secgeek's blog

social engineering is really very intresting topic to discuss and write on.there are few good books written on it like the art of deception by kevin mitnick.there is also one good site from fravia which contains some good papers from +ORC and others.so here i will try to discuss it in short.
social engineering can be defined as "using humon factor to retrive any sensitive information about an organisation or a person."
as you all might be agree the best way to gain access to any system is to get the correct login creditail.so suppoes an organisation has spent millions of $$ in securing their infraustructer from any attack.they deployed most advanced (and costly) IPS,firewalls and IDS which have up-to-date signture to protect from even many undisclosed exploits.they have a well defined password policy,password can not be username,spous name etc.but all this effort is useless if such organisation can not control one major factor i.e. humon factor.  read more »

------------------------------------------------------------------------
Yahoo Messenger Protocol v 9 from http://www.libyahoo2.sourceforge.net
------------------------------------------------------------------------

The Yahoo Messenger Protocol is an application layer protocol running most
of the time over TCP, but in some cases over HTTP as well. Throughout
this document, we will speak about the YMSG packets, after stripping out
any other protocol data, but will mention this other data if it is of
relevance.

This document is incomplete. For anything not mentioned here, refer to the
source of libyahoo2.

1. The YMSG packet structure

The YMSG packet structure is as follows:

(each byte is represented by 5 spaces in the following diagram,
including the | at the end)  read more »

webapplication attacks are increasing day by day.its easy and does not require much knowldge about OS internals or assembly or any such stuff.so you can see many vulnerabilities coming out daily like sql injection,XSS etc etc.
this kind of attacks are easy and hence someone with the basic knowledge about it can easily play with your webapplication.lets see some of the common attack techniques for webapplications:-
1)Sql Injection:-it is the favourite topic of any attacker.first thing they try to do is runnig the queries which was not intended to run by your programmer.i m not goin to discuss in detail but i wirtten a paper on it and you can check it here:-  read more »

when you are goin to code a software which is goin to use by lots of people then you need to make sure you test it properly for any security related bugs.here are following things you should keep in mind when you are coding in c,c++.

1)Buffer Overflow:-it is the favroite topic of any expoit writer.from a wannbe to a expert, first thing which a malicious user try is expoiting a boundry condition in the buffer.this has been discussed many times and some good refrence is available on it but just want to discuss this thing agian in short:-
****star of coding****
void overflow()
void main()
{  read more »

Web application attacks are increasing day by day. It’s easy and does not require much knowledge about OS internals or assembly or any such stuff. So you can see many vulnerabilities coming out daily like sql injection, XSS etc etc.
this kind of attacks are easy and hence someone with the basic knowledge about it can easily play with your web application.
Let’s see some of the common attack techniques and what you can do to prevent them in web applications:-

1) Sql Injection:-it is the favourite topic of any attacker. First thing they try to do is running the queries which was not intended to run by your programmer. To protect from the sql injection attacks you need to sentinaize the data properly. Remove any unwanted characters like ‘ etc.  read more »

Introduction:-according to +fravia you can find any information which is ever kept on the web in just 13 clicks if you know how to search properly. Search engine is a source for finding information on various topics; moreover it simplifies the information finding process and helps lots of people to locate correct information. But as we know each coin has two side same apply to the search engines also. Many users use it to gain the plethora of information presented on the web but there are many ways in which this information can be misused.  read more »

Introduction:-there are many techniques which a intruder can use to compromise the webapplications. one such techniques is called XSS or CSS or cross site scripting. With the help of such vulnerability intruder can easily use some social engineering trick to PHISH the important data of a user. it can also invoke an automated script to perform some operations.
In this article I will try to show you how such attacks are performed and what precautions you need to maker sure that you don’t lost you valuable details and other important information.

Basics:-there are many webapplications which are designed to permit the input of html tags for displaying the html formatted data. these tags can be used by malicious users to attack other users by inserting scripts or malicious applets etc.this called cross site scripting or XSS. such attacks are result of poor input validations. it uses the combination of html and scripting languages. with the proper combination of html and java script a intruder can misguide the client and perform various attack from DOS(by opening enormous amount of window on client side) or By embedding malicious FORM tags at the right place, an mailicious user may be able to trick users into revealing sensitive information by modifying the behavior of an existing form or by embedding scripts, an intruder can cause various problems. This is by no means a complete list of problems, but hopefully this is enough to convince you that this is a serious problem.  read more »

In my pervious article I discussed about the different protection schema and tools used for cracking.in this article I show u how cracker past all these protections.
There are different ways to crack. These approaches are determinate from
different knowledge, different type of cracker, different personal preferences.
An example can be more useful than thousand of words. There are three type of
approaches in cracking shareware programs that need serial number to register or have nag screens. They are
1) Serial fishing
2) Bypassing of the check also called patching
3) To make a key generator.  read more »

The popularity of Windows and the ease of creating programs for this platform have lead to the development of thousands of shareware programs. Crackers usually work with the assembly code, reverse engineering it, and have an excellent grasp of the Windows APIs as well.

There is no one particular method to crack a program. Depending upon the program and the kind of protection it has, crackers employ different techniques to get into the program. But there are some common tools that crackers employ to start cracking the program. These programs are perfectly legal and useful by themselves.
They are: -  read more »

What is reverse engineering?
Today the market of software is covered by an incredible number of protected
applications, which don't allow you to use all features of programs if you
aren't a registered user of these. Reverse engineering is simply the art of understanding a program by analyzing the low leve assembly instruction”.but there are some people who uses it to remove the licesning schema which is called "cracking".

In Some other words reverse engineering is described as follows: -

“When you create a program you engineer it, in fact you build the executable from  read more »

One of the best things that Linux offers to its users is that it gives u the ability to recompile the kernel. But there are some newbies which thinks “why I need this?” or “why should I go for this complex and dangerous procedure?” or “why bother when we install linux and it does everything we need?”The short answer is that today probably u don't need this, but here are couple of situation in which u might need to recompile the kernel.

For example some version of Linux are compiled to run on a 386 machine. So if you have P-III then you are unable to take advantage of extended instruction set of P-III. Believe me or not but when the first Mandrake distro came out then it is nothing but a literal copy of the Red Hat Linux which is compile to run on the Pentium (which is perfectly legal under GNU-GPL). But today most of the installations have routines to determine which processor u have and then install the appropriate kernel. But still you need to optimize the kernel, as your need. For example you might want to optimize the services, networking, SCSI and others according to your needs or another reason is that you want to stay up to date with the latest kernel realease. So read on.  read more »

SQL injection is a technique used by a malicious user to gain illegal access on the remote machines through the web applications vulnerability. The basic idea behind this technique is to run the sql query which was not intended to run by a programmer. This technique is heavily relay on the logical operations like AND, OR.UNION etc. if this technique is used properly a malicious user can get complete access on a web server. If the application is creating SQL strings naively on the fly (dynamic queries) and then running them, it can create some real surprises as we see later on.
How it is performed  read more »