Snow
Forest
Mountains
Snow
Snow

Monthly Archives: March 2017

How to generate Word list using Crunch ?

Category : Blog

How to generate Word list using Crunch ?

How to generate Word list using Crunch ? In our previous blog, we discussed about how to hack or recover any unknown passwords. In this blog, we will tell you how to generate word list using Crunch. In password cracking, we often need to use a word list. The word lists are intended primarily for use with password crackers such as hashcat , John the Ripper and with password recovery utilities.

This is a tutorial for newbies and anyone who hasn’t yet used Crunch before.

Crunch is a utility that is used to create word lists using letters, numbers, and symbols for every possible combination or according to specific rules.

Here in this tutorial you will get to know about generate word list using crunch.

Want to know how to hack any password? Click here to know about this.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Crack Any Password And Identify Unknown Password

Crack Any Password And Identify Unknown Password

Category : Blog

Crack Any Password And Identify Unknown Password

Crack Any Password And Identify Unknown Password. Password Cracking refers to guess or crack passwords to gain access to a computer system. It is a common approach to identify an unknown or forgotten password. Password crackers will usually use a variety of tools, scripts or software to crack a system password.

Methods of Password Crackers

Two Primary Methods are implemented to identify correct passwords: brute-force and dictionary searches.

  • If a password is recovered by brute-force, it runs through combinations of characters within a predetermined length until it finds the combination accepted by the computer system.
  • When applying a dictionary search, a password cracker searches each word in the dictionary for the correct password.

John the Ripper is a free and open source password hacking software tool build in Kali Linux. Here is the tutorial . Click to view the tutorial.

 

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

 


Popular Smartphone Infected with Malware

Popular Smartphone Infected with Malware

Category : Blog

Popular Smartphone Infected with Malware

Want to buy a new android Smartphone? Or Already bought new android Smartphone? Do not expect it to be a clean sheet. Popular Smartphone Infected with Malware.  Pre-installed android malware found in 36 Smartphone’s.

Popular manufacturing companies like Samsung, LG, Xiaomi , Asus, Nexus, Oppo and Lenovo distributed by two unidentified companies have been found pre-loaded with malware programs.

These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker.

According to a blog “The malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed”.

Popular Smartphone Infected with Malware

In February 2016Loki Trojan injects devices inside core Android operating system to gain powerful root privileges. The Trojan includes spyware-like features, like grabbing the list of current applications, browser history, contact list, call history, and location data.

SLocker is a mobile ransomware that locks victim’s devices for ransom and communicates through Tor in order to hide the identity of its operators.

List of Popular Smartphone Infected with Malware

  • Galaxy Note 2
  • LG G4
  • Galaxy S7
  • Galaxy S4
  • Galaxy Note 4
  • Galaxy Note 5
  • Xiaomi Mi 4i
  • Galaxy A5
  • ZTE x500
  • Galaxy Note 3
  • Galaxy Note Edge
  • Galaxy Tab S2
  • Galaxy Tab 2
  • Oppo N3
  • Vivo X6 plus
  • Nexus 5
  • Nexus 5X
  • Asus Zenfone 2
  • LenovoS90
  • OppoR7 plus
  • Xiaomi Redmi
  • Lenovo A850

 

Remove the malware from Smartphone

Though it’s hard to remove, still to remove the malware from the infected devices, either you can root your device and uninstall the malware apps easily, or you would need to completely reinstall the phone firmware/ROM via a process called “Flashing.”

Flashing is a complex process, in which users power off their device and approach a technician/mobile service provider.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Fortune 1000 Companies Vulnerability

Fortune 1000 Companies Vulnerability

Category : Blog

Fortune 1000 Companies Vulnerability

Fortune 1000 Companies Vulnerability. A recent report reveals about the Fortune 1000 Companies Face Data Breaches. This Fortune 1000 company suffer twice the amount of data breaches their peers.

BitSight’s latest report revealed “How Secure Are America’s Largest Business Partners? and Rating Cybersecurity Performance of Fortune 1000,” companies which are part of this list are very likely to suffer a data breach. The report shows that the companies, who have a Security rating 900 are at the top and safest ,while companies with Security rating 500 or lower have five times more chances to experience public disclosed breach compared to other companies who have Security rating 700 or higher.

Fortune 1000 Companies Data Breaches

“Understanding security maturity of the Fortune 1000 companies provided greater context for any organisation looking to benchmark their own performance,” said Stephen Boyer, the co-founder and CTO of BitSight. “Moreover, the data can be used to improve inform companies of the risks posed when they are sharing data or network access with the Fortune 1000 organisations.”

One out of every 20 Fortune 1000 companies has experienced publicly disclosed breach. Those companies that had a deal over the Internet experiences a data breach.

There is also the greater problem that a majority of Fortune 1000 companies are found to have at least one remote administration service running on an open port, which may allow unauthorized access to machines. This vulnerability should be solved.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


DNA Digital Data Storage

DNA Digital Data Storage

Category : Blog

DNA Digital Data Storage

DNA Digital Data Storage. Usually , You all have heard about computer storage devices like floppy disks, USB flash drives, memory cards, memory sticks, tape cassettes, zip cassettes, computer hard drives, CD’s and DVDs etc

Have you ever heard about DNA storage? Yes, Researchers are discovering and investing lots of efforts into new storage techniques like DNA storage. Even they are able to read the data without any error. Including 6 files, a movie and even a virus is stored on DNA strand.

Quite Interesting right? Let us know something more.

Researchers are working on DNA storage apart from working on tons of data on tiny USB drives .  DNA storage have some advantages like it has high data storage capacity and long lasting ability. Companies like Microsoft are spending a lot of money on this technology.

DNA Digital Data Storage

Recently, the scientists from the Data Science Institute at Columbia University and the New York Genome Center published a new paper that showed how the DNA-based data storage technique can be used to store digital information like operating system, malware, or movie.

How DNA storage work?

From an Article we get to know “Yaniv Erlich, from California University and Dina Zielinski, from the New York Genome Center, looked for algorithms that were being used to encode and decode data. The files were converted into the binary strings of 1s and 0s. Then, they were compressed into one master file and the data was divided into short strings of binary code.

 To randomly pick these short strings and reassemble them in proper order later, they developed an algorithm called DNA fountain. This was followed by the creation of DNA strands.

To decode the strands, the sequences were fed into a computer that translated it into binary and reassembled the original files. The files which were created after this process contained zero errors.”

Future APPLICATION

This is very costly and unsuitable for large scale of application. The researchers had to spend $7000 to create the strands with 2 MB data and another $2000 to read it. Erlich said that “We are still in early days, but it also took magnetic media years of research and development before it became useful”.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Bypass Google’s ReCaptcha v2 anywhere

Bypass Google’s ReCaptcha v2 anywhere

Category : Blog

Bypass Google’s ReCaptcha v2 anywhere

We can easily Bypass Google’s ReCaptcha v2 anywhere on the web . Yes, you heard it right. ReBreakCaptcha is a new bypassing technique for Google ReCaptcha v2.

Bypass Google’s ReCaptcha v2 anywhere

The three steps of ReBreakCaptcha :-

  • Audio Challenge
  • Recognition – Converting the audio and sending it to Google’s Speech Recognition API.
  • Verification – verify the speech and bypass the ReCaptcha.

Bypass Google’s ReCaptcha v2 anywhere

Audio Challenge

There are three types of ReCaptcha v2 challenges:-

  • Image Challenge: It contains some description with images of 6 Sub images. The images are said to match with the description defining the images.
  • Audio Images: It contains an audio. The User is requested to put the digits after listening the audio.
  • Text Image : Contains a category and 5 candidate phrases .The user is said to select those phrases which matches the category.

There is also “I am not a robot” checkbox that verifies user and do rest of their jobs.

Sometime we get to see that instead of audio challenge we get some text challenge which we can bypass simple by clicking the “Reload Challenge” button until we get the correct type.

Recognition

  • A play button
  • A text button
  • A download button

What we will do now?

Download the audio , send it to Google Speech Recognition API. Before that we will convert the audio to ‘wav’ format and send it to Google Speech Recognition by using their API. We will use their Python library Implementation of Google Speech Recognition API. Google will send it as a string.

Verification

You just need to copy paste that string into the text box and then verify on the ReCaptch Widget.

We are using half of the Google services to bypass another services.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training