Tag Archives: Hacking

LulzSec is disbanding

http://sophosnews.files.wordpress.com/2011/06/lulzsec-wallpaper.jpg?w=640A publicity-seeking hacker group that has blazed a path of destruction on the Internet over the last two months says it is dissolving itself.

Lulz Security made its announcement Saturday through its Twitter account. In an unusual strategy for a hacker group, LulzSec has used the account as a publicity platform while remaining anonymous.

The group’s disbandment comes unexpectedly, and could be a sign of nerves in the face of law enforcement investigations. One of the group’s six members was interviewed by The Associated Press on Friday, and gave no indication that its work was ending.

LulzSec claimed hacks on major entertainment companies, FBI partner organizations, the CIA, the U.S. Senate and a pornography website.

How strong is your password

http://www.passwordsafepro.com/images/secure_passwords.gifIf you invited me to try and crack your password, you know the one that you use over and over for like every web page you visit, how many guesses would it take before I got it?

Let’s see… here is my top 10 list. I can obtain most of this information much easier than you think, then I might just be able to get into your e-mail, computer, or online banking. After all, if I get into one I’ll probably get into all of them.

  1. Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?)
  2. The last 4 digits of your social security number.
  3. 123 or 1234 or 123456.
  4. “password”
  5. Your city, or college, football team name.
  6. Date of birth – yours, your partner’s or your child’s.
  7. “god”
  8. “letmein”
  9. “money”
  10. “love”

Statistically speaking that should probably cover about 20% of you. But don’t worry. If I didn’t get it yet it will probably only take a few more minutes before I do…

Hackers, and I’m not talking about the ethical kind, have developed a whole range of tools to get at your personal data. And the main impediment standing between your information remaining safe, or leaking out, is the password you choose. (Ironically, the best protection people have is usually the one they take least seriously.)

One of the simplest ways to gain access to your information is through the use of a Brute Force Attack. This is accomplished when a hacker uses a specially written piece of software to attempt to log into a site using your credentials. Insecure.org has a list of the Top 10 FREE Password Crackers right here.

So, how would one use this process to actually breach your personal security? Simple. Follow my logic:

  • You probably use the same password for lots of stuff right?
  • Some sites you access such as your Bank or work VPN probably have pretty decent security, so I’m not going to attack them.
  • However, other sites like the Hallmark e-mail greeting cards site, an online forum you frequent, or an e-commerce site you’ve shopped at might not be as well prepared. So those are the ones I’d work on.
  • So, all we have to do now is unleash Brutus, wwwhack, or THC Hydra on their server with instructions to try say 10,000 (or 100,000 – whatever makes you happy) different usernames and passwords as fast as possible.
  • Once we’ve got several login+password pairings we can then go back and test them on targeted sites.
  • But wait… How do I know which bank you use and what your login ID is for the sites you frequent? All those cookies are simply stored, unencrypted and nicely named, in your Web browser’s cache. (Read this post to remedy that problem.)

And how fast could this be done? Well, that depends on three main things, the length and complexity of your password, the speed of the hacker’s computer, and the speed of the hacker’s Internet connection.

Assuming the hacker has a reasonably fast connection and PC here is an estimate of the amount of time it would take to generate every possible combination of passwords for a given number of characters. After generating the list it’s just a matter of time before the computer runs through all the possibilities – or gets shut down trying.

Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.

Password Length All Characters Only Lowercase
3 characters
4 characters
5 characters
6 characters
7 characters
8 characters
9 characters
10 characters
11 characters
12 characters
13 characters
14 characters
0.86 seconds
1.36 minutes
2.15 hours
8.51 days
2.21 years
2.10 centuries
20 millennia
1,899 millennia
180,365 millennia
17,184,705 millennia
1,627,797,068 millennia
154,640,721,434 millennia
0.02 seconds
.046 seconds
11.9 seconds
5.15 minutes
2.23 hours
2.42 days
2.07 months
4.48 years
1.16 centuries
3.03 millennia
78.7 millennia
2,046 millennia

Remember, these are just for an average computer, and these assume you aren’t using any word in the dictionary. If Google put their computer to work on it they’d finish about 1,000 times faster.

Via One Mans Blog
image: Passwordsafepro

Fundamentals of computer hacking

This article is solely for educational purpose. We are not to be held responsible for any act of misuse of information.

hackingGetting access to a secured system is not that easy nor too difficult too for a computer hacker. Protruding into ones system to get the secure informations is the main aim of hacking which includes the hacking into the system to get organizational layout, one’s personal information, banking activity and so on.

We have the technology advancement that is more effective and accurate in making the process of hacking a successful one with the help of simple knowledge on working procedures on the tools and hacking software. Knowledge on the fundamentals on computer hacking and tool utilization can make wonders to hack a computer.

How to computer hack via 3 hacking techniques?

1. FOOT PRINTING

The process of obtaining the secure data of organizations that is more confidential. It includes the information on the Internet, remote access, intranet and extranet. When you hack a computer you can trace the critical situation of an organization that affects the over all growth on profit quality rate.

  • First stage in foot printing an organization’s layout starts with fixation of target activity including collection of information from website holding the company and its employee’s. Social engineering is a target to hit upon to get easy access to the network on cracking the link in the internet to hack this site in specific.

  • Network enumeration is one of the techniques made in use to spot out the domain name and the network utility attributes. Getting into the database with tools on searching the internet can help in getting most of the needful informations.
  • DNS interrogation: DNS a distributed database is utilized to modify domain name into IP address and reverse. DNS configured (server’s installation and registration) with low-security gives off copy of organizational secure data on DNS zone transfer.
  • Network reconnaissance: On getting access through the Network it is easy to get into the network topology and the paths that link the terminals. Tracerouter program and hacking code tools are best to find the IP packet data that move along the paths. With the ICMP time exceeded message and hop count it is easier to get over the data transmitted.

2. SCANNING:

PING request sent to the IP address inside network terminals is ICMP ECHO packets and the response is the ICMPECHO-REPLY. Once the reply is obtained it will hack a computer to fetch the data packets through the connectivity.

3. ENUMERATION:

Protruding into the user’s account via network resources, shared informations, users, groups and applications to extract data is termed enumeration.

NMAP, STROBE, NESSUS and SATAN variants involving SARA and SAINT for LINUX. WINSCAN, SAMSPADE for WINDOWS are the best tools. Viable products utilized include CyberCop scanner as well as Internet Security scanners.

Queries helping hacker’s to begin cracking attacks include Registrar info and whois server’s data, Organizational info; Domain related data, Network or IP address data, Points of contact.

Author Bio:

The author of this article has got gook knowledge on computer hacking techniques, yahoo password hacking, cracking a system and site info. Feel free to contact her on guidance on learning the basic terms of hacking.

image source: http://techjosh.com