.: Cyber security

Showing posts with label Cyber security. Show all posts

Tuesday, 19 April 2011

SQL video tutorials by Microsoft Certified Systems Engineer

SQL video tutorials by Microsoft Certified Systems Engineer.

SQL tutorial video by Microsoft certified Systems Engineer
This Transact SQL tutorial video is instructed by Microsoft certified Systems Engineer and Database administrator Mark Long. In this tutorial, you will not only learn about this data definition, manipulation, and control language, but you will also become better prepared for the MCDBA certification. It will also help you become a better Database Administrator.
Mark Long begins by introducing you to the origins and capabilities of Transact SQL. He will give a brief history of databases and will cover some language basics, including scripts, batches, functions, and views. From there, he moves onto more advanced ideas by teaching you about TSQL tools, such as the Query Analyzer and the Enterprise Manager. He then goes into great depth explaining the 4 main commands: SELECT, INSERT, UPDATE, and DELETE. You will also learn about indexes, variables, and stored procedures.
Code:

http://rapidshare.com/files/272340425/videotraining_sql.part1.rar

http://rapidshare.com/files/272344282/videotraining_sql.part2.rar

Prevent Website/Server Hacking enable Safe Mode and disable Functions

Just a Short article, to show you how to Enable Safe_Mode and disable Functions which could be the cause of a Website/Server Hacking.

Enabling Safe_Mode

First, Connect to your Server via SSH using Putty or Similliar, or Under Gnu/Linux type in a terminal:

ssh root@ip-address -p portYou'll have to edit php.ini file, Type: nano /etc/php.ini

if you don't know the location of your php.ini file, Create a php file (phpinfo.php) With this content:

Upload it to your Website/Server and open it in your browser, You'll find the location of php.ini in "Loaded Configuration File"

Find (Ctrl + W):

safe_mode = Off

Change it to:

safe_mode = On

Disabling Functions

Find (Ctrl+W):

disable_functions =

Then add the functions that you want to disable, seperated by comma.

Example:

disable_functions= dl,popen,system,exec,shell_exec,suExec,passthru,escapeshellcmd,escapeshellarg,symlink

Hack Websites Top 10 Tricks to Exploit SQL Servers

Whether it is through manual poking and prodding or the use of securitytools, malicious attackers employ a variety of tricks to break into SQL server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.testing

1. Direct connections via the Internet
These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield?s Port Report shows just how many systems are sitting out there waiting to be attacked. I don?t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning
Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or thedatabase system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assesment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.?s NGSSquirrel for SQL Server (for database-specific scanning). They?re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

Figure 1: Common SQL injection vulnerabilities found using WebInspect.

3. Enumerating the SQL Server Resolution Service
Running on UDP port 1434, this allows you to find hidden database system. Chip Andrews? SQLPing v 2.5 is a great tool to use to look for SQL server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren?t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords
Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS software Ltd. also have this capability.

5. Direct-exploit attacks
Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit?s MSFConsole.

6. SQL injection
SQL injection attacks are executed via front-end Web applications that don?t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informativeprefer to perform the follow-through using an automated tool, such as SPI Dynamics? SQL Injector, shown in Figure 3.

Figure 3: SPI Dynamics? SQL Injector tool automates the SQL injection process. errors, commands being executed and more. These attacks can be carried out manually ? if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I

7. Blind SQL injection
These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn?t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that?s where Absinthe, shown in Figure 4, comes in handy.

Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.

8. Reverse engineering the system
The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you?ll find a discussion about reverse engineering ploys.

9. Google hacks
Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors ? such as ?Incorrect syntax near? ? leaking from publicly accessible systems. Several Google queries are available at Johnny Long?s Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web Servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google?s ?site:? operator often turns up juicy info you never imagined you could unearth.

10. Perusing Web site source code
Source Code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.

.................................................................................................................................................

FREE Anti-Virus Software For Mac By Sophos

Well most Apple users would tell you they don’t need anti-virus anyway, viruses and malware are a Windows problem – not something the hi-tech hipsters need to worry about.

Sophos Anti-Virus for Mac Home Edition

And let’s face it, even if you run Windows you don’t really need to run anti-virus either if you practice good web-habits. But with the amount of idiots running OSX on their shiny Macbooks – malware may well become a problem for the platform.

It’s not a problem right now, the stats for malicious software on Apple platforms are still minuscule compared to the threats on Windows and even on Linux.

Sophos released a free of charge Mac anti-virus product for consumers on Tuesday in a bid to highlight the growing security risk against the platform and to shake fanbois out of their complacency.
The business-focused internet security firm is making Sophos Anti-Virus Home Edition for Mac available for download at no charge – with no time limit, and requiring no registration. The technology is a cut-down version of Sophos’s pre-existing anti-virus software for Macs and will ship with detection of thousands of malware strains including Trojans and rootkits. Sophos has no plans to release an equivalent free of charge Windows anti-malware scanner.
Three well-established freebie security scanners (AVG, Avast, Avira) already exist even without considering Microsoft’s own Security Essentials software. Although commercial anti-virus packages for Macs have been sold for some time by the likes of Intego and Symantec – and more recently by Kaspersky and Panda – Sophos’s software one of very few freebie scanners for Macs available to date.

It’s a pretty interesting move from Sophos tho, business wise, as they have no plans into strong-arming users into paying for a commercial version by releasing a crappy crippled version under the guise of ‘free’ software.

Sophos has always been a company with strong technology, so even as freeware I’d expect this to be fairly capable software. There are other commercial AV systems out their for Mac – but this is the first one from a reputable vendor that is free. I mean there’s ClamAV – but in all honestly who would want to rely on that?

It’s not the first freebie scanner for Macs currently available, contrary to claims in the first version of this article. Others including, most notable, ClamAV exist.
Past threats to Mac users have included malware disguised as pirated software and uploaded onto P2P file-sharing networks, supposed video codecs that actually contain a Mac-specific Trojan horse and strains of Windows malware capable of infecting virtual installations of Windows running on a Mac.
Apple acknowledged the malware problem by integrating rudimentary protection against a handful of Mac Trojans in Snow Leopard, Sophos notes, arguing that users running its software are provided with more comprehensive protection against potential threats.
Carole Theriault, senior security consultant at Sophos, explained that while the picture is different in enterprise environments, “home Mac users aren’t protecting themselves from malware”.
Theriault admitted that Windows threats counted in their millions dwarf the number of strains of Mac malware, which can be counted in their thousands, but maintained there was a need for protection, whatever sales people in Apple Stores might say to the contrary. “We want to raise awareness,” she explained.

Either way it’s an interesting move from Sophos and we’ll have to see where it goes from here. They claim they won’t charge for it, but who knows? And will this pressure other AV vendors that have paid versions for Mac to release free versions for Home users. Much like the Windows vendors do (Avira, Avast!, AVG etc).

More on the software, together with hardware compatibility information, can be found out from a download micro-site here:

Source:Thedarknet

Download Free Astalavista Security Toolbox (v5.0)

Quote:

Astalavista's Security Toolbox DVD 2008 (v5.0) is considered to be the largest and most comprehensive Information Security archive. As always we are committed to provide you with a resource for all of your security and hacking interests, in an interactive way! The Information found on the Security Toolbox DVD has been carefully selected, so that you will only browse through quality information and tools. No matter if you are a computer enthusiast, a computer geek, a newbie looking for information on "how to hack", or an IT Security professional looking for quality and up to date information for offline use or just for convenience, we are sure that you will be satisfied, even delighted by the DVD!

Quote:

Main benefits:
- almost 40% off the real price (49.95 USD) so you get the Astalavista's Security
Toolbox DVD 2008 (v5.0) for only 29.95 USD
- Extremely comprehensive (about 2'562 Tools!)
- Very well sorted archive with detailed descriptions (276 categories!)
- Improved performance of the Security Toolbox, information has never been that

easier to find
- You can download the DVD yourself at home
- You will automatically become part of the new Astalavista's Promotion Service,
meaning that you will receive information about promotions and special services,
which is not going to be released to the public.

System requirements
* Windows 95/ME/98/2000/NT/XP/Vista
* DVD-R Drive or a virtual drive

Download

Code:

http://www.megaupload.com/?d=44DB7YB0
http://www.megaupload.com/?d=3SZ4B83W
http://www.megaupload.com/?d=4AVDQ5WW
http://www.megaupload.com/?d=BOZ45GZD
http://www.megaupload.com/?d=5N51R6HZ

The Web Application Toolbox - WATOBO

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities. WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only.

How Does It Work?

WATOBO works like a local proxy, similar to Webscarab, Paros or BurpSuite.

Additionally, WATOBO supports passive and active checks. Passive checks are more like filter functions. They are used to collect useful information, e.g. email or IP addresses. Passive checks will be performed during normal browsing activities. No additional requests are sent to the (web) application.

Active checks instead will produce a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.

WATOBO Advantages

Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
Can perform vulnerability checks out of the box.
Supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
Smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
Written in (FX)Ruby and enables you to define your own checks
Free software ( licensed under the GNU General Public License Version 2)

There is an ‘unofficial’ manual here:

WATOBO – the unofficial manual

And some video tutorials to get you started here.

You can download WATOBO 0.9.5 here:

watobo_0.9.5rev226.zip
Source TheDarknet

Prevent Website/Server Hacking enable Safe Mode and disable Functions

.......................................................................................................... ........................................................

SQL video tutorials by Microsoft Certified Systems Engineer

SQL video tutorials by Microsoft Certified Systems Engineer.

SQL tutorial video by Microsoft certified Systems Engineer
This Transact SQL tutorial video is instructed by Microsoft certified Systems Engineer and Database administrator Mark Long. In this tutorial, you will not only learn about this data definition, manipulation, and control language, but you will also become better prepared for the MCDBA certification. It will also help you become a better Database Administrator.
Mark Long begins by introducing you to the origins and capabilities of Transact SQL. He will give a brief history of databases and will cover some language basics, including scripts, batches, functions, and views. From there, he moves onto more advanced ideas by teaching you about TSQL tools, such as the Query Analyzer and the Enterprise Manager. He then goes into great depth explaining the 4 main commands: SELECT, INSERT, UPDATE, and DELETE. You will also learn about indexes, variables, and stored procedures.
Code:

http://rapidshare.com/files/272340425/videotraining_sql.part1.rar

http://rapidshare.com/files/272344282/videotraining_sql.part2.rar

Hack Websites Top 10 Tricks to Exploit SQL Servers

.................................................................................................................................................

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

From: eidelweiss () windowslive com
Date: 8 Apr 2011 16:28:59 -0000

================================================
  joomlacontenteditor (com_jce) BLIND sql injection vulnerability
================================================
  
Software:   joomlacontenteditor (com_jce)
Vendor:     www.joomlacontenteditor.net
Vuln Type:  BLind SQL Injection
Download link:  http://www.joomlacontenteditor.net/downloads/editor/joomla15x/category/joomla-15-2 
Author:     eidelweiss
contact:    eidelweiss[at]windowslive[dot]com
Home:       www.eidelweiss.info
Dork:       inurl:"/index.php?option=com_jce"
  
  
References: http://eidelweiss-advisories.blogspot.com/2011/04/joomlacontenteditor-comjce-blind-sql.html
  
  
==============================================================
Description:

JCE makes creating and editing Joomla!® content easy Add a set of tools to your

Joomla!® environment that give you the power to create the kind of content you want,

without limitations, and without needing to know or learn HTML, XHTML, CSS... 

==============================================================

    exploit & p0c
  
[!] index.php?option=com_jce&Itemid=[valid Itemid]
  
    Example p0c
  
[!] http://host/index.php?option=com_jce&Itemid=8    <= True
[!] http://host/index.php?option=com_jce&Itemid=-8   <= False
  
  
==============================================================
  
    Nothing Impossible In This World Even Nobody`s Perfect
  
=============================================================

Cain & Abel v4.9.40

oxid.it has released an updated Cain & Abel version 4.9.40!

“Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.”

LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta

From: by_argos () hotmail com
Date: Thu, 7 Apr 2011 14:39:28 -0600

========================================================
1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) -

Local File Include Vulnerability
========================================================
  
Software:             1024cms Admin Control Panel v1.1.0 Beta (master-cpanel package)
Vendor:                http://1024cms.org/
Vuln Type:              Local File Include
Remote:                 Yes
Local:                  No
Discovered by:  QSecure and Demetris Papapetrou 
Website:                http://www.qsecure.com.cy
Discovered:             15/03/2011
Reported:               29/03/2001
Disclosed:


VULNERABILITY DESCRIPTION:
==========================
The script "/index.php" is prone to a local file-include vulnerability because it fails

to properly sanitize user-supplied input in the "processfile" parameter.

An attacker can exploit this vulnerability to obtain potentially sensitive information

and execute arbitrary local scripts in the context of the webserver process. This

may allow the attacker to compromise the application and the underlying computer;

other attacks are also possible.


PoC Exploit:
============
/index.php?mode=login&processfile=../../../../../../etc/passwd

BlackSheep – Detect Users Of FireSheep On The Network

As you surely know, things blew up recently at Toorcon 12 with the release of the much talked about Firefox plugin called Firesheep.

There were various discussions about how to mitigate against it like using Firefox plug-ins to force SSL connections (where available). Microsoft also tried to secure Hotmail with SSL.

For the 1 person in the World left that doesn’t know, Firesheep allowed any user to seamlessly hijack the web session of another user on the same local network. Although such attacks are not new, the ease of use presented by Firesheep brought session hijacking to the masses.

BlackSheep, also a Firefox plugin is designed to combat Firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:

It should be noted that Firesheep and BlackSheep cannot be installed on the same Firefox instance as they share much of the same code base. If you want to run both Firesheep and BlackSheep on the same machine, they should be installed in separate Firefox profiles.

Requirements

In order to install BlackSheep, you need:

Mac OS X: 10.5 or newer on an Intel processor.
Windows: XP or newer. Install Winpcap first!
Firefox: 3.5 or newer. 32-bit only.
Linux : details here

You can download BlackSheep here:

blacksheep-latest.xpi

How To Sign Out of Gmail Account Remotely

Sign Out of Gmail Account Remotely
Gmail is one of the widely use email service.There are lot of features in gmail. There is a security feature for gmail known as remote logout. Many of use more than one computers to login to gmail account. Some times we often leave the browser opened & not being logged out of gmail or we are in cyber cafe and any power cut or computer faliure occurs and if the computer is at office or any public place your account may be hacked or misused by someone else.
But there is a method by which you can l;og out from your gmail account remotely.
Open you gmail account and go to bottom of the page ,there you will see something as shown below..

gmail-remote-logout

Now you can click on “Details” which shows you a pop-up having details about your last sessions.Click on “Sign out all other sessions” to sign out of gmail at all other places exept the current.
By this simple feature you can check that your gmail account is hacked or not.
...........................................................

GNS3 – Graphical Network Simulator

GGNS3 is a graphical network simulator that allows simulation of complex networks. It’s an excellent complementary tool to real labs for network engineers, administrators and people wanting to pass certifications such as CCNA, CCNP, CCIP, CCIE, JNCIA, JNCIS, JNCIE. It can also be used to experiment features of Cisco IOS, Juniper JunOS or to check configurations that need to be deployed later on real routers.

To allow complete simulations, GNS3 is strongly linked with:

Dynamips, the core program that allows Cisco IOS emulation.
Dynagen, a text-based front-end for Dynamips.
Qemu, a generic and open source machine emulator and virtualizer.

Features Overview

Design of high quality and complex network topologies.
Emulation of many Cisco IOS router platforms, IPS, PIX and ASA firewalls, JunOS.
Simulation of simple Ethernet, ATM and Frame Relay switches.
Connection of the simulated network to the real world!
Packet capture using Wireshark.

This project is an open source, free program that may be used on multiple operating systems, including Windows, Linux, and MacOS X.

You can download GNS3 v0.7.2 here:

Windows All-in-one – GNS3-0.7.2-win32-all-in-one.exe
Windows Binary – GNS3-0.7.2-bin-win32.zip
Mac DMG Package – GNS3-0.7.2-intel-x86_64.dmg
Linux/Source – GNS3-0.7.2-src.tar.gz

hacking tricks,download,songs,games....

Pages

Tuesday, 19 April 2011

SQL video tutorials by Microsoft Certified Systems Engineer

SQL video tutorials by Microsoft Certified Systems Engineer.

Prevent Website/Server Hacking enable Safe Mode and disable Functions

Hack Websites Top 10 Tricks to Exploit SQL Servers

FREE Anti-Virus Software For Mac By Sophos

Well most Apple users would tell you they don’t need anti-virus anyway, viruses and malware are a Windows problem – not something the hi-tech hipsters need to worry about.

Download Free Astalavista Security Toolbox (v5.0)

The Web Application Toolbox - WATOBO

Prevent Website/Server Hacking enable Safe Mode and disable Functions

SQL video tutorials by Microsoft Certified Systems Engineer

SQL video tutorials by Microsoft Certified Systems Engineer.

Hack Websites Top 10 Tricks to Exploit SQL Servers

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

Cain & Abel v4.9.40

LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta

BlackSheep – Detect Users Of FireSheep On The Network

How To Sign Out of Gmail Account Remotely

GNS3 – Graphical Network Simulator

Blog Archive

About Me