Tuesday, 18 April 2017

What is footprinting or information gathering??

Hello everyone, today we are gonna discuss about a term called footprinting in the world of cyber security. So let's get started.

Footprinting or Information gathering: Footprinting is sometimes also called as information gathering. As the name suggests, it is all about gathering some kind of information. In the field of hacking, information are the private or personal data about our target. It is a primary stage of ethical hacking. We see in movies that an anonymous looking guy comes with a laptop and types some bunch of commands and hacks everything. So if you also think that hacking is that much easy then my friend let me clear your concept about hacking.  "A hacking is not a one click or one push button activity". It may be that easy in movies to fascinate the viewers but in real life the story is different. You can not hack anything without finding a security breaches of the system.


Footprinting is not a new concept. If i say that footprinting has been used from thousand of years then you will not believe us. So let me brush up your mind. Think about the king of our country in past who had many spies who were used to investigate about the weak as well as strong point of opposition team before a war. So that was nothing but an information gathering, right.
In the field of cyber security, footprinting is nothing but gathering all the information of our target before hacking the target. Once we have all the required data of our victim then we go and execute exploit by making any payloads or by any means.
You can use google as footprinting tool to get the required data. Also, go and check your target's social accounts and there you will get many information like his nickname, date of birth, address, qualification  and many more about his personal as well as  professional life. If he has a public privacy then you can get all those information easily. Next, use some footprinting tools to gather all the information about victim's computer like, what are the ports that are opened on victim's system, software installed on those ports and many more. If you don't know what is port of computer then i will suggest to go through our post about computer port. I will attach the link of that post at the end of this tutorial.
I will suggest to use kali linux because it has many preinstalled footprinting tools which you can use.

Some of footprinting tools are:
1) Nmap
2) Zenmap
3) whois
4) Nslookup
5) dmitry
6) dnmap
7) Amap
8) Faraday
9) Firewalk
10) hping3
And many more. After you are done with this phase i.e, footprinting then the next step would be Vulnerability Analysis of victim's system and once you get his vulnerable package then final step would be making a payload and exploit his system completely.
So, we guess you do have now a good understanding about footprinting or information gathering. If you still have any doubt then write it down to the comment section.

That's it for today. We will be back soon till then like, share & subscribe our blog.

Link to post about computer port:  Click Me!

Thursday, 13 April 2017

What is the difference between updating and upgrading a software??

Hello everyone, a warm welcome to all of you on our blog. Today, we will discuss about the differences between updating and upgrading a software or a package.
We are damn sure that most of you don't know about the differences between updating and upgrading a package. Let us discuss about them in this post.

Update: Frankly speaking, it is nothing but applying some new patches and changes to the existing files on your computer to fix the bugs in a program. Suppose, you have installed a software on your system (may be on your phone or on your computer) and if you did not update it regularly and if there exists any bug in it's older version which you have on your system i.e, say you have a software with version say 5.112 and it's newer or latest version is having version 8.117 and if version 5.112 is having some loop hole or bug then it can be used by any hacker to hack your system surely. So, it is recommended to update your softwares time to time, so that, if former version contains some bugs then after updating it, the patches will be applied to it automatically. The update file is pretty much smaller in size than upgrade file.


 Upgrade: When we upgrade a program then first the existing files are uninstalled and a new one is being installed in it's place. So this takes significantly longer time and there are more changes to the program in an upgrade rather than there is with an update. Upgrade file is much larger than the update file for the same program.The main objective of update is to provide bug and error fixes to present existing files but main objective of upgrade is to introducing new features and functionality to an existing program.

 

So, update is used to refresh the installed package but it does not install any new packages which is only done by upgrading. Both requires restarting your system after finishing but still they are different. Update are kind of fixing the bugs of your house but upgrades are which fully renovate your house.

Note: We wrongly say that we have updated our windows from 7 to 8/8.1/10 but it is wrong because that is upgrading the windows not updating.
So that's it for today guys. We will back soon. Till then like, share & subscribe our blog to get the updates.

Thursday, 6 April 2017

How to send a secret message to someone within an image without using any software??

Welcome guys to our blog. Today we will discuss about the way to send a private message to someone without using any third party software. In our blog, we have already discussed about how you can hide a folder containing many files inside an image file in an android phone. If you have not seen that post then we request you to have a look over that post. We will attach a direct link of that post at the end of this tutorial.

If you want to send a personal message to someone and you don't want anybody except the receiver of that message to read it then all you need to do is just use an image of any format i.e, .jpg, .png etc and then bind it with a text file containing the original message. Steps are as below:

1) Go to the location of the image file where you want to hide your message and then just hold the shift key button and right click on anywhere over the window, you will get an option saying "Open command window here". So just click on that option or else you have to open command prompt by going to start menu and click on "Run" and open Run box and then type "cmd" and hit enter and then you have to change the directory or path of command prompt to the directory or path of that image file where your image is. Well in my case, image is on desktop. So, i have opened cmd window and then navigate to desktop by using "cd" command i.e, "cd desktop". I am attaching the screenshot below.




2) Then all you have to do is just type the command below. Well in my case, image is an jpg file type with name "tom cruise.jpg". You will have to type the name of your image file with it's correct extension. Command is as below:
"notepad tom cruise.jpg:hidden"



After typing the above command press enter. You will see a blank notepad file has fired up i.e, like this


3) All you need to do is just write your secret message inside that blank notepad file and save the file simply by using shortcut (ctrl+ s) . For demo, i have just written a debit card details.

Secret Message
4) Now after saving the file, just close all windows and if you open that image then you will see the image normally as usual. i.e,



5) Send the image to whom you want to via email or by any means.

6) Our receiver will receive the image file and to recover the message, all he needs to is just open the command prompt over the same location where the image file is and type the same command i.e, in our case it will be as below:
"notepad tom cruise.jpg:hidden"


That's it. So, in this way we can send a secret message to someone.

Note: This will work in a ntfs file system only.

Click on this Link for the post regarding how to hide files inside an image in an android phone.

That's it for today guys. We will back soon. Till then like, share and subscribe our blog.

Sunday, 2 April 2017

What is hacking and hacker's coloured hat??

Hello guys, a warm welcome to all of you on our blog. Today we are gonna discuss about what is computer hacking and it's type.
Firs of all before starting the session let me correct all of them who think hacking is an illegal activity. So for all of them who think like that, we wanna tell them all that "Hacking is not an illegal thing". Every knowledge can have two types of outcome i.e Positive and Negative. Now it all depends upon us that which outcome we are gonna select for us. Like if you wrestle well then either it may be your professional goal and you wanna raise your name in wrestling but if you are using it for physically harassing someone then it's all futile and you will surely get punished for your crime.
Similar thing fits well in all type of knowledge and how we use that knowledge.It should be noted that "A hacker is not a cracker". There is a famous saying "Every knowledge means self-knowledge" . So, it all depends upon us.


Hacking: In a simple way, definition of hacking would be"Gaining expertise in a definite field is called hacking". For example, if you are a good bike rider and you know nano to mega things about bike riding then you can call yourself a hacker of bike. Coming back to our today's topic, computer hacking is the gaining of expertise in computer's stuff like both hardware as well as software. A good hacker is one who has a balanced grip over both hardwares and softwares of computer. It takes years to be an expert because "It's not the tea that tastes good, it's hand which makes it to be good".


Types Of Hacker: Hackers are the geeks who have the expertise in computer security but as we told you earlier that depending upon outcome it all gets divided into some categories. So here are the categories of hackers:

White Hat Hacker: These are the people who does hacking with a white intention just like their name i.e white hat. They are professional hackers also known as “ethical hackers”, who work for the cyber security of a company. They first ask the company owner that we are gonna test your network security and then they make it confirm by signing a legal agreement. Then they attack the website and check for any security breaches or loop hole in the system. They are get paid for it. They also give donation to all the open source softwares, may be financially or by practically checking, modifying, updating the softwares. As open source software can be  reprogrammed or modified.



Grey Hat Hacker: As in life, there are grey areas that are neither black nor white. A gray-hat hacker falls   somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain, but they may technically commit crimes.
Grey hat hackers will look for vulnerabilities in a system without the owner’s permission or knowledge. If issues are found, they will report them to the owner, sometimes requesting a small fee to fix the issue. If the owner does not respond or comply, then sometimes the hackers will post the newly found exploit online for the world to see.
 These types of hackers are not inherently malicious with their intentions, they’re just looking to get something out of their discoveries for themselves. Usually, grey hat hackers will not exploit the found vulnerabilities. However, this type of hacking is still considered illegal because the hacker did not receive permission from the owner prior to attempting to attack the system.


Black Hat Hacker: Last but not the least, these are the guys who play with someone else privacy without any permission. They are bad guys in computer world. They hack bank accounts, social accounts, traffic signaling, government websites and so on. They harass people due to mainly three reasons i.e for personal, just for the sake of fun and for the sake of money. If your enemy is a black hat hacker then he will surely hack you and may leak your personal information on public. You know it's not the era of 80's. Everything is digital. Information can not be hidden. Black hat hacker hacks credit card or debit card details and sell those details on the internet and get paid for it.


So, we think now you do have an idea about hacking and it's type i.e, White, grey and black hat hacking. We also saw that both white as well as black hat hacker is an educated person but difference lies in the way of their working because it's you who choose and drop a place of your choice.


 Time to wrap up the show. We will be back soon. Till then like, share and subscribe.