Category Archives: cyber crime

How to Crack a Wi-Fi Network’s WEP Password with BackTrack


You already know that if you want to lock down your Wi-Fi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy? Take a look.

How to Crack a Wi-Fi Network’s WEP Password with BackTrack : ehack

How to Crack a Wi-Fi Network’s WEP Password with BackTrack : ehack

Note: This post demonstrates how to crack WEP passwords, an older and less often used network security protocol. If the network you want to crack is using the more popular WPA encryption, see our guide to cracking a Wi-Fi network’s WPA password with Reaver instead.

Today we’re going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn’t mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn’t make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise.

Dozens of tutorials on how to crack WEP are already all over the internet using this method. Seriously—Google it. This ain’t what you’d call “news.” But what is surprising is that someone like me, with minimal networking experience, can get this done with free software and a cheap Wi-Fi adapter. Here’s how it goes.

What You’ll Need

  • A compatible wireless adapter—This is the biggest requirement. You’ll need a wireless adapter that’s capable of packet injection, and chances are the one in your computer is not. After consulting with my friendly neighborhood security expert, I purchased an Alfa AWUS050NH USB adapter, pictured here, and it set me back about $50 on Amazon. Update: Don’t do what I did. Get the Alfa AWUS036H, not the US050NH, instead. The guy in this video below is using a $12 model he bought on Ebay (and is even selling his router of choice). There are plenty of resources on getting aircrack-compatible adapters out there.
  • A BackTrack Live CD. We already took you on a full screenshot tour of how to install and use BackTrack 3, the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started.
  • A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people are using it, connecting and disconnecting their devices from it. The more use it gets while you collect the data you need to run your crack, the better your chances of success.
  • Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you’ll need to launch Konsole, BackTrack’s built-in command line. It’s right there on the taskbar in the lower left corner, second button to the right. Now, the commands.

First run the following to get a list of your network interfaces:

airmon-ng

The only one I’ve got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).

Now, run the following four commands. See the output that I got for them in the screenshot below.


airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)

How to Crack a Wi-Fi Network’s WEP Password with BackTrack : ehack

How to Crack a Wi-Fi Network’s WEP Password with BackTrack : ehack

Read the rest of this entry

Turkmenistan Gmail, Microsoft, Youtube Domains Hijacked


Iranian hackers deface multiple big companies Turkmenistan domains (.tm) yesterday using DNS poisoning attack. All hacked domains are registered by NIC at Turkmenistan. Hacker managed to find and exploit a SQL Injection vulnerability in NIC website in order to get database of the site.

Turkmenistan Gmail, Microsoft, Youtube Domains Hijacked : ehack

Turkmenistan Gmail, Microsoft, Youtube Domains Hijacked : ehack

Because the passwords was stored in plain text, that make more easy for those hacker to access the domain panels of each domain and changing the DNS entries to shift websites on a rouge server with defaced page. The defaced message as shown below:

gmail hacked : ehack

gmail hacked : ehack

Defaced domains :
hacked : ehack

hacked : ehack

Mirror of hacks are available at Zone-H.

 

 

Original post at –the hacker news

Thanks for reading. hope it might helped you.
http://ehack.thegeoadventure.com/

 

Take down of fifth most widespread ‘Virut Botnet’


Take down of fifth most widespread 'Virut Botnet' : ehack

Take down of fifth most widespread ‘Virut Botnet’ : ehack

NASK the domain registrar that operates the “.pl” Polish top-level domain registry has seized multiple domains used for cyber crime activities by spreading Waledac malware distributed by the Virut botnet. According to Poland’s Computer Emergency Response Team, Virut was first detected in 2006 and became a serious threat with an estimated size of more than 300,000 compromised computers.
NASK said that on Thursday it began assuming control over 23 .pl domains that were being used to operate the Virut network. Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time.

They determined that botnet consists of more than 308,000 uniquely compromised machines and that its primary function is to pump out spam and other malicious emails. The most recent take down effort was in December 2012. Unfortunately, the Virut botnet gang managed to get the malicious botnet domain names moved to a new registrar called home.pl quickly.

Symantec reported that with some 77,000 Waledac infected machines within the Virut botnet generating an average of 2,000 spam messages an hour for somewhere between 8 and 24 hours a day.

The Virut take down effort clearly illustrates the important and meaningful role registries and registrars can play in the fight against cyber crime in general. How long the shut-down of Virut will last this time is unknown.

 

 

Original post at –the hacker news

Thanks for reading. hope it might helped you.
http://ehack.thegeoadventure.com/

The use of passwords in a technological evolution


Every day we read about an incredible number of successful attacks and data breaches that exploited leak of authentication mechanisms practically in every sector. Often also critical control system are exposed on line protected only by a weak password, in many cases the default one of factory settings, wrong behavior related to the human component and absence of input validation makes many applications vulnerable to external attacks.

The use of passwords in a technological evolution : ehack

The use of passwords in a technological evolution : ehack

Today I desire to focus the attention of a report published by the consulting firm’s Deloitte titled “Technology, Media & Telecommunications Predictions 2013” that provide a series of technology predictions, including the outlook for subscription TV services and enterprise social networks. The document correctly express great concern of the improper use of passwords that will continue also in 2013 being causes of many problems, it must to be considered that value of the information protected by passwords continues to grow attracting ill-intentioned.
The report focuses the need to reconsider password management processes in the light of technological contexts that we will before Duncan Stewart, Director of TMT Research, declared: “Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust,” “But these can be easily cracked with the emergence of advance hardware and software.”

Read the rest of this entry

Facebook Announces 2013 Hacker Cup Competition


Hackers, start your keyboards: Facebook has officially opened registration for its third annual Hacker Cup, set to begin at the end of this month.

facebook hacker cup : ehack

facebook hacker cup : ehack

Facebook has announced that it has opened registration for the Hacker Cup, its annual competition for programmers with a $10,000 top prize, up from $5,000 last year, for the best of them all. Facebook holds the Hacker Cup in rounds, starting first online and then culminating in a final onsite round at Facebook’s HQ in Menlo Park, CA for the top 25 programmers. This years preliminary rounds will be held between January 25 and February 16. Facebook will fly the top 25 for the onsite final round that takes place March 22-23.

The Hacker Cup is important for a couple of reasons. For one is shows that, although Facebook is pushing past one billion members of its social network and is now one of the world’s biggest public tech companies, it is committed to trying to staying close to its Hacker Way roots.

This is important for it to stay innovative, but it also helps keep Facebook in touch with the world community of top, smart programmers — an obvious route to tapping for top engineering talent.

Facebook says that those who registered for a previous year are automatically registered for the competition year, although they still need to check their information is up-to-date.

There is no limit to the number of people registering for the competition, as long as you sign up by the end of the first round, on the 27th of January.

But there are a few limits on who can participate. Facebook notes in its rules and regulations that you need to be registered on Facebook yourself, you need to be 18 or older, and you cannot be resident in Quebec (!) or any other place where these kinds of competitions are prohibited by law. You also need to provide your real name, postal address, phone number, email address, and date of birth, which may weed out a few Anonymous types, as brilliant as some of them may be.

The competition will follow the same form as in past years. Rather than free-form hackathon-style hacking, contestants are given problem sets that they need to solve. Answers come by way of source code and an output file to show how it works. They will be judged on how well they can come up with the solution in a set period of time, via a timer in the input set. They have six minutes to submit the source code and output file — and they can submit multiple answers in that time.

Last year, the Hacker Cup attracted 8,000 hopefuls from 150 countries, but the final 25 came from a relatively narrow list of countries – Russia, Germany, Poland, Ukraine, China, South Korea, Japan, Taiwan, and the U.S., with the winner, Roman Andreev, hailing from Russia. You can read more about him and last year’s competition here. Just as it is telling that Facebook runs a Hacker Cup, it will be telling to see how many enter this year and how the country spread for finalists compares.

 

 

Original post at –TechCrunch

Thanks for reading. hope it might helped you.
http://ehack.thegeoadventure.com/

 

 

%d bloggers like this: