Sunday, December 26, 2010

Penetration Testing Add-ons for Firefox

Sunday, December 26, 2010 h4ckfreak No comments

In this post, I just wanted to enumerate a few Firefox add-ons that I thought were very useful in conducting penetration tests. I’d be really interested to hear what Firefox extensions other people are using for pen testing. So here it goes!
AddnEdit Cookies: This add-on allows you to easily add, delete and edit cookies in your browser. (http://addneditcookies.mozdev.org/) Unfortunately, the latest version does not support the newer Firefox 3, until the maintainer updates the package, I’ve edited the latest XPI to work with the latest versions of Firefox. A copy of it can be found here.
DT Whois – Allows quick domaintools.com lookups for the page you are looking at (http://www.beysim.net/dtwhois/)
Firebug – Allows you to read, debug and locally tweak HTML, Javascript and CSS right in Firefox (http://getfirebug.com/)
HackBar – The toolbar that tries to do it all! (http://devels-playground.blogspot.com/)
Leet Key – an add on that makes it trivial to convert text in various formats back and forth. For example, URL Encode, Base64, Hex and even morse code. |\|347! (http://leetkey.mozdev.org/)
Live HTTP Headers – Allows you to watch, edit and replay HTTP requests (http://livehttpheaders.mozdev.org/)
SQL Inject Me, XSS Me, Access Me - Those are 3 separate add-ons from Seccom Labs that try to make it easy to test Sql Injection, XSS vulnerabilities and Access vulnerabilities. (http://labs.securitycompass.com/index.php/exploit-me/)
SwitchProxy Tool – If you find yourself switching from no proxy, to burp proxy to paros proxy, etc a lot then you will enjoy switch proxy. It will allow you to switch proxy settings with just a few clicks! (http://mozmonkey.com/switchproxy/)
Tamper Data – It will allow you to selectively intercept HTTP and HTTPS traffic and tamper with the requests via it’s nice user interface. It will let you tamper with http headers, post and get requests. (http://tamperdata.mozdev.org/)
Torbutton – If you need to hide behind Tor, it can be only a click away with Torbutton (https://www.torproject.org/torbutton/)
User Agent Switcher - Need to change your user-agent string in a jiffy? Want to look like a robot? User Agent Switcher is here for that! (http://chrispederick.com/work/user-agent-switcher/)
exploit-db Search – Lets you search the exploit-db database right in the firefox search box (https://addons.mozilla.org/en-US/firefox/addon/50241)
SecurityWire Search – Lets you search the top security sites on the web right in the Firefox search box. All sites in the index have been handpicked by the SecurityWire Team. (https://addons.mozilla.org/en-US/firefox/addon/58686)
For a listing and easy installation of all these on the mozilla ad-ons site. simply follow this link: https://addons.mozilla.org/en-US/firefox/collection/pentesterstools
Hope you enjoy the add-ons, next post will be about general security add-ons for Firefox.

For More Search in Firefox Site underr "web app security and pen testing"

Leaked U.S. document links China to Google attack

Monday, November 29, 2010 h4ckfreak No comments

Leaked U.S. document links China to Google attack

The information came from the latest WikiLeaks release

The cache of more than 250,000 U.S. Department of State cables that WikiLeaks began releasing on Sunday includes a document linking China's Politburo to the December 2009 hack of Google's computer systems.

The U.S. Embassy in Beijing was told by an unidentified Chinese contact that China's Politburo "directed the intrusion into Google's computer systems," the New York Times reported Sunday, citing a single leaked State Department cable.
"The Google hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and Internet outlaws recruited by the Chinese government. They have broken into American government computers and those of Western allies, the Dalai Lama and American businesses since 2002, cables said," the Times reported.
The cable is another piece of evidence, albeit thinly sourced, linking China to the Google attack. Wikileaks is gradually releasing this latest set of cables, and the document in question was not available on WikiLeaks' Web site at press time. The Times, along with a handful of other newspapers, was given early access to the documents.
Security experts have linked the attacks to servers at a university used by the Chinese military, and both Google and the State Department implied that they thought China was behind the attacks when they were first disclosed in January, but nobody has produced conclusive proof that they were state-sponsored.
Google was one of more than 30 companies targeted in the attacks, known as Aurora. Google said the primary goal of the hackers was to access the Gmail accounts of human rights activists, and that the attack apparently failed.
Within hours of Google acknowledging the Aurora attacks, the State Department issued a statement, saying the attacks were serious and asking the Chinese government for an explanation.
The state documents are the latest blockbuster disclosure to come from the document-leaking organization. Earlier this year, WikiLeaks came under fire from U.S. authorities after releasing hundreds of thousands of military documents relating to the U.S. wars in Afghanistan and Iraq.
Wikileaks and State Department representatives could not be reached immediately for comment Sunday. Earlier this year, the State Department said that it regrets, "all of the activities that WikiLeaks has done, past, present, and future."

Avril Lavigne - Live from The Roxy Theater (2007) 1080p HDTV

Monday, November 29, 2010 h4ckfreak No comments

Avril Lavigne - Live from The Roxy Theater (2007) 1080p HDTV

Avril Lavigne - Live from The Roxy Theater (2007) 1080p HDTV
HDTV | MPG2 1920x1080 29.97fps 38.810 Mbps | Dolby AC3 48000Hz 384 Kbps | 3.94 GB
Genre: Music Video, Pop, Rock, Pop Rock

Avril Ramona Lavigne (pronounced /ˈжvrɨl ləˈviːn/; born 27 September 1984) is a Canadian singer-songwriter, fashion designer, and actress. She was born in Belleville, Ontario, but spent the majority of her youth in the small town, Napanee, Ontario. By the age of 15, she had appeared on stage with Shania Twain, and by 16, Lavigne had signed a recording contract with Arista, now RCA Records. Record executive Antonio "L.A." Reid offered her a two-album deal worth more than $2 million. When she was 17 years old, Lavigne broke onto the music scene with her debut album, Let Go, released in 2002.

Avril Lavigne - Live from The Roxy Theater (2007):

Sk8erBoi, Girlfriend 11:20
Innocence, Don'tTellMe 07:41
Tomorrow, Hot 08:06
Complicated 05:19
Adia 05:20
Keep Holding On 05:10
Preview 00:30

More information

http://en.wikipedia.org/wiki/Avril_Lavigne

Enjoy wih Us.>>!

Eminem: Live From New York City (2005) 720p BDRip

Monday, November 29, 2010 h4ckfreak No comments

Eminem: Live From New York City (2005) 720p BDRip

Eminem: Live From New York City (2005) 720p BDRip
Video: MKV 1280x720 at 29.970 fps, x264@L4.1, DXVA, 2pass, ~8200 kbps avg
Audio#1: English: 48 kHz, DTS, 3/2 (L,C,R,l,r) + LFE ch, ~1536.00 kbps avg
Audio#2: English: 48 kHz/16-bit, LPCM 2.0, ~1536.00 kbps avg
Audio#3: English: 48 kHz, AC3, 3/2 (L,C,R,l,r) + LFE ch, ~640.00 kbps avg
Genre: Music Video, Hip hop, Rap | Size: 6.55 GB

Filmed at Madison Square Garden in 2005, this spectacular show captures the full Eminem live experience. With guest appearances from D12, Obie Trice and Stat Quo, the concert features all Eminem's classic hits including Just Lose It, Cleaning Out My Closet, The Way I Am, Stan, Lose Yourself and many more.

Track list:

01. Evil Deeds
02. Mosh
03. Business
04. Rain Man
05. Ass Like That
06. Puke
07. Kill You
08. Like Toy Soldiers
09. Lodi Dodi
10. Just A Friend
11. Nuthin But A G Thing
12. My Name Is
13. Git Up (with D12)
14. How Come (with D12)
15. Rock Star (Bizarre)
16. 40oz (with D12)
17. My Band (with D12)
18. Stan
19. The Way I Am
20. Just Don't Give A F**k
21. Got Some Teeth (Obie Trice and Eminem)
22. Stay 'Bout It (Obie Trice and Stat Quo)
23. The Set Up (Obie Trice and Stat Quo)
24. Like Dat (Stat Quo and Obie Trice)
25. Cleaning Out My Closet
26. Mockingbird
27. Just Lose It
28. Lose Yourself

More information

http://www.imdb.com/title/tt0495688/

Download Hotfile.Com
http://hotfile.com/dl/43952012/1a6a225/ELFNYC2005.part01.rar http://hotfile.com/dl/43952020/432b500/ELFNYC2005.part02.rar http://hotfile.com/dl/43952021/b3cffb5/ELFNYC2005.part03.rar http://hotfile.com/dl/43952048/f91b439/ELFNYC2005.part04.rar http://hotfile.com/dl/43952133/170500a/ELFNYC2005.part05.rar http://hotfile.com/dl/43952205/b914950/ELFNYC2005.part06.rar http://hotfile.com/dl/43952273/350b5c8/ELFNYC2005.part07.rar http://hotfile.com/dl/43952371/7838e7f/ELFNYC2005.part08.rar http://hotfile.com/dl/43952376/6332d9b/ELFNYC2005.part09.rar http://hotfile.com/dl/43952386/2e4775e/ELFNYC2005.part10.rar http://hotfile.com/dl/43952493/f2be580/ELFNYC2005.part11.rar http://hotfile.com/dl/43952515/bec8683/ELFNYC2005.part12.rar http://hotfile.com/dl/43952546/e1dc236/ELFNYC2005.part13.rar http://hotfile.com/dl/43952588/6317bf3/ELFNYC2005.part14.rar http://hotfile.com/dl/43952699/e10933f/ELFNYC2005.part15.rar http://hotfile.com/dl/43952756/d3279c0/ELFNYC2005.part16.rar http://hotfile.com/dl/43952828/e0e851c/ELFNYC2005.part17.rar http://hotfile.com/dl/43952926/f7b2d8c/ELFNYC2005.part18.rar http://hotfile.com/dl/43952940/bc08352/ELFNYC2005.part19.rar http://hotfile.com/dl/43952945/799f16e/ELFNYC2005.part20.rar http://hotfile.com/dl/43953070/2d5b162/ELFNYC2005.part21.rar http://hotfile.com/dl/43953085/f4da34a/ELFNYC2005.part22.rar http://hotfile.com/dl/43953087/f194ece/ELFNYC2005.part23.rar http://hotfile.com/dl/43953144/053eed3/ELFNYC2005.part24.rar http://hotfile.com/dl/43953283/981dd13/ELFNYC2005.part25.rar http://hotfile.com/dl/43953396/daf583a/ELFNYC2005.part26.rar http://hotfile.com/dl/43953400/2932bef/ELFNYC2005.part27.rar http://hotfile.com/dl/43953526/86dd1dc/ELFNYC2005.part28.rar http://hotfile.com/dl/43953536/473b15a/ELFNYC2005.part29.rar http://hotfile.com/dl/43953538/eaa5348/ELFNYC2005.part30.rar http://hotfile.com/dl/43953769/093cf9f/ELFNYC2005.part31.rar http://hotfile.com/dl/43953788/6443e6f/ELFNYC2005.part32.rar http://hotfile.com/dl/43953798/9cb3bdd/ELFNYC2005.part33.rar http://hotfile.com/dl/43953844/bae2355/ELFNYC2005.part34.rar
Download Rapidshare.Com
http://rapidshare.com/files/389899035/ELFNYC2005.part01.rar
http://rapidshare.com/files/389899074/ELFNYC2005.part02.rar
http://rapidshare.com/files/389898784/ELFNYC2005.part03.rar
http://rapidshare.com/files/389899151/ELFNYC2005.part04.rar
http://rapidshare.com/files/389898882/ELFNYC2005.part05.rar
http://rapidshare.com/files/389899122/ELFNYC2005.part06.rar
http://rapidshare.com/files/389899235/ELFNYC2005.part07.rar
http://rapidshare.com/files/389899491/ELFNYC2005.part08.rar
http://rapidshare.com/files/389899416/ELFNYC2005.part09.rar
http://rapidshare.com/files/389899266/ELFNYC2005.part10.rar
http://rapidshare.com/files/389899765/ELFNYC2005.part11.rar
http://rapidshare.com/files/389899727/ELFNYC2005.part12.rar
http://rapidshare.com/files/389899782/ELFNYC2005.part13.rar
http://rapidshare.com/files/389900291/ELFNYC2005.part14.rar
http://rapidshare.com/files/389900158/ELFNYC2005.part15.rar
http://rapidshare.com/files/389900161/ELFNYC2005.part16.rar
http://rapidshare.com/files/389899974/ELFNYC2005.part17.rar
http://rapidshare.com/files/389900749/ELFNYC2005.part18.rar
http://rapidshare.com/files/389900527/ELFNYC2005.part19.rar
http://rapidshare.com/files/389901283/ELFNYC2005.part20.rar
http://rapidshare.com/files/389901315/ELFNYC2005.part21.rar
http://rapidshare.com/files/389901848/ELFNYC2005.part22.rar
http://rapidshare.com/files/389901980/ELFNYC2005.part23.rar
http://rapidshare.com/files/389901863/ELFNYC2005.part24.rar
http://rapidshare.com/files/389902003/ELFNYC2005.part25.rar
http://rapidshare.com/files/389902075/ELFNYC2005.part26.rar
http://rapidshare.com/files/389902020/ELFNYC2005.part27.rar
http://rapidshare.com/files/389902066/ELFNYC2005.part28.rar
http://rapidshare.com/files/389902233/ELFNYC2005.part29.rar
http://rapidshare.com/files/389902361/ELFNYC2005.part30.rar
http://rapidshare.com/files/389902296/ELFNYC2005.part31.rar
http://rapidshare.com/files/389902596/ELFNYC2005.part32.rar
http://rapidshare.com/files/389902573/ELFNYC2005.part33.rar
http://rapidshare.com/files/389902292/ELFNYC2005.part34.rar

Biography Bill Gates

Monday, November 29, 2010 h4ckfreak No comments

Biography Bill Gates

Biography Bill Gates 2009 DVDRip XviD – RiPPERS – 350M
Language: Englis
Release Date: 1
Video: MPEG-4 XviD 512×384 25Fp
Audio: MP3 128Kbps 2Channel
Size: 350M
Runtime: 00:43:3
William (Bill) H. Gates is chairman of Microsoft Corporation, the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Microsoft had revenues of US$51.12 billion for the fiscal year ending June 2007, and employs more than 78,000 people in 105 countries and regions.
On June 15, 2006, Microsoft announced that effective July 2008 Gates will transition out of a day-to-day role in the company to spend more time on his global health and education work at the Bill & Melinda Gates Foundation. After July 2008 Gates will continue to serve as Microsoft’s chairman and an advisor on key development projects. The two-year transition process is to ensure that there is a smooth and orderly transfer of Gates’ daily responsibilities. Effective June 2006, Ray Ozzie has assumed Gates’ previous title as chief software architect and is working side by side with Gates on all technical architecture and product oversight responsibilities at Microsoft. Craig Mundie has assumed the new title of chief research and strategy officer at Microsoft and is working closely with Gates to assume his responsibility for the company’s research and incubation efforts.
Born on Oct. 28, 1955, Gates grew up in Seattle with his two sisters. Their father, William H. Gates II, is a Seattle attorney. Their late mother, Mary Gates, was a schoolteacher, University of Washington regent, and chairwoman of United Way International.
Gates attended public elementary school and the private Lakeside School. There, he discovered his interest in software and began programming computers at age 13.
In 1973, Gates entered Harvard University as a freshman, where he lived down the hall from Steve Ballmer, now Microsoft’s chief executive officer. While at Harvard, Gates developed a version of the programming language BASIC for the first microcomputer – the MITS Altair.
In his junior year, Gates left Harvard to devote his energies to Microsoft, a company he had begun in 1975 with his childhood friend Paul Allen. Guided by a belief that the computer would be a valuable tool on every office desktop and in every home, they began developing software for personal computers. Gates’ foresight and his vision for personal computing have been central to the success of Microsoft and the software industry.
Under Gates’ leadership, Microsoft’s mission has been to continually advance and improve software technology, and to make it easier, more cost-effective and more enjoyable for people to use computers. The company is committed to a long-term view, reflected in its investment of approximately $7.1 billion on research and development in the 2007 fiscal year.
In 1999, Gates wrote Business @ the Speed of Thought, a book that shows how computer technology can solve business problems in fundamentally new ways. The book was published in 25 languages and is available in more than 60 countries. Business @ the Speed of Thought has received wide critical acclaim, and was listed on the best-seller lists of the New York Times, USA Today, the Wall Street Journal and Amazon.com. Gates’ previous book, The Road Ahead, published in 1995, held the No. 1 spot on the New York Times’ bestseller list for seven weeks.
Top row: Steve Wood (left), Bob Wallace, Jim Lane. Middle row: Bob O’Rear, Bob Greenberg, Marc McDonald, Gordon Letwin. Bottom row: Bill Gates, Andrea Lewis, Marla Wood, Paul Allen. December 7, 1978.
Top row: Steve Wood (left), Bob Wallace, Jim Lane. Middle row: Bob O’Rear, Bob Greenberg, Marc McDonald, Gordon Letwin. Bottom row: Bill Gates, Andrea Lewis, Marla Wood, Paul Allen. December 7, 1978.
Gates has donated the proceeds of both books to non-profit organizations that support the use of technology in education and skills development.
In addition to his love of computers and software, Gates founded Corbis, which is developing one of the world’s largest resources of visual information – a comprehensive digital archive of art and photography from public and private collections around the globe. He is also a member of the board of directors of Berkshire Hathaway Inc., which invests in companies engaged in diverse business activities.
Philanthropy is also important to Gates. He and his wife, Melinda, have endowed a foundation with more than $28.8 billion (as of January 2005) to support philanthropic initiatives in the areas of global health and learning, with the hope that in the 21st century, advances in these critical areas will be available for all people. The Bill and Melinda Gates Foundation has committed more than $3.6 billion to organizations working in global health; more than $2 billion to improve learning opportunities, including the Gates Library Initiative to bring computers, Internet Access and training to public libraries in low-income communities in the United States and Canada; more than $477 million to community projects in the Pacific Northwest; and more than $488 million to special projects and annual giving campaigns.
Gates was married on Jan. 1, 1994, to Melinda French Gates. They have three children. Gates is an avid reader, and enjoys playing golf and bridge.
Some unknown facts
- He has an IQ of 160
- He dropped out (DO) of Harvard University in 1975
- His company, Microsoft, went public on 28 October 1985, his 30th birthday.
- He Became a billionaire (US dollars) at age 31, making him the youngest self-made billionaire in history.
- He has been the richest man in the world consistently every year since 1998.
- As of 2005, his personal fortune was in excess of $46 billion.
- He was diagnosed with Asperger’s Syndrome.
Download
http://hotfile.com/dl/33358353/9538718/bg-RiPPERS.part1.rar_shytex.com.html
http://hotfile.com/dl/33358378/7c5701b/bg-RiPPERS.part2.rar_shytex.com.html
http://hotfile.com/dl/33358408/591536d/bg-RiPPERS.part3.rar_shytex.com.html
http://hotfile.com/dl/33358426/7569ecd/bg-RiPPERS.part4.rar_shytex.com.html

Password default : Top2Read.info

Improving Firefox

Monday, November 29, 2010 h4ckfreak No comments

Improving Firefox

FireFox is a full-featured rich and fast alternative to Microsoft Internet Explorer. It is also highly customizable and can greatly improve your browsing experience to indulge in a few modifications. The following tweaks are described to the best of my ability, taken from a number of documents, my and my own hacking of the browser to come up with an aggregated list of enhancements.

Speed up FireFox:

the hard way

Step 1: go download Fasterfox
Step 2: install it, shut down your browser, and re-open it.
Step 3 (optional): uninstall it by going to Tools -> Extensions -> Fasterfox and highlight it and delete it.
Step 4 (optional): shut down your browser and re-open it.

the downsides to these speed enhancements

Reduce what JavaScript can do in Firefox:

Go to Tools -> Options -> Web Features
Click "Advanced"
Uncheck "Move or resize existing windows"
Uncheck "Raise or lower windows"
Uncheck "Disable or replace context menus"
Uncheck "Hide the status bar"
Uncheck "Change status bar text"

Get rid of unwanted search engines:

Step 1: browse to your Firefox searchplugins directory. Mine was located in C:\Program Files\Mozilla Firefox\searchplugins
Step 2: find the search engine you want to remove and remove both of the files associated with it. IE: google.gif and google.src
Step 3: shut down your browser and restart it and they will be gone.

Pornzilla bookmarklets:

Pornzilla

Step 1: zoom images in, zoom images out These allow you to increase and decrease the size of images, which is often useful when you are having a hard time seeing something.
Step 2: linked images this is highly useful when you know you want to look at every picture that is linked from a page (where you have to click to view it) but don't want to manually click on each link. This spawns a new window.
Step 4: increment and decrement these allow you to navigate up and down html files or images that have a number in them without going back and clicking on each one by hand. This is a big time saver.
Step 5: numbered list This creates a list of all pages that have a number in them in a directory. After creating the new page you can use the linked images bookmarklet to further speed up the time it takes to review the images.
Step 6: Yahoo site search this can be useful when you want to find more things on a site but there are no obvious links to it. Let the search engines do the work for you.

Adblock:

Step 1: Go to Adblock
Step 2: Install it and shut down your browser and restart it
Step 3: Go to Tools -> Extensions -> highlight Adblock and click Options -> Adblock Options. Then unselect Obj-Tabs. This is important or it will cause certain macromedia files to die.

Windows hosts file:

Step 1: browse to your hosts file. Mine was located in: C:\WINDOWS\system32\drivers\etc\hosts
Step 2: open the file using notepad Step 3: go to my hosts file and copy the contents and paste them over what you have in there currently. If you have already modified your current hosts file before make sure not to overwrite any changes you made.
Step 3: edit the document to change whatever host you want to point to localhost which will make it fail to render. Save and quit.

Stop Animated Gifs:

In the URL bar, type in "about:config"
In the filter bar type "anim"
Double click on image.animation_mode and in the window that pops up change the setting from "normal" to either "none" or "once".

Stop blink:

In the URL bar, type in "about:config"
In the filter bar type "blink"
Double click on browser.blink_allowed so it is set to "false".

Modify your default search:

In the URL bar, type in "about:config"
In the filter bar type "defaulturl"
Change the value there to take whatever search engine with whichever parameters you want.

Auto Copy:

Step 1: Go to Auto Copy
Step 2: Install it and shut down your browser and restart it
Step 3: Click on the checkbox on the lower right hand corner and make sure that "Enable in text boxes" is unselected. This can have undesirable results when you are trying to highlight something to paste over it where it will copy the information you just highlighted and paste them back over itself having no net effect.

IE View:

Step 1: Go to IE View
Step 2: Install it and shut down your browser and restart it
Step 3: When you get to a site that doesn't work in Firefox, right click and open in IE.

Greasemonkey:

Step 1: Go to Greasemonkey
Step 2: Install it and shut down your browser and restart it
Step 3: Go to Hide iframes
Step 4: Go to Tools -> Install this user script

Customize Google:

Step 1: Go to CustomizeGoogle
Step 2: Install it and shut down your browser and restart it
Step 3: Go to Tools -> Extensions -> highlight CustomeGoogle and click on Options
Step 4: Go through each tab and click on Remove ads.

http://images.google.com

DDoS Attacks and Torrent Sites

Monday, November 29, 2010 h4ckfreak No comments

DDoS Attacks and Torrent Sites

If anyone has been following the recent news about anti-piracy companies trying to take torrent sites offline by DDoSing them, then you’ll know that this was a bad idea from the start, if not here’s a brief recap.
Aiplex Software is a company that has been trying to take down torrent sites for a while now. As they weren’t getting anywhere, they decided to take on a new approach, and DDoS the torrent sites instead. It was suspected that this was the case for a while, but then to save everyone the effort, the nice guys over at Aiplex Software openly admitted that they were doing it, big mistake!

As the Internet is a wonderful medium for communication, there was a scheduled DDoS attack against Aiplex Software which took their site offline for a fair amount of time, until all the attackers then decided that moving onto the MPAA website was a better idea. The MPAA was forced to move it’s site to a new IP address after being down for 18 hours.

An attack was launched against the RIAA in the same manner, and knocked the web site of the Internet for a good few hours.

All this was done via various means of communication, using the tool LOIC (Low Orbit Ion Cannons) and a bunch of anonymous supporters that weren’t afraid to stand up for what they believed in.

Whether these attacks were right or wrong is purely a matter of opinion, but more to the point is the amount of damage that can be done.

In the past, if people wanted to protest, they would all gather in groups with placards and march around yelling various slogans, this usually happened outside the offending parties premises. If it got out of hand, the police would be called in to disperse the crowd, and everything was back to normal. However now in the age of the Internet, people are free to participate from the comfort of their own homes, just by downloading a program, typing in an IP address or hostname and clicking “Attack”. These people won’t be traced if the attack is coordinated properly, as it’s next to impossible to trace where all the packets are coming from if you have a large amount of people doing this at the same time. Even if people were traced, there is always the “Botnet defense” (My PC must have been infected by something and become part of a botnet, I ran my anti-virus program and removed some things, and now it all seems fine).

As security professionals we need to look at this as the shape of things to come, what if an online retailer annoyed a few of it’s customers, or if an online gambling or finance site was just “asking for it”. All it takes is the right form of communication and a few thousand people, and poof, the site is off the Internet if it doesn’t have the correct protection mechanisms in place.

As security professionals, do you do your best to protect your companies online assets from DDoS attacks? Or are you mainly concentrating on making sure the web sites are coded securely, that the web servers have been hardened and patched up to date…

I’m really interested to hear everyone’s comments on this one, so please leave them below.

Cookie Poisoningla

Monday, November 29, 2010 h4ckfreak No comments

Subjected to Defend Hackers

Cookie Poisoning

Guys ..today we gonnna discuss about Web Application Security..!!

As I think u people Would Kno The Diff between Web n Network Security..

Cookie Poisoning attacks involve the modification of the contents of a cookie (personal information stored in a Web user's computer) in order to bypass security mechanisms. Using cookie poisoning attacks, attackers can gain unauthorized information about another user and steal their identity.

Details

Many Web applications use cookies to save information (user IDs, passwords, account numbers, time stamps, etc.). The cookies stored on a user's hard drive maintain information that allows the applications to authenticate the user identity, speed up transactions, monitor behavior, and personalize content presented to the user based on identity and preferences. For example, when a user logs into a Web site that requires authentication, a login CGI validates his username and password and sets a cookie with a numerical identifier in the user's browser. When the user browses to another page, another CGI (say, preferences.asp) retrieves the cookie and displays personalized content according to the values contained in the cookie.

Cookie poisoning is in fact a Parameter Tampering attack, where the parameters are stored in a cookie. In many cases cookie poisoning is more useful than other Parameter Tampering attacks because programmers store sensitive information in the allegedly invisible cookie. For example, consider the following request:

GET /store/buy.asp?checkout=yes HTTP/1.0 Host: www.onlineshop.com

Accept: */* Referrer: http://www.onlineshop.com/showprods.asp

Cookie: SESSIONID=570321ASDD23SA2321; BasketSize=3; Item1=2892;

Item2=3210; Item3=9942; TotalPrice=16044;

Add Yield Manager (DefendHackers)

In this example, the dynamic page requested by the browser is called buy.asp and the browser sends the parameter checkout to the Web server with a yes value, indicating that the user wants to finalize his purchase. The request includes a cookie that contains the following parameters: SESSIONID, which is a unique identification string that associates the user with the site, BasketSize (how many items are in the purchase), the price of each item and the TotalPrice. When executed by the Web server, buy.asp retrieves the cookie from the user, analyzes the cookie's parameters and charges the user account according to the TotalPrice parameter. An attacker can change, for example, the TotalPrice parameter in order to get a "special discount".

Since programmers rely on cookies as a location for storing parameters, all parameter attacks including SQL Injection, Cross-Site Scripting, and Buffer Overflow can be executed using cookie poisoning.

Prevention

Detection of cookie poisoning attacks involves compound HTTP statefulness. The intrusion prevention product must trace down cookies "set" commands issued by the Web server. For each set command the product should store important information such as the cookie name, the cookie value, the IP address and the session to which that cookie was assigned as well as the time it was assigned. Next the product needs to intercept each HTTP request sent to the Web server, retrieve the cookie information out of it and check it against all stored cookies. If the attacker changes the content of a cookie the product should be able to identify that using the information it stores on the specific user. The product must trace application-level sessions and not just IP addresses in order to provide accurate results.

A Scenario From Use Case Model Tool(Defend Hackers)

Intrusion Detection and Prevention Systems which are not Web application oriented simply do not provide this functionality.

Researchers Working Around this flaw and Often Tools are available Google it ..!!

Like It..Drop Comments..!!

ATM A COMPLETE GUIDE

Thursday, August 05, 2010 h4ckfreak No comments

   ATM
(Asynchronous Transfer Mode) A network technology for both local and wide area networks (LANs and WANs) that supports realtime voice and video as well as data. The topology uses switches that establish a logical circuit from end to end, which guarantees quality of service (QoS). However, unlike telephone switches that dedicate circuits end to end, unused bandwidth in ATM's logical circuits can be appropriated when needed. For example, idle bandwidth in a videoconference circuit can be used to transfer data.
ATM is widely used as a backbone technology in carrier networks and large enterprises, but never became popular as a local network (LAN) topology (see below). ATM is highly scalable and supports transmission speeds of 1.5, 25, 100, 155, 622, 2488 and 9953 Mbps ). ATM is also running as slow as 9.6 Kbps between ships at sea. An ATM switch can be added into the middle of a switch fabric to enhance total capacity, and the new switch is automatically updated using ATM's PNNI routing protocol.
    Cell Switching

ATM works by transmitting all traffic as fixed-length, 53-byte cells. This fixed unit allows very fast switches to be built, because it is much faster to process a known packet size than to figure out the start and end of variable length packets. The small ATM packet also ensures that voice and video can be inserted into the stream often enough for realtime transmission.
ATM works at layer 2 of the OSI model and typically uses SONET (OC-3, OC-12, etc.) for framing and error correction out over the wire. ATM switches convert cells to SONET frames and frames to cells at the port interface.
    Quality of Service (QoS)

The ability to specify a quality of service is one of ATM's most important features, allowing voice and video to be transmitted smoothly. The following levels of service are available:
Constant Bit Rate (CBR) guarantees bandwidth for realtime voice and video.
Realtime variable Bit Rate (rt-VBR) supports interactive multimedia that requires minimal delays, and non-realtime variable bit rate (nrt-VBR) is used for bursty transaction traffic.
Available Bit Rate (ABR) adjusts bandwidth according to congestion levels for LAN traffic.
Unspecified Bit Rate (UBR) provides a best effort for non-critical data such as file transfers.
     MPOA and LANE

MPOA (Multiprotocol Over ATM) is used to route protocols such as TCP/IP and IPX while preserving ATM quality of service. LANE (LAN Emulation) is used to interconnect Ethernet and Token Ring LANs by encapsulating their frames in LANE packets and converting them into ATM cells. MPOA route servers or traditional routers are used to internetwork LAN segments. .
    History of ATM

When ATM came on the scene in the early 1990s, it was thought to be the beginning of a new era in networking, because it was both a LAN and WAN technology that could start at the desktop and go straight through to the remote office. Its ability to provide quality of service from end to end was highly praised as the perfect multimedia transport. In addition, ATM came from the telephone world, which had always delivered the highest quality communications.
    It Never Happened

ATM never became the magic end-to-end solution. ATM adapters for the desktop were expensive, and standards for interconnecting existing networks to an ATM backbone were confusing and often delayed. When Gigabit Ethernet was announced, providing a 10-fold increase in speed and using a familiar technology, ATM's demise in the LAN arena was assured.
    A Carrier's Transport

ATM succeeded in the carriers' networks, being deployed by major telephone companies and ISPs and sizable private enterprises. It was always installed for mission critical backbones because of its quality of service (QoS).

ATM in the Enterprise

This shows how ATM is used as a network backbone or "switch fabric" within the enterprise. The edge device is an Ethernet workgroup switch with a high-speed ATM link. It converts LAN packets into ATM cells and vice versa.

ATM in the Internet

ATM is widely used by large carriers and ISPs. It serves as the backbone between points of presence (POPs), and it is also used at the NAP and MAE interconnecting points.

Where ATM Fits In

ATM performs its functions at layer 2 of the OSI model and converts its cells into SONET frames (OC-3, OC-12, etc.) or T-carrier frames (DS1, DS3) to go out over the wire.

ATM Switch

ATM switches such as this are used in large networks, including Internet backbones. This model has a 40 Gbps backplane that supports 16 OC-48 (2.4 Gbps) ports. (Image courtesy of Marconi Communications.)

Asynchronous Transfer Mode from the WikiPedia

Asynchronous Transfer Mode, or ATM for short, is a which encodes data traffic into small fixed-sized (53 byte; 48 bytes of data and 5 bytes of header information) cells instead of variable sized packets as in (such as the or ). It is a technology, in which a connection is established between the two endpoints before the actual data exchange begins.

Introduction

ATM was intended to provide a single unified networking standard that could support both channel networking (, ) and packet-based networking (, , etc), whilst supporting multiple levels of for packet traffic.
ATM sought to resolve the conflict between networks and networks by mapping both bitstreams and packet-streams onto a stream of small fixed-size 'cells' tagged with identifiers. The cells are typically sent on demand within a synchronous time-slot pattern in a synchronous bit-stream: what is asynchronous here is the sending of the cells, not the low-level bitstream that carries them.
In its original conception, ATM was to be the enabling technology of the 'Broadband Integrated Services Digital Network' () that would replace the existing . The full suite of ATM standards provides definitions for (physical connections), (data link layer) and (network) of the classical . The ATM standards drew on concepts from the telecommunications community, rather than the computer networking community. For this reason, extensive provision was made for integration of most existing technologies and conventions into ATM.
As a result, ATM provides a highly complex technology, with features intended for applications ranging from global telco networks to private local area computer networks. ATM has been a partial success as a technology, with widespread deployment, but generally only used as a transport for IP traffic; its goal of providing a single integrated technology for LANs, public networks, and user services has largely failed.

Successes and Failures of ATM Technology

Numerous have implemented wide-area ATM networks, and many implementations use ATM. However, ATM has failed to gain wide use as a technology, and its great complexity has held back its full deployment as the single integrating network technology in the way that its inventors originally intended.
Many people, particularly in the Internet protocol-design community, considered this vision to be mistaken. Their argument went something like this: We know that there will always be both brand-new and obsolescent link-layer technologies, particularly in the LAN area, and it is fair to assume that not all of them will fit neatly into the model that ATM was designed for. Therefore, some sort of protocol is needed to provide a unifying layer over both ATM and non-ATM link layers, and ATM itself cannot fill that role. Conveniently, we have this protocol called "IP" which already does that. Ergo, there is no point in implementing ATM at the network layer.
In addition, the need for cells to reduce jitter has disappeared as transport speeds increased (see below), and improvements in have made the integration of speech and data possible at the IP layer, again removing the incentive for ubiquitous deployment of ATM. Most telcos are now planning to integrate their voice network activities into their IP networks, rather than vice versa..
Many technically sound ideas from ATM were adopted by , a generic packet switching protocol. ATM remains widely deployed, and is used as a service in networks, where its compromises fit DSL's low-data-rate needs well. In turn, DSL networks support IP (and IP services such as VoIP) via.
ATM will remain deployed for some time in higher-speed interconnects where carriers have already committed themselves to existing ATM deployments; ATM is used here as a way of unifying /SDH traffic and packet-switched traffic under a single infrastructure.
However, ATM is increasingly challenged by speed and traffic shaping requirements of converged networks. In particular, the complexity of imposes a performance bottleneck, as the fastest SARs known run at 2.5 Gbit/s and have limited traffic shaping capabilities.
Currently it seems like implementations (10Gbit-Ethernet, MetroEthernet) will replace ATM in many locations. Enables convergence of Voice, Video, Data on one network

Recent Developments

Interest in using native ATM for carrying live video and audio has increased recently. In these environments, low latency and very high quality of service are required to handle linear audio and video streams. Towards this goal standards are being developed such as (). Compare with .

ATM Concepts

Why Cells?

The motivation for the use of small data cells was the reduction of (delay variance, in this case) in the multiplexing of data streams; reduction of this (and also end-to-end round-trip delays) is particularly important when carrying voice traffic.
This is because the conversion of digitized voice back into an analog audio signal is an inherently process, and to do a good job, the that does this needs an evenly spaced (in time) stream of data items. If the next data item is not available when it is needed, the codec has no choice but to produce silence - and if the data does arrive, but late, it is useless, because the time period when it should have been converted to a signal has already passed.
Now consider a speech signal reduced to packets, and forced to share a link with bursty data traffic (i.e. some of the data packets will be large). No matter how small the speech packets could be made, they would always encounter full-size data packets, and under normal queuing conditions, might experience maximum queuing delays.
At the time ATM was designed, 155 Mbit/s (135 Mbit/s payload) was considered a fast optical network link, and many links in the digital network were considerably slower, ranging from 1.544 to 45 Mbit/s in the USA (2 to 34 Mbit/s in Europe).
At this rate, a typical full-length 1500 byte (12000 bit) data packet would take 89 to transmit. In a lower-speed link, such as a 1.544 Mbit/s T1 link, a 1500 byte packet would take up to 7.8 milliseconds.
A queueing delay induced by several such data packets might be several times the figure of 7.8 ms, in addition to any packet generation delay in the shorter speech packet. This was clearly unacceptable for speech traffic, which needs to have low jitter in the data stream being fed into the codec if it is to produce good-quality sound. A packet voice system can produce this in one of two ways:

Have a playback buffer between the network and the codec, one large enough to tide the codec over almost all the jitter in the data. This allows smoothing out the jitter, but the delay introduced by passage through the buffer would be such that echo cancellers would be required even in local networks; this was considered too expensive at the time. Also, it would have increased the delay across the channel, and human conversational mechanisms tend not to work well with high-delay channels.

Build a system which can inherently provide low jitter (and low overall delay) to traffic which needs it.

Operate on a 1:1 user basis (i.e., a dedicated pipe).

The latter was the solution adopted by ATM. However, to be able to provide short queueing delays, but also be able to carry large datagrams, it had to have cells. ATM broke all packets, data and voice streams up into 48-byte chunks, adding a 5-byte routing header to each one so that they could be reassembled later. It multiplexed these 53-byte cells instead of packets. Doing so reduced the worst-case queuing jitter by a factor of almost 30, removing the need for echo cancellers.

Cells In Practice

The rules for segmenting and reassembling packets and streams into cells are known as . The most important two are AAL 1, used for streams, and , used for most types of packets. Which AAL is in use for a given cell is not encoded in the cell. Instead, it is negotiated by or configured at the endpoints on a per-virtual-connection basis.
Since ATM was designed, networks have become much faster. As of 2001, a 1500 byte (12000 bit) full-size Ethernet packet will take only 1.2 µs to transmit on a 10 Gbit/s optical network, removing the need for small cells to reduce jitter. Some consider that this removes the need for ATM in the network backbone. Additionally, the hardware for implementing the service adaptation for IP packets is expensive at very high speeds. Specifically, the cost of segmentation and reassembly (SAR) hardware at and above speeds makes ATM less competitive for IP than (POS). SAR performance limits mean that the fastest IP router ATM interfaces are OC12 - OC48 (STM4 - STM16), while (as of 2004) POS can operate at OC-192 (STM64) with higher speeds expected in the future.
On slow links (2 Mbit/s and below) ATM still makes sense, and this is why so many ADSL systems use ATM as an intermediate layer between the physical link layer and a Layer 2 protocol like PPP or Ethernet.
At these lower speeds, ATM's ability to carry multiple logical circuits on a single physical or virtual medium provides a compelling business advantage. DSL can be used as an access method for an ATM network, allowing a DSL termination point in a telephone central office to connect to many internet service providers across a wide-area ATM network. In the United States, at least, this has allowed DSL providers to provide DSL access to the customers of many internet service providers. Since one DSL termination point can support multiple ISPs, the economic feasibility of DSL is substantially improved.

Why Virtual Circuits?

ATM is a channel based transport layer. This is encompassed in the concept of the Virtual Path (VP) and Virtual Circuit (VC). Every ATM cell has an 8- or 12-bit Virtual Path Identifier (VPI) and 16-bit Virtual Circuit Identifer (VCI) pair defined in its header. The length of the VPI varies according to whether the cell is sent on the user-network interface (on the edge of the network), or if it is sent on the network-network interface (inside the network).
As these cells traverse an ATM network, switching is achieved by changing the VPI/VCI values. Although the VPI/VCI values are not necessarily consistent from one end of the connection to the other, the concept of a circuit is consistent (unlike IP, where any given packet could get to its destination by a different route than the others).
Another advantage of the use of virtual circuits is the ability to use them as a multiplexing layer, allowing different services (such as voice, , n*64 channels, IP, , etc.) to share a common ATM connection without interfering with one another.

Using Cells and Virtual Circuits For Traffic Engineering

Another key ATM concept is that of the traffic contract. When an ATM circuit is set up each switch is informed of the traffic class of the connection.
ATM traffic contracts are part of the mechanism by which "" (QoS) is ensured. There are three basic types (and several variants) which each have a set of parameters describing the connection.

CBR - Constant bit rate: you specify a Peak Cell Rate (PCR) which is what you get
VBR - Variable bit rate: you specify an average cell rate which can peak at a certain level for a maximum time.
ABR - Available bit rate: you specify a minimum rate which is guaranteed
UBR - Unspecified bit rate: you get whatever is left after all other traffic has had its bandwidth

VBR has and non-real-time variants and is used for "bursty" traffic.
Most traffic classes also introduce the concept of Cell Delay Variation Time (CDVT) which defines the "clumping" of cells in time.
Traffic contracts are usually maintained by the use of "Shaping", a combination of queuing and marking of cells, and enforced by "Policing".

Traffic Shaping

is usually done at the entry point to an ATM network and attempts to ensure that the cell flow will meet its traffic contract.

Traffic Policing

To maintain network performance it is possible to police virtual circuits against their traffic contracts. If a circuit is exceeding its traffic contract the network can either drop the cells or mark the Cell Loss Priority (CLP) bit, to identify a cell as discardable further down the line. Basic policing works on a cell by cell basis but this is sub-optimal for encapsulated packet traffic as discarding a single cell will invalidate the whole packet anyway. As a result schemes such as Partial Packet Discard (PPD) and Early Packet Discard (EPD) have been created that will discard a whole series of cells until the next frame starts. This reduces the number of redundant cells in the network saving bandwidth for full frames. EPD and PPD work with AAL5 connections as they use the frame end bit to detect the end of packets.

Types of Virtual Circuits and Paths

Virtual circuits and virtual paths can be built statically or dynamically. Static circuits (permanent virtual circuits or PVCs) or paths (permanent virtual paths or PVPs) require that the provisioner must build the circuit as a series of segments, one for each pair of interfaces through which it passes.
PVPs and PVCs are conceptually simple, but require significant effort in large networks. They also do not support the re-routing of service in the event of a failure. Dynamically built PVPs (soft PVPs or SPVPs) and PVCs (soft PVCs or SPVCs), in contrast, are built by specifying the characteristics of the circuit (the service "contract") and the two endpoints.
Finally, switched virtual circuits (SVCs) are built and torn down on demand when requested by an end piece of equipment. One application for SVCs is to carry individual telephone calls when a network of telephone switches are inter-connected by ATM. SVCs were also used in attempts to replace local area networks with ATM.

Virtual Circuit Routing and Call Admission

Most ATM networks supporting SPVPs, SPVCs, and SVCs use the Private Network Node Interface or Private Network-to-Network Interface (PNNI) protocol. PNNI uses the same shortest path first algorithm used by and to route IP packets to share topology information between switches and select a route through a network. PNNI also includes a very powerful summarization mechanism to allow construction of very large networks, as well as a call admission control (CAC) algorithm that determines whether sufficient bandwidth is available on a proposed route through a network to satisfy the service requirements of a VC or VP.

Structure of An ATM Cell

An ATM cell consists of a 5 byte header and a 48 byte payload. The payload size of 48 bytes was a compromise between the needs of voice telephony and packet networks, obtained by a simple averaging of the US proposal of 64 bytes and European proposal of 32, said by some to be motivated by a European desire not to need echo-cancellers on national trunks.
ATM defines two different cell formats: NNI (Network-network interface) and UNI (User-network interface). Most ATM links use UNI cell format.

Diagram of the UNI ATM Cell

7	4	3	0
GFC		VPI
VPI		VCI
VCI
VCI		PT	CLP
HEC
Payload (48 bytes)

Diagram of the NNI ATM Cell

7	4	3	0
VPI
VPI		VCI
VCI
VCI		PT	CLP
HEC
Payload (48 bytes)

GFC = Generic Flow Control (4 bits) (default: 4-zero bits)
VPI = Virtual Path Identifier (8 bits UNI) or (12 bits NNI)
VCI = Virtual Channel Identifier (16 bits)
PT  = Payload Type (3 bits)
CLP = Cell Loss Priority (1 bit)
HEC =  (8bits) (checksum of header only)

The PT field is used to designate various special kinds of cells for Operation and Management (OAM) purposes, and to delineate packet boundaries in some AALs.
Several of ATM's link protocols use the HEC field to drive a algorithm which allows the position of the ATM cells to be found with no overhead required beyond what is otherwise needed for header protection.
In a UNI cell the GFC field is reserved for an (as yet undefined) local flow control/submultiplexing system between network and user. All four GFC bits must be zero by default.
The NNI cell format is almost identical to the UNI format, except that the 4 bit GFC field is re-allocated to the VPI field, extending the VPI to 12 bits. Thus, a single NNI ATM interconnection is capable of addressing almost 212 VPs of up to almost 212 VCs each (in practice some of the VP and VC numbers are reserved).

LANE (LAN Emulation)