Why Hackers Use Linux ? And Popular Linux Operating Systems.

 

Why do Hackers use Linux :

Operating system Linux has amazing features that make it more dominating than others. It is an open source operating system and driven by its old version UNIX .

Due to its many benefits over any other OS, hackers prefer to use Linux. We know other operating systems are friendlier in use but Linux has many special features which make it more dominating than others.

Hackers are those who want to earn through their hacking capabilities, they break into a computer system or computer networks, and hack them to get profit from them.

Hackers always want to check their hacking capabilities, so they always look for more secure OS to perform their activities and Linux is the best choice for them.

Low cost

Linux is an open source OS so it’s easily available on the internet and the applications that run on it are free of cost. Hackers need not to spend time and money to buy licenses for Linux because it most of the software comes with General public license. This is also one of reason that Why do Hackers use Linux.

Also,Only Linux is that OS which doesn’t need to be rebooted occasionally to improve its performance. You don’t need to restart it again and again to maintain its performance. It doesn’t get slow or freeze up due to memory leaks, Linux OS can be used for years without any problem.

Maintenance

Maintaining Linux operating system is very easy. One can easily install the software. Linux is used for high-performance applications on server, and also for desktop applications and embedded systems.

Maintaining Linux is very easy because it has their own software repository. You can easily search the software.

Command line and graphical user interface

Due to its strong and highly integrated command line interface users are granted for easier access and control over their systems. Utilities built in Linux have greater functionality.

It is highly designed around strong and highly integrated command line interfacewhich others OS like window and mac don’t have. Hackers and other user are allowed to have great access their system. Only Linux can work well even if the hard disk is full, which is impossible for other operating systems.

Open source

To develop software you need to know the system code, how to develop the code how to modify it.

In Linux, it will be easy for you to learn the source code because it’s very easy and also all the applications of this operating system are open source which is the benefit. The Linux system can support the entire UNIX software package and all the files which are common to it.

Ease to Install and network friendly

Linux comes with the user-friendly installation as most of the Linux distributions are user-friendly. These distributions come with that tools which make it easy to install and also the additional software are very user friendly. Boot system of the Linux is very fast as compare to other operating systems.

It will work as an open source because it is contributed by the team on internet networks o it very easy to manage the network over it. There are many libraries and commands provided by Linux that can be used to test network penetrations. Due to its operating system reliability, it makes the network faster than any other operating system.This is also one of the reason Why do Hackers use Linux.

Multi-tasking and security

Linux is designed in that way it can do many things at the same time like if a large printing job is in the background, it will not slow down your work, you can easily do much work without getting disturbed by problems such as system hanging, slow processing like other operating systems.

Linux is typically more secure as compare to other operating systems. Hackers need the more secure system to perform their Hacks, so most of the hackers were by the Linux for the hacking. Windows are more popular between average users and also among the programmersbecause it is more profitable to right the program in windows. So Linux is more securethan windows as less users use them.

Transparency

This is one of the main reason Why do Hackers use Linux.To utilize your hacks you must need to understand the operating system properly to large extent. You must need to have knowledge of OS which you are going to hack.

So for this, you need a system without any loopholes, Linux is completely transparent i.e. you can easily manipulate and watch the working of Linux.

This is not same with the Windows. Microsoft gives you to work only that what Microsoft want but on another hand, Linux was developed as an operating system that provides you more control over it rather than to make you do what you want.

You can control what you want to do which is basically necessary to hack a system.

>>>>>

So these were some features which make Linux operating system the best choice among the many hackers. Hacking has become the elite profession among the IT field.

This is because hacking requires the detailed knowledge of the IT concepts. So Linux is the much require for hackers to hack. Linux is typically more secure as compared to any other operating system, so pro hackers always want to work on the operating system which is more secure and also portable. Linux gives infinite control to the users over the system.

Due to its portability user can easily make the script in any of script language. So you need not target the same operating system to show your hacking capabilities, Linux is universal so you will not face any compatibility problems.

So acknowledge the above factors, hackers always want an operating system that provides maximum security to test their skills and also they need.

These are the main reasons Why do Hackers use Linux.

List Of Best Linux Operating Systems Usage In Hacking

Kali Linux

By far the most popular “hacking”/penetration testing Linux OS out there. (Link: https://www.kali.org/). Kali has a vast dimension of tools pre-installed and one can get up and running in a very short amount of time.

Parrot OS

Refined UI, lightweight and expert support are some of the USPs of this distro. (Link: https://parrotlinux.org/). Dedicated CDN’s mean lightning-fast downloads. Surfing the web privately has been made extremely easy on this OS.

BackBox

Based on Ubuntu, this OS consumes minimal resources and offers a simple and easy-to-use desktop manager (Link: https://www.backbox.org/). It has been specifically designed to reduce redundancies. Enables users to simulate attacks on applications or networks.

Black Arch

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. (Link : https://blackarch.org ) The repository contains 2743 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs.

Read More

Learn Basics of Computer Networking

 

Advantages of a Computer Network

• Helps you to connect with multiple computers together to send and receive information when accessing the network.
• Helps you to share printers, scanners, and email.
• Helps you to share information at very fast speed
• Electronic communication is more efficient and less expensive than without the network.

Clients and Servers

An important relationship on networks is that of the server and the client. A server is a computer that holds content and services such as a website, a media file, or a chat application. A good example of a server is the computer that holds the website for Google’s search page: http://www.google.com. The server holds that page, and sends it out when requested.

A client is a different computer, such as your laptop or cell phone, that requests to view, download, or use the content. The client can connect over a network to exchange information. For instance, when you request Google’s search page with your web browser, your computer is the client.

In the example below, two computers are connected together with an Ethernet cable. These computers are able to see each other and communicate over the cable. The client computer asks for a website from the server computer. The website is delivered from the server, and displayed on the client’s web browser.

Most requests and content delivery on networks are similar to, or are based on, a client to server relationship. On a network, the server can be located almost anywhere, and if the client has the address, it can access the content on the server.

Example:

Client: radio receiver in your car

Server: radio station

Computer Network Components

• Switches

Switches work as a controller which connects computers, printers, and other hardware devices to a network in a campus or a building.

It allows devices on your network to communicate with each other, as well as with other networks. It helps you to share resources and reduce the costing of any organization.

• Routers

Routers help you to connect with multiple networks. It enables you to share a single internet connection with multiple devices and saves money. This networking component acts as a dispatcher, which allows you to analyze data sent across a network. It automatically selects the best route for data to travel and send it on its way.

• Transmission Media

Transmission media is a carrier used to interconnect computers in a network, such as coaxial cable, twisted-pair wire, and optical fiber cable. It is also known as links, channels, or lines.

• Access points

Access points allow devices to connect to the wireless network without cables. A wireless network allows you to bring new devices and provides flexible support to mobile users.

• Shared Data

Shared data are data which is shared between the clients such as data files, printer access programs, and email.

• Network Interface Card

Network Interface card sends, receives data, and controls data flow between the computer and the network.

• Local Operating System

A local OS which helps personal computers to access files, print to a local printer and uses one or more disk and CD drives which are located on the computer.

• Network Operating System

The network operating system is a program which runs on computers and servers. It allows the computers to communicate via network.

• Protocol

A protocol is the set of defined rules that allows two entities to communicate across the network. Some standard protocols used for this purpose are IP, TCP, UDP, FTP, etc.

• Hub

Hub is a device that splits network connection into multiple computers. It acts a distribution center so whenever a computer requests any information from a computer or from the network it sends the request to the hub through a cable. The hub will receive the request and transmit it to the entire network.

• LAN Cable

Local Area Network(LAN) cable is also called as Ethernet or data cable. It is used for connecting a device to the internet.

• OSI

OSI stands for Open Systems Interconnection. It is a reference model which allows you to specify standards for communications.

Unique Identifiers of Network

Hostname:

Every device of the network is associated with a unique device, which is called hostname.

IP Address:

In order to send and direct data across a network, computers need to be able to identify destinations and origins. This identification is an IP—Internet Protocol—address. An IP address is just a set of four numbers between 1 and 254, separated by dots.

Length of the IP address is 32-bits. IPv6 address is 128 bits. An example of an IP address is 173.194.43.7.

Firewall :

A function typically performed by routers, this filters traffic between networks and can protect them from interference or attacks.

DNS Server:

DNS stands for Domain Name System. It is a server which translates URL or web addresses into their corresponding IP addresses.

MAC Address:

MAC (Media Access Control Address) is known as a physical address is a unique identifier of each host and is associated with the NIC (Network Interface Card). General length of MAC address is : 12-digit/ 6 bytes/ 48 bits.

Port:

Port is a logical channel which allows network users to send or receive data to an application. Every host can have multiple applications running. Each of these applications are identified using the port number on which they are running.

Uses of Computer Networks

• Helps you to share resource such as printers
• Allows you to share expensive software’s and database among network participants
• Provides fast and effective communication from one computer to another computer
• Helps you to exchange data and information among users via a network.

Read More

Programming Languages Used In Hacking

 

Why is Programming Important for Hackers?

Before understanding the best programming languages for hacking, you must walk through the importance of programming in hacking.

• Imperative to Know Coding:

Hacking involves breaking protocols and exploiting a network; thus, being a hacker requires you to understand the languages of the software that you are focusing on. Having zero coding knowledge will limit your opportunities in the future. Hence, it is imperative to have a knack for programming.

• Analyze Code:

Knowing programming will help you dissect and analyze a piece of code. You can also write your scripts and be able to modify the available scripts if the situation asks. At such times, having nil knowledge of programming knowledge will be a hindrance. Programs also help you automate multiple tasks, which would typically be time-consuming.

• Helps in Penetrating Target Fields:

Codes enable you to penetrate different fields you want to hack. It will help you identify the plan and strategy behind an attack. Programming allows you to comprehend the working of the target system or application before carrying out an exploit.

Best Programming Languages for Start Hacking

Let us see what programming language hackers use and see the best hacking language if one decides to go in the ethical hacking way.

1. Python

Python, the de facto hacking programming language, is heralded as the greatest hacking programming language, and with good reason. This complex programming language is also used by ethical hackers for scripting their on-demand hacking programs on the go. Python lets us do almost anything if used the right way, from checking the credibility of corporate servers to automating most of the hacking programs.

Why Python is Popular-

• Exploit Writing: Python is a general-purpose programming language and used extensively for exploit writing in the field of hacking. It plays a vital role in writing hacking scripts, exploits, and malicious programs.
• Availability of Ready-Made Modules: An outstanding feature that makes hacking easy with Python is the availability of ready-made modules. Several modules are available depending on the target, for example, OS modules, socket modules, and a lot more. You also use Python socket programming for discovering vulnerabilities in a system.
• Massive Community: Python has an enormous community that helps with third-party plugins daily. Since Python is an easy-to-read language with a simple syntax, it is helpful for beginners. You can easily write automation scripts using Python, and it makes prototyping much faster.
• The interpreted design of Python allows it to run without compilation being required.
• An easy-to-read language that is useful for ethical hackers to start with.
• Has a wide group that every day wields valuable 3rd-party plugins/library.
• One of the best programming languages for web server hacking.
• Writing scripts for automation makes it reasonably simple.
• Python helps to identify the target network easily and makes prototyping a lot easier.

2. JavaScript

JavaScript has overtaken PHP’s position as the de facto language of the internet, thanks to the recent launch of Node.JS. So, for hacking web applications, it has been the strongest programming language. Security professionals also emulate the technique of writing cross-site scripts in JavaScript by black hat hackers. As this hacking coding language and its back-end equivalent can manipulate front-end web components, it has become a common language for hacking complex web apps.

Why Javascript is Popular-

• Web Hacking: Currently, JavaScript is one of the best programming languages for hacking web applications. Understanding JavaScript allows hackers to discover vulnerabilities and carry web exploitation since most of the applications on the web use JavaScript or its libraries.
• Cross-Site Scripting: JavaScript can be used to read saved cookies. It is used to develop cross-site scripting programs for hacking. Additionally, JavaScript is also used to spread and reproduce malware and viruses quickly.
• Node.js: With the release of Node.js, JavaScript now supports backend development. This implies a larger field of exploitation. A hacker can use JS to snoop the typed words, inject malicious code, and track browsing history, to name a few.
• JavaScript can quickly manipulate the DOM of the browser, making it a viable option for creating Internet worms.
• Because JavaScript can create desktop cross-platform applications, it could be used by hackers for attacks such as buffer overflow and stack overflow.

3. PHP

PHP is an acronym for Hypertext Preprocessor, a dynamic programming language based on modern CMSs such as WordPress and Drupal. Since most of the internet’s personal websites are based on these CMSs, PHP’s in-depth understanding is a must to compromise those networks. So, if the specialty is web hacking, then one must improve his PHP skills.

Why PHP is Popular-

• Web Hacking Techniques: Hypertext Preprocessor or PHP is a server-side programming language used to build websites. Understanding PHP will help hackers understand web hacking techniques better.
• Server-Side Scripting: PHP is used in server-side scripting. Using PHP, you can write a custom application that alters a web server and makes the target server susceptible to attacks.
• Application in Web Domains: PHP is one of the most powerful server-side languages used in most web domains. Learning PHP helps you fight against malicious attackers. Popular Content Management Systems run on a foundation of PHP; hence, PHP helps you protect or compromise websites.

4. SQL

SQL stands for Structured Query Language for ethical hackers and is one of the most common hacking programming languages. To query and fetch information from databases, this programming language is used. Since most web-based software stores useful information in some database, SQL is the best programming language for breaking into corporate databases, such as user credentials. Any ethical hacker would not be able to combat database attacks without a full understanding of SQL

Why SQL is Popular-

• Database Interaction: Next on this list of the best programming languages for hacking is SQL. Having an in-depth knowledge of SQL enables you to comprehend a database’s structure, thereby helping you decide which scripts or tools to deploy.
• Hacking Databases: SQL is used for web hacking; it is undoubtedly the best programming language for hacking large databases. Counteracting a database attack is close to impossible without a good understanding of SQL.
• SQL Injection: Using SQL, hackers can perform SQL injection attacks. Hackers use SQL to develop various hacking programs based on SQL injection. SQL injection attacks help hackers view and modify confidential information from databases.
• Black hat hackers use this language to build SQL injection-based hacking programs.
• To acquire unhashed passwords, SQL is also used by hackers to run unauthorized queries.
• MySQL, MS SQL, and PostgreSQL provide common SQL databases.

5. C Programming

It is no wonder that C, the holy grail of modern programming languages, is still commonly used in the security industry. When it comes to accessing low-level hardware components such as RAM, the low-level nature of C offers an advantage over other languages used for hacking programming. When they need to exploit machine hardware and resources at a lower level, security professionals often use this language. C also gives the ability for penetration testers to write blazing fast programming scripts for sockets.

Why C is Popular-

• Exploit Writing and Development: C, the mother of all programming languages, is used massively in the security field; it helps with exploiting writing and development. The low-level nature of C proves better than compared to other programming languages used for hacking.
• Access Hardware: Hackers use C programming to access and manipulate system resources and hardware components such as the RAM. Security professionals mostly use C when they are required to manipulate system resources and hardware. C also helps penetration testers write programming scripts. Learning C will also help hackers get an overview of the structure of operating systems.
• Create Shellcodes: C is also used to create shellcodes, rootkits, exploits, build undetectable malware, keyloggers, and more. Sometimes, it is also advisable to learn both C and C++ as they both come in handy for hackers.
• C is a fast programming language at a low level.
• Most modern systems are designed using C, like Windows and Unix, so mastery of this language is necessary to understand these systems fully.
• After breaching a system, C is also used to obtain low-level access to memory and system processes.
• To simulate the library’s high-jacking attack, veteran security professionals also use C.

6. Ruby

One of the best programming languages for hacking multi-purpose corporate systems, Ruby is syntactically very similar to Python. Although both languages are great at automating common hacking programs, Ruby is much more web-focused. Ruby is arguably one of the best programming languages for hacking due to the superior flexibility it offers while writing exploits. This is why Metasploit, the most infamous penetration testing framework, chose Ruby as its base language.

Why Ruby is Popular-

• Several hackers have used Ruby to exploit corporate systems. Ruby is often used to write either small or large scripts and is used interchangeably with Bash scripting.
• If someone wants to master the art of writing efficient exploits, Ruby is important.
• This language borrows many of Smalltalk’s syntactic elements and is an excellent choice for writing programs for quick hacking.
• Having breached a network, Ruby is also used by veteran hackers to write CGI scripts.
• With the Rails framework, several next-generation web applications are created, making Ruby the best choice for breaking them.

7. Java

Java is now the industry’s most commonly used programming language. It drives several “legacy” and new web servers, such as Apache Tomcat and Spring MVC. Also, Java code now runs on more than 3 billion mobile devices with the launch of Android. So, this language, despite what many may assume, is still important. Java is the language if you’re looking for the best programming language for hacking into mobile devices.

Why Java is Popular-

• Much like C++, Java is also commonly used to reverse engineer paid applications by hackers.
• Professional penetration testers use it extensively to curate scalable servers for delivering payloads.
• For professional ethical hackers, Java makes it possible to build state-of-the-art hacking programs.
• Java is dynamic, contrary to C++. This means you can run them on any platform that supports Java once you write your hacking programs with Java.
• The development of hacking programs for the Android framework is integral to a deeper understanding of Java.

8. Assembly

It is a complicated low-level programming language that is used for hacking primitive systems. Assembly language helps a hacker manipulate systems straight up at the architectural level. It is also the most appropriate coding language to build malware like viruses and trojans. Assembly is also the go-to choice if you want to reverse engineer a piece of software that has already been compiled.

Why Assembly is Popular-

• Assembly language provides the ability for hackers to exploit devices at the architectural level explicitly.
• You can easily alter the processor accesses and execute instructions with Assembly for compromised systems.
• To create computer viruses and other malware, this is the de-facto language.
• With Assembly, you can easily create complex hacking programs that exploit disrupted services.
• Assembly, while difficult to learn, is the best language for time-critical work.

9. Perl

Perl codebases still occupy a significant portion of corporate tools, despite what you might think. While this language of hacking programming has long lost its appeal, Perl is still used by many old systems. This is still one of the best programming languages for hacking into such old computers, as it was the go-to solution for creating legacy Unix applications. A polyglot hacker would use Perl to craft various parts of its hacking programs, from building exploits to building payloads and backdoors.

Why perl is Popular –

• Perl still holds value in the hacker community for exploit writing. It is a great language that can help you manipulate Linux text files and create tools and exploits.
• Perl is still the best language available on Unix systems for manipulating text files.
• With this language, the extensible nature of Perl enables hackers to create a wide range of hacking programs.
• Perl is bundled with the most popular systems, enabling many systems to run Perl scripts.
• It also comes integrated with common web databases, so it can be effortless to break those stores by mastering Perl.

10. Bash

The HyperText Markup Language – HTML is the standard markup language used to create web pages. HTML also finds its use in developing hybrid mobile and desktop apps. HTML is considered an easy language to learn. Hence, it is While not quite a full-fledged programming language, if an ethical hacker wants to master hacking programming, proficiency in Bash is a must. In most Unix systems, Bash is the default command shell, and every major server is built on top of Unix. So, after he has obtained access to a network by using a mix of hacking programs, modifying the device itself is handy for Bash. It can be thought of as the latest hacking programs’ Swiss army knife and is a must for security enthusiasts.

Why Bash is Popular-

• Bash helps to automate the bulk of the hacking programs that are used to infiltrate a network.
• If someone is looking to build highly complex scripts that require the filesystem and directory tree to be changed, then Bash is the best option for scripting.
• To use hacking programs like NMAP, Armitage, and Metasploit properly, a deep understanding of this command shell is necessary.
• Complex shell scripts allow penetration and manipulation of hard-to-break systems by being able to write and understand them.

Read More

 

Types Of Website Vulnerabilities

SQL Injection Vulnerabilities (SQLi)

Structured Query Language (SQL) is now so commonly used to manage and direct information on applications that hackers have come up with ways to slip their own SQL commands into the database. These commands may change, steal or delete data, and they may also allow the hacker access to the root system. SQL (officially pronounced ess-cue-el, but commonly pronounced “sequel”) stands for structured query language; it’s a programming language used to communicate with databases. Many of the servers that store critical data for websites and services use SQL to manage the data in their databases.

SQL injection vulnerabilities refer to areas in website code where direct user input is passed to a database. Bad actors utilize these forms to inject malicious code, sometimes called payloads, into a website’s database. This allows the cybercriminal to access the website in a variety of ways, including:

• Injecting malicious/spam posts into a site
• Stealing customer information
• Bypassing authentication to gain full control of the website

Due to its versatility, SQL injection is one of the most commonly exploited website vulnerabilities. It is frequently used to gain access to open source content management system (CMS) applications, such as Joomla!, WordPress and Drupal. SQL injection attacks, for example, have even been linked to a breach of the U.S. Election Assistance Commission and a popular video game forum for Grand Theft Auto, resulting in exposed user credentials.

Cross-Site Scripting (XSS)

In an SQL injection attack, an attacker goes after a vulnerable website to target its stored data, such as user credentials or sensitive financial data. But if the attacker would rather directly target a website’s users, they may opt for a cross-site scripting attack. Similar to an SQL injection attack, this attack also involves injecting malicious code into a website or web-based app. However, in this case the malicious code the attacker has injected only runs in the user’s browser when they visit the attacked website, and it goes after the visitor directly.

This often means attackers are injecting JavaScript on the website, so that the script is executed in the visitor’s browser. Browsers are unable to discern whether or not the script is intended to be part of the website, resulting in malicious actions, including:

• Session hijacking
• Spam content being distributed to unsuspecting visitors
• Stealing session data

Some of the largest scale attacks against WordPress have been from cross site-scripting vulnerabilities. However, XSS is not limited only to open source applications. Recently, a cross-site scripting vulnerability was found in gaming giant Steam’s system that potentially exposed login credentials to attackers.

Command Injection

Command injection vulnerabilities allow attackers to remotely pass and execute code on the website’s hosting server. This is done when user input that is passed to the server, such as header information, is not properly validated, allowing attackers to include shell commands with the user information. Command injection attacks are particularly critical because they can allow bad actors to initiate the following:

• Hijack an entire site
• Hijack an entire hosting server
• Utilize the hijacked server in botnet attacks

One of the most dangerous and widespread command injection vulnerabilities was the Shellshock vulnerability that impacted most Linux distributions.

Cross-Site Request Forgery (CSRF)

A Cross-Site Request Forgery (CSRF) attack is when a victim is forced to perform an unintended action on a web application they are logged into. The web application will have already deemed the victim and their browser trustworthy, and so executes an action intended by the hacker when the victim is tricked into submitting a malicious request to the application. This has been used for everything from harmless pranks on users to illicit money transfers.

As a result, attackers may be able to take the following actions using valid user input:

• Change order values and product prices
• Transfer funds from one account to another
• Change user passwords to hijack accounts

These types of attacks are particularly vexing for ecommerce and banking sites where attackers can gain access to sensitive financial information. A CSRF attack was recently used to seize all control of a Brazilian bank’s DNS settings for over five hours.

File Inclusion (LFI/RFI)

Remote file inclusion (RFI) attacks use the include functions in server-side web application languages like PHP to execute code from a remotely stored file. Attackers host malicious files and then take advantage of improperly sanitized user input to inject or modify an include function into the victim site’s PHP code. This inclusion can then be used to initiate the following:

• Deliver malicious payloads that can be used to include attack and phishing pages in a visitors’ browsers
• Include malicious shell files on publicly available websites
• Take control of a website admin panel or host server

Local File Inclusion (LFI), like remote file inclusion, can occur when user input is able to modify the full or absolute path to included files. Attackers can then use this vector to gain, read or write access to sensitive local files— for example, configuration files containing database credentials. The attacker could also perform a directory traversal attack, amending an included file path to review the back end and host server files, exposing sensitive data. A local file inclusion attack has to potential to become a remote file inclusion attack if, for example, the attacker is able to include log files that were previously seeded with malicious code by the attacker through public interaction.

These types of vulnerabilities are frequently used to launch other attacks, such as DDoS and cross-site scripting attacks. They have also been used to expose and steal sensitive financial information, such as when Starbucks fell victim to an inclusion attack leading to a compromise of customer credit card data.

Mitigating and Preventing Vulnerabilities

There are easy steps you can take to mitigate and prevent vulnerabilities from allowing hackers to gain unauthorized access to your website.

Update your applications – The first critical step in securing your website is to ensure all applications and their associated plugins are up to date. Vendors frequently release imperative security patches for their applications and it is important to perform these updates in a timely manner. Malicious actors stay in the loop on open source application news, and are known to use update notices as a blueprint for finding vulnerable websites. Subscribing to automatic application updates and email notifications on critical patches will help you stay one step ahead of the attackers.

Use a Web Application Firewall (WAF) – Web application firewalls are the first line of defense against those probing your website for vulnerabilities. Web application firewalls filter out bad traffic from ever accessing your website. This includes blocking bots, known spam or attack IP addresses, automated scanners, and attack based user input.

Use a malware scanner – Your last line of defense is the use of a reputable automated malware scanner. It is recommended you find one that can automatically identify and vulnerabilities and remove known malware.

>>>>>More advanced programmers may opt to manually review their code and implement PHP filters to sanitize user input. This includes methodologies such as limiting image upload forms to only .jpg or .gif files, and whitelisting form submissions to only allow expected input.

Understanding the types of vulnerabilities that hackers may attempt to use to exploit your web applications is an important first step to securing your website. Vulnerabilities can have dire consequences for not only your website and server, but for your customers’ data as well.

Read More

Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems

 A newly discovered data exfiltration mechanism employs Ethernet cables as a “transmitting antenna” to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research.

Dubbed “LANtenna Attack,” the novel technique enables malicious code in air-gapped computers to amass sensitive data and then encode it over radio waves emanating from Ethernet cables just as if they are antennas. The transmitted signals can then be intercepted by a nearby software-defined radio (SDR) receiver wirelessly, the data decoded, and sent to an attacker who is in an adjacent room.

“Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine,” the researchers noted in an accompanying paper titled “LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables.”

Air-gapped networks are designed as a network security measure to minimize the risk of information leakage and other cyber threats by ensuring that one or more computers are physically isolated from other networks, such as the internet or a local area network. They are usually wired since machines that are part of such networks have their wireless network interfaces permanently disabled or physically removed.

This is far from the first time Dr. Guri has demonstrated unconventional ways to leak sensitive data from air-gapped computers. In February 2020, the security researcher devised a method that employs small changes in LCD screen brightness, which remain invisible to the naked eye, to modulate binary information in morse-code-like patterns covertly.

Then in May 2020, Dr. Guri showed how malware could exploit a computer’s power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker to leak data in an attack called “POWER-SUPPLaY.” Lastly, in December 2020, the researcher showed off “AIR-FI,” an attack that leverages Wi-Fi signals as a covert channel to exfiltrate confidential information without even requiring the presence of dedicated Wi-Fi hardware on the targeted systems.

The LANtenna attack is no different in that it works by using the malware in the air-gapped workstation to induce the Ethernet cable to generate electromagnetic emissions in the frequency bands of 125 MHz that are then modulated and intercepted by a nearby radio receiver. In a proof-of-concept demo, data transmitted from an air-gapped computer through its Ethernet cable was received at a distance of 200 cm apart.

Like other data leakage attacks of this kind, triggering the infection requires the deployment of the malware on the target network via any one of different infection vectors that range from supply chain attacks or contaminated USB drives to social engineering techniques, stolen credentials, or by using malicious insiders. As countermeasures, the researchers propose prohibiting the use of radio receivers in and around air-gapped networks and monitoring the network interface card link layer activity for any covert channel, as well as jamming the signals, and using metal shielding to limit electromagnetic fields from interfering with or emanating from the shielded wires.

“This paper shows that attackers can exploit the Ethernet cables to exfiltrate data from air-gapped networks,” the researchers said in the paper. “Malware installed in a secured workstation, laptop, or embedded device can invoke various network activities that generate electromagnetic emissions from Ethernet cables.” “Dedicated and expensive antennas yield better distance and could reach tens of meters with some cables,” Dr. Guri added.

Read More

What is Computer Network? Why the Networking Skills is Important for Hackers?

 Today you can see in all over the world their are almost all devices are connected to one and another. Internet is also a computer network in which billions of computers and devices are connecting together.

Example

If their is a Router in your house and your computer, television and others devices are connecting with the router to share information.

So this is an example of internal network. And if your house devices are connected to the router and your router is connecting to the ISP and your ISP is connecting to the other large network then a big network is produced. So this network is called external network/internet. ISP means Internet Service Provider which can provide you internet.

Now we can discuss about why the networking skills is important for hackers:

If you become a professional hacker you must be know about the network and how a network work. You know about the network models, IP address and network protocols etc.

Networking skills is very important in the field of hacking. Almost all devices are connected to the network. Supposed if a hacker access to victim network. So he/she can do anything thing with the victim computers. Ethical hacker can also know about the knowledge of networking. So he/she can solved the problems if any bad hacker can attack on the network

Read More

Why Programming is important for Hackers?

 

How Programming helps hackers?

From web application security to network application security, anything and everything is about coding. In addition, having an expert programming hand gives you an advantage and makes you independent to design your attack accordingly. Hackers work anonymously and this is their greatest strength.

Having a good knowledge of creating malicious applications can help you destabilize entire platforms with a little help from hacking tools. Many hacking tools available for free on the Internet to help you a little on your adventures, but you can also buy hacking tools for specific target operations.

Why programming is the most important skill for hackers?

Mastering a programming language allows you to be self-dependent and gives you the knowledge of working of programs to exploit them easily. Even though exploit development is mainly done in the assembly language in debuggers, learning the functioning of a program could be very useful.

It’ll help you to write your own exploits in C/C++ and ditch the frameworks like Metasploit. Learning programming also gives you the power to create your own custom malware, making it difficult for an antivirus software to detect.

Most of the hacking tools are freely available and open source. So, if you’ve mastered the art of programming, using hacking tools and making them better is an easy task.

So, before you start with the basics of hacking, learn to code and create a solid foundation.

What programming languages are typically used by hackers?

There are no set programming languages that can be used when hacking computers, but there are some ones that are more common than others:

• Python: This is the most popular all around language for anything related to cybersecurity. It’s a security professionals programming language of choice and a good one to start with.
• PHP: This language isn’t as popular as it once was but there are still many applications and scripts that are written in PHP. Therefore, it’s still very useful to be familiar with it. One big example of this wordpress, wordpress is written in PHP and supports millions of websites on the internet. Approximately 40% of all websites run on wordpress, which means they run on a PHP application.
• Javascript: This language has become extremely popular for anything to do with web design and animations. Therefore, for anything to do with web application or website hacking it’s useful to know javascript. Also, it’s the language primarily used in cross site scripting attacks (XSS).
• C/C++: This language is very popular for memory based attacks such as a buffer overflow attack. C doesn’t have the same built in controls that other languages have, which means you can use it to perform some unique attacks. A buffer overflow takes advantage of the fact that the language doesn’t have built in memory control and purposely overwrites certain parts of memory in order to perform an attack.

Read More