How To Find The Wordpress Version Of A Website/Blog

When ever a hacker tries to attack a CMS(Content managing system) the first thing which he usually does is that he tries to find out the version number of that CMS, So he could go and search on Exploit databases for possible exploits, In a wordpress blog by default you can easily find out some one's version number by just viewing the source of that particular blog.

 Now it's not a good idea to expose your version number because it will make your Website/blog more vulnerable to hackers, There are couple of ways through which you can hide your version numbers, The simplest one is to add the following code inside your functions.php file

remove_action('wp_head', 'wp_generator');

Moreover there are couple of other plugins which can help you hide your wordpress plugin, Just google for them.

Readme.html File Bug

Well even if any one is using plugins to hide their wordpress version number, it is still possible for a hacker to determine your version number, All the hacker has to do is to add "/readme.html" after the websites URL.

Countermeasures

• Use a good plugin that can hide your wordpress version number.

• Always update your wordpress to the latest version.

• Either delete readme.html file or change it to some thing like readme.php file.

I hope you have learned something new today, Feel free to comment.

Skype App For Android Gets Update For Security Flaw

Last week when I started Skype app in my android phone, It denied logging in & come up with a security message that said “Skype android app is facing security Bug , So backup your data ASAP.” So, I started digging in to the issue and found out that this unsecured app was their from October 2010 in the Android marketplace. 

What exactly was the security flaw? 

Skype app was storing a data in to unsecured & unencrypted format. And any other app can access data from that android phone. Personal data that includes all contacts, messages, Chat data, call histories & even your Skype credit. It was like everything inside Skype was pretty vulnerable.
AndroidPolice.com has first noticed this issue & tried to access the data from other app & they succeeded the attempt. Instantly they wrote a blog post saying Skype is facing serious security issue. It spread all over web instantly & Skype said they will work on it ASAP.

Security Update for Skype App is Now Available For Downloading 

They worked out pretty faster & last day they released this security update for android app. Now company stated on blog that the user personal data is well secured & requested to download the android app only form the android marketplace or Skype official website.

Security bugs in apps for android & iPhone are not new these days as before some days Pandora app was also affected by some kind of bug that exposes user data. So, keep your all apps updated, specially on android smartphones. Because Andorid OS not as stable as iOS offered by Apple.

About The Author

Amol Wagh is an Ethical hacker and a Security expert, He blogs at his blog The Hackersenigma where he writes related to Hacking and security stuff

Network Security Scanners For Administrators

There are more and more applications for network administrators on the market, both commercial and free, which serve to verify the system security. Today's administrator has to be highly motivated and extremely patient, as he has to become familiar with a large amount of new software to help him in his difficult work.
There has been a flood of network monitors, network configurators, and other programs to improve network function, or that relieve the administrator of at least part of his responsibilities. However, it is the administrator's duty to deal with the network.

 Full automation of the network combined with a superficial status check are a recipe for trouble. This is especially true of huge corporate networks, where security is often neglected. Instead of surveying their systems at least once a day, administrators often hand off this responsibility to various applications. In fact, these applications should only help the administrator in detecting possible irregularities or unauthorized access, and not, as many seem to think, completely take over this task. Software can easily be deceived.

This post will show how administrator should monitor network security. We will demonstrate that it is worth dedicating one's time to analyzing and choosing the correct settings instead of automating the monitoring function of the data being sent.

This post can also be understood from "the other side" - the hacker's point of view. The majority of network applications , which on the one hand help protect a network, can also be used to manipulate a network for one's own purposes. In particular, we mean scanners, one of the most popular network kinds of programs in recent years.

We should bear in mind that the best method to get to know the network security level is to attempt to break down all the barriers that normally protect our systems. Just as real-life detectives do, to learn the details or the motive of an offense we have to put ourselves in the criminal's place, so as administrators we should become hackers and carry out an attack on our own network. it is also good to try to obtain as much information as possible about it. just as an intruder would do before cracking.

What are scanners?

Scanners, the subject of this post, are "neutral" network applications. this means that they can help both a hacker and an administrator. Their task is to collect information about network devices. As it turns out, this information can be quite varied. We are able to discover which software is used in the system, to check how long it has been running, and to find out about the available ports. Of course the scanners are written in such a way that their activity won't leave unwanted footprints on the target machine. It happens often that scanning is performed using undocumented protocols, the monitoring of which is usually ignored.

The advantages this presents may seem to be useful only to a hacker, but they are also important to an administrator. They allow us to make appropriate changes to the settings and improve the system security level.

There are three popular scanners, Nmap, Nessus, and Nikto. Each of these applications provides different functions, and they complement each other perfectly.

NMAP

 

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. Unlike many simple port scanners that just send packets at some predefined constant rate, nmap accounts for the network conditions (latency fluctuations, network congestion, the target interference with the scan) during the run. Also, owing to the large and active user community providing feedback on its features and contributing back, nmap has succeeded to extend its discovery capabilities beyond basic host being up/down or port being open/closed to being able to determine operating system of the target, names and versions of the listening services, estimate uptime, the type of device, presence of the firewall. [from Wikipedia]

Nmap runs on Linux, Microsoft Windows, Solaris, HP-UX and BSD variants (including Mac OS X), and also on AmigaOS and SGI IRIX. Linux is the most popular nmap platform with Windows following it closely.

Nessus

 

Nessus is an application that is worth to discuss about. This program is similar in funcionality to nmap, but it distinguishers itself by an extended error detabase, updated every day, that is very useful for the user. In addition, Nessus is easy to keep up to date, using a plugin system for this purpose. The plugins are created with a special NASL script language. Information about the application can be obtained on the homepage of the project: http://www.nessus.org/

Nikto

Nikto performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, versions on over 950 servers, and version specific problems on over 260 servers.

About The Author

This post is written by Aleksandar Tasevski, He writes related to Ethical hacking and security stuffs at his website http://hackthepc.com, If you are interested in writing a guest post on this blog, Kindly read the guidelines here

Sqlmap 0.9 Available For Download Now

Sqlmap is a very popular tool used which automates the method of discovering a Sql injection flaw in a web application and exploitation part as well. Sqlmap team has just released the newest version of Sqlmap, Sql map comes in with lots of changes including a fully re-written SQL Injection flaw detecting engine.

Features

Here are some of the newset features in Sqlmap 0.9:

• Rewritten SQL injection detection engine (Bernardo and Miroslav).
• Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
• Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
• Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
• Implemented support for Firebird (Bernardo and Miroslav).
• Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
• Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
• Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
• Added support to fetch unicode data (Bernardo and Miroslav).
• Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
• Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
• Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
• Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.

You can download Sqlmap 0.9 here

How To Find Lost Microsoft Office 2010 Product Key

In my previous post Free Microsoft office 2010 Product key I posted free Microsoft office product key download, However if you are one who have already installed Microsoft office 2010 and have lost the product key for any reason and looking to recover Microsoft Office 2010 Product key then you are in the right place.


Produkey

Produkey is an excellent software which can be used to extract your Microsoft 2010 product key within few seconds, and the best part is that you don't even need to install the program and it can be carried out anywhere in USB or CD.

Product Key Finder

Product key is another great small program which can help you recover your microsoft office 2010 product, it  does not only support Microsoft Office 2010 Product key but it can be used to extract other programs as well.

RafayHackingArticles Finally On A Custom Domain Now !

Well it has been almost 2 years since I have started rafayhackingarticles and for 2 years it has happened to me countless times that i have thought of moving to a custom domain(.com,.net,.org) but every time i tried to do it there was some thing which always holding me back and one of the major things which was holding me back was my SEO Standing I was afraid that I might loose my traffic, but yesterday one of my friend David suggested me to move to custom domain as blogspot is Google's property and google can delete it any time they want and Google is very less likely to delete blogs on custom domains.

So i said to my self that "Some day will never come" So I acted immediately and registered rafayhackingarticles.net, Now some of you might ask questions that whyI did not go for a .com domain, The answer is that it was not available.

Yesterday when I was searching godaddy for domains my first priority was to go after a .com domain but since it was not available .net was the second best option.

What Topics Will I cover?

1. Hacking And Security Related News.

2. Ethical Hacking Techniques.

3. Computer Tricks.

4. Windows hacks.

5. Security flaws.

And much more.

Advice for those on blogspot:

During my experience of more than 2 years with blogging the biggest mistake i made was that I blogged on a blogspot domain(And never will), If are still on blogspot I suggest you to move to custom domain, Their are countless advantages of a custom domain over a sub domain, If you are looking forward to make serious money from blog i suggest you to move to custom domain.

Cain And Abel 4.9.40 Is Available For Download

Cain and abel is a very popular windows password recovery program, It allows you to recover almost all kinds of passwords, It also supports wide variety of password cracking methods such as a brute force attack, Dictionary attack, Rainbow Tables, Cryptanalysis attack etc, Cain is mostly used for the purpose of sniffing and also used to carry out wide variety of Man In the middle attacks.

Features

The Oxid team has just released the newest version of cain and abel software i.e. Cain and abel 4.9.40, Here are some of the added features in cain and abel 4.9.40:

• Added Proxy support for Cain's Certificate Collector.
• Added the ability to specify custom proxy authentication credentials for Certificate Collector.
• Added ProxyHTTPS Man-in-the-Middle Sniffer (TCP port 8080).
• HTTP, APR-HTTPS and APR-ProxyHTTPS sniffer filters are now separated.
• Added progress bar indicator in the off-line capture file function.
• Bug fixed in ProxyHTTPS Man-in-the-Middle Sniffer parsing "Connection Established" string.
• Bug fixed in VoIP Sniffer creating MP3 Mono files.
• Bug fixed in RTP Sniffer processing off-line capture files.
• WinRTGen recompiled with OpenSSL library version 0.9.8q.
• OpenSSL library upgrade to version 0.9.8q.
• Winpcap library upgrade to version 4.1.2.

You can download Cain and Abel 4.9.40 here

How To Sniff VOIP Session Using Cain

According to wikipedia:


Voice over Internet Protocol (Voice over IP, VoIP) is one of a family of internet technologies, communication protocols, and transmission technologies for delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms frequently encountered and often used synonymously with VoIP are IP telephony, Internet telephony, voice over broadband (VoBB), broadband telephony, and broadband phone.

Cain is an excellent software which can be used for sniffing a VOIP, There are couple of methods to sniff a VOIP session but in this tutorial I will explain you how you can use a Man in the Middle Attack with Cain and Abel to sniff a VOIP conversation.

Sniff VOIP Session With Cain

So here is how you can capture a VOIP session on your network:

Step 1 - First of all download Cain  and install it.

Step 2 - Once cain is successfully installed go ahead and launch it, Now launch the sniffer by clicking on a small green button just below the file option

Step 3 - Next click on the blue "+" at the top, choose "All hosts in my subnet" and click ok

Step 4 - This will show you all the active hosts on your network.

Step 5 - Next goto ARP tab at the bottom and press the blue "+" sign, select the hosts on which you want to you want to perform a man in the middle attack and click ok

Step 6 - Now just click on the little yellow "Microtoxic" button at the top to launch the ARP Poisoning attack which is the real name for Man in the middle attack..

Step 7 -  Next click VOIP tab at the bottom and if cain has captured a VOIP session, you will get similar results.

I hope you have enjoyed reading the post, I will write also write an article on protecting your VOIP sessions in the upcoming posts.

Learn Website Hacking And Security With DVWA Tools

Lots of readers often ask me How can I be good at website hacking and web application security, The thing is that even if you have an idea of how some popular website application attack work but still you need a safe environment to practice what you have learned because you are not allowed to access any website even for testing purposes unless and until you are not authorized to do that, This is where Damn vulnerable web app(DVWA) comes into play
Basically Damn vulnerable web app(DVWA) PHP/MySQL web app which is Damn vulnerable, DVWA web app allows you to learn and practice web application attacks in a safe environment, It's latest version is DVWA 1.7.

Web Hacking and Security related articles on RHA

• Flood a website with denial of service attack
• Common methods to hack a website
• Website Hacking with Directory Transversal attacks

Vulnerabilities

• SQL Injection
• XSS (Cross Site Scripting)
• LFI (Local File Inclusion)
• RFI (Remote File Inclusion)
• Command Execution
• Upload Script
• Login Brute Force
• Blind SQL Injection 

And much more.

Official warning

It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.

Installation Guide

You can download DVWA 1.0.4 here, below I am posting a video which will tell you step by step how to install DVWA tools on your computer and practice website Hacking