Google's Cookie a threat

Google has been great search engine for all of us and it will remain.

But what if it steals your identity when you use it. Don't you feel infuriated about this fact. This is done by Google using google's cookie.

Google keep tracks of the user by recording the IP address and search items/keywords that the user was searching in google. They also record the timestamp when you made this search which includes Date and Time information. Even the information about the browser you are using is logged. The proof of this fact is when you log in your gmail account look at the extreme below of the page there you can see the IP address and time/date when your account was last used.

So we can ultimately say that google is keeping track of our surfing habits on google. They are stealing your privacy.

Google claims thats it is done to keep preferences about the user so that they can provide appropriate search results to them. ;-) lol

Infact it is true, but still some eccentric people like me don't want their privacy to be cracked.

So in order to remain anonymous you can use several precautions as follow:

1. Try to access google by using proxies. For this you first need to connect a proxy site and then open google to make any search. By doing this, the IP address of proxy site will be logged by google instead of your IP.

2. Use Scroogle instead of google to search anything.

Scroogle work in same way as a proxy, it don't let your IP get logged but scroogle's IP get looged by google.com Click Here for Scroogle

3. You can try searching using meta search engines like dogpile.com etc.

This similar technique is also used by other search engines to track you.

In same way google uses this technique regarding your gmail/orkut account. Infact gmail is mailing service by google. This is the reason how advertisements related to your information and surfing habits are displayed in your gmail/orkut account. For example in case of college/university students they can see that usually the advertisements links that are given in their gmail/orkut account are education institutions, training institutions that provide training/internships , employment/jobs related etc. Moreover this fact can be prooved by fact that most of the institutions/organization that are advertised are from your country or geographical location..!! For eg: If are from america then the institutions/organizations that are mentioned in advertisements links will also be from america. Now as we know that by IP address of a person, we can trace his/her geographical location too. So google team can trace you. Similarly in this way you get spams too. It seems to me that the emails sent by us are also monitored by google. It is based on my personal experience. Like I had an email regarding the Unix book and you can see in the image below that there are advertisements related to unix circled in red in my inbox..!!!

Click Here to view the image properly.

So now solution to this gmail problem is that if you want to remain anonymous then create more than one gmail accounts. Use one for personal use with your real name etc. and use this for legitimate purposes like emails, chatting, blogging, orkut etc. and create one with fake name that you can use for secret evil purposes(that you don't want others to know you better understand what I mean). Now use proxy site to access your fake email account to hide your IP. ;-)

Hope it was informative for you.

Beware of Proxy Sites

It is usually seen that in school, colleges, universities and companies some websites are blocked, but people use proxy sites as an alternative.

I recommend Don't prefer proxy to login into your precious accounts like gmail, hotmail,yahoo and other mailing sites. Moreover never prefer proxy to login into your bank accounts and other similar sites, where you login and provide you secret credentials.

So here is reason why not prefer proxy ?

First of all, majority of the proxy sites are not safe. The traffic passing from these proxy servers can be easily sniffed by hackers on network. Mainly these proxy sites are not SSL encrypted. They don't provide the security. Many times they can lead you to fake pages and you can get hacked. Moreover if you are using multiple proxies then you are getting yourself more in danger. This is also a reason why many email id get hacked in schools, colleges and universities. Students(victim) are not aware about this fact and then after getting hacked they scream here and there plz help my email is hacked.

Not all proxy sites are bad but usually the proxy sites that are free are evil.

These proxy sites contains many advertisements on their webpage that can lure victim to other webpages and later hack your account, or bank credentials. Even sometimes when you click on that advertisements a virus, malware or spyware gets download on your system and you accidentally install it on your machine, and your machine gets infected.

Even sometimes these proxy sites logs your email that can be sold to advertising companies, that later sends you spams about their products.

For example this spam is very common: Advertisement about some medicines to increase ur sex potential etc.

So when to use proxy sites ?

So I recommend you people to use proxy to view videos on youtube, download movies, download software, download videos, to access warez sites, underground sites, and all that stuff, where you don't require to login. Websites like youtube, warez sites, underground sites, hacking related sites are also blocked in schools, colleges and many more places.
I would recommend using Tor Browser. To know more about it Click Here

Hope this information helps you.

How to change MAC address in Windows

So here is way to change the MAC address of your NIC (Network Interface Card). Basically there are 2 methods to do so depending on the type of NIC you have. If you have a card that support Clone MAC address, then you have to follow the below given steps:

First goto command prompt and type in ipconfig /all note the MAC address value.

Now :

1. Go to Start->My Network Places

Now on left side click on View Network Connections.

2. Right click on the NIC you want to change the MAC address and click on properties.

3. Under General tab, click on the Configure button

4. Click on Advanced tab

5. Under Property section you should see an item called Network Address or Locally Administered Address, click on it.

6. On the right side, under Value, type in the New MAC address you want to assign to your NIC. Usually this value is entered without the - sign between the MAC address numbers. for eg enter: 005544000000

7. Goto command prompt and type in ipconfig /all note the changes to MAC address value. If the changes are not in affect, then use the Second method.

8. If successful, reboot your machine.

Method 2:

This method requires editing of Windows Registry. Make a backup of your registry and store somewhere safe.

a. Goto command prompt and type ipconfig /all and

I. Record the Description for the NIC you want to change.

II. Record the Physical Address for the NIC you want to change. Physical Address is the MAC Address

b. Goto command prompt and type net config rdr hit enter key

c. Remember the number between the long number (GUID) inside the { }.

for eg: {1A9324CC-BFD7-4920-702A-DB281838637C}. You can copy and paste it to the Notepad, for future reference.

d. Go to Start -> Run, type regedt32 to start registry editor.

e. Do a backup of your registry in case you get fucked up the following steps.

f. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318} Double click on it to expand the tree. The subkeys are 4-digit numbers, which represent particular network adapters. You should see it starts with 0000, then 0001, 0002, 0003 and so on...

g. Go through each subkey that starts with 0000. Click on 0000, check DriverDesc keyword on the right to see if that's the NIC you want to change the MAC address.

The DriveDesc should match the Description you recorded from step (a.-I.) above. If you are not 100% sure about the DriverDesc, then you can verify by checking if the NetCfgInstanceID keyword value matches the GUID from step (c).

If there is no match, then move on to 0001, 0002, 0003, and so on, until you find the one you want. Usually 0000 or 0001 contains the first NIC you installed on the computer.

h. Once you selected the subkey , check if there is a keyword NetworkAddress exist in the right side of the window.

I. If "NetworkAddress" keyword does not exist, then create this new keyword by following the below steps :

i. Click on the drop down menu Edit -> Add Value.

ii. In the Add Value window, enter the following value then click OK.

Value Name: = NetworkAddress

Data Type: = REG_SZ

iii. String Editor window will pop up at this time.

iv. Enter the new MAC address you want to modify. Then click OK.

(There should not be any - sign in this address. Your entry should only consist of 12 digits

II. If NetworkAddress keyword exists, make sure it shows the keyword type is REG_SZ, and it should show as NetworkAddress:REG_SZ: This keyword might not have a value at this time.

i. Double click on the keyword NetworkAddress and the String Editor window will pop up.

ii. Enter the new MAC address you want to modify. Then click OK.

(There should not be any - sign in this address. Your entry should only consist of 12 digits.)

j. There are 2 ways to make the new MAC address active. Method I does not require a system reboot:

Method I. Goto Start->Setting->Control Panel, and double click on Network Neighborhood.

WARNING: Make sure you understand that you will lose the network connection after completing step "ii." below, and if you have a DHCP client, you will get a new IP address after completing step "iii."

i. Select the Network Adaptor who's you just changed the MAC address.

ii. Right click on the selected Network Adaptor and click Disable. Verify the status column for this adaptor changes to Disable"

iii. Right click on the selected Network Adaptor and click Enable. Verify the status column for this adaptor changes to Enabled.

iv. If for any reason it cannot be disabled or re-enabled, you have to reboot your system to make the changes effective.

II. Reboot your Windows system.

k. After your machine is rebooted, go to command prompt, type ipconfig /all to confirm the new MAC address.

If MAC Address changes does not work :

If for some reason the MAC address cannot be changed using method 2, make sure you restore the registry setting by following :

Restore the registry you just backed-up to get your system back to the original state.

Restoring the true MAC Address :

A) Remove the entry you added:

1. If you followed Method 1, then go back to the advanced properties window and remove the entry you add.

2. If you followed Method 2, then remove the NetworkAddress keyword you added in the registry.

B) Use step (j) above to activate the change you make.

C) Once rebooted, go to command prompt, type ipconfig /all to confirm the original MAC address.

If you want to change MAC in order to implement attacks like ARP spoofing, MAC duplicating etc. then I recommend you to use packet builder tools rather than this technique.

Packet builder tools help you to create fake packets with spoofed MAC that you can sent in the network. More about this tools can be read at bottom of my other post Sniffers and Sniffing

Hacking E-mails

For educational purpose only. Crypto will never be responsible for any damage caused by this information.

E-mail hacking means to get the login credentials of the e-mail account of the victim.

The email hacking can be done by using following techniques :

1. Phishing/Using fake login pages

2. Social Engineering

3. Using Keylogger

Now I explain you all these techniques briefly :

1. Phishing/Using Fake login pages :

In this technique the attacker usually creates a Fake login page of a website and send this page to victim. When victim uses this page to login, then all login details that are Username and password are sent to Attacker. The Attacker usually uploads that fake page and sends the link to that page to Victim. The link is mainly sent via e-mail, it can be sent in other means too like during chatting. Usually Attacker fools the victim by creating some story so that Victim clicks on that link. Usually the linked sent to victim is scrambled to hide the detail and to fool the victim. Scrambling is done by using hexadecimal characters in URL link. Basically scrambled URL is used along with some javascript code snippet. The attacker send the javascript code which contains scrambled URL , and attacker asks victim to put that javascript code in address bar of his/her browser. Now when victim enters that javascript code in his/her browser and hit enter then, the victim maybe redirected to that scrambled URL address or it may also steal cookie from victim's machine and sent to attacker, it basically depends what function is defined by attacker that his/her javascript code would perform.

Here is an example of scrambling:

Consider a sample url like: http://www.fakewebsite.com

now this simple URL can be scrambled as following representation :

ht%20%2B%20tp%3A%2F%2Fwww.fakewebsite.com

Now lets us break this scrambled URL.

First let us consider first part ht%20%2B%20tp ---------------> (eq. 1)

in this %20 is basically a hexadecimal character that is for Space. %2B is for + sign. And + sign is the addition operator it will combine two strings or letters. Now if u replace %20 with space & %2B with + in above equation(eq 1.) we get :

ht + tp

and then after '+' operator will combine it to http hence it is the protocol used to access webpages.

http ------------------------------>(eq 2.)

Now let us inspect the second part of scrambled URL.

%3A%2F%2Fwww.fakewebsite.com ------------------------>(eq 3.)

Here %3A is hexadecimal character that represents a semicolon (:) , and %2F is hexadecimal character that represents a slash (/). Now if u replace %3A with : (semicolon) and replace %2F with / (slash) we get following result :

://www.fakewebsite.com --------------------------->(eq 4.)

Now by combining eq. (2) and eq.(4) we get following result:

http://www.fakewebsite.com

Thus we learn that how ht%20+%20tp%3A%2F%2Fwww.fakewebsite.com converts to http://www.fakewebsite.com . So now you can understand how an Attacker can scramble the URL to fool the victim and hide original URL.

Below is a chart where u can see all hexadecimal values of characters. :

How Attacker attacks ?

Attacker may send victim a mail that you have won a lottery please click on this link to claim the prize. As soon as victim clicks the link the, victim is directed to fake page created by attacker. This page requires victim to login in order to complete further procedure. So victim enters his/her username and password and gets hacked. Attacker may also try to ask victim to

enter Bank account details. So, this is the main way how Fake pages work.

Sometimes Attacker may ask victim to download the fake page from the attachment from email and ask to login through it.

Creating Fake pages ?

I am not going in detail ok.

Fake pages can be created easily. You need to know HTML. The attacker edits the source code of legal/genuine webpage and then creates fake page. Source code can be easily seen by using view sourcecode option of browser. You can save any webpage and then use tool like Macromedia Dreamweaver to edit webpages easily. Basically the login pages contains GET or POST method to retrieve data entered by the user during login process. This data is then sent over the network to the server. So, now what Attacker does is he/she edit the GET/POST filed and redirect the data to go to his/her fake page rather than let it going to genuine/legal server.

You don't need server for this , there are many web hosting sites that can provide you this service for free, google them. Search for Free web hosting sites.

If you feel that creating fake webpage is quite complex then you can get ready made fake pages from internet. Search for free fake page download in google.

Don't forget to use scrambling of URL to foll the victim.

2. Social Engineering :

In order to know Social Engineering you have to read the post that I have already posted about the detail technique here: Click Here

3. Using keylogger :

In order to know about keyloggers you need to read this post : Click Here

Hacking passwords by cracking SAM file in window XP

For educational purpose only. Crypto will never be held responsible for any damage that is caused by this information.

Window OS stores the passwords in Security Account Manager(SAM) file. In order to crack SAM file, first you need the SAM file of the machine who's password you wan to crack.

SAM file is located at following location if C:\ is your installation directory:

C:\WINDOWS\System32\Config

Now you maybe thinking that will be very easy to copy the SAM file by just right clicking on it and then copy it, but when you do so you will get an error "Cannot copy file is in use" etc.

SAM file is actually locked by OS to prevent from being copied. You can't even copy it from Admin account. So the only way to copy SAM file is by starting the machine/computer in such a away so that SAM file is not in use. Now this can be done in following two ways :

1. Booting the computer using Linux boot CD :

First you need a Linux boot CD. Search google about how to make Linux boot CD or click here. Now we need to change the settings in BIOS of the computer so that it boots from CD not hard drive. Now insert the CD in CD-Writer of computer and reboot the computer. Now if everything worked fine you will see that machine starts in Linux. Now you just need to insert a removable storage media like USB drive, pendrive or floppy disk and copy SAM file to it. SAM file will be easily copied because window is no more running on that machine. Be sure to get the SYSTEM file in the same directory as well, as some passwords are encrypted with keys from within that file.

2. Using MS-DOS startup/boot disk :

This method doesn’t require you to go looking for some software, or using special burning software. Just insert a floppy, right click on it in My Computer, and click on format floppy. When the menu appears, mark the box for “Create a MS-DOS startup boot disk”, and then click the start button. After you have made your disk, put this floppy drive in the machine from which u want to get SAM & restart the machine with the floppy disk still in it. Make sure you BIOS settings boot from the floppy drive before the hard-drive. When the computer boots, you should se a screen similar to that a command prompt. “A:>” is most likely the prompt you will see. First you need to change drives to the C drive(installation directory). This is done various ways on different computers using the following command. Type following command and hit enter.

cd C:

Next you will need to use the copy command to copy the SAM and SYSTEM files to other areas of the hard drive. The command is as follows:

Copy C:\WINDOWS\System32\Config\SAM C:

This will copy the SAM file to the C drive. You can save it to any drive.

Now in order to copy SYSTEM file use following command :

Copy C:\WINDOWS\System32\Config\SYSTEM C:

Next you need to rename these files. Type following command :

ren SAM CryptoSAM

The command, which will rename your SAM file to CryptoSAM. Now restart your computer without the boot disk in and start up windows. Boot the machine from Hard drive. Copy the these files from C: drive onto a floppy or in any other removable media like CD, pendrive, USB stick etc.

Note : You may have to zip the SYSTEM file because is pretty big if you want to copy it to a floppy.

The reason why we renamed the files is because when u copied and renamed the file, it did not get used by windows when you logged on.

So now we got the SAM file. Now lets start to crack it. The process of cracking is as following :

First we need to find the hashes in SAM file. We use a tool called SAMInside for it.

Install SAMInside. Run SAMInside and goto File menu and select first option or press CTRL+O ie. choose the "Import SAM" option. A dialog box will ask you to point it to the SAM file you wish to crack. If Syskey is enabled (most likely it will be) it will then ask you for the SYSTEM file too. Browse both files to SAMInside.

Once you have cracked Syskey and have the hashes export them to a PWDump file using the file menu in SAMInside and then use L0phtcrack or Cain and Able tool to crack the passwords.

For Cain the procedure is as following :

Run Cain and go to the "Cracker" tab. From here choose "LM & NTLM Hashes" in the left pane and then right click on the grid in the right pane and choose "Add to list." Now choose "Import Hashes from text file or SAM" and click next. Don't try to import the SAM you copied because if the target system was using Syskey Cain will not be able to crack it. Find the PWdump file you created with SAMInside and open it. From here it's as easy as holding down control, left clicking on the accounts you want to crack and then right clicking and choosing either "Start Dictionary Attack" or "Start Brute-Force Attack." A Dictionary attack uses the text file in "c:\Program Files\Cain\Wordlists\Wordlist.txt" to tell it what passwords to try, open that file in notepad and edit it if you want to add more words. The Brute-force method runs through all possible combinations of characters that you configure under the "Brute-Force Options" tab of the "Configure" menu. The Brute-force method can take days depending on the options you choose. Now all the attacker has to do is wait.

For l0phtcrack the procedure is:

Click Here

Hop this helps you.

How to make Window XP professional machine to work as Router .

Before you read this topic, you should better know about IP forwarding.

IP forwarding is a technique that can be used to allow a workstation/machine to forward packets from one network to another network. The machine sits netween two or more LANs and work as default gateway. This IP forwarding technique is also used by attackers to perform Man In Middle Attacks.

Now how to use Window XP professional as Router.. ?

The Router is needed to transfer traffic or packets from one network to another network or access Internet. Now by using Win XP as router the benefit is you don’t have to buy additional router and so can save some money. This approach is not so common practiced in Windows XP, but it works.

Note: This window XP pro machine can never replace router completely. The XP machine that will work as router will only provide communication between different networks, how ever it will not provide other features like VLAN routing, Packet filtering, ACL, etc. If you want to use these functionalities then you have to use Router only.

As an example, consider you have 7 computers and 2 network switches, and need to create 2 networks that can access Internet, so how to do it??

For this, one of the computers must be equipped with 3 network cards(NIC) and one of the network cards is connected to cable/DSL modem to access Internet, and other 2 network cards will connect to switches. So this computer will act as a router..!!

The computer marked as R in diagram will be our router, and computers marked as C are the clients.

Configure the network cards on the router with following information.

Router (Windows XP Professional machine)

Network Card A (connect to network A):
IP: 10.10.10.1
Netmask: 255.255.255.0
Gateway (GW): [leave it blank]

Network Card B (connect to network B):

IP: 192.168.20.1

Netmask: 255.255.255.0

Gateway (GW): [leave it blank]

Network Card C (connect to Internet via cable/dsl connection)

This information will be based on the Internet connection service which you have subscribed.

IP: 192.168.1.1

Netmask: 255.255.255.0

Gateway (GW): 192.168.1.1

Configure all the client computers in network A with following information.

Network A

IP: 10.10.10.2-254

Netmask: 255.255.255.0

Gateway (GW): 10.10.10.1

Configure all the client computers in network B with following information.

Network B

IP: 192.168.20.2-254

Netmask: 255.255.255.0

Gateway: 192.168.20.1

Now it is the time to configure IP forwarding on that router (Win XP Pro machine marked as R) You must login as an Administrator to do the following:

1. Go to Start and click Run…, then type in regedit & hit enter to run registry editor.

2. Registry editor window will appear. Browse for the following registry key at the left hand side window:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Right click IPEnableRouter registry object, and click Modify.

3. The IPEnableRouter window will appear. Type 1 as Value data and click OK.

4. Close the regisrty editor and reboot the computer. After rebooting, all the computers should be able to access Internet and also share the file/printer between network A and B.

Caution : IP forwarding will only work after rebooting the computer. So don’t forget to reboot...!!

Honeypots

Honeypots are the systems that have only partial security & pose as a lure to attackers.

This is required because, so that attackers will attack the honeypots and the actual system will remain safe. You can say that these system(honeypots) are basically used to fool the attacker.

Honeypots not only protect the actual system from hacker, but also keep track of details about what an attacker is trying to accomplish, by storing the information in a record that can be used to track the activities of attacker. This is useful for gathering the information about attacker activities, by which the network admin can know what the attacker was trying to do in their network.

Honeypots are mainly used to defend against the DOS & DDOS attacks.

Usually honeypots are designed to lure the attacker, now attacker gets fooled that this honeypot is actual system, and attacker will perform hacking activities on it. Honeypot will allow the attacker to install handler or agent code on the system that will perform DOS attacks. (Handler or agent code are basically a programm that is written to implement DOS attacks on network.)

Now when attackers has finished he/she leaves thinking that he/she has compromised the actual system. Later the network admin will check the honeypot and then admin can inspect the handle or agent code to know what was the purpose of attacker or what attacker wanted to do..? Admin can even get IP of attacker.

By getting this information th admin can take steps to prevent any further attacks from attacker. Admin can block that IP. etc.

Honeypots are of 2 types:

1. Low interaction honeypot

2. High interaction honeypot

High interaction honeypots are also called honeynet. They are basically a simulation of complete network containing real computers, running real applications. They are used to catch the Network attacks. Honeynets behave like complete network like a corporate network.

Low interaction work as I explained above. They are basically single system or machine.

Social Engineering

For educational purpose only. Crypto shall not be held resposible for any damage that caused by using this information.

Let us discuss Social Engineering today.

This topic is rarely discussed because,it is a non-technical type of hacking. But believe me it has great importance.

What is Social Engineering ?

Social engineering refers to the method of influencing and persuading people to reveal sensitive

information in order to perform some malicious action. It is used to gather confidential

information, authorization details, and access details by deceiving people and manipulating them.

Thus in this we intentionally ask the victim , such type of questions so that we can guess his/her

confidential information by the answers of those questions. The social engineering can be seen in movies like oo7, Italian Job, Catch Me if you can, Bourne Identity & other series, Eagle Eye, Hackers, Hackers 3 Antitrust etc.

One of the greatest advantage of Social Engineering as compared to other attacks is that there is no software or hardware to halt it. It can only be halted by the understanding power & IQ

of victim.

Types of Social Engineering :

Social Engineering can be broadly divided into two types:

1. Human-based

2. Computer-based.

Human Based Social Engineering :

Human-based social engineering involves human interaction in one manner or another. It means that it will involve the attacker to perform some activities manually or physically.

The Human based social engineering is performed by following ways:

1. In Person :

Attackers might try to visit a target site and physically survey the organization for

information. A great deal of information can be gleaned from the tops of desks, the trash, or even phone directories and nameplates. Attackers may disguise themselves as a courier or delivery person, a janitor, or they may hang out as a visitor in the lobby. They can pose as a businessperson, client, or technician. Once inside, they can look for passwords on terminals, important papers lying on desks, or they may even try to overhear confidential conversations. Thus attacker is like a rouge in this attack.

For eg: Attacker can enter an organization by pretending to be an Air Conditioner mechanic. As A/C are mostly implemented in organizations. Now he can freely survey the organization's structure and even if he gets a chance he install keylogger or trojan in of the machine. Other example is the attacker may possess himself as a company employee and make call to company's technical support to eilcit information.

2. Third-party Authorization :

Another popular technique for attackers is to represent themselves as agents authorized by some authority figures to obtain information on their behalf. For instance, knowing who is responsible to grant access to desired information, an attacker might keep tabs on him/her and use the individual’s absence to leverage access to the needed data. For eg:

let Mr. pr3dat0r be the Networking and Security Admin of Zenia Company. Now he will only

have permission to gain access to information related to company's network. Let miss. Xena

be pr3dat0r's junior network admin and all information about network is given by her to pr3dat0r.

Now consider an attacker Crypto wants to gain access to network information of zenia company. So what he will do this ; Crypto will keep recording the daily routine of Mr. pr3dator, and try to

know how he works & how he gets information about Network of company. Now when Crypto knows all the working schedule of pr3dat0r, so now whenever mr. pr3dat0r will be not present in office, Crypto will goto Xena and say politely "Hi, I am MR. Crypto from your ISP, I have an appointment with MR. pr3dat0r and he asked me to collect the Network Log from you." Now when xena learns that Crypto is reffered by pr3dat0r , she will soon hand the n/w Log to him. Usually it has been seen that junior employees don't ask much questions to the persons who are reffered by their seniors employee.

Then what, after Crypto gets Log & he flee away.

3. Tailgating :

Usually this attack works in big organization, having enormous emplyees.An attacker, wearing a fake ID badge, enters a secured company's area by closely following an authorized person through a door requiring key access. An authorized person may not be aware of having provided an attacker access to a secured area. The attacker usually says following words to an authorized person who is having ID:

“I forgot my ID badge at home. Please help me...”

An authorized person provides access to an attacker by keeping the secured door open.

Thus by following the authorized person closely the attacker will enter the secured areas of company, as attacker follows the authorized person closely so it is called Tailgating.

4. Shoulder Surfing :

This attack is very common among the students in school & colleges. It is also very common in cyber cafes.

In this attack the attacker silently stands stealth behind the victim at some distance and carefully watches the keystrokes that are hit by victim when, victim is entering password or any other such sensitive information during surfing. for eg: Here is how I one day used this attack to get password of Admin account of a machine in my internet lab at college, usually students are provided limited account at Labs. So, I went to the Lab assistance and said him that "Sir, I want to install Turbo C++ in a machine in this lab so I could practice here, because I don't have laptop or PC." So, he came along with me and now he was going to login to Admin account of that

machine. I stood little away and watched the keystrokes. How ever I was not able to see all keystrokes. But soon after he went I easily guessed the password by knowing the keystrokes that I had seen. Then I owned that machine. However shoulder surfing is a risky attack, because you can be caught red hand. But I feel fun in risks. ;-)

The other great example is that some boys keep standing near the STD or Phone Recharge shops, & when some sexy girl comes there to get her cell recharged those guys overhear her contact number when she is telling to shop keeper. ;-)

Other place where this attck take place in large amount is ATM, when someone is withdrawing cash from ATM the attacker usually sees the code entered by the person, and if that person throws the slip that ATM machine prints out after any transaction then attacker picks up & read that slip to know how much money that person got. After that it is up to attacker how to obtain that ATM card. You should better know how to get ATM card from owner because I can't teach you martial arts in this topic. ;-)

5. Dumpster diving :

In this the attacker basically searches the garbage of company to gain information. The attacker will search the printer thrash bins, dust bins, filled with papers that contain information about the company. Usually this type of attack provides following information:

Employee name, employee ID, Phone numbers, email ID, FAX, Financial information.

So this is the reason why many banks usually burn the dumps before they throw them.

Now for eg: If u get some employee's contact number by dumpster diving, now you can call him/her in middle of night and ask him/her to work for you by giving greed of money. Usually

disgruntled employee will agree soon.

Computer Based Social Engineering

Computer based social engineering is implemented by using software or programing applications like e-mails, Virus, trojan, Chatting, etc. Following are the ways to perform Computer based social engineering:

1. Pop-up Windows :

In this type of social engineering, a window appears on the screen informing the user that he/she

has lost his/her network connection and needs to reenter his/her username and password. A

program that the intruder had previously installed will then email the information to a remote

site. This type of attack is mainly done by using virus and trojans. The spyware can aslo perform this type of attack. The spyware will pretend to be a antivirus and will pop up a message to user that his/her machine contains virus & in order to remove them , it needs username & password etc. When user enters those information it will then give a fake reply like virus removed and in backend it will send information to attacker.

2. Spam & e-Mail Attachments :

In this attack the user sends a email to victim in order to get information.for eg: The mail will declare that you have won a lottery of 20,000$ and then it will ask you to goto some link, where then it will ask you about your confidential information like bank account details so that delevery can be made. Attacker can aslo send an attachment along with email & that attachment can be virus or trojan.for eg:“Anna Kournikova” worm. Social engineers try to hide the file extension by giving the attachment a long file name. In this case, the attachment is named AnnaKournikova.jpg.vbs. If the name is truncated, it will look like a jpeg file and the user may not notice the .vbs extension.

3. Chatting/Instant Messaging :

Now a days it is quite popular medium of communication. People of almost all ages chat online.

Usually it is very popular among the teenagers. Performing social engineering via chatting is quite easy.

Attacker just need to chat with someone and then try to elicit the information. As chatting is informal way of communication which means attacker is not directly communicating with the person. Now due to this attacker can even tell lie to other person about his/her identity etc. Because victim can't see attacker.(without webcam)

for instance:

Usually what attacker do is , he/she chats with boys by behaving as a girl & vice-versa. By using fascinating picture during chatting attacker can lure any one. Display picture usually works like bait. Then slowly attacker will ask certain questions by which he/she can elicit information about the victim. And believe me this method is very dangerous because you would not even know when you got victim to social engineer.

Me and my friends tried this social engineering many times.

I tried this technique many times, & you may not believe me that I easily go the password of e-mail id, by simply asking the victim "What is ur password ?"

But for this you first need to create deep trust with victim then make ur final attack on victim.

Mainly it depend upon you how clever & smart you are and how good in communication & in manipulating the answers.

4. Malicious Websites :

This involves a trick to get an unwitting user to disclose potentially sensitive data, such as the

password used at work. Some methods include using advertisements that promote and display

messages offering free gifts and holiday trips, and then asking for a respondent’s contact email

address, as well as asking the person to create a password. This password may be one that is

similar, if not the same, as the one that the target user utilizes at work. Many employees enter the same password that they use at work, so the social engineer now has a valid username and

password to enter into an organization’s network. Now a days I have ssen many websites ask you to use your e-mail id as Username while registering a new account. Then it ask to create a new password.

Now some people get fooled they enter the same password that they are using with that email account..!!

Beware about this.

5. Insider Attack :

60% of attacks in organization are done by insiders. In this attack the attacker uses some other person to implement the attack. for eg:

A competitor can inflict damages to an organization by stealing sensitive data, and may eventually bring down an organization by gaining access to a company through a job opening by sending a malicious person as a candidate to be interviewed, and—with luck—hired.

Other attacks may come from unhappy employees or contract workers. It takes just one

disgruntled person to take revenge on a company by compromising its computer system.

How to defend against social engineering ?

As I told you before that there is no software or hardware to halt social engineering.

The only one way to avoid it is by using your own brain. Try to think twice before you give any answer or information to any person, because the word lie sits exactly between the word believe..!!

Many people ask How can I hack e-mail id ?

Every time my answer is same :

1. Using keylogger (I already discussed it in other topic)

2. Using fake pages/phishing

3. Social engineering

Once again remember Hacking is a crime...!!!