background preloader


Facebook Twitter

Articles about security breaches & security

Red alert: HTTPS has been hacked. September 26, 2011 Follow @rogeragrimes Only a handful of exploits per decade reveal a vulnerability that is truly significant.

Red alert: HTTPS has been hacked

Thai Duong and Juliano Rizzo's BEAST (Browser Exploit Against SSL/TLS) attack will rank among them because it compromises the SSL and TLS browser connections hundreds of millions of people rely on every day. BEAST cannot break the latest version of TLS -- the current standard based on SSL -- but most browsers and nearly all websites that support secure connections rely on earlier versions of the SSL and TLS protocols, which are vulnerable to BEAST attack.

Browser vendors and websites that host secure connections are already scrambling to upgrade to TLS 1.1 or 1.2. The BEAST tool, presented last Friday at the 2011 Ekoparty Security Conference in Argentina, made real a theoretical SSL/TLS vulnerability first documented 10 years ago. -= =- top ten apps. IP address spoofing. April 2014 IP address spoofing "IP address spoofing" is a technique that involves replacing the IP address of an IP packet's sender with another machine's IP address.

IP address spoofing

This technique lets a pirate send packets anonymously. It is not a question of changing the IP address, but rather of impersonating the IP address when packets are sent. Some people tend to assimilate the use of a proxy (which makes it possible to hide the IP address) with IP spoofing. Spoofing attack The IP address spoofing technique can enable a pirate to send packets on a network without having them be intercepted by the packet filtering system (firewall). Firewall systems are usually based on filtering rules indicating the IP addresses that are authorized to communicate with the network's internal machines. TCP header modification On the internet, information circulates thanks to the IP protocol, which ensures data encapsulation in structures called packets (or more precisely IP datagrams).

Trust relationships More information. Index of /content/downloads/pdf. Root in Under Five Article at HellBound Hackers. Hey everyone.

Root in Under Five Article at HellBound Hackers

This article is about hacking schools. Since any longer than five minutes, you risk getting caught, this is *hopefully* going to teach you how to get root in five minutes or less. So, lets get started. * Dedicated to H4xguy * To those of you that think by getting root, you own the school, sorry to disapoint you. Your first step is to try and get access to DOS.

Code \"start>all programs>accessories>cmd\" or \"start>run> type in \'cmd\'\" If neither of those work, create a new text document. If that didn\'t work, instead of typing \"cmd\", type @echo off echo hello pause Open it, if you see \"hello\", create a new text document and name it \"anything.reg\", right click and edit. REGEDIT4 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp] \"Disabled\"=dword:0 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem] \"DisableRegistryTools\"=dword:0 This changes the registry value that blocks dos. Another way to get dos, is to create a prog. Top 10 Password Crackers. SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools.

Top 10 Password Crackers

In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner , Ncat network connector , and Nping packet manipulator ). We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. 12 tools Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. Version 1.1 on April 24, 2010 (2 years, 5 months ago). crackers wireless version 4.9.43 on Dec. 3, 2011 (10 months ago). sniffers traffic-monitors.

Hacking and Security Articles / Tutorials / White Papers at HellBound Hackers.