Gathering Wordpress Version Of A Website/Blog

To Hack a Wordpress Website/Blog Hacker tries to find out the version number of that CMS (Content managing System). A Content Management System (CMS) is a computer program that allows publishing, editing and modifying the content as well as maintenance from a central interface. Such systems of content management provide procedures to manage workflow in a collaborative environment So he could go and search on Exploit databases for possible exploits.

For example: Take http://ethicalhacking1.com/blog

In a Wordpress blog  Hacker can easily find out some one's version number by just viewing the source of that particular blog.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/xfn/11">

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Ethical Hacking, Network Security, Cyber Security with Sahil Baghla</title>

<meta name="generator" content="********" /> <!-- Leave this for stats -->

<script type="text/javascript">

/***********************************************

 Now it's not a good idea to expose your version number because it will make your Website/blog more vulnerable to hackers.

There are a couple of ways through which you can hide your version numbers, The simplest one is to add the following code inside your functions.php file

remove_action('wp_head', 'wp_generator');

Moreover there are a couple of other plugins which can help you hide your Wordpress plugin, Just google for them.

Well even if anyone is using plugins to hide their Wordpress version number,

it is still possible for a hacker to determine your version number, All the hacker has to do is to add "/readme.html" after the websites URL.

it is still possible for a hacker to determine your version number, All the hacker has to do is to add "/readme.html" after the websites URL.

 

 Countermeasures:

1. Use a good plugin that can hide your Wordpress version number.

2. Always update your Wordpress to the latest version.

3. Either delete readme.html file or change it to something like readme.php file.

NOTE::The Text Highlighted in Red is The version Of the blog..

Posted By: Anshuman Kak 

Best Network Security Scanners

What are scanners?

Scanners, the subject of this post, are "neutral" network applications. this means that they can help both a hacker and an administrator. Their task is to collect information about network devices. As it turns out, this information can be quite varied. We are able to discover which software is used in the system, to check how long it has been running, and to find out about the available ports. Of course the scanners are written in such a way that their activity won't leave unwanted footprints on the target machine. It happens often that scanning is performed using undocumented protocols, the monitoring of which is usually ignored.

The advantages this presents may seem to be useful only to a hacker, but they are also important to an administrator. They allow us to make appropriate changes to the settings and improve the system security level.

There are three popular scanners, Nmap, Nessus, and Nikto. Each of these applications provides different functions, and they complement each other perfectly.

NMAP

 

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. Unlike many simple port scanners that just send packets at some predefined constant rate, nmap accounts for the network conditions (latency fluctuations, network congestion, the target interference with the scan) during the run. Also, owing to the large and active user community providing feedback on its features and contributing back, nmap has succeeded to extend its discovery capabilities beyond basic host being up/down or port being open/closed to being able to determine operating system of the target, names and versions of the listening services, estimate uptime, the type of device, presence of the firewall. [from Wikipedia]

Nmap runs on Linux, Microsoft Windows, Solaris, HP-UX and BSD variants (including Mac OS X), and also on AmigaOS and SGI IRIX. Linux is the most popular nmap platform with Windows following it closely.

Nessus

 

Nessus is an application that is worth to discuss about. This program is similar in funcionality to nmap, but it distinguishers itself by an extended error detabase, updated every day, that is very useful for the user. In addition, Nessus is easy to keep up to date, using a plugin system for this purpose. The plugins are created with a special NASL script language. Information about the application can be obtained on the homepage of the project: http://www.nessus.org/

Nikto

Nikto performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, versions on over 950 servers, and version specific problems on over 260 servers.

Regards: Anshuman kak a Script kiddie

�GET A FREE facebook T-SHIRT� � New Facebook Scam!

Guys If you come across any Post on facebook that says �GET A FREE facebook T-SHIRT�, please Ignore it. This is not a likejacking type of SPAM, but the Pure and Simple social engineering example to Capture user data. The Scammers have created a n external web page, whose look and feel closely matches with facebook�s user interface.

Though looking at that page you can easily make out that its a scam, Still Some people will get tempted and will Register their email and home address there.

Lets see how these scammers are cheating you in the name of �free Facebook T-shirt�. First they are asking you to complete some Steps to be able to receive your T-shirt.

As you can see above they are first asking you to Share their Page on your wall, so that your friends can also register for the same. In the Next step, you will be asked to join their group, so that they can repeatedly spam you Facebook Inbox with their offers.

Next they will ask you to Like your Country .. and as you can see large no. of Indians have already tried this �Unbelievable!!!

And then Finally They will ask you to Register For their Free T-shirt. This is what the main aim of scammers is. They just collected your Personal details and Now they can use it to register any website or Spam your email account with their Scam offers. Lets be aware of it and Do share this Information on Facebook to warn your friends too.

Top 20 Hacking Tools

These are Top 20 Hacking Tools, the list is exhaustive, these are a few to name:

Nessus

The �Nessus� Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

Ethereal

Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Snort

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

Netcat

Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol

TCPdump

TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

Hping

Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the �ping� program (but with a lot of extensions).

DNSiff

DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

GFI LANguard

GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil�s advocate alerting you to security vulnerabilities.

Ettercap

>Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix.

OpenSSH

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

TripWire

Tripwire is a tool that can be used for data and program integrity assurance.

Kismet

Kismet is an 802.11 wireless network sniffer � this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.

NetFilter

NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.

IP Filter

IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.

pf

OpenBSD Packet Filter

fport

fport identifys all open TCP/IP and UDP ports and maps them to the owning application.

SAINT

SAINT network vulnerability assessment scanner detects vulnerabilities in your network�s security before they can be exploited.

OpenPGP

OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.

Posted by: Anshuman Kak

Hack Software and Run the Trial Program Forever

Most of us are familiar with many softwares that run only for a specified period of time in the trial mode. Once the trial period is expired these softwares stop functioning and demand for a purchase. But there is a way to run the softwares and make them function beyond the trial period. Isn�t this interesting?

When these softwares are installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc. After installation every time you run the software, it compares the current system date and time with the installed date and time. So, with this it can make out whether the trial period is expired or not.

So with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small Tool known as RunAsDate.

RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn�t change the current system date, but it only injects the date/time that you specify into the desired application.

Download RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003 and Vista.

NOTE: FOLLOW THESE TIPS CAREFULLY

You have to follow these tips carefully to successfully hack a software and make it run in it�s trial mode forever.

1. Note down the date and time, when you install the software for the first time.

2. Once the trial period expires, you must always run the software using RunAsDate.

3. After the trial period is expired, do not run the software(program) directly. If you run the software directly even once, this hack may no longer work.

4. It is better and safe to inject the date of the last day in the trial period.

For example, if the trial period expires on jun 30 2010, always inject the date as jun 29 2010 in the RunAsDate.

Regards: Anshuman kaa Script Kiddie

Best Way to Hack Windows Administrator Password?

 

Sometime we forget our administrator password and we want to access the machine but
we do not know their password so we have 2 methods to logon this machine:

1. Safe mode
2. with Help of bootable software

1.) Safe mode

Press F8 Button when windows start after select Safe mode and click yes and go to run
type cmd. And type following command.

C:\> net user administrator 123123
After Administrator password will be blank.



2. With help of Bootable Software

We can use following bootable ISO images:

1. Offline NT Password & Registry Editor
2. Backtrack 4 DVD (Back4.iso) � chntpw utility

1.) Offline NT Password & Registry Editor: it actually deletes your password allowing
access to Windows without any password.

Tested with the following: NT 3.51, NT 4, Windows 2000, Windows XP, Windows 2003
Server,Vista and Server 2008.As far as I know, it will work with all Service Packs (SP)
and all editions (Professional, Server, Home etc) Also, 64 bit windows version (XP,
2003, Vista, 2008) should be OK.
Feature�s:
Very fast password cracking tool
No access to Windows or knowledge of old passwords is needed
Program is completely free and open source, which means it will most likely stay free
Works with Windows Vista passwords and Windows XP passwords (and more)
Program's ISO image is much smaller than those of other password recovery tools
No installation in Windows is required making this program an easy alternative to
many other password recovery tools.

2.) Backtrack 5 DVD (Back4.iso) � chntpw utility
Backtrack is the most popular Linux live CD distribution focussed on penetration testing.It
comes loaded with all the top security tools so that you can immediately startup with your
work without the need for downloading and installing any of the tools.
One of the uses of Backtrack is to fix windows problems such as fixing the registry,
resetting the user passwords etc. Here I am going to explain how we can use Backtrack to
fix the windows registry.
It has little but powerful tool called chntpw which not only allows resetting the user
passwords but also comes with full fledged registry editor.
chntpw is a Windows NT 2K XP user password tool to delete passwords and restrictions
from SAM database on installed system .They do not crack like brute force passwords, but
only delete passwords and restrictions for Administrators and simple user in SAM
database .
To erase password use a script that a make almost for you like search NTFS drivers from
your XP to mount your partition with your drivers if doesn't find ask you to download all
needed data from internet .
Note: Deleting the password will enable you to login to the system without a password, but it will not give
you access to any encrypted data on the system. All it lets you do is log in.
Steps:
1. Burn Backtrack 5 iso in DVD and boot from DVD and after start backtrack with
username: root and password: toor and open backtrack Privilege Escalation
Password Attacks Chntpw
2. Shell Prompt will be open, First see Hard disk Partions with help of following
command: # fdisk �l
3. note down windows partion name (like SDA1, HDA1)
4. After type following command:
5. chntpw �I /mnt/hda1/windows/system32/config/SAM
6. After type 1 and type username: administrator select 1 option to clear password.

Posted by: Anshuman kak a Script Kiddie

The Benefits of Network Security Audit

Network security audit, also known as network security assessment, refers to the process of determining the security shortcomings on your network. The process is critical for a business because sensitive or critical information on a network cannot be adequately protected if you do not know what type of vulnerabilities or security holes exist on the network.

Security auditing and assessing of your network is not a one-time event. Security assessments should be ongoing because networks are constantly changing as new devices are added, configurations are changed, and software is updated. With any type of security assessment, the network layout must first be determined. The network security audit must accurately determine the extent or topology of your business network. This is includes the type of devices, the operating system in use on the devices, and what updates that have been applied. Also, you must determine what the critical information assets are and where they are located on the network.

Without this information, a network security audit is of little value because you cannot be sure to have completed a security assessment of the whole network or that you have evaluated the most critical components of the network where the most sensitive information is stored and accessed. Of course, there is much more to performing a network security audit, but these few elements are essential to make a proper evaluation of your corporate network�s security.

Benefits of Network Security Audits

Network security audits help identify vulnerabilities on your network and network devices including:

• Running services � Any service that is running on a network device can be used to attack a system. A solid network security audit would help you identify all services and turn off any unnecessary services.

• Open ports � A network security audit will help you identify all open ports on network devices and, just like running services, all unneeded ports should be closed to eliminate the possibility of being used to attack a network device.

• Open Shares � Any open share can be exploited and should not be used unless there is some essential business purpose for it.

• Passwords � Assessments/audits should evaluate the enterprise password policy and ensure that the passwords used on the network devices meet the business password policy of password strength, frequent change, and other requirements.

• User Accounts � During the audit, you must determine which user accounts are no longer being used so they can be removed or disabled. Unused user accounts allow for someone from inside or outside the network to attack and take over the account or may be an indication of a successful attack of the network.

• Unapproved Devices � Unapproved or unknown devices such as iPods, Smart Phones and Wireless Access Points installed on your network must be detected in an audit. Any or all of these, as well as other devices, can be used to attack the network or steal data off the network.

• Applications � The type of applications being used on a system should be identified during this process. If any dangerous applications are found running on a system, they should be removed. Also look for software programs that run automatically because they can be an indicator of a malware infection.

Security audits should be done on an ongoing basis. Without recurring security audits or assessments, these new vulnerabilities may not be discovered and patched to keep the computer system secure. Also, such audits should not be done manually because if administrators fail to apply certain scans, vulnerabilities in the operating systems or in installed applications can be exploited.

Using vulnerability scanners makes the task of a security audits or assessments much easier and safer. These tools automate part of the process and allow administrators to analyze the results and determine what issues should be addressed first and in which priority the other security issues should be handled.

By identifying these types of vulnerabilities on an ongoing basis, you will be adding an extra layer of protection to your network. Because network security applications and services are constantly being updated, it is of great importance to apply one of the latest security scanners and use it on an ongoing basis, together with the expertise of knowledgeable security staff to evaluate the status of your network security.

Regards: Anshuman Kak a Script Kiddie