Let's Hack the World

What is Session Hijacking ? Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user's Web application session while that session is still in progress. TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine. Techniques : There are mainly three methods used to perpetrate a session hijack. These are: 1. Session Fixation: The session fixation attack is a class of Session Hijacking, which steals the established session between the client and the Web Server after the user logs in. Instead, the Session Fixation attack fixes an established session on the victim's browser, so the attack starts...

What is Sidejacking ? Sidejacking is the process of sniffing cookie information, then replaying them against websites in order to clone a victim’s session. We use the term sidejacking to distinguish this technique from man-in-the-middle hijacking. Whereas man-in-the-middle hijacking interferes with the original session, sidejacking does not. The victim continues to use his session blissfully unaware that we are also in his account. SideJacking works only if the site catches a non-SSL cookie, so any Web site that uses SSL exclusively would be safe from SideJackers. SideJacking was first demonstrated by Robert Graham , CEO of Errata Security at Black Hat in 2007. Techniques : All you need to do in order to sidejack is sniff cookies off the wire and edit cookies. This can be done with a wide variety of tools. 1. WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets by...

What is ARP ? The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host's hardware address (MAC) or link layer when only its Internet Layer (IP) or Network Layer address is known. In fact it’s a IP to MAC mapping. Broadcast ARP Request: Jessica, the receptionist, tells Word to print the latest company contact list. This is her first print job today. Her computer (IP address 192.168.0.16) wants to send the print job to the office's HP LaserJet printer (IP address 192.168.0.45). So Jessica's computer broadcasts an ARP Request to the entire local network asking, "Who has the IP address, 192.168.0.45?" Unicast ARP Reply: All the devices on the network ignore this ARP Request, except for the HP LaserJet printer. The printer recognizes its own IP in the request and sends an ARP Reply: "Hey, my IP address is 192.168.0.45. Here is my MAC address: 00:90:7F:12:DE:7F" ...

What is Session Fixation ? Session Fixation is an attack that permits an attacker to hijack a valid user session. The attack explores a limitation in the way the web application manages the session ID, more specifically the vulnerable web application. When authenticating a user, it doesn’t assign a new session ID, making it possible to use an existent session ID. The attack consists of inducing a user to authenticate himself with a known session ID, and then hijacking the user-validated session by the knowledge of the used session ID. The attacker has to provide a legitimate Web application session ID and try to make the victim's browser use it. Attack Scenario : 1. Mallory has determined that http://unsafe/ accepts any session identifier, accepts session identifiers from query strings and has no security validation. http://unsafe/ is thus not secure. 2. Mallory sends Alice an e-mail: "Hey, check this out, there is a cool new account summary fe...

How To Hack FACEBOOK ?   Today I'll illustrate the SESSION HIJACKING technique to hack FB Account. In this scope I will be using BACKTRACK , a Penetration Testing Distribution integrated with the below tools for Network Scan, MIMA and Packet Analysis. 1. NMAP 2. ARPSPOOF 3. WIRESHARK And two below scripts which are compatible with Mozilla Firefox will be used for Cookie Injection: 1. GREASEMONKEY 2. COOKIE INJECTOR Techniques:    1. First Scan your network and find the target using NMAP , a Network Scanner. In this case i got 192.168.1.3 as the Target. Backtrack 2. Next I need to start the IP Forwarding which enables my machine to forward any network traffic it receives from the target to the router. Backtrack 3.  Next Man-In-The-Middle-Attack (MIMA) is begun by exploiting ARP Cache Poisoning to intercept network traffic between the target and the router.    First  a malici...

Ab ap sab telenor internet use kren woh bhi bilkul free Ab ap sab telenor internet use kren woh bhi bilkul free: Details given below. sab se pehlay to apne handset ki compitable internet settings mangwain service provider se. DEAR ALL USER AB TELENOR FACEBOOK FREE DE RAHA HAI AAP KISY BHE BROWSER PE FACEBOOK OPEN KAREN BILKUL FREE BAS URL ADRESS MAIN M.FACEBOOK.COM OPEN KAREN AUR TELENOR INTERNET SE CONECT KAREN WAP SE NAHE AUR HAAN JIN MOBILE MAIN FACEBOOK KI APPS HAI WO BHE FREE.... ! un settings ko active kr k apne cell me opera mini browser open kren agar pehlay se downloaded hy to agar nhi hy to pehlay opera mini ya phr UC Browser download kr len jin k links main neechay share kr deta hun. browser k address bar me facebook ka laink is tarha open kren m.facebook.com to ap telenor sim free facebook browsing kr saken gay. - See more at: http://shahginfo.blogspot.com/2013/12/now-use-telenor-internet-absouletely.html#sthash.OF2qGPtz.dpuf Ab ap sab te...

If youtube is blocked in any country then you can still download youtube videos . In this tutorial I’ll share the steps to download youtube videos . How to Download Youtube Videos Now when Youtube is blocked in some countries. People often use proxy tools (Ultrasurf, Hotspot sheild or hide ip). Then many people are facing issues while download from youtube by IDM . Because IDM needs to be configured to download youtube videos when on proxy. Youtube Downloader Steps if you haven’t install IDM then first you need to install it. You can download IDM from below button. If you are not already using any proxy then I suggest you to follow below link to unblock youtube. Make sure IDM is registered. You can follow steps in read me document of its folder. Run Ultrasurf and wait until it is connected. Open IDM and go to Option button. Click the “Proxy/Socks” Tab and hit button “Get From IE” Then press OK and Close the options. Now Open Youtube in browser. You’ll see ID...

Looking for How To Unblock YouTube In Pakistan With Full Buffering Speed? You can Open YouTube in Pakistan with easy steps. YouTube is blocked in Pakistan for last eight months now. Every one knows that YouTube was a knowledge river too. People used to download video tutorials, songs and documentaries from YouTube. But now all is gone. There are different methods to unblock YouTube in Pakistan. But most of methods to open YouTube in Pakistan are very slow. Today I though to write a complete step by step tutorial on How to Unblock YouTube in Pakistan with High Buffering Speed. This way of unblocking YouTube in Pakistan is easy and even a newbie can do it. How To Unblock YouTube In Pakistan – Tutorial Method # 1 – Using Surfing Tunnel – Fast Speedy Way The first method will open youtube very fast and without any ads. Follow below steps to open youtube with it. Download Surfing Tunnel Click on below button to download this tool. This will unblock youtube in Pakistan ...

People prefer  YouTube  over other video networks, Because this is biggest video community. Learn how you can speed YouTube buffering on slow internet. Some people really feel issue with YouTube buffering speed on poor networks. I’ll share some tips and tricks to improve buffering speed of YouTube  The most important factor on which YouTube buffer speed depends is your internet connection. However for people which have slow internet they can also speed youtube buffering. Below are the methods which will help you to boost video buffering. First of all for countries where youtube is blocked e.g You can unblock Youtube in Pakistan in Full Speed. Once YouTube is unblocked You can download Youtube videos with IDM using Proxy . Tips To Speed YouTube Buffering Trick 1: Increase Your Internet Speed I already shared some tips to boost internet speed . Follow that recommendation as first step. You can boost...