Hacking Class 2 – Footprinting and How It can be HelpFul to Hack systems
Hacking Class 2 – Footprinting and How It can be HelpFul to Hack systems
Previously We have Introduces hacking and hackers. Now In this class we will see what hackers do in pre-phases of hacking .i.e Footprinting.
2. Now you can use this information to search more about Person using Simply google as shown in next snapshot..
What Is FOOTPRINTING ??
Basically footprint is the blueprints of site/organisation/system that a hacker want to Hack i.e basic internal structure.Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological
manner.
Footprinting is one of the three pre-attack phases. The others are scanning and enumeration.
Important Thing to be Noted : An attacker will spend 90% of the time in profiling an organization and another 10% in launching the attack.
Now What is the result of Footprinting??? Can anyone guess It…. I explain it..
Footprinting results in a unique organization profile with respect to networks (Internet/intranet/extranet /wireless) and systems involved.Don’t It look amazing…
The most interesting stage of a targeted attack is the reconnaissance, or footprint analysis. Here you use the web, search engines, whois.com, to discover as much about the target as possible. A whois.com can tell you email address formats for instance (first letter last name @ company.com).
A Google search could reveal submission to forums by security personnel that reveal brands of firewall or antivirus in use at the target.
Sometimes network diagrams are even found that can guide an attack. The next stage, scanning, meant using special tools, ( I date myself by mentioning Cybercop and Internet Security Scanner, these were the days before the open source Nessus) to discover open ports, services, and machines on the target network. And then, finally, you could start attacking various vulnerabilities that you had discovered.
SITES THAT HELP IN FOOTPRINTING!
1. www.whois.domaintools.com
Now How It can Help You To GET Info . I will Show It Through Snapshots…
manner.
Footprinting is one of the three pre-attack phases. The others are scanning and enumeration.
Important Thing to be Noted : An attacker will spend 90% of the time in profiling an organization and another 10% in launching the attack.
Now What is the result of Footprinting??? Can anyone guess It…. I explain it..
Footprinting results in a unique organization profile with respect to networks (Internet/intranet/extranet /wireless) and systems involved.Don’t It look amazing…
The most interesting stage of a targeted attack is the reconnaissance, or footprint analysis. Here you use the web, search engines, whois.com, to discover as much about the target as possible. A whois.com can tell you email address formats for instance (first letter last name @ company.com).
A Google search could reveal submission to forums by security personnel that reveal brands of firewall or antivirus in use at the target.
Sometimes network diagrams are even found that can guide an attack. The next stage, scanning, meant using special tools, ( I date myself by mentioning Cybercop and Internet Security Scanner, these were the days before the open source Nessus) to discover open ports, services, and machines on the target network. And then, finally, you could start attacking various vulnerabilities that you had discovered.
SITES THAT HELP IN FOOTPRINTING!
1. www.whois.domaintools.com
Now How It can Help You To GET Info . I will Show It Through Snapshots…
2. Now you can use this information to search more about Person using Simply google as shown in next snapshot..
Now Its on you need How much info u want to explore about the person and website which u want to hack…
I think you all Will Like Thisss…. WE will continue Our Discussion on FOOTPRINTING tomorrow also… As It is the Most Important Phase…..
We will Explore More Information in the Next class…. I will explain Few More interesting facts and information exploring things so read on…
I think this Deserves For Comments…Comments Please!
I think you all Will Like Thisss…. WE will continue Our Discussion on FOOTPRINTING tomorrow also… As It is the Most Important Phase…..
We will Explore More Information in the Next class…. I will explain Few More interesting facts and information exploring things so read on…
I think this Deserves For Comments…Comments Please!
This is the Very First Tutorial Of Hacking . In this tutorial we will discuss what is hacking.. ethical hacking security…who are hackers…why we do hacking…and Introduction to some basic terms…
First of all I will try Explain what the Hacking really is….
What Is Hacking??
Everyone Here thinks that hacking is just stealing of data and information illegally but this perception is absolutely wrong.
The below is definition from Wikipedia…. Itz clearly showing hacking as a negative thing…
“Hacking is unauthorized use of computer and network resources. (The term “hacker” originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)”
Hacking is not always unauthorized… Hacking also include Exploring the Things that are being Hidden from the general usage… So exploring things i.e being Hidden from general User is also hacking…
Hacking Definition by Me…
” Hacking is art of exploring the hidden things that are being hidden from general usage and finding loop holes in the security and use them to benefit the others”
WHO ARE HACKERS ??
Everybody here thinks thats hackers are criminals of the virtual world (i.e digital World ). But this thought is also wrong. Hackers are not always criminals.. It doesn’t have any doubt that Hackers are extremely genious peoples in the field of Computers…
I want to Categorize hackers in three Categories:
1. Crackers or Black Hat hackers or cheaters or simply criminals : They are called criminals because they are having the mindset of causing harm to security and they steals very useful data and use it in wrong ways. Phishers also some in this category who steals account info and steal your credit card nos. and money over the Net.
2. Ethical hackers : Ethical Hacking Means you think like Hackers. i.e First you Hack the Systems and find out the loop holes and then try to correct those Loop Holes..These type of hackers protect the cyberworld from every possible threat and fixes the future coming security loop holes. These peoples are also called as “GURU’s” of Computer Security.
3. Simply Prankers : The hackers who just do hacking for fun…play pranks to their friends..
INTRODUCTION TO SIMPLE TERMS RELATED TO HACKING !
Threat –An action or event that might compromise security. A threat is a potential violation of
security.
I think You all would have like this and want to see more.. I will regularly post material.
I think this deserves Comments and facts that Users want’s to ask about Hacking…
So Don’t hesitate and ask your queries . I am there to reply them all…
Have Fun and Keep Learning…. As Hacking is the art of expertising Computers…
First of all I will try Explain what the Hacking really is….
What Is Hacking??
Everyone Here thinks that hacking is just stealing of data and information illegally but this perception is absolutely wrong.
The below is definition from Wikipedia…. Itz clearly showing hacking as a negative thing…
“Hacking is unauthorized use of computer and network resources. (The term “hacker” originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)”
Hacking is not always unauthorized… Hacking also include Exploring the Things that are being Hidden from the general usage… So exploring things i.e being Hidden from general User is also hacking…
Hacking Definition by Me…
” Hacking is art of exploring the hidden things that are being hidden from general usage and finding loop holes in the security and use them to benefit the others”
WHO ARE HACKERS ??
Everybody here thinks thats hackers are criminals of the virtual world (i.e digital World ). But this thought is also wrong. Hackers are not always criminals.. It doesn’t have any doubt that Hackers are extremely genious peoples in the field of Computers…
I want to Categorize hackers in three Categories:
1. Crackers or Black Hat hackers or cheaters or simply criminals : They are called criminals because they are having the mindset of causing harm to security and they steals very useful data and use it in wrong ways. Phishers also some in this category who steals account info and steal your credit card nos. and money over the Net.
2. Ethical hackers : Ethical Hacking Means you think like Hackers. i.e First you Hack the Systems and find out the loop holes and then try to correct those Loop Holes..These type of hackers protect the cyberworld from every possible threat and fixes the future coming security loop holes. These peoples are also called as “GURU’s” of Computer Security.
3. Simply Prankers : The hackers who just do hacking for fun…play pranks to their friends..
INTRODUCTION TO SIMPLE TERMS RELATED TO HACKING !
Threat –An action or event that might compromise security. A threat is a potential violation of
security.
Vulnerability –Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system.
Exploit –A defined way to breach the security of an system through vulnerability. i.e Use the vulnerability to damage the database or system.
Attack –An assault on system security that derives from an intelligent threat. An attack is any action that violates security.
Target of Evaluation –An IT system, product, or component that is identified/subjected as requiring security evaluation.
Security – A state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable.
Security rests on confidentiality, authenticity, integrity, and availability.
•Confidentiality –The concealment of information or resources.
•Authenticity –The identification and assurance of the origin of information.
•Integrity –The trustworthiness of data or resources in terms of preventing improper and unauthorized changes.
•Availability –The ability to use the information or resource desired.
•Authenticity –The identification and assurance of the origin of information.
•Integrity –The trustworthiness of data or resources in terms of preventing improper and unauthorized changes.
•Availability –The ability to use the information or resource desired.
INTRODUCTION TO TOPICS THAT WE COVER IN THESE CLASSES !
- Introduction to Ethical hacking
- Footprinting
- Scanning
- Hacking Systems and OS
- Trojans and backdoors
- Sniffers and DDOS(Denial of Service)
- Social Enginnering
- Hacking Websites
- Hacking Web applcations and Softwares
- Password Hacking and Cracking
- Phising and fake pages
- SQL Injection
- Hacking Wireless (wifi’s)
- virus and worms
- Creating Viruses and trojan and Making them undetectable
- Exploit Writing and virus source codes of very famous viruses
- Cryptography
- Hacking Webservers
- …… And Much more… List is endless…
I think You all would have like this and want to see more.. I will regularly post material.
I think this deserves Comments and facts that Users want’s to ask about Hacking…
So Don’t hesitate and ask your queries . I am there to reply them all…
Have Fun and Keep Learning…. As Hacking is the art of expertising Computers…
A Trojan horse is an unauthorized program contained within a legitimate program. This unauthorized program performs functions unknown (and probably unwanted) by the user.
- It is a legitimate program that has been altered by the placement of unauthorized
- code within it; this code performs functions unknown (and probably unwanted) by the user.
- Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.
Working of Trojans
- Attacker gets access to the trojaned system as the system goes online
- By way of the access provided by the trojan attacker can stage attacks of different types.
Various Trojan Types
- Remote Access Trojans
- Password Sending Trojans
- Keyloggers
- Destructive
- Denial Of Service (DoS) Attack Trojans
- Proxy/Wingate Trojans
- FTP Trojans
- Software Detection Killers
Modes of Transmission
- Attachments
- Physical Access
- Browser And E-mail Software Bugs
- NetBIOS (File Sharing)
- Fake Programs
- Un-trusted Sites And Freeware Software
Backdoor Countermeasures
- Most commercial ant-virus products can automatically scan and detect backdoor programs before they can cause damage (Eg. before accessing a floppy, running exe or downloading mail)
- An inexpensive tool called Cleaner TROJAN REMOVER can identify and eradicate all types of backdoor programs and trojans.
- Educate your users not to install applications downloaded from the internet and e-mail attachments.
Hello Guys Today i am going to Explain the very basic things that you must know If you Want to become a Hacker or you are a Hacker (whatever be). In this Tutorial I will Explain you “Locations where the passwords are Saved in Windows Operating System”. Various readers of my blog asked me about where the passwords really stored in windows. So today I am going to Explain this where the password really stores…So Read on…
This Tutorial is Program Oriented Means Different Locations for Different Softwares and window components…
First of all You Need to Know that Most Of the Passwords are stored in Registry . So you Must Know How to access Registry … Also In Most of cases passwords are Encrypted so to decrypt you can google it for its decrypter….
Note: Windows Profile Means C:/Document and Settings/(user account)/application data
Note: Windows Profile Means C:/Document and Settings/(user account)/application data
HOW TO ACCESS REGISTRY ??
1. Goto Start Menu.
1. Goto Start Menu.
2. Click on Run.
3. Type “regedit” (without quotes) in the Run Box .After that this Windows Opens . Now you are ready to see that.
3. Type “regedit” (without quotes) in the Run Box .After that this Windows Opens . Now you are ready to see that.
LOCATIONS OF SAVED PASSWORDS !
# Internet Explorer 4.00 – 6.00:
The passwords are stored in a secret location in the Registry known as the “Protected Storage“.
The base key of the Protected Storage is located under the following key:
The base key of the Protected Storage is located under the following key:
“HKEY_CURRENT_USERSoftwareMicrosoftProtected Storage System Provider”.
You can browse the above key in the Registry Editor (RegEdit), but you won’t be able to watch the passwords, because they are encrypted.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.
# Internet Explorer 7.00 – 8.00:
The new versions of Internet Explorer stores the passwords in 2 different locations.
1. AutoComplete passwords are stored in the Registry under
1. AutoComplete passwords are stored in the Registry under
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerIntelliFormsStorage2.
2. HTTP Authentication passwords are stored in the Credentials file under
Documents and SettingsApplication DataMicrosoftCredentials
, together with login passwords of LAN computers and other passwords.
# Firefox:
The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt (depends on Firefox version)
These password files are located inside the profile folder of Firefox, in
These password files are located inside the profile folder of Firefox, in
[Windows Profile]Application DataMozillaFirefoxProfiles[Profile Name]
Also, key3.db, located in the same folder, is used for encryption/decription of the passwords.
# Google Chrome Web browser:
The passwords are stored in
[Windows Profile]Local SettingsApplication DataGoogleChromeUser DataDefaultWeb Data
(This filename is SQLite database which contains encrypted passwords and other stuff)
# Opera:
The passwords are stored in wand.dat filename, located under
[Windows Profile]Application DataOperaOperaprofile
# Outlook Express (All Versions):
The POP3/SMTP/IMAP passwords Outlook Express are also stored in the Protected Storage, like the passwords of old versions of Internet Explorer.
# Outlook 98/2000:
Old versions of Outlook stored the POP3/SMTP/IMAP passwords in the Protected Storage, like the passwords of old versions of Internet Explorer.
# Outlook 2002-2008:
All new versions of Outlook store the passwords in the same Registry key of the account settings.
The accounts are stored in the Registry under
The accounts are stored in the Registry under
HKEY_CURRENT_USERMicrosoftWindows NTCurrentVersionWindows Messaging SubsystemProfiles[Profile Name]9375CFF0413111d3B88A00104B2A6676[Account Index]
If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file, together with login passwords of LAN computers.
# Windows Live Mail:
All account settings, including the encrypted passwords, are stored in
[Windows Profile]Local SettingsApplication DataMicrosoftWindows Live Mail[Account Name]
The account filename is an xml file with .oeaccount extension.
# ThunderBird:
The password file is located under
[Windows Profile]Application DataThunderbirdProfiles[Profile Name]
You should search a filename with .s extension.
# Google Talk:
All account settings, including the encrypted passwords, are stored in the Registry under
HKEY_CURRENT_USERSoftwareGoogleGoogle TalkAccounts[Account Name]
# Google Desktop:
Email passwords are stored in the Registry under
HKEY_CURRENT_USERSoftwareGoogleGoogle DesktopMailboxes[Account Name]
# MSN/Windows Messenger version 6.x and below:
The passwords are stored in one of the following locations:
1. Registry Key: HKEY_CURRENT_USERSoftwareMicrosoftMSNMessenger
2. Registry Key: HKEY_CURRENT_USERSoftwareMicrosoftMessengerService
3. In the Credentials file, with entry named as “Passport.Net\*“. (Only when the OS is XP or more)
2. Registry Key: HKEY_CURRENT_USERSoftwareMicrosoftMessengerService
3. In the Credentials file, with entry named as “Passport.Net\*“. (Only when the OS is XP or more)
# MSN Messenger version 7.x:
The passwords are stored under
HKEY_CURRENT_USERSoftwareMicrosoftIdentityCRLCreds[Account Name]
# Windows Live Messenger version 8.x/9.x:
The passwords are stored in the Credentials file, with entry name begins with “WindowsLive:name=”.
# Yahoo Messenger 6.x:
The password is stored in the Registry, under
HKEY_CURRENT_USERSoftwareYahooPager
(“EOptions string” value)
# Yahoo Messenger 7.5 or later:
The password is stored in the Registry, under
The password is stored in the Registry, under
HKEY_CURRENT_USERSoftwareYahooPager – “ETS” value.
The value stored in “ETS” value cannot be recovered back to the original password.
# AIM Pro:
The passwords are stored in the Registry, under
HKEY_CURRENT_USERSoftwareAIMAIMPRO[Account Name]
# AIM 6.x:
The passwords are stored in the Registry, under
HKEY_CURRENT_USERSoftwareAmerica OnlineAIM6Passwords
# ICQ Lite 4.x/5.x/2003:
The passwords are stored in the Registry, under
HKEY_CURRENT_USERSoftwareMirabilisICQNewOwners[ICQ Number]
(MainLocation value)
# ICQ 6.x:
The password hash is stored in
[Windows Profile]Application DataICQ[User Name]Owner.mdb (Access Database)
(The password hash cannot be recovered back to the original password)
# Digsby:
The main password of Digsby is stored in
[Windows Profile]Application DataDigsbydigsby.dat
All other passwords are stored in Digsby servers.
# PaltalkScene:
The passwords are stored in the Registry, under
HKEY_CURRENT_USERSoftwarePaltalk[Account Name].
AND MUCH MORE:
Tips And Tricks – Free Wallpapers – Free Ebooks – Free Themes – Rapidshare Premium Accounts – Free Music – Movies – Iphone Applications –Iphone Hacks Jailbreaking –Free Full Softwares – Hacking – Mobile Softwares – Blogging Tips –Orkut Hacks–Magazines–Playboy –Free Premium Accounts
About Gamemaker gafoor.2
No comments