HACKMANIA

As we enjoy great advantages from inventions of others, we should be glad of an opportunity to serve others by any invention of ours; and this we should do freely and generously.
-Benjamin Franklin

"Tell me first,what comes in your mind when you think of hacker or hacking?"

According to survey from HACKMANIA it has been found that mostly people thinks them as "DUDE" who are engaged in petty activities with Internet and computers.

"But... to me"

"HACKER is one who enjoys and sense great freedom with computers. HACKER’S carries deep interest in CORE computer technology along with knowledge of Information processing. They live with it and live for it.
e.g. count bill gates as hacker.HACKER is one who thinks ETHICAL and always does ETHICAL. Else he/she is CRACKER!!!

Well I'm not here to give you ideology and to make you hacker either. Just keep in mind that nobody in this world and make you hacker. Because it's and inherent feeling,no one can impose it over you. Just keep in mind that hacking is an art that comes from within. It is a kind of imagination that a Master of Art carries with deep and eternal knowledge.
______________________________________________________________
Whatever I am presenting here in www.hackomania.blogspot.com is ethical and true to my knowledge. Now it depends upon you,how you uses it Whether in HACKING or CRACKING.
Check sister project: www.crackomania.blogspot.com


Many post about hacking will tell you not to survive on WINDOWS if you Dreams to be Hacker.Remember Hacker can't be conservative. You knows no boundary so you are here. Hackmania will talk with each and every aspect. Here i will account that each and every operating system are best in their own way serving the needs of people.
______________________________________________________________
LETS US START FROM HERE


At first you need to master operating system.Hackmania considers you are almost aware of WINDOWS OS already.This is time learn something new and serious. You need to get your head over Operating systems like UNIX(open BSD, free BSD,UNIX WARE etc. )and LINUX(Ubuntu,red-hat,mandrake etc.).These Operating systems are best for them who is set to GO


For tutorial of LINUX CLICK HERE.

Learn LINUX, as it's best OS that will make you aware of operating system concepts. It is meant for serious people who have GUTS for HACKING. LINUX is fast, secure and comes FREE under GNU.

To download FREE copy of LINUX CLICK HERE.

To request a UBUNTU CD FREE click on this LINK

My major emphasis in hackmania is about network security and vulnerabilities in them.
______________________________________________________________

:PRINCIPLES OF HACKING:

Steps of hacking:-

1.Reconnaissance
2.Probe
3.Toehold
4.Advancement
5.Stealth
6.Listening post
7.Takeover

1. Reconnaissance:
Reconnaissance means art of Information gathering. It is first step of hacking as one needs to gather enough information about the target he/she is attacking upon. Information gathering is done in various ways.
• Social engineering
• Electronic social engineering: phishing
• Using published information
• Port scanning
• Network mapping
2. Probe:
A small utility program that is used to investigate, or test, the status of a system, network or Web site. Probes are mostly used for lawful purposes to determine if a device is functional. They can also be used by crackers to locate weaknesses in the system. A Web probe analyses a Web site and reports data such as response time, security protocols supported and type of Web server.
e.g scanners,sniffers.

3. Toehold:
Here comes exploiting security weakness and gaining entry into system. At this stage vulnerability is discovered and intruder sets connection between his/her and target system. After establishing connection intruder remotely executes hostile commands on target. After gaining entry may intruder can go on rampage and make and can make system worst. If the current USER ID is for privileged user then, intruder will jump
to stealth stage or will get into advancement stage.

4. Advancement:
Here comes advancing from privileged account to privileged one. Intruder uses local exploit tools to obtain more information so that they can looks for more vulnerability and configuration related errors. Once local vulnerability has been found intruder can get advancement from unprivileged UID to root UID. Then with highest level of privileges intruder can finally control the system. He/she can steal that, can modify programs and files maliciously, can also delete the entire file system.

5. Stealth:
It is method to delete all clue through which you can be traced. Generally Intrusion detection system (IDS) logs all system behaviour and activity. And intruder always wants to hide these activities so he/she can may delete log files. Intruder can may replace the systems binary code with malicious version of code.

6. Listening post:
Intruder installs a back-door to establish a listening post. Intruder inserts a malicious program into the system, such as stealth tool, a back-door tools and sniffer. These programs insure that intruder’s future activities will not be logged. They report fake information on files, processes, and status of network interface to the administrators. They allow intruder to access the compromised system through the back-door with the help of sniffer tools. The intruder can as well capture traffic on network interfaces. Intruder can better control these systems.

7. Takeover:
Takeover means intruder now have complete control systems. They can do maximum exploit to your system if they wish. They can even expand there control from single host on network and as may affect other systems as well. From activities described above they can get specific information about your systems. Such as, user-names and passwords. Intruder can check some specific configuration files (e.g. /.roosts) of the controlled host and use it break into another systems as well.

Overview of hacking tool kits:-

  • Scanners
  • Sniffers and snoopers
  • Spoofing tools
  • Trojan horse
  • Password cracker
  • Denial of service tools
  • Stealth and back-door tools
  • Malicious applets and scripts
  • Logic bombs
  • Buffer overflow
  • Bugs in software
  • Holes in trust management
  • Social engineering
  • Dumpster diving


DESCRIPTION:

1.Scanner:
scanners are used to find out vulnerabilities in systems. They have cons and pros, it depends who are using them and for what purpose. If he/she is ethical hacker then its fine. If he/she is cracker then might harm you.


I'm presenting here list of specific scanners.It'll better to download them and have a hand over them.


i.THC amap
ii.NBTscan
iii.ike-scan
iv.SPIKE proxy


b. Vulnerability Scanners(click to download)

i.Nmap
ii.Nessus
iii.GFI languard
iv.Retina
v.Core impact
vi.ISS Internet scanner
vii.X-scan
viii.sara
ix.Qualysguard
x.SAINT
xi.MBSA


i.Nikto
ii.Pros proxy
iii.Webscarab
iv.Webinspect
v.Whisker/libwhisker
vi.Burpsuite
vii.Wikto
viii.Acunetix WVS
ix.Watchfire appscan
x.N-stealth




i.Metasploit framework
ii.Core impact
iii.Canvas


2.Sniffers and snoopers:

A sniffer logs network data. Intruder can plug-in a sniffer to monitor the network traffic and obtain necessary information to access other hosts in network.

A snooper can also known as spyware, monitors users activities by snooping on a terminal emulator session. Monitoring process memory, and logging a user's keystroke. By watching the users actions intruder can obtain useful information to attack other users on computer or even other system on the network.

List of packet sniffers:
ii.kismet
iii.tcpdump
vi.dsniff
viii.ntop
ix.ngrep
xi.kismac



3.spoofing tools:

In a network the data packet always contains the source address field, which can expose the source of intruder if he/she sends the malicious packets. Hence to hide and avoid detection the intruder uses spoofing tools to forge another source address i.e address of another host or a non-existing address. The spoofed address can be IP-address or physical address, depending of the type of the network.

Note:
To gain access to network from outside- If the firewall of target network is not configured to filter out spoofing packet with source address belonging to the local domain; it's possible for an intruder to inject packets with spoofed inner address through the firewall.

List of spoofing tools:


I would like to lay special emphasis on ARP spoofing. As it's method that can teach you actually what goes inside.


ARP spoofing

ARP poisoning tools:
ARP(Adress resolution protocol) is used to determine MAC address of a device with a known IP address.
The translation is performed with table lookup.
The ARP cache accumulates as the host continues to network.If the ARP cache doesn't have entry for an IP address, the outgoing IP packet is queued, and an ARP request packet broadcasts essentially the following request: "if your IP address matches this target IP address, the please let me know what your Ethernet address is"
The host with target IP is expected to respond with an ARP reply, which contains the MAC address of the host. Once the table is updated because of having received this response, all the queued IP packet can be sent.The entries in the table expires after a set time to account for possible hardware address changes for the same IP address. This change may have happened, for example NIC (network interface card) was replaced.

Tools capable of performing ARP poisoning:

Now here is the stuff for programmers who are interested in understanding ARP poisoning more vigorously
It will be better to know about pcap if you are trying ARP spoofing.

ARP Spoofing code by using CbuildPacket

CBuildPacket is designed to send the built ARP, TCP, and ICMP packets to the network. There are many libraries or components such as Libnet and so forth on the Internet, but they have some weak points such as decreasing readability. So, this class is developed. The source of CBuildPacket will be opened.

To understand more about ARP posoning see: CLCIK HERE


For defense and tools of ARP posioning:

 4. Trojan horse:
The Trojan Horse, from Greek mythology, was a giant hollow horse containing Greek soldiers, used to overtake the city of Troy during the Trojan War.
In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.

Trojan horse can affect your system in following ways:
  • Remote access
  • Data destruction
  • Downloader/dropper
  • Server Trojan(Proxy, FTP , IRC, Email, HTTP/HTTPS, etc.)
  • Disable security software
  • Denial-of-service attack (DoS)
Now, I am presenting here Extensive and Exhaustive list over trojan horse programs for better unserstanding of trojans.

Warning: Don't use this information for any unethical cause.

Trojan listing alternatives


shmgrate.exe:
This is process running under window platforms like many other process. Now experts suggests that this Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your computer.shmgrate.exe if running on your PC it means that your pc has been nfected with a Trojan known as 'gaster'.
Gaster trojan should be fixed immediately.Delay in removal of shmgrate.exe may cause serious harm to your system and will likely cause a number of problems, loss of data, loss of control or leaking private information.

For detailed information of processes check this: PROCESS LIBRARY


5.Password Cracker:
 A password cracker is an application program that is used to identify an unknown or forgotten password to a computer or network resources. It can also be used to help a human cracker obtain unauthorized access to resources.

Methods of cracking Password:

Brute-force: When a password cracker uses brute-force, it runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system.
Dictionary searches: It searches each word in the dictionary for the correct password. Password dictionaries exist for a variety of topics and combinations of topics, including politics, movies, and music groups.
Some password cracker programs search for hybrids of dictionary entries and numbers. For example, a password cracker may search for ants01; ants02; ants03, etc. This can be helpful where users have been advised to include a number in their password.
Another method is identifying encrypted passwords. After retrieving the password from the computer's memory, the program may be able to decrypt it.

Or, by using the same algorithm as the system program, the password cracker creates an encrypted version of the password that matches the original.

List of password crackers:

1.     Cain and Abel
2.     John the Ripper
3.     THC Hydra
4.     Aircrack
5.     L0phtcrack
6.     Airsnort
7.     SolarWinds
8.     Pwdump
9.     RainbowCrack
10. Brutus

One can get better view of password cracking by getting there head over Brute force Attack:

Brute Force Attack

Brute force attacks use exhaustive trial and error methods in order to find legitimate authentication credentials.
Attackers can use brute force applications, such as password guessing tools and scripts, in order to try all the combinations of well-known usernames and passwords. This application can may use default password databases or dictionaries that contain commonly used passwords or they may try all combinations of the accepted character set in the password field.
User identification is not always achieved with a username and password pair. Using a brute force tool makes it easy to find a legitimate session ID that appears in a URL (see Parameter Tampering). A session ID is an identification string used to associate specific Web pages with a specific user. The following is an example of such a session ID.
http://greetings.acme-hackme.com/view/9BA54003218827622
This is an example of a greeting card site that has a unique session ID for each greeting card. Using Brute Force applications, attackers may try thousands of session IDs embedded in a legitimate URL in an attempt to view greeting cards that they are not authorized to view.
It is relatively easy to find a legitimate key for an object id. For example, consider the URL:
http://www.orkut.co.in/Main#Album.aspx?uid=39101007091397604758&aid=1247473078    
In this example, the dynamic page requested by the browser is called Album.aspx and the browser sends the Web server the parameter i.e uid=39101007091397604758&aid=1247473078IHJD. An attacker may try brute force values for uid to get users.
Brute force attack can't comply in every situation. For example see this fact-

The amount of time required to break a 128-bit key is also daunting. Each of the 2128 (340,282,366,920,938,463,463,374,607,431,768,211,456) possibilities must be checked. A device that could check a billion keys (1018) per second would still require about 1013 years exhausting the key space. This is a thousand times longer than the age of universe, which is about 13,000,000,000 (1.3 \times 10^{10}) years.

What you say now?

Hackmania

Hi, everybody this blog has been created especially for those people who have sheer interest in CORE computer technology and HACKING. Those who want to add something valuable to this word of technology with there virile and versatile mind.
since. hacking is all about interest of someones mind...so i would try to make it as much interesting as much i can.













You are the visitor number 
Website counter  

My site was nominated for Best Geek Blog!

Followers