking. It is advisable to master these tools to become a good hacker. Note that all the tools listed here are completely free.

1. Nmap

Nmap is also known as the swiss army knife of hacking. It is the best port scanner with a lot of functions
In hacking, Nmap is usually used in the footprinting phase to scan the ports of the remote computer to find out wich ports are open.

2. Wireshark

Wireshark is a packet sniffer. It captures all network traffic going through a network adapter. When performing man in the middle attacks using tools like Cain, we can use Wireshark to capture the traffic and analyze it for juicy info like usernames and passwords. It is used by network administrators to perform network troubleshooting.

3. Cain and Abel

Cain and Abel is a multipurpose windows only hacking tool. It is a bit old now, but it still does the job well. Cain can be used to crack windows password, perform man in the middle attacks, capture network passwords etc.

4. Metasploit

Metasploit is a huge database of exploits. There are thousands of exploit codes, payloads that can be used to attack web servers or any computer for that matter. This is the ultimate hacking tool that will allow you to actually "hack" a computer. You will be able to get root access to the remote computer and plant backdoors or do any other stuff. It is best to use metasploit under linux.

5. Burp Suite

Burpsuite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments.

6. Aircrack-ng

Aircrack-ng is a set of tools that are used to crack wifi passwords. Using a combination of the tools in  aircrack, you can easily crack WEP passwords. WPA passwords can be cracked using dictionary or brute force.  Although aircrack-ng is available for Windows, it is best to use it under Linux environment. There are many issues if you use it under Windows environment.

8. Nessus

Nessus is a comprehensive  automatic vulnerability scanner.  You have to give it an IP address as input and it will scan that IP address to find out the vulnerabilities in that system. Once you know the vulnerabllities, you can use metasploit to exploit the vulnerablity. Nessus works both in Windows and Linux.

10. THC Hydra

Hydra is a fast password cracker tool. It cracks passwords of remote systems through the network. It can crack passwords of many protocols including ftp,http, smtp etc. You have the option to supply a dictionary file which contains possible passwords. It is best to use hydra under linux environment.

9. Netcat

Netcat is a great networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is also known as the swiss army knife for TCP/IP. This is because netcat is extremely versatile and can perform almost anything related to TCP/IP. In a hacking scenario, it can be used as a backdoor to access hacked computers remotely. The use of netcat is limited only by the user's imagination. Find out more about netcat at the official website.

10. Putty

Although putty is not a hacking software by itself, it is a very useful tool for a hacker. It is a client for SSH and telnet, which can be used to connect to remote computers. You may use putty when you want to connect to your Backtrack machine from your Windows PC.  It can also be used to perform SSH tunneling to bypass firewalls.

Note: This list is not comprehensive. There are many tools that I have left out. Those tools that did not make the list are; Sqlmap, Havij, Acunetix Web Scanner, SuperScan, John the Ripper, Kismet, Hping3.
I have written another article about the top 5 website hacking tools.

Have you always wanted to know how to become a hacker? Great! Read this article and learn how to become a hacker.

Thursday, September 5, 2013

10 Technologies You Can Use To Make Your Life Easier

We are living in the 21st century, the digital age. Technology has advanced to such a degree that it is now possible to do things that were only possible in imagination a decade ago. We are indeed  lucky to be alive at this age and we must take full advantage of the technology that surrounds us. 

Here, I have listed 10 ways to make your life easier with the help of technology. You may already have adopted some of them, but integrating all these things in your life will make your life much more rich and convenient.

1. Use Internet Banking and Mobile banking
 Most banks provide these services free of cost to all customers. You only have to apply for it, and they will send you a username and password. I believe this is something everyone should adopt. Standing for long hours in queues at the bank just to transfer money or going to ATMs just to check account balance are a thing of the past. Funds transfer using NEFT is also free. 

2. Recharge your mobile online
There are tons of mobile recharge websites. Alternatively, you can recharge at the official service provider's website.  These websites also provide mobile apps to make recharging easier. Websites like  PAYTM also offer IVRS recharge, meaning you can call a toll free number to recharge your mobile. You need to sign up for an account first. 

3. Pay bills online
You can pay your postpaid mobile bill, electricity bill, landline bill and other utility bills online. You can also pay your income tax online. This saves you a lot of time travelling and standing in queues. In India, many people still  have apprehensions about paying money online. Paying online is incredibly easy and safe, provided you take basic precautions. All you need is a debit card (ATM card).

4. Shop online 
Several years ago, Flipkart revolutionised the online shopping scenario in India by offering  trustworthy service and  excellent cash on delivery option. Nowadays, flipkart has increased its prices and its delivery charges, but their service is still unmatched by any other website. There are plenty of online shopping websites in India selling just about anything. You can compare prices and choose the best value for you. Ebay is also a good website for shopping online. This saves you a lot of time and money which will otherwise be spent on transportation. 

5. Use cloud storage services like Dropbox

Dropbox is a cloud storage service provider that lets you store 2GB of you files on the 'cloud' for free. 
This is an excellent service. Dropbox has plugins for all operating systems and mobile platforms. You can share files between multiple computers. You may have important data that can get lost if there is a hard drive crash or if your laptop gets stolen. Dropbox ensures that your data will be safe in the cloud. I use dropbox to store my project files so that I can work on them from anywhere even if I don't have my laptop with me. The default space is 2GB, which can be expanded by inviting people to join dropbox. Click here to join dropbox.

6. Get A Smartphone and Make use of  Apps
 With the plummeting prices of Android devices due to companies like Micromax and Karbonn, chances are, you have an Android phone. If you don't, I highly advise you get one. Here is an article that outlines why you should get a smartphone.  According to the article, smartphones save you 22 days a year! Android devices are called smartphones for a reason. They make your life much more convenient. Make sure you install apps such as Gmail, LinkedIn, YouTube, Kingsoft Office, Google maps, WhatsApp, MX Player, QR Droid, Shazam, Dropbox, Skype and Dictionary in your Android phone. Using these apps will  increase your productivity and save you lots of  time

7. Use a password manager such as KeePass
Nowadays, we have many many online accounts in different websites and it is advisable to use a different password for each of those accounts to stay secure. Now, how does one remember all these passwords? It may be manageable to some extent if you have a sharp memory, but if you are like me, you will need a password manager to help you remember your passwords. KeePass is an excellent software that does just that. It uses a Master password that will secure your other passwords inside the database. You can then store this (tiny) database file in the cloud and access it from anywhere using Dropbox. The plus side is that you just have to remember one (preferably long) password.

8. Adopt Online Learning

Whether you are a student or not, you can harness the richness of the internet to enhance your knowledge and learn new things. There are thousands of websites online that cater to every stream of study from computer science to medicine.  By adopting online learning, I don't mean the occasional google search to resolve doubts. I mean really using the internet as a tool to learn. There are many free open courseware that teach almost any subject. Sign up for these websites and watch the videos, do the exercises, all for free. Here is a list of 750 free online courses. You can also browse YouTube channels offering free courses. Although these websites are good, one particular website stands out as fun to learn and easy to understand . It is KhanAcademy. This website includes a range of topics like mathematics, science, medicine etc.  There is also an Android app for this. 

9. Download Free Antivirus and Firewall
Viruses and trojans are a headache for computer users. They destroy your work hamper your computer's performance, and worst, steal your data. Rid yourself of this headache by downloading and installing free antivirus programs online. AVG and Avast are generally regarded as the best free antivirus software. You don't need to buy antivirus programs when you can get equally good ones for free. Set your antivirus to update automatically so that you won't be bothered with the hassle of updating it. Also, download and install a firewall. The in-built firewall in windows is good, but if you want extra security, ZoneAlarm is an excellent personal firewall and its free. 

10. Get yourself an All in One Printer
If you are a student or an office worker, you will know that photocopy shops are not always open when you want to  get urgent printouts for projects or reports. An all in one printer solves this problem. It also gives you additional features of scanning, photocopying and printing. Nowadays, wireless printers are also becoming cheap, you can just print from your smartphone through bluetooth or wifi.

Do you know of a technology that makes your life more convenient? Let me know in the comments!

Monday, August 5, 2013


 VPNs are used in different ways by different people. Corporate users use it to connect to their workplace from other locations, students use it to bypass firewalls and website blocking still some others use it for the added security while using public WIFIs.
VPNs are the best way I know to bypass firewalls or hide my tracks online. There are many VPN service providers, both free and paid.

VPNBOOK.COM is a free VPN service provider. They offer different servers based in Romania, UK and US.  Their service is absolutely free and is based on advertisement and donation. They offer two kinds of encryption PPTP and OPENVPN.  You  can get the server address, username and password from the website itself without needing to register or login.  However,one annoying thing is that the password changes every few days or  week. So, you have to keep visiting the website to get the updated password.

* Absolutely Free
* PPTP support (can be used on mobile devices like android)
* OpenVPN support (a bit slower, but more secure, and cannot be blocked)
* P2P allowed  (torrent downloads are allowed)
* Stable connection (doesn't get disconnected)
* Steady speed (no fluctuation in speed)
* Servers based in US,UK and Romania
* Do not store logs
* Unlimited bandwidth!
* No registration required


* Speed is not as fast as paid VPN providers, but I think thats a bit too much to ask since it is a free service.


Vpnbook is probably the best free vpn service provider I have ever used.  I have used many free VPNs and I used to face connectivity issues, bandwidth restrictions etc, but not with VPNBOOK. Apart from my laptop, I also use it in my Android mobile when using college wifi or public hotspots. So, if you need a free and reliable VPN service provider,  vpnbook is the one you need.

NOTE: I am not paid to write this article. It is just my views and opinion after using the service.

Sunday, August 4, 2013

5 Best video resources to learn programming languages

Those of us from computer science background know programming languages.  In college, we are taught C,C++,Java etc. But colleges don't teach us everything we need to know. For example, I believe it is very important for a computer science student to know how to program in PHP or .NET, unfortunately, many college courses doesn't teach that. So, what if you want to learn a programming language? You can either enroll yourself in an institute and pay money or learn it yourself for free.

You can learn almost all programming languages online with all the free resources available. Here, I will list a few of the best websites or youtube channels which provide free tutorials on programming.

This website is probably the best I know for learning programming languages, especially for beginners. The explanations are clear and concise. All of them are videos, which means you can learn just by watching and listening, although it would be a good idea to practice too.
The tutorials on the site include, but not limited to

Tuesday, May 28, 2013

How to send and receive emails securely?

Believe it or not, the email you are using (gmail, hotmail,yahoo etc)  is absolutely insecure. "Well," you might say, "my password is pretty long and gmail is pretty secure, no? Whats there to fear?"
Plenty! Your account can get hacked, someone may be sniffing your traffic through MITM attack, or intelligence agencies might be snooping.
In this day and age, it is very difficult to keep one's data safe online. Our communications are often intercepted. So, how do we send email securely over the internet? By encrypting our email communications.
 There is an amazing encryption technology called PGP (Pretty Good Privacy). PGP is free, open source, unbreakable and hack proof.  PGP is an asymmetric encryption algorithm. It means there is a public and private key system to secure your information. Although PGP was developed in the year 1991 it did not gather much public support despite its awesomeness  This is mainly because PGP is not very user friendly and implementing it requires extra few steps, which is not very convenient. But now things have changed. PGP has become much more easier to implement and use. PGP can be used to send and receive secure emails.

Note: Although this secure from of communication can be used by anyone, I doubt you will use it for your day to day email exchanges. Nevertheless,  I highly recommend you use it.  It is a must if you are handling confidential data such as government documents, corporate information, tax and accounts information, personal information etc. This is probably the most secure form of online communication today.

So, how do we implement PGP in Gmail or Yahoo?

There is an excellent extension in Chrome and Firefox called Mailvelope.  It uses a Browser based PGP system. You need to install the extension in your browser, and the person to whom you want to send the email also needs to have the same extension installed.  After you install, you have to generate a Public and Private key pair for yourself. This is very easy as you just have to navigate through the menu. There is an entire, easy to follow tutorial on the website.

Once you are done generating the public-private key pair, you need to give your public key to anyone who wants to communicate with you.

Public key looks like this-

Version: OpenPGP.js v.1.20121015


The public key contains the name and email address of the owner.  You can distribute your public key by email, your blog, or register yourself in a Key server. My key is here. Feel free to drop me an email! The public key is absolutely safe to distribute anywhere. When someone sends you an email using your public key, your private key will be used to decrypt the message. 
If you want to send someone a PGP email, get hold of their public key by copying the entire text and importing/pasting into Mailvelope. 

Once again, the settings and tutorial for setting up mailvelope can be found here. If you have any doubts, feel free to ask in the comment section.

Monday, May 27, 2013

Hacking with Subterfuge to capture passwords

Subterfuge is a simple and easy to use tool in Linux. It performs man-in-the-middle attacks and sniffs passwords off the network. When I say password, it can mean Network proxy password, Firewall user authentication passwords, plain-text password of websites, even https websites like Facebook and Gmail. Subterfuge has sslstrip (a ssl hacking tool) inbuilt. That means it will also capture the passwords of websites using HTTPS.

Now, lets say you want to 'hack'the Facebook passwords of some people. You can use subterfuge to capture their passwords. This can also be necessary in a real life pen-test scenario. User credentials make it a lot easier to break in to organisations.

You need to have a Linux computer for this. It doesn't work on Windows, as of now. Ubuntu or Backtrack is fine. Also, the most important thing to remember is that you have to be within the same network subnet as your victim or target, connected by a switch or wifi.

How to set up subterfuge

Once download is complete, open a terminal, navigate to the folder where subterfuge is, and type this. tar fvxz SubterfugePublicBeta5.0.tar.gz
This will extract all the files from the tar archive. Make sure the name is properly typed.

To install, type python –i
Once installed, goto any terminal and type subterfuge
  1. Now, open Firefox or any web browser and goto
    You will see the subterfuge interface. Click on the Start button on the top right. Now you have to wait for it to gather the passwords.
  2. The captured usernames and passwords will appear like this-

The usernames and passwords have been blurred out because these are actual credentials from my college wifi.

As you can see, subterfuge is an excellent (though not perfect) tool. It will easily capture the network and plain-text passwords, but when it comes to HTTPS, users will get a warning which says “Server Certificate Error, Proceed at your own risk”. People almost always ignore this warning and when they do, their passwords get captured. There is a lesson to be learnt here regarding HTTPS.

Cain&Abel can also perform the same task as subterfuge, but Cain is a bit old now, and doesn't harvest passwords properly on its own.
Please note that hacking is illegal.  If you do this within your organisation in any capacity, it is most certainly illegal. So, make sure you don't get caught. Smart hackers don't get caught, script kiddies do.

Thursday, May 9, 2013

How to: The most secure way to encrypt and hide your files

UPDATE: TrueCrypt is no longer secure.

We all have data that we'd rather not share with anyone else. How then, do we secure these data from prying eyes? What if somebody hacked your computer or stole your computer? What happens to your data? There are many methods to hide or lock folders. You can use many of the commercial Folder Lock applications available on the internet. Alternatively, if you have Windows 7 Ultimate, you can use BitLocker to encrypt your drive. However, all these techniques are either expensive, not secure or just not feasible.
Here, I am going to show you how to hide, encrypt and secure your data everywhere you go. We will be using a free and open source tool called Truecrypt.
Truecrypt is an incredible software which does an extremely good job of encrypting your data. Truecrypt encryption is thought to be unbreakable, even the FBI hackers can't break it. There are many ways to configure truecrypt, but here I will be discussing the simplest and most convenient way.

How to use truecrypt to encrypt your files and folders?
We will create a "file container" much like a secure vault. You can decide the size of this 'vault'.
This vault is a single file and can have any extension and you can transfer it anywhere you like. You can open the vault by opening it with truecrypt and entering the password.

So, lets get started
1. Open truecrypt and click on Create Volume

2. Leave the default and Click next 

3.  Leave the default and click Next

4. Click Select File

5. Anywhere in your hard drive, just type any file name you want your container to be. Here its myfile.txt
Note that .txt is just an extension, and it doesn't have any meaning in this regard. The idea is that people will think its a mere txt file.

6.  Leave the default and Click next

7. Enter the desired size of the container and click next. I've made mine 3GB.
Note that you cannot change the size of the container afterwards.

8. Create a strong password for your container.
Note that the only way to crack truecrypt is to brute-force it. So, if your password is at least 15 or 20 characters with all the special characters etc, it should theoretically be impossible to break.

9.  Move your mouse around a bit, and click Format. It may take some time depending on your CPU 
power. After the format is complete, close the window.

10. Next, click on any drive in the list. I've clicked  drive L:
   After that, select the file we created earlier, myfile.txt. And finally click on Mount.

11.  Once you press mount, it will ask for the password you set earlier. Click Ok and you are done.

Now, if you go to My Computer, you will find a new hard drive with the letter L:
You can store all your sensitive files here, and once you are done, just click on Dismount, and your drive will no longer be accessible. Next time you want to open or view your files, just mount your file again.
This process of mounting and unmounting again and again whenever you need to access your data may seem cumbersome at first, but you will realize in the long run that it is only for the good. You can transfer your container file anywhere, even in a Linux system and open it again using truecrypt.

Truecrypt is probably the most secure method available to the common man. It is a must have tool for anyone who is concerned about security and privacy. If you have any questions, you can always ask in the comment below.

Tuesday, May 7, 2013

What is VPN? How to setup VPN in Windows 7

Virtual Private Network or VPN is used mostly by corporate employees to connect to their office while travelling or  from their home or coffee shop. However, for students, there is an entirely different usage, and that is to bypass firewall restriction in schools and colleges. My friends keep on asking me how to bypass our college firewall as sites like youtube and facebook are blocked during working hours. There are many ways to bypass a firewall, depending on the blocking mechanisms used. VPNs are the best in my opinion.

So, how does VPN work?
Simply put, the wifi or internet you are currently using is not secure. Anyone can sniff data by a MITM attack. VPN creates an encrypted tunnel from your computer to a remote computer which will pass on your information the the websites you are viewing. Just remember that VPN ensures that your information is safe from prying eyes. Now, you might ask, what is that remote computer we are connecting to? It may be your office, or a free VPN server in this case.  The diagram shows VPN connection to a corporate server.

There are several kind of VPN protocols such as PPTP, L2TP, OpenVPN etc.  OpenVPN is the most secure and reliable type of VPN. However, we have to download the OpenVPN client, making it an extra step. In a corporate environment or in a situation where data confidentiality is of prime importance, you may use OpenVPN.  The most easy to setup is PPTP, which comes inbuilt in Microsoft Windows. That means no downloading is required. So, we will use this one. Please note that PPTP is not absolutely secure, but for normal browsing it should be fine.

1. Goto your free VPN providers website. My personal favourite is
   Once there, scroll down, and you will see the IP address or domain or the VPN server, the username and password.

Since the VPN website itself may be blocked by the firewall, you may use GPRS or 3G on you mobile to first visit the site and obtain the VPN username and password. 
Note: These VPN providers periodically  change the passwords, so keep visiting the site to get updated passwords.

2. Goto Control Panel -> Internet Options -> Connections tab
  Click on Add VPN as shown.

A new window will pop up, asking for the Internet Address. This is the VPN site address which we saw earlier on  In this case, it is Leave the other fields as they are.

3. Click Next, and it will ask for username and password  Enter them as you saw on the website. Leave the domain blank.

Now, Click Connect and your VPN setup is done. Congratulations, you can now surf any website anonymously and without being logged or blocked.

This tutorial was for PPTP based VPN. PPTP can be blocked by your college or ISP, although it is unlikely. In that case, use OpenVPN. It is impossible to block OpenVPN as it can use any port.

Tuesday, April 30, 2013

What is a Man In the Middle Attack?

A Man in the Middle Attack (MITM) is a type of network attack in which an attacker assumes the role of the default gateway and captures all the traffic going to and fro. This is a very serious attack and also very easy to perform. MITM attack can be performed in a Local area network such as airport and  coffee shop wifi, college wifi, computer labs and other any kind of LAN. 

What the attack basically means is that a hacker (or anyone for that matter) with the right set of  tools, can intercept all your internet activities and see all your passwords and  all the websites you are browsing. 

How to perform a Man in the Middle attack?

There are many types of Man in the Middle attacks. There are also many ways to perform this attack. There are several tools such as Cain&Abel, Ettercap, Subterfuge, SSLStrip etc which can do a MITM attack.

In Windows, we use a technique called ARP spoofing to achieve MITM scenario. We use a free ready made tool called Cain&Abel for this. First, you need to be in the same network subnet as the victim (same campus, same room, or same wifi).

Download and Install Cain&Abel. Also download and install Wireshark which is also free. We will be using wireshark to capture the packets and analyze them. 
After everything is installed, run Cain from the desktop or menu. 

  • 1. Start Sniffer by clicking button shown in red box. 2. Then go to Sniffer tab.

  • 3. Right click on screen and select “Scan Mac Addresses”. The screen will quickly  be populated with all users in your LAN.
  • 4. Select all the IP addresses and right click. and select "Resolve host name". Now, you can find the IP address of the person you want to attack by viewing the computer names.

  • Now, 
  •  4. click on “ARP” on bottom and then 
  •  5. click on “Plus” icon to add user in victim list. 

 A window called “New ARP Poison Routing ” will pop up.
  • You will see windows divided in two parts. Select the default gateway in left half and select the victim's IP in the right.  Here you see me selecting as the default gateway for the network and the victim's IP address

  • Click on start ARP option shown in red box. You will see that CAIN starts poisoning the host. 

This completes our ARP poisoning  Now, all the traffic from the victim will pass through the attacker's PC. The victim may notice his internet speed slowing down. 

Now, we need to capture the traffic by using Wireshark. 

Fire up wireshark and
 1. Click on the adapter button shown below in red. 2. Click 'start' in the adapter where there are packets. 

If you let this run for a while, all the traffic going through the victim's PC will be captured by wireshark. You can then save the packet capture file and analyze it with appropriate filters. By analyzing the packets, you can find juicy information like username and passwords, web urls visited by the victim etc.
Please note that you have to be very careful while performing such an attack. If not done properly, it can even cause denial of service to the entire network.