All About Hackers
Know about the Hacker and their types. How they impact on society. Freedom of knowledge is harmful or dangerious it all talk about a Hacker. Let explore it...
How to Hack Email Accounts
Wondering to know how to hack an email account? Well, before you can do that, you need to understand the real ways of hacking that actually work and also that are simply scam and do not work.
Legal aspects of computing
Legal aspects of computing are related to various areas of law. Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies.
How to protect your email account from being hacked
Some of the most commonly used online scams which fool people and make them lose their passwords.The other commonly used method to steal password is by using a Key-logger. A Key-logger is nothing but a spyware.
TOP 5 HACKING TUTORIAL SITES
Hackers who find vulnerabilities to do nothing more than exploit them as much as humanly possible. Now that you know what sort of community you may be entering, let’s get on with the list of top sites where you can learn how to hack.
Sunday, February 9, 2014
The Basics of Fdisk
Top 16 SSH hacking tips and tricks
SSH tips #16-14:Detecting MITM attacks
When you log into a remote computer for the first time, you are asked if you want to accept the remote host's public key. Well how in the heck do you know if you should or not? If someone perpetrated a successful monkey-in-the-middle attack, and is presenting you with a fake key so they can hijack your session and steal all your secrets, how are you supposed to know? You can know, because when new key pairs are created they also create a unique fingerprint and randomart image:
$ ssh-keygen -t rsa -C newserver -f .ssh/newkey
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in .ssh/newkey.
Your public key has been saved in .ssh/newkey.pub.
The key fingerprint is:
44:90:8c:62:6e:53:3b:d8:1a:67:34:2f:94:02:e4:87 newserver
The key's randomart image is:
+--[ RSA 2048]----+
|oo +.o. |
|. = B o. |
| E X + . |
| B B .. |
| . * o S |
| . |
| |
| |
| |
+-----------------+
SSH tip #16: Retrieve the fingerprint and randomart image of an SSH key
If you make a copy of this when you create new encryption keys, then you can fetch a key's fingerprint and randomart image anytime to compare and make sure they have not changed:
$ ssh-keygen -lvf keyname
SSH tip #15: View all fingerprints and randomart images in known_hosts
And you can see all of them in your
~/.ssh/known_hosts
file:$ ssh-keygen -lvf ~/.ssh/known_hosts
SSH tip #14: Verify server keys
You can see the fingerprint and randomart for any computer you're logging into by configuring /etc/ssh/ssh_config on your client computer. Simply uncomment the VisualHostKey option and set it to yes:
VisualHostKey yes
Then login to any remote computer to test it:
$ ssh user@host2
Host key fingerprint is 66:a1:2a:23:4d:5c:8b:58:e7:ef:2f:e5:49:3b:3d:32
+--[ECDSA 256]---+
| |
| |
| . o . |
| + = . . . |
|. + o . S |
| o o oo |
|. + . .+ + |
| . o .. E o |
| .o.+ . |
+-----------------+
user@host2's password:
Obviously you need a secure method of getting verified copies of the fingerprint and randomart images for the computers you want to log into. Like a hand-delivered printed copy, encrypted email, the scpcommand, secure ftp, read over the telephone...The risk of a successful MITM attack is small, but if you can figure out a relatively painless verification method it's cheap insurance.
SSH tip #13: Attach to a remote GNU screen session
You can attach a GNU screen session remotely over SSH; in this example we'll open a GNU screen session on host1, and connect to it from host2. First open and then detach a screen session on host1, named testscreen:
host1 ~ $ screen -S testscreen
Then detach from your
screen
session with the keyboard combination Ctrl+a+d:[detached from 3829.testscreen]
You can verify that it's still there with this command:
host1 ~ $ screen -ls
There is a screen on:
3941.testscreen (03/18/2012 12:43:42 PM) (Detached)
1 Socket in /var/run/screen/S-host1.
Then re-attach to your screen session from host2:
host1 ~ $ ssh -t terry@uberpc screen -r testscreen
You don't have to name the
screen
session if there is only one.SSH tip #12: Launch a remote screen session
What if you don't have a running screen session? No worries, because you can launch one remotely:
host1 ~ $ ssh -t user@host2 /usr/bin/screen -xRR
SSH tip #11: SSHFS is better than NFS
sshfs is better than NFS for a single user with multiple machines. I keep a herd of computers running because it's part of my job to always be testing stuff. I like having nice friendly herds of computers. Some people collect Elvis plates, I gather computers. At any rate opening files one at a time over an SSH session for editing is slow; with sshfs you can mount entire directories from remote computers. First create a directory to mount your sshfs share in:
$ mkdir remote2
Then mount whatever remote directory you want like this:
$ sshfs user@remote2:/home/user/documents remote2/
Now you can browse the remote directory just as though it were local, and read, copy, move, and edit files all you want. The neat thing about sshfs is all you need is sshd running on your remote machines, and the sshfs command installed on your client PCs.
SSH tip #10: Log in and run a command in one step
You can log in and establish your SSH session and then run commands, but when you have a single command to run why not eliminate a step and do it with a single command? Suppose you want to power off a remote computer; you can log in and run the command in one step:
carla@local:~$ ssh user@remotehost sudo poweroff
This works for any command or script. (The example assumes you have a sudo user set up with appropriate restrictions, because allowing a root login over SSH is considered an unsafe practice.) What if you want to run a long complex command, and don't want to type it out every time? One way is to put it in a Bash alias and use that. Another way is to put your long complex command in a text file and run it according to tip #9.
SSH tip #9: Putting long commands in text files
Put your long command in a plain text file on your local PC, and then use it this way to log in and run it on the remote PC:
carla@local:~$ ssh user@remotehost "`cat filename.txt`"
Mind that you use straight quotations marks and not fancy ones copied from a Web page, and back-ticks, not single apostrophes.
SSH tip #8: Copy public keys the easy way
The ssh-copy-id command is not as well-known as it should be, which is a shame because it is a great time-saver. This nifty command copies your public key to a remote host in the correct format, and to the correct directory. It even has a safety check that won't let you copy a private key by mistake. Specify which key you want to copy, like this:
$ ssh-copy-id -i .ssh/id_rsa.pub user@remote
SSH tip #7: Give SSH keys unique names
Speaking of key names, did you know you can name them anything you want? This helps when you're administering a number of remote computers, like this example which creates then private key web-admin and public key web-admin.pub:
$ ssh-keygen -t rsa -f .ssh/web-admin
SSH tip #6: Give SSH keys informative comments
Another useful way to label keys is with a comment:
$ ssh-keygen -t rsa -C "downtown lan webserver" -f .ssh/web-admin
Then you can read your comment which is appended to the end of the public key.
SSH tip #5: Read public key comments
$ less .ssh/web-admin.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1
[snip] KCLAqwTv8rhp downtown lan webserver
SSH tip #4: Logging in with server-specific keys
Then when you log in, specify which key to use with the -i switch:
$ ssh -i .ssh/web-admin.pub user@webserver
SSH tip #3: Fast easy known_hosts key management
I love this one because it's a nice time-saver, and it keeps my ~/.ssh/known_hosts files tidy: using ssh-keygen to remove host keys from the ~/.ssh/known_hosts file. When the remote machine gets new SSH keys you'll get a warning, when you try to log in, that the key has changed. Using this is much faster than manually editing the file and counting down to the correct line to delete:
$ ssh-keygen -R remote-hostname
Computers are supposed to make our lives easier, and it's ever so lovely when they do.
SSH tip #2: SSH tunnel for road warriors
When you're at the mercy of hotel and coffee shop Internet, a nice secure SSH tunnel makes your online adventures safer. To make this work you need a server that you control to act as a central node for escaping from hotspot follies. I have a server set up at home to accept remote SSH logins, and then use an SSH tunnel to route traffic through it. This is useful for a lot of different tasks. For example I can use my normal email client to send email, instead of hassling with Web mail or changing SMTP server configuration, and all traffic between my laptop and home server is encrypted. First create the tunnel to your personal server:
carla@hotel:~$ ssh -f carla@homeserver.com -L 9999:homeserver.com:25 -N
This binds port 9999 on your mobile machine to port 25 on your remote server. The remote port must be whatever you've configured your server to listen on. Then configure your mail client to use localhost:9999 as the SMTP server and you're in business. I use Kmail, which lets me configure multiple SMTP server accounts and then choose which one I want to use when I send messages, or simply change the default with a mouse click. You can adapt this for any kind of service that you normally use from your home base, and need access to when you're on the road.
#1 Favorite SSH tip: Evading silly web restrictions
The wise assumption is that any public Internet is untrustworthy, so you can tunnel your Web surfing too. My #1 SSH tip gets you past untrustworthy networks that might have snoopers, and past any barriers to unfettered Web-surfing. Just like in tip #2 you need a server that you control to act as a secure relay; first setup an SSH tunnel to this server:
carla@hotel:~$ ssh -D 9999 -C carla@homeserver.com
Then configure your Web browser to use port 9999 as a SOCKS 5 proxy. Figure 1 shows how this looks in Firefox.
An easy way to test this is on your home or business network. Set up the tunnel to a neighboring PC and surf some external Web sites. When this works go back and change the SOCKS port number to the wrong number. This should prevent your Web browser from connecting to any sites, and you'll know you set up your tunnel correctly.
How do you know which port numbers to use? Port numbers above 1024 do not require root privileges, so use these on your laptop or whatever you're using in your travels. Always check /etc/services first to find unassigned ports. The remote port you're binding to must be a port a server is listening on, and there has to be a path through your firewall to get to it.
To learn more try the excellent Pro OpenSSH by Michael Stahnke, and my own Linux Networking Cookbook has more on secure remote administration including SSH, OpenVPN, and remote graphical sessions, and configuring firewalls.
Top 6 Websites To Learn Computer Programming Languages
If you are a beginner or intermediate programmer, then w3schools is an excellent website for learning programming. W3schools offer tutorials for a variety of web programming and scripting languages such as html, html5, css, asp, Ajax, JavaScript, php, jQuery etc. So, if you are into web development then w3schools would be a great learning resource.
2. Codeavengers.com:
If you want learn coding for making games, apps or websites using html/html5, css3, JavaScript python, but want an entertaining teaching resource. Then codeavengers.com is ideal choice for you. Codeavengers.com was designed by keeping difficulty for beginners in mind. It provides a fun and interactive learning environment that is effective for all age groups. Even if you are an intermediate programmer, you might find some great learning stuff there.
3. Codecademy.com
Codeacademy is another great website, for learning languages like JavaScript, HTML/CSS, PHP, Python, and Ruby. You can even learn how to use some popular web APIs in your website or app. Codeacademy has a great modern learning system, which is based on user interaction. It has full-fledged programming courses for beginners. Again, this website is great for beginners and intermediate learners. But advanced programmers can also find some pretty useful stuff there.
4. tutorialspoint.com
Tutorialspoint has tutorials for a lot of web, high level and scripting languages that are commonly used today. You can find tutorials for any computer language that you have ever heard of (those that are currently in used). Apart from that, it also features a variety of tutorials for other fields such as DIP, OS, SEO, Telecom, DBMS, and frameworks etc. Some commonly used languages that you can learn there are: Java, C++, PHP, Python, Ruby, C#, Perl, VB.Net, ios.
5. msdn.microsoft.com
Although, beginner programmers might find MSDN (Microsoft Developer Network) a tough learning resource, it is still the best resource you can get, if you want to master Microsoft oriented languages such as VB.Net, C# etc. MSDN has great tutorials for beginners, intermediate and advance programmers.
But as I stated earlier, beginners might not be initially comfortable with MDSN, as I has really a lot of resources that it would be a hard time for beginners to find what they are looking for. But if you get used to MSDN, then it is the ideal learning point for Microsoft oriented languages. You can get a lot of sample applications, tutorials and resources that are uploaded by Microsoft and MSDN community. Since it’s a developer’s network, you can even find development help from community members.
6. Lynda.com
You might already know about Lynda.com. Lynda offers easy to follow video tutorials. Lynda.com is an old and well established tutoring site, if you are looking for video tutorials to learn computer languages, then Lynda is your ideal choice. Apart from programming languages, Lynda also offers tutorials for a variety of other fields such as 3D modeling, CAD, Photography etc. Lynda.com is an old and well established tutoring site.
How To Remove All Your Google Web History?
As most of you already know, Google keeps a tab on pretty much everything you do on a Google site, provided that you signed in on any one of these websites. Everything you do is recorded, and can be used against you in the future. Search data can reveal particularly sensitive information about you, such as facts about your location, interests, age, religious views, and so on. You can, however, choose to not be so vulnerable, and can remove all of your Google web history to protect yourself from an unforeseen eventuality.
In this post, I'll show you how to remove your entire Google web history.
Before we begin, please note that any data you remove will be deleted permanently. Google keeps a lot of useful information that helps you find what you're looking for faster. It gives you quick access to webpages you've visited in the past, and even lets you know in search results which pages you've visited, and when. This information can be useful if you're a power user, and like to get things done quickly.
Google Web History
But if you still want, you can go ahead and erase your entire web history. You can also pick and choose individual items to remove, so that you won't lose everything.
Follow these steps to partially or completely for deleting your Google Web History.
Step 1: Visit your Google History page at https://www.google.com/history. Alternatively, you can click the gear icon on the upper right corner of a search results page, and then go to Search history.
Step 2: Click on the gear icon again, and then go to Settings.
Settings
Step 3: Click on the delete all link. You'll be prompted for a confirmation. Click on Delete all again, and your entire search history is gone!
Step 4 (optional): Click on the Turn off button on the Settings page to stop Google from storing your history again
If you don't want to delete your entire history, you can select individual items from the History main page, and delete them. This, by no means, implies that Google has nothing more to do with your data. They still keep some of your information on their servers for auditing and other such purposes. But at least your personal data is off the line now, and isn't susceptible to leaking out into the wrong hands.
Rest easy :)
Hacking Someone's Facebook Password Using Some Software Or Website?
The truth!
Let me get this straight to you that the password hackers websites do nothing at all just waste your time and are never able to do the job. In fact, if you have been downloaded any programs just make the situation worse when you run them. Some Antivirus programs guard them otherwise it could be severe danger. These software are mostly keyloggers and tracking programs that record your keystrokes and action and steal personal information from your computer in the background and send it to their master servers. So ultimately a hacker wannabe gets hacked, without his prior knowledge!
Why do these 'Hackers' do all that?
Setting up websites, maintaining them and developing software is not an easy task. It requires some money. So why do these 'hackers' do all the hassle? It's because they get equivalent or more money in return. They can extract your credit card details and other banking info from your system and use it for their advantage. They can hack your account and use it for wrong purposes. Give me one reason why one wouldn't steal money and hack accounts for no loss.
Why people fall in their webs?
Why do people try to use such unreal hacking procedures? It's because it's unreal to me, it's unreal to you but not to those who are not much familiar with the working of a software. They get in the web of these hackers and eventually get screwed up pretty bad without consent. The websites give guarantees and also portray their 'imaginary' happy customers so as to trick a reader. Such tactics are simple but really powerful and serves to their advantage in most cases. This is also why there are thousands of such websites available.
So is Facebook account an 'unbreakable fortress'?
Well, NO. Facebook accounts can be hacked. No online service is foolproof and that is because of the flaws and bugs in their software. There are several ACTUAL hackers in the world who can analyse a website's security and use that against it thus making hacking a reality. But I'm 100% sure none of them uses these scam and fake websites that claim to do the impossible. I'll end the 'lesson' with an idiom, "look before you leap". Focus, think and then follow.