Thursday, May 27, 2010

SECURITY





In today's world, network security has become an important issue. To hack someones account and to use it is not much difficult today with the use of advanced softwares available in the market which can hack the passwords, can crack the hashes and use them to steal the valuable information.

Various tools can be used for cracking like:-

For windows password cracking, i.e. for logging into someone's account by cracking his password, one can use the free CD available for download called ophcrack. The download link is as given here :-
http://ophcrack.sourceforge.net/download.php?type=livecd
Download the live CD and boot from it. One can easily crack the password of other's computer. It uses the rainbow tables to crack the hashes.




The CD will not work in the same manner for win Vista and XP. For cracking XP passwords download the one for XP and for the vista or win7 download the Vista one.

One can also use cain&abel to crack one's password when he is on LAN. When a computer scans the compuetrs present on the lan, then it sends its NTLM hashes with security info to the other computers . One can trap those hashes and can crack them either using the brute-force mechanism or by using the Rainbow tables. I have cracked the passwords of several computers on the LAN without ever being sitting on those pc's or using them. You can download it from http://www.oxid.it/cain.html





This method of password cracking is highly dangerous for the computers as a hacker can easily log onto the machine if its remote login is enabled as he knows the password and without even letting the others to know about it can easily steal the information. I have not shared the advanced information of cracking using cain but if someone is interested, he can contact me and i can send him the data.

Now the steps how one can neglect all these attacks:-

1. The ophlive cd uses the prebuilt rainbow tables and sometimes uses the bruteforce attack, but one can avoid this attack by including special symbols in their passwords. This CD doesn't work when the password contains special symbols as it doesn't have th rainbow tables for the same.

2. Use of long passwords, greater than or equal to "eight" also helps in denying the attackers. The figure 8 is important because if the password is less than 8 characters , then the computer stores it in the form of LM hashes, which are easy to break, but if it uses 8 or more characters, then it uses the NTLM hashes to store them which are more secure than the LM hashes.

3. For email accounts, always use strong passwords, which include special symbols, alphabets,numbers. The reason for using all these is that when using all these, the number of password combinations become very large, and to develop a rainbow table for them takes a lot of time, in months and years. So its very difficult or impossible to crack password in this case.
Use passwords like the beginning letters of a phrase or statement which is easy to remember like
odiwgjidc (one day i will get job in dream company)
now this password is not even found in dictionary and is very difficult to break.

4. Try to avoid the dictionary alphabets. They can be easily broken by bruteforce attack....

5. Change your passwords frequently and don't use same passwords for different accounts...

For more details you can view the ppt which i have uploaded and the link is provided here...
http://www.slideshare.net/rahulsharmaait/password-cracking

do give your feedback and suggestions... Hope you have liked it.....

Thank you...

Tuesday, May 25, 2010

INSTALL SOFWARES IN NEW LOCATION


 


 1.  Start Registry Editor by entering “Regedit” in the run box.open run by pressing win + R. 
 2.  Nest locate the following in the registry by using the search method:  "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion"
 3.  Right click on the value named ProgramFilesDir & change the default value  C:\Program Files to  the   path you want to install your programs in.
 4. Click OK and Exit.
    Windows, by default, will now install your programs in the new drive or path.

    Friday, May 14, 2010

    3 interesting facts of MICROSOFT WINDOWS





    1.You cant create a folder named CON,go try it
    2.write the following into notepad :"bush hid the facts" save the file and see the magic.
    3.open ms word and type "=rand(200,99)" and press enter and see the magic.




    Do you know why this happens and any tips??


    Lets first solve the first query.......

    Special names such as (CON) can be used as folder names! Here is how:
    1- Goto DOS
    2- Type MD \\.\C:\CON. The folder will be created.
    You can check it in Windows Explorer also, but you can’t delete it directly, in order to delete it:
    1- Goto DOS
    2- Type RD \\.\C:\CON
    In short, use the network path syntax instead of absolute path syntax.
    If any one told you it is impossible to make folder named (CON) Now you can say with confidence that it is not true…
    So why this happens and what is the main reason is as follows:-

    1) "Con" is already a key word in MS DOS. It is not only con that you cant create, try creating folders with the strings PRN, LPT1, AUX, NUL, COM1, etc. All these strings have a critical usage hence they cant afford to be used as filenames/foldernames.

    And HOW you can create it is basically because of "The Universal Naming Convention, or UNC". This provides a common syntax describing the location of a resource on a particular network. But this is not compatible with DOS. So the UNC for windows would be something like

    \\RemoteHost\sharedfolder\resource

     But \\remotehost\drive:\con doesn’t mean anything, because without having a process(explorer.exe) on the remote host, there is no current ‘console’. The “.” in \\.\c:\con suggest the local server. Now, you are pointing to your own computer, and you have all the privileges on every folder of your computer, hence you can create it ONLY in Dos Mode (because of the backward compatibility)

    2) Actually it is a bug in XP, its not that "Bush hid the facts" works, try a string with the 4-3-3-5 format. eg. "abhi can say awesm". Why this happens is you save in 8bit ASCII and read in 16bit Unicode. Actually there is a long explanation to this bug, which relates to ASCII and unicode determination. What happens in the notepad is whenever a txt is saved, the notepad has a function called isUnicode or something, i cant remember that (It relates to hex codes and stuff, if anyone can explain that, cool!). That function uses some algorithm to determine what format it is. So thats where the bug lies. If you have eastern languages installed, you would get chinese instead of the boxes.

    3)rand(200,99) means, type the default statement "The quick brown fox jumps over the lazy dog" 200 paragraphs with 99 sentences in it. And for another info - ""The quick brown fox jumps over the lazy dog" has all the alphabets in the English language. Try =lorem(200,10). :)

    Enjoy......... ;)