12/16/2011 Chinese hackers took control of NASA satellite for 11 minutes

 
Landsat-7 and Terra EOS satellites

Hacking is becoming a growing problem on Earth. It may seem strange to mention Earth, as there’s not much to hack outside of our planet’s atmosphere unless you count satellites. Even then, how feasible would it be to gain access to the systems running such devices?
Well, China not only has people working on such things, it has been discovered they actually managed to take control of two NASA satellites for more than 11 minutes.
The successful attacks occurred in 2007 and 2008. The more serious of the two happened in ’08 when NASA had control of the Terra EOS earth observation system satellite disrupted for 2 minutes in June, and then a further 9 minutes in October. During that time, whoever took control had full access to the satellites’ systems, but chose to do nothing with it.

The second hack affected the Landsat-7 satellite on two occasions, one in October of ’07, the other in July of ’08. Unlike the Terra OS incident, this hack did not see control taken away, but access was gained.


 
Washington D.C. captured by Landsat-7 in 2005

We only know about these hacks because of a report becoming available this month. It is entitled the 2011 Report to Congress of the U.S.-China Economic and Security Review Commission and made available online at the USCC website (link below). The specific details can be found on page 216 of the document, which is actually page 224 of the PDF.

It is suggested such malicious cyber activity in relation to satellites can be carried out to either destroy the system rendering it useless, or to exploit it to see what the “enemy” sees and gain intelligence on “ground-based infrastructure.”

Interestingly, the report points to the use of ground stations outside of the U.S. to control satellites as weak points. The reason being they use the Internet for data access and communication, not a closed link. We don’t know if that is still the case, but we’d hope not, or at least hope that the communication link is using better encryption and security checks.

Read the report online at the USCC website (PDF), via ITWorld

@atulpurohit

BlackBerry PlayBook jailbreak Dingleberry v0.3 available for download

Want root access on your BlackBerry PlayBook? Can’t wait to dig around in the PlayBook’s QNX operating system? Head on over to the Dingleberry website where Chris Wade’s jailbreak tool for the PlayBook has been posted for download.

Right now, Wade only has a Windows version of the tool available, and he noted on Twitter that all this particular release does is enable root access on the PlayBook. No other functionality (like restoring Hulu web access) is gained by running Dingleberry right now. Wade also notes that RIM already has an update ready that will put the kibosh on Dingleberry jailbreaks, so avoid installing any PlayBook OS updates that are offered if you want to root your tablet.

If you’ve got a Windows computer and a few seconds, the process is dead simple. Download Dingleberry, extract the contents of the zip file, launch the executable, and provide the IP address and password of your PlayBook (you can find the IP on settings > about > network). You’ll also need to enable Wi-Fi file sharing (which you should have done on day one — it’s one of the PlayBook’s best features) and make sure password protected sharing is disabled. After that, you’re ready to fire up DingleBerry and root your PlayBook.

One thing the PlayBook root might enable is a more full-featured Android experience. Previously, the Dingleberry creators had reported success installing the Android Market on the PlayBook. Devs could then download additional apps directly from the Market and install them on the PlayBook without the need for repackaging them using RIM’s porting tools. It’s a safe bet that future updates to Dingleberry might make the process of getting the Market installed a bit smoother, but we’ll have to wait and see what Wade and Co. have up their collective sleeves.

@atulplayer

12/02/2011 Speeding Up Lua Script Execution in ModSecurity

Often when implementing customised ModSecurity solutions we need to extend the built-in functionality via Lua scripting. One of the disadvantages to this approach is the added latency penalty paid for not using the native rules language. When web site performance is critical for business continuity, every additional millesecond counts. The current trunk code fixes a long-standing limitation where ModSecurity needed to create a new VM for each request, which added latency every time a Lua script was executed. By combining the new Lua VM implementation along with replacing the Lua interperter with LuaJIT we can enjoy a significant speed increase in script execution.To measure the speed difference we will test with a simple script used to generate a random token as part of a predictable session token patch. The code is below:

#!/usr/bin/lua

function main()

  -- Create random cookie value
  local ip = m.getvar("REMOTE_ADDR")
  local md5 = require "md5"

  math.randomseed( os.time() )
  randomtoken = md5.sumhexa(ip .. math.random())
  m.log(3, "RandomToken: " .. randomtoken);
  m.setvar("TX.token", randomtoken);
  return 1
end

If we run this script 1000 times via the ModSecurity 2.6.2 engine, the script takes an average of 616 microseconds to run, as shown below:

lab@lab:~$ for i in `seq 1 1000`; do wget -qO /dev/null http://localhost/; done

lab@lab:~$ let sum=0;for duration in 
$(grep "Script completed in " /opt/modsecurity/var/log/debug.log|
cut -d " " -f 8); {  let sum=$sum+$duration; };
let average=$sum/1000;echo $average
616

As noted above we can significantly increase the speed execution by using the latest engine from trunk along with using LuaJIT instead of the regular Lua shared library. The good news is setting this up is simple. As noted here as of Lua 5.1 "LuaJIT is also fully ABI-compatible to Lua 5.1 at the linker/dynamic loader level. This means you can compile a C module against the standard Lua headers and load the same shared library from either Lua or LuaJIT." In other words, all we need to do to use LuaJIT with ModSecurity is to load the LuaJIT shared library in the Apache ModSecurity module configuration. On a Debian Sid based system this looks like:

lab@lab:~$ cat /etc/apache2/mods-enabled/modsecurity.load 
# Load libxml2
LoadFile /usr/lib/libxml2.so
# Load Lua
LoadFile /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2.0.0
# Finally, load ModSecurity
LoadModule security2_module /opt/modsecurity/bin/mod_security2.so

With these changes we will run the same script again and compare the results. 

lab@lab:~$ echo " " >/opt/modsecurity/var/log/debug.log 
lab@lab:~$ for i in `seq 1 1000`; do wget -qO /dev/null http://localhost/; done
lab@lab:~$ let sum=0;for duration in 
$(grep "Script completed in " /opt/modsecurity/var/log/debug.log|
cut -d " " -f 8); {  let sum=$sum+$duration; };
let average=$sum/1000;echo $average
112

As you can see the script execution went from 616 microseconds down to 112 microseconds. While the example script we used here was simplistic and added little overhead to begin with, with the changes described above more complex Lua scripts can be run with greater efficiency.
@Atul Puohit

9/14/2011 Intel Labs creates a Fireball to help fight fires

Intel may be best known for its design and production of processors, but the chip giant has its hand in many fields of technology and related-research, one of which is disaster management.
On day zero of IDF, Intel Labs was showing off a few devices it had developed to help manage a disaster situation. The most interesting of those devices is called the Fireball. Terry O’Shay from Intel Labs was on hand to show off the device, which you can see in the video below.





Fireball is a spherical device with an antenna popping out of the top of a steel case. It is meant to be thrown into a fire at which point the sensors inside can feedback information about temperature, the quality of the air (amount of oxygen, carbon dioxide, and ammonia present), and what free volatiles exist. The electronics and battery housed in the center of the Fireball don’t fry in the fire because they are encased in a ceramic shell, which also means the device won’t explode and injure anyone.

The information collected by each Fireball is fed back over WiFi to a server sitting in the firetruck. Firemen can then gain access to this information using an app on their phone which gives clear readouts for each sensor. The data can also be stored for later analysis.




It is hoped the additional information the Fireball provides will help firefighters better tackle fires. Using multiple Fireballs in larger fires may also help in the planning stages of how to best go about putting the fire out. Testing is required with firefighters using the Fireball in a real-life situation, but Intel is confident the device will be in use within the next few months.

@Atulplayer

Windows 8 Samsung tablet handled, new features revealed

As expected, Microsoft has handed out a Samsung tablet to BUILD attendees. So, what was the mysterious tablet teased last week?

It wasn’t a quad-core Nvidia chip as some thought. Rather, it was a kicked-up Samsung Series 7 slate with an Intel Core i5 processor, 4GB of RAM, a 64GB SSD, and an 11.6″ Super PLS touchscreen display. The tablet also came with a dock that offered wired connectivity options like USB, HDMI, and Ethernet.

If that’s not enough to make you drool, lucky devs in attendance also received complimentary 3G service from AT&T — a whole year’s worth, with a bandwidth allotment of 2GB per month.

After the hardware was unboxed, the hands-on previews arrived and Microsoft’s Windows Phone-esque interface was front and center making Windows 8 a finger-friendly experience. From the moment you sign in, Windows 8′s tablet features are easy to see.





First, there’s the new picture password option. Instead of using a plain old password, you’ve now got the option to select a picture from your library and draw a pattern on top of it to log in (example: touch your dog’s nose and then draw a circle around its head). It’s a very smart system and totally immune to keyloggers.

Once you’ve signed in, the previously-revealed start screen comes into view. Apps and Live Tiles can be pinned, rearranged, and re-sized to your specifications. The start menu has been simplified, reduced to 5 “charms”: settings, devices, share, search, and start. The share charm will tap into Windows Live, where you can, of course, connect your Live ID to scores of web services like Facebook, LinkedIn, Twitter, YouTube, and just about any other site on which you have an account.

Windows 8 also offers a greatly improved on screen keyboard. The keys are larger and easier to hit accurately with a finger, and there’s also a split mode that allows you to type using your thumbs — a nice option since 12″ tablets like the Samsung freebie are a bit heavy for using comfortably in one hand for long periods of time.





Internet Explorer 10 was also on display, shown in all its chromeless glory looking very much like a third-party tablet browser like Dolphin or Opera Mobile running in full screen mode. Tabs are shown visually in a strip along the top edge of the screen and the browser’s address bar has been moved to the bottom — where it more or less replaces the taskbar.

Again, it’s a very finger-friendly interface, with the generously-sized buttons and thumbnails providing a much more natural experience than you’ll get with Internet Explorer 9 on a Windows 7 tablet.

As one final nod to the tablet computing experience, Microsoft announced that Windows 8 builds on Windows 7′s already improved support for various types of sensors — including gyroscopes, accelerometers, and magnetometers. It also supports NFC, which enables webOS style tap-to-share on Windows 8 devices.

With the Windows 8 preview download going live tonight, we’ll share more details as they’re revealed in the coming days. Stay tuned!

Also, check out the Samsung tablet running Windows 8 over at ExtremeTech


@Atulplayer

Sony unveils Walkman Z series powered by Android

http://best4hackingnews.blogspot.com


Not everyone who wants to play music and videos or run apps and games on a touchscreen device is in the market for a for an iPhone or Xperia Arc. That’s why Apple still makes the iPod touch — and why Sony has just introduced the Walkman Z series powered by Android.

Like many smartphones, the Walkman NWZ-1000 series PMPs offer a 4.3″ display that pushes 480×800 pixels, a 1GHz Nvidia Tegra 2 processor, 512MB RAM, 802.11 b/g/n Wi-Fi, Bluetooth 2.1, FM tuner, and a micro-HDMI port for video output. Full 1080P HD video is supported and plays back smoothly at bitrates as high as 10Mbps. Unlike the Samsung Galaxy Player range, Sony has decided to omit a camera on the NWZ-1000 — but this is a mediaplayer, so it’s easy enough for Sony to claim it doesn’t need to capture media as well.

Three models are available: the NW-Z1050 with 16GB, the NW-Z1060 with 32GB, and the NW-Z1070 with 64GB. Pricing starts at about $360 and tops out around $560 (when converting at current rates from Yen to USD).

Unlike some Android PMPs, Sony’s Walkman Z features access to the official Android Market for downloading additional apps and games. It’s also running Gingerbread, and Sony estimates about 20 hours of music playback or 5 hours for video.





The new Sony Walkman Z series will launch in Japan on December 10th — no pricing or availability outside of Sony’s home has been announced as of yet. Still, it’s nice to see the Android Walkman finally get a launch date anywhere. It’s been a long time coming.


@Atulplayer

Windows 8 Blue Screen of Death replaces crash details with a sad face

The Windows Blue Screen of Death (BSoD) has always been a screen we dread to see. It’s blue, of course, and usually filled with lots of text telling you about the crash your operating system just experienced. To 99% of people viewing it, it makes absolutely no sense and is dismissed with a mandatory reboot.


The BSoD has been included with every version of Windows I have ever owned, and I think I’ve seen it appear on every Windows system I’ve used in anger. But for Windows 8 we were expecting it to disappear, replaced by a Black Screen of Death.

With the unveiling of Windows 8 yesterday at the Build conference, that turns out not to be the case, but the BSoD has at least had a major revamp.




As you can see in the images above, the uninformative page of text has gone. Instead you get a sad face depicted in text characters followed by a message telling you your PC couldn’t handle a problem.
A reboot is going to happen at this point, but if you want to find out what caused the problem you need to write down or remember the search term it presents you with. The two search terms I have seen suggested so far are “System Service Exception” and “HAL Installation Failed.” I doubt either will return that much useful information as they are both quite generic terms.

While it’s nice not to have to look at a blue screen full of text, it’s a shame Microsoft still hasn’t found a way to refine the error reporting process further and present users with a very clear description of why Windows 8 fell down


@Atulplayer

9/03/2011 Acer, Lenovo, and Toshiba show off first Ultrabooks at IFA 2011

Ah, the Ultrabook! Intel’s made-up new market niche that combines the thin of the ‘thin and light’ group with the power of full size notebooks. Really, you could just keep calling them notebooks or laptops, but where’s the fun in that? Whatever you call them, the group represents a concerted effort by Windows laptop manufacturers to challenge the Macbook Air’s slim profile and solid performance.

At IFA 2011, Acer, Lenovo, and Toshiba have all shown off their first Ultrabook models. First up is the Acer Aspire S3 (above), which offers a 13.3″ LCD at 1366 x 768 pixels, integrated 1.3MP webcam, 802.11 b/g/n Wi-Fi, and Bluetooth 4.0. Processor options range from the Core i3 to i7, and Acer’s lower-end S3 models will feature a 320GB or 500GB hard drive — a 240GB SSD will also be available. Even at less than a half inch thick, the S3 still has room to include a standard HDMI port. Battery life on the Aspire S3 is estimated at 7 hours for SSD models, and Acer states that it can resume from sleep in about a second and a half. Prices for the Aspire S3 will start at 799€ (just over $1100).





Next up is the Lenovo IdeaPad U300s. Like the S3, it’s under a half inch thick and features a 13.3″ 1366 x 768 display. At the top end, the U300s can be configured with a Core i7 CPU, 4GB of RAM, and a 256GB SSD. There’s also a 1.3MP webcam, USB 3.0 ports, Intel WiDi and an HDMI port for video output.

Lenovo estimates up to eight hours of battery power, and the company’s RapidDrive SSD tech ensures near-10 second cold boot times. The U300s is available in the sexy clementine orange you see above as well as a more business-like graphite shade. It’ll go on sale in November at a starting price of $1,195.




Finally, we’ve got the Toshiba Portege Z830. And yes, it sports a 13.3 inch LCD at 1366 x 768 pixels and is about half an inch thick. At less than 2.5 pounds, however, Toshiba says the Z830 is the lightest 13.3″ notebook around.

Core i3, i5, and i7 processor options are available, and the Z830 packs a full array of ports: ethernet, VGA, HDMI, and two USB 2.0 and one USB 3.0. The obligatory webcam is also built in, and Toshiba estimates 8 hours of unplugged use on the U830′s 47Whr battery.

Apart from being light and packed with full-sized ports, the Z830 also feature a spill-resistant keyboard. It’s expected to hit the street at less than $1,000, but that’s as specific as Toshiba is getting at this point.

From the looks of things so far, it’s going to be tough for companies to make their Ultrabooks stand out from the crowd, but they’ll find a way — much like Android smartphone and tablet makers do. Acer’s offering high-capacity HDDs, Lenovo has ultra-fast boot times and the eye-catching orange shell, and Toshiba brings supreme portability without sacrificing hook-ups.

@AtulPlayer

8/28/2011 HP TouchPad to run Android thanks to TouchDroid

By now, there’s a massive, yet unconfirmed, number of brand new owners of the HP TouchPad tablet. As you read this, thousands of apps are being installed, the UI played with, and the device as a whole is being re-judged. Compared to other tablets in the market, the TouchPad is still a major competitor when it comes to hardware, and yet it’s only $99 right now… if you can find one. So, they will continue to fly off the shelves until there are none left and the people at HP can move on with their lives.

What happens when that “new gadget smell” wears off, though? The honeymoon effect with your new,
heavily-discounted device wears off and you’re left with a tablet that isn’t likely to get any better than it is right now unless you do something yourself. The Preware community already has a nice collection of things you can do to play with any WebOS device, but even that has its limits. So, what are you to do with that shiny new tablet? Well, eventually, you’ll be able to put Android on it.

RootzWiki, the Android-focused rooting, modding, and development forum has put together a small team dedicated towards assembling Android for the TouchPad, as well as performing the hacks necessary to shoehorn the OS on the device. The team has put forth a clear plan of attack and is documenting the process along the way using both the RootzWiki forum as well as a separate “TouchDroid” Wiki. Each of the team members purchased their own TouchPads, but also have a donation link available in case they brick one of their TouchPads, or if one needs to be the victim of a teardown for additional information.

Basically, they will attempt to put (stock) Android 2.3.5 from the Android Open Source Project on the device at first. If that succeeds, they will move in to CyanogenMod, a popular Android rom that has a full suite of tablet enhancements for large screens. When the next version of Android, Ice Cream Sandwich, becomes available, the team plans to port that to the TouchPad as well, provided Google sticks to their plan to release Source once again when that version comes out.



This attempt has garnered a mixed bag of responses from TouchPad users. There are those who would rather keep their stock WebOS experience still, though I refer you to the first paragraph for my opinion on that. There are those who welcome the Android port with open arms, and likely bought the tablet with that in mind from the beginning. While I am an Android user, I must say that I am a huge fan of the WebOS experience and have preferred it over Android for some time now.

I’m not the only one, apparently. James Kendrick recent wrote that what he would rather see happen is closer to what RIM has in store for the Playbook. Some sort of emulator to allow Android apps to run on the TouchPad, while still following the rules and multitasking principles of WebOS. I have to say, that idea excites me. I feel that solution would certainly be more elegant, and would preserve much of what we have come to appreciate from WebOS. I do know, however, that making that work is a great deal more difficult then just shoehorning Android onto the TouchPad. So while I am excited at the possibility, I will refrain from holding my breath.

Another notion that was raised was the possibility of seeing Windows 7 or Windows 8 on the tablet in the future. Essentially, if the TouchPad gets opened up for Android, the sky will be the limit for modders who want to push the limits of this device. So many things will be possible as long as there is an audience and developers interested in making the TouchPad do “all of the things.” If you have a TouchPad, keep your eyes on the RootzWiki guys, as they will most certainly be making noise about their developments regularly.


@Atul Purohit

Documentary proving Chinese military university hacking disappears

Earlier this week it was revealed that a documentary had been made that proved a Chinese military university was using software to hack dissident groups as well as US entities. The hacking was done using a compromised US-based IP address, which made the situation, and what was supposed to be a documentary bragging about Chinese military intelligence, even more problematic.

In the time since the clip was noticed it’s gotten a lot of press and it seems to have resulted in that documentary being pulled.

As of today the video–”The Internet Storm is Coming” episode of the series called Military Science and Technology–is no longer available in its original location, on the website of Chinese state-run television station, and has been disavowed by Chinese officials as the work of an “imaginative producer”. The video is still available on YouTube for those who would like to see it.

The significance of the clip is, if anything, enhanced by its removal from where it was originally posted. This is of course a catch-22 for the Chinese because if their claims about an imaginative producer are true and the video was pulled for good reason, we’d still be suspicious. That noted, given the episode’s use of a legitimate University of Alabama IP address and that fact the target was set to be a Falun Gong website, it’s unlikely that this purely a work of fiction.

For their part Chinese officials have denied this or any other story of cyberwarfare, while the US Pentagon, Google, and other groups have accused the Chinese government (or associates organizations) of hacking in the past.

The NYT noted t
hat Chinese documents have used fake footage in the past though, including footage from Top Gun as a supposed training exercise. So it’s not impossible that this could be an example of that, though the source material is not as recognizable as the 1986 hit.
via the Washington Post


@Atul purohit

8/17/2011 McAfee reveals massive, long-term international cyber attacks

www.best4hackingnews.blogspot.com

It’s worrying enough to read about security breaches that affect the consumer services many of us use online, such as those against Sony, Gawker, PBS, and a host of others earlier this year. What McAfee has revealed today goes way beyond worrying. The company’s revelations about a series of  coordinated, sustained attacks against thousands of the world’s biggest companies and government agencies — dubbed Operation Shady RAT — are simply terrifying.

According to VP of Threat Research Dmitri Alperovitch, someone, somewhere has been waging a spear phishing campaign on a massive international scale since mid-2006. Alperovitch believes that attacks have been launched against nearly every Fortune Global 2000 firm, which he groups into two categories: those who know they’ve been compromised and those who don’t.

The attacks utilized carefully crafted malicious documents that installed a backdoor once opened on a vulnerable system (hence the RAT, which stands for Remote Access Tool). Once the door was opened, attackers went to work harvesting sensitive data from (and planting additional malware on) networked systems. While many of the attacks were comparatively brief (lasting only a month or two), other were

sustained over longer periods — as long as 28 months.

By gaining access to a single command and control server, McAfee researchers were able to analyze log files that shed light on the attacks — which date back as far as 2006. U.S. federal, state, and county governments have also been targeted, as have the governments of Canada, Taiwan, Vietnam, India, and South Korea, and even NATO itself. Of the 72 entities that were able to be positively identified, 13 were defense contractors. McAfee believes that petabytes of information have been stolen over the years and contain everything from email archives to classified documents about oil exploration, weapons systems, application source code, and contracts.

Alperovitch also notes that a handful of attacks underscore suspicions that Operation Shady RAT is being coordinated by a foreign state: those against the International Olympic Committee, the Asian and Western Olympic Committees, and the World Anti-Doping Agency. These intrusions took place shortly before and after the 2008 Olympic Games in Beijing — and while Alperovitch is careful to not name names, China has had more than one accusatory finger pointed at it in the past.

If information and access are the ammunition of choice for the next major war, someone is gathering a massive stockpile and the consequences could be dire. The data harvested during the half-decade plus Shady RAT has been ongoing could be used to defeat business competitors — or even entire nations — economically.

More at McAffee and Security Week

@Atulplayer

8/12/2011 AOE Multiplayer Game Ranger Hack v4

Hey friends, I come with new version of AOE 1.0c conquerors Multiplayer hack v4 that works on Game Ranger, i have modified my old version of multiplayer hack for you and now it will work perfectly (as previous version hangs and displays error messages) , 

 

It consists of all the combo packs of Age of Empires including combo pack 1, combo pack 2 and combo pack 3 features. I have improved lots of cheats in this Age of empire hacks and make it further undetectable during the game. It works 100% on Game ranger and i am still editing it so that it will also work on voobly. I am sure you will have this hack working on voobly very soon. This trainer is awesome...just enjoy game hacks and have an extra edge over experts.

 

What's new in this version?

 

1. Update Check is Removed.

2. Hanging of Software is fixed.

3. Warning messages has been removed.

4. Customized food hacks and speed hacks has been added.

5. Customized Kills and Converts and Razes Hacks added.

6. Faster Resource collecting hacks added.

Download AOE Multiplayer Hack v4 Game Ranger

How to use the Hack on AGE OF EMPIRES II Conquerors in Game Ranger:

 

1. Start the Game ranger. Now Join any AOE II conquerors room.
 

2. While you are in room Go to the hack folder and start the Hack (Destructive v3) by double clicking on it.
 

3. Now when the Game starts (means when you in Game and selecting civilizations teams etc). Go back to Hack and click on Enable Hacks and return to game.
 

4. After game starts, the first thing to do is to select your player number. If you’re green for example, you’re player 3 (if you didn’t change color yourself). So press `(key above the TAB button) to bring up the chat dialog and press and hold Q while pressing 3, after which press `(key above the TAB button) again to activate the hack. Don’t press ENTER – you’d only be letting others know you’re doing something stupid and the hack command won’t work anyway.

http://best4hackingnews.blogspot.com/

Note:  Blah.txt contains all the hacking commands that you will enter into cheat box.
Readme.txt contains the quick Guide to use the cheat commands during the game.

I hope you all like it.... Enjoy and have fun... If you like it please comment. 

 

@Atulpurohit

How to find keylogger or any spyware in PC

Hello friends, today i will explain share with a great method to find or detect a keylogger or any other spyware in your PC or system. As we all know nowadays keyloggers and spywares are big concern as hackers are trying their best to infect the victims to hack their accounts. 

 

www.best4hackingnews.blogspot.com

 

Today i will teach you how to find a keylogger or Trojan or spyware in your PC or Laptop. 

 

There are several ways to find them but using this method you will know the exact path of the keylogger and where its saving the log file. Also once you have the keylogger server now you can reverse engineer the server and hack the hackers account password which he used in keylogger server. Lets first start with keyloggers introduction..

 

 

What is Keylogger and How it actually works?

 

Keylogger as the name suggests somethings that logs keystrokes. Yup its right, keylogger is a password hacking tool which is used to steal victims passwords, logging the keystrokes pressed by victim and also some advanced keyloggers are even used to retrieve stored confidential data. Based on internet scope keyloggers are of two types:

 

1. Physical Keylogger: These keyloggers are installed if hacker has physical access to your system. User has to install this type of keylogger manually on your PC or system. These types of keyloggers are hard to find but i will show you today how to find that also.

 

2. Remote Keylogger: Remote keyloggers are new generation keyboard hook hacking software's which does not require a physical access to the system that means they can be installed remotely. These usually comes into your PC through torrents, porn websites, hacking tools(software's like Facebook hack tool, Gmail hack tool, Hotmail hacker) and cracks, keygens and patches. As most users usually ignore these files as antivirus usually shows virus in these files. So hackers exploit this loophole and attach their keyloggers and keyboard hook programs with such things like keygens, patches, cracks and torrents etc.

Remote keyloggers logs the data into a file and send these logs to hackers FTP or his email. So friends, always try to avoid above mentioned things as far as possible.

 

How to detect or find keylogger or any spyware in your system:

 

1. Download the Forensic investigation tool OPENFILESVIEW and Install it.

 

2. Now open openfilesview and you will see a complete list of all processes and temporary files currently being used by your system or PC along with their full path from which they have been running. Here is the snapshot:

 

3. Now in above snapshot you can clearly identify the keylogger and system files. Check the Program name and then check its corresponding location in full path. Also you can verify with time at which keylogger file has  been created.

 

4. Now we have find the location of Keylogger or spyware. Go to that location and open the File with bintext or any binary debugger and search for @ or ftp in that. This will help you to get the email ID or FTP address at which keylogger is sending logs. 

@Aulplayer

8/10/2011 Phone hacking: News International mass-deleted emails, tech firm says

ww

Phone-hacking scandal: Police outside the gates of News International's headquarters. Photograph: Andy Rain/EPA

The technology firm HCL has told the home affairs select committee it was aware of the deletion of hundreds of thousands of emails at the request of News International between April 2010 and July 2011, but said it did not know of anything untoward behind the requests to delete them.

HCL has sent the letter to the home affairs select committee chairman, Keith Vaz , revealing it had been involved in nine separate episodes of email deletion.

HCL says it is not the company responsible for emails on the News International system that are older than a couple of weeks. It says another unnamed vendor is responsible, but confirms it has co-operated with this vendor in deleting material.

Through a letter from HCL's solicitors Stuart Benson, the firm says: "My client is aware of nothing which appeared abnormal, untoward or inconsistent with its contractual role." It adds: "It is entirely for News International, the police and your committee as to whether there was any other agenda or subtext when issues of deletion arose and that is a matter on which my client cannot comment and something you will no doubt wish to explore direct with News International."

It stressed that since it was not the company that stored News International's data "any suggestion or allegation that it has deleted material held on behalf of News International is without foundation".
HCL identified three sets of email deletions in April 2010, including a deletion of a public folder of a live email system that "was owned by a user who no longer needed the emails".

A further 200,000 emails stuck in an outbox were deleted in May 2010 to restore email functionality. In September 2010 a further pruning of historic emails occurred to help stabilise the email archival system, which had been having "frequent outages" since November 2009.

In January 2011 HCL was asked about its ability to truncate a particular database in the email archival systems. HCL "answered in the negative and suggested assistance from the third party vendor". HCL stated no reason as to why it was unable to assist.

In February 2011, emails were deleted in an older version of email software. Finally, in July 2011 HCL helped delete emails from the live system as relocation errors had occurred during migration from one system to the other.

HCL said it did not have the resources to review every set of deletions.
Separately, a firm of solicitors drawn into the News International phone-hacking scandal is expected to reply shortly to the home affairs select committee as to how it came to write a key letter to the newspaper group that was then used by the company to contend that phone hacking had not been widespread.
The firm, Harbottle and Lewis, is consulting the Metropolitan police before deciding how to reply to requests from the select committee to spell out how it came to write a letter taken to mean that only one reporter was aware of phone hacking at the paper.

The New York Times reported at the weekend that the letter sent by Harbottle and Lewis to the culture, media and sport select committee was redrafted more than once. The firm had been hired to review the email of the tabloid's royal reporter, Clive Goodman, who had pleaded guilty to hacking the mobile phone messages of royal household staff members. The letter said "no reasonable evidence" had been found that senior editors knew about the reporter's "illegal actions".

The home affairs select committee asked:

• "What was the exact remit given to Harbottle and Lewis when it was instructed by News International in 2007?"

• "The contents of emails and information held in the file you mentioned in your letter."

• "What advice was provided from Harbottle and Lewis to News International in 2007 following examination of the emails and information?"

• "Why the evidence you had in 2007 that was later examined by Lord McDonald in 2011 was not acted upon sooner?"


@Atulplayer

8/04/2011 Researcher demos attacks on Siemens industrial control systems

Thomas Brandstetter, a CERT program manager for Siemens, and Dillon Beresford, of NSS Labs, during Beresford's presentation on Siemens industrial control system vulnerabilities.

(Credit: Seth Rosenblatt/CNET)

LAS VEGAS--A researcher said today that he has discovered a number of vulnerabilities in programmable logic controllers (PLCs) from Siemens that are used to automate mechanical devices in utilities, power plants, and other industrial control environments and which could be remotely controlled to cause damage if connected to the Internet.

Dillon Beresford, a security researcher at NSS Labs, conducted demos of some attacks on the various Siemens Simatic Step 7 systems during his presentation at the Black Hat security conference here.

Beresford's work shows that it's possible to read and write data to a PLC memory even when password protection is enabled, retrieve sensitive information from the PLC, capture passwords, execute arbitrary commands, report false data back to the operator and lock the operator out of the PLC by changing the password, as well as completely disable the PLC, among other things, he said.

Attacks could be "wormed" and designed to spread to engineers' workstations or hop from system to system, Beresford said. "You can pretty much own everything on the automation network," he added.

In the long run, an attacker could damage equipment or make devices in the field explode or spin out of control, depending on what actions are taken, according to Beresford. "These capabilities have been used offensively before and they have caused things to explode," he said.

The problems were serious enough to prompt NERC (North American Electric Reliability Corp.) to release an alert just to utilities last night with mitigation information, but at the lowest level of alert, said Tim Roxey, director of Electric Sector Information Sharing and Analysis Center at NERC.

Separately, NERC released a public alert to warn utilities about findings of Don Bailey, senior security consultant at iSec Partners, who gave a presentation earlier in the day at Black Hat about telephony-based weaknesses related to PLCs. The vulnerabilities allowed him to unlock a car with a text message and also affect critical infrastructure environments.

These problems are worldwide. "It's not just the U.S. but around the globe," Roxey said during a news conference later in the day.

Although he focused on Siemens in his research and hardcoded passwords that create what he described as a "back door" to the PLC, attacks could be executed against systems from other vendors, Beresford said.

Part of the problem is that PLC protocols were designed without factoring in security. The protocol was intended to be open and packets are sent in plain text, he said, echoing concerns voiced by Jonathan Pollet, founder of Red Tiger Security, and Tom Parker, chief technology officer of FusionX, in their SCADA security workshop earlier in the week. "We need better access controls in PLCs," Beresford said. "That's something I believe Siemens is working on now."

Specifically, he was able to decrypt the hardcoded password in the system, which was "basisk"--which means "basic" in German--and create a command shell to dump memory in the PLC, look at the source code, execute commands, and intercept communications to and from the PLC, he said.

Such attacks are not really that difficult to pull off, with the right equipment, know-how, and ambition, he said. Experts speculated that last year's Stuxnet threat, which targeted Siemens Simatic Step 7 systems, was created by a nation-state or nation-state partners to sabotage Iran's nuclear development program. But, "single guys sitting in their basements could pull this off," he said.

Meanwhile, Beresford said that he also found what is known as an "easter egg," or hidden joke, in the Siemens code in the form of dancing monkeys and a German proverb that roughly translates to "all work and no play makes Jack a dull boy," he said, wearing a shirt with monkeys on it given to him by someone at Siemens.

Siemens is working to address the security issues that have cropped up, and ICS-CERT is working on an advisory, Beresford said.

Beresford introduced Thomas Brandstetter, a CERT program manager for Siemens, during his presentation and said of Siemens, "I give them a lot of credit for not trying to pull my talk." (Beresford canceled his talk on Siemens vulnerabilities at the last minute at a conference in May after U.S. cybersecurity and Siemens officials expressed concerns that fixes weren't ready.)

"At some point you really have to accept that there are vulnerabilities in your products, and even monkeys," Brandstetter, who was also wearing a monkey shirt, said to laughs from the audience. "Accepting this was the first step in order to be able to handle this professionally."

"What he's done is open up a can of worms that we've [researchers] known for a long time," Pollet of Red Tiger Security said in the news conference. "There's a systemic problem across all vendors around authentication for (SCADA communication) sessions."

"This type of an attack could cause regional impact on one plant or others in the regional area," and there could be cascading outages, Pollet said.

Read more: http://news.cnet.com/8301-27080_3-20087833-245/researcher-demos-attacks-on-siemens-industrial-control-systems/#ixzz1U7rPlWVi

@AtulPlayer

DefCon Kids joins adult hacker conferences

(Credit: DefCon)

LAS VEGAS--Hackers of all types will be making their annual pilgrimage to the Black Hat and DefCon security conferences this week, including children who will learn how to write ciphers, hack circuit boards, and pick locks.

This marks the first year for DefCon Kids, which targets children aged 8 to 16. The event will run alongside all of the regular DefCon security and hacking sessions and the fun events for the adults like Hacker Karaoke, Hacker Jeopardy, Mohawk-Con, and an alcoholic ice cream contest.

"DefCon is a very adult orientated conference, more of a party then your typical conference. There will be adult language, alcohol and there may be nudity," the Defcon Kids site says. "The DefCon Kids conference room will be situated in and around the adult DefCon, therefore you and your kids will be exposed to a wide assortment of people, lifestyles and philosophies. We are not trying to scare you off but please research past DefCon conferences and understand the environment that you are bringing your child into."

The presenters at DefCon Kids are respected experts in the community and the talks seem interesting, regardless of your age. One presenter, however, will be speaking to peers.

"CyFi is a 10-year-old hacker, artist, and athlete living in California," says her bio on the site. "She has spoken publicly numerous times, usually at art galleries as a member of 'The American Show,' an underground art collective based in San Francisco. CyFi's first gallery showing was when she was four. Last year she performed at the SF MOMA Museum in San Francisco. DEFCON Kids will be her first public vulnerability disclosure. CyFi has had her identity stolen twice. She really likes coffee, but her mom doesn't let her drink it."

One look at the sessions for Black Hat (which runs Wednesday and Thursday) and DefCon (which runs Friday, Saturday and Sunday) and it's clear the conferences haven't gone all soft. There are plenty of talks on mobile malware and hacking, hacking risks with medical devices and threats to automated stock trading systems. Other topics will be vulnerabilities posed by linking critical infrastructure systems to the Internet and corporate networks and security issues that arise from the use of controllers in car security systems and prisons and Web servers in heating and cooling systems and DVRs.

In his talk titled "Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers," Michael Sutton, vice president of security research at Zscaler, will explain how corporations are exposing sensitive information through photocopiers and Voice-over-IP systems that can be discovered on the Internet through public Internet Protocol addresses. Hackers can remotely retrieve digital versions of documents duplicated on a photocopier and stored voicemails in VoIP backup systems, he said, adding that he found a host of other types of appliances accessible over the Internet that shouldn't be.

"People don't realize that these devices have a Web server," Sutton told CNET in a recent interview.

Another security conference will be happening in Las Vegas this Wednesday and Thursday. The event, called BSides, was created to offer the community a chance to hear talks that weren't accepted at Black Hat (although there are a few that overlap) and at lower cost.

For those attending any of the conferences, there are some security precautions that should be considered to keep preying eyes out of your devices:

1. Disable WiFi and Bluetooth
2. Try to connect to Web sites using https and use a virtual private network
3. Use strong passwords
4. Don't leave devices unguarded
5. Be wary of the ATMs in the vicinity of the conference

More suggestions are here.

Read more: http://news.cnet.com/8301-27080_3-20086690-245/defcon-kids-joins-adult-hacker-conferences/#ixzz1U7ooJCNZ

Wireless drone sniffs Wi-Fi, Bluetooth, phone signals

caption: Mike Tassey (l) and Rich Perkins (r) describe how they retrofitted a U.S. Army surplus target drone.

(Credit: Declan McCullagh/CNET)

LAS VEGAS--Forget Wi-Fi war driving. Now it's war flying.

A pair of security engineers showed up at the Black Hat security conference here to show off a prototype that can eavesdrop on Wi-Fi, phone, and Bluetooth signals: a retrofitted U.S. Army target drone, bristling with electronic gear and an array of antennas.

"Nobody's really looking at this from a threat perspective," said Mike Tassey, a security consultant who works for the U.S. government intelligence community. "There's some pretty evil stuff you can do from the sky."

The term war driving, meaning searching for Wi-Fi networks from a moving vehicle, was coined approximately a decade ago, of course (here's a CNET article from 2002). But aerial drones can gain access to places that might be off-limits to vehicles--and, in theory, can follow a moving signal surreptitiously from above.

Their prototype Wi-Fi drone, which was brought on stage yesterday but not flown, is made of reinforced foam and can carry 20 pounds. They added landing gear, a 2.5 horsepower motor powered by lithium polymer batteries, a telemetry link, an onboard computer running Ubuntu, and a payload of wireless sniffers and network-cracking tools.

"We can identify a target by his cell phone and follow him home to where enterprise security doesn't reach," Rich Perkins, a security engineer who describes his job as "supporting the U.S. government" and co-created the drone. "We can reverse engineer someone's life."

The drone--which they dubbed WASP, for Wireless Aerial Surveillance Platform--can stay aloft for about an hour. While it's an autonomous unmanned aerial vehicle, or UAV, in flight, the initial version requires manual operator control for takeoffs and landings. (It cost them between $6,000 and $7,000 to build in a garage, they said, not counting their own time.)

Their ulterior motive, however, is to do more than describe their wireless-sniffing prototype: it was to offer a warning about how terrorists and criminals can use UAVs in ways that traditional military and law enforcement may not be expecting.

"UAVs pose a couple of unique challenges to people who are responsible for protecting things," Tassey said.

Even the modest payload of UAVs could be devastating in biological or radiological attacks. Drug smugglers--or, perhaps, pharmaceutical entrepreneurs--could carry around $400,000 in heroin through one flight across a national border. And the small size of UAVs, and virtually nonexistent presence on radar, make them a challenge to detect and shoot down.

"There's no requirement for good intentions," Perkins said.

Read more: http://news.cnet.com/8301-31921_3-20088180-281/wireless-drone-sniffs-wi-fi-bluetooth-phone-signals/#ixzz1U7lRpBqC

7/18/2011 Top Indian Hackers | Real Hackers of India

 One of the best articles that I have ever read mate. This is truly a tribute to the one who are contributing to the scene and in a very positive way unlike being stupid enough to get some tools and then start defacement!

What I really would love to see people taking inspiration from the above hackers.

There has been a lot of commotion in the Indian Hacking scene lately, and I expressed some pretty strong views regarding that. When it comes to hacking, every other guy tends to tape the "hacker" word with his name/codename without even realizing its significance. Then there is Facebook ...Have a look at it -

Seriously guys..what were they thinking ?! I am still counting the number of “Indian Cyber Army” India has and the number of groups tend to increase recycling all the content, same VIP forums, same deface techniques, zero original research.  
Then there is Ankit Fadiya...dont let me even get started...

In the end tired of all the bullshit around, I decided to cover an article on the REAL INDIAN HACKERS (or Hackers of Indian Origin), folks who are actually dedicated to security and are hackers in real sense. Lets start, shall we ?

Pranav Mistry


The famed 6th sense developer,Pranav Mistry is a research assistant and a PhD candidate at MIT Media Lab. SixthSense has recently attracted global attention. Among some of his previous work, Pranav has invented Mouseless - an invisible computer mouse; intelligent sticky notes that can be searched, located and can send reminders and messages; a pen that can draw in 3D; and a public map that can act as Google of physical world. Pranav has commercialized his invention, the sixth sense and SixthSense is now being actively used at NASA. It is rumored that Facebook tried to acquire the technology from Pranav for a reportedly $2 billion and 5% ownership of Facebook, but Pranav decided to open source it instead.



Thats what any real hacker do. Hats Off to him.

Koushik Dutta or “Koush”

“Set Your Phone Free..”

Rings a bell ? Koushik Dutta or “Koush” is responsible for Clockworkmod recovery and Rom Manager for Android rooting and the core member of famed UnrEVOked team. He has been a .net developer from heart and had his internship initially at Microsoft and is a former MVP. He decided to leave Microsoft and hack Android cellphones like there was no tomorrow. Sony approached him after geohot humped them like anything but he politely declined .


Bravo for his efforts, we are able to root painlessly using UnREVOked.
Now only if UnrEVOked can release UnrEVOked 3.33 soon :)

Vivek Ramchandran


Vivek Ramachandran has been working in the computer and network security domain, in some form or the other, for the past 7 years and has worked with Industry giants like Reliance, Cisco, Microsoft. He was among the Top 10 Indian finalists in the Microsoft shootout competition among the list of 65000 participants. Then he decided to join Airtight Networks and there discovered Caffe Latte attack attack along with his colleague MD Sohail Ahmad from Airtight Networks ,the wifi hacking technique that doesn't required you to be in active vicinity of the wifi zone. 

That said, he is one of the researcher to lookout.

Almost everybody at NULL Security Community & Garage4hackers
I said it before and I will say it again, the Only active Indian hacking community is NULL community, and the best Indian Hacking Forum where real hackers meet is garage4hackers.com hands on.


Shoutz to garage crew :)

Folks at Indian Honeynet Chapter
Now we are talking..Indian Honeynet chapter is the collaborative effort of the best geeks and hackers .The focus of honeypot is on Worms and Botnets and developing an Open Source tool to study and counter brute force attacks/ phishing through wifi. Its also being setup as potential web-app honeypot,and aims on improving detection and forensic techniques.  Heading the ship are L Shriram, K K Mookhey, Amit Chugh, Asim Jakhar and a lot of professionals who are dedicated in the field of computer security.


Hari Prasad

The famed security researcher Hari Prasad is the winner of EFF Pioneer award, as he along with Alex Halderman, and Rop Gonggrijp were able to study an electronic voting machine (EVM) and found significant vulnerabilities that would not be difficult to execute. For his troubles, Prasad was arrested and jailed in August, held without bail in Mumbai for a week. Though he is now out on bail and in the United States, he still faces criminal prosecution for alleged theft of the EVM and other charges.

The genius of the Indian system is that instead of making machines tamper proof and more efficient, they arrested him.

According to the Indian news agency PTI, the magistrate who released Prasad on bail noted that "no offence was disclosed with Hari Prasad's arrest and even if it was assumed that [the electronic voting machine] was stolen it appears that there was no dishonest intention on his part...he was trying to show how [electronic voting] machines can be tampered with."

Jayant Krishnamurthy



Jayant Krishnamurthy is a Ph.D. candidate in Computer Science, CMU and his interests include are machine learning, machine reading, common sense reasoning, information extraction, knowledge representation, and their applications in AI and NLP ( shamelessly taken from his website). He is one of the researchers who are behind designing MD6 algorithm (yeah you heard it right, the evolution of MD5). He is a top level computer theorist and researcher and is a real life hacker. He teaches computer and network security and you must ahve a look at the problems and solutions at the given link.

For the lighter side,you can have a look at the funny flash movie based on his real life experiences at high school.


I guess, you now have an actual idea of the Indian hackers now :) These guys are real and are deemed worthy of having the hacker emblem with them.

      

source:-http://www.theprohack.com

@Atulplayer