Cracking WPA2 Password Using Pyrit

In this video its shown how to attack Wireless Networks using Pyrit tool. Pyrit is a GPU cracker for attacking WPA/WPA2 PSK protocols. It allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff.Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK.Download and other details can be found here.

Nmap Using TOR Networks

A good video showing how to scan networks with Nmap using Tor network to stay anonymous.
An Attacker downloads and configure TorTunnel,TOR bundle and proxychains.After setting up everything an attacker uses nmap to find out running services on different IPs.The main purpose of this video to stay anoanymous while scanning different networks.......

Milw0rm Exploits Archive

A live demo on how to use latest exploits from milw0rm on backtrack live distro in detail. In this video Attacker lauches an attack against Dream FTP Server to crack Administrator's password on a windows box.

Gerix WiFi Cracker

Gerix Wifi Cracker NG is pre-installed on the BackTrack 4 Final version and is available on all the different Debian Based distributions, like Ubuntu etc...This software requires Aircrack-ng, xterm, zenity and obviously python-qt3. It has a nice GUI interface with the help of which there is very little or no manual work left.

Karma Exploit

This video is on using karma exploit from metasploit on Backtrack 4.An Attacker setup his own fake Accesspoint in monitor mode, DHCP daemon and a web server daemon.Attacker runs Metasploit's karma exploit.The moment IP is assigned to victim's PC , all the activity is logged at the attacker's machine including the URL visit and credentials used for mail and web.
Attacker now has full comtrol on victim's machine....

Sniffing And HTML Injection

This video explains various examples of network sniffing and HTML injection with Ettercap-NG tool on BackTrack-4 on a Local Area Network.Shows how an attacker can change text of chat messages within LiveMessanger using ettercap filters and also using Ettercap plugin,Filters,filterf_modify,file-inject. An Attacker can even find who else is ARP poising on LAN using search_poisoning ettercap plugin.

Wireless Key Grabber

This video is showing how to use Wireless Key Grabber. It requires lighttpd and it runs a fake wireless access point to grab wireless keys.whenever a user tries to connect to any website after connecting to this fake access point his browser is forwarded to a customised URL.Metasploit DLL injection is used to grab wireless key.Download link is available here.

DNS Spoofing And Browser Spying

In this video an attacker sniffs network traffic from a remote machine using ARP and DNS Spoofing with Ettercap.Uses Driftnet program to listens to network traffic and sniff out images from TCP streams on the network.And finally uses remote_browser plugin of ettercap which sends visited URLs of the victim to attackers browser.Like this an attacker's browser follows what ever the victim is browsing. Just watch this.....

Hacking and decrypting SSL and TLS traffic

A Video demonstrating how a Attacker can sniff wireless networks using veriety of different tools like arpspoof for ARP Spoofing so that victim's computer routes all internet traffic via attacker's network interface.DNSSpoof is used to send the IP of an infected machine which is setup by an attacker.And finally WebMitm tool is used to send a spoofed certificate.When ever a user opens up any SSL encrypted web site,WebMitm issues a fake certificate.once the user accepts that certificate,Attacker can then sniff complete network traffic using wireshark.When attacker collect enough data,he can use SSLDump to decrypt everything using the certificate issued by WebMitm.Like this attacker can have complete details about user's credentials.

Sniffing SSL Secured Logins With Ettercap

A Small video showing how easy it is to intercept HTTPS traffic from switched local network by spoofing the SSL certificate using man in the middle attack with Ettercap. The attacker uses one way ARP poisoning on victim and issues a fake spoofed SSL certificates on a switched Ethernet network.

How to hack a phone using BlueTooth

This video is live demonstration of hacking a cell phone using Bluetooth hacking tool called Super Bluetooth hack.This Java based tool allows to remotely make calls, view messages,remotely do any thing as if attacker is using the phone himself.

DHCP Spoofing MITM attack

This video is showing how to spoof DHCP IP assignment using Ettercap. When a new PC is added on the network which is configured to have IP address dynamically from a DHCP address. An attcker can spoof this IP assignment process and provide his own IPs, like a gateway which has been configured to sniff their usernames and passwords.

Sniffing Remote Router Traffic via GRE Tunnels

A good demo of sniffing network traffic remotely via setting up IP tunnel interface on remote router using WHAX live distro. Attackers makes configuration changes on router to start a tunnel interface and route all of the network traffic from that tunnel interface. Later they can sniff the traffic when ever they wants.

Bluetooth Sniffing in Linux

A very good video showing how to sniff BlueTooth Pin while pairing two BlueTooth devices and crack it.

Securing Web Services

Securing Web Services

This presentation is on Web Services Security , pointing at almost all of the fields requires attention for web application security.Shows how to effectively manage application development lifecycle and how to integrate Top 10 OWASP projects to develop any application keeping security in mind.

A1 - Cross Site Scripting (XSS)

A2 - Injection Flaws

A3 - Malicious File Execution

A4 - Insecure Direct Object Reference

A5 - Cross Site Request Forgery (CSRF)

A6 - Information Leakage and Improper Error Handling

A7 - Broken Authentication and Session Management

A8 - Insecure Cryptographic Storage

A9 - Insecure Communications

A10 - Failure to Restrict URL Access

Windows SMB Relay Exploit

A live demonstration of obtaining admin access on a Windows XP SP3 Machine. Exploits a flaw in Windows Server Message Block (SMB) which provides shared access to files and folders on network. Hacker utilizes Metasploits Framework to run the exploit.It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer and can even get a reverse shell.Hacker forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter.For authentication target computer is forwarded to Metasploit.

Remote shell with a Word document

Using a Metasploit payload on Backtrack 4 to create a macro enabled Microsoft Word document which on executing opens a remote shell.

Honey Pots

Honey Pot

View more OpenOffice presentations from iradarji.

Honeypots are the machines used for intrusion detection.It's basically a trap for hackers and seems to contain wealth of information in which hackers are interested in.

These computors are configured with lots of monitoring tools which keeps an eye on each and every step of hackers which helps in studying their mind set later on. Softwares installed on these computers are dual purpose.At first glance they are inviting in nature, intruders gets attracted to them and on the other hand it helps in intelligence gathering.Once the hacker breaks into the system,later studies of these machines by security administrators helps in finding the ways which attacker used to break into these systems and helps in blocking those intrusion techniques.

More details on Honey Pots can be found here

PHP Remote File Inclusion

Remote File Inclusion is a technique used to attack websites from a remote computer.RFI allow malicious users to run their own PHP code on a vulnerable website.This allows the attacker to use and run any remote file just by editing the URL. Like a webshell can display the files and folders on the server and can add,edit or delete files and folders,send spams and even get hold of root.

More details on PHP Webshell are here.

Top Ten Web Hacking Techniques

Top Ten Web Hacking Techniques 2008 by Jeremiah Grossman,Founder & Chief Technology Officer of WhiteHat Security.