E-mail is one of the things we almost can’t live without nowadays. It provides us with easy communications between places and sending documents has become as easy as pie. However, we must be careful with it because it also has become a dangerous place over the time. Hackers has already create methods to hack other people using just e-mail.
Phising is an act to obtain users private data by sending them fake e-mail with a link to a website that contains malware. This e-mail looks like they were important and needs to be dealt with immediately, but in truth it’s just a random junk from the internet.
Recent phising attacks :
Apple Store – Update your Apple Account
Email Methods :
- Deceptive Subject Line
- Forged Senders Address
- Genuine Looking Content
- Disguised Hyperlinks
Source: http://en.wikipedia.org/wiki/Phishing, http://www.fraudwatchinternational.com/individual-alert?fa_no=241426&mode=alert
Zero day attack is an exploitation of unpatched software vulnerabilities that occurs on “day zero” of awareness of the vulnerability. This happens because of the lack of time between the discovery of the vulnerability and the amount of time needed by the administrator to fix that vulnerability.
CTA: New Java Zero-Days
Fireeye which is a Malware Protection Cloud (MPC) has detected a new brand-new zero days vulnerabilities that has already been used to attack several customer. The hackers used this vulnerability to install an “update” on Java version 6 and version 7. This is done by exploiting the JVM to write and read the infected codes. After exploiting the memory of the JVM then it began to download an md5 executable infected JAR from the host site and then began to run it. However, this exploitation also has some weaknesses. Sometimes it fails to load because it tries to overwrite a large number of memory and it is not completed properly making the JVM crashed. The Code itself try to make a copy of itself into a dll file making it roots on the host victim’s computer.
Source: http://blog.malwarebytes.org/intelligence/2013/03/cta-new-java-zero-days/, http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/yaj0-yet-another-java-zero-day-2.html, https://en.wikipedia.org/wiki/Zero-day_attack
Before we attack an enemy it is best to know them first, that way we would discover their weaknesses and attack them in the unguarded places. Information gathering becomes an inseparable activity in ethical hacking. Good information gathering may lead to a successful pen test or a failed one. It include three basic steps which is Footprinting, Fingerprinting and Enumeration.
Footprinting is the blueprinting of the security profile of an organization, in a methodological manner.
The attacker may choose to source the information from:
- A web page (save it offline, e.g. using offline browser such as Teleport pro
- Yahoo or other directories. (Tifny is a comprehensive search tool for USENET newsgroups.
- Multiple search engines (All-in-One, Dogpile), groups.google.com is a great resource for searching large numbers of news group archives without having to use a tool.
- Using advanced search (e.g. AltaVista),
- Search on publicly trade companies (e.g. EDGAR).
- Dumpster diving (To retrieve documents that have been carelessly disposed)
- Physical access (False ID, temporary/contract employees, unauthorized access etc)
Fingerprinting is “guessing” a target operating platform.
There are two type of fingerprinting which is the Active and Passive. Active fingerprinting is more accurate than passive but it leaves a visible track so it’s more dangerous to use it than the passive one.
Active fingerprinting is actively determining the target network OS by sending packets and examining its response. Passive fingerprinting is instead of relying on scanning the target host, passive fingerprinting captures packets from the target host and study it for signs that can reveal the OS.
The attacker may choose to source the information from:
- TTL – What the operating system sets the Time To Live on the outbound packet
- Window Size – What the operating system sets the Window Size at.
- DF – Does the operating system set the Don’t Fragment bit?
- TOS – Does the operating system set the Type of Service, and if so, at what?
Enumeration is identifying valid user accounts or poorly protected resource shares.
The type of information enumerated by intruders:
Network resources and shares
Users and groups
Applications and banners
Hello there… this is my first tutorial in this blog which will explain about how to install VMware Workstation 9.0. As for you who don’t know what VMware is I will briefly explain about what it is. VMware (is short for Virtual Machine) is a program wich allow us to have another independent operating system inside our primary host operating system. As you can see, this virtual machine can help you with various task, for example testing and debuging,hacking, penetration testing etc inside our isolated operating system.
Things that you will need for VMware:
- 1.3GHz or faster core speed
- 64-bit x86 Intel Core™ Solo Processor or equivalent, AMD Athlon™ 64 FX Dual Core Processor or equivalent
2GB RAM minimum/ 4GB RAM recommended
- 1.2 GB of available disk space for the application
- Minimal free space of 20GB for each Virtual Machine
Any kind of operating system which has been globally recognized i.e Windows, Mac, Ubuntu etc.
Now… after you have met those requirement we begin installing the application itself.
*you can get a free trial license for 30 days by registering in the vmware.com website
Step 1. Open VMware Workstation 9 Setup.
Step 2. Choose the installation folder of the VMware workstation 9 to your preferable location.
Step 3. Make sure all of your choices are the right one and then begin the installation.
Step 4. Wait for the program to finish installing VMware Workstation 9
Step 5. Use the Key registration product which you get from the vmware.com or if you haven’t got it yet you can enter it at the option menu later.
Step 6. That’s it your VMware is now ready to go.