Saturday, September 5, 2009

HIDE YOUR HDD PARTITIONS

Hide your HDD partitions
1. Go to Start ,go to run type “diskpart”.
a dos window will appear with following like that
DISKPART

2. Then type “list volume” without quote
It will look like this.

Volume### Ltr Label Fs Type Size Status Info
————– —- —— — —– —- ——- —–

Volume 0 F CD-ROM
Volume 1 C NTFS Partition 7000MB Healthy
Volume 2 D soft NTFS Partition 8000MB Healthy
Volume 3 E ---- NTFS Partition 8000MB Healthy

3. If u want to hide drive E then type “select volume 3″ without quote

then a message will appear in same winwods { Volume 3 is the selected volume}

4.now type ” remove letter E” without quote
now a message will come { Diskpart Removed the Drive letter }
sometime it requires the reboot the computer .

Diskpart will remove the letter .Windows XP is not having capabilty to
identify the unkown volume.

Don’t afraid ur Data will ramin same .To Come back the Drive
repeat the process .But in 4th step which is shown in this
post replace ” remove” to “assign” means type ” assign letter E”
without quote The above method won’t work for the drive containing
Operating System and it can also be done using
System Manager;Storage Manager.

Friday, September 4, 2009

SHELLCODES - A QUICK REFERENCE FOR BEGINNERS

SHELLCODE :

Shellcode is a snippet of machine code used as a payload during the exploitation of a software bug. During the modification of a particular program’s stream or flow rate, shellcodes become the protraction of the program. Shellcodes are commonly used during the implementation of software vulnerabilities like Stack Overflows, Heap Overflows, Integer Array Overflows, File Stream Overflows and Format String Attacks.

Shellcodes are really handy during the exploitation of local application bug. Basically, it helps the attacker in getting access to the victim’s box. Accession to the system is provided by the following ways:

By spawning victim’s local shell (either /bin/sh or cmd.exe)
By binding a shell to a specific remote shell
By adding a user with root privileges to the victim’s box

DEFENSE AGAINST SHELLCODES :

To defend a particular system from the effectuation of shellcodes, vendors have initiated developed several strong defenses against shellcode. Let enlist the most common defenses adopted by the white hats to counter shellcodes:

1)Intrusion Detection Systems: Mainly three different types of Intrusion Detection System:

 NIDS: Network IDS grabs network datagrams from the ongoing network traffic and analyzes attack patterns. It uses the Wire Diagnosing method. Let me elucidate this part.

Wire Diagnose scrutinizes ongoing network traffic before reaching the source destination.
It scrutinizes for known attack patterns.
Intensity of this method depends on the nature of the rules amassed by the administrator.

NIDS also utilizes method called Runtime Diagnose. A bit explanation about this method:

Assesses the output generated after the execution of a particular code.
Usually checks the output for known attack patterns.

HIDS: Host IDS analyzes attack patterns in actions committed by the local user.


AIDS: Application IDS analyzes all types of input data diffused into an application

2)Intrusion Prevention System: Sandbox

3) Different Buffer Size: Protocol enforces different buffer sizes.

4) Standard Path Transfer: Transfer of important file paths. *nix variants and BSD allows users to reorganize the system layout.
An obstruction a restriction that bars the implementation of shellcodes is the size limitation.

How Shellcodes break these defenses

Shellcodes allow the attacker to execute almost anything they wish to do. The attacker only has to concentrate on the coding part. Anyway, let enlist some steps used by attackers to counter the defenses I mentioned in the previous section:

1) Wire Diagnosing Method: This method can be easily compromised by the following techniques:

Polymorphism aka Shellcode Encoding: Masquerades the bytes by Shellcode Encoding. The encoding can     later be decoded.

Tunneling through VPN/SSL: This technique makes the payload almost impossible to decode.


2) Runtime Diagnose Method: This method can be easily compromised by the following technique:

Anti-Debug: Emplaces Anti-debug tricks into the shellcode to counter debugging options.

3) Countering Size Limitations: Partitioning special operations into smaller segments that permit you to create a program channel.

2 HIDDEN WAYS TO GET MORE FROM GMAIL ADDRESS

Some little known ways to use your Gmail address that can give you greater control over your inbox and save your some time and headache. When you choose a Gmail address, you actually get more than just "yourusername@gmail.com." Here are two different ways you can modify your Gmail address and still get your mail.


Append a plus ("+") sign and any combination of words or numbers after your email address. For example, if your name was piyushfan@gmail.com, you could send mail to piyushfan+friends@gmail.com or piyushfan+mailinglists@gmail.com.

Insert one or several dots (".") anywhere in your email address. Gmail doesn't recognize periods as characters in addresses -- we just ignore them. For example, you could tell people your address was piyush.fan@gmail.com, piyush.fan@gmail.com or pi.yu.shfan@gmail.com.

The real value in being able to manipulate your email address is that it makes it really easy to filter on those variants. For example you could use piyushfan+bank@gmail.com when you sign up for online banking and then set up a filter to automatically star, archive or label emails addressed to piyushfan+bank. You can also use this when you register for a service and think they might share your information. 

Wednesday, September 2, 2009

RECOVERING LINUX AFTER WINDOWS INSTALL

It has always been a very common problem among the users when they install Windows after LINUX, The master boot records from the memory are Lost and they are writed for windows only systems, So here is the way to write Master boot records or rather installing grub again so that LINUX gets back to work

1. Boot the Desktop/Live CD.
2. Open a terminal (Applications -> Accessories -> Terminal)
3. Start grub as root with the following command :
* sudo grub
4. You will get a grub prompt (see below) which we will use to find the root partition and install grub to the MBR (hd0,0)
* [ Minimal BASH-like line editing is supported. For
the first word, TAB lists possible command
completions. Anywhere else TAB lists the possible
completions of a device/filename. ]
grub>
Type the following and press enter:
find /boot/grub/stage1
Using this information, set the root device:
grub> root (hd0,1)
Install Grub:
grub> setup (hd0)
Exit Grub:
grub> quit
5. Reboot (to hard drive). Grub should be installed and both Linux (e.g.Ubuntu) and Windows should have been automatically detected.
6. If, after installing grub, Windows will not boot you may need to edit /boot/grub/menu.lst (That is a small “L” and not the number 1 in menu.lst)
* Open a terminal and enter :
gksu gedit /boot/grub/menu.lst
Or, in Kubuntu:
kdesu kate /boot/grub/menu.lst
Your Windows stanza should look something like this :
title Windows XP/Vista # You can use any title you wish, this will appear on your grub boot menu
rootnoverify (hd0,0) #(hd0,0) will be most common, you may need to adjust accordingly
makeactive
chainloader +1

Tuesday, September 1, 2009

FIND DOMAIN INFORMATION

Ever find yourself needing to acquire information about a particular domain but want an easy way to do it? Now you can with Win32Whois.
Setup
Getting started with Win32Whois is extremely simple. There is no install process to deal with, just place the exe file in a location of your choice and create a shortcut . When you start Win32Whois . To get started, enter the domain address that you are curious about and click “Go”.
For our example, we entered “www.example.com”. The results came up very quickly and as you can see by the scrollbar, there was quite a bit of information returned .
Conclusion
Win32Whois can provide a quick and easy way to find the information that you need about a domain. This is definitely a nice reference tool to have on your system or USB drive.
Links
Download Win32Whois (version 0.9.14)