Sunday, 24 October 2010

Analyze your packets using xtractr

xtractr is a hybrid cloud application for indexing, searching, reporting, extracting and collaborating on pcaps. Analyze your packets using xtractr - theprohack.comThis enables you to rapidly identify field issues and perform network forensics and troubleshooting with just a few clicks. The lite version of xtractr can index up to 10 million packets or 1 Gbyte of pcaps.

While xtractr can be used as a standalone application, it works best with Mu Studio to convert the problematic conversation into a stateful test case. The indices stays local to you on your network & you only access the application through the cloud. The analytics, searching, reporting and content slicing all happen between your browser and your xtractr instance. It also has a built-in web server, & supports more than one person analyzing the cloud at a time .You can have your team collaborate on it, label interesting flows, search, extract and report concurrently. You can even analyze different sets of packets on different ports on different tabs in browser.

Analyze your packets using xtractr - theprohack.com

You can check out the application here

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED

Sunday, 24 October 2010 by Lucky · 0

All about Unite Hackers

Unite Hackers is a security campaign ran by media conglomerate NBC India to Unite all the computer security experts & Unite Hackers - theprohack.com hackers of India, in order to prevent cybercrime & attacks from foreign nations on our web servers. The campaign aims at projecting a positive image of hackers as heroes of computer revolution & not as a criminal, which I believe is a good thing for a country like India where hacking is still in a stage of infancy. The venture spans across internet using signature campaigns & print media using Hacker5 magazine. Unite Hackers is now a government recognized venture & the first of its own kind. In their own words -
"I request you all to support this campaign to unite all hackers of India under one roof to protect our country and make it cyber crime free. All hackers are not Criminals, they are the Heroes of the Computer Revolution. Let us make this country cyber protected with this young think tank, 73% hackers of India are in the age group of 12 to 19, they don't have direction. Let us unite these think tanks and spread awareness.”
The campaign is in its full swing, but as usual, there are people whose ideals differ from the above stated & they tried to defame Unite Hackers.

In Indian scene, there are prominent groups like Indian Cyber Army (ICA,the real one), Indishell , Indian Cyber Warriors/Andhra Hackers, HMG who are quite active.  What I believe, success of project lies in the willpower to turn something into successful. Unite Hackers is a novel concept in India where hackers leave their field either due to career problems or due to lack of teams. The success of project will guarantee motivated folks who will be able to pursue their passion in computer security. Fellow bloggers Parul Khanna, Rahul Tyagi, Prateek Singla, Raghu SharmaAmarjeet Singh are a part of this project.
If you want to support the project, leave your comments here.

cheers :)
like this post ? you can buy me a beer :)
Posted by XERO. ALL RIGHTS RESERVED

by Lucky · 0

Monday, 18 October 2010

NSDECODER – automatic Malware detection tool

Nosec has introduced NSDECODER which is a automated website malware detection tools. It can be used to decode andNOSEC - theprohack.com analyze weather the URL exist malware. Also, NSDECODER will analyze which vulnerability been exploit and the original source address of malware.

Functionality

  • Automated analyze and detect website malware.
  • Plenty of vulnerabilities.
  • Log export support HTML and TXT format.
  • Deeply analyze JavaScript.

NSDECODER - theprohack.com

Downloads
You can download NSDECODER one of these following links.

Download NSDECODER

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED

Monday, 18 October 2010 by Lucky · 0

Sunday, 17 October 2010

XSS vulnerabilities in top websites – What were they thinking ?

Recently, i tried to have a paradigm shift of some sort, to move from ASM to web technologies, Excess of XSS !!!! - theprohack.com& landed directly (again)  on XSS vulnerabilities. Being a fan of Rsnake, the God of XSS, I always wanted to learn a bit more about web app security scenario & I tried my hands on some XSS vulnerabilities & how they can be used to manipulate sessions.

The results ? well, I found some vulnerabilities in some prominent sites which I am disclosing here..,the deal is that I tried to contact the vendors (more on this later) to notify them of vulns. Remember hackable government & educational websites, consider this as the spiritual follow-up of the article.

Disclaimer 

I HAVE NOT HACKED ANY OF THE SITES AND THEIR DATABASES IN ANY WAY,JUST TESTED WEBSITES FOR VULNERABILITIES. I TESTED THEM AND FOUND ERRORS WHICH MAY/MAY NOT BE DISCLOSED HERE AND IN NO WAY ANY ONE CAN SUE ME FOR THIS AS I DID AND MEANT NO HARM TO THE DATA OF CONCERNED ORGANIZATIONS.

BY READING THIS ARTICLE YOU AGREE WITH THE DISCLAIMER.

IF YOU AGREE WITH THIS AGREEMENT,CONTINUE READING ELSE IMMEDIATELY LEAVE THIS WEBSITE.

Here we go, it all started with www.in.com [ ALEXA RANK 298 ] which had a simple XSS vulnerability to display cookies , inject code & God knows what else, I tried to contact the technical team in vain, then contacted them via a simple feedback form. Waiting for their response as of now..I moved on then. Please note that I have censored all the URLs & script details so as to protect attack originating after this article :P

in.com was a piece of cake - theprohack.com

 

I never liked Rediff [ ALEXA RANK 128 ]  & their services..too much ads to digest for me, again, it was easy to inject .

 rediff XSSD..again & again & again - theprohack.com

dl4all.com [ ALEXA RANK 1517 ]  was no exception, a simple search & thats all.

dl4all xss for everyone- theprohack.com

shaadi.com [ ALEXA RANK 935 ]  the premium matrimonial portal of India has XSS flaws..

shaadi.com had seen better days - theprohack.com

shaadi.com had seen better days - theprohack.com

A leading social networking website Itimes.com [ ALEXA RANK 6024 ]  was no better & a nobrainer.

itimes was a nobrainer - theprohack.com

Indiatimes.com [ ALEXA RANK 168 ] anyone ?

indiatimes xss - theprohack.com

enough..as expected, I tried to contact all the support staff before releasing this article. My point ? what happens when there is no competent technical staff to handle the issue (I am looking at you AXISBANK !)  have a look at it

now that makes me angry..very angry - theprohack.com

great..now that's what we wanted..more flaws in “secure” websites which pledge for our privacy. For the record, XSS flaws are independent of encryption & the so called layman lock mechanisms as the application behavior remains the same. I tried to contact authorities at AXIS bank but they were asking for my bank account number, to contact nodal officer, to contact xyzabc blah blah..but no support / tech staff.

Lets have a look at the alexa rank of the above websites -

www.rediff.com - 128

www.In.com - 298

www.Indiatimes.com - 168

www.shaadi.com – 935

www.dl4all.com – 1517

www.axisbank.com  - 2330

www.itimes.com – 6024

again, the above sites are the head honchos of social networking, downloads, have a lot of data in their hands & are vulnerable to XSS. Why they still have no technical feedback team is beyond my belief. Except itimes, i wasn't able to find a bug reporting facility in any of the sites mentioned above. Now that's pure genius ! Just what were they thinking ?!! Cant they learn from some good examples ? 

what i am doing ? to quote Rsnake

“ How many compromises of data security, that you are aware of, have been disclosed to the public as a percentage? “

ditto here..the websites are not safe, & so their claims. It took me about 30 minutes to write this post including the time to try XSS on the websites, ( excluding the email contact with the authorities where possible ). XSS/CSRF is the modern nightmare of security for any website today, prominent websites are constantly under attack & the recent cases which i have heard as of now, lot of bank websites were targets of CSRF based attacks, phishing & XSS. Imagine what a skillful attacker can do with a lot of time & patience (& a reason perhaps).

pray & spray..& trust no one.

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED

Sunday, 17 October 2010 by Lucky · 0

Thursday, 14 October 2010

Back from Lucknow, Interview by Hacker5 Magazine & more

Sorry for a late update folks, I m just back from SRM CEM lucknow, where I was invited to deliver a seminar on Reverse Engineering & application cracking using custom code. Lucknow was a blast, the students there were very cooperative & I was accompanied by my best friend Prateek Singla, fellow teammates & hackers Parul Khanna, Rahul Tyagi & Mr Ajay Anand. You can see that we really had a blast there :D

The team :)  - theprohack.com

The Team

The students were eager :) - theprohack.com

The Lecture

The aftermath of lecture - theprohack.com

The Aftermath

 

Plus,recently I was interviewed by the folks at hacker5 magazine, which is the first hacking magazine of India.I m publishing excerpts of the interview here.

Hacker5: About you ?

Me : I am a peaceful little ghost & have a passion for computer security. Please note I am not a hacker. I m more of a computer security researcher.

Hacker5: Your Rig ?

Me : Fedora 13 x86 on Intel dual core 1 GB ram. A modest machine, but customized to anything :) Want to move on to SPARC architecture for a change.

Hacker5: Your Life style ?

Me : My Lifestyle ? Waking up early in the morning to exercise, tone my body,mixing up with people, going college. The real part starts after dinner, logging into irc to roam free as a bird in freenode, watching cracktros, reading about virii at netlux heavens, reading usenet newsgroups, going through with retro files , ASMX86 & C program crunching, emulators,& reading phrack magazine & ezines through the night,..only to wake up in the morning to know that you have been late to college..when I m not messing with computers, I m into classic Halo & videogame reviews. AVGN,XKCD,Theoatmeal are a favorite.

Hacker5: How did you get into hacking ?

Me : It all started as when I didnt get into medical line..then a revelation occurred , My friend Prateek inspired me into this & i went with basic windows, learning the OS, knowing its structure, mingled with programming in C/C++. partly, I got encouragement from my lecturers who actively supported my passion. Later on I drifted to ASM & Linux (I am still getting better) & was inspired by emulators by El Semi & the Kawaks team. Debugging into ROM files, hacking N64 data roms, ppf patching in playstation & studying how programs worked in low level..that was all my life in class 12 to Btech 2nd year. I hated databases by instinct & never got good at them, but later on when i fully switched to linux (courtesy of Raghu), I came to know about the intricacies of MySQL & open source platforms..& was hooked to it till Oracle purchased SUN.
Now I m into ASM again.

Hacker5: How you have started your organization

Me : Organization ? nah..call it a fanbase, a movement. I started PROHACK with only one thing in mind, to share what I knew..the start was tough but later on, It gained momentum.

Hacker5: Family support ?

Me : Ah well..initially my family was not that supportive for my passion, but as time progressed, they cooperated & backed me up. My father is my backbone & the pillar of strength for me. I thank God for making me who i am.

Hacker5: SWISS bank hacking & politicians...provide few scandals.. ?

Me : Not interested. Call me an anti politicist

Hacker5: Hackers resources for both white hat & black hat

Me : PHRACK magazine, ezines , IRC, Usenet, newsgroups, forums,manuals of devices & programs..its all there, you only need to see through it.

Hacker5: USENET concept as only 7% data is available on Google

Me : USENET has been into scene even before Internet, & its something to experience. However, even today, its in infancy (less than 20 groups in USENET from India), you can say 90% of people don't get to know about it. internet as we see is the public network, the scary truth is that the major networks are always hidden & they are quite prominent behind the scenes.

Hacker5: SUNNY VAGEHALA truth.. who hacked Orkut

Me : Those who cant code are not hackers.

Packet monkeys?

YES.

Script kiddies?

YES .

Hackers ?

NO! .

Next question please.

Hacker5: Your views on Ethical Hacking

Me : I have problems with some folks who call them ethical hackers. There is nothing called as Ethical hacker, Hacking is an art & there is nothing unethical in doing Hacking. Ethical hacking is analogous to saying Ethical Rapist. however, Hacking is the passion to pursue anything with deepest dedication, its all about knowing computers as they are & beyond. That's why..its rightly said, there is nothing called as an Ethical Hacker..Hacking is an art & you need no ethics to pursue it. & for God's sake no body is a hacker till he can code, & till he can code with absolute efficiency...till then he might be a security liking guy, an admin, a packet monkey..but not a hacker.

Hacker5: Views on Open Source

Me : An absolute necessity nowadays..its the key to connect with developers all over the world. .its about freedom..I mean what's the point in using a tool designed by other, unless its open source ? a closed source tool is as dangerous as a virus, we just don't know what is behind its hood & what it may cause to anonymity & efficiency of a successful xpl0it. why not to get a low level knowledge of packets & protocols & write off a code to sniff it out, that may take time, but that is foolproof...it will make a good programmer out of you & you will be able to customize it to your limits

Hacker5: The Hacking Underground ?

Me : I m more of a coder...I was more interested in international scene, for the security scene in India is in the state of infancy. The scene is degenerating & its better to have a look at it while its still there <hint:IRC/USENET>. India's team technotrojans (team t3) & their disappearance from the web..I wonder where are they now,didn't knew them personally, but they spearheaded the scene at one time.

Hacker5: Views on Pakistan China Cyber attacks

Me : Ah well..as far as Indo-Pak cyber war is concerned, what i have seen is that its nothing more than defacing websites for pure revenge. Nothing more,nothing less. I highly respect Saqib Akhtar (from PCSX2 dev team) as he has been my hero for last 2 years as a driving force to get better at low level code. I believe the war is futile..why not to get better & share code..amen

Hacker5: Your Heroes ?

Me : The_ut, Richard Stallman, Linus Torvalds, Eric S Raymond, Alan Cox,Fyodor, FX of Phenoelit, Wesley McGrew, geohot, Saqib & me :)

Hacker5: Dream ?

Me : To be a speaker at Defcon, be a legend like the_ut, get money, get rich :D

Hacker5: People you wish to thank

Me : My father, Prateek, Martin, Silverbullet, RS3V3, Neha, Param & Saloni. Thanks for making me who I am today :)

Hacker5: Contact

Me : You can find me roaming in the IRC's, surfing wikipedia & ezines & dorkly/XKCD/Phrack/textarchives/preterhuman & studying snippets. Else while you can find me inside HOD's office :D or roaming into corridors of college snooping into netgears .

You can get the hacker5 magazine from here :)

 

will be updating you guys soon :) A very special thanks to Vaidehi Mam & Amarjit Sir for giving me a platform. greetz fly to folks at SRM.

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED

Thursday, 14 October 2010 by Lucky · 0

Sunday, 3 October 2010

Reverse Engineering for Noobs - Step by Step guide to crack A-One Video to Audio convertor

Its been some time since I have written a reverse engineering tutorial, & I thought it would be good to cover one at theReverse Engineering for Noobs - Step by Step guide to crack A-One Video to Audio convertor dead of night :) What I am going to teach you today, is a simple reverse engineering tutorial.We will be cracking A-one Video to Audio convertor today, with just simple cracking. You can also give a read to a step by step guide to crack Winrar to have an insight into reverse engineering & decompiling, however this one is completely different & requires little to no programming & ASM knowledge.

 

Disclaimer By Reading this tutorial You agree that this tutorial is intended for educational purposes only and the author can not be held liable for any kind of damages done whatsoever to your machine, or damages caused by some other,creative application of this tutorial.

In any case you disagree with the above statement,stop here.

Requirements

  • A-one Video to Audio convertor (Download from yaomingsoft.com)
  • OllyDBG
  • Time & Patience

Download & install A-one Video to Audio convertor. Now as you can see, its a trial version & once you try to register it, it gives an error <obviously>, & we need to find ways against it.

Program is unregistered - theprohack.com

Now, to being with, fire up OllyDBG & load the A-one Video to Audio convertor EXE file in it.

Open program in olly - theprohack.com

Now, right click on

CPU window -> Search for -> All Referenced Text Strings

search for strings - theprohack.com

& in Text string window, right click -> paste the "Registration code is error" string (which pops when you input wrong serial) After you find it, double click it & navigate to the memory address.

go to regisration segment - theprohack.com

Now, once you have reached the intended memory address, you can navigate a bit up to see the "register successful" string.

EAX woes - theprohack.com

Navigating a bit above will get a simple logic which calls a specific function, & then the function returns a result which is compared to EAX

CMP EAX,1

& then jumps to 407A0F

JNZ SHORT 00407A0F

which is the "register failed" condition.

The whole scenario means that if value of EAX is anything less than or grater than one, the program will be a trial version & will not accept any invalid serial key.

Now, you can put a break point above the function call by pressing F2 & run the program, & enter the serial, the program will break & we can then navigate inside the function by pressing F7

go inside function - theprohack.com

You will get into function code. Add the breakpoint there by pressing F2 & restart the program again by pressing Ctrl + F9

Run it again & you will find that it will break it at 00406B40 (where you put the last breakpoint)

now, we will execute code step by step by pressing F8, once we go a bit down, we find

JNZ Video2Au.00406C4A

which jumps below to

POP EDI

examine - theprohack.com

& further we find that the value of EAX is XORed to 0.

EAX is XORED/ZEROED :D - theprohack.com

so in order to insert a precise value into EAX, we will modify by double clicking

XOR EAX,EAX

& changing it to

MOV AL,1

Change & assemble/save - theprohack.com

which will set the accumulator's value to 1 because

EAX        -    32 Bit reg <extended>
AX         -    16 Bit reg pair
AH / AL    -     8 Bit regs

where AL will represent the lower value, & setting it to one will set the accumulator to a precise value of 1, hence setting value of EAX to 1,which will lead to program being registered :)

now once you have done it, right click the code,

copy to executable-> selection.

In the coming window, right click again, save the file & you have a cracked working version of the software, paste it in program files directory & insert any serial.

it will work :D

Cracked - theprohack.com

 

I hope you liked it :)

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.Source

Sunday, 3 October 2010 by Lucky · 1

All Rights Reserved by Pro Hack . Copyright 2008 - 20011. Template by Bloggermint .