Network Security
Discussions on network security, holes, exploits and other issues...
122 topics in this forum
-
Using Unique Website Passwords...
by Teddy Rogers- 5 replies
- 17.6k views
Due to recent hacks and stolen databases leaked from various websites I have been reading a bit about studies done on users' website passwords and seen various statistics on peoples poor choice of passwords; commonality, length and complexity. You would think it is quite easy to use unique passwords - and it is! Unfortunately many of us frequent numerous websites and as such human nature tends towards laziness because no one likes to remember 10 or 20+ unique passwords. People then use a password they can remember and use that password across multiple sites and don't think about lax password security exposing them to a security risk across other websites they frequent. It…
-
How to access any cisco course for free
by Derberux- 2 followers
- 7 replies
- 19.7k views
Well, I wanted to share this trick to access any cisco course for free. Video https://streamable.com/tyueck The value of the cookie must be set to the current day number, instead of 3 like the video, if today is 8 of june, set its value to 8 and it'll work Few list of courses NetAcad Curriculums CCNA Routing and Switching version 6 Semester 1: Introduction to Networks https://static-course-assets.s3.amazonaws.com/ITN6/en/index.html Semester 2: Routing and Switching Essentials https://static-course-assets.s3.amazonaws.com/RSE6/en/index.html Semester 3: Scaling Networks https://static-course-assets.s3.amazonaws.com/ScaN6/en…
-
Top Antivirus Software Review 1 2
by CodeExplorer- 29 replies
- 18.3k views
Top Antivirus Software Review />http://www.all-internet-security.com/top_10_antivirus_software.html Never heard of first two! #7 Avira Antivir Premium, #8 ESET NOD32 Antivirus, #9 Kaspersky Anti-Virus 2011 should get more points if you ask me #6 ZoneAlarm Anti-virus Is a good firewall but in rest not so good. #5 Panda Antivirus Pro 2011 and #3 Norton Antivirus 2011 and should always be on last place especially Panda god damn. These are just my comments
-
Bypassing website queues?
by hotpockets- 4 replies
- 17.8k views
I'm trying to access a site and I've been stuck on it's queue forever. Are there any tips to bypass the queue? I was told for Cloudflare I would just have to get the direct ip. I'm having a hell of a time finding the IP address though. An example site would be footpatrol.co.uk,
-
WEP password hacking (Wi-Fi)
by CodeExplorer- 4 replies
- 16.7k views
WEP password hacking (Wi-Fi) Tools used: TamoSoft CommView for WiFi 7.1.795 - collecting the packets Wireshark version 1.12.7 - joining multiple (captured) .cab files aircrack-ng 1.2 rc2 win - password crackingMy target wireless network has these information: Encryption: WEP SSID: bluew Vendor: Netgear Mac: Netgear 08:54:30 but sometimes also shows 20:4E:7F:08:54:301. Collecting the packets with TamoSoft CommView Start TamoSoft CommView for WiFi. Click Start Capture. (Click on File->Start Capture). Wireless networks should be showed in Nodes tab. For showing Detailed Information about a wireless network right click on target MAC Address (Netgear 08:54:30) to see optio…
-
SQL Server Logon trigger
by Slaifer- 0 replies
- 14.8k views
Hello everyone, Well, i block the sql connection with a logon trigger, filter by ip example: If ip != 127.0.0.1 then block the connection So, it's possible to change the ip connection for the local ip and then bypass the trigger? or exist any other form to bypass the trigger? sorry english and thanks PD:i use SQL Server 2014
-
HTTP MITM tool
by KDN- 8 replies
- 13.8k views
HI all, lets say I have a program that is activated online, you enter a serial number and the application makes an http post with the serial number to their server, and the server responds back (lets keep it stupidly simple) with either 'accepted' or 'rejected' What I want to do is make a small exe that listens to all http requests, can match against the url and maybe some post values then spoofs the response back to always be accepted. I know this might seem really stupid, and why I wouldn't just patch the original program, but this is something I have been looking at for a while with no success I think it will be fun to try. I can do exactly this with pr…
-
Game bot, client reaction when sending a packet?
by Netskyes- 1 reply
- 13.3k views
Hey all, I've created a packet sniffer and lets say I've hooked up a game and can intercept all traffic, modify packets, replay etc. Now the question is, when I replay a packet, lets say Moving packet, how does the game client know it should move when I only send it to server and receive a response? Does the client upon receiving that info from server move or? If anyone has any idea on how exactly this part works I'd appreciate the input. Thanks!
-
- 11 replies
- 13.3k views
Hello Every One Any other way to bypass icloud id permanently in apple i phone 6. Please answer me if any one have idea about it. Thank you
-
How to Investigate Like a Rockstar
by sparcflow- 1 reply
- 12.7k views
Hi, I would like to share with you a book that might help you on forensic and incident response engagements. It describes in detail a security incident inspired by real life events, from the first doubtful call made by a bank to the height of tension caused by preliminary forensic analysis. Together, we explore : Memory analysis Perfect disk copy Threat hunting on a Mainframe Data carving We also share the insights of real crisis management: how to steer people in the right direction, what are the crucial reflexes of a first responder, what to say and do in the first minutes of a security incident, and how to address the inevitabl…
-
Infected by just HOVERING over a hyperlink !
by Techlord- 8 replies
- 12.6k views
Zusy: New PowerPoint Mouseover Based Malware Relevant and Interesting Extracts from the Article : Technical Analysis Details of this malware can be found here in this article .
-
Getting passed cloudflare?
by hotpockets- 6 replies
- 11.2k views
Hey, I was wondering if anyone here knew how to get passed cloudflare? I'm aware you can just get the original main IP, but that thing is hidden away. Even when trying to bypass it using subdomains.
-
- 1 follower
- 14 replies
- 11.1k views
Vote To what you think it is the best Security Suite ? And then comment on your votes? Whey it is the best ?
-
- 1 reply
- 10.9k views
The problem: I have a certain program which runs through a launcher. Basically there is none other official way to download the program itself apart from downloading it through the launcher. The problem is 1. the program is quite large 2. after complete downloading the launcher afterwards acts as an uploader for peer to peer seeding. I want to know how to check from which website/address it is downloading the data (the original program). Also I am not interested in disassembling the launcher as it itself is quite large and I believe there are easier ways to do things I am looking for.
-
SSL Labs's results on Chinese websites
by SkyProud- 5 replies
- 10.9k views
Disclaimer: It is the evaluation of the website itself, not the content on it. Be careful when assessing the content of these websites! Summary: HTTPS web mail: QQ mail: A 163 mail(netease): A(This server's certificate will be distrusted by Google and Mozilla from September 2018. ) Sohu mail: C(This server's certificate will be distrusted by Google and Mozilla from September 2018. ) Sina mail: F Website: Taobao: B Baidu: C 360: C(Router Test gets F) Kingsoft(Jinshan): F Huawei: T(hostname mismatch, browser gives bad message) Online banking: ICBC: B BOC: C CCB: C ABchina: C CMBchina: C My comment: I began my HTTP…
-
Why ping doesn't work???
by CodeExplorer- 7 replies
- 10.6k views
Why ping doesn't work??? I have two computers: one laptop with Windows 7 SP1 and one PC with Windows XP SP2. I have internet access on all computers. If I connect computers trough routers -> ping (command prompt) doesn't work (time out) while the ping from the router page works ok. If I reinstall on PC with Windows XP SP2 the OS Windows 7 SP1 ping doesn't work neither - so that won't solve my problem! If I connect the two computers with an UTP cable, I make a peer-to-peer network, I set proper IPs: result: the ping works ok. The IP addresses from router page seems to be of all devices with was once connected, and not devices which are currently connected!…
-
Traffic Sniffing
by li0nsar3c00l- 12 replies
- 10.6k views
I'm trying to sniff all traffic coming from my android phone (rooted), especially https, but I haven't found a way yet. I assume the apk I'm primarily interested in, uses certificate pinning. Can anyone recommend me a solution or provide some tipps? thanks in advanced
-
KRACK - Breaking WPA2 by forcing nonce reuse
by Extreme Coders- 9 replies
- 10.6k views
INTRODUCTION We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be ab…
-
- 0 replies
- 10.5k views
https://www.google.com/search?q=WindTalker+&ie=utf-8&oe=utf-8&client=firefox-b#q=wifi+WindTalker+ What is WindTalker & how does it work WindTalker is the name given to the method that allows parallel scanning of WiFi signals arising out of the victim’s device to retrieve the data being typed on the device. The first part of the method is to identify the signals coming from the victim’s device. Note that the hackers do not need any software to be installed on the victims’ phones or other devices that they intend to hack. The second requirement is to be able to use the WiFi network. This could be easy at public places where they have free Wi…
-
- 1 reply
- 10.1k views
A full account of the Vulnerabilities as well as detailed technical explanations were posted on 15 March 2017 on the site linked below : http://blog.checkpoint.com/2017/03/15/check-point-discloses-vulnerability-whatsapp-telegram/ Pasted some of the material from the site, in case the content goes offline in the future, as a lot of technical details were discussed and would be useful to others for future reference. Anyway I have linked to the originalsite above
-
RunPE Detector
by Amer- 6 replies
- 10k views
Phrozen RunPE Detector is a security program, especially designed to detect and defeat some suspicious processes using a generic method. https://www.phrozensoft.com/2015/06/runpe-detector-1
-
Android FakeAP
by JMC31337- 2 replies
- 9.9k views
Here is how to setup a Fake Access Point with Android Broadcom chip 4329: you must be root ultra_bcm_config executable should be in the droid's /data directory with rwx rights If yu don't know linux I suggest yu not do this 1) insmod /system/lib/modules/dhd.ko firmware_path=/system/vendor/firmware/fw_bcm4329_apsta.bin nvram_path=/system/etc/wl/nvram.txt That loads the wifi module with all the correct chipset setups as needed into android kernel 2) /data/ultra_bcm_config eth0 softap_gog APFAKER none "" 11 That uses the ultra config to setup the droids wifi as a fake ap with name APFAKER using eth0 device (yours may be different) on channel 11 with no wifi crypto set Once …
-
Tempering TCP Request/Response on Fly
by BeeS7Er- 1 follower
- 6 replies
- 9.8k views
Dear Geeks., I used Fiddle4 to breakpoint and manipulated each http/https request and response traffic . How we can achieve the same in TCP - 3306 port Mysql Protocol Packets. Through Wireshark, I can able to sniff but i cant able to edit the packet .,? Any best tool and solution for available? suggestion/recommendation? Thanks In Advance.
-
[book] How to Hack Like a GOD
by sparcflow- 0 replies
- 9.8k views
Hi, I would like to share a book that might help you on a hacking/pentesting engagement. It simulates a real hacking scenario from start to finish. From planting a small hardware in a store to spying on board meetings using custom scripts. No metasploit, or pesky executables that trigger antivirus alerts or startup registry keys that any newbie admin can find... Only neat opsec & up to date tricks (wmi, golden ticket, reflective dll injection, domain bouncing etc. ) You can get a copy here : http://amzn.to/2oSPvQT You will mostly find Windows stuff but there is a dedicated section about Mainframe hacking (I find it fascinating that every…
-
Destroy Windows 10 Spying
by Dreamer- 9 replies
- 9.7k views
Destroy Windows 10 Spying is a portable app that can block anonymous data being sent, remove apps that can��t be removed the standard way and more. I liked that it can remove some of the Windows default programs that can be removed under Apps & Features, an annoyance I immediately discovered since I prefer to ��slim�� down windows. Some of the domains we know send anonymous information back to Microsoft include: vortex.data.microsoft.com vortex-win.data.microsoft.com telecommand.telemetry.microsoft.com telecommand.telemetry.microsoft.com.nsatc.net oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net sqm.telemetry.microsoft.com sqm.telemetry.mic…