Find us on Google+ Bypass The Security: November 2013

Sunday 3 November 2013

Crack password protected zip files


Crack the password

 protected zip files using 

fcrackzip - Backtrack





We frequently use zipped files due to its small size and strong encryption algorithm. These zipped files comes with a facility of password protection which maintains the security of the files.
But sometimes this security feature turns into a drawback if we somehow forget the password. In that case the password cracker play their role. You can also use them if you downloaded a zipped file with password protection on it.
In my last article, if you followed then we learned to
 make a bootable USB of backtrack. So here I'm gonna introduce a tool which is present in Backtrack and if you have no past experience with Linux then no issues you can start from here. The open source tool we are gonna use is called fcrackzip.
fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip its results.


Here, for the demonstration I'm gonna make a file crackme.zip with a password abcde using winrar. You can also try with me from here.

1) Right click on the file > select add to archieve..
2) Under General tab select ZIP rather than RAR, then under Advanced tab > set Password
3) Suppose our final password protected zip file is crackme.zip (you can use your own)
4) Now copy this file on the desktop for ease in your Backtrack
5) Then click on the Top Right button saying Applications.
6) Navigate to Backtrack > Privilege Escalation > Password Attacks >Offline Attacks > fcrackzip
7) The following terminal screen will pop up


The fcrackzip is loaded with the following options:
-b brute force
-D dictionary Attack
-B benchmark
-c charset characterset
-h help
-V validate
-p init-password string
-l length min-max
-u use-unzip
-m method num
-2 modulo r/m

8) I'm going to apply the brute force attack for password cracking. So the following command will be useful...
fcrackzip -b -c a -l 1-6 /root/Desktop/crackme.zip
here,
-b > bruteforce
-c a > charset lower case alphabets
-l 1-6 > length of expected password

9) Hit Enter and wait for few minutes. fcrackzip combining with Backtrack turns into a more faster password cracking tool
10) That's it. It'll show the password after certain attempts.


Note: Brute force assures gurantee of the result but often take very much time even years for a very strong password to crack. If you use Encrypted language for the password then it may be impossible to apply the brute force. In such case do search for other working alternatives.

"The quieter you become, the more you are able to hear"


Bootable USB for Backtrack

Make a Bootable USB for Backtrack 5



Here I come up with another article in which I'm gonna show you how to make a bootable USB for Backtrack 5. Before leading to the executing process let me introduce Backtrack 5.
Backtrack is based on Ubuntu Lucid (10.04 LTS) with Linux kernel 2.6.38 and some WiFi drivers to allow injection attacks. It is currently most popular choice among hackers for pen testing. It is filled with a collection of more than 3000 open source security tools, which are organised in a real decent way.
It menu consists of several tools like  “Information Gathering”, “Vulnerability Assessment”, “Exploitation Tools”, “Privilege Escalation”, “Maintaining Access”, “Reverse Engineering”, “RFID Tools”, “Stress Testing”, “Forensics”, “Reporting Tools”, “Services”, and “Miscellaneous”.
Alright Lets get start to get hands on such powerful OS:
  • First grab a copy of the latest version of Backtrack. go to the official site click here
  • Click on Download tab, either register your copy or directly click on Download button

  • Then configure the version according to your need and requirement. Click on Download
           
  • In order to make bootable USB we are going to use a small freewareUNETBOOTIN. Download it from here
  • Take a 4GB USB (recommended) backup all its data and make a QuickFormat using FAT32 File System
  • Now run the application unetbootin
           
  • Configure it: In Diskimage, select ISO. 
  • Click browse and select the IMAGE which you just downloaded
  •  In Type select USB Drive, Drive select your USB drive letter
  •  Leave the rest as default.
  •  You are always free to configure it in your way :)
  • Click OK
  • Finally the burning process begins. It generally takes 5-10 mins but may take longer depending upon your system configuration.
            
  • When its done hit the Reboot button of your system.
  • Switch to BIOS and select the USB as First boot device.
  • Viola its done now you can get rid off from Virtual Machine because it slows down the speed in my case. Run the Backtrack directly on your machine.
                

"The quieter you become, the more you are able to hear"


Add Folder Into Send to Option

Add Folder Into Send to Option

Hello Friends!!
YES…!!!You can add Folder to Send to option.if you didn’t get it,It may occur when you send the data into USB drive.by right click on folder and click on Send to option where you will be able to see the destination drive.From this trick you can put your required destination folder in that particular field.
Note: This trick is working properly in Windows XP.Windows 7 and 8 users may not found this as useful.



So without wasting much time..Here are the Steps:

Step 1)
Go to my computer.

Step 2)
open C drive (Drive in which you have installed windows OS).

Step 3)
Navigate to Users -> xyz(administrator) .

Step 4)
Be sure that visibility of System hidden files  is turned ON.
As go to
tools ->
 folder options
then check the checkbox Show hidden files and also uncheck Hide protected operating system files“. click on yes and press OK.

Step 5)
Now Open send to folder.

Step 6)
Now create shortcut of required folder.you may check for how to create shortcut for more guideline.

Done!!

In Windows 7 and 8 operating system this is not working.So it will helpful if somebody want to share if they know anything regarding this.
Thank you


Saturday 2 November 2013

Introduction To Pentesting

Introduction To Pentesting - BackTrack

Penetration testing is the legal and authorized attempt to exploit a computer system with the intent of making a network or system more secure. The process includes scanning systems looking for weak spots, and launching attacks and prove that the system is vulnerable to attack from a real hacker.
Penetration Testing has several names:
§  Pen Testing
§  Ethical Hacking
§  White Hat Hacking
As you learn more about the art of hacking, you will see three terms used a lot. The white hats, the black hats, and the gray hats. The white hats are the “good guys”. They hack systems and networks so that the black hats (“bad guys”) can not. The black hats, also known as “crackers” are those that use hacking with malicious intent. They’re the ones that want to steal company secrets or your credit card information. For this reason, it is important for the white hats to know the tools and tricks of the black hats to stay a step ahead of them. As for the gray hats, they’re a combination of white and black. They often hack just because they can or like the challenge.
By now you may want to download and install backtrack Linux on your computer. Recommended Reading: The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easyhttp://www.assoc-amazon.com/e/ir?t=novice2guru-20&l=as2&o=1&a=1597496553
A great book for anyone just learning how to hack or just wants to know more about security. Covers a lot of what you’ll find here plus a lot more. I can’t recommend this enough for beginners.
Hacking Lab
Having a place to practice is necessary to learn how to hack. This is were your own home hacking lab comes in. It is a place where you can control your attacks without harming any other systems. We want out lab to be isolated and have no chance of escaping to targets we didn’t mean to attack.
Option 1:
§  Two computers
§  Ethernet Cable
§  A switch
Option 2:
§  Use Virtual Machines
You will need 3 or more virtual machines. One for backtrack, one for a windows machine, and one for another linux box. The linux box will act as out victim server: SSH, Webserver, FTP, etc.
Option 1 is in case you have older hardware that can’t handle running more than one VM. However, these days, modern hardware can handle them. Option 2 is the better choice because you only need one computer.
Steps in Penetration Testing
1.      Reconnaissance
2.      Scanning
3.      Exploitation
4.      Maintaining Access

Hope you'll find almost every kind of need here. Check out Penetration Testing steps mentioned above. 


YouTube Tricks

YouTube Tricks, Tips & Secret Features You Might Have Missed

YouTube, the extremely popular video sharing website by Google averaging more than 3 billion page views per day needs no introduction to its fans who spend a considerable amount of time watching and sharing videos. While most of these users know every nook and corner of this website, there are some features that are hidden deep within, in a manner that only few of the most experienced users seem to know about them. This article contains some such features, tips and tricks.
YouTube MySpeed 
Are YouTube videos taking too much time to load on your internet connection? Visit the 
YouTube MySpeed page to find your video streaming speed and compare it with the average speed of your ISP, your city, your state, your country and the world.

YouTube Disco
YouTube is all set to replace your music players with 
YouTube Disco. This music discovery project allows you to find the videos of your choice, create a list of them and then easily watch them without having the need to choose a new video after the one you are watching is finished.

YouTube Snakes Easter egg
You can play the classic Snakes game while watching any video in your browser. Just pause and resume a video, hold the left arrow key for 2 seconds and while still holding it, press the Up arrow key. This only works in the new YouTube player on videos played on YouTube.com.

YouTube Editor
Do you edit your videos before uploading them to YouTube? Now, you don't need to because it lets you to do all of that online with 
YouTube Editor; well not all of that but it at least lets you combine, trim and rotate videos. The best part about YouTube Editor is that it allows you to find copyright free music that you can add to your videos. It also offers some comparably advanced features like stabilizing shaky videos and inserting transitions.

YouTube Leanback
YouTube lets you watch the videos of your choice but have you ever wanted to just sit back and enjoy watching videos just like you watch television?
 YouTube Leanback can help. YouTube Leanback plays high quality full screen videos tailored to your choices (if you are signed in to your Google account). If you are not signed in, you can choose a category to watch videos from, watch featured videos and even search for the video of your choice. You can then connect your TV to your computer to seamlessly enjoy TV, YouTube style.
YouTube Leanback
YouTube XL
While you can enjoy videos on your TV using Leanback, the interface is far from desirable. So, to allow users on smart TVs browse videos more effectively, YouTube has an
 XL version for large screen sizes. This version does not have comments and other unimportant stuff that you see in the standard version.

Set default video playback quality
Are you annoyed at manually changing the quality of every YouTube video you watch? Now you don't need to, because YouTube has
 an option that automatically lets you select the quality of videos you see. If you have a slow connection, you can select the option of never playing high quality videos. You can also select the option of showing captions and annotations automatically.

Watch Videos blocked in your country : URL trick
If the URL of the video that is
 blocked in your country is youtube.com/watch?v={video-id}, you can access it by going to youtube.com/v/{video-id}. As an additional advantage, you will be able to view the video at the full size of your browser window.

Link to a specific time in a video
If you want to link to a video at a specific time, you can add #t=XXs to the URL where XX is a variable which represents the number of seconds after which the video will start.

YouTube Live
YouTube Live lets you find all live broadcasts available. You can also see a list of videos that are scheduled to be broadcasted at a later date.
Watch Live broadcasts on YouTube

Create a feed of almost anything on YouTube
Just go to the
 YouTube Data API page and build a custom feed for yourself. However, there is a problem with the URI generated for specific categories as  "{http://gdata.youtube.com/ schemas/ 2007/ categories.cat}" is also added. Remove this and the URI is good to go.

YouTube Charts
Want to find the best videos on YouTube? Use
 YouTube Charts to find what other users are watching, discussing and favoring. You can select a particular category to determine the best videos in that particular category. You can even filter videos to determine what has been popular this week, this month or this year. You also have the option to play all the videos obtained in results.

Legally Watch Full Length Movies and TV Shows on YouTube
YouTube has a
 dedicated page to allow users to watch full-length ad supported movies for free. Movies are classified based on their genre and are offered in full HD quality. Movies are uploaded by the creators for the purpose of creating another source of revenue for themselves as Google gives them a portion of the advertising revenue. A similar page exists for TV shows.

YouTube Feather Beta
Love browsing videos but are on a terribly slow connection?
 Feather, the new experimental feature to allow users on slow connections enjoy YouTube might help you. It achieves this by serving the lowest amount of data to a user. Naturally, this means removal of several features that don't add much value. Feather is currently available only as an opt-in service which allows you to opt out anytime you want.