Monday, November 9, 2009

Cracking WPA2 Password Using Pyrit

In this video its shown how to attack Wireless Networks using Pyrit tool. Pyrit is a GPU cracker for attacking WPA/WPA2 PSK protocols. It allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff.Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK.Download and other details can be found here.

Thursday, September 24, 2009

Nmap Using TOR Networks

A good video showing how to scan networks with Nmap using Tor network to stay anonymous.
An Attacker downloads and configure TorTunnel,TOR bundle and proxychains.After setting up everything an attacker uses nmap to find out running services on different IPs.The main purpose of this video to stay anoanymous while scanning different networks.......

Thursday, September 17, 2009

Milw0rm Exploits Archive

A live demo on how to use latest exploits from milw0rm on backtrack live distro in detail. In this video Attacker lauches an attack against Dream FTP Server to crack Administrator's password on a windows box.

Wednesday, September 2, 2009

Gerix WiFi Cracker

Gerix Wifi Cracker NG is pre-installed on the BackTrack 4 Final version and is available on all the different Debian Based distributions, like Ubuntu etc...This software requires Aircrack-ng, xterm, zenity and obviously python-qt3. It has a nice GUI interface with the help of which there is very little or no manual work left.

Friday, August 21, 2009

Karma Exploit

This video is on using karma exploit from metasploit on Backtrack 4.An Attacker setup his own fake Accesspoint in monitor mode, DHCP daemon and a web server daemon.Attacker runs Metasploit's karma exploit.The moment IP is assigned to victim's PC , all the activity is logged at the attacker's machine including the URL visit and credentials used for mail and web.
Attacker now has full comtrol on victim's machine....

Wednesday, August 5, 2009

Sniffing And HTML Injection

This video explains various examples of network sniffing and HTML injection with Ettercap-NG tool on BackTrack-4 on a Local Area Network.Shows how an attacker can change text of chat messages within LiveMessanger using ettercap filters and also using Ettercap plugin,Filters,filterf_modify,file-inject. An Attacker can even find who else is ARP poising on LAN using search_poisoning ettercap plugin.

Monday, July 27, 2009

Wireless Key Grabber

This video is showing how to use Wireless Key Grabber. It requires lighttpd and it runs a fake wireless access point to grab wireless keys.whenever a user tries to connect to any website after connecting to this fake access point his browser is forwarded to a customised URL.Metasploit DLL injection is used to grab wireless key.Download link is available here.

Saturday, July 18, 2009

DNS Spoofing And Browser Spying

In this video an attacker sniffs network traffic from a remote machine using ARP and DNS Spoofing with Ettercap.Uses Driftnet program to listens to network traffic and sniff out images from TCP streams on the network.And finally uses remote_browser plugin of ettercap which sends visited URLs of the victim to attackers browser.Like this an attacker's browser follows what ever the victim is browsing. Just watch this.....

Friday, July 10, 2009

Hacking and decrypting SSL and TLS traffic

A Video demonstrating how a Attacker can sniff wireless networks using veriety of different tools like arpspoof for ARP Spoofing so that victim's computer routes all internet traffic via attacker's network interface.DNSSpoof is used to send the IP of an infected machine which is setup by an attacker.And finally WebMitm tool is used to send a spoofed certificate.When ever a user opens up any SSL encrypted web site,WebMitm issues a fake certificate.once the user accepts that certificate,Attacker can then sniff complete network traffic using wireshark.When attacker collect enough data,he can use SSLDump to decrypt everything using the certificate issued by WebMitm.Like this attacker can have complete details about user's credentials.

Thursday, July 9, 2009

Sniffing SSL Secured Logins With Ettercap

A Small video showing how easy it is to intercept HTTPS traffic from switched local network by spoofing the SSL certificate using man in the middle attack with Ettercap. The attacker uses one way ARP poisoning on victim and issues a fake spoofed SSL certificates on a switched Ethernet network.

Wednesday, July 1, 2009

How to hack a phone using BlueTooth

This video is live demonstration of hacking a cell phone using Bluetooth hacking tool called Super Bluetooth hack.This Java based tool allows to remotely make calls, view messages,remotely do any thing as if attacker is using the phone himself.

Friday, June 26, 2009

DHCP Spoofing MITM attack

This video is showing how to spoof DHCP IP assignment using Ettercap. When a new PC is added on the network which is configured to have IP address dynamically from a DHCP address. An attcker can spoof this IP assignment process and provide his own IPs, like a gateway which has been configured to sniff their usernames and passwords.

Tuesday, June 23, 2009

Sniffing Remote Router Traffic via GRE Tunnels

A good demo of sniffing network traffic remotely via setting up IP tunnel interface on remote router using WHAX live distro. Attackers makes configuration changes on router to start a tunnel interface and route all of the network traffic from that tunnel interface. Later they can sniff the traffic when ever they wants.

Wednesday, June 17, 2009

Bluetooth Sniffing in Linux

A very good video showing how to sniff BlueTooth Pin while pairing two BlueTooth devices and crack it.

Tuesday, June 16, 2009

Securing Web Services

This presentation is on Web Services Security , pointing at almost all of the fields requires attention for web application security.Shows how to effectively manage application development lifecycle and how to integrate Top 10 OWASP projects to develop any application keeping security in mind.

A1 - Cross Site Scripting (XSS)

A2 - Injection Flaws

A3 - Malicious File Execution

A4 - Insecure Direct Object Reference

A5 - Cross Site Request Forgery (CSRF)

A6 - Information Leakage and Improper Error Handling

A7 - Broken Authentication and Session Management

A8 - Insecure Cryptographic Storage

A9 - Insecure Communications

A10 - Failure to Restrict URL Access

Monday, June 8, 2009

Windows SMB Relay Exploit

A live demonstration of obtaining admin access on a Windows XP SP3 Machine. Exploits a flaw in Windows Server Message Block (SMB) which provides shared access to files and folders on network. Hacker utilizes Metasploits Framework to run the exploit.It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer and can even get a reverse shell.Hacker forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter.For authentication target computer is forwarded to Metasploit.

Friday, June 5, 2009

Remote shell with a Word document

Using a Metasploit payload on Backtrack 4 to create a macro enabled Microsoft Word document which on executing opens a remote shell.

Thursday, June 4, 2009

Honey Pots

Honeypots are the machines used for intrusion detection.It's basically a trap for hackers and seems to contain wealth of information in which hackers are interested in.

These computors are configured with lots of monitoring tools which keeps an eye on each and every step of hackers which helps in studying their mind set later on. Softwares installed on these computers are dual purpose.At first glance they are inviting in nature, intruders gets attracted to them and on the other hand it helps in intelligence gathering.Once the hacker breaks into the system,later studies of these machines by security administrators helps in finding the ways which attacker used to break into these systems and helps in blocking those intrusion techniques.

More details on Honey Pots can be found here

Wednesday, May 27, 2009

PHP Remote File Inclusion

Remote File Inclusion is a technique used to attack websites from a remote computer.RFI allow malicious users to run their own PHP code on a vulnerable website.This allows the attacker to use and run any remote file just by editing the URL. Like a webshell can display the files and folders on the server and can add,edit or delete files and folders,send spams and even get hold of root.

More details on PHP Webshell are here.

Saturday, May 23, 2009

Top Ten Web Hacking Techniques

Top Ten Web Hacking Techniques 2008 by Jeremiah Grossman,Founder & Chief Technology Officer of WhiteHat Security.

Thursday, May 21, 2009


This is a demonstration of hacking wireless access points networks with Aircrack-NG.Before running airodump we need to find an adaptor driver which can be downloaded from the here.

Please note few points regarding wireless as mentioned below -

Channels are the channel your Access Point is Broadcasting on.
ESSID is the Name of your wireless network.
BSSID is the MAC address of your Access Point.

We will have to put the wireless card in monitor mode before capturing the data.Complete step by step documentation can be found here.

Monday, May 18, 2009

SSH Hacking

A Dictionary attack is launched against SSH using a Shell Script to crack Passwords.

Friday, May 15, 2009

Using NetCat as a Backdoor

In this video a windows RPC exploit is used with the help of Metasploit on Backtrack.After exploiting the RPC vulnerability in windows,hacker uploads Netcat tool to regain access when ever he wants.

Thursday, May 14, 2009

Metasploit Autopwn tool

This Video shows MetaSploit Autopwn tool in action.After identifying a victim's machine using port scanning techniques,Just run the Metasploit framework and connect to sqlite database.Again run a port scan on victim's machine so that the result is saved in the database.Then run the Autopwn tool against the port scan result,Autopwn will automatically run all the exploits against the open port.When the attack completes successfully, we get open sessions. Job Done !!!!

This can also be achived by running Autopwn exploits against the result saved by Nessus in NBE format.

Wednesday, May 13, 2009

Dump Cleartext Passwords From Windows Memory

This video shows how you can dump the cleartext passwords from a memory dump of a Windows system by using a tool called MDD.

Monday, May 11, 2009

DNS Spoof Virutal Hosts

DNS Spoofing is a type of MITM attack in which victim's computer is sent a fake DNS reply for a particular website,forcing his machine to visit a different site.But when this Spoofed IP is hosting multiple virtual sites with multiple Host Headers and attacker wants to use this IP as a fake DNS reply for DNS Spoofing then the server will not be able to determine the proper destination as Host Header will be missing in the request.Hence DNS Spoofing attack will not success.

In this video , Ettercap is combined with a C program to change the host header on the fly and submits a new get request to the web server, which allows an attacker to successfully launch DNS Spoofing attack with a IP hosting multiple virtual web sites.

More info can be found here.

Thursday, April 30, 2009

Monday, April 27, 2009

Thursday, April 23, 2009

Tuesday, April 21, 2009

Thursday, April 16, 2009

Monday, April 13, 2009

Cracking Tutorial

Thursday, April 9, 2009

Monday, April 6, 2009

Tuesday, March 31, 2009

Wednesday, March 4, 2009

Monday, March 2, 2009

Thursday, February 26, 2009

Tuesday, February 24, 2009

Monday, February 23, 2009

Thursday, February 19, 2009

Wednesday, February 18, 2009

Tuesday, February 17, 2009

Thursday, February 12, 2009

XSS Hacking

Tuesday, February 10, 2009

Thursday, February 5, 2009

Wednesday, February 4, 2009

How XSS Hack works

Tuesday, February 3, 2009

Saturday, January 31, 2009

Friday, January 30, 2009

Thursday, January 29, 2009

Forensic Toolkit


Privilege Escalation Hack

Writing Exploits in Metasploit

Wednesday, January 28, 2009

Tuesday, January 27, 2009

Monday, January 26, 2009

netcat reverse connection at startup

Port scan using netcat

Saturday, January 24, 2009

Firewalls And IDS

Uploaded on authorSTREAM by Hufflepuff

Friday, January 23, 2009

Thursday, January 22, 2009

What is an MD5 Checksum

Telnet Bruteforce

Wednesday, January 21, 2009

Monday, January 19, 2009

Saturday, January 17, 2009

Tuesday, January 13, 2009

Fragroute In Action


Wednesday, January 7, 2009

Tuesday, January 6, 2009

Monday, January 5, 2009

Saturday, January 3, 2009

Friday, January 2, 2009