What is Sniffing???

A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as an email or Web page.

A sniffer is one of the most important information gathering tools in a hacker's arsenal. The sniffer gives the hacker a complete picture (network topology, IP addresses) of the data sent and received by the computer or network it is monitoring. This data includes, but is not limited to, all email messages, passwords, user names, and documents. With this information, a hacker can form a complete picture of the data traveling on a network, as well as capture important tidbits of data that can help her gain complete control over a network.

To know how sniffer exactly work and how can you make your own, you need to  read my next entry till then enjoy and happy hacking!!!

Read More

Google fixes Flash exploit in Chrome, but others have to wait

Google has fixed a critical Adobe Flash Player bug that is being exploited in the wild - but only for its own Chrome browser. Users of Flash Player in other browsers will have to wait for Adobe's official patch, which will require testing against around 60 platforms and configurations.

Chrome is able to get the fix because it has an ongoing collaboration with Adobe which gives it early access to new builds of Flash.

The "zero-day" vulnerability - meaning that it was discovered being used in the wild, rather than by security researchers hunting for bugs - embeds a malicious Flash file in an Excel document; that is then sent to people on a target list, and if opened can compromise Windows-based computers - though Microsoft says that machines running Office 2010 are protected through a security system called data execution prevention.

Older versions of Windows using Chrome will be safe only if they don't have Flash Player for Internet Explorer installed, and view Flash only through Chrome, according to an Adobe spokeswoman.

Adobe says the bug is "critical" and hopes to release a fix this week.

Chrome has seen little exploitation targeting it specifically. Along with Mozilla's Firefox, it escaped unscathed at the recent Pwn2Own competition in Vancouver while Safari and Internet Explorer 8 were hacked. However, nobody attempted to break into Chrome; the only would-be challenger did not turn up.

An iPhone 4 running iOS 4.2 and a RIM BlackBerry Torch running OS6 were also both hacked; a Nexus S running Android 2.3 and a Dell Venue Pro running Windows Phone 7 remained unhacked.

In theory though the exploit used to attack the BlackBerry Torch - via WebKit - was also available in Chrome, though Google moved quickly to patch it.

Read More

PRINCIPLES OF HACKING

In this article, attacks and hacking techniques are two different concepts that are, nevertheless, closely related to each other. An attack typically goes through several steps or phases. In each phase, some attack actions will be carried out by the hacker, and these attack actions will typically involve the use of one or more hacking techniques. The hacking techniques involved in different attack phases could be different. Moreover, an attack or hacking (software) tool may cover several phases of an attack and involve multiple hacking techniques. 

Seven Steps of Hacking 

No matter how to hack or attack a network, the attacker always takes certain procedures to accomplish his objectives. In general, these procedures fall in one of the following seven steps : reconnaissance, probe, toehold, advancement, stealth, listening post, and takeover, where each step is enabled or helped by its previous steps and prepares for its following steps. These seven steps can serve as a procedural classification of hacking techniques because the hacking techniques used in each step are for the same purpose and share many common characteristics. 

Reconnaissance is to gather information of the target system or network. The information of interest may include host names, host addresses, host owners, host machine types, host operating systems, network owners, network configurations, hosts in the networks, list of users, etc. An intruder may start with searching the Internet for references to the target in order to find the domain information of the target. Then the intruder can obtain further information about other machines within that domain such as their host names and network addresses. For example, the intruder can analyze the target web pages to gather useful information about the users of the target system, because most web pages contain user information, such as contact emails or some personal information (name, address, phone number, etc). If the intruder obtains a user account in the target system, he can begin to guess the password. Sometimes, he can even directly contact a person through phone or E-mail to acquire the person’s account information. 

Probe is to detect the weaknesses of the target system in order to deploy the hacking tools. After gathering enough information of the target, the intruder begins to probe the perimeter of the system for potential weaknesses. He can utilize remote exploit tools, which enable the intruder to conduct security surveys and automatically collect and report security-related vulnerabilities of remote hosts and networks. Using these hacking tools, the intruder can find out the remote services the target is providing, such as WWW, FTP, SMTP, finger, X server, etc., by scanning the hosts of the target network. In addition, the intruder can obtain such information as machine names, software names and version numbers. Then, he can refer to the known vulnerabilities of the detected services for further exploitation.

Toehold is to exploit security weaknesses and gain entry into the system. Once a vulnerability is found, the intruder will first exploit this vulnerability to build a connection (or session) between his machine and the target host, and then remotely execute hostile commands on the target. (For example, the intruder can generate an X terminal emulation on his own display.) In this way, a toehold into the target network has been established and the intruder can go further to compromise the system. Gaining entry into the system, the intruder can 

also search for more critical system information. If the current user identification (UID) is for a privileged user, the intruder will jump to the stealth step; otherwise, he will get into the advancement phase. 

Advancement is to advance from an unprivileged account to a privileged one. In this step, the intruder uses local exploit tools to obtain additional information of the target, such as configuration errors and known vulnerabilities of the operating system. Once finding a local vulnerability, the intruder can advance from an unprivileged UID to a root UID. Then, with the highest level of privileges, the intruder can fully control the target system, steal sensitive data, maliciously modify files, and even delete the entire file system. 

Stealth is to hide the penetration tracks. During the probing phase, the intrusion actions are likely to be logged by intrusion detection systems, and during the phases of toehold and advancement, the intruder may leave his activities in the system log. Hence, in order to hide, the intruder will access the local log files and modify the corresponding log entries to remove the traces and avoid detection. He may further replace the system binary code with a malicious version in order to ensure future un-logged and undetected access to the compromised system. 

Listening post is to install backdoors to establish a listening post. In this step, the intruder inserts some malicious programs into the system, such as a stealth tool, a backdoor tool, and a sniffer. These programs ensure that his future activities will not be logged. They report false information on files, processes, and the status of the network interface to the administrators. They also allow the intruder to access the compromised system through the backdoor. With the sniffer tool, the intruder can capture the traffic on the network interfaces. By logging the interesting network traffic, the intruder can better monitor and control the compromised system.

Takeover is to expand control (or infection) from a single host to other hosts of the network. From the listening post, the intruder can sniff a lot of important information about other hosts of the network, such as user names and passwords. The intruder can also obtain information through several other ways. For example, he can check some specific configuration files (e.g., /.rhosts) of the compromised host and find mutually trusted hosts. With these information, the intruder can retake the previous steps to break into other hosts. In this way, he can expand his control to the whole network.

Read More

British Hacker Jailed over £7m Virtual Gaming Chips Scam

A British computer hacker who stole 400bn virtual gaming chips from an international gaming company has been jailed for two years.

Ashley Mitchell, 29, broke into the Zynga mainframe, stole the identity of two employees and transferred chips said to be worth more than £7m to himself.

Mitchell, of Paignton, Devon, sold the chips through Facebook to other gaming enthusiasts and used the money to fund his online gambling addiction.

More than 50 million people a day play Zynga games, including Mafia Wars, in which players run a virtual mob business, and FarmVille, which allows users to create their dream farm. Players have to buy chips for their virtual worlds. A black market in cut-price chips has grown up on the internet.

Mitchell, a former council accounts clerk, made £53,612 in two months after selling about a third of the chips.

But James Taghdissian, prosecuting, told Exeter crown court that Zynga put its loss at $12m (£7m). "That is what they estimate they would have lost if all the chips were successfully sold on," he said.

He said the company became aware in August 2009 that large amounts of chips were vanishing and suspected the two employees whose identities Mitchell had adopted. However, investigators then realised the system had been hacked and narrowed the search to Paignton. Mitchell's neighbours had their computers seized because he was "piggy-backing" on their unsecured Wi-Fi connections. Mitchell was eventually identified because he used his own Facebook profile during one of his attempts to hack into the system.

Taghdissian said: "It was clear there had been a systematic approach adopted in probing and accessing Zynga. Checks on [Mitchell's] bank account showed at this time he bought items including a Rolex watch and was also spending money on online gambling."

"He made determined and repeated efforts to attack Zynga's systems. He succeeded and transferred 400bn chips and sold them to realise a substantial profit."

Ben Darby, defending, said the loss to Zynga was impossible to quantify because the chips were virtual and the company could create as many as it wants.

He said Mitchell had enjoyed little benefit and spent most of the proceeds on online gambling on other sites that use real money.

He said: "Gambling had complete control of his life." He said his client was now an internet entrepreneur with his own Facebook poker site called Gambino, which could earn him more than £100,000 a year.

Mitchell admitted computer misuse and four counts of money laundering and asked for 41 similar cases to be considered. He was also sentenced to 30 weeks for breaching a 40-week suspended sentence imposed in 2008 for hacking into the computer system of Torbay council, where he once worked.

From internet banking to major international transactions, people rely on the security of systems and anyone who comes before the courts who has gone through these security systems from their own ends can expect custody.

"The sentence has to reflect the impact on public confidence in security systems and online business when someone breaches security in this way."

[Note : This article was originally posted by www.guardian.co.uk]

Read More