Monday, April 20, 2015
SEVEN WHATSAPP TIPS
here are some simple tips from security research company ESET to make it more secure.
For Android users it’s a little bit complicated.Using a file explorer app such as ES File Explorer, you can find WhatsApp’s ‘Images’ and ‘Videos’ folders and create a file within each called ‘.nomedia’. This will stop Android Gallery app from scanning the folder.If not get KeepSafe app from the play store and hide the selected pics and videos.(This app can be used to any pics or videos on your smartphone).
Anyone offering a free subscription, claiming to be from WhatsApp or encouraging you to follow links in order to safeguard your account is definitely a scam and should not be trusted. These links could lead to websites that install malware and spyware or track your personal details.
Block WhatsApp photos from appearing in Gallery
Pictures that you receive on WhatsApp are automatically stored in your phone’s Gallery, exposing them to anyone who browses photos on your phone. In iPhone, you can go into the phone’s Settings menu, then tap ‘Privacy’, ‘Photos’, and deselect WhatsApp which will restrict this.For Android users it’s a little bit complicated.Using a file explorer app such as ES File Explorer, you can find WhatsApp’s ‘Images’ and ‘Videos’ folders and create a file within each called ‘.nomedia’. This will stop Android Gallery app from scanning the folder.If not get KeepSafe app from the play store and hide the selected pics and videos.(This app can be used to any pics or videos on your smartphone).
Restrict access to profile picture
Set profile picture sharing to “contacts only” in the Privacy menu to hide your WhatsApp profile photo from unknown users and the people who are not in your contacts.People who don’t know you can download your picture from your WhatsApp profile and, through Google Image search, can find out more about you so this would help you from all these problems.Beware of scams
WhatsApp will never contact users through the app and does not send emails about chats, voice messages, payment, changes, photos, or videos, unless you contact their help and support.Anyone offering a free subscription, claiming to be from WhatsApp or encouraging you to follow links in order to safeguard your account is definitely a scam and should not be trusted. These links could lead to websites that install malware and spyware or track your personal details.
Deactivate WhatsApp if you lose your phone
If you lose your smartphone,immediately activate WhatsApp with the same phone number on a different phone, with a replacement SIM.One of the basic security measures that WhatsApp takes is that the app can only be used by one number on one device at a time, so by doing so you instantly block it from being used on your old phone.If that’s not possible, WhatsApp can also deactivate your account.Keep the WhatsApp app locked
WhatsApp doesn’t offer a built-in password or pin, you can use third party apps like Messenger and Chat Lock, Lock for WhatsApp and Secure Chat if you use an Android phone.This will help you from exposing your private chats,photos and videos from others who steal your smartphone or take it from you.Hide the ‘last seen’time
WhatsApp’s much disliked ‘last seen’ feature can also be disabled, it could help prevent your stalker know what time you were last online.You can disable or restrict who sees your ‘last seen’ time in WhatsApp’s ‘Profile’; ‘Privacy’ menu, in Android, iOS, Windows or Blackberry.However, if you turn it off, you won’t be able to see other users’ ‘last seen’ times either.Be careful of what you talk about
You should not share confidential information, addresses, phone numbers, email addresses, bank or credit card details, or passport or other identification details on WhatsApp.A man in the middle attack could lead to this information being compromised. WhatsApp has introduced end-to-end encryption for its Android users but other platforms are stillSunday, April 19, 2015
Hack WiFi Using Android
1]Root a compatible device. Not every Android
phone or tablet will be able to crack a WPS
PIN. The device must have a Broadcom bcm4329 or
bcm4330 wireless chipset, and must be rooted . The
Cyanogen ROM will provide the best chance of
success. Some of the known supported devices
include:
Nexus 7
Galaxy S1/S2/S3
Nexus One
Desire HD!!
2]Download and install bcmon. This tool enables
Monitor Mode on your Broadcom chipset,
which is essential for being able to crack the PIN.
The bcmon APK file is available for free from the
bcmon page on the Google Code website.
To install an APK file, you will need to allow
installation from unknown sources in your
Security menu.
3]Run bcmon. After installing the APK file, run
the app. If prompted, install the firmware and
tools. Tap the "Enable Monitor Mode" option. If the
app crashes, open it and try again. If it fails for a
third time, your device is most likely not
supported.
Your device must be rooted in order to run
bcmon.
4] Download and install Reaver. Reaver is a
program developed to crack the WPS PIN in
order to retrieve the WPA2 passphrase. The Reaver
APK can be downloaded from the developers'
thread on the XDA-developers forums.
5] Launch Reaver. Tap the Reaver for Android
icon in your App drawer. After confirming that
you are no using it for illegal purposes, Reaver will
scan for available access points. Tap the access
point you want to crack to continue.
You may need to verify Monitor Mode before
proceeding. If this is the case, bcmon will
open again.
6] Verify your settings. In most cases you can
leave the settings that appear at their default.
Make sure that the "Automatic advanced settings"
box is checked.
7] Start the cracking process. Tap the "Start
attack" button at the bottom of the Reaver
Settings menu. The monitor will open and you will
see the results of the ongoing crack displayed.
Cracking WPS can take anywhere from 2-10+
hours to complete, and it is not always
successful.!!!!!
Note: This tutorial is only for Educational Purposes,
phone or tablet will be able to crack a WPS
PIN. The device must have a Broadcom bcm4329 or
bcm4330 wireless chipset, and must be rooted . The
Cyanogen ROM will provide the best chance of
success. Some of the known supported devices
include:
Nexus 7
Galaxy S1/S2/S3
Nexus One
Desire HD!!
2]Download and install bcmon. This tool enables
Monitor Mode on your Broadcom chipset,
which is essential for being able to crack the PIN.
The bcmon APK file is available for free from the
bcmon page on the Google Code website.
To install an APK file, you will need to allow
installation from unknown sources in your
Security menu.
3]Run bcmon. After installing the APK file, run
the app. If prompted, install the firmware and
tools. Tap the "Enable Monitor Mode" option. If the
app crashes, open it and try again. If it fails for a
third time, your device is most likely not
supported.
Your device must be rooted in order to run
bcmon.
4] Download and install Reaver. Reaver is a
program developed to crack the WPS PIN in
order to retrieve the WPA2 passphrase. The Reaver
APK can be downloaded from the developers'
thread on the XDA-developers forums.
5] Launch Reaver. Tap the Reaver for Android
icon in your App drawer. After confirming that
you are no using it for illegal purposes, Reaver will
scan for available access points. Tap the access
point you want to crack to continue.
You may need to verify Monitor Mode before
proceeding. If this is the case, bcmon will
open again.
6] Verify your settings. In most cases you can
leave the settings that appear at their default.
Make sure that the "Automatic advanced settings"
box is checked.
7] Start the cracking process. Tap the "Start
attack" button at the bottom of the Reaver
Settings menu. The monitor will open and you will
see the results of the ongoing crack displayed.
Cracking WPS can take anywhere from 2-10+
hours to complete, and it is not always
successful.!!!!!
Note: This tutorial is only for Educational Purposes,
Saturday, April 18, 2015
Creating Penetration testing lab with DVWA : Full tutorial
What is Penetration Testing ?
Penetration testing is a practice of learning hacking skills against Web
Applications, Mostly White hat hackers or IT Security Team create a
Penetration lab to practice their hacking tools, tricks and even to
prevent hacking. Even beginner hacker also want to learn hacking skills
like SQL Injection, XSS, CSRF attack etc, this all hacking tricks
require a vulnerable website to Explode the Vulnerability and to learn
hacking skill
What is DVWA ? (Damn Vulnerable Web App)
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is
damn vulnerable. Its main goals are to be an aid for security
professionals to test their skills and tools in a legal environment,
help web developers better understand the processes of securing web
applications and aid teachers/students to teach/learn web application
security in a class room environment.
Let's Get Stated
1. Download DVWA HERE- > DVWA
2.Download Xamp here > Xamp
3.After Download Both File install Xamp and open control panel and start Apache and MySQL
.png)
4. Extract Dvwa in C:\xampp\htdocs
.png)
5.goto C:\xampp\htdocs\dvwa\config and open the config.inc file with notepad or notepad++
check in line 20 cleac the p@ssword and leave only ' ' [quotation] save the file.
.png)
6. Open your browser and type localhost/dvwa >create database.
then your done.....
7. in the same browser just open Ntab and type: http://localhost/dvwa/Login.php
username :admin
password : password...
For Educational Purpose only
Friday, April 10, 2015
How to Know if Someone Accessed Your Computer When Your away
how do you know if someone tried to access your computer in your absence? Well, here is a way by which you get notified every time when such an attempt is made.
The website called MouseLock.co gives a solution here. All you have to do is visit the site’s homepage, sign in to your Gmail account and select your secret point (unlock code) from the screen. Once you do this, you will have to place your mouse cursor into the slot shown and click on it. This will activate the mouse lock feature on your computer screen.
So, when an unauthorized person tries to move the mouse in your absence, he will be given just a few seconds to select the unlock code. Upon failure to do so, you will get an instant notification about the intrusion in your mailbox.
If you have a webcam attached to your computer, you can even get the photo of the person trying to intrude. This will make it easy for you to figure out who actually was the person.
As this is an easy to use web application, you can use it any time just by loading the MouseLock website without the need to install anything on your computer. Even though MouseLock does not manage to prevent the intrusion, it will give you an instant notification about it, so that you aware of what is happening at your desk when you are away.
.png)
How it Works?
MouseLock operates by using the “mouseLeaveEvent” from JQuery to track the mouse movements. On the other hand, it uses the “getUserMedia()” API that is supported by Chrome and Firefox to capture the webcam photographs.
Spoofing MAC Address on Android Devices
Even though MAC address is embedded on the hardware device during manufacture, it can still be spoofed to input a new one of your choice. Here is a detailed instruction on how to spoof MAC address on your Android phone.
Before you spoof the MAC address, you need to record the original/current MAC address of your device which can be done according to the instruction below:
- On the Home Screen of your phone, tap Menu button and go to Settings.
- Tap About Device and go to Status
- Now scroll down to record the 12-digit code shown under Wi-Fi Mac address. An address would read something like:Example MAC address: E5:13:D8:E5:69:97
Requirements for Spoofing the MAC Address
- Rooted Android Phone
- BusyBox app installed on your phone
- Once BusyBox is installed, you need to install Terminal app
Once the above requirements are satisfied, follow the instructions below to spoof your MAC address:
- Open the Terminal app and type the commands as listed below:$ su [HIT ENTER](This will show your current MAC address, just for your confirmation)$ busybox iplink show eth0 [HIT ENTER]
- Now, type the following command:(In the above command, replace XX:XX:XX:XX:XX:XX with your new MAC address)$ busybox ifconfig eth0 hw ether XX:XX:XX:XX:XX:XX [HIT ENTER]
- You have now spoofed your MAC address successfully. To check for the change enter the following command again:(Now you should see your new MAC address)$ busybox iplink show eth0 [HIT ENTER]
Steps to Hack the Software and Run the Trial Program Forever:
You will have to follow these tips carefully to successfully hack a software and make it run in the trial mode forever:
- Note down the date and time, when you install the software for the first time.
- Once the trial period expires, you must always run the software using RunAsDate.
- After the trial period is expired, do not run the software(program) directly. If you run the software directly even once, this hack may no longer work.
- It is better and safe to inject the date of the last day in the trial period.
For example, if the trial period expires on jan 30 2009, always inject the date as jan 29 2009 in the RunAsDate. I hope this helps!
Subscribe to:
Comments (Atom)