Bangladesh Supreme Court Website Hacked

Wow! on 11/11/2011, the official website of the supreme Court of Bangladesh was hacked by the Bangladeshi Underground Hacker 3xp1r3 Cyber Army. Very soon it was recovered by the information technology experts of the court around 8:00pm. In this process, all the data was safe because they want to give them simple warning.

Head of IT department of the apex court Quddus Zaman confirmed the restoration of the site, www.supremecourt.gov.bd. Earlier, Supreme Court registrar A K M Shamsul Islam told , "A person from Singapore called me up in the morning & said the website of the Supreme Court has been hacked. Several others also phoned me later and complained about it."

That’s it from the KrackoWorld’s News Centre.
Thanks

Learn How to Hack Twitter Accounts

I thing all of you know that Twitter is one of the greatest social networking sites ever at present in which fans and followers plays a vital role. Its Alexa rank is 9 and contains over 4,842,211 links as per now. Therefore, Today I am going to tell some hacks and cracks about it which make hacking interesting and enjoyable because I am coming lots of email regularly regarding it (that how to hack Twitter).

1. Phishing Attack via Fake Login Page

1. First of all download Twitter Fake Login Page from Here.
2. Extract all the files in a separate folder.
3. Now make an account at 110mb.com and after being registered, upload all the data I have provided in step 2.
4. Done! Hence Copy the twitter.htm url in your 110mb account and distribute it in your friends to sign in and watch.
5. Once your victims entered his/her login information at that page, all his/her sensitive information along with its username and password comes into your account with the help of a file named as pass.txt
6. Enjoy… you have successfully hacked your victims Twitter account.

2. Keylogging

Hence keylogging makes Twitter account hacking very easy. You can read my post on Sniperspy Keylogger here and Hardware keyloggers at here.

3. Social Engineering and Primary Email Address Hack

4. Cracking passwords via Dictionary Attacks

Read my previous post here to understand the concept of Dictionary attacks via Brutus.

5. Harmful Scripts and Viruses

6. Cookie Stealing techniques

Click here to know more…

Check your Chinese Phone Whether its IMEI No. is Original or Not ?

As you all knows that IMEI stands for International Mobile Equipment Identity which means every phone has its unique IMEI No. for its identity. Last year, our government has banned many Chinese phone and also other brands like Alkatel, Sigmatel, GFIVE, Spice, Carboonn etc. due to their invalid IMEI number. So its your duty to first check any phone IMEI no. before buying it by the given process below-

Procedure-

1. Press *#06# on your mobile handset and note down the 15 digit IMEI number carefully.
2. Now Compose a new message from your mobile >> Type your 15 digit IMEI number >> Send it to 53232
3. If you get “Success” as the reply, then your mobile IMEI number is valid.
4. If you get “Invalid IMEI” as the reply, that means your IMEI number is not valid.
5. Done!

Never Believe in Readymade Software's like Facebook Password Hacker and Crackers

Now a days people are getting curious to know about Facebook Hacking and Other cracks because they want to be a perfect hacker like me and another fact is that they also don't want to do nothing instead of tiring readymade software's like Facebook Password Hacker,Cracker, PayPal money adder, Gmail username & password Cracker etc. Hence the result is simple they get failed or fed up. As Hacking or cracking happens with our best knowledge,tricks and a small help of any software. So in this post, I wanted to say that don’t believe in such software's which says Hacking in 1 click and on payment seats. Many websites claim that their services can hack/crack Facebook passwords just for $50-100 in minutes, in real they are all scam and time wasting issues. Google,Facebook,Yahoo are that companies which cannot be fooled or hacked by any such single software in KBs because if it is possible then what the security experts of these companies are doing to bring the people…

Final point

Never believe in above Readymade Software's which are on Payment basics or says that they can hack any accounts in seconds. So just avoid goggling about that software's. Here is the real ways of Facebook Hacking.

If you have liked the post, then just donate us some amount to my email- karan.chauhan75@gmail.com and be a valuable reader.

Top Hacker Tools 2011

Nessus
The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date & easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

Ethereal
Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Netcat
Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol

TCPdump
TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

Hping
Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

DNSiff
DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

Snort
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

GFI Languard
GFI Languard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil's advocate alerting you to security vulnerabilities.

Ettercap
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

OpenSSH
OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

Kismet
Kismet is an 802.11 wireless network sniffer - this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.

NetFilter
NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.

John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix.

IP Filter
IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.

fport
fport identifys all open TCP/IP and UDP ports and maps them to the owning application.

OpenPGP
OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.

SAINT
SAINT network vulnerability assessment scanner detects vulnerabilities in your network's security before they can be exploited etc.

Thanks! Enjoy…

Hack Facebook Accounts Via FB Trusted Friends Password Recovery Feature

Its being a long time since I have posted an hack on Facebook Accounts, but today we are going to do it by some twist which means it is all different than Phishing, Keylogging and other Social Techniques. Hence, the process is Simply Facebook Trusted Friends Password Recovery Feature which is announced by Facebook earlier which is easily exploitable by us. Also Note- Last month Facebook has announced that around 60,000 accounts gets possibly hacked by this and they are going to fix it soon by doing some changes to it.

What is Facebook Trusted Friends Recovery feature ?

In this, if you ever lost your password and you don’t have any access to your default email address than this feature will comes into play by sending request to your 3 trusted friends and hence gaining your account password again.
For this technique you need to create 3 fake Facebook accounts and you need to surely add these as friends into your victims account.

After success full addition of your fake accounts into victims account as friends follow the below steps-
1. Go to www.facebook.com and click on Forgot your Password ?

2. Than you will get something like below just enter the details you know about him i.e. Username, email address and full name.

3. After entering everything, click on search button.

4. Now next click on No Longer Access to These.

5. After that, Facebook will say you to enter new email account that you have now full access to send you the recovery details. Note-I suggest you to enter a Fake or Temporary email address for safety purpose.

6. Than it will promote you to enter the Security question, well if you have some guesses about that one than that’s ok but if you don’t know it than simply enter 3-4 wrong answers and it will take you to the 3 trusted friends recovery page like below-

7. Now just click continue & Facebook will ask you to choose 3 trusted friends, choose the 3 fake profiles of your which you have created earlier and added into the victims account.

8. After selecting 3 accounts Facebook will send security codes to these accounts, just enter these codes and you will get Password Resetting email from Facebook on the account you created in Step 5.

9. Note- If you and your 3 friends are agreed to hack a single person account (victims), then this trick is considered as the best one because your 3 friends will easily give you security codes etc.. Condition- Your 3 friends will be added to your victims account.

That’s it ! You have hacked Facebook Account.

Introduction to Reverse Engineering

Acc. to Wiki, Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function & operation. It often involves taking something (e.g., a mechanical device, electronic component, software program, or biological, chemical or organic matter) apart and analyzing its workings in detail to be used in maintenance, or to try to make a new device or program that does the same thing without using or simply duplicating the original etc..

Reverse-engineering is especially important with computer hardware and software. Programs are written in a language, say C++ or Java, that's understandable by other programmers. But to run on a computer, they have to be translated by another program, called a compiler, into the ones and zeros of machine language. Compiled code is incomprehensible to most programmers, but there are ways to convert machine code back to a more human-friendly format, including a software tool called a decompiler.
Reverse-engineering is used for many purposes: as a learning tool; as a way to make new, compatible products that are cheaper than what's currently on the market; for making software interoperate more effectively or to bridge data b/w different operating systems or databases; and to uncover the undocumented features of commercial products.
Reverse-engineering can also expose security flaws and questionable privacy practice.
With the help of Reverse Engineering we can modify a software at own way... Like we can change the name of Software and also convert Trial Software to License one... n many more.
So Reverse Engineering is a hacker friendly tool... Use it n Enjoy responsibly..!!

Tools

1. OLLYDBG TOOL: Important one !
Download Link: http://www.ollydbg.de/odbg201b.zip

2. HEX WORKSHOP TOOL:
The Hex Workshop Hex Editor is a set of hexadecimal development tools for
Microsoft Windows, combining advanced binary editing with the ease and flexibility
of a word processor. With Hex Workshop you can edit, cut, copy, paste, insert, and delete hex, print customizable hex dumps and export to RTF or HTML for publishing. 
Download Link: HexWorkshop Tool

3. COMING SOON:

Have a great day! Peace…

Steganography‎- Hide Files beyond Images

In actual, Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. But here we will use Steganography to hide files beyond images acc. to modern Computer world. Therefore below I am writing the procedure plus some other steps to restore things again when Steganographed.

How Can We Hide the File In Image...

1. Gather the file you wish to bind, and the image file, and place them in a folder. I will be using D:\New Folder
-The image will hereby be referred to in all examples as xyz.jpg
-The file will hereby be referred to in all examples as New Text Document.txt
2. Add the file/files you will be injecting into the image into a WinRAR .rar or .zip. From here on this will be referred to as (secret.rar)
3. Now Open command prompt by going to Start > Run > cmd
4. In Command Prompt, navigate to the folder where your two files are by typing
cd location [ex: cd D:\New Folder]
5. Type [copy /b xyz.jpg + secret.rar xyz.jpg] (remove the brackets)
Congrats, as far as anyone viewing is concerned, this file looks like a JPEG, acts like a JPEG, and is a JPEG, yet it now contains your file.

In order to view/extract your file, there are 2 options that you can follow
a) Change the file extension from xyz.jpg to xyz.rar, then open and your file will be there.
b) Leave the file extension as is, right click, open with WinRAR and your file will be there.

Enjoy Hacking...

Mobile Bluetooth Hack

Well all of you know that Bluetooth is used to send/receive data from one phone to another phone, but today I am going to tell you the real power of Bluetooth to take advantage of your victims phone and do whatever you want from the given topic below with the help of a software (jar file) named as Super Bluetooth Hack 1.8. Enjoy !

Here is a list of what you can do when you have hacked the other phone.

• Read Messages. (They are no more personal)
• Read Contacts. 
• Change Profile !
• Play Ringtone even if the phone is silent (Annoy your classmates!)
• Play songs from the hacked phone in the same phone.
• Restart the phone (Show some magic to your friends!)
• Switch off the phone (Ultimate thing that you can do!)
• Restore Factory Settings (Do this to the most organized one and run away quickly!)
• Change Ringing Volume (You have enough experience how to use it. Don’t you?)

Follow these steps to hack any Bluetooth enabled mobile phone.

1. Download Super Bluetooth Hack 1.8 and also check that your mobile is in the list of supported handsets from the link provided. After you have downloaded the .jar file, install it in your mobile.
2. There is no need to install the software in the mobile which you want to hack.
3. Turn on the Bluetooth of your handset and open the Super Bluetooth Hack Application.
4. Select the connect option and then Inquiry Devices to search for any of mobile that has its Bluetooth turned on nearby.
5. Your friend’s Bluetooth must also be turned on to be found. Pairing between the devices is also necessary sometimes.
6. Once your friend’s phone has been found, try out above functions!

Cryptography and Its Types

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). In this, conversion of recognizable data into an encrypted code for transmitting it over a network (either trusted or untrusted) takes place. Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.
In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into cipher text, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.

The Purpose of it :

1) Authentication : The process of proving one's identity. 
2) Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver. 
3) Integrity : Assuring the receiver that the received message has not been altered in any way from the original. 
4) Non-repudiation : A mechanism to prove that the sender really sent this message.

In general, cryptographic algorithms are classified into three main categories given below :

1) Symmetric Key Cryptography (SKC) : Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key (or, less commonly, in which their keys are different, but related in an easily computable way). This was the only kind of encryption publicly known until June 1976. Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Whitfield Diffie and Martin Hellman proposed the notion of public-key Cryptography. Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

That’s it !