Subscribe

Powered By

Free XML Skins for Blogger

Powered by Blogger

Wednesday, October 1, 2008

Joomla-based Filipino sites still vulnerable

Few weeks had past since joomla team release a security update regarding high-priority issues of Joomla 1.5x version where admin passwords can be reset when token sanitation failed to sanitize correctly which results in a successful password reset. Affected versions ranges from Joomla 1.5.0 – 1.5.5, but to my dismay I found out ‘till now some joomla-based sites which belongs to some of my fellow filipino people haven’t updated yet their joomla sites which are very vulnerable to exploitation. I even conducted a penetration test to see if it is still possible to reset there admin passwords and gain privileges to their site. I got a few list of vulnerable sites but I don’t want to share it publicly for security purposes. One of my hit lists belongs to Academic institution, including some local government sites and personal site. I’ve contacted a few webmasters regarding their site but more are left uninformed about the security issue, leaving their site prone to exploitation.


On the other hand, I reached to the point where I almost decided to hack their site just to vandalize it or post some explicit/vulgar words but thank God He had given me strength and a solid faith to avoid such unethical practices. I guess I grew up a little bit each day not like when I was in my younger days when I had no doubt and fear of doing such stupid things.



Read More:

Monday, July 21, 2008

How to recover deleted SMS message from mobile phone

Now you can recover deleted sms messages from mobile phone using this tutorial. First you'll need some tools to make it possible, pre-requisites are listed below:

  • Smart card reader that is compatible with the Windows smart card subsystem
  • Smart card reader that is compatible with the Windows smart card subsystem. You probably also need a Plug-in (GSM SIM card size) to ID-1 (ordinary smart card size) adapter card so the SIM card fits into the reader physically or ChipDrive Micro RS232 from Towitoko.
Download this tool UndeleteSMS

After downloading run the program thru command.com or simply type cmd.exe (ex. click windows button->run->then type cmd.exe and drag the Undeletesms.exe to command and check the given info before proceeding. make sure you already attach you devices before executing it.

Q & A

Q: My GSM SIM card reader does not work with UndeleteSMS, how come?

A: Dedicated GSM SIM card readers are usually not compatible with the Windows smart card subsystem.

Q: Where do the erased SMS's end up?

A: They are printed in the Command Prompt window.

Q: What does "message is not in default alpabet [40] cannot decode" mean?

A: It usually means that the entry is an EMS or MMS instead of an ordinary SMS.

Q: I have a question that is not covered here. Where can I get help?

A: Send me your question. I can't promise that I will have time to answer, but I'll do my best.

All credits goes to Arne Vidstrom - http://vidstrom.net

Network intrusion - How to defend yourself

Last week I conducted an experiment for our local area network (LAN) to check whether it is secured or not. We have firewall installed on our network and over 30 computers on LAN area.

To check the integrity of our network to know if we are safe (I mean on a local area only) I use a software to perform a packet sniffing - a method to sniff traffic/packet over network. Surprisingly, I was able to sniff usernames and passwords for more than thirty computers on my network I was able to sniff them including cookies on secure connection (referring to browsers' cookie).

The method I perform is called ARP Spoofing, many software like this available online and for penetration testing only. If used improperly may cause you to trouble. I used cain & abel from oxid.it to perform such spoofing and I really like this software for conducting penetration tests. Note that your antivirus might flag it as a "virus" because it uses some packet sniffing method. Download only on that site for security purpose.

My purpose of ARP spoofing is to know if the packets sent over our network is safe and can't be intercepted and immune to local network attacks. But to my surprise I was able to gain their username and passwords, email, secure certificates, browser coockies, and other important details of each computer's user transaction.

I do not suggest you to take advantage and do evil things by using this program, as per IT security experts motive is to conduct a penetration test and not to harm network and perform hacking unethically. Nor I myself did not take advantage to those sniffed passwords and all other materials gathered during penetration testing.

How to secure your password - Things you don't know yet about your password

There are several ways on how to secure your password. Basically people use passwords base on their pet names, spouse, birthdays or any other important events and names which are alphabetically simple. On my previous post I mentioned having a seven (7) characters long password is important. In this case, having a seven characters long password is still easy to crack/decode using various method as I have mention on my previous post that it can be much easier using those tools to gain/crack passwords even if it is seven characters long.

A great way to secure your password is having a combination of alphabetical and number, more than seven characters long passwords. Base on my experience, a 7 characters long alphabetical password is cracked only in a few seconds compare to combined alphabet and number passwords. Even a longer than seven (7) characters is cracked within a minutes of waiting using a special method of cracking. Want some proof? Check out my previous post on using Ophcrack and see for yourself!

Even my twelve (12) characters long password - all alphabetical - was cracked by myself in a few minutes which I myself forcefully decided to change it having a number combination to harden the encryption. How does this happen? Having all alphabetical passwords are crack faster because of having "only alphabets" no numbers included, and a less time for decoding it. Truly, MD5 hashed passwords are hard to crack but having your passwords composed of only alphabetical is still vulnerable to cracking. A Salted MD5 hash would do because salted hash is a lot difficult to crack but on windows system is not reliable enough to protect you password.

Thursday, June 19, 2008

Myspace Private Picture Hack

Can't view private pictures on someone's profile? Here is a trick to show off that private pics they hide on their profile on Myspace. I do not recommend using any software/program this time but a simple url trick would do.

To be able to view private pics on Myspace profile just copy this URL below:

http://lads.myspace.com/slides/photoslider.swf?u=

so just put your private person or anybody's myspace id after the = and you can see all their photos

For example: http://lads.myspace.com/slides/photoslider.swf?u=29736584

have fun :)

Tuesday, June 17, 2008

Hacking Joomla Sites

Personally I like Joomla! based sites because it is easy to manage and sort things out even doing the SEO just like on wordpress blogging and even creating your own site design. But these days more and more Joomla! sites are getting hacked by anonymous hackers on the web globally. Reasons are easily be pointed out to unaware webmasters/owners of the site the installation of extensions or shall we say add-ons to Joomla resulting in a more vulnerable of getting exploited, massive damage and defacement to their site including loss of prospects, personal information, and on financial aspect.

How these events had happened? When the site owners pointed fingers to their hosts blaming for unsecured web server, failed security, failure monitoring and so forth. But they don't know that by adding some extensions without checking first if the extension that they are using have a bugs or vulnerable to exploitation then it would be a major reason that their site is prone to hacking. For my personal experience I manage to obtain admin password hashes of several Joomla based sites in a minutes of exploiting using Google as search engine. Using MD5 hash cracker the encrypted MD5 passwords are converted into readable ascii letters. Fortunately a lot of web based MD5 cracker is available on the net making the cracking process speed up.

It is really a big issue for security aspect on your site if you are not aware of these kind of vulnerables and bugs of those extensions that you applied on your Joomla site. It is best advised to manage and update the extensions used (if update of such extension is available) then you should update it to address the known security issues to your site to avoid getting hacked.

Windows XP Cracking Passwords the Easy Way!

Well, many of us trying to crack/decode a password on Windows XP System had a hard time or shall we say most of the time we end up failure specially if we are cracking more than seven (7) characters long passwords. Some people uses cracking programs whether brute forcing, dictionary based cracking and so on. Face the fact that seven or more characters long passwords are harder to decode, possibly you can crack it for a few or more days by brute forcing.

Now we can easily crack long passwords for an instance in my personal experience I will introduce to you using the 0phCrack and the infamous "Rainbow table" algorithm. Surprisingly the seven character long or more passwords are cracked in a few seconds! Yes it's true, But bear in mind that I have my Rainbow table as big as 669 MB which it can be loaded by 0phcrack and cracks passwords in a few seconds (5 user accounts on my system with 12 characters long passwords!).

Maybe you'll think that this is just another work-today-die-tomorrow cracking tricks but to let you know that this process cracks MD5 hashes. LM and NT passwords are easily cracked by this method specially on Windows XP system. I will not discuss further as to where you can find 0phcrack and rainbow tables that I used (669MB file size) but believe me it helps me a lot, making the process done quickly as I never expected before. You can find those tools and references on many sites for free. But if you really want to know where the hell I get those tool and the rainbow table then you are free to send me pm or post your comments here.

Using this method of cracking Windows Xp password there is no need for you to reset loss password, saves your day ahead without getting caught for resetting the administrator password on windows xp. Just make sure you have the privilege to install the mentioned program/tools so that your cracking will be successful.

So start cracking now!