Tag Archives: Hack

Cron Hack running job/script every 5 seconds

what is Cron?

Cron is a time-based job scheduler in Unix-like computer operating systems. ‘cron’ is short for ‘chronograph’.

Cron is the name of a program that enables unix users to execute commands or scripts (groups of commands) automatically at a specified time/date. It is normally used for system admin commands, like makewhatis, which builds a search database for the man -k command, or for running a backup script, but can be used for anything. A common use for it today is connecting to the internet and downloading your email.

Cronjob Hack, running job/script every 5 seconds or something but lesser than a gap of one minute. i made the script to display a log file with time stamp LOGFILE=/root/username/logs/log_`date +%H%M%S`.log so that you can check if your cron is working or not, and you can disable it anytime,

crontab -e

add this on your crontab

*/1 * * * * /scripts/5secondrotatorscript.sh

#! /bin/bash
LOGFILE=/root/username/logs/log_`date +%H%M%S`.log

while [ ${x} -gt 0 ]
/usr/bin/php /home/username/public_html/scripts/file.php >> $LOGFILE
sleep 5

save as 5secondrotatorscript.sh

How to Send Fake Email

Fake E-mail
( How to Fool UUCP)


1. Telnet to port 25 of any internet server
(eg. telnet site.name.and.address 25)
2. If at all possible, AVOID TYPING “HELO”.
3. Type: rcpt to (person to receive fake mail){ENTER}
4. Type: mail from (fake name and address){ENTER}
5. The mail server should ok each time after each name.
6. If it does not:
a) type vrfy and then the name of the person
b) as a last resort use helo, this will login your computer as
having been the source of the mail
7. Retype the commands, it should say ok now.
8. Type: data{ENTER}
9. The first line of the message will be the Subject line
10. Enter your letter
11. To send letter type a “.” on an empty line.
12. Then type quit{ENTER}
13. This is traceable by any system administrator so don’t harass people this
14. If the person receiving the mail uses a shell like elm he/she
will not see the telltale fake message warning
“Apparently-To:(name)” even if not, most people wouldn’t know
what it means anyway.
15. Make sure you use a four part address [email protected]
so as to make it look more believable and cover any add-ons the
mail routine might try
16. Put a realistic mail header in the mail message to throw people
off even more. If there are To: and Date: lines then the
program probably won’t add them on.
17. Also try to telnet to the site where the recipient has his
account. This works better if you know how to fool it.

(from Beelzebub, Doktor Nil w/ Belisarius)

UUCP is an abbreviation for Unix to Unix CoPy. The term generally refers to a suite of computer programs and protocols allowing remote execution of commands and transfer of files, email and netnews between computers. Specifically, uucp is one of the programs in the suite; it provides a user interface for requesting file copy operations. The UUCP suite also includes uux (user interface for remote command execution), uucico (communication program), uustat (reports statistics on recent activity), uuxqt (execute commands sent from remote machines), and uuname (reports the uucp name of the local system).

Linux Server Hacked

Linux Mint Server Hacked last August 15th, the server of the Linux Mint distribution was hacked and code was injected to install a trojan called JS/Tenia.d If you visited linuxmint.com between August 13-15 they recommend you to scan your computer to make sure this trojan isn’t present. As this attack exploited vulnerabilities within linuxmint’s PHP code. Linuxmint took the opportunity to clean it all and secure every single page against injections in the future. Linuxmint.com experienced almost 20 hours of downtime


Virus Characteristics

This detection covers scripts in which malicious iFrame(s) is appended to the end of a HTML page, i.e. after the < /HTML > tag.

The recent variant also included Javascript obfuscated malicious iFrames. These iFrames will lead to redirection of the browser window to browser exploits that will download and execute malware on user’s computer.

Obviously just the Windows users were affected by this

Guide: How to Turn Firefox to an Ethical Hacking Platform Using FireCAT

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.

The current release is 1.4 ( 12 May 2008 )
Home: http://www.security-database.com/toolswatch/+-FireCAT-+.html
Download Source Here
Dedicated Host for Firefox FireCAT: http://www.firecat.fr/

Note: you need to install Freemind for this tool

Top Wireless Hack Tools Packet Sniffers

Anyone interested in gaining a deeper knowledge of wireless security and exploiting vulnerabilities will need a good set of base tools with which to work. Fortunately, there are an abundance of free tools available on the Internet. ” This Blog Post Covers all the tools and how to protect against them.

1) Wireshark : Sniffing the glue that holds the Internet together
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

2) Kismet : A powerful wireless sniffer
Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, …

3) Tcpdump : The classic sniffer for network monitoring and data acquisition
Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn’t receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.

4) Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.

5) Ettercap : In case you still thought switched LANs provide much extra security
Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

6) Dsniff : A suite of powerful network auditing and penetration-testing tools
This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected ssh and https sessions by exploiting weak bindings in ad-hoc PKI. A separately maintained partial Windows port is available here. Overall, this is a great toolset. It handles pretty much all of your password sniffing needs.

7) NetStumbler : Free Windows 802.11 Sniffer
Netstumbler is the best known Windows tool for finding open wireless access points (“wardriving”). They also distribute a WinCE version for PDAs and such named Ministumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC.

8 ) Ntop : A network traffic usage monitor
Ntop shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.

9) Ngrep : Convenient packet matching & display
ngrep strives to provide most of GNU grep’s common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

10) EtherApe : EtherApe is a graphical network monitor for Unix modeled after etherman
Featuring link layer, IP and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.

11) KisMAC : A GUI passive wireless stumbler for Mac OS X
This popular stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks