you can find every thing here: 2009

Thursday, November 5, 2009

Red Hat Enterprise Linux (version 4) Documentation Errata

Wednesday, October 21, 2009

How To Hack Orkut ???

Google uses a 4 Level Orkut login which makes it difficult to hack Orkut using brute force attack.

First Level - Security-SSL or 128 bit secured connection

Second Level – Google account checks for cookie in the sytem of user

Third Level – Google provides a redirection to the entered User information

Fourth Level – Google doesn’t use conventional php/aspx/asp coding. So it is impossible to hack Orkut using input validation attack!!!

It is not an easy task to hack Orkut by breaking this security! But still some people manages to get access to other’s Orkut accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users and then they themself leak out their password. Here are some points you need to take care of, to protect your Orkut account being hacked.

Common Ways to Hack Orkut

1. Using Keyloggers is one of the Easiest Way to Hack an Orkut (or any other email) password. Keylogger programs can spy on what the user types from the keyboard. If you think that you can just uninstall such programs, you are wrong as they are completely hidden.

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an Orkut account.

A keylogger program is widely available on the internet. Some of the best ones are listed below

Win-Spy Monitor

Realtime Spy

A detailed information on Keylogger Hack can be found in my post Hacking an Email Account.

2. Phishing Attack is the most popular way of hacking/stealing other’s password. By using fake login pages it is possible to hack Orkut. Here the users land on a page where they are asked for their login information and they enter their Orkut username and password thinking it to be a real page but actually it is other way round. It submits all the entered details to the creator of the fake login page.

3. Orkut New Features: I have come across a page(fake page) that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When the user submit’s his/her Orkut login information through this page, there goes his ID and password mailed to the coder.

4. Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. This is definitely a trap created by the hacker to hack your Orkut password. Clicking on this link will take you to a fake login page and there you loose up your password.

5. Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it. So be careful, javascripts can even be used to hack Orkut!

6. Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on ‘forget password’. This way Google will send link to the already hacked primary email ID to change the password of the Orkut account. Hence the email hacker will change your Orkut account’s password. Hence your, Orkut account is hacked too.

So a better thing would be to keep a very unknown or useless email ID of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker. Hence your Orkut account saved.

So, I hope that this post not only teaches you to hack Orkut but also to hack protect your Orkut account.

If you would like to share something, comment here and I will add up here with a credit to your name.

Popularity: 78% [?]

Tuesday, October 20, 2009

How-To: Recover root password under linux with single user mode

It happens sometime that you can't remember root password. On Linux, recovering root password can be done by booting Linux under a specific mode: single user mode.
This tutorial will show how to boot Linux in single user mode when using GRUB and finally how to change root password.

During normal usage, a Linux OS runs under runlevels between 2 and 5 which corresponds to various multi-user modes. Booting Linux under runlevel 1 will allow one to enter into a specific mode, single user mode. Under such a level, you directly get a root prompt. From there, changing root password is a piece of cake

1. Entering runlevel 1

Some Linux distribution, such as Ubuntu for instance, offer a specific boot menu entry where it is stated "Recovery Mode" or "Single-User Mode". If this is your case, selecting this menu entry will boot your machine into single user mode, you can carry on with the next part. If not, you might want to read this part.

Using GRUB, you can manually edit the proposed menu entry at boot time. To do so, when GRUB is presenting the menu list (you might need to press ESC first), follow those instructions:

use the arrows to select the boot entry you want to modify.
press e to edit the entry
use the arrows to go to kernel line
press e to edit this entry
at the end of the line add the word single
press ESC to go back to the parent menu
press b to boot this kernel

The kernel should be booting as usual (except for the graphical splash screen you might be used to), and you will finally get a root prompt (sh#).

Here we are, we have gained root access to the filesystem, let's finally change the password.

2. Changing root password

As root, changing password does not ask for your old password, therefore running the command:

# passwd

will prompt you for your new password and will ask you to confirm it to make sure there is no typo.

That's it, you can now reboot your box and gain root access again

Klipping a Lan

Category 5(e) (UTP) colour coding table :

The following table shows the normal colour coding for category 5 cables (4 pair) based on the two standards supported by TIA/EIA (see also our primer on this topic)
We get occasional email about the difference between 568A and 568B wiring. Which one you use is a matter of local decision. These standards apply to the color code used within any SINGLE cable run - BOTH ENDS MUST USE THE SAME STANDARD. However, since they both use the same pinout at the connectors you can mix 568A and 568B cables in any installation.

100base-T Crossed cable (PC to PC or HUB to HUB):

Crossed cables are used to connect PCs to one other PC or to connect a HUB to a HUB. Crossed cable are sometimes called Crossover, Patch or Jumper cables. If your connection is PC to HUB you MUST use a Straight cable.
The following description shows the wiring at both ends (male RJ45 connectors) of the crossed cable. Note: The diagrams below shows crossing of all 4 pairs and allows for the use of cat3/4 cables with 100m LANs (100base-T4). Pairs 4,5 and 7,8 do not NEED to be crossed in 100base-TX wiring. See notes below.
NOTES:
All our crossed wiring is now done to the 100base-T4 spec (uses all 4 pairs, 8 conductors) which you can use with 10base-T networks - but NOT necessarily the other way around.
Many commercial 100m LAN cables seem not to cross pairs 4,5 and 7,8. If there is no cat3/4 wiring in the network this perfectly acceptable.
Gigabit Ethernet uses all 4 pairs so requires the full 4 pair (8 conductor) cross configuration (shown above).
If you are using Power-over-Ethernet (802.3af) then Mode A or Alternative A uses pairs 1,2 and 3,6 for both signals and power. Mode B or alternative B uses 4,5 and 7,8 to carry power. In all cases the spec calls for polarity insensitive implementation (using a diode bridge) and therefore crossing or not crossing pairs 4,5 and 7,8 will have no effect