DEFT Linux 7 Computer Forensic Live Cd - Released

DEFT (Digital Evidence & Forensic Toolkit) is a customised distribution of the Lubuntu live Linux CD. It is an easy-to-use system that includes excellent hardware detection and some of the best open-source applications dedicated to incident response and computer forensics.   


New features:


- Based on Lubuntu 11.10
- Installable Distro
- Linux kernel 3.0.0-12, USB 3 ready
- Libewf 20100226
- Afflib 3.6.14
- TSK 3.2.3
- Autopsy 2.24
- Digital Forensic Framework 1.2
- PTK Forensic 1.0.5 DEFT edition
- Maltego CE
- KeepNote 0.7.6
- Xplico 0.7.1
- Scalpel 2
- Hunchbackeed Foremost 0.6
- Findwild 1.3
- Bulk Extractor 1.1
- Emule Forensic 1.0
- Guymager 0.6.3-1
- Dhash 2
- Cyclone wizard acquire tool
- SQLite Database Browser 2.0b1
- BitPim 1.0.7
- Bbwhatsapp database converter
- Creepy 0.1.9
- Hydra 7.1
- Log2timeline 0.60
 - Wine 1.3.28 


Download: http://www.mirrordeft.net

Forgotten Ubuntu Password – Reset within minutes

Forgotten Ubuntu Password – Reset within minutes

If you’ve ever forgotten your password, you aren’t alone… it’s probably one of the most common tech support problems I’ve encountered over the years. Luckily if you are using Ubuntu they made it incredibly easy to reset your password.

All it takes is adjusting the boot parameters slightly and typing a command or two, but we’ll walk you through it.

Reset Your Ubuntu Password

Reboot your computer, and then as soon as you see the GRUB Loading screen, make sure to hit the ESC key so that you can get to the menu.

Root Shell – Easy Method

If you have the option, you can choose the “recovery mode” item on the menu, usually found right below your default kernel option.

Then choose “Drop to root shell prompt” from this menu.

This should give you a root shell prompt.

Alternate Root Shell Method

If you don’t have the recovery mode option, this is the alternate way to manually edit the grub options to allow for a root shell.

First you’ll want to make sure to choose the regular boot kernel that you use (typically just the default one), and then use the “e” key to choose to edit that boot option.

Now just hit the down arrow key over to the “kernel” option, and then use the “e” key to switch to edit mode for the kernel option.

You’ll first be presented with a screen where you can find this written “ro single”

You’ll want to remove the “ro single” part with the backspace key, and then add this onto the end:

rw init=/bin/bash

Once you hit enter after adjusting the kernel line, you’ll need to use the B key to choose to boot with that option.

At this point the system should boot up very quickly to a command prompt.

Changing the Actual Password

You can use the following command to reset your password:

passwd <username>

After changing your password, use the following commands to reboot your system. (The sync command makes sure to write out data to the disk before rebooting)

sync
reboot –f

I found that the –f parameter was necessary to get the reboot command to work for some reason. You could always hardware reset instead, but make sure to use the sync command first.
And now you should be able to login without any issues.

BackTrack 5 R1 Released - Penetration Testing Distribution

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.

Official BackTrack 5 R1 change log:

1. This release contains over 120 bug fixes, 30 new tools and 70 tool updates.
2. The kernel was updated to 2.6.39.4 and includes the relevant injection patches.

According to the guys at OffSec, This release is their best one yet! Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack.We’ve have Gnome and KDE ISO images for 32 and 64 bit (no arm this release), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.
We are mighty excited and are already downloading this release just as we speak!
Download Backtrack 5 R1

WordPress Security/Vulnerability Scanner - WPScan

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach (scanning without any prior knowledge of what has been installed etc).

Features

• Username enumeration (from author querystring and location header)
• Weak password cracking (multithreaded)
• Version enumeration (from generator meta tag)
• Vulnerability enumeration (based on version)
• Plugin enumeration (2220 most popular by default)
• Plugin vulnerability enumeration (based on version) (todo)
• Plugin enumeration list generation
• Other misc WordPress checks (theme name, dir listing, …)

Requirements

WPScan requires two non native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x.

sudo apt-get install libcurl4-gnutls-dev
sudo gem install –user-install typhoeus
sudo gem install –user-install xml-simple

The full README is available here.

You can download WPScan by checking it out from the SVN repository on Google Code:

svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only

Or you can read more here.

How does Antivirus software works or detects virus

Hello friends, today i will explain you all how an anti-virus software works and detects virus. Most of you already know that what is anti-virus, but have you ever tried to understand how it works and why it requires updates regularly? How anti-virus searches for viruses and detects the virus in the file and eliminates it or heal it. Working of anti-virus involves two basic technologies namely:

1. Dictionary based continuous and fragmented string search

2. Suspicious activity detection (process manipulation)

How does anti-virus software works

So friends, lets start learning how an anti-virus works and detects virus and then eliminates and heals them.

Dictionary based continuous and fragmented string Search:

As the technique's name suggest, as dictionary signifies virus definitions database that is regularly updated as soon as new virus is being found (that is found by second technique). In dictionary based search technique, anti-virus software searches a string by comparing the file with strings existing in virus definition's or database.

 Now consider an hypothetical example for better understanding, suppose you have a file whose code is something like below:

ABCDEFGHIJKLMNOPQRSTUVWXYZ

Now when a virus infects a file what it does it manipulates the original file and adds some extra code or functionality to it so that the behavior of file  changes that means that defers from its normal functioning. So after virus infection file becomes something like this:

ABCDEFGHIJKLMNOPQRSTUVWXYZ012345

where 012345 is the string that virus has attached to the file after infection.

Now what does anti-virus database contains is that 012345 string . It matches the string in database with string in program or code and if it matches it identifies it as a virus.

Note: This all processing is done on binary format of codes and sometimes executable. 

Only if you manipulate the virus string that is 012345 and add some dead code between that something like below:

0a1a2a3a4a5a that means what we have done is added a between virus string but attached it in such a way that a does not affects the processing of string(virus). That means we have made new virus as this string is not there in the anti-virus database so it is not detected by anti-virus.

How can you add dead code, consider this string only 0a1a2a3a5a , read the character one by one and whenever character 'a' is found just skip the processing else concatenate the string and store that in new variable and use that variable in further processing of the code. This is how we makes any virus undetectable.

Note: But suspicious activity technique might detect this way as functionality of virus string is same.

That's the main reason why anti-virus needs updates regularly. Anti-virus companies daily adds new detected strings to their database so that the user can remain secure.

We can also bypass this using crypters too but as we are elite hackers and not script kiddies so i love to do this by manual editing rather than doing it by tools. Because if you do it using tools you will never come to know how its happening. And the day crypter becomes detectable your virus also becomes detectable. So friends i will recommend you that never depend on tools for hacking for two reasons:

1. You will never come to know the real scenario that what is happening in real time that means no knowledge. When the tool become detectable then you are noob again.

2. Most tools available are already infected with key-loggers and spy Trojans that inspect your system and send personal credentials to hackers who has created them.

Suspicious activity detection:

The most effective method to detect any malfunctioning in your system as it does not based of any search techniques rather it depends on the behavior of programs and files that how they act while they are executed or running. In this technique what happens is that anti-virus identifies the normal behavior of the file or program that what it should do when it is run without infection. Now if any file or program do any illegal processing like manipulating windows files integrity and protection then anti-virus identifies that file as virus and terminate that program and process related to it. That's the only reason why it detects patches and key-gens  as virus, as they try to manipulate the files by disassembling their integrity. 

The main drawback of this technique is that its quite annoying as sometimes it detects normal files as virus too but if you want to keep your PC safe then you need to do what your anti-virus suggests.

Also note one more thing, 99% patches and key-gens that you use to crack softwares are already infected with Trojans which are identity theft programs that steals your personal information and send them hackers. Some patches also contains back-doors that make your system open for attack similar to the way you have left your house main gate open for thieves in night....:P but its truth... 

So what is the lesson you have got from this article stop using pirated softwares and cracks to patch them otherwise you can be in great trouble. Solution for this is simple use trusted free wares as alternatives for paid tools rather than using their cracked versions...

All Hacking Tutorials By Mr.Mindfreak

Presents Hacking Tutorial All in one Collection By Mr.Mindfreak

Mr.Mindfreak:"Hello My Fans Or My Hacking Page Followers i Upload My Hacking Tutorials in DVD Fully High Quality And Share Here So Download and Learn Hacking Easily "

Remember Me in Your Prays .!

Download From FileSonic:

Folder Linkhttp://www.filesonic.com/folder/6284231

Download From FileServe:

Folder link:

http://www.fileserve.com/list/qKUBhap

BT4 Assuring Security by Penetration Testing

If you are working in the “information security” field, you must know the BackTrack distribution (otherwise you must be an alien coming from a far away planet!). If you search for the word “backtrack” on Amazon, you will find lot of references but only one book is fully dedicated to the Linux distribution: “BackTrack 4: Assuring Security by Penetration Testing“. I received a copy directly from the publisher and here is my review.

Just for those who are not familiar with BackTrack, it’s a Linux distribution made by security professionals for security professionals: It contains hundreds of tools to perform security assessments and penetration tests. Some of them are well-known like Metasploit, WebScarab or sqlmap and others are real gems (example: ua-tester which was added recently) and  increase the quality of the toolbox version after version.

Even if BackTrack 5 was released a few weeks ago, it does not reduce the book quality. There are so many tools that a single volume is not enough to cover all of them.The following chapters covered the classic penetration testing schema:

• Target scoping
• Information gathering
• Target discovery
• Enumerating target
• Vulnerability mapping
• Social engineering
• Target exploitation
• Privilege escalation
• Maintaining access
• Documentation and reporting

Each chapter reviews the most interesting tools (according to the authors) to achieve the chapter topic. Tools are briefly explained with examples. Straight to the point!
So, who’s need this book? The author’s goal is certainly not to give recipes on “how to hack a website“. The book must been see as a reference for those who already know the BackTrack distribution or who want to learn it. Don’t forget: this is just a toolbox, it does not prevent you to use your brain!
More information about the book here.

Download BackTrack 5

How to download BackTrack 5

Download BackTrack 5 directly

Download BackTrack 5 from Mirror - Download BackTrack 5 Torrent

Name:     BT5-KDE-32.torrent
   
Size:           1840
   
Flavor:        KDE
   
Arch:          32 bit
   
Image:       ISO
   
Download BackTrack 5 KDE-32Bit  From Here  :     Torrent
   
MD5:     4150643026d292717f77ebb83948a034
     
=================

Name:     BT5-KDE-64.torrent
   
Size:            1800
   
Flavor:         KDE
   
Arch:           64 bit
   
Image:         ISO
   
Download BackTrack 5 KDE-64Bit From here :     Torrent
   
MD5:     80d65610de90ac7ede49b9f7935dfdd2
     
==================


Name:     BT5-GNOME-32.torrent
   
Size:                  1910
   
Flavor:              GNOME
   
Arch:                 32 bit
   
Image:               ISO
   
Download BackTrack 5 Gnome-32Bit From Here :       Torrent
   
MD5:                 b01a93a916fabb6d1640bd0054428e17

============================================

Name:              BT5-GNOME-64.torrent
   
Size:                1870
   
Flavor:            GNOME
   
Arch:               64 bit
   
Image:             ISO
   
Download BackTrack 5 Gnome-64Bit From Here:     Torrent
   
MD5:                75c4e7a969abc873d9e085656b156345

DHCP vulnerability in some Ubuntu releases

Ubuntu Security Notice USN-1108-2
April 19, 2011

dhcp3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 9.10

Summary:

An attacker's DHCP server could send crafted responses to your computer and
cause it to run programs as root.

Software Description:
- dhcp3: DHCP Client 

Details:

USN-1108-1 fixed vulnerabilities in DHCP. Due to an error, the patch to fix
the vulnerability was not properly applied on Ubuntu 9.10 and higher. This
update fixes the problem.

Original advisory details:

 Sebastian Krahmer discovered that the dhclient utility incorrectly filtered
 crafted responses. An attacker could use this flaw with a malicious DHCP
 server to execute arbitrary code, resulting in root privilege escalation.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.10:
  dhcp3-client                    3.1.3-2ubuntu6.2

Ubuntu 10.04 LTS:
  dhcp3-client                    3.1.3-2ubuntu3.2

Ubuntu 9.10:
  dhcp3-client                    3.1.2-1ubuntu7.3

In general, a standard system update will make all the necessary changes.

References:
  CVE-2011-0997

Package Information:
  https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu6.2
  https://launchpad.net/ubuntu/+source/dhcp3/3.1.3-2ubuntu3.2
  https://launchpad.net/ubuntu/+source/dhcp3/3.1.2-1ubuntu7.3

TCP/IP & UDP Attacks Introduction

Hello, Lets explain "TCP/IP & UDP Attacks", Most common and effective Web attacks...Lets Know abt its basic and types...

TCP/IP Attacks
1. TCP SYN or TCP ACK Flood Attack
2. TCP Sequence Number Attack
3. TCP/IP

UDP attacks

1. ICMP Attacks
2. Smurf Attacks
3. ICMP Tunneling

TCP operates using synchronized connections. The synchronization is vulnerable to attack; this is probably the most common attack used today. The synchronization or handshake, process initiates a TCP connection. This handshake is particularly vulnerable to a DoS attack referred to as the TCP SYN Flood attack. The process is also susceptible to access and modification attacks, which are briefly explained in the following sections.

TCP SYN or TCP ACK Flood Attack - This attack is very common... The purpose of this attack is to deny service. The attack begins as a normal TCP connection: the client and the server exchange information in TCP packets. The TCP client continues to send ACK packets to the server, these ACK packets tells the server that a connection is requested. The server thus responds to the client with a ACK packet, the client is supposed to respond with another packet accepting the connection to establish the session. In this attack the client continually send and receives the ACK packets but it does not open the session. The server holds these sessions open, awaiting the final packet in the sequence. This cause the server to fill up the available connections and denies any requesting clients access.

TCP Sequence Number Attack - This is when the attacker takes control of one end of a TCP session. The goal of this attack is to kick the attacked end of the network
for the duration of the session. Only then will the attack be successful. Each time a TCP message is sent the client or the server generates a sequence number. The attacker intercepts and then responds with a sequence number similar to the one used in the original session. This attack can then hijack or disrupt a session. If a valid sequence number is guessed the attacker can place himself between the client and the server. The attacker gains the connection and the data from the legitimate system. The only defense of such an attack is to know that its occurring... There is little that can be done...

TCP Hijacking - This is also called active sniffing, it involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address. This happens quickly and gives the attacker access to the session and to all the information on the original system.

UDP packets aren't connection oriented and don't require the synchronization process as with TCP. UDP packets, however, are susceptible to interception, thus it can be attacked. UDP, like TCP, doesn't check the validity of an IP address. The nature of this layer is to trust the layer above it (I'm referring to the IP layer). The most common UDP attacks involve UDP flooding. UDP flooding overloads services, networks, and servers. Large streams of UDP packets are focused at a target, causing UDP services on that host to shut down. It can also overload the network and cause a DoS situation to occur.

ICMP Attacks - This occur by triggering a response from the ICMP protocol when it responds to a seemingly legitimate request (think of it as echoing). Ping for instance, that uses the ICMP protocol. sPing is a good example of this type of attack, it overloads te server with more bytes than it can handle, larger connections. Its ping flood.

Smurf Attacks - This attack uses IP spoofing and broadcasting to send a ping to a group of hosts on a network. When a host is pinged it send back ICMP message traffic information indicating status to the originator. If a broadcast is sent to network, all hosts will answer back to the ping. The result is an overload of network and the target system. The only way to prevent this attack is to prohibit ICMP traffic on the router.

ICMP Tunneling - ICMP can contain data about timing and routes. A packet can be used to hold information that is different from the intended information. This allows an ICMP packet to be used as a communications channel between two systems. The channel can be used to send a Trojan horse or other malicious packet. The counter measure is to deny ICMP traffic on your network.

Warning : ICMP can be very dangerous..and Even,as i said ...Don't try such attack from your pc,untill you don't know that how to be invisible on net ! Beccause once you get traced out ...No one can help you from Troubles..

Hacking Tool: John the Ripper: Crack Password

• It is a command line tool designed to crack both Unix and NT passwords. John is extremely fast and free
• The resulting passwords are case insensitive and may not represent the real mixed-case password.

John the Ripper is a fast password cracker, currently available for many flavors of UNIX (11 are officially supported), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak UNIX passwords. John the Ripper is a part of Owl, Debian GNU/Linux, SuSE, very recent versions of Mandrake Linux, and EnGarde Linux. It is in the ports/packages collections of FreeBSD, NetBSD, and OpenBSD.

John the Ripper is designed to be both powerful and fast. It combines several cracking modes in one program, and is fully configurable for specific needs. As John is available for different platforms, the attacker can use the same cracker everywhere and even continue a cracking session started on a different platform. It supports several cryptographic password hash types most commonly found on various UNIX flavors. Supported out of the box are Kerberos AFS and Windows NT/2000/XP LM hashes, plus several more with contributed patches.

Out of the box, John supports (and auto detects) the following ciphertext formats: standard and double-length DES-based, BSDI's extended DES-based, FreeBSD's MD5-based, and OpenBSD's Blowfish-based. With just one additional command (required to extract the passwords), John can crack AFS passwords and WinNT LM hashes. John has highly optimized modules for different ciphertext formats and architectures. Some of the algorithms used - such as bitslice DES - require a more powerful interface. Additionally, there are assembly routines for several processors and architectures (special Intel Pentium version, x86 with MMX, generic x86, Alpha EV4, SPARC V8).

However, the resulting passwords are case insensitive and may not represent the real mixed-case password. Indeed, this is a small hindrance to a determined patient attacker.