In a cross-site scripting attack (XSS), the attacker inject scripts into input forms, search fields or site URLs, in order to make a website do different tasks when viewed by users. The object of this tutorial is to show the dangers of XSS attacks, why you should never trust user … Continue reading
In one of my previous posts I explained a little bit about the flaw in the WPS system and how to exploit it. To summarize the flaw in the WPS enabled you to bruteforce the eight-digit pin code, and thereby get access to a otherwise secured wireless network. In the … Continue reading
In the tutorial Hack Windows 7 Account Password, I showed that having a account password on a Windows computer does not mean that it is unbreakable. In this tutorial, we are going to have a look at how to do something similar on the Linux based system – Ubuntu, by … Continue reading
Netcat is an awesome network tool, which can be used for pretty much anything network related. File transfers, remote access, tunneling and network debugging is some of the common tasks it is often used for. Netcat is found for both nix and Windows systems. In this tutorial, we are going … Continue reading
The password protection in Windows is a good precaution against nosy individuals. But really it is not that safe. If someone really want to get access to a password protected Windows computer – they probably will. There are software out there to help you do this, but with the right … Continue reading
I was reading about the case where Google Street View cars recorded a lot of data flooding around the air while photographing for the Street view project. As far as I understand, they got in to trouble because the picked up some unencrypted personal data, like mails etc. However, the … Continue reading
I love playing around with my android phone. The fact that it’s linux based makes it flexible and hackabel. In this tutorial, we are going to look at how to run the linux distro Backtrack on Googles Galaxy Nexus phone. For this you need a rooted device along with a … Continue reading
There are two types of bruteforce attacks – raw bruteforce and dictionary attacks. A raw bruteforce attack means trying every single password within the specified limits, and a dictionary attack means only trying passwords from a dictionary file. With more and more powerful hardware in household computers, it’s becoming possible … Continue reading
I found this great tool called Scapy, which enables the users to capture, build and send packets onto the network exactly as they want them. This opens for a world of possibilities and because Scapy is based on Python it’s fairly easy to script advanced network functions. I’m using Backtrack … Continue reading
Ncrack is a network authentication cracking tool. It is used to do bruteforce attacks on different protocols and is fairly straight forward to use. First of all let’s check which services is running on the target computer. We do this by doing an nmap scan – in this scenario the … Continue reading
