Posts

Showing posts from 2018

Cracking Zip Password Files

What is FZC?  FZC is a program that cracks zip files (zip is a method of compressing multiple files into one smaller file) that are password-protected. You can get it on http://www.zip-password-recovery.com/
FZC uses multiple methods of cracking - bruteforce (guessing passwords systematically until the program gets it) or wordlist attacks (otherwise known as dictionary attacks. Instead of just guessing passwords systematically, the program takes passwords out of a "wordlist", which is a text file that contains possible passwords).
FZC can be used in order to achieve two different goals: you can either use it to recover a lost zip password which you used to remember but somehow forgot, or to crack zip passwords which you're not supposed to have. So like every tool, this one can be used for good and for evil.
You are also going to see the phrase "check name.txt" often in this text. These files should be in FZC's directory. They contain more information about…

How does Linux boot?

How does Linux boot?
As it turns out, there isn't much to the boot process:


 A boot loader finds the kernel image on the disk, loads it into memory, and starts it. The kernel initializes the devices and its drivers. The kernel mounts the root file system.The kernel starts a program called init.init sets the rest of the processes in motion.The last processes that init starts as part of the boot sequence allow you to log in.

Identifying each stage of the boot process is invaluable in fixing boot problems and understanding the system as a whole. To start, zero in on the boot loader, which is the initial screen or prompt you get after the computer does its power-on self-test, asking which operating system to run. After you make a choice, the boot loader runs the Linux kernel, handing control of the system to the kernel.

This blog covers the kernel initialization stage, the stage when the kernel prints a bunch of messages about the hardware present on the system. The kernel starts init …

What Is IP Address And How It Works

Image
IP AddressNo doubt you've heard the term "IP address." Unless you're a techie, though, you may not have more than a shadowy notion of what an IP address actually is or how it works. Let's explore the concept. Windows IP Address SettingsAn IP address is a fascinating product of modern computer technology designed to allow one computer (or other digital device) to communicate with another via the Internet. IP addresses allow the location of literally billions of digital devices that are connected to the Internet to be pinpointed and differentiated from other devices. In the same sense that someone needs your mailing address to send you a letter, a remote computer needs your IP address to communicate with your computer.MAC IP Address Settings"IP" stands for Internet Protocol, so an IP address is an Internet Protocol address. What does that mean? An Internet Protocol is a set of rules that govern Internet activity and facilitate completion of …

Sensitive data exposure

Image
What is sensitive data exposure? It is the leak of data due to low or no encryption
How do I fix/prevent it?Encrypt with high level encryptions only One of the mistakes many of the developers do is they encrypt with weak keys like ROT13 etc.
DO NOT ENCRYPT WITH SUCH WEAK KEYS
Encrypt all pages Most of the times the pages are interlinked,and an attacker might use the 'unsecured' webpage to gain access to sensitive data.
Encrypt all databases Encrypt the databases which store sensitive information.
eg of a non encrypted database
UsernamePasswordJohnMypasswordAnnieAnNie123JackPatriotismIsLife
eg of an encrypted database(same database)
UsernamePasswordJohndchcuichuicuihcAnnieieue3jihdnddioehdJackhduiedeuihdwnwlfiejiojdjdiwediw
See which data is sensitive Do  not waste your time encrypting databases whose's information is not sensitive/important
eg. DO NOT encrypt a database having only emails and usernames Use HTTPS What HTTPS bassicaly does is it encrypts the packets being sent betwe…

Broken Authentication

Image
What is broken authentication?
Broken authentication is when one gains access to specific parts of a web application without proper login/permissions. Example:- I have a web page named example.com/login.html Once a person logs in with a proper username and password,he will be redirected to example.com/admin.html
What will broken authentication allow one to do? Instead of going to the login page,one will directly type the address example.com/admin.html on their URL bar.
Example 2:-
I have a web page named example.com/login.html Once a person logs in with a proper username and password,the sensitive data will be appeared there and then.
What will broken authentication allow one to do? It will allow one to attack the web page using methods like:- Credential stuffing (Dictionary attack)Automated attack (Brute force attack)How do I fix it? Ask for multiple authenticationsKeep complex password requirementsDownload a big list of passwords,and if a users password is in that list notify themLimit log…

SQL Injection (SQLI)

Image
What is a SQL Injection? SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.

The impact SQL injection can have on a business is far reaching. A successful attack may result in the unauthorized viewing of user lists, the deletion of entire tables and, in certain cases, the attacker gaining administrative rights to a database, all of which are highly detrimental to a business.

When calculating the potential cost of a SQLI, it’s important to consider the loss of customer trust should personal information such as phone numbers, addresses and credit card details be stolen.
While this vector can be used to attack any SQL database, websites are the most frequent targets.

What Are SQL Queries? SQL is a standardized language used…

WiFi hacking (easy method)

WIFITE Wifite is a tool used for capturing, sniffing and cracking the wifi password using the brute force method
Kali Linux is indeed one of the best Linux versions for hacking.Today I will tell you how to crack WiFi passwords in the most easy way:-

Requirements: 

Kali LinuxExternal WiFi adapter is necessary if you are using  Kali Linux in a virtual machine or if you do not have a WiFi card in built
Steps to be followed:


1)Open Kali terminal and type wifite
1.1)If an error pops out about wifite command not found,then type:-
       git clone https://github.com/derv82/wifite.git
2)Leave the machine scanning for some time,searching for the different wifi networks in the range.
3)After the scanning has completed press ctrl+c
4)Choose the WiFi numbers

The software will brute force the password and give it to you;)

NOTE:WIFI HACKING IS ILLEGAL AND WE ARE NOT RESPONSIBLE FOR ANY CRIMES COMMITTED AS WE HAVE POSTED THIS FOR EDUCATIONAL PURPOSES.

Hope you enjoyed,
4YU3H41

How to Crack Wifi Using The Aircrack-ng in kali linux

click here for download pdf

Tutorial: How to Crack WPA/WPA2 Introduction This tutorial walks you through cracking WPA/WPA2 networks which use pre-shared keys. I recommend you do some background reading to better understand what WPA/WPA2 is. The Wiki links page has a WPA/WPA2 section. The best document describing WPA is Wi-Fi Security - WEP, WPA and WPA2. This is the link to download the PDF directly. The WPA Packet Capture Explained tutorial is a companion to this tutorial.
WPA/WPA2 supports many types of authentication beyond pre-shared keys. aircrack-ng can ONLY crack pre-shared keys. So make sure airodump-ng shows the network as having the authentication type of PSK, otherwise, don't bother trying to crack it.
There is another important difference between cracking WPA/WPA2 and WEP. This is the approach used to crack the WPA/WPA2 pre-shared key. Unlike WEP, where statistical methods can be used to speed up the cracking process, only plain brute force techniques…

Termux Tutorial

Image
Learn Ethical Hacking With Termux Android AppHi there , Now You can use Almost all Useful Hacking Tools, Scripts on Your Android Mobile
There are several apps and Hacking Tools are available For Android Mobile and therefore We can Install Kali Linux On Our Android mobile but it requires some time and patient if you are about to use only the tools you needed  then read this article completely to Learn How to Use Termux App and How To Install hacking Tools On Your Android mobile

Termux is a Powerful app  Which can be used to Install useful packages, Hacking Tools On your Android


Now In this Post we are describing About Termux Android App and How To Install Useful Packages/Hacking Tools On your Android mobile

About Termux App
Termux is a Powerful Android app which is Designed to Install Linux packages on your Android Mobile

With this Termux App You Can Install shell, python, c, c++, perl, ruby, java and many more useful packages and with the help of Termux we can use several Ha…