! Welcome ! 的日志 — Windows Live

Darren 的个人资料! Welcome !照片日志列表更多

工具

帮助

<< 第一页 < 上一页下一页 > 最后一页 >>

11月12日

Networking etc

Back to the security & virus side of things a little later, For now will touch on some Hardware fundamentals, Installation & Configuration, then onto operating systems, Installation & configurations, then maybe some networking & last some Configuration & Administration of XP / Vista (altho i HATE vista),,,,

Some of this can be pretty boreing but if you want to learn then read on! Not haveing time on my side it will be in sections!

Components

A typical personal computer consists of more than just the computer itself, additional equiptment called components or peripherals are connected to the computer either external to the main system case or inside it.
External components are seperate devices connected to the main computers case through cables or wireless connections. External components are often called peripherals, The following table describes the typical peripherals attached to a desktop computer:

Case
- The box that holds the internal components and which the external components are connected to, The case encloses the primary components that make the computer work.
Monitor
- The device that displays the images & text generated by the computer so that you can see what it is doing.
Keyboard
- A text input device that allows you to input words or numbers into the computer for storage.
Speakers
- An output device which attaches to the sound card inside you computer, some speakers are built into the computer & some need to be installed, either way they are output devices.
Mouse
- The main input device which allows you to point at graphical elements on the monitor & interact with the computer.
Printer
- The device that prints out text or images on paper.
Scanner
- An input device which allows you to convert pictures or documents to data, this can be stored on or edited by the computer.
Digital Camera
- A device for capturing photos or videos & storeing them on your computer.

Internal Components

Internal components are devices which are installed inside the computers case, these components rely on the computers power supply & connect through the computers cables or electronic connectors within the case. Many times these components provide connectors or slots to the outside of the case for ease of connection for cables or card media, The following table explains some internal components:

CPU
- The "Central Processing Unit" the brains of the computer.

CPU Fan
- A cooling unit used to prevent the device from overheating

CD or DVD drive
- A large capacity removable storage device that can be used to load information into the computer, play audio cd's, play video DVD's, also save information to CD or DVD.
Floppy Drive
- A Smaller device for storage, newer computers today no longer use them.
Network Adaptor
- A device for connecting your computer to a network
Internal Modem
- A device which connects the computer to a phone line, which in turn connects youto the internet.
Power Supply
- A 230v (uk) 110 (other) device which supplys the computer with its electricity source, converting AC voltage to various DC voltages.
Motherboard
- The main circuit board in a computer.
Hard Drive
- The data storage device.

BOIS & CMOS

BIOS

The BIOS (Basic Input/Output System) is a set of software instructions set on a chip on a motherboard.The BOIS instructions enable basic computer functions, such as getting input from the keyboard, mouse, serial ports etc. Without the BIOS your computer would be useles.
AMD, AMI, Award, & Phoenix are some common BIOS manufactures. A motherboard manufacturer selects a BIOS, and integrates it into there design.

Shadowing
At startup, many computers copy the contents of BIOS into a standers memory to improve performance. The technique is called shadowing, because the contents in memory are like a shadow of those in the BIOS chip.

CMOS
CMOS is an area of memory that stores BOIS information. A battery fitted to the motherboard provides power to the CMOS chip so that its contents is maintained when the computer is turned off or unplugged.
CMOS is a type in chip in a way. The acronym stands for complementory metal oxide semiconductor. this type of chip can maintain information without a power supply. The most common use of the CMOS chips are to store BIOS configuration data.

Sidenote If ever you forget your BIOS password or you buy a notebook (laptop) which has a password on it & you didnt get the password from the seller then simply remove the CMOS chip (big watch type battery) from the motherboard for roughly 30 mins to be safe & it will remove the password along with the time / date etc but nothing that cant be set back up.

12月6日

Malware & Badware

WHAT IS MALWARE & BADWARE

Malware which is the same as badware is the slang word for malicious software. Malware is a generic term for software that works in such a way that it disregerds the way a user uses there pc. It is designed with the intent of disrupting or damaging a computer system. It covers all types of applications including

Spyware, Adware, Trojans, Software that steals data, pop-up ads, system monitors, browser hijackers, etc. Some malware products are completely hidden, Some products have to play two roles providing some useful actions and some totally useless. Here is a list of Malware types !

Stealth mode
Malware characteristics
Classofying intruders
Unexpected intruders
Malware motivation

WHAT MALWARE CAN DO AND ITS WARNING SIGNS:

Interferes with user experiance
Degrades computer and browser performance
monitors user and performance
Invades privacy
Generates pop-ups
Hijacks broswer home page
Adds new browser toolbar
Redirects browser
Adds unfamiliar website to favourites
Changes configurations
Changes directories and or system files
Generates unexpected messages
Causes expensive phone bills
Causes modem to become busy unexpectedly
Deactivates anti-malware software
Changes equiptment behavior
Resists removal
Causes memory or disk space problems
Attacks websites
Acts silently and provides no clues

MALWARE INSTALLATION

Active X controls
Acceptng an EULA (end user licence agreement)
Web browsing
Downloading
Hacking
Bundling
Peer to Peer file sharing
Pop-up-ads
Email or attachment
Deception
Other methods like clicking hyperlinks,IM chat services, etc,

SPYWARE

Spyware is a specific type of malware, its a covert software program which scans or monitors activities on a computer or system, online or offline doesnt matter It transmits the gathered information to other computers or locations on the internet. This informtion is usually collected and sent to third-parties, often with malicious intent, without the user even knowing, spyware can also make changes to the users computer on wich it is installed. Among the different types of malware there are spyware is one of the worst.

WHAT SPYWARE CAN DO!

Spyware can collect information and send it to the attacker (all the above apply to Spyware) this can be a major problem if you use internet banking at the worse case, then can do as little as tracking cookies, mostly the actions of Spyware programs are just simply annoying like degrading the performance of the users computer by effecting the pc speed. You can check the danger or risk of a Spyware program if detected on your pc at these websites

Symantec Spywareguide

Not all Spyware is bad though to some they Spyware can be very useful Example: a users online activitie scan be monitored and used to target ads or steer the user to websites that can provide goods or service the the user wishes to see or can benifit from in some way. May i add that once permission is granted, covert software cannot be called Spyware!

HOW IS SPYWARE INSTALLED

There are so many ways that Spyware can be installed onto a machine most will work in stealth mode. The most common way is via an internet connection with so many computers conected to the internet its an easy threat for infection. As stated in the previous section Spyware can be installed through viruses, worms, adware, Trojan horse programs, Keyloggers, and obviously websites, some tricks to install spyware could be :

Hideing inside another program: The Spyware hides inside another program. For example, when a P2P program is installed the hidden program, typically Spyware or Adware is also installed.
Useing confuseing legal jargon : The EULA is written in such a way so that the user just get so confused or simply its just so long and boreing it seems like useless information and users skip section or just agrees it, which gives the vendor enough leeway to install the Spyware legally.
Being persistent and annoying : When your surfing the web you might get a window pop-up (pop_ups) which when you click the decline button it just keeps poping up and doesnt go away so eventually some users will just accept it through frustration.
Offering free scanning : Some website offer a free scan, after the scan is complete they show a number of results showing something has been found, in some cases the results show cookies which are not Spyware, so the user is scared into buying the other half of the program the removal tool !

LEADING ANTI-SPYWARE TOOLS

Spy Sweeper Spy Sweeper
Spyware Doctor Spyware Doctor
Ad-Aware SE Personal (The one i use very good) Ad-Aware
ewido anti-spyware (AVG anti-spyware) ewido
Pest Patrol PestPatrol
SUPERAntiSpyware SUPERAntispyware
Windows Defender Windows Defender
StopZilla StopZilla

Most of the Anti-Spyware above do a free version , Personally i use Utorrent to get the full version FREE FREE being the importance word there Wink .

SPAM - PHISHING - IM's

10月23日

Yahoo messenger

Yahoo messenger custom status messages

I keep reading that yahoo messenger custom status messages can only be deleted when you hit 5 messages then the oldest message will be deleted ? well thats true but you can manually delete them aswell ! heres how :

Click the start button
Open run
Type "regedit"
Click ok

This will bring up the registry editor, within the registry editor you need to go to :

HKEY_CURRENT_USER\Software\Yahoo\pager\profiles\YOUR ID WILL BE HERE\Custom Msgs

There you will see your messages in the right hand pane, just delete as you please, if you wish to delete all custom messages then just delete the whole reg key, it will re-new when a new custom message is typed in YM.

10月12日

Another on SQL Injection

Concept:
Every time you browse the internet to look at a web site there are many things going
on in the background to bring you that site. Most of the more sophisticated sites
or services use DATABASES to store site content and what-not. This content is
accessed by sending the web server SQL code. It is nothing more than a request for
content. But it is possible to change the normal request to one of your own design.
This could allow you to get different information in the database than what you would
normally have gotten.

What is a SQL Injection:
A SQL Injection is the manipulation of SQL code by inserting crafted commands
into the variables of that SQL code. This could potentially allow you to gain access
to information that you would normally not have access to.

How does it work:
For demonstrational purposes you can think of it working like this: You have a site
that allows you to enter text into an input box, like a login/password setup. When
you click Submit, your information is passed to another file that processes that
information (like a .php or .asp file). That file generates an line of SQL code and
puts your information in it. It then sends that SQL code to the database server,
which replies back with its respected information. That page then processes that new
information and sends the results back to you.

To do a SQL Injection, you would write specially crafted SQL code in the Input
Boxes of the site. When you submitted your malicious string to the next page, that
page puts your code into the rest of the SQL statement. If you crafted your string
correctly the resulting SQL logic will be modified... and hopefully still be valid.

Examples of Injection:
You go to a site that prompts you for a User Name and Password. You know that the
User Name and Password are stored in a database. Lets also say, for simplicities
sake, you have an idea of what the SQL statement looks like.

Here is an example of such a code:
SELECT User.Message FROM User
Where((User.Login = '$myLogin') AND ('$myPassword' = User.Password));

As you can probably tell, this code will return a "Message" if the Login equals the
correct User Name and Password equals the correct Password.
$myLogin & $myPassword are the INPUT variables from the Text Boxes.

So how do I do a SQL Injection on this?
First, notice that your $myLogin is getting processed first. That is where we will
start. What would happened if you let your User Name equal "') AND ('"?
$myLogin = ') AND ('

Your new SQL String would look like this:
SELECT User.Message FROM User
Where((User.Login = '') AND ('') AND ('$myPassword' = User.Password));

Ok, now you might be getting the idea how this all works now. But LOGIC tells us that
the SQL statement we just created is not valid and will create an error, plus it
doesn't do us any good at all! Can you guess what we can put into $myLogin to make
the SQL statement valid and logically bypass us needing a password at all!?!?

Exploit:
$myLogin = root') OR (User.Login = 'root

Exploited SQL Code:
SELECT User.Message FROM User
Where((User.Login = 'root') OR (User.Login = 'root') AND ('$myPassword' = User.Password));

Look at what we did here. We let User.Login = root so we can get the Message that
the root user would get. We added an OR statement to logically relieve us from
needing a valid $myPassword.

Think of it like this:
(login = root) or ((login = anything) and (password = anything))

Since User.Login contains "root" is TRUE we get that user's Message even though the
second part of that logical argument is FALSE.

SQL Injections on unknown SQL Code:
Most of the time you will not be able to see the SQL code that the .php or .asp files
create. Due to insecure programming habits, you might be able to get it to show
you the SQL though. And obtaining partial SQL code is possible by inserting invalid
strings in most cases. But no matter what, a good understanding of SQL code is needed
to attempt SQL Injections. Most vulnerable code can also be exploited by a lot
of trial and error.

9月28日

Password Cracking

Remote Access Password Sharing!

Windows has something called remote file sharing, which allows two different systems which are seperated to share files and printers. This is secured by a password which has to be entered each time a system requests a file.

There are two types of passwords in remote file sharing:

The Main Access Password: This password gives the client full access to all files and folders.
Specific File Or Folder Password: Speaks for its self.

Both of these passwords are encrypted by passing them through the same algorithm. I will show you how a hacker would usually try to crack this password.

Go to your control panel and look for network, make sure you have the file and printer sharing enabled, then reboot for the changes to take effect.

After restarting you must go to the control again and look for security. If everything is ok there should be a page called remote access. Make sure the password is erikaand then close it.

Then open your registry editor (start/run/type (regedit)/ok) and look for admin$, which will be found in:

HKEY_LOCAL_MACHINE\Microsoft\windows\current version\Network\LanMan\ADMIN$.

(if you want to crack the password of a specific folder search for the key whos name is the same as the name of the folder and change the ADMIN$ to that name)

In the right pane of the registry editor, there is a key called parm1enc, this contains the encrypted password. You just changed the password to erika, so the parm1enc will be 70 C8 04 ED 12 hex. This is the encrypted password, so in ASCII that is pÈ.í.

So after decryption the 70h represents e, but how will we do this ? 1st of all windows converts your password to uppercase , so the e will become E, which is

45h.

So, 70h :=45h

01110000 = 70h

???????? XOR key

--------

01000101 = 45h

OK let us do this :

01110000 = 70h

00110101 XOR key = 35h (=53 decimal)

--------

01000101 = 45h

Now lets test this: Change your password to 123, now the encrypted password will be 04 8A 7E, Ok, but we only need the 04h:

00000100 = 04h

00110101 FOUND XOR key

--------

00110001 = 31h

Now,get your ASCII table and look at 31h (49 Dec) got it ? thats the ASCII charactor 1. So now you can find the 1st charactor of the

password by useing 35h as the XOR key, but every charactor of the password uses another key,which means there are 8 different keys.

Im not going to show you how to get them, try to work it out yourself by following the same procedure as above: i will give you the keys ?

1st char; 35h
2nd char; 9Ah
3rd char; 4dh
4th char;   A6h
5th char;   53h
6th char;   A9h
7th char;   D4h
8th char;   6Ah

20:18 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet

9月21日

HTTP Basic Authentication

HTTP Basic Authentication

The most common methods of authentication used by web sites is either CGI-based or JavaScript-based. Another type of Authentication that is popular is HTTP Basic authentication. Basically password protected web sites, which pop-up a dialog box with the following text:

Username and Password Required
Enter Username and Password for xxxx here
Username :
Password :

Cracking The HTTP Basic Authentication Passwords :

This changes from server to server slightly, also it depends on how the administrator has set up the service :

First of all find out if the server is actually running HTTP Basic authentication service, to do this just enter a wrong password; if you get a 401 Error message you can be sure its running HTTP Basic authentication. To hack the HTTP Passwords, you need to get the sniffer logs, which would contain what a request would look like if you were able to request the page. It would be something like the following:

GET /pagehere HTTP/1.1

Authorization: Basic rTyna2yrqw2ADGHsghis==

The text after the Basic is the password altho it looks encrypted its not, its just Base 64 encoding. You can easily decode it in perl useing the MIME::Base 64 module. The code would be as follows:

use MIME: :Base64;

print decode_base64("rTyna2yrqw2ADGHsghis==");

You can get the MIME::Base64 module from HERE . After it has been decoded you will something like name.name:passwordhere. The first two are the username and the last is the passwordin plain text.

19:46 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet

9月20日

Choosing a strong password

Choosing a strong password is always a tricky decision,

Some basic things to avoid :

Do not use words from a dictionary, this will prevent you from dictionary attacks.
Do not leave it blank or use your username or part of it.
Do not use you name followed by your birthdate, or anything someone can find on a profile page.
Do not repeat your password.
Do not use the same password at multiple places.

And some basic things to do :

Make your password a combination of numbers, letters & special characters, try to use both lowercase & uppercase.
You should change your password regularly.
Try to random your password, but not so much you forget it.

Theres a few programs out there which are good for storeing passwords Click Here for a good one.

21:45 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet

9月15日

Bypassing Security Features

A look into SQL injection !

Bypassing login prompts with the help of SQL injection attacks is extremely easy to perform. An attacker with some basic knowledge about how SQL works can use this with input validation attacks, there are a number of web sites on the Internet which require a user to enter a username & password to gain access to the site.If the correct pair is not entered the user will get an access denied, as with the correct input access is granted.

Mostly when a user fills the form on a web site the following SQL query is executed:

SELECT PEOPLE from database

WHERE Username='<the input username>'

AND Password='<the input password>'

IF <Above SELECT command evaluates to true> {Authorize User}

ELSE {User not authorized}

The SQL query searches the entire database looking for a record whose username & password match the input on the form.If the data input matches the data in the database then access is granted,if not then access is denied.

However an attacker can easily manipulate the input (username & password) entered in the online login form to execute a SQL injection attack & then bypass the security features. An attacker can enter the following data as input on the online login form:

Username: abcd' OR 1=1 --

Password : <blank>

For the above set of values the following SQL query gets executed for access :

SELECT PEOPLE from database

WHERE Username='abcd' OR 1=1- -

AND Password=' '

IF <Above SELECT command evaluates to true> {Authorize User}

ELSE {User not authorized}

The part of the query that contains the - - comment denotation that represents the beginning of comments. As a result everything after the - - is treated as commented code & ignored. This means this part of the SQL query can be written as follows :

SELECT PEOPLE from database

WHERE Username='abcd' OR 1=1

The above SQL query is always evaluated as true since the condition 1=1 can never be false. This means that if an attacker enters 'abcd' OR 1=1 - - as the username and <blank> as the password he/she will automatically be logged in as the first user in the database & have access to restricted files.

How To Prevent This

You can prevent SQL injection attacks by filtering out all the special characters like 'quotation marks, semicolons, slashes, backslashes, etc from user input, cookie files & URL parameters. This will make it more difficult for attackers to use SQL attacks against input validation.

0:38 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet

9月14日

Yahoo Messenger Trick !

Incase thats too fast or too blured here's how its done !

Click start menu click run & type "regedit" then ok (Always be careful when editing the registry this is your computers brain)
In the registry editor open HKEY_CURRENT_USER\Software\Yahoo\pager\Test.
On the right hand side of the editor hover your mouse over the clear area & right click.
Select new / string value & type the word plural.
Right click the word plural & select modify.
Set the value data to 0.
Thats it now you can open as many instances of YM as you like !

22:02 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet

Boot Up Times !

Sometimes waiting for your pc to boot up can be a tedius operation,

If you treat your pc like you would a car then it will run alot faster and smoother,ie: you service your car so it keep on going, well a computer works the same!

There are many things you can do to keep your computer from running slow,From booting to opening applications or switching through windows.

Lets take a look at one feature in the boot-up process first:

On most PCs they use a multiboot option as default where you get an option screen of which operating system you would like to use,if for example your useing windows NT and windows XP,or in a single operating system you may get the "start windows normally","safe mode",etc, options which by default lasts 30 seconds.

You can change the values in which this time hangs on your screen by makeing changes to the registry,(if requested i will explain this in another post) but for now we will use the easy route :)

Click the start menu / run / type "msconfig" then click enter,

You will get the system Configuration utility appear consisting of 6 tabs,Click the tab that says BOOT.INI which will open the tab, withing there on the right hand side it says "Timeout" you can change that value to any value above 1.

The value is in seconds hence like mine is set to 3 meaning the boot up screen mentioned earlier only appears for 3 seconds still giving me enough time to chose my operating system or boot up options.

Have fun !

21:31 | 添加评论 | 固定链接 | 写入日志 | Computers and Internet