Mobile Number Cloning : How To Clone A Number Easily !

The Ultimate Tool to spy on somebody is in every everybody's pocket ! The Modern Engineering marvel aka Mobile Phone's are everybody's need. People often (mostly) do their confidential talks over cell phone's, But only some know how easy it is to eavesdrop them. There are some tricks and hacks to do that, but the most powerful way is to clone their SIM Card. The Subscriber Identity Card aka SIM Card is the transmitter of signal to the mobile and tower, And you can do It easily.

So What Can You Do When You Clone SIM card ?

Well There are many things to do when you clone a SIM Card, You can secretly spy on the victims calls and data transfers, make him mobile bill go crazy, send messages and make calls from his number, All without touching the victims Cell Phone.

First A Little Knowledge Of SIM Hacking :

Not every SIM Card is clone-able, There are two types of SIM Card :

COMP128v1: The most popular and clone-able version of SIM Cards, Distributed widely till 2004 in USA (2007 In ASIA Countries), Of the number of victim is older than 2004 in USA or 2007 in Asia, Chances are you can clone it pretty easily.

COMP128v2: The newer SIM's, Capable of better 3G Reception, Video Call Support, New and Secure firmware, Complex Design, Very ( I mean very fu*king very) Hard. If the SIM is bought after 2004, it is probably this version.

Things Required :

Blank SIM Programmable Cards : http://www.ownta.com/blank-sim-card-without-phone-numbers.html

A SIM Firmware Writer : http://www.ebay.com/itm/ES9P-16-in-1-Sim-Card-Reader-Writer-Copy-Cloner-Backup-Kit-New-Useful-2013-/281054905820

Or Make your own SIM Writer : CLick Here

Software For Reading : Woron Scan :
http://www.live-share.com/files/2505..._scan.rar.html

http://w13.easy-share.com/2588031.html

http://tinyurl.com/3ytpyb

The Victim's SIM For 15 minutes to 30 Minutes !

So The inventory is full, Lets Begin The Work :

The main mission in cloning a SIM Card is to get KI and IMSI codes, these codes are the identifier of the SIM Card, and help youregister your mobile to the network. 

The Step 1 :

Plug in the SIM Reader, Install the software, get the vic's SIM.

Step 2 :

Configure the Software as shown in the below pictures :

Step 3 :

First Run The IMSI Search :

Note Down The IMSI Number !

When the results come, write them down. Then start the ICC Search :

Note This Value Down Too.

Write down the ICC Number too, Now run the KI Search, This may take some time :
After 45 Minutes, IF you don't Get the First Value,The Sim IS Un-cloneable !

Now remove the Vic's SIM And give it back to him.

Step 4 :

Download SIM-EMU, A software to writesettings on Blank SIM Card.

Now insert the blank SIM and wait for it to detect.

Step 5 :

Run SIM-EMU and click the configure tab, 

Enter the ALL the Info Gathered from the Woron Scan Process: IMSI, KI, ICC.

The Setup Menu

For the rest Info :

For ADN/SMS/FDN# (ADN= Abbreviated Dialing No. / SMS = No. of SMSes stored on SIM / FDN = Fixed Dialing No.) Enter: 140 / 10 / 4 OR if the Program has suggested values, let it remain as it is.

The Phone Number should be in International Format, EG: For India +91(the international code) 9999999999 (the number)

Step 6 :

Let The Writing Begin, Select the Write To Disk button and Name the File: SuperSIM.HEX.

Wait For The Conformation, Then Select OK.
A write EEPROM file window will appear. Name the EEPROM file SuperSIM_EP.HEX and click the Save button.
Now You Have 2 Files, Ready to be Flashed.

Step 7 :

Now We Flash the files on Blank SIM Card  :

Install the card that came with the card writer, cause using any other software will fu*k up your card and your reader.

Our Card Readers Software was Infinity USB Unlimited, The interface can be changed in your software, but the functioning is the same. 

Now Put the required files in the appropriate fields :

Flashing The Blank SIM.

Step 8 :

Now run the writing task, Click on done when it has completed.

Congrats, You Have Cloned A SIM Card ! 

So here you have it, A Cloned SIM Card, Now when somebody calls the victim, Both of the mobiles will ring, same will happen in the case of SMS, But only one can pick up the call. Also don't do something big that will raise a red flag in Mobile Company. You are responsible for your own Shit.

So how was this post ? Love/Hate/Spot A Mistake ? Leave you feedback on the comment section below or on Facebook, Twitter Or Google + . Also If you want us to write an article on something please leave it below and we'll publish the article as soon as we can.

How To Manually Remove a Virus From Your Computer

Learn how to manually remove virus easily from your PC by watching this video:

This guide focuses on manually removing viruses and malware from your computer. If you want to use an anti-virus program instead, please check out this tutorial written byBurritobob. This tutorial's best intention is focused around removing RAT and Keylogger viruses.

Step 1
Run msconfig and look for suspicious files. Here we see one. It’s unknown, and it also has a startup key that we’ve never seen until recently. Uncheck it from start up and/or from services.

If you think you are being monitored. Open Command Prompt and do the following

Step 2
Boot into safe mode. This can be done by checking the box in the “boot” tab in msconfig.

Step 3
Run msconfig in safe mode and we can see it’s checked because the virus is persistent. The virus will not be running however, due to the fact that we are currently in safe mode.

Step 4
Navigate to the registry. We are doing this in safe mode because some viruses disable the registry. 
Note: Be sure your folder options are set to show hidden files and folders

Step 5
Navigate to the location of the virus. If you are not sure which one is a virus, locate to all of the following possible locations:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Step 6
Section a) if you are unsure if it is a virus of not, right click the suspected file{s} and click modify

Since you are unsure of the integrity of the file, put a “:” in front of the value data. This will disable the start up of the virus but it will still be in your computer.

Section b) if you are certain that you’ve found the virus (like I have in the picture) you can delete the registry entry.

Step 7
Be certain it is gone; it shouldn’t even be listed as a startup item anymore.

Step 8
To be certain, use CCleaner to scan the registry and fix any issues there are.

Recap
Hopefully this should’ve gotten your computer rid of any viruses. It is recommended to download the latest version of an Anti-Virus program and scan your computer fully even after doing this.

Please Note: If you still feel insecure it is recommended to do a clean reinstall of Windows. After reinstalling, install Microsoft Security Essentials as it is the most trusted anti-virus.

Thank you for reading  

 

Can't find your answer ? Ask Americascomputergenius@gmail.com

Keep your friends close and enemies closer.

Contrary to popular belief, hacker’s own machines are often more vulnerable to attacks than the average user. This is especially true of those who are new to the world of hacking because of their more frequent access to remote machines, dodgy forums, open administrative privileges on their own machines and inexperience in covering their tracks etc. Further, those who are experienced often take advantage of the ones who are in the learning stage, trying to get into this field. In this dog-eat-dog world, any kind of safety is an illusion unless proven otherwise. Again, for the newbie hacker, it is of vital importance to learn how to protect themselves to avoid being consumed by their own curiosity.

Viruses are perhaps the oldest form of malicious software. They’ve been around for a long time and are still evolving and causing havoc all over the world. At first sight, they seem to be innocent looking executable files, but if opened they can turn your world upside down in a second. Reliance on antivirus software is fine as a first line of defense, but you need a basic arsenal of skills for securing the executables on your system and coping with viruses on your own. Here we discuss proactive methods you can use to defend yourself against malicious executable code in files, resources, component libraries, scripts and macros, as well as how to avoid a handful of other potential vulnerabilities.

Depending on how destructive their payload, computer viruses can result in a significant loss of data, time, and money. In the best scenario, you may just lose the time it takes to disinfect your computer. At worst, a mission-critical server may be reduced to little more than an expensive door-stop. Unfortunately, antivirus software isn’t perfect, and there’s always some lag between the emergence of a new electronic predator and the availability of virus definitions to protect against it. Moreover, many programmers of today’s more diverse and sophisticated computer viruses are taking the preemptive step of disabling or even removing antivirus software as part of their operation.

I’m not suggesting that you shouldn’t rely on your antivirus programs for day-to-day virus protection, especially since antivirus programs are very good at keeping you safe from known threats. However, if you’ve never had to fight a virus without your antivirus software, then it’s only a matter of time before you will. The main reason for this is new viruses. For an antivirus to be able to guard against new viruses, it must first be reported, the virus scanning code must be modified to include this new virus, and finally the virus database copy on the client side must be updated.
Because virus protection changes every day, those annoying notifications that your antivirus probably gives routinely are there to protect you. You must’ve noticed in the UPDATE menu of any antivirus an option to “Update Virus Database” or something like that. This is evidence of the ongoing war against viruses.

In general, how do viruses work? Well, first, the programmer writes the executable code required to carry out the virus’s activation process and then whatever nasty things it’s meant to do. What does the author want the virus to accomplish? Should it reformat your hard drive? Delete JPG files? Mail copies of itself to your friends and coworkers? Making any of this happen requires “executable” code of some kind. Second, in order for this code to execute, the virus needs to be activated or opened. The usual way a virus’s executable code is run is the direct method: some unwary user receives an e-mail attachment called “Click-Here.exe” or something equally enticing. This runs the program and the virus is unleashed.

As easily avoided as this result seems to be, it still works far more often than it should. Virus writers have discovered a number of other, less obvious techniques for getting a virus to take over your computer. Below we take a look at some of these techniques, beginning with the question of what constitutes executable code, then we’ll examine several sneaky activation methods. These activation methods are particularly important, as this is where you’ll understand how to completely unhook viruses from your system in order to regain control of it following an infection.

What Constitutes Executable Code?
Of course, you know that .exe files are executable, as are other similar file types such as .cmd and .com etc. There are many other file types that may contain executable code, and any executable code can be unsafe. In general, executable code falls into three broad categories: standalone programs, code included within resources or libraries, and script or macro code executed by an interpreter of some kind. In a broad sense, a standalone program is pretty much any file type that relies on the operating system for it to execute. How do you know which ones these are? The answer lies in the Windows® registry. To battle against viruses on their own turf, you’ll have to be very comfortable delving into the registry. So let’s take a look at how executable programs are invoked (A little technical, read slowly).

Launch the Registry Editor by opening “Run” and type “regedit”, and expand the HKEY_CLASSES_ROOT (HKCR) node.It’s the operating system’s repository for information on file associations and commands. Under HKCR, you’ll find nodes representing all the file type extensions registered on your computer. Navigate down the tree until you locate the key named .exe. Select this node and observe that its default value (shown in the right-hand pane) is exefile. This is a pointer to another node under HKCR (the exefile key). Scroll down and find the exefile folder. The exefile key contains a shell subkey. This is where a file type’s available actions are defined. In OS terminology, these actions are known as verbs. For example, a Microsoft® Word document might have a “print” verb defined, which allows you to right-click the file in Windows and choose Print from the context menu. Expand the shell subkey for the exefile node to view the available verbs for EXE files. You’ll probably see two or three different subkeys, depending on your system. The one to be concerned with is “open.”(HCKR ->exefile ->shell ->open) Expand this node and select its command subkey. Each verb has its own subkey, and each of those keys in turn has its own command subkey. The default value in this subkey dictates exactly what happens when that verb is executed.

Double-clicking the file icon in Explorer has the same effect—it executes the default verb’s command (open for EXE files). As you can see, for EXE files, the open command verb has a value of: %1 %* This is used in MS-DOS® batch file language. The basic idea is that the path and file name of the EXE file you activated are substituted for the “%1″ parameter, while any switches or command-line parameters that go along with it are passed through the “%*” parameter. So it would stand to reason that any other file types whose open verb evaluates to some flavor of “%1″ would tend to pose a risk. There are a number of these, and they’re all potentially dangerous. Considering that the virus writer knows that most people won’t double-click a file with a .exe extension or a .bat file, there are several other options including : .cmd .com, .pif, .vbs – All of these file types have a default open verb of %1. A virus writer could simply change the .exe extension of his virus executable to ,say .com, and s/he probably just increased the chances that the unsuspecting masses will run it. Particularly dangerous is (was, actually) the humble screen saver file type (.scr extension). Close to the start of the 21st century, .scr viruses were literally everywhere. They were widely believed to be power-saving, which is so not true (Stand-by mode is much better). People thought it couldn’t hurt, right? so what’s the harm. So Naive.. Again, extension hardly matters, everything a .exe virus can do, a .scr one can do equally well. The days of .scr might be gone, but viruses are probably here to stay, Whatever the type, extension, purpose and payload – The core concepts are always the same. So, let’s take a deeper look at the working of .scr viruses. The key to the future lies in the past.

Between the shadows.. In your Registry Editor, compare the open verb’s command default value for EXE and SCR files, respectively. As you will notice, they’re pretty much identical— “%1″ %* for EXEs and “%1″/s for Screen Saver files. Screen savers are, as it turns out, standalone executables. The only difference between these two default verbs is a /S switch for the SCR file type. The intended purpose of the screen saver’s “open” verb is to allow for testing a screen saver, and the screen saver executable interprets the /S switch accordingly. There’s nothing to stop a virus writer from giving their application a .scr extension and then simply ignoring the /S switch passed to it when the user invokes the program. Exploiting the popularity of screen savers was even easier because the caption of the screen saver’s open verb is shown as “Test” in the right-click menu. A user thinks he’s just testing a screen saver, but what he’s actually doing is activating a virus. A particularly clever virus might even display an actual screen saver, preoccupying you with pretty flowers while it destroys files on your hard drive in the background. This caption is stored in the default value for the open key itself. Meaning, just like you can simply find and change your “Recycle Bin”s name to say “Dumpster” or “TrashCan”, you can also change the “Test” option to anything you like. On an unrelated note, you may also change the “Open” option for a word document to maybe “Do Belly Dance” or anything you like. Of course, this only changes the string and not what it does.(Try using the CTRL + F, find function to poke around and feel the power of regedit. Be warned, don’t change anything that you don’t know about. Changing text strings like “My Computer” is harmless, but changing some core functions code may wreck your computer before you can undo it.

Libraries Can Be Dangerous Executable code can live inside resources or component libraries of many different varieties. These may not seem like obvious candidates for viruses, but they can certainly be exploited in that way. These file types include Dynamic Link Libraries (DLL), Control Panel Applets (CPL), various Type Libraries (TLB, OLB, and so on). This code isn’t directly executable with a %1 command verb like .exe, but this doesn’t mean that the code can’t be run. Just about any function exported from a DLL can be invoked using a helper application called RUNDLL32.exe.

A virus could employ two possible attacks. One would be to replace an existing DLL with a compromised version, in which a particular function is replaced by one of the same name but with altered functionality. Then, whenever the system invokes this function, instead of having the desired result, the virus is activated instead. The second approach is simply to write a DLL from scratch and invoke its functions using RUNDLL32.EXE when needed. This isn’t quite as straightforward as invoking the code in an EXE file, but a DLL, OCX, TLB or other library file is more likely to be accepted by an unsuspecting user or to be overlooked by an antivirus program, so it may well be worth the greater effort on the virus author’s part.

Scripts and Macros—Increased Flexibility Brings Increased Risk Script code requires a script engine to interpret and run, but it can still be exploited. Scripts come in several forms, they may be used to perform a repetitive task, modify documents, pretty much everything that a .exe file can do. Microsoft has done a lot to tighten the security of these macros and scripts, but it’s still easy for a macro virus to do a lot of damage. A popular script category is Windows Script Host (WSH) files. These files, usually with .wsf, .js, or .vbs extensions, carry a default file association which causes them to be executed, no questions asked, when users double-click them. As you might imagine, this can be disastrous.

Web applications may also carry dangerous scripts. Client-side scripts, for example are fairly limited in their access to the host system for security reasons, but there’s a little-known file type, the HTML Application (with an HTA extension), which works like a client-side Web application without the same security restrictions. Its purpose is to allow developers to use their Web development skills to build rich applications using the Web browser metaphor. But again, the unsuspecting user can unleash all sorts of chaos by downloading and executing such a file without first examining its contents. All of these scripts and macros can be readily examined before they’re executed, but clearly an average user won’t bother reading some weird code.

Virus Activation Methods The most common way for a virus to be activated is for a user to directly execute, say an e-mail attachment. Virus writers do just about anything to make you open the attachment using this action, but most developers are savvy enough not to just run an unknown executable. Of course, just about all of us have done it at one time or another—particularly now that viruses can access address books and can assemble a credible-looking e-mail message, ostensibly from someone you know and trust. Be that as it may, as users have become more aware, virus creators have gotten more devious, and there is now a host of new methods for activating a virus on a computer that don’t require any code to be explicitly executed (E-mail attachment viruses are a rare sight nowadays, since most email services themselves check emails for malicious files).

Registration Files Files with a REG extension, are system registration files that hold information to be integrated into the system registry. The problem with them is that they carry a default verb of “open”. This means that if any registration file is double-clicked, it immediately dumps its contents directly into the system registry, without any confirmation required (depending on your OS). Since it has access to the registry, it is free to modify anything it pleases. It may delete vital keys required for the system to startup or even modify existing ones to make further file types vulnerable. Also, it may create a new entry for a previously unknown extension. A general antivirus may not recognize and hence ignore a file extension of for example, .bobo. But in the registry there could be an entry to make the file’s default action to “Open” or “Run” – giving it all the powers of a .exe file. This could be potentially devastating. Luckily, most antivirus softwares nowadays are adopting the “sandboxing” technique to run untested files. Basically the antivirus gives the file a test run in a secure and sealed environment (sandbox) and checks if it tries to get out by for example, trying to access something that it’s not supposed to or changing system settings and variables without asking the users explicitly. Inside the sandbox, it is denied anything remotely suspicious and the antivirus raises a big red flag and moves the file to the quarantine section (virus vault) or maybe even delete it straightaway.

Path Vulnerabilities Another hazard is something called the PATH environment variable. Anyone who uses a computer is bound to have used a “shortcut” file at least once. Whether it’s the “Google Chrome” icon on your desktop or maybe “WinZip” in your taskbar these shortcut files are simply links to the actual files stored in the folder in which they were installed. It’s clearly a little tedious to open “My Computer” -> C: Drive -> Program Files -> Mozilla .. To open “Mozilla Firefox” every time. Hence, we have these shortcut files which simply store the “Path” to the actual application. These files don’t exactly use the Path environment variable, but the concept is exactly the same.

The computer has certain files (example: explorer.exe) that it may routinely need to open (example: at startup). So, in the Registry it has simply stored the name of the file it needs to open, and it’s path (in a path variable). Whenever the OS needs to open a particular system file it simply looks it up in the registry, follows the path in the memory and opens it. What does this has to do with viruses? With everything from phones to cars to houses getting smarter every moment, our computer viruses are not behind. It’s just a little too obvious and literally “on the nose” when a user clicks a file and his computer goes berserk. Once infected, our victim, although compromised is now a little wiser for he knows exactly where it went wrong. If the victim downloaded something from a website that caused damage to his system, s/he may report the website to the police. Clearly jail time is not so appealing to anyone, let alone virus programmers.

This brings us back to path vulnerabilities. Get this. The attacker needs to infect a system without making it too obvious. To do so, s/he needs a time gap between the actual infection and the attack, so that it hits the victim out of the blue. We have two ways to do this by exploiting the path variable. Average users don’t really bother to sniff around system files like in the “Windows” folder (you may find this in your C: drive) and this much understandable carelessness can be exploited. The attacker can simply take two systems, one with Windows 7 and the other with XP and search for the location of (example) “winlogon.exe” – A file that is used by the OS to maintain a user session. (You may find this running in the task manager). Now in the virus file, the attacker can simply write up code to create two copies of virus and send one to the path for Windows 7, and the other one to the path for Windows XP. (The path for the “winlogon.exe” file, which s/he searched earlier). After this, the virus can be coded to delete the file “winlogon.exe” and simply rename itself “winlogon.exe”. So, on the next startup when the OS looks up this file, it instead unleashes the virus and we’ve got BOOM. Total stealth, total annihilation and the victim has got no clue of what the hell just happened. The other way to do this is to code the virus to edit the path in the registry from it’s default value to where it (the virus) is stored. It can then rename itself and in this case on the next startup the OS doesn’t even go to the actual file but instead to the virus and starts it up. Equally effective.

The Best Offense is a Strong Defense Understanding how viruses take hold is the first step in knowing how and where to untangle them from your system once it has been compromised. As viruses become more sophisticated, you can expect them to become more aggressive toward your antivirus software. So what can we do about these nefarious little beasties? We’ve come a long way. Even though the end is not in sight, the roads that lie ahead of us are shorter than the ones behind. Cyber Security today, is tighter than ever but that doesn’t mean we are immune to attacks. If you do have the latest antivirus software and keep your OS updated, you probably don’t need to worry about 99% of all the malcious software out there, but the remaining 1% is the reason why cyber security is a $100 billion market today. Successful attacks are rarer today than ten years ago, but they certainly make up for it in sheer intensity. More and more people each day are relying more and more on their computers, not knowing that simply entering their credit card information on a secure website could be sending all those details to a hacker. Attacks and infections are decreasing in number, but rising in desctructiveness. Today, almost nobody bothers to spread around a virus that simply causes reboots or wipes data, since there’s no real gain for the hacker in it. The malicious softwares today are much more targeted. Clearly, obtaining someone’s social security number or bank pin is much more valuable to a hacker than deleting some random person’s movies and pictures.

The only thing we can do is keep our eyes open and turn around at the slightest hint of trouble. Avoid downloading from unconfirmed sources and make sure your antivirus software and OS is updated. Even if your system is compromised you may never actually know it, but the hacker could have identified that you are an easy target. If just once he could get valuable information from your system, it’s very likely that he will keep the system compromised, silently (make it a slave). Further, make sure to never ever store sensitive or financial information on your computer. Keeping it on an offline system or an external hard drive is much safer

Security researchers have developed a more practical and feasible attack technique against the RC4 cryptographic algorithm that is still widely used to encrypt communications on the Internet.

Despite being very old, RC4 (Rivest Cipher 4) is still the most widely used cryptographic cipher implemented in many popular protocols, including: 

SSL (Secure Socket Layer)TLS (Transport Layer Security)WEP (Wired Equivalent Privacy)WPA (Wi-Fi Protected Access)Microsoft’s RDP (Remote Desktop Protocol)BitTorrentand many more

However, weaknesses in the algorithm have been found over the years, indicating that the RC4 needs to be wiped from the Internet. But, yet about 50% of all TLS traffic is currently protected using the RC4 encryption algorithm.

Now, the situation got even worse, when two Belgian security researchers demonstrated a more practical attack against RC4, allowing an attacker to subsequently expose encrypted information in a much shorter amount of time than was previously possible.

Attack on RC4 with 94% Accuracy

An attack on RC4 demonstrated in 2013 required more than 2,000 hours to accomplish. However, a more successful attack was presented this year in March, which focused on password recovery attacks against RC4 in TLS and required about 312 to 776 hours to execute.

Recently, a paper " All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS," written by Mathy Vanhoef and Frank Piessens of the University of Leuven in Belgium, demonstrates an attack that allowed them to decrypt cookies encrypted with RC4 within 75 hours with a 94 percent accuracy.

"Our work significantly reduces the execution time of performing an attack, and we consider this improvement very worrisome," reads the blog post by the researchers. "Considering there are still biases that are unused, that more efficient algorithms can be implemented, and better traffic generation techniques can be explored, we expect further improvements in the future."

Breaking Wi-Fi Protected Access Temporal Key Integrity Protocol within An Hour

The attack technique could be exploited by attackers to monitor the connection between a target victim and an HTTPS-protected website, or wireless networks protected by the Wi-Fi Protected Access Temporal Key Integrity Protocol(WPA-TKIP).

In the case of HTTPS-website protected with TLS, researchers used a separate HTTP website to inject JavaScript code that makes the target machine to transmit the encrypted authentication cookie repeatedly. They were able to decrypt a secure cookie with 94 percent accuracy using 9x227 ciphertexts.

The attack took about 75 hours, transmitting 4,450 Web requests per second, although, in the case of attacks against real devices, the time required can be brought down to 52 hours.

However, the new attack against WPA-TKIP requires just an hour to execute, allowing an attacker to inject and decrypt arbitrary packets.

More details about the finding will be presented by the researchers at the upcoming USENIX Security Symposium in Washington D.C. For now, the researchers have released awhitepaper with lots of additional details on their attack techniques.

Windows 10 is all set to launch on July 29 and will also be available on USB drives for purchase in retail channels.

So, if you are planning to install Windows 10 Home, one thing you must keep in your mind – You wish or not, the software updates for Microsoft’s new operating system will be mandatory.

Microsoft is planning to make a significant change to its software update policy by "removing the option to DISABLE software updates in Windows 10 Home".

This clearly indicates that all users of Windows operating system must agree to allow Microsoft to install software updates automatically.

In Windows 8.1, users get four options for Windows Update's behavior, which include:

Download and Install Windows Updates AutomaticallyDownload Windows Updates automatically but Choose when to Install themCheck for Updates but Choose when to Download and Install themNever check for, Download, or Install Updates

From a Security point of view, the last option, i.e. never to download or install updates, is not at all recommended by either the company or the security experts. However, the option is still there if Windows users really need it.

In Windows 10, the options for Windows Update are cut to only two, which include:

Check, Download, Install, and Reboot automaticallyCheck, Download, Install automatically and then choose to Reboot

Here is the EULA to which you agree to when you accept the terms of the licensing agreement:

" Updates. The software periodically checks for system and app updates, and downloads and installs them for you. You may obtain updates only from Microsoft or authorized sources, and Microsoft may need to update your system to provide you with those updates. By accepting this agreement, you agree to receive these types of automatic updates without any additional notice."

If this happens with the launch of Windows 10, it would be a notable change in any version of Windows OS as Microsoft has talked about Windows 10's Windows-as-a-Service approach that will receive continuous updates.

Every software program needs frequent updates, but the ability of Windows users to permanently delay Windows software updates has made it difficult for Microsoft to keep its OS platform secure and up-to-date. And the only motive behind this change is to maintain the security of its users safe.

Learning to become hacker is not as easy as learning to become a software developer. I realized this when I started looking for learning resources for simple hacking people do. Even to start doing the simplest hack on own, a hacker requires to have in depth knowledge of multiple topics. Some people recommend minimum knowledge of few programming languages like C, Python, HTML with Unix operating system concepts and networking knowledge is required to start learning hacking techniques. 

Though knowing a lot of things is required, it is not really enough for you to be a competent and successful hacker. You must have a passion and positive attitude towards problem solving. The security softwares are constantly evolving and therefore you must keep learning new things with a really fast pace. 

If you are thinking about ethical hacking as a career option, you may need to be prepared for a lot of hard/smart work. I hope these free resources will help you speed up on your learning. If you decide you pursue ethical hacking as a career option, you may also want to read some in depth ethical hacking books. 

A lot of people (including me before doing research for this article) think that they can become a hacker using some free hacking tools available on web. Its true that some common types of hacking can be easily done with help of tools, however doing it does not really make you a hacker. A true hacker is the one who can find a vulnerability and develop a tool to exploit and/or demonstrate it.

Hacking is not only about knowing "how things work", but its about knowing "why things work that way" and "how can we challenge it". 

Below are some really useful hacking tutorials and resources you may want to explore in your journey of learning to hack

Advertise Here

Hacking For Dummies - Beginners Tutorials

These tutorials are not really simple for anyone who is just starting to learn hacking techniques. However, these should be simple starting point for you. I am sure you have different opinion about complexity of each tutorial however advanced hacker are going to be calling this a job of script kiddie (beginner hacker). Even to acquire the skills of a script kiddie you need to have good understanding of computer fundamentals and programming.

Cybrary - For those looking to learn ethical hacking skills online, Cybrary provides the perfect platform to do so. Cybrary is a free online IT and cyber security training network that provides instruction in the form of self-paced, easy-to-follow videos. Featuring courses on topics such as Penetration Testing and Ethical Hacking, Advanced Penetration Testing, Post Exploitation Hacking and Computer and Hacking Forensics, Cybrary provides instruction from the beginner to the highly-advanced level of hacking. Additionally, Cybrary offers supplemental study material along with their courses free of charge. With their in-depth training videos and study guides, Cybrary ensures that users develop the best hacking skills.Hacking Tutorials for Beginners - By BreakTheSecurity.comHow to learn Ethical hacking - By Astalavista.comPenetration Testing Tutorial - By Guru99.comBacktrack Penetration Testing TutorialIntroduction to Penetration TestingInformation Gathering with NmapSimple How To Articles By Open Web Application SecurityThe Six Dumbest Ideas in Computer SecuritySecure Design Principles10 steps to secure software

Cryptography Related Tutorials

Cryptography is must know topic for any aspiring security professional or a ethical hacker. You must understand how encryption and decryption is done. You must understand why some of the old encryption techniques do not work in modern computing world.

This is a important area and a lot of software programmers and professional do not understand it very well. Learning cryptography involves a lot of good understanding of mathematics, this means you also need to have good fundamentals on discrete mathematics. 

Introduction to Public Key CryptographyCrypto TutorialIntroduction to CryptographyAn Overview of CryptographyCryptography Tutorials - Herong's Tutorial ExamplesThe Crypto Tutorial - Learn How to Keep Secret SecretIntroduction to cryptology, Part 1: Basic Cryptology Concepts

Websites For Security Related Articles And News

These are some websites, that you may find useful to find hacking related resources and articles. A lot of simple tricks and tips are available for experimenting through these sites for improving yourself to become advanced hacker.

In recent years, many people are aspiring to learn how to hack. With growing interest in this area, a lot of different types of hacking practices are evolving. With popularity of social networks many people have inclined towards vulnerability in various social networks like facebook, twitter, and myspace etc. 

Continuous learning about latest security issues, news and vulnerability reports are really important for any hacker or a security professional. Some of the sites that keep publishing informative articles and news are listed here. 

http://www.astalavista.com/http://packetstormsecurity.com/http://www.blackhat.com/http://www.metasploit.com/http://sectools.org/http://www.2600.com/DEF CON - Hacking conferencehttp://www.breakthesecurity.com/http://www.hacking-tutorial.com/http://www.evilzone.org/http://hackaday.com/http://www.hitb.org/http://www.hackthissite.org/http://pentestmag.comhttp://www.securitytube.net/https://www.ssllabs.com/

EBooks And Whitepapers

Some of the research papers by security experts and gurus can provide you a lot of information and inspiration. White papers can be really difficult to read and understand therefore you may need to read them multiple times. Once you understand the topic well, reading will become much faster and you will be able to skim through a lot content in less time.

Handbook of Applied Cryptography - This ebook contains some free chapter from one of the popular cryptography books. The full book is also available on amazon at Cryptography Book.Network Penetration testing GuideHow to hack anything in JavaMcafee on iPhone and iPad SecurityA Good Collection of White papers on security and vulnerabilities - This site contains collection of white papers from different sources and some of these white papers are really worth referring.Engineering Principles for Information Technology SecurityBasic Principles Of Information ProtectionOpen Web Application Security Project- OWASP is one of the most popular sites that contains web application security related information .

Videos & Play Lists

Those who like to watch video tutorials, here are few I liked. However there are many small video available on youtube. Feel free to explore more and share with us if you like something.

Cryptography Course By Dan Boneh Stanford UniversityOpen Security Training- Youtube Playlist of More than 90 hours. I have found this to be the biggest free training available for security related topic.OWASP AppSec USA 2011: Youtube Playlist containing compilation of OWASP conference highlight in 2011.Defcon: How I Met your Girlfriend - Defcon is one of the most popular hacker conference. The presenters in this conference are well know inside the hacking industry.Defcon: What happens when you steal a hackers computerDefcon: Nmap: Scanning the InternetPublic Key Cryptography: Diffie-Hellman Key ExchangeWeb application Pen testingIntro to Scanning Nmap, Hping, Amap, TCPDump, Metasploit

Forums For Hackers And Security Professionals

Just like any other area, forums are really great help for learning from other experts. Hundreds of security experts and ethical/non-ethical hackers are willing to share their knowledge on forums for some reason. Please keep in mind to do enough research before post a question and be polite to people who take time to answer your question. 

Stackoverflow for security professionalshttp://darksat.x47.net/http://forums.securityinfowatch.com/http://forums.cnet.com/spyware-viruses-security-forum/http://www.hackforums.net/forumdisplay.php?fid=47

Vulnerability Databases And Resources

Vulnerability Databases are the first place to start your day as a security professional. Any new vulnerability detection is generally available through the public vulnerability databases. These databases are a big source of information for hackers to be able to understand and exploit/avoid/fix the vulnerability. 

http://www.exploit-db.com/http://1337day.com/http://securityvulns.com/http://www.securityfocus.com/http://www.osvdb.org/http://www.securiteam.com/http://secunia.com/advisories/http://insecure.org/sploits_all.htmlhttp://zerodayinitiative.com/advisories/published/http://nmrc.org/pub/index.htmlhttp://web.nvd.nist.govhttp://www.vupen.com/english/security-advisories/http://www.vupen.com/blog/http://cvedetails.com/http://www.rapid7.com/vulndb/index.jsphttp://oval.mitre.org/

Product Specific Vulnerability Information

Some of the very popular products in the world require a special attention and therefore you may want to look at the specific security websites directly from vendors. I have kept Linux. Microsoft and apache in this list, however it may apply to any product you may be heavily using. 

Red Hat Security and other updates SiteMicrosoft Products Security BulletinApache Foundation Products Security RepositoryUbuntu Software Security CenterLinux Security Repository

Tools And Programs For Hacking / Security

There are dozens of tools available for doing different types of hacking and tests. Tools are really important to become more productive at your work. Some of the very common tools that are used by hackers are listed here. You may have different choice of tools based on your own comfort.

nmapNSSHpingTCPDumpMetasploitWiresharkNetwork StuffNikto

Summary

I have tried to compile some of these resources for my own reference for the journey of learning I am going to start. I am not even at a beginner level of becoming hacker but the knowledge of this field really fascinates me and keeps me motivated for learning more and more. I hope will be able to become successful in this.

A lot of people use their knowledge skills for breaking stuff and stealing. I personally think that doing harm to someone is a weak choice and will not have a good ending. I would recommend not to use your skills for any un-ethical endeavor. A single misuse of your skill may jeopardize your career since most companies do a strict third party background check before they hire a ethical hacker or a security personal. 

There are dozens of companies looking for ethical hackers and security professionals. There are really good number of opportunities in this area and its really niche compensation segment. You will be easily able to get a decent job without even acquiring all the expert level skills to become a pro hacker.

Need to Spy on a Cell Phone?
Here’s a Complete Guide to Spy on Calls,SMS, Contacts & More…

With the advancement in the technology, cell phones have just turned themselves into powerful mini-computers. While some people use cell phones to exchange secret messages and maintain illicit relationships, many children also misuse cell phones for storing and watching inappropriate content. Therefore, in order to investigate the truth it becomes inevitable for people to spy on cell phones of their loved ones or children.

What’s the Best Software to Spy on Cell Phone?

To spy on cell phones, there exists hundreds of spy programs on the market where a majority of them are nothing more than a crap. However, there are a few genuine spy programs as well and mSpy is one among them. After testing a handful of popular cell phone spy programs, I conclude mSpy as the clear winner and best among all.

mSpy is one of the best and most popular software out there to spy on cell phones. It offers an effective means to monitor the target cell phone and record activities like phone calls, text messages, GPS location, emails, web activities and much more. All the monitoring/recording process takes place in a complete stealth mode, so that the target user never gets to know that he/she is under surveillance. mSpy has every feature that a true spy software should have. This makes it a complete cell phone spying kit.

 

 

mSpy Features:

Here is a list of mobile spying features that you get with mSpy:

Phone Call Logs – Each incoming and outgoing number on the target cell phone is logged along with duration and time stamp.SMS Logging – Records both incoming and outgoing SMS.Phone Book Access – Gain access to all the contacts that is stored on the target cell phone.Record Web Activity – The program records all web activities including emails, websites visited, Facebook, WhatsApp, YouTube and more.GPS Location Tracking – Track the exact location of the cell phone user at any given time.Cell ID Tracking: – With this option, it is possible to track the cell phone’s location during the absence of GPS.SMS Commands – Remotely send SMS commands to lock/unlock the cell phone usage or delete call history, SMS logs, photos and videos from the target phone at any time.Remote Device Lock or Wipe – You can remotely lock the target cell phone or wipe all its data at anytime you wish.Keylogging – Records keystrokes typed which includes passwords and other sensitive infrmation.Stealth Operation – Operates in a covert mode so that the presence of the spy software remains unnoticed.No Jail-Break Required – Unlike most other spy programs, mSpy can operate successfully without the need to jail-break the cell phones.

If you are a parent, mSpy can offer you an additional help as it supports a handful of control features as well:

Application Blocking – You have the option to block certain applications from being accessed on the target cell phone.Incoming Call Blocking – Block unwanted incoming calls on the target cell phone.Remote Lock – Remotely lock the cell phone or restrict its usage.Remote Delete – Remotely delete unwanted contacts, call logs, SMS and photos from the target cell phone.

How mSpy Works?

After your purchase, you can directly download mSpy onto the target cell phone. Installation process takes only a few minutes (2-3 min approx).

After the installation, each activity on the target cell phone is recorded and uploaded to the mSpy servers. You can login to your mSpy online account from your PC (or any computer in the world) to spy on the logs at any time. The logs contain Text messages, Contacts List, Call History, GPS Locations and many other information as mentioned above.

Compatible Cell Phones:

mSpy is compatible with most types of cell phones currently available in the market including:

Android PhonesBlackberryWindows MobileiPhoneiPod and Tablets

You can download mSpy from the following link:

Download mSpy – Android, iOS, BlackBerry & Windows Mobile

We will start with the basic principles of password cracking that are essential to ALL password cracking techniques, followed by some of the tools and technologies used. Then, one by one, I will show you how to use those principles and technologies effectively to crack or capture the various types of passwords out there.

The Importance & Methods of Password Cracking

Passwords are the most widely used form of authentication throughout the world. A username and password are used on computer systems, bank accounts, ATMs, and more. The ability to crack passwords is an essential skill to both the hacker and the forensic investigator, the latter needing to hack passwords for accessing the suspect's system, hard drive, email account, etc.

Although some passwords are very easy to crack, some are very difficult. In those cases, the hacker or forensic investigator can either employ greater computing resources (a botnet, supercomputer, GPU, ASIC, etc.), or they can look to obtain the password in other ways.

These ways might include insecure storage. In addition, sometimes you don't need a password to access password-protected resources. For instance, if you can replay a cookie, session ID, a Kerberos ticket, an authenticated session, or other resource that authenticates the user after the password authentication process, you can access the password protected resource without ever knowing the password.

Sometimes these attacks can be much easier than cracking a complex and long password. I will do a tutorial on various replay attacks in the near future (look out specifically for my upcoming article on stealing the Facebook cookie to access someone's Facebook account).

Now, let's start with the basics.

Step 1: Password Storage

In general, passwords are not stored in clear text. As a rule, passwords are stored as hashes. Hashes are one-way encryption that are unique for a given input. These systems very often use MD5 or SHA1 to hash the passwords.

In the Windows operating system, passwords on the local system are stored in the SAM file, while Linux stores them in the /etc/shadow file. These files are accessible only by someone with root/sysadmin privileges. In both cases, you can use a service or file that has root/sysadmin privileges to grab the password file (e.g. DLL injection with samdump.dll in Windows).

Step 2: Types of Attacks

Dictionary

A dictionary attack is the simplest and fastest password cracking attack. To put it simply, it just runs through a dictionary of words trying each one of them to see if they work. Although such an approach would seem impractical to do manually, computers can do this very fast and run through millions of words in a few hours. This should usually be your first approach to attacking any password, and in some cases, it can prove successful in mere minutes.

Rainbow Table

Most modern systems now store passwords in a hash. This means that even if you can get to the area or file that stores the password, what you get is an encrypted password. One approach to cracking this encryption is to take dictionary file and hash each word and compare it to the hashed password. This is very time- and CPU-intensive. A faster approach is to take a table with all the words in the dictionary already hashed and compare the hash from the password file to your list of hashes. If there is a match, you now know the password.

Brute Force

Brute force is the most time consuming approach to password cracking. It should always be your last resort. Brute force password cracking attempts all possibilities of all the letters, number, special characters that might be combined for a password and attempts them. As you might expect, the more computing horsepower you have, the more successful you will be with this approach.

Hybrid

A hybrid password attack is one that uses a combination of dictionary words with special characters, numbers, etc. Often these hybrid attacks use a combination of dictionary words with numbers appending and prepending them, and replacing letters with numbers and special characters. For instance, a dictionary attack would look for the word "password", but a hybrid attack might look for "p@$$w0rd123".

Step 3: Commonly Used Passwords

As much as we think each of us is unique, we do show some common patterns of behavior within our species. One of those patterns is the words we choose for passwords. There are number of wordlists that have been compiled of common passwords. In recent years, many systems have been cracked and passwords captured from millions of users. By using these already captured passwords, you are likely to find at least a few on the network you are trying to hack.

Step 4: Password Cracking Strategy

Many newbies, when they start cracking passwords, simply choose a tool and word list and then turn them loose. They are often disappointed with the results. Expert password crackers have a strategy. They don't expect to be able to crack every password, but with a well-developed strategy, they can crack most passwords in a very short amount of time.

The key to develop a successful strategy of password cracking is to use multiple iterations, going after the easiest passwords with the first iteration to the most difficult passwords using different techniques for each iteration.

Step 5: Password Cracking Software

John

John the Ripper is probably the world's best known password cracking tool. It is strictly command line and strictly for Linux. Its lack of a GUI makes a bit more challenging to use, but it is also why it is such a fast password cracker.

One of the beauties of this tool is its built in default password cracking strategy. First, attempts a dictionary attack and if that fails, it then attempts to use combined dictionary words, then tries a hybrid attack of dictionary words with special characters and numbers and only if all those fail will it resort to a brute force.

Ophcrack

Ophcrack is a free rainbow table-based password cracking tool for Windows. It is among the most popular Windows password cracking tools (Cain and Abel is probably the most popular; see below), but can also be used on Linux and Mac systems.

Image by Ysangkok/Wikimedia Commons

It cracks LM and NTLM (Windows) hashes. For cracking Windows XP, Vista and Windows 7, you can download free rainbow tables. You can download Ophcrack on SourceForge, and you can get some free and premium rainbow tables for Ophcrack here.

L0phtCrack

L0phtCrack is an alternative to Ophcrack, and attempts to crack Windows passwords from hashes in the SAM file or the Active Directory (AD). It also uses dictionary and brute force attacks for generating and guessing passwords.

Image via L0phtCrack

L0phtCrack was acquired by Symantec and they promptly discontinued it in 2006. Later, L0phtCrack developers re-acquired this excellent password cracking tool and re-released it in 2009. You can download the tool here.

Cain and Abel

Cain and Abel just might be the best known password cracking tool on the planet. Written strictly for Windows, it can crack numerous hash types, including NTLM, NTLMv2, MD5, wireless, Oracle, MySQL, SQL Server, SHA1, SHA2, Cisco, VoIP, and many others.

Cain and Abel can crack passwords using a dictionary attack, rainbow attack, and brute force. One of its better features is the ability to select the password length and character set when attempting a brute force attack. And besides being an excellent password cracking tool, it is also a great ARP Poisoning and MiTM tool.

THC-Hydra

THC-Hydra is probably the most widely used online hacking tool. It is capable of cracking web form authentication, and when used in conjunction with other tools such as Tamper Data, it can be a powerful and effective tool for cracking nearly every type of online password authentication mechanism.

The initial help screen for Hydra.

Brutus

Brutus is an online password cracking tool that many consider the fastest online password cracker. It is free and available on both Linux and Windows, and it supports password cracking in HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet, and other types such as IMAP, NNTP, NetBus, etc.

Brutus has not been updated in quite awhile, but it can still be useful and since it is open source, you can update it yourself. Brutus can be downloaded here.

Aircrack-Ng

In my humble opinion, aircrack-ng is undoubtedly the best all-around Wi-Fi hacking software available. It is capable of cracking both WEP and WPA2, and it is also capable of doing the following, among many other things.

Creating a Soft APCreating an Evil TwinCreating a Rogue APConducting a DOS attack against a Wi-Fi AP

It is only available for Linux and requires a bit of a learning curve to master, but you will be richly rewarded for the time spent learning it. In addition, to be most effective you will need to use an aircrack-ng compatible wireless card, so check their extensive list before buying your card. You can find more info on aircrack-ng over in my Wi-Fi hacking series.

Aircrack-ng is built into BackTrack and Kali and can be downloaded here.

Step 6: Password Cracking Hardware

Botnet

Password cracking is simply a function of brute force computing power. What one machine can do in one hour, two machines can do in a half hour. This same principle applies to using a network machines. Imagine what you can do if you could access a network of one million machines!

Some of the botnets available around the globe are more than a million machines strong and are available for rent to crack passwords. If you have a password that might take one year to crack with your single CPU, a million-machine botnet can cut that time to approximately 1 millionth the time, or 30 seconds!

GPU

GPUs, or graphical processing units, are much more powerful and faster than CPU for rendering graphics on your computer and for cracking passwords. We have a few tools built into Kali that are specially designed for using GPUs to crack passwords, namely cudahashcat, oclhashcat, and pyrit. Look for coming tutorials on using these tools and the GPU on your high-end video card to accelerate your password cracking.

ASIC

In recent years, some devices have been developed specifically for hardware cracking. These application-specific devices can crack passwords faster than over 100 CPUs working symmetrically.

[1] Bitfury boards by Black Arrow, [2] Butterfly Labs processor, [3] Inside the Butterfly Labs Monarch

Images via Bitcoin Talk, CoinDesk, Gizmodo

Black Arrow Software and Butterfly Labs, among others, are now selling these devices for prices up to $1500 per.

That concludes our beginning lesson on the basics of general password cracking. Stay tuned for more lessons as we go more in-depth with specific examples of using some of the tools and methods we have just covered above.

A password is the secret word or phrase that is used for the authentication process in various applications. It is used to gain access to accounts and resources. A password protects our accounts or resources from unauthorized access.

What is Password Cracking?

Password cracking is the process of guessing or recovering a password from stored locations or from data transmission system. It is used to get a password for unauthorized access or to recover a forgotten password. In penetration testing, it is used to check the security of an application.

In recent years, computer programmers have been trying to create algorithms for password cracking in less time. Most of the password cracking tools try to login with every possible combination of words. If login is successful, it means the password was found. If the password is strong enough with a combination of numbers, characters and special characters, this cracking method may take hours to weeks or months. A few password cracking tools use a dictionary that contains passwords. These tools are totally dependent on the dictionary, so success rate is lower.

In the past few years, programmers have developed many password cracking tools. Every tool has its own advantages and disadvantages. In this post, we are covering a few of the most popular password cracking tools.

1. Brutus

Brutus is one of the most popular remote online password cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000.

It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc. You can also create your own authentication types. This tool also supports multi-stage authentication engines and is able to connect 60 simultaneous targets. It also has resume and load options. So, you can pause the attack process any time and then resume whenever you want to resume.

This tool has not been updated for many years. Still, it can be useful for you.

2. RainbowCrack

RainbowCrack is a hash cracker tool that uses a large-scale time-memory trade off process for faster password cracking than traditional brute force tools. Time-memory trade off is a computational process in which all plain text and hash pairs are calculated by using a selected hash algorithm. After computation, results are stored in the rainbow table. This process is very time consuming. But, once the table is ready, it can crack a password must faster than brute force tools.

You also do not need to generate rainbow tablets by yourselves. Developers of RainbowCrack have also generated LM rainbow tables, NTLM rainbow tables, MD5 rainbow tables and Sha1 rainbow tables. Like RainbowCrack, these tables are also available for free. You can download these tables and use for your password cracking processes.

Download Rainbow tables here:http://project-rainbowcrack.com/table.htm

A few paid rainbow tables are also available, which you can buy from here:http://project-rainbowcrack.com/buy.php

This tool is available for both Windows and Linux systems.

Download Rainbow crack here:http://project-rainbowcrack.com/

3. Wfuzz

Wfuzz is another web application password cracking tool that tries to crack passwords with brute forcing. It can also be used to find hidden resources like directories, servlets and scripts. This tool can also identify different kind of injections including SQL Injection, XSS Injection, LDAP Injection, etc in Web applications.

Key features of Wfuzz password cracking tool:

Capability of injection via multiple points with multiple dictionaryOutput in colored HTMLPost, headers and authentication data brute forcingProxy and SOCK Support, Multiple Proxy SupportMulti ThreadingBrute force HTTP PasswordPOST and GET Brute forcingTime delay between requestsCookies fuzzing

Download here:

DOWNLOAD

4. Cain and Abel

Cain and Abel is a well-known password cracking tool that is capable of handling a variety of tasks. The most notable thing is that the tool is only available for Windows platforms. It can work as sniffer in the network, cracking encrypted passwords using the dictionary attack, recording VoIP conversations, brute force attacks, cryptanalysis attacks, revealing password boxes, uncovering cached passwords, decoding scrambled passwords, and analyzing routing protocols.

Cain and Abel does not exploit any vulnerability or bugs. It only covers security weakness of protocols to grab the password. This tool was developed for network administrators, security professionals, forensics staff, and penetration testers.

Download here: http://www.oxid.it/ca_um/

5. John the Ripper

John the Ripper is another well-known free open source password cracking tool for Linux, Unix and Mac OS X. A Windows version is also available. This tool can detect weak passwords. A pro version of the tool is also available, which offers better features and native packages for target operating systems. You can also download Openwall GNU/*/Linux that comes with John the Ripper.

Download John the Ripper here:http://www.openwall.com/john/

6. THC Hydra

THC Hydra is a fast network logon password cracking tool. When it is compared with other similar tools, it shows why it is faster. New modules are easy to install in the tool. You can easily add modules and enhance the features. It is available for Windows, Linux, Free BSD, Solaris and OS X. This tool supports various network protocols. Currently it supports Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Download THC Hydra here:https://www.thc.org/thc-hydra/

If you are a developer, you can also contribute to the tool’s development.

7. Medusa

Medusa is also a password cracking tool similar to THC Hydra. It claims to be a speedy parallel, modular and login brute forcing tool. It supports HTTP, FTP, CVS, AFP, IMAP, MS SQL, MYSQL, NCP, NNTP, POP3, PostgreSQL, pcAnywhere, rlogin, SMB, rsh, SMTP, SNMP, SSH, SVN, VNC, VmAuthd and Telnet. While cracking the password, host, username and password can be flexible input while performing the attack.

Medusa is a command line tool, so you need to learn commands before using the tool. Efficiency of the tool depends on network connectivity. On a local system, it can test 2000 passwords per minute.

With this tool, you can also perform a parallel attack. Suppose you want to crack passwords of a few email accounts simultaneously. You can specify the username list along with the password list.

Read more about this here:http://foofus.net/goons/jmk/medusa/medusa.html

Download Medusa here: http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz

8. OphCrack

OphCrack is a free rainbow-table based password cracking tool for Windows. It is the most popular Windows password cracking tool, but can also be used on Linux and Mac systems. It cracks LM and NTLM hashes. For cracking Windows XP, Vista and Windows 7, free rainbow-tables are also available.

A live CD of OphCrack is also available to simplify the cracking. One can use the Live CD of OphCrack to crack Windows-based passwords. This tool is available for free.

Download OphCrack here:http://ophcrack.sourceforge.net/

Download free and premium rainbow tables for OphCrack here:http://ophcrack.sourceforge.net/tables.php

9. L0phtCrack

L0phtCrack is an alternative to OphCrack. It attempts to crack Windows password from hashes. For cracking passwords, it uses Windows workstations, network servers, primary domain controllers, and Active Directory. It also uses dictionary and brute force attacking for generating and guessing passwords. It was acquired by Symantec and discontinued in 2006. Later L0pht developers again re-acquired it and launched L0phtCrack in 2009.

It also comes with a schedule routine audit feature. One can set daily, weekly or monthly audits, and it will start scanning on the scheduled time.

Download L0phtCrack:http://www.l0phtcrack.com/download.html

10. Aircrack-NG

Aircrack-NG is a WiFi password cracking tool that can crack WEP or WPA passwords. It analyzes wireless encrypted packets and then tries to crack passwords via its cracking algorithm. It uses the FMS attack along with other useful attack techniques for cracking password. It is available for Linux and Windows systems. A live CD of Aircrack is also available.

If you want to use AirCrack NG for password cracking, read tutorials here: http://www.aircrack-ng.org/doku.php?id=getting_started

Download AirCrack-NG here: http://www.aircrack-ng.org/

How to create a password that is hard to crack

In this post, we have listed 10 password cracking tools. These tools try to crack passwords with different password cracking algorithms. Most of the password cracking tools are available for free. So, you should always try to have a strong password that is hard to crack by these password cracking tools. These are few tips you can try while creating a password.

The longer the password, the harder it is to crack: Password length is the most important factor. If you select a small password, password cracking tools can easily crack it by using few words combinations. A longer password will take a longer time in guessing. You’re your password at least 8 characters long.

Always use a combination of characters, numbers and special characters: This is another thing which makes passwords hard to crack. Password cracking tools try the combination of one by one. Have a combination of small characters, capital letters, and special characters. Suppose if you have only numbers in your password. Password cracking tools only need to guess numbers from 0-9. Here only length matters. But having a password combination of a-z, A-Z, 0-9 and other special characters with a good length will make it harder to crack. This kind of password sometimes takes weeks to crack.

Variety in passwords: One important thing you must always take care. Never use same password everywhere. Cyber criminals can steal passwords from one website and then try it on other websites too.

In case you are not sure about the strength of your password, you can check it from variety of online tools available for free. Try this official Microsoft Tool for checking thepassword strength.

What to avoid while selecting your password

There are a few things which were very common a few years back and still exist. Most of the password cracking tools start from there. Passwords that fall into this category are most easy to crack. These are the few password mistakes which you should avoid:

Never use a dictionary wordAvoid using your pet’s name, parent name, your phone number, driver’s license number or anything which is easy to guess.Avoid using passwords with sequence or repeated characters: For Ex: 1111111, 12345678 or qwerty, asdfgh.

Avoid using passwords that fall in worst password list. Every year, data analysis companies publish the list of worst passwords of the year from analyzing the leaked password data.

The top 11 worst passwords of 2012:

password12345612345678abc123qwertymonkeyletmeindragon111111baseballiloveyou

The list for 2013 is yet to be published.

Conclusion:

Interested in learning more about password cracking? Check out our Ethical Hacking training! Fill out the form below to receive pricing details and a course syllabus.

ETHICAL HACKING TRAINING

The password is what makes your network, web accounts and email accounts safe from unauthorized access. These password cracking tools are proof that your passwords can be cracked easily if you are not selecting good passwords. In the article, we have listed every kind of password cracking tools, including web application password cracking tools, network password cracking tools, email password cracking tools, Windows password cracking tools and Wi-Fi password cracking tools. Security researchers use these tools to audit the security of their apps and check how to make their application secure against these tools. Cyber criminals also use these tools, but for wrong purposes. They use these password cracking tools to crack passwords of users and then access their data.

Now it is up to you. You can either use these tools for good work or bad. Although we never encourage using any educational information for any cyber crime. This post is only for educational purposes. If you are using any of these tools for cyber crimes, the author or website publishing the article will not be responsible. Learn things to know how you can be hacked and how to protect yourself.

 

 

 35
inShare 

AUTHOR

Pavitra Shankdhar

Pavitra Shandkhdhar is an engineering graduate and a security researcher. His area of interest is web penetration testing. He likes to find vulnerabilities in websites and playing computer games in his free time. He is currently a researcher with InfoSec Institute.