Monday 19 August 2013

.bat to .exe

      Converting .bat to .exe is required if you want to create an application and don't want the code to be read by someone else. There are lots of software available to do this work, but I prefer Quick batch file compiler (QBFC) for this purpose, you can download this software from here.

Thursday 9 May 2013

Bring Down A Network....


This time I am going to share some of my experience of bringing down network which I have done many time. Their are some process I have used to bring down the network. These are few general process which we use in hacking, but using them you can bring down a network also.

Sunday 24 February 2013

HoneyPots....

   Today one of my friend ask me What is Honeypot and how to use it. So, I decided to write an article on it.
According to Wikipedia:- In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.

There are lots of methods to deploy Honeypots based on what kind of Honeypot you want to use. In this article we will see hot to setup an network based honeypot. This honeypot is used to detect network attack.

Wednesday 9 January 2013

LFI and Shell uploading

Hii.... Today we are going to see LFI attack using tamper data add-on on firefox..


First of all we need a website vulnerable to LFI...
there are plenty of software which can help you to find LFI vulnerable website..
If you don't have any software then you can download it from here.

How to check LFI vulnerability on a website:-
if our target is something like this.. then 

http://www.url.com/view.php?page=about.php

Saturday 22 September 2012

Tab-nabbing with DNS Spoofing using Backtrack


Please visit my new blog to find new updates.: http://aakarperiwal.com


Hello Everyone I am going to tell you how to use tab-nabbing with DNS Spoofing to make it more effective.

First let me tell you what is Tab-nabbing?
Tab-nabbing is the Advance form of Phishing attack. The Tab-nabbing attack method is used when a victim has multiple tabs open. When the user click on the link he/she will get page presenting " please wait while the page loads" (depends upon your coding, but if you are using SET then you don’t have to do coding). When the victim switch tab then the website detects that a different tab is open and rewrites itself with the page you specify. When the victim clicks back on the link he/she will see a login page thinking that they may be logged. When the credentials are inserted attacker get the credential and victim get forwarded on the real website.

When you are using it on the WAN you have to send a link of your website to victim, but if you are using it on LAN then it is necessary that victim hit your web server to do so we use DNS spoofing so that victim click on our web server and our Tab-nabbing page open.