How does SSL Work?

                   How does SSL Work ?

========================================================================

What is SSL Certificate?

The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This SSL certificate will have lot of information like owner details, location, email id, Encryption method, thumb print, expiration details, who digitally signed this certificate and etc...

                         

Find Us On FACEBOOK: ANON HACKSOCIETY

HTTP TUNNELING

                           HTTP TUNNELING

Most of the companies and enterprises use proxies and firewalls for their company’s network security. But majority firewalls and proxies block most or all other services but one – http/https. They allow traffic to destination port 80 or 443 to pass in order for their employees to surf the web. So this particular behavior of the firewall can be exploited in order to connect to remote servers with services running on different ports other than 80 or 443. Let us see how.

SCENARIO 

Consider you are an employee working in such a company and you want to use protocols like bit torrent, ftp, telnet or even access websites that are blocked by your firewall. You have a computer at your home which is connected to the internet and has no such restrictions. The firewall of your company does not block http/https traffic at your home address.

SETUP

All you need to do is setup an http tunnel client at your office workstation and an http tunnel server at your home computer and keep it up and running. If your computer is behind a NAT at your home then you must forward ports 80 and 443 to your computer’s internal ip address.

JOB OF THE HTTP TUNNEL CLIENT

The HTTP tunnel client will encrypt all packets originating from your workstation and encapsulate it with ip headers that are destined to your http tunnel server at port 80 or 443. For all the incoming packets it will strip of the ip headers, decrypt the remaining packet and send that to the kernel.

JOB OF THE HTTP TUNNEL SERVER

The http tunnel server running at your home needs to, for all incoming packets from the client, strip of the first ip headers, decrypt the inside packet, check for the actual destination ip/port and send the packet there. It then has to get the reply from the actual server, encrypt it and send it to the client’s ip address by encapsulating it with ip headers destined at port 80/443.

WORKING

Now how this works is pretty simple. All the traffic from the client’s workstation will be tunneled so that the firewall will allow it to pass. Once the packet reaches the http tunnel server, the server then extracts the original packet and acts as a proxy server. It sends the packet to the actual server and gets its reply. It then tunnels the reply in the same way and sends back to the client’s workstation where it is ready to extract its actual reply and send it to the Operating System. All real data passing from the firewall is encrypted so as to prevent the firewall from detecting the actual traffic even if It tries to monitor.

CONCLUSION

So here we saw an example of how we can take advantage of one open port of the firewall and use it to access any server/service at any port anywhere in the internet with the help of encryption and tunneling protocols.

Find Us On FACEBOOK: ANON HACKSOCIETY

Basic Main Steps Of Hacking

Basic Main Steps Of Hacking :-

Hacker performs his Task in 5 Phases.

1 Reconnaissance
2 Scanning
3 Gaining Scanning
4 Maintaining access
5 Clearing Tracks

                                  

Find Us On FACEBOOK: ANON HACKSOCIETY

Phlashing-PDOS

                         Phlashing-PDOS

A permanent Denial Of Service (PDOS), also known as "Phlashing". It's an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Phlashing used for hardware attack. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image a process which when done legitimately is known as flashing. This therefore "bricks" the device, rendering it unusable for its original purpose until it can be repaired or replaced.

The PDOS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard's Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London. Smith said remotely abusing firmware update mechanisms with a Phlashing attack, for instance, is basically a one-shot attack. “Phlashing attacks can achieve the goal of disrupting service without ongoing expense to the attacker; once the firmware has been corrupted, no further action is required for the DOS condition to continue,”

An attacker could use remote firmware update paths in network hardware, which are often left unprotected, to deliver corrupted firmware and flash this to the device. As a result, the device would become unusable.

Find Us On FACEBOOK: ANON HACKSOCIETY

How do I hide my IP address?

                      How do I hide my IP address ?

The most common method to hide your IP address is to use a proxy server in one form or another. A proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. A client connects to the proxy server and then requests a connection, file, or other resource available on a different server. The proxy provides the resource either by connecting to the specified server or by serving it from a cache. In some cases, the proxy may alter the client's request or the server's response for various purposes.
There are several implementations of proxy servers that you can use to hide your IP address (in an attempt to remain anonymous on the internet):
Website Based Proxy Servers

A Website based proxy server is a website that provides a form for you to enter the URL of a website that you wish to anonymously visit. When you submit the form the website proxy server makes a request for the page that you want to visit. The machine usually does not identify itself as a proxy server and does not pass along your IP address in the request for the page. The features of these sites vary (ad blocking, javascript blocking, etc) as does their price. Some are free and some charge. Examples of website proxy services are:

Browser Configured Proxy Servers

There are also stand alone proxy servers that allow for you to configure your browser to route your browser traffic through that machine, which then makes a request for a page on your behalf, and then sends you the results. These are usually used at no cost to the user. Since they are accessible to the public these are often quite slow.

There are a variety of types of these proxy servers:

Transparent Proxy
This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them. However, the use of a transparent proxy will get you around simple IP bans. They are transparent in the terms that your IP address is exposed, not transparent in the terms that you do not know that you are using it (your system is not specifically configured to use it.) This type of proxy server does not hide your IP address.

Anonymous Proxy
This type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users. This type of proxy server will hide your IP address.

Distorting Proxy
This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers. This type of proxy server will hide your IP address.

High Anonymity Proxy
This type of proxy server does not identify itself as a proxy server and does not make available the original IP address. This type of proxy server will hide your IP address.

Installed Software Proxy Servers
There are a variety of companies and software packages available at either a onetime cost or at an annual subscription. These are usually faster and more reliable than the above proxy servers. Some of these services would include:
Hide My IP

Anonymizer.com
GhostSurf 2007 Platinum
TOR

VPN Services
A virtual private network (VPN) protects your data and identity over public networks, like the Internet and wireless hotspots. Various protocols are used to create an encrypted tunnel that transports data securely. While a firewall may protect the data on your computer, a VPN will protect your data on the Internet. The goal of a VPN is to implement the same level of security provided by private networks at substantially lower costs. VPN services provide different gateway cities where the IP address assigned to your computer is located. This allows users to access websites only available to users from a certain country. This application is particularly important for travelers who need to access websites from their home country and for people living in regions rife with censorship, like China and Iran.

StrongVPN
Hotspot Shield

Find Us In FACEBOOK: ANON HACKSOCIETY

Ethical Hacking Terminology

             Ethical Hacking Terminology

Being able to understand and define terminology is an important part of an ethical hacker

This terminology is how security professionals acting as ethical hackers communicate.

Threat :An environment or situation that could lead to a potential breach of security.

Ethical hackers look for and prioritize threats when performing a security analysis.

Malicious hackers and their use of software and hacking techniques are themselves threats

to an organization’s information security.

Exploit : A piece of software or technology that takes advantage of a bug, glitch, or vulnerability,

leading to unauthorized access, privilege escalation, or denial of service on a

computer system. Malicious hackers are looking for exploits in computer systems to open

the door to an initial attack. Most exploits are small strings of computer code that, when

executed on a system, expose vulnerability. Experienced hackers create their own exploits,

but it is not necessary to have any programming skills to be an ethical hacker as many

hacking software programs have ready-made exploits that can be launched against a computer

system or network. An exploit is a defined way to breach the security of an IT system

through a vulnerability.

Vulnerability : The existence of a software flaw, logic design, or implementation error that

can lead to an unexpected and undesirable event executing bad or damaging instructions to

the system. Exploit code is written to target a vulnerability and cause a fault in the system

in order to retrieve valuable data. 

Target of Evaluation (TOE): A system, program, or network that is the subject of a

security analysis or attack. Ethical hackers are usually concerned with high-value TOEs,

systems that contain sensitive information such as account numbers, passwords, Social

Security numbers, or other confidential data. It is the goal of the ethical hacker to test

hacking tools against the high-value TOEs to determine the vulnerabilities and patch them

to protect against exploits and exposure of sensitive data.

Attack : An attack occurs when a system is compromised based on a vulnerability. Many

attacks are perpetuated via an exploit. Ethical hackers use tools to find systems that may be

vulnerable to an exploit because of the operating system, network configuration, or applications

installed on the systems, and to prevent an attack.

There are two primary methods of delivering exploits to computer systems:-

Remote : The exploit is sent over a network and exploits security vulnerabilities without

any prior access to the vulnerable system. Hacking attacks against corporate computer

systems or networks initiated from the outside world are considered remote. Most people

think of this type of attack when they hear the term hacker, but in reality most attacks are

in the next category.

Local The exploit is delivered directly to the computer system or network, which requires

prior access to the vulnerable system to increase privileges. Information security policies

should be created in such a way that only those who need access to information should be

allowed access and they should have the lowest level of access to perform their job function.

This can be accomplished by privilege escalation

or weak security safeguards.

Find Us In FACEBOOK: ANON HACKSOCIETY