ClubHACK Magazine February 2012
Am Friday, 10. Feb 2012 im Topic 'Books change the World'
Tech Gyan: Exploiting Remote System without Being Online
This paper demonstrates unique kind of communication technique between attacker machine and victim machine during the exploitation of any victim system. Usually, while an attacker exploits the remote system and gets the remote command prompt (remote shell), attacker is only able to execute commands till the session from the remote machine is opened (established). While exploiting the system in a normal way, attacker and the victim system both should be online, if attacker wants to execute some commands in remote machine (Victim Machine).
Legal Gyan: Liability of Intermediaries under the Information Technology Act
Recently Delhi high court has summoned Google, Facebook and Twitter to remove objectionable content from their website within the prescribed time period failing to which may result into blocking of the websites in India. I will be a fool to copy this from pentestit. So the question which triggers is What is the liability of the intermediaries like Google, Facebook and Twitter under Indian law?
Tool Gyan: Cain and Abel – The Black Art of ARP Poisoning
Cain and Abel is windows based password recovery tool available as a freeware and maintained by Massimiliano Montoro. It supports wide features to recover passwords varying from Local Area Network to various routing protocols as well as provides intelligent capability to recover cached passwords and encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks.
Matriux Vibhag: Introduction to Skipfish
Skipfish is an active web application security reconnaissance tool written and maintained by Michal Zalewski (@lcamtuf). Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under Arsenal ->Framework -> Skipfish
Mom’s Guide: Firewall 101
Today we are exposed to innumerable threats online. Firewalls act as the first line of defense for securing our network against these threats. Firewall could be a program or a device or group of devices used to control the traffic flow. The basic principle that Firewall uses to control this communication is ‘Access Rules’. It maintains an access rule table and every time a packet comes in or goes out, Firewall refers to this table. It only allows authorized traffic and blocks the unwanted packets.
Download PDF
http://chmag.in/issue/feb2012.pdf
This paper demonstrates unique kind of communication technique between attacker machine and victim machine during the exploitation of any victim system. Usually, while an attacker exploits the remote system and gets the remote command prompt (remote shell), attacker is only able to execute commands till the session from the remote machine is opened (established). While exploiting the system in a normal way, attacker and the victim system both should be online, if attacker wants to execute some commands in remote machine (Victim Machine).
Legal Gyan: Liability of Intermediaries under the Information Technology Act
Recently Delhi high court has summoned Google, Facebook and Twitter to remove objectionable content from their website within the prescribed time period failing to which may result into blocking of the websites in India. I will be a fool to copy this from pentestit. So the question which triggers is What is the liability of the intermediaries like Google, Facebook and Twitter under Indian law?
Tool Gyan: Cain and Abel – The Black Art of ARP Poisoning
Cain and Abel is windows based password recovery tool available as a freeware and maintained by Massimiliano Montoro. It supports wide features to recover passwords varying from Local Area Network to various routing protocols as well as provides intelligent capability to recover cached passwords and encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks.
Matriux Vibhag: Introduction to Skipfish
Skipfish is an active web application security reconnaissance tool written and maintained by Michal Zalewski (@lcamtuf). Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under Arsenal ->Framework -> Skipfish
Mom’s Guide: Firewall 101
Today we are exposed to innumerable threats online. Firewalls act as the first line of defense for securing our network against these threats. Firewall could be a program or a device or group of devices used to control the traffic flow. The basic principle that Firewall uses to control this communication is ‘Access Rules’. It maintains an access rule table and every time a packet comes in or goes out, Firewall refers to this table. It only allows authorized traffic and blocks the unwanted packets.
Download PDF
http://chmag.in/issue/feb2012.pdf