Category Archives: Security

school computer hacks

 access blocked websites

Why do you Want to Hack School Computers ?

Before going to the actual matter related to the school computers first come to the point that why do you want to hack your school computers.I don’t know why? but I am giving you the common idea i.e what are the common goals that is directly or indirectly associated with the hacking of school compuetrs(I am trying to focus on some simple reasons you may have some special reasons).

Hence in general hacking school computer means

1. To gain administrative power to do some special task(That is not permitted to general user).

2. Students want to use social networking sites like MySpace,Facebook,Orkut..etc, whose access is blocked by default in most school computers.

3. They like to play online games, it may also comes against the school policy.

4. They may like to see pornographic videos or websites,and of course accessing these sites are banned by default.

5. Students also enjoy tempering with grades but administrative power as well as little research is required depending on the security policy of school.

6. In some schools accessing internet is totally banned for student account(Very bad!…unacceptable).

7. It may be obvious some times for us because we are humans and by nature we like to violate the rules.

Now it is little bit clear that why we want to hack our schools computers.Okay lets proceed to the next step –

1. Accessing blocked sites :

This is really very simple.What you have to do is just to use proxy servers.Using proxy server your computer will be connected to the proxy servers but you will be able to accessed blocked sites via proxy server , an intermediate server-computer that will do your work.Here is the list of some websites that will work as a proxy server for you.
Some websites that I had tested on my system and working fine :Just go the website and enter the website address in the url field.

Alternative Method : Get the IP address of the website i.e is blocked.Now try to connect using different form of IP address by typing in to your browser’s address bar.Type http and https interchangeably, sometimes it works.You can use the calculator(Click view scientific) to convert the number fr0m decimal to binary or decimal to hexadecimal.
e.g :  or
This method will work if your school computers use DNS(Domain Name System) based protection.So if you can  edit the dns mapping files that stores on the system(may be in each computer or centrally managed by the administrator) and used by  browsers to look up the domain-IP table;then also you would be able to use blocked websites.

2. Hacking administrator account :

There are many methods to gain administrative power or to access or temper with all the important files on the system.To do this one of the simple method is to use a live cd or pendrive(It is simple.because what you have to do is to download the ISO file and burn it on a CD or you can make your pendrive bootable by following some simple steps) having any linux distribution installed(such as Ubuntu or linux Mint).

Switch on the computer and insert the live bootable cd into the tray.Now booting will be start fr0m live cd instead of hard drive(By default,in special cases press F2 or F10 or F8 to change the booting options so that computer will boot fr0m live cd or pendrive).Since the linux is able to mount all the major file systems format like NTFS,FAT16 or FAT32.Booting andloading will complete within two to five minutes.So after loading the linux into the computer’s RAM you will be able to mount and use or temper with the whole hard disc.Now you are done.Do whatever you want and after shutting down remove the cd fr0m the tray and the windows operating system will work as normal.(Assuming that you didn’t temper with the windows system file..Remember this point and be careful).

What will we do if the BIOS password is installed in the system : In general it is not the case but if it occurs then first try some default BIOS password.You can get the list of Default BIOS password on the internet after getting the name and version of the BIOS,that you will see at the time of booting.You can also try to reset the BIOS by opening the CPU case,Find the lithium Ion battery(having round shape like a silver coin).Now remove the battery and again put it in the same place after 60 seconds.
Some common passwords includes :
AMI  cmos  Biostar   BIOS  setup  password
Award  AWARD_SW  lkwpeter  AWARD_PW  AMI!SW1
j322 h6BB CONDO condo admin 589721
award_? 1322222 256256 ?award Compaq  last
AM AMI~ ascend  djonet  autocad  BIOSPASS
AMIPSWD  SZYX  zbaaaca  TzqF  t0ch20x

Alternative Method : In old versions of windows you can also use simple commands to gain administrative power at the login promopt.This can be simply done by editing the system files which stores the login information.Follow these steps :

1. At the time of booting press F8 a boot menu will come on the screen,choose DOS.

2. Now you can change your working directory by using cd command.

C:\ cd windows

3. Next,type the command to rename .pwl extensions which contains the login information.

C:\windows>ren *.pwl *.pqr

4. Now restart the computer in normal way and type anything in the password place(when the login promopt will appear)You hacked! and know enjoy the administrative power.(in this method the windows will take this password as actual).

   Credit : RKJHA

how to protect against internet threats

secure yourself by making strong password

Increasing internet threats are becoming a big headache thesedays.Hence it seems very difficult to protect against internet threats during online activities.But with few basic precautions it is very easy to secure yourself fr0m most of the crackers and script kiddies;most of the crackers and script kiddies succeeded due to the ignorancy of the end user.Most people think that installing a good antivirus or a firewall or antispyware implies that I am hundred percent secure fr0m any internet threats OR some people don’t like to use any antivirus software as they feel that my computer become too slow OR some even don’t know that the cracker or script kiddies can harm up to such large extent.The username and password combination is most widely used authentication system but here is the common problem in choosing the password.
(1)most user like to use simple password such as 12345 or asdfg or.. so that they can remember easily;
But it can be hacked very esily using simple dictionary attacks.

(2)they want to use some familiar number or string such as name,cell,Date Of Birth or phone number,other card numbers.
But it can br easily guessed by some one who know about that user or these simple infr0mation can be easily obtained by doing some simple research(e.g by using social networking site like facebook,orkut,myspace or microblogging site like twitter).

Here is the simple tips so that you can protect yourself against the internet threats and feel safer –

#1.How to Make your password strong : Hard to crack

Make the password strong by combining :
1.upper and lowercase characters.
3.special symbols
e.g Ap8@V&R50#Wx
If you feel difficulties in the case when you have to maintain more than one password then remember one and add some extra character in front,last or middle to distinguished fr0m other password(recommended method)
e.g for account1 : Ap8@V&R50#WxZ1
for account2 : Ap8@V&R50#WxZ2 strong one OR apply some more concept and make your password stronger e.g : Bq9@V&R50#WxZ2 (*Hint : I have shifted one to the right in the digits coming before the first ‘@’ symbol and the remaining part is same only).
Alternative Method : Store the password in file(so that you will have to remember only a master password)and encrypt it using software like true crypt or GNU Privacy Guard.Both of these softwares are open source,free and available for all major platfr0m(Linux,Windows and Mac OS).
Downloading link :  Truecrypt GNU PG

#2.Precautions for those who use public computers/cyber cafe:

1. Don’t do online banking or purchasing works if it is so necessary then use on-screen keyboard(go to the start menu and search for that it should be installed by default).
[Because it will secure you fr0m the key loggers programs]

2. Always logout fr0m your logged in accounts e.g fr0m social networking websites like orkut or facebook before leaving the computer.
[because others may misuse your account for any purpose]

3. After using the cafe change your password as soon as possible.
[If the administrator is sniffing the traffic then he may get your password and other sensitive inf0rmation easily if  the connection is not encrypted]

4. Do not save the password at the time of logging. when firefox or other browser says “save the password” always click no OR simply go to the preference tab and change the setting such that it won’t offer to remember any password for the sites.(In firefox just uncheck the box that offer to remember the passwords).
[Otherwise anyone can easily view your password by clicking on show the saved password if the master password is not installed]

#3 Common precautions for all users :

1. Password recovery options are sometimes ignored by the users but it is an important point to note that the security question(s) in gmail/yahoo or other websites are as important as password.So make your security question harder to guess and associates the email accounts with each other so that one can be recovered fr0m other in case of any problem.

2.Use your credit card with trusted sites only and in case of secure connection you will see :
*The web address start with https instead of http
*A lock symbol appear near the right bottom corner(firefox).
*You can see the certificates information by right clicking and select “view certificates” to know more about the ssl provider and encryption level(It should be more than 128 bit).

3.Use good antivirus software like Avast antivirus(It is available free for home users) and always scan the external memory devices before transferring any data to your computer.You can shedule the scanning according to your need or choice. Download avast (Windows users) {It is optional for LINUX users as linux is almost Virus FREE although there are many open source virus scanners are available like clamtk: Download clamtk virus scanner}

4.For online banking or any other account ..always open their websites by typing their address in the address bar.It will prevent you fr0m the most common attack known as phishing attack in which you will submit your login information through a fake website(Although it looks similar to the original but the URl is different..or just similar hence see the URL carefully) and your information will be parsed somewhere else using some script languages like PHP,JAVASCRIPT.

5. Use good firewall to protect your computer fr0m the common online attacks and try to learn about the policy so that you can tune their settings according to your need and the security level you want.

how to hijack a tcp connection|hacking tcp sessions

Hijacking a tcp connection requires just a little bit knowledge about IP spoofing and ACK numbers. IP spoofing is a simple technique in which the attacker/hacker replaces the IP address of the sender i.e sends some data by confusing the receiver.ACK or SEQ numbers are used by the web servers to distinguished between different sessions and to check that whether the user’s session is still active or not.In fact hijacking a tcp connection is not a difficult task;here is the simple description so that you can understand the basic steps.

So the tcp connection-session can be hijacked in the following simple steps –

step1 : Try to learn more and more about that victim-Z and the web server-F before proceeding to the next step.If you are monitoring the connection in a wireless network then you can also use wire-shark or other advanced network traffic monitor tools.(You can also use a Linux based operating system “Linux-back track-4” specially designed for hackers and penetration testing,because it contains all the required tools by default.)

step2 : The web server-F sends an echo back to the victim-Z and the victim acknowledges the data packet.

step3 : Now you can send the spoofed packet to the web server-F.

Step4 : Then the web server-F responds to you and you can start verifying ACK/SEQ numbers and the web server believes that the session is going on with the victim-Z.Now you have hijacked the session of the victim-Z.

Step5 : So you can continue the use of that session and web server will returned the requested information by checking the ACK number..and the connection will be continue until the FIN flag is changed to terminate.

what is ip fragment attacks|IP fragmentation hacks

IP Fragment

IP fragments is useful in keeping tracks of the different parts of a datagram in TCP/IP suite.When the data packets arrived at the destination field then it is used to reassemble the datagrams.The identification value of all the IP fragments are same so the fragmentation offset is used to indicates the actual position of the current fragment in actual datagram packet.

Hacking/attacking IP fragments

In general the ip fragments do not coincides but a hacker can create ip fragments packets artificially,in order to forge the firewalls or routers.Suppose the second fragment of the datagram packet is inserted to the sequence by the hacker and the offset value of the second packet is less than the length of the first fragment.Then this situation may results in the overriding some bytes of the first segment on the time of reassembly at end computer.So this defected ip fragments may be responsible for the improper functioning (or crash) of the operating system.This is known as ip fragment attacks.A simple example of the ip fragmentation attack is the ping of death attack which sends the ip fragments that create the larger packets then the maximum allowed length at end computer.

What is sniffing|sniffers?

Sniffing is the simple process in which the network interface card is used to receive and monitor data that is not intended for that machine.The device or software that does sniffing are known as sniffer or more simply a network analyzer.Sniffing programs are very useful in gathering sensitive information like telnet username and password,ftp username and password.,credit card numbers,bank account details..and so on.Hence sniffing techniques are widely used by the attackers and hackers to monitor the key information that the hacker is interested in.In a network all the NIC(Network Interface card) have the unique mac(Media Access Control) address.In general the NIC responds to that packets only which contains its own mac address in the frames destination field or the broadcast address in the destination field.Network Interface cards also supports a mode known as promiscuous mode,in which it can receive all data packets and traffic that travels across the network.In promiscuous mode NIC generates a hardware interrupt to the CPU every packet’s frame they encounter(instead of the only the frames having the mac address or broadcast address)s.So the sniffer puts the NIC in to the promiscuous mode and capture/monitor the data packets traveling around the network by passing the all traffic to the operating systems TCP/IP stack.Hence a sniffer or network analyzer is also helpful in troubleshooting the networks and used by the network administrators.

Why sniffing threatens network security?

The sensitive information that can be collected by sniffers are :
1. Passwords(eg.ftp,telnet,pop,imap.. loging password)
2. Bank account numbers
3. Any other Private data
4. Low level Protocol Information

Some common Sniffing softwares(sniffers)

* dsniff
* Esniff.c
* TCPDump
* sniffit