TECH TIPS & TRICKS

Thursday, September 30, 2010

Password Cracking

Password Cracking:

Passwords are the most common mode of security on almost all the websites and computer networks.Password cracking is way gaining unauthorized access to ftp servers, websites and networks.


Dictionary Attack:
In a dictionary attack, a list of most common passwords is used to crack the security password of the ftp servers and websites.Strong passwords are not vulnerable to such attacks.You can implement this attack using a Password Cracker called Brutus AET2.

FTP stands for File Transfer Protocol, a simple way to transfer files over the network.If a hacker gains access to one's ftp server, he can upload/delete,modify all files on the server or website.

Steps:
1) Download and Install Brutus from the link above, before installing disable your antivirus or antispyware.
2)Choose a target i.e website address or the ftp server address, say 127.0.0.1
3)When you type ftp://127.0.0.1 on the address bar of your browser , a window pops out asking for the username and the password.

4)Now Open Brutus,in the target field type the ftp server address or IP address of the website, in this case it's 127.0.0.1.From the Drop down menu "Type", choose the appropriate option, in this case it is FTP.

5)The default port is 21 but sometimes websites change it, to make it more secure.In such cases you can find the right port or any open port by performing a port scan using Nmap or Angry IP Scanner.
 

.
6)You will have to get a list of most common usernames and passwords.You can find some good lists here.
7)Choose the "Pass Mode" as Word list, browse and select the user list & password list you have downloaded.
8)Click on start and the Brutus will carry out all password combinations to gain access to the ftp server and website.

9)But the drawback is that ,in this mode of attack-Brutus will leave many footprints, i.e a huge log of your presence on the server(see below).Hence you can get into problems with law.To Avoid this one can use a proxy, an intermediate server which connects to the target computer on behalf of your request, thereby allowing you to connect anonymously, making you more secure.
The dictionary attack has a very low success rate because most of the passwords are a mixed combination of letters,numbers & special characters etc.The dictionary attack will work only if the password consists of only letters.

To overcome this drawback one can employ Brute-Force method of cracking, which will try every possible combination including letters,numbers, special characters etc. The only limitation is that it will take a long time.
The speed depends upon the computer running the software as well as the complexity of the password which you are trying to crack.

1)To employ a brute-force attack, choose "Brute force" from the "Passmode" menu, in Brutus.You can select the range option if you have some idea of the length of the password.

Preventive Measures:

1) Change your FTP port in order to make it more secure.
2)Use SSL(Secure Sockets Layer) for websites and ftp servers.It is the most widely used technology for providing a secure communication between the web client and the web server.

WARNING:THE ABOVE INFORMATION PROVIDED IS FOR EDUCATIONAL PURPOSE ONLY.I DON'T HOLD RESPONSIBLE FOR ANY MISUSE.
Posted by TECH BLOGGER at 11:22 PM 0 comments

Monday, September 27, 2010

Run Linux on Windows Operating System

Run Linux on Windows Operating System:

Linux is a free, open-source, UNIX-like operating system.Here I will tell you how to install & run a Linux based Operating system called Ubuntu on a Windows platform.
The utility VM Virtual Box allows you to do this, i.e you can run Ubuntu on a Windows Operating system just like you access and run any other application.Before you start, download the Ubunto OS(an iso image file).

Steps
1:Download and Install VM Virtual Box
2.Open it and click on New on top and click next.
3.Name the OS, & choose Ubuntu from the dropdown list.
4.Choose the amount RAM you want to allocate for the OS, say if u have 2 GB RAM-allocate 512 MB and click next.
5. When it asks you to choose the type of hardisk image-choose dynamically expanding image if you have lost of space on your hard disk else go for Fixed size image.Allocate a min of 2 GB.
6.Then Hit Finish, you will see a main page similar to the one below.
7.Click on Settings,and from the system tab-change the boot order to CD/DVD ROM first,followed by Harddisk.
8.Now from the storage tab-click on the small button(which has plus icon) on the top right corner-which says Add CD/DVD device and select the iso image file(Ubuntu OS) which you had downloaded.
9.You will see the Ubuntu OS icon on the main page, select it and click on start!(as above).
10.Click on the Option "Try Ubuntu"  to use, so you need not have to install it.




Posted by TECH BLOGGER at 6:49 AM 0 comments

Tuesday, September 22, 2009

Free Comment Box

Free Comment Box For Blogs & Websites:


Preview of the comment box is shown below:





You can download the HTML Code for the Comment Box Here
Posted by TECH BLOGGER at 10:35 AM 1 comments

Sunday, September 20, 2009

Send Fake Email(s) To Yahoo,Gmail & Hotmail

Send Fake Email(s) To Yahoo,Gmail & Hotmail:

First of all, to send a fake email you need a SMTP Server.Now, what's an SMTP server? Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks.SMTP is a server which can be installed on any computer through which you can send fake emails.You can download the QK SMTP SERVER HERE.It is a 30 day trial version, you can download serial generator(QK SMTP Serial Generator.zip) for the QK SMTP Server here.

Steps to be followed after installation:

1) Open SMTP Server, click on "Settings" button on the top, a window pops out.
2)Now Click on "Basic Parameter" tab.
3) Set Binding IP to "127.0.0.1" & set port to "25".

CAUTION: The IP "127.0.0.1" should not be replaced by any other IP.

PART II :

1) Click on the SMTP server icon on the desktop to start the SMTP server, you will see it running on the task bar(a green arrow shows its running and a red shows its not running).
2)Open Command Prompt.(Start--Run--type "cmd" and press enter).
3) Now type the following:

C:\> telnet 127.0.0.1 25

127.0.0.1 is the default IP of every computer and the port number is 25, your doing this inorder to connect to the SMTP server running on your computer.After the typing the command you will find a similar message "220 Welcome to QK SMTP Server 3".This shows you are connected to the server.Now follow the remaining steps carefully,

220 Welcome to QK SMTP Server 3
helo xx (Type helo & any name followed by space)
250 Hello xx (Server Welcomes You)
mail from:rakhisawant@yahoo.com (email ID can be anything of your choice. This is the ID from which fake email appears to have come from)
250 rakhisawant@yahoo.com Address Okay (Server gives a positive response)
rcpt to:yy@gmail.com (Type any valid recipient email address)
250 yy@gmail.com Address Okay (Server gives a positive response)
data (type this command to start input data)
354 Please start mail input
From:Rakhi <rakhisawant@yahoo.com>
To:yy@gmail.com
Date:Mon April 1,2007 12:01 AM
Subject: Sending fake email
You can create as many headers followed by the “:” symbol.
NOTE:HEADERS SHOULD NOT CONTAIN A LINE GAP. IF SO IT IS CONSIDERED AS BODY OF THE EMAIL. Press enter twice so that there is a line gap between the header & body data
End the body of email by pressing [ENTER] .(dot) [ENTER]
250 Mail queued for delivery
quit (Type this command to quit from server)
221 Closing connection.
Connection to host lost

Your fake email has been sent to the recipient.

WARNING: ALL THE INFORMATION PROVIDED IN ABOVE POST ARE FOR EDUCATIONAL PURPOSE ONLY. I DON'T HOLD RESPONSIBLE FOR ANY MISUSE.
Posted by TECH BLOGGER at 10:49 PM 0 comments

Monday, February 16, 2009

Download MP3 Songs From Google

Download MP3 Songs Through Google Search:

Many people use Softwares like Lime Wire, Bear share etc. to download songs & music from the internet, But there is an alternate method to download songs, music, you can do this by performing a simple search through google.Follow the steps below carefully:-

1) Go to Google.com, in the search box type "intitle:index of"(with inverted commas).
2)Now write the Artist name or name or title of the song followed by the file format.
3)You will find many results, find the appropriate result & click on it.
4)You will find some songs, right click on it & select "save target as" or "save link as".

That's all you have downloaded the song! :)

For eg:-
1) If you are searching for the song composed by A.R.Rahman, just type "intitle:index of" rahman.
2)If you are searching for the song Barso Re, just type "intitle:index of" Barso Re mp3 or Barso re wma (or any other file format you prefer).
Posted by TECH BLOGGER at 6:56 AM 0 comments
Labels: , ,

Sunday, April 01, 2007

Embed Web Music Player

You can get a free web music player for blogs or website here
Posted by TECH BLOGGER at 2:32 AM 0 comments
Labels: , , , ,

Thursday, March 29, 2007

Free Comment Box for blogs and Websites

PLEASE SEND ME YOUR COMMENTS.



Your Name:

Your E-mail Address:

Your Favourite Website or Blog:



Comments:






To download the html code for this comment box click here
Posted by TECH BLOGGER at 7:23 AM 0 comments
Labels: , , , ,
Subscribe to: Posts (Atom)