Tuesday 23 September 2014

7 safety tips from hackers

It's easy to get hacked. And yes, it can happen to you.

Follow this advice from actual hackers, and you'll be a lot safer online.
1. Turn off your phone's Wi-Fi and Bluetooth.Hackers are religious about this. Keeping these features "on" all the time makes it easy for strangers to slip into your phone.
The problem? If you keep Wi-Fi and Bluetooth active, hackers can see what networks you've connected to before, spoof them and trick your phone into connecting to Wi-Fi and Bluetooth devices that hackers carry around.
Once connected to your phone, hackers can bombard your device with malware, steal data or spy on you. And you won't even notice.
So, turn on Wi-Fi and Bluetooth when you need them. Turn them off when you don't.
2. Use two-step authentication. Nowadays, a single password isn't enough. They get exposed all the time.
Lots of email and social media services offer an extra later of protection: two-step authentication -- essentially a second, temporary password.
For example, when you set this up with Google, (GOOG) Twitter (TWTRTech30) andLinkedIn, (LNKDTech30) they ask you for a secret code every time you log in from a new device. You immediately get a text message with a six-digit number.
It's an effective way to keep out hackers. Even if someone gets your password, they'd still need your phone too -- an unlikely scenario.
3. Create a smart password strategy. For the select few websites with your most sensitive information (email, bank), create some long and unique passphrases, like+hisPl@tinumDr@gonBreathesF1re.
For everything else? Use a password manager. This type of program stores all your passwords online, so you can make each one different, and you won't have to remember them all.
But only use a password manager that encrypts them on your device. LastPass andPassword Safe do this.
(Why not use a password manager for everything? One master password unlocks them all. You create a single point of failure.)
Change all of your passwords more than once a year.
4. Use HTTPS on every website. Install the HTTPS Everywhere tool developed by the pro-privacy Electronic Frontier Foundation. It encrypts all the information your browser is sending between your computer and websites.
If you only see HTTP in the address bar, anyone can spy on your Internet session.
5. Bulk up your home Wi-Fi. Setting up Wi-Fi at home is a tour through the circles of hell. But these two steps are important.
First, set up a password. Don't keep the default password on the sticker.
Next, the machine will ask what type of security encryption standard you'd like. Choose WPA-2.
Lots of machines default to WEP (Wired Equivalent Privacy) or WPA (Wireless Protected Access). Avoid them at all costs. A known Wi-Fi flaw can give up your password in seconds.
6. Don't hide your home Wi-Fi. Your home router asks: "Hide the SSID?" If you say yes, then your devices are forced to "actively scan" for the home network you're trying to hide. Sure, they'll connect. But as a result, your device "actively scans" for networks all the time.
Your laptop and phone are more susceptible to connecting to strangers' unsafe Wi-Fi networks.
"You're actually setting yourself back five years in terms of security," said Ben Smith, an experienced Wi-Fi hacker who's worked on secretive government projects.
7. Think twice before buying an Internet-connected device. Do you really need a"smart" fridge or oven?

Monday 8 September 2014

SQL Injection Tutorial for Beginners

What is a SQL Injection?

SQL injection is a code injection technique that exploits a security vulnerability within the database layer of an application. This vulnerability can be found when user input is incorrectly filtered for string literal escape characters embedded in SQL statements.
Although SQL injection is most commonly used to attack websites, it can also be used to attack any SQL database. Last year, a security company reported that the average web application is attacked at least four times per month by SQL injection techniques. Online retailers receive more attacks than any other industry with an online presence.

Picking a Target

The first step to performing a SQL injection attack is to find a vulnerable website. This will probably be the most time-consuming process in the entire attack. More and more websites are protecting themselves from SQL injection meaning that finding a vulnerable target could take quite some time.
One of the easiest ways to find vulnerable sites is known as Google Dorking. In this context, a dork is a specific search query that finds websites meeting the parameters of the advanced query you input. Some examples of dorks you can use to find sites vulnerable to a SQL injection attack include:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=

Of course, there are many others as well. The key component of these specialized search queries is that they all focus on websites that rely on PHP scripts to generate dynamic content from a SQL database somewhere on the backend of the server. You can learn more about advanced Google search techniques in Unleash Google Search.
Remember that a SQL injection attack can work on any SQL database, but PHP-based websites are usually your best targets because they can be set up by just about anyone (i.e. WordPress) and often contain lots of valuable information about customers within the database you are attempting to hack.
However, just because Google pops up with a result using these dorks does not mean it is vulnerable to attack. The next step is to test each site until you find one that is vulnerable.

Navigate to one of the websites you found. For this example, assume that one of the search results is http://www.udemy.com/index.php?catid=1. To find out if this site is vulnerable to SQL injection, simply add an apostrophe at the end of the URL like this:
http://www.udemy.com/index.php?catid=1’
Press enter and see what the website does. If the page returns a SQL error, the website is vulnerable to SQL injection. If the page loads normally, it is not a candidate for SQL injection and you should move on to the next URL in your list.
The errors you receive do not matter. As a general, if the website returns any SQL errors, it should be vulnerable to SQL injection techniques.
At this point, understanding SQL is even more important as you will begin manipulating the database directly from the vulnerable page.  Practical SQL Skills is a solid resource for beginner and intermediate users.

Starting the Attack

After locating a vulnerable site, you need to figure out how many columns are in the SQL database and how many of those columns are able to accept queries from you. Append an “order by” statement to the URL like this:
http://www.udemy.com/index.php?catid=1 order by 1
Continue to increase the number after “order by” until you get an error. The number of columns in the SQL database is the highest number before you receive an error. You also need to find out what columns are accepting queries.
You can do this by appending an “Union Select” statement to the URL. A union select statement in this URL would look like this:
http://www.udemy.com/index.php?catid=-1 union select 1,2,3,4,5,6
There are a couple of things to note in this example. Before the number one (after catid), you need to add a hyphen (-). Also, the number of columns you discovered in the previous step is the number of digits you put after the union select statement. For instance, if you discovered that the database had 12 columns, you would append:
catid=-1 union select 1,2,3,4,5,6,7,8,9,10,11,12
The results of this query will be the column numbers that are actually accepting queries from you. You can choose any one of these columns to inject your SQL statements.

Exploiting the Database

At this point, you know what columns to direct your SQL queries at and you can begin exploiting the database. You will be relying on union select statements to perform most of the functions from this point forward.
The tutorial ends here. You have learned how to select a vulnerable website and detect which columns are responsive to your queries. The only thing left to do is append SQL commands to the URL. Some of the common functions you can perform at this point include getting a list of the databases available, getting the current user, getting the tables, and ultimately, the columns within these tables. The columns are where all of the personal information is stored.
If you are unfamiliar with using SQL commands to finish the exploit, you should study various commands before attempting a SQL injection attack.

Note: Hacking is illegal...Hacking is Crime..,