SlideShare a Scribd company logo

Clubhack Magazine Issue February 2012

ClubHack
ClubHack

It gives me immense pleasure to tell you that from 06-02-10 to 06-02-12 our magazine has completed two successful and rejoicing years. We at ClubHack are super excited! I hope you people are enjoying the magazine and would continue doing so it in the coming future too. We enjoy making this for you all.It is said that “A lot can happen over a cup of coffee”. We experienced this amazing moment over a cup of coffee when we had the idea of starting a hacking magazine and it now it has come all this way… :). 2 years looks small when we look back.For this incredible success we at ClubHack would like to thank all our readers, volunteers and authors for giving us such unbelievable support. As we want to keep up the growth and progress therefore we request you all to keep throwing in articles, suggestions, support and your love!

Technology
1 of 22
Download to read offline
Issue 25 – Feb 2012 | Page - 1
Issue 25 – Feb 2012 | Page - 2
Issue 25 – Feb 2012 | Page - 3 command prompt on his/her (attacker’s) Exploiting Remote machine. In this case of normal payload, the limitation for an attacker is that, once the System without session is expired or shell is terminated, attacker can’t execute commands in remote machine (victim computer).This white Being Online paper demonstrates new type of payload by using which attacker can execute command in remote machine (victim system) without actually directly connecting to victim Introduction machine and also fooling Antivirus, Firewalls etc. This paper demonstrates unique kind of communication technique between attacker machine and victim machine during the My Method exploitation of any victim system. Usually, while an attacker exploits the remote system In general scenario, if attacker gets remote and gets the remote command prompt command prompt and execute command in (remote shell), attacker is only able to the current session then there is direct execute commands till the session from the communication (connection) between remote machine is opened (established). attacker and victim machine. But by using While exploiting the system in a normal this paper’s mechanism we can prevent way, attacker and the victim system both direct communication (connection) between should be online, if attacker wants to attacker and victim. For this, we use an execute some commands in remote machine intermediate server (zombie) that should be (Victim Machine). This paper would up and running all the time (24x7). In our demonstrate how an attacker can attack a case, we use this zombie as an email service remote victim without being online like Gmail, Yahoo, msn etc. So the whole (attacker may or may be online AND victim system works as explained below. may or may not be online). Attacker infects remote system with an History Executable, which can be infected by one of During the exploitation of vulnerable the below mentioned methods: remote system (victim system) by an attacker, after vulnerability injection, 1. By autorun.inf attacker sends payload and gets remote 2. During Metasploit Exploitation
Issue 25 – Feb 2012 | Page - 4 3. Physical access of victim system Now once Executable is up and running in the remote machine (Victim Machine), when the victim connects to the internet then it first checks the instruction set in Gmail inbox by an attacker. Now let’s say if an attacker wants to execute command ‘ipconfig’ in remote machine (victim machine) then attacker has to send email with subject ‘ipconfig’ to his own email address . Because the username and password is already encrypted in the Executable file in the victim machine (remote machine ), and Attacker Proxy  Email Service as victim comes online , that executable file Victim automatically logs in your Gmail account and reads all command instructions which (Tor, Anonymizers) (Gmail, Yahoo, etc.) is loaded by attacker. (Proxy Case Scenario) It executes the commands of attacker’s choice and attaches these results to the Hands-on-Approach attacker’s Gmail account. Attackers simply have to download that attachment which Stage I contains command output from victim Let’s say you have infected remote system machine. So there is an email service with this exe and you want account info, (Gmail) between attacker and victim drive info and network info from the remote machine. That shows, attacker can execute machine (victim machine) then you have to command in victim system but there is no send email to your own account (note: direct connection between attacker and which is also listened and shared by injected victim machine, and if an attacker uses Tor exe in remote victim machine) with subject (The Onion Router Browser) or containing account_info, driveinfo, Anonymizers for accessing the Gmail networkinfo as shown in the figure on the account then attacker never can be caught next page. (no reverse traces). It is something like Attacker <->email service <->Victim <->. So life cycle will be as shown below:
Issue 25 – Feb 2012 | Page - 5 Anononymizer, VPNs or Any PROXY…. For accessing the attacking Gmail account. 2. No Antivirus can detect the Instruction data because all traffic would come from HTTPS And Antivirus Softwares and Network Intrusion Detection Software Detects simply an outbound connection with GMAIL...! 3. Only a single Gmail account is required. Attacker and victim machine both would be connected to Stage II the same account but the attacker knows, and the victim doesn’t!! Now once the email with appropriate subject is sent to your account, now it’s time Disadvantages for remote machine (victim machine) to be online and fetch the instruction given by Disadvantage is that, if the victim has a intruder (in this approach, “Attacker”). As habit of checking the current connections the victim system comes online, it executes using commands like ‘netstat –n’, then there appropriate commands of attacker’s need, is a possibility to detect Gmail connection redirect command output to .data file and when actually there is no browser activity. finally automatically attach this file to your But still it is difficult to detect because email account. Hence, by simply process is running in Hidden mode. downloading this file you will get all the cmd output in attached .data file as shown in below figure. Here in the above figure you can clearly see that, all required outputs are attached in your email address! Advantages 1. Advantages are that the attacker is never going to be caught if he/she is using the browser like TOR,
Issue 25 – Feb 2012 | Page - 6 Conclusion So by using above technique, attacker has to send commands as a subject to his/her own email address and then it is fetched and executed in victim machine by executable file running in victim machine. And results of that commands are sent back to the attacker’s email account as an attachment. So there is no need to be online for both attacker and victim. And Anti-viruses and Firewalls going to bypass using this technique because Av and Firewall notice that victim system connects to the Gmail Merchant Bhaumik (not actually connects to attacker machine backdoor.security@gmail.com for transferring data) and it uses HTTPS encryption of Gmail for transferring the Merchant Bhaumik helps local law- data (no chance of signature based detection enforcement as a Digital Forensics because of HTTPS), so they don’t find any Investigator and is a Student Of Maharaja threats for victim machine, so no security Sayaji Rao University (MSU) Vadodara. alarms! Bhaumik is the developer of “IND 360 Intrusion Detection System.
Issue 25 – Feb 2012 | Page - 7 Cain and Abel: The Basics of Address Resolution Black Art of ARP Protocol Assume two computers, Computer A and Poisoning Computer B are in a local area network connected by Ethernet cables and network switches. Computer A wants to send a Overview packet to Computer B. Computer A determines that Computer B's IP address is Cain and Abel is windows based password 192.168.0.5. recovery tool available as a freeware and In order to send the message, it also needs maintained by Massimiliano Montoro. It to know Computer B's MAC address. First, supports wide features to recover passwords Computer A uses a cached ARP table to look varying from Local Area Network to various up 192.168.0.5 for any existing records of routing protocols as well as provides Computer B's MAC address intelligent capability to recover cached (00:24:56:e2:ac:05). If the MAC address is passwords and encrypted passwords using found, it sends the IP packet on the link Dictionary, Brute-Force and Cryptanalysis layer to address (00:24:56:e2:ac:05).If the attacks. cache did not produce a result for It is a two part program where Cain is the 192.168.0.5, Computer A has to send a GUI of the program, and Abel is windows broadcast ARP message (destination service that provides a remote console on FF:FF:FF:FF:FF:FF) requesting an answer the target machine. for 192.168.0.5. Computer B responds with its MAC address An interesting feature of Cain & Abel is APR (00:24:56:e2:ac:05).Computer B may insert (ARP Poison Routing) which allows sniffing an entry for Computer A into its own ARP packets of various protocols on switched table for future use. The response LAN’s by hijacking IP traffic of multiple information is cached in Computer A's ARP hosts concurrently. It can also analyze table and the message can now be sent. encrypted protocols such as SSH-1and HTTPS.
Issue 25 – Feb 2012 | Page - 8 Working Steps: 1. To start ARP Spoofing, you need to activate the sniffing daemon and the APR daemon. You can do this by clicking on both the "Sniff" and "APR" buttons at the top of the window. 2. Next go to the sniffer tab and right click anywhere inside the tab. You should see a "Scan MAC addresses" option. Click it. How ARP Poisoning Works The attacker machine makes use of the stored ARP cache table to re-route or re- direct packets from a target, to an attacker machine, and then forward to the host, thus the attacker machine “sees” all traffic between target and host. First the target MAC address is established, and then the ARP Poison Routing feature “poisons” the cache of the target by forcing a cache update with the path re-routed so that the attacker machine forwards traffic to and from host 3. Select the IP range accordingly to and target. The attacker machine can also your local area network and click on observe packets with a sniffer such as “OK”. Wireshark. Now, I will discuss the steps to sniff password of remote computers in a Local Area Network. Requirements: 1. Download and install Cain & Abel from http://www.oxid.it/cain.html 2. Make sure WinPcap packet capture driver is installed properly. 3. Download and install Wireshark from http://www.wireshark.org/downloa d.html. 4. At least 3 hosts must be present in a network to place an attack.
Issue 25 – Feb 2012 | Page - 9 4. The Progress bar scans and list all This was a basic tutorial on how you can use the MAC address present on the Cain and Abel for ARP Poisoning. subnet. Happy Hacking  5. After the scan, click on the APR sub- tab at the bottom of the window. Himanshu Kumar Das Then click on the icon on the me.himansu@gmail.com top of the window to add host to attack. Himanshu Kumar Das is a 6. A following dialog box appears on passionate security admirer. the screen. Select the host you wish Himanshu, a do-it-yourself guy, is to attack. an electronic freak and imagines open source. 7. Wait for the victim host to enter his credentials. Click on the passwords sub-tab at the bottom of the window. There you can see all the captured passwords arranged in the group.
Issue 25 – Feb 2012 | Page - 10 Firewall 101 The basic characteristics of Firewalls Introduction include: Today we are exposed to innumerable threats online. Firewalls act as the first line Hardware Software Firewall of defense for securing our network against Firewall these threats. Firewall could be a program or a device or group of devices used to It’s a standalone It’s a software control the traffic flow. device installed on your computer The basic principle that Firewall uses to control this communication is ‘Access Complex Relatively easy to Rules’. It maintains an access rule table and configurations configure involved every time a packet comes in or goes out, Firewall refers to this table. It only allows Consumes physical Consumes CPU authorized traffic and blocks the unwanted space utilization packets. More secured than Less expensive than software firewalls hardware firewalls Firewalls are of 2 types: Mainly uses packet Mainly looks at o Hardware Firewalls. filtering application o Software Firewalls characteristics Mostly network based Mostly host based E.g.: Cisco ASA, E.g.: Symantec EF, SonicWall, etc Checkpoint FW-1 etc
Issue 25 – Feb 2012 | Page - 11 1. Traffic monitoring and reporting. IP: Source IP – 21.22.23.24 Destination IP – 2. Intrusion detection and prevention. 74.75.76.77 3. Packet or Protocol filtering based on user defined rules. Data-link: Source MAC – aa:aa:aa:aa:aa:aa 4. Incorporate VPN gateways (Enterprise Level Firewalls). Destination MAC – Router’s MAC 5. Load balancing & Failover (Enterprise Level Firewalls). Similarly when Google’s server responds to the request, your response packet will look like this: Understanding Firewall operation: Application: www.google.com Before we get in to how firewalls operate, let us understand the OSI layer and data flow TCP: Source Port –80 Destination Port – E.g.: When you type www.google.com this 27785 is what happens: IP: Source IP –74.75.76.77 Destination IP – 21.22.23.24 5: Application Layer. (Web browsers interacts with this) Data-link: Source MAC – Router’s MAC 4: TCP layer. (Contains Source & Destination MAC –aa:aa:aa:aa:aa:aa Destination Port Numbers) We see router’s MAC because router acts as 3: IP Layer. (Contains Source your gateway for interacting with the and Destination IP) external world. So to communicate with any system outside your network, your destination MAC will be that of your router. 2: Data-link Layer. (Contains There are several other things like sequence Source and Destination MAC) number etc, which are not mentioned to maintain the simplicity of the topic. 1: Physical Layer. (Physical Network Connectivity) Before we get in to how firewalls operate, let us understand the OSI layer and data flow E.g.: When you type www.google.com this is what happens: Example of details at each layer: Application: www.google.com TCP: Source Port – 27785 Destination Port – 80
Issue 25 – Feb 2012 | Page - 12 Firewalls can be categorized based on Provided below is an IP packet. their filtering capabilities: Packet Filtering Stateful Filtering • Looks at IP • Does regular address, Port Packet Filtering Numbers & • Maintains info Protocol Type on all existing • Does not pay connections so attention to only data from whether packet existing is a part of connection existing stream is connection allowed • Makes decision solely based on ACLs This is what packet filtering will focus on when looking at an IP Application header. To grant access or not will Filtering depend on the Access List table. • Possesses Deep Packet Inspection functionality • Works in a similar manner to IPS • Possesses ability to classify applications as well apart from packet and stateful filtering This is what packet filtering will focus on when looking at a TCP Packet Filtering: header. To grant access or not will depend on the Access List table. As per the table above we understand how packet filtering works. However a TCP/IP packet will provide a clear picture on how [Screenshot below is captured from packet filtering works Ethereal. It displays TCP & IP details]
Issue 25 – Feb 2012 | Page - 13 2. Cannot check the payload (data). Packet filtering will act in the following This makes application filtering manner: impossible. 1. Block or Accept IP addresses (e.g. A This gave rise to the need of Stateful subnet – 192.168.10.0 / 24) Filtering. 2. Block or accept a particular port (e.g. Port 23 or 445) 3. Block or accept a particular protocol Stateful Filtering: (e.g. TCP or UDP or ICMP) It records the state of all the existing connections i.e. data streams and stores it in Blocking a protocol is never recommended. the memory. Therefore the basis of E.g. if you block UDP, then you may end up dropping packets is the connection state. blocking DNS requests too. Following are the features of Stateful Overall this method of filtering proved to be Filtering: ineffective due to the following reasons: 1. It looks at the state table – Unlike 1. Cannot keep a track of state of packet filtering which has no track of existing connections (Stateless) connections, this method looks at
Issue 25 – Feb 2012 | Page - 14 the data stream and only packets Application Filtering: which are a part of the stream are This concept is similar to HIPS (Host based allowed. The rest are discarded. Intrusion Prevention System). Application is the top most layers of TCP/IP model (and 2. It clears entries from the state table even OSI model). Usually, anti-virus acts in once the TCP session closes or after at this layer. a few minutes to ensure that the table is clean and does not The mode of operation is looking for unnecessarily waste its memory information in the payload section of the header which other firewalls fail to do. Again, this is not the perfect solution. Fragmentation causes trouble to stateful The basis of blocking or allowing application filtering. depends on the following factors: 1. Cross check with existing database of Fragmentation was allowed to break large signatures packets in to small fragments for the routers 2. Look for abnormal behavior of a or firewalls that do not support large particular file type (size modification packets. or registry edits etc.) In short Application filtering is an intelligent technology that looks for abnormal information within the payload (data) and can block unwanted or suspicious data (application). This is a fragmented packet. Every These firewalls can prevent attacks like: fragmented packet has its own IP header  DNS buffer overflows and is not reassembled until all the  HTTP based web server attacks fragments arrive at the destination host.  Code hidden within SSL tunnels (https websites) and many more TCP or UDP is in the 0th fragment  E.g. You can allow access to (Fragment 1). So setting fragment number Facebook, but block games. to 1 instead of 0 will help packet bypass the Stateful Firewall. Some older firewalls used to filter only well-known port numbers i.e. the ones below 1024. One more drawback is that Trojan Horses can defeat these firewalls if they use NAT (Network Address Translation)
Issue 25 – Feb 2012 | Page - 15 This screenshot shows HTTP packet capture. HTTP works at application layer of TCP/IP model Application filtering in conjunction with lower layer protection is by far the best combination to safeguard your network. All the Enterprise class firewalls possess these capabilities. Sagar Dawda Sagard31@gmail.com Sagar Dawda is Network Security student. Sagar handles Sonicwall firewalls for the company he works for. Sagar's ultimate aim is to learn as much as he can about IT security and get in to Forensics (Network Forensics to start with). His dream is to join an intelligence agency and help them solve cases where computers/network was used a part of the crime.
Issue 25 – Feb 2012 | Page - 16 payment sites, online-auction sites, online- Liability of market places and cyber cafes;’. Liability of Intermediaries Intermediaries under Section 79 of the IT Act exempts the Information intermediaries from liability in certain Technology Act cases. The Section reads as – Sec. 79 Introduction 1. Notwithstanding anything contained in Recently Delhi high court has summoned any law for the time being in force but Google, Facebook and Twitter to remove subject to the provisions of sub- objectionable content from their website sections (2) and (3), an intermediary within the prescribed time period failing to shall not be liable for any third party which may result into blocking of the information, data, or communication websites in India. So the question which link made available or hosted by him. triggers is What is the liability of the 2. The provisions of sub-section (1) shall intermediaries like Google, Facebook and apply if— Twitter under Indian law? a) the function of the intermediary is limited to providing access to Who is an Intermediary? a communication system over “Intermediary” under Section 2(1) (w). It which information made reads as – available by third parties is transmitted or temporarily “intermediary”, with respect to any stored or hosted; or particular electronic records, means any b) the intermediary does not— person who on behalf of another person I. initiate the receives, stores or transmits that record or transmission, provides any service with respect to that II. select the receiver of the record and includes telecom service transmission, and providers, network service providers, III. select or modify the internet service providers, webhosting information contained service providers, search engines, online in the transmission;
Issue 25 – Feb 2012 | Page - 17 c) The intermediary observes due Information Technology (Intermediary diligence while discharging his guidelines) Rules, 2011 are introduced. They duties under this Act and also are applicable from 11th April, 2011. observes such other guidelines as the Central Government may Features of the rules are as follows prescribe in this behalf. 3. The provisions of sub-section (1) Observing Due Diligence - Rule 3 shall not apply if— Of the said rules has given circumstances a) the intermediary has conspired which if complied satisfies the criteria of or abetted or aided or induced, observing Due Diligence. It reads as – whether by threats or promise 1. The intermediary shall publish the or otherwise in the commission rules and regulations, privacy policy of the unlawful act; and user agreement for access-or b) upon receiving actual usage of the intermediary's knowledge, or on being notified computer resource by any person. by the appropriate Government 2. Such rules and regulations, terms or its agency that any and conditions or user agreement information, data or shall inform the users of computer communication link residing in resource not to host, display, upload, or connected to a computer modify, publish, transmit, update or resource controlled by the share any information that — intermediary is being used to a) belongs to another person and commit the unlawful act, the to which the user does not have intermediary fails to any right to; expeditiously remove or disable b) is grossly harmful, harassing, access to that material on that blasphemous defamatory, resource without vitiating the obscene, pornographic, evidence in any manner. pedophilic, libelous, invasive of Explanation another's privacy, hateful, or racially, ethnically For the purposes of this section, the objectionable, disparaging, expression “third party information” means relating or encouraging money any information dealt with by an laundering or gambling, or intermediary in his capacity as an otherwise unlawful in any intermediary. manner whatever; c) harm minors in any way; This provision arises two questions – d) infringes any patent, trademark, copyright or other proprietary  What is the meaning of “observing rights; due diligence”? e) violates any law for the time  What is the time frame to remove being in force; objectionable material from f) deceives or misleads the resource? addressee about the origin of such messages or communicates To address these and other issues the any information which is
Issue 25 – Feb 2012 | Page - 18 grossly offensive or menacing in procedures and sensitive personal nature; Information) Rules, 2011. g) impersonate another person;  The intermediary shall publish on its h) contains software viruses or any website the name of the Grievance other computer code, files or Officer and his contact details as well programs designed to interrupt, as mechanism by which users or any destroy or limit the victim who suffers as a result of functionality of any computer access or usage of computer resource resource; by any person in violation of rules i) threatens the unity, integrity, can notify their complaints against defense, security or sovereignty such access or usage of computer of India, friendly relations with resource of the intermediary or other foreign states, or public order or matters pertaining to the computer causes incitement to the resources made available by it. The commission of any cognizable Grievance Officer shall redress the offence or prevents complaints within one month from investigation of any offence or is the date of receipt of complaint. insulting any other nation Note: -  The intermediary, on whose These are just features of the rules; full copy computer system the information is of the rules is available at: stored or hosted or published, upon http://mit.gov.in/content/cyber-laws obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any objectionable information as mentioned above, shall act within thirty six hours and where applicable, work with user or owner of such information to disable such information that is in contravention.  Further the intermediary shall Sagar Rahurkar preserve such information and contact@sagarrahurkar.com associated records for at least ninety Sagar Rahurkar is a Law graduate. He is a days for investigation purposes. techno-legal consultant and a Senior Faculty  The intermediary shall take all at Asian School of Cyber Laws. Sagar reasonable measures to secure its specializes in Cyber Law, Cyber Crime computer resource and information Investigation, Computer Forensics and contained therein following the Intellectual Property Laws. Sagar teaches reasonable security practices and and provides consultancy to corporates, law procedures as prescribed in the enforcement agencies and education institutes across India. Information Technology (Reasonable security practices and
Issue 25 – Feb 2012 | Page - 19 dictionaries directory found at Introduction to /pt/webscanners/skipfish/diction aries/ (to put it simple copy a file from Skipfish dictionaries/ to the directory of skipfish into skipfish.wl). Skipfish is an active web application Start skipfish from Arsenal or move to security reconnaissance tool written and directory /pt/webscanners/skipfish/ maintained by Michal Zalewski (@lcamtuf). and run ./skipfish –h for help. Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under Arsenal Framework  Skipfish Why Skipfish? Skipfish fast and easy to implement can perform a robust scan of any website providing a lot of security tests, like php injection, XSS, format string vulnerabilities, overflow vulnerabilities, file inclusions and lot more categorized into high risk, medium risk and low risk issues. Skipfish also provides A simple way to perform a scan is by using summary overviews of document types and the following command:- issue types found; and an interactive sitemap, with nodes discovered through ./skipfish –o /home/matriux/path brute-force denoted in a distinctive way. http://www.example.com/ Getting started You can replace /home/matriux/path with other desired locations you want. Before starting skipfish make sure you provide a skipfish.wl wordlist file from the
Issue 25 – Feb 2012 | Page - 20 In certain cases where the certain URLs may logout your session where you can use commands like :- $ ./skipfish -X /logout/logout.aspx ... other parameters... There are also other options with HTTP cookies, authentication which you can find in the skipfish doc or the README file present in the installation directory. Overall skipfish is a very light tool for web scanning and security testing, which provides a lot of features and scan options in a faster way. After the successful scan a report is References generated and stored in the output directory you specified, open the index.html in a http://code.google.com/p/skipfish/wiki/Ski browser to view the report generated. pfishDoc Following is how a sample report looks like. Happy Hacking  Team Matriux http://matriux.com/
Issue 25 – Feb 2012 | Page - 21 Testimonials “The effort, organization and teamwork of professionals has made the best Indian Hacking Magazine named: ClubHACK Here are few testimonials from experts, Magazine. Woldwide recognized with large contributors and readers. assorted content, following an attractive subject for the reader. It is a pleasure work “Club Hack is a journal which is in a league with the talented guys behind ClubHACK of its own... Started in 2010 by a handful of and share knowledge with everyone. For committed members of the ethical hacker many more Editions and Keeping Rocking!” community, it has grown to be a mature publication with in-depth analysis on the - Maximiliano Soler most useful subjects which are of interest to Security Researcher & Enthusiast domain professionals. It has a great range in coverage too - from hard core coding to “Over the years, ClubHack Magazine has cyber law.” been doing phenomenal job in spreading security awareness, with the young guns - Lt. Col (Retd) Deepak Rout behind the screen pulling complex chords to India Privacy Lead, Microsoft Corp a melodic song. On this occasion of 2nd birthday, we heartily congratulate entire "For colleagues and information security team and hope that they continue to researchers around the world, ClubHack illuminate the world with a greater light in magazine is the face of the growing the coming days.” information security and hacking community in India and the place to be - Nagareshwar Talekar familiar with other professionals in India. Founder and Independent Security For Indian readers this is the entry point Consultant at SecurityXploded and door to get into the information security field and hacking scene". - Elad Shapira Security Researcher, Developer & Reverse Engineer “Long live the CHMag magazine!! :) I really love this mag and the team which works on this.” - Samvel Gevorgyan, Managing Director, CYBER GATES
Issue 25 – Feb 2012 | Page - 22

Recommended

Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivolilith333
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
Malware Analysis - Keystroke logging
Malware Analysis - Keystroke loggingMalware Analysis - Keystroke logging
Malware Analysis - Keystroke loggingAndrea Bissoli
 
Local File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code ExecutionLocal File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code Executionn|u - The Open Security Community
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)ClubHack
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
 
How to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethHow to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D
 

Recommended

Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivolilith333
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
Malware Analysis - Keystroke logging
Malware Analysis - Keystroke loggingMalware Analysis - Keystroke logging
Malware Analysis - Keystroke loggingAndrea Bissoli
 
Local File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code ExecutionLocal File Inclusion to Remote Code Execution
Local File Inclusion to Remote Code Executionn|u - The Open Security Community
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)ClubHack
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
 
How to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethHow to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth
How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D
 
Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Shubham Gupta
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - BeginnersHimanshu Kumar Das
 
Bug Bounty 101
Bug Bounty 101Bug Bounty 101
Bug Bounty 101Shahee Mirza
 
Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016bugcrowd
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHydn|u - The Open Security Community
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Seminar project(computer virus)
Seminar project(computer virus)Seminar project(computer virus)
Seminar project(computer virus)cdebraj16101991
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Apurv Singh Gautam
 
It act seminar
It act seminarIt act seminar
It act seminarAkshay Sharma
 
Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4dodontn
 
Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16Mehedi Hasan
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethicsArgie242424
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingaashish2cool4u
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
It ppt new
It ppt newIt ppt new
It ppt newchrispaul8676
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Computer Virus
Computer VirusComputer Virus
Computer VirusDebraj Chatterjee
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber securityBansari Shah
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar reportNamanKikani
 

More Related Content

Viewers also liked

Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Shubham Gupta
 
Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016bugcrowd
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 

Viewers also liked (7)

Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016Bug Bounty #Defconlucknow2016
Bug Bounty #Defconlucknow2016
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - Beginners
 
Bug Bounty 101
Bug Bounty 101Bug Bounty 101
Bug Bounty 101
 
Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHyd
 

Similar to Clubhack Magazine Issue February 2012

Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Seminar project(computer virus)
Seminar project(computer virus)Seminar project(computer virus)
Seminar project(computer virus)cdebraj16101991
 
Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4dodontn
 
Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16Mehedi Hasan
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethicsArgie242424
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber securityBansari Shah
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar reportNamanKikani
 
Describe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxDescribe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxearleanp
 

Similar to Clubhack Magazine Issue February 2012 (20)

Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Seminar project(computer virus)
Seminar project(computer virus)Seminar project(computer virus)
Seminar project(computer virus)
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
It act seminar
It act seminarIt act seminar
It act seminar
 
Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4
 
Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16Cyber Security and Ethical hacking 16
Cyber Security and Ethical hacking 16
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
It ppt new
It ppt newIt ppt new
It ppt new
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
 
Computer Virus
Computer VirusComputer Virus
Computer Virus
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar report
 
Mitppt
MitpptMitppt
Mitppt
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Information security
Information securityInformation security
Information security
 
Trojan
TrojanTrojan
Trojan
 
Describe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docxDescribe three of the following attack types in the Operation Security.docx
Describe three of the following attack types in the Operation Security.docx
 

More from ClubHack

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014ClubHack
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreClubHack
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatClubHack
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleClubHack
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...ClubHack
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanClubHack
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyClubHack
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaClubHack
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiClubHack
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack
 
One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)ClubHack
 

More from ClubHack (20)

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber Insurance
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threat
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep Kamble
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas Kurian
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara Agrawal
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan Joshi
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011
 
One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)One link Facebook (Anand Pandey)
One link Facebook (Anand Pandey)
 

Recently uploaded

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Clubhack Magazine Issue February 2012

  • 1. Issue 25 – Feb 2012 | Page - 1
  • 2. Issue 25 – Feb 2012 | Page - 2
  • 3. Issue 25 – Feb 2012 | Page - 3 command prompt on his/her (attacker’s) Exploiting Remote machine. In this case of normal payload, the limitation for an attacker is that, once the System without session is expired or shell is terminated, attacker can’t execute commands in remote machine (victim computer).This white Being Online paper demonstrates new type of payload by using which attacker can execute command in remote machine (victim system) without actually directly connecting to victim Introduction machine and also fooling Antivirus, Firewalls etc. This paper demonstrates unique kind of communication technique between attacker machine and victim machine during the My Method exploitation of any victim system. Usually, while an attacker exploits the remote system In general scenario, if attacker gets remote and gets the remote command prompt command prompt and execute command in (remote shell), attacker is only able to the current session then there is direct execute commands till the session from the communication (connection) between remote machine is opened (established). attacker and victim machine. But by using While exploiting the system in a normal this paper’s mechanism we can prevent way, attacker and the victim system both direct communication (connection) between should be online, if attacker wants to attacker and victim. For this, we use an execute some commands in remote machine intermediate server (zombie) that should be (Victim Machine). This paper would up and running all the time (24x7). In our demonstrate how an attacker can attack a case, we use this zombie as an email service remote victim without being online like Gmail, Yahoo, msn etc. So the whole (attacker may or may be online AND victim system works as explained below. may or may not be online). Attacker infects remote system with an History Executable, which can be infected by one of During the exploitation of vulnerable the below mentioned methods: remote system (victim system) by an attacker, after vulnerability injection, 1. By autorun.inf attacker sends payload and gets remote 2. During Metasploit Exploitation
  • 4. Issue 25 – Feb 2012 | Page - 4 3. Physical access of victim system Now once Executable is up and running in the remote machine (Victim Machine), when the victim connects to the internet then it first checks the instruction set in Gmail inbox by an attacker. Now let’s say if an attacker wants to execute command ‘ipconfig’ in remote machine (victim machine) then attacker has to send email with subject ‘ipconfig’ to his own email address . Because the username and password is already encrypted in the Executable file in the victim machine (remote machine ), and Attacker Proxy  Email Service as victim comes online , that executable file Victim automatically logs in your Gmail account and reads all command instructions which (Tor, Anonymizers) (Gmail, Yahoo, etc.) is loaded by attacker. (Proxy Case Scenario) It executes the commands of attacker’s choice and attaches these results to the Hands-on-Approach attacker’s Gmail account. Attackers simply have to download that attachment which Stage I contains command output from victim Let’s say you have infected remote system machine. So there is an email service with this exe and you want account info, (Gmail) between attacker and victim drive info and network info from the remote machine. That shows, attacker can execute machine (victim machine) then you have to command in victim system but there is no send email to your own account (note: direct connection between attacker and which is also listened and shared by injected victim machine, and if an attacker uses Tor exe in remote victim machine) with subject (The Onion Router Browser) or containing account_info, driveinfo, Anonymizers for accessing the Gmail networkinfo as shown in the figure on the account then attacker never can be caught next page. (no reverse traces). It is something like Attacker <->email service <->Victim <->. So life cycle will be as shown below:
  • 5. Issue 25 – Feb 2012 | Page - 5 Anononymizer, VPNs or Any PROXY…. For accessing the attacking Gmail account. 2. No Antivirus can detect the Instruction data because all traffic would come from HTTPS And Antivirus Softwares and Network Intrusion Detection Software Detects simply an outbound connection with GMAIL...! 3. Only a single Gmail account is required. Attacker and victim machine both would be connected to Stage II the same account but the attacker knows, and the victim doesn’t!! Now once the email with appropriate subject is sent to your account, now it’s time Disadvantages for remote machine (victim machine) to be online and fetch the instruction given by Disadvantage is that, if the victim has a intruder (in this approach, “Attacker”). As habit of checking the current connections the victim system comes online, it executes using commands like ‘netstat –n’, then there appropriate commands of attacker’s need, is a possibility to detect Gmail connection redirect command output to .data file and when actually there is no browser activity. finally automatically attach this file to your But still it is difficult to detect because email account. Hence, by simply process is running in Hidden mode. downloading this file you will get all the cmd output in attached .data file as shown in below figure. Here in the above figure you can clearly see that, all required outputs are attached in your email address! Advantages 1. Advantages are that the attacker is never going to be caught if he/she is using the browser like TOR,
  • 6. Issue 25 – Feb 2012 | Page - 6 Conclusion So by using above technique, attacker has to send commands as a subject to his/her own email address and then it is fetched and executed in victim machine by executable file running in victim machine. And results of that commands are sent back to the attacker’s email account as an attachment. So there is no need to be online for both attacker and victim. And Anti-viruses and Firewalls going to bypass using this technique because Av and Firewall notice that victim system connects to the Gmail Merchant Bhaumik (not actually connects to attacker machine backdoor.security@gmail.com for transferring data) and it uses HTTPS encryption of Gmail for transferring the Merchant Bhaumik helps local law- data (no chance of signature based detection enforcement as a Digital Forensics because of HTTPS), so they don’t find any Investigator and is a Student Of Maharaja threats for victim machine, so no security Sayaji Rao University (MSU) Vadodara. alarms! Bhaumik is the developer of “IND 360 Intrusion Detection System.
  • 7. Issue 25 – Feb 2012 | Page - 7 Cain and Abel: The Basics of Address Resolution Black Art of ARP Protocol Assume two computers, Computer A and Poisoning Computer B are in a local area network connected by Ethernet cables and network switches. Computer A wants to send a Overview packet to Computer B. Computer A determines that Computer B's IP address is Cain and Abel is windows based password 192.168.0.5. recovery tool available as a freeware and In order to send the message, it also needs maintained by Massimiliano Montoro. It to know Computer B's MAC address. First, supports wide features to recover passwords Computer A uses a cached ARP table to look varying from Local Area Network to various up 192.168.0.5 for any existing records of routing protocols as well as provides Computer B's MAC address intelligent capability to recover cached (00:24:56:e2:ac:05). If the MAC address is passwords and encrypted passwords using found, it sends the IP packet on the link Dictionary, Brute-Force and Cryptanalysis layer to address (00:24:56:e2:ac:05).If the attacks. cache did not produce a result for It is a two part program where Cain is the 192.168.0.5, Computer A has to send a GUI of the program, and Abel is windows broadcast ARP message (destination service that provides a remote console on FF:FF:FF:FF:FF:FF) requesting an answer the target machine. for 192.168.0.5. Computer B responds with its MAC address An interesting feature of Cain & Abel is APR (00:24:56:e2:ac:05).Computer B may insert (ARP Poison Routing) which allows sniffing an entry for Computer A into its own ARP packets of various protocols on switched table for future use. The response LAN’s by hijacking IP traffic of multiple information is cached in Computer A's ARP hosts concurrently. It can also analyze table and the message can now be sent. encrypted protocols such as SSH-1and HTTPS.
  • 8. Issue 25 – Feb 2012 | Page - 8 Working Steps: 1. To start ARP Spoofing, you need to activate the sniffing daemon and the APR daemon. You can do this by clicking on both the "Sniff" and "APR" buttons at the top of the window. 2. Next go to the sniffer tab and right click anywhere inside the tab. You should see a "Scan MAC addresses" option. Click it. How ARP Poisoning Works The attacker machine makes use of the stored ARP cache table to re-route or re- direct packets from a target, to an attacker machine, and then forward to the host, thus the attacker machine “sees” all traffic between target and host. First the target MAC address is established, and then the ARP Poison Routing feature “poisons” the cache of the target by forcing a cache update with the path re-routed so that the attacker machine forwards traffic to and from host 3. Select the IP range accordingly to and target. The attacker machine can also your local area network and click on observe packets with a sniffer such as “OK”. Wireshark. Now, I will discuss the steps to sniff password of remote computers in a Local Area Network. Requirements: 1. Download and install Cain & Abel from http://www.oxid.it/cain.html 2. Make sure WinPcap packet capture driver is installed properly. 3. Download and install Wireshark from http://www.wireshark.org/downloa d.html. 4. At least 3 hosts must be present in a network to place an attack.
  • 9. Issue 25 – Feb 2012 | Page - 9 4. The Progress bar scans and list all This was a basic tutorial on how you can use the MAC address present on the Cain and Abel for ARP Poisoning. subnet. Happy Hacking  5. After the scan, click on the APR sub- tab at the bottom of the window. Himanshu Kumar Das Then click on the icon on the me.himansu@gmail.com top of the window to add host to attack. Himanshu Kumar Das is a 6. A following dialog box appears on passionate security admirer. the screen. Select the host you wish Himanshu, a do-it-yourself guy, is to attack. an electronic freak and imagines open source. 7. Wait for the victim host to enter his credentials. Click on the passwords sub-tab at the bottom of the window. There you can see all the captured passwords arranged in the group.
  • 10. Issue 25 – Feb 2012 | Page - 10 Firewall 101 The basic characteristics of Firewalls Introduction include: Today we are exposed to innumerable threats online. Firewalls act as the first line Hardware Software Firewall of defense for securing our network against Firewall these threats. Firewall could be a program or a device or group of devices used to It’s a standalone It’s a software control the traffic flow. device installed on your computer The basic principle that Firewall uses to control this communication is ‘Access Complex Relatively easy to Rules’. It maintains an access rule table and configurations configure involved every time a packet comes in or goes out, Firewall refers to this table. It only allows Consumes physical Consumes CPU authorized traffic and blocks the unwanted space utilization packets. More secured than Less expensive than software firewalls hardware firewalls Firewalls are of 2 types: Mainly uses packet Mainly looks at o Hardware Firewalls. filtering application o Software Firewalls characteristics Mostly network based Mostly host based E.g.: Cisco ASA, E.g.: Symantec EF, SonicWall, etc Checkpoint FW-1 etc
  • 11. Issue 25 – Feb 2012 | Page - 11 1. Traffic monitoring and reporting. IP: Source IP – 21.22.23.24 Destination IP – 2. Intrusion detection and prevention. 74.75.76.77 3. Packet or Protocol filtering based on user defined rules. Data-link: Source MAC – aa:aa:aa:aa:aa:aa 4. Incorporate VPN gateways (Enterprise Level Firewalls). Destination MAC – Router’s MAC 5. Load balancing & Failover (Enterprise Level Firewalls). Similarly when Google’s server responds to the request, your response packet will look like this: Understanding Firewall operation: Application: www.google.com Before we get in to how firewalls operate, let us understand the OSI layer and data flow TCP: Source Port –80 Destination Port – E.g.: When you type www.google.com this 27785 is what happens: IP: Source IP –74.75.76.77 Destination IP – 21.22.23.24 5: Application Layer. (Web browsers interacts with this) Data-link: Source MAC – Router’s MAC 4: TCP layer. (Contains Source & Destination MAC –aa:aa:aa:aa:aa:aa Destination Port Numbers) We see router’s MAC because router acts as 3: IP Layer. (Contains Source your gateway for interacting with the and Destination IP) external world. So to communicate with any system outside your network, your destination MAC will be that of your router. 2: Data-link Layer. (Contains There are several other things like sequence Source and Destination MAC) number etc, which are not mentioned to maintain the simplicity of the topic. 1: Physical Layer. (Physical Network Connectivity) Before we get in to how firewalls operate, let us understand the OSI layer and data flow E.g.: When you type www.google.com this is what happens: Example of details at each layer: Application: www.google.com TCP: Source Port – 27785 Destination Port – 80
  • 12. Issue 25 – Feb 2012 | Page - 12 Firewalls can be categorized based on Provided below is an IP packet. their filtering capabilities: Packet Filtering Stateful Filtering • Looks at IP • Does regular address, Port Packet Filtering Numbers & • Maintains info Protocol Type on all existing • Does not pay connections so attention to only data from whether packet existing is a part of connection existing stream is connection allowed • Makes decision solely based on ACLs This is what packet filtering will focus on when looking at an IP Application header. To grant access or not will Filtering depend on the Access List table. • Possesses Deep Packet Inspection functionality • Works in a similar manner to IPS • Possesses ability to classify applications as well apart from packet and stateful filtering This is what packet filtering will focus on when looking at a TCP Packet Filtering: header. To grant access or not will depend on the Access List table. As per the table above we understand how packet filtering works. However a TCP/IP packet will provide a clear picture on how [Screenshot below is captured from packet filtering works Ethereal. It displays TCP & IP details]
  • 13. Issue 25 – Feb 2012 | Page - 13 2. Cannot check the payload (data). Packet filtering will act in the following This makes application filtering manner: impossible. 1. Block or Accept IP addresses (e.g. A This gave rise to the need of Stateful subnet – 192.168.10.0 / 24) Filtering. 2. Block or accept a particular port (e.g. Port 23 or 445) 3. Block or accept a particular protocol Stateful Filtering: (e.g. TCP or UDP or ICMP) It records the state of all the existing connections i.e. data streams and stores it in Blocking a protocol is never recommended. the memory. Therefore the basis of E.g. if you block UDP, then you may end up dropping packets is the connection state. blocking DNS requests too. Following are the features of Stateful Overall this method of filtering proved to be Filtering: ineffective due to the following reasons: 1. It looks at the state table – Unlike 1. Cannot keep a track of state of packet filtering which has no track of existing connections (Stateless) connections, this method looks at
  • 14. Issue 25 – Feb 2012 | Page - 14 the data stream and only packets Application Filtering: which are a part of the stream are This concept is similar to HIPS (Host based allowed. The rest are discarded. Intrusion Prevention System). Application is the top most layers of TCP/IP model (and 2. It clears entries from the state table even OSI model). Usually, anti-virus acts in once the TCP session closes or after at this layer. a few minutes to ensure that the table is clean and does not The mode of operation is looking for unnecessarily waste its memory information in the payload section of the header which other firewalls fail to do. Again, this is not the perfect solution. Fragmentation causes trouble to stateful The basis of blocking or allowing application filtering. depends on the following factors: 1. Cross check with existing database of Fragmentation was allowed to break large signatures packets in to small fragments for the routers 2. Look for abnormal behavior of a or firewalls that do not support large particular file type (size modification packets. or registry edits etc.) In short Application filtering is an intelligent technology that looks for abnormal information within the payload (data) and can block unwanted or suspicious data (application). This is a fragmented packet. Every These firewalls can prevent attacks like: fragmented packet has its own IP header  DNS buffer overflows and is not reassembled until all the  HTTP based web server attacks fragments arrive at the destination host.  Code hidden within SSL tunnels (https websites) and many more TCP or UDP is in the 0th fragment  E.g. You can allow access to (Fragment 1). So setting fragment number Facebook, but block games. to 1 instead of 0 will help packet bypass the Stateful Firewall. Some older firewalls used to filter only well-known port numbers i.e. the ones below 1024. One more drawback is that Trojan Horses can defeat these firewalls if they use NAT (Network Address Translation)
  • 15. Issue 25 – Feb 2012 | Page - 15 This screenshot shows HTTP packet capture. HTTP works at application layer of TCP/IP model Application filtering in conjunction with lower layer protection is by far the best combination to safeguard your network. All the Enterprise class firewalls possess these capabilities. Sagar Dawda Sagard31@gmail.com Sagar Dawda is Network Security student. Sagar handles Sonicwall firewalls for the company he works for. Sagar's ultimate aim is to learn as much as he can about IT security and get in to Forensics (Network Forensics to start with). His dream is to join an intelligence agency and help them solve cases where computers/network was used a part of the crime.
  • 16. Issue 25 – Feb 2012 | Page - 16 payment sites, online-auction sites, online- Liability of market places and cyber cafes;’. Liability of Intermediaries Intermediaries under Section 79 of the IT Act exempts the Information intermediaries from liability in certain Technology Act cases. The Section reads as – Sec. 79 Introduction 1. Notwithstanding anything contained in Recently Delhi high court has summoned any law for the time being in force but Google, Facebook and Twitter to remove subject to the provisions of sub- objectionable content from their website sections (2) and (3), an intermediary within the prescribed time period failing to shall not be liable for any third party which may result into blocking of the information, data, or communication websites in India. So the question which link made available or hosted by him. triggers is What is the liability of the 2. The provisions of sub-section (1) shall intermediaries like Google, Facebook and apply if— Twitter under Indian law? a) the function of the intermediary is limited to providing access to Who is an Intermediary? a communication system over “Intermediary” under Section 2(1) (w). It which information made reads as – available by third parties is transmitted or temporarily “intermediary”, with respect to any stored or hosted; or particular electronic records, means any b) the intermediary does not— person who on behalf of another person I. initiate the receives, stores or transmits that record or transmission, provides any service with respect to that II. select the receiver of the record and includes telecom service transmission, and providers, network service providers, III. select or modify the internet service providers, webhosting information contained service providers, search engines, online in the transmission;
  • 17. Issue 25 – Feb 2012 | Page - 17 c) The intermediary observes due Information Technology (Intermediary diligence while discharging his guidelines) Rules, 2011 are introduced. They duties under this Act and also are applicable from 11th April, 2011. observes such other guidelines as the Central Government may Features of the rules are as follows prescribe in this behalf. 3. The provisions of sub-section (1) Observing Due Diligence - Rule 3 shall not apply if— Of the said rules has given circumstances a) the intermediary has conspired which if complied satisfies the criteria of or abetted or aided or induced, observing Due Diligence. It reads as – whether by threats or promise 1. The intermediary shall publish the or otherwise in the commission rules and regulations, privacy policy of the unlawful act; and user agreement for access-or b) upon receiving actual usage of the intermediary's knowledge, or on being notified computer resource by any person. by the appropriate Government 2. Such rules and regulations, terms or its agency that any and conditions or user agreement information, data or shall inform the users of computer communication link residing in resource not to host, display, upload, or connected to a computer modify, publish, transmit, update or resource controlled by the share any information that — intermediary is being used to a) belongs to another person and commit the unlawful act, the to which the user does not have intermediary fails to any right to; expeditiously remove or disable b) is grossly harmful, harassing, access to that material on that blasphemous defamatory, resource without vitiating the obscene, pornographic, evidence in any manner. pedophilic, libelous, invasive of Explanation another's privacy, hateful, or racially, ethnically For the purposes of this section, the objectionable, disparaging, expression “third party information” means relating or encouraging money any information dealt with by an laundering or gambling, or intermediary in his capacity as an otherwise unlawful in any intermediary. manner whatever; c) harm minors in any way; This provision arises two questions – d) infringes any patent, trademark, copyright or other proprietary  What is the meaning of “observing rights; due diligence”? e) violates any law for the time  What is the time frame to remove being in force; objectionable material from f) deceives or misleads the resource? addressee about the origin of such messages or communicates To address these and other issues the any information which is
  • 18. Issue 25 – Feb 2012 | Page - 18 grossly offensive or menacing in procedures and sensitive personal nature; Information) Rules, 2011. g) impersonate another person;  The intermediary shall publish on its h) contains software viruses or any website the name of the Grievance other computer code, files or Officer and his contact details as well programs designed to interrupt, as mechanism by which users or any destroy or limit the victim who suffers as a result of functionality of any computer access or usage of computer resource resource; by any person in violation of rules i) threatens the unity, integrity, can notify their complaints against defense, security or sovereignty such access or usage of computer of India, friendly relations with resource of the intermediary or other foreign states, or public order or matters pertaining to the computer causes incitement to the resources made available by it. The commission of any cognizable Grievance Officer shall redress the offence or prevents complaints within one month from investigation of any offence or is the date of receipt of complaint. insulting any other nation Note: -  The intermediary, on whose These are just features of the rules; full copy computer system the information is of the rules is available at: stored or hosted or published, upon http://mit.gov.in/content/cyber-laws obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any objectionable information as mentioned above, shall act within thirty six hours and where applicable, work with user or owner of such information to disable such information that is in contravention.  Further the intermediary shall Sagar Rahurkar preserve such information and contact@sagarrahurkar.com associated records for at least ninety Sagar Rahurkar is a Law graduate. He is a days for investigation purposes. techno-legal consultant and a Senior Faculty  The intermediary shall take all at Asian School of Cyber Laws. Sagar reasonable measures to secure its specializes in Cyber Law, Cyber Crime computer resource and information Investigation, Computer Forensics and contained therein following the Intellectual Property Laws. Sagar teaches reasonable security practices and and provides consultancy to corporates, law procedures as prescribed in the enforcement agencies and education institutes across India. Information Technology (Reasonable security practices and
  • 19. Issue 25 – Feb 2012 | Page - 19 dictionaries directory found at Introduction to /pt/webscanners/skipfish/diction aries/ (to put it simple copy a file from Skipfish dictionaries/ to the directory of skipfish into skipfish.wl). Skipfish is an active web application Start skipfish from Arsenal or move to security reconnaissance tool written and directory /pt/webscanners/skipfish/ maintained by Michal Zalewski (@lcamtuf). and run ./skipfish –h for help. Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under Arsenal Framework  Skipfish Why Skipfish? Skipfish fast and easy to implement can perform a robust scan of any website providing a lot of security tests, like php injection, XSS, format string vulnerabilities, overflow vulnerabilities, file inclusions and lot more categorized into high risk, medium risk and low risk issues. Skipfish also provides A simple way to perform a scan is by using summary overviews of document types and the following command:- issue types found; and an interactive sitemap, with nodes discovered through ./skipfish –o /home/matriux/path brute-force denoted in a distinctive way. http://www.example.com/ Getting started You can replace /home/matriux/path with other desired locations you want. Before starting skipfish make sure you provide a skipfish.wl wordlist file from the
  • 20. Issue 25 – Feb 2012 | Page - 20 In certain cases where the certain URLs may logout your session where you can use commands like :- $ ./skipfish -X /logout/logout.aspx ... other parameters... There are also other options with HTTP cookies, authentication which you can find in the skipfish doc or the README file present in the installation directory. Overall skipfish is a very light tool for web scanning and security testing, which provides a lot of features and scan options in a faster way. After the successful scan a report is References generated and stored in the output directory you specified, open the index.html in a http://code.google.com/p/skipfish/wiki/Ski browser to view the report generated. pfishDoc Following is how a sample report looks like. Happy Hacking  Team Matriux http://matriux.com/
  • 21. Issue 25 – Feb 2012 | Page - 21 Testimonials “The effort, organization and teamwork of professionals has made the best Indian Hacking Magazine named: ClubHACK Here are few testimonials from experts, Magazine. Woldwide recognized with large contributors and readers. assorted content, following an attractive subject for the reader. It is a pleasure work “Club Hack is a journal which is in a league with the talented guys behind ClubHACK of its own... Started in 2010 by a handful of and share knowledge with everyone. For committed members of the ethical hacker many more Editions and Keeping Rocking!” community, it has grown to be a mature publication with in-depth analysis on the - Maximiliano Soler most useful subjects which are of interest to Security Researcher & Enthusiast domain professionals. It has a great range in coverage too - from hard core coding to “Over the years, ClubHack Magazine has cyber law.” been doing phenomenal job in spreading security awareness, with the young guns - Lt. Col (Retd) Deepak Rout behind the screen pulling complex chords to India Privacy Lead, Microsoft Corp a melodic song. On this occasion of 2nd birthday, we heartily congratulate entire "For colleagues and information security team and hope that they continue to researchers around the world, ClubHack illuminate the world with a greater light in magazine is the face of the growing the coming days.” information security and hacking community in India and the place to be - Nagareshwar Talekar familiar with other professionals in India. Founder and Independent Security For Indian readers this is the entry point Consultant at SecurityXploded and door to get into the information security field and hacking scene". - Elad Shapira Security Researcher, Developer & Reverse Engineer “Long live the CHMag magazine!! :) I really love this mag and the team which works on this.” - Samvel Gevorgyan, Managing Director, CYBER GATES
  • 22. Issue 25 – Feb 2012 | Page - 22