Friday, November 16, 2012

How To Hack Any Skype Account Via Skype Password Reset Vulnerability |

It can sometimes be difficult to balance out ease of use with security. Software companies and online services can be under pressure to make the user experience as smooth as possible, even for potentially risky services like password resets, which saves the company money on tech support and help costs. Unfortunately, rounding off corners can also create gaps in security. A security hole was found in Skype‘s password reset procedure that could have allowed anyone who knows your email address to “hack” into your Skype account, and only gained attention after the vulnerability was posted on Reddit.
The issue was caused by a flaw in Skype’s password reset scheme, which allows password reset tokens to be activated through Skype instead of through the original account email. All you needed to do was sign up for a new Skype account with the victim’s email address–despite the notification that the email is already associated with a Skype account, log in to Skype, and request a password reset of the account. Since your Skype account is already associated with the victim’s email address, the notification token would appear inside your Skype window instead of just the victim’s inbox. You can then use this security token to reset the password of the victim’s Skype account.
You don’t have to worry about this vulnerability unless you’ve already seen a password reset notification from Skype in your email inbox. Skype disabled the password reset this morning and has reportedly fixed the underlying issue–indeed, comments from would-be account crackers seem to confirm that the exploit no longer works. For some users, it may be too late as the vulnerability was known and disclosed through Russian forums for at least three months before being widely recognized.
Have you lost your Skype account to a digital break-in? Share your thoughts in the comments section below.

How to Hack into a Webcam

A former information technology director of a Tampa advertising firm is facing jail time after some unauthorized "facetime" with a couple of female co-workers.
Thursday, Christopher Channer pleaded guilty to federal charges of intercepting communications after the FBI determined that back in 2010, he tapped into webcams of female employees of the Atlanta office of 22squared from his Tampa office without their knowledge.
They say he gained access through a program on the computers that was designed to track down stolen laptops.
Channer, who according to a plea agreement captured more than 1200 images of the woman, including the exposed breast of one woman, is facing five years in prison.
Channer was an experienced IT director tapping into pre-loaded software on company owned computers, but the experts say you don't need that kind of experience to hack a webcam.
"It doesn't take a genius to be able to figure out how to get into someone else's webcam," said Stephen Pearson of High Tech Crime Institute.
Friday, Pearson gave a chilling example of how easy it could be.
A simple search of "how to hack a webcam" in YouTube turned up seven pages of video tutorials.
"There's plenty of opportunity for someone to download a program or try to exploit or try to use the program," Pearson said.
One video connection with someone with one of those illegal programs could give them access to your webcam without your knowledge.
Not good news for someone like Carl Valeri, who says he uses his webcam daily.
"I travel internationally and Skype is one of the best ways to get in touch with people," said Valeri. "That's pretty scary."
Pearson says the best way to protect yourself is to make sure your computer's virus protection is up to date, but he also had a low-tech solution.
"If you have an embedded camera, put a piece of tape across it," Pearson said.

How to Hack Google Search Results

Dan Petrovic has explained how he hijacked a few pages in Google to show his copied version over the original version of the page.
For example, he was able to confuse Google into thinking a page on MarketBizz should really show on instead of on
How did he do it? He simply copied the full page, source code and everything and put it on a new URL on his site. He linked to the page and gave it a +1 and the result worked days later. He is a picture of Google’s search results for the page using an info command and also searching for the title of the page:
He did the same thing on three other domains with varied levels of success.
We emailed Google last week for a comment but have yet to hear back.
In some cases, using a rel=canonical seemed to prevent it from hijacking the result fully but not in all cases. There also seems to be a case where using the authorship might be prevent this as well.
Dan Petrovic was even able to hijack the first result for Rand Fishkin’s name (with Rand’s permission):
The way this seems to work is that Google’s duplicate content system feels that the new URL is the more important page and thus replaces the original page with the more important page. It is how the competitive link trick seemed to have worked as well.

Wednesday, November 07, 2012

How To Hack And Protect Your Own WPA Network

You probably own a personal Wi-Fi hotspot at home. Having several devices under one roof seems like a good reason to convert your broadband internet into a wireless connection. Some internet providers in your area might even have paid Wi-Fi hotspots for homes and establishments.
Since anyone can connect to your Wi-Fi network, the next best idea is to protect it with a WPA password. A WPA password prevents freeloaders from using your internet and deal with more pressing issues such as privacy and hacking. However, this is not a full-proof method. Securing your Wi-Fi network no longer guarantees safety from prying eyes; let alone people who want to get free internet. People can easily crack your network’s password with the aid of certain tools.
In the early part of this article, we will teach you how to hack your own WPA-secured network with a tool called Reaver. Later on, we will explain how to protect your home network from Reaver attacks.
Hack And Protect Your Own WPA Network
Note: Hacking of other WPA networks is ill-advised and illegal in some countries so we don’t recommend it. We also discourage using Reaver for any malicious intent. Consider this article as an educational tool that will better inform you of how people hack into WPA networks so you can better protect yourself, your family, and friends from hackers.
  • Wi-Fi ready computer. BackTrack works with the wireless cards found in most laptops and computers. It is a bootable Linux environment which makes using Reaver less strenuous. BackTrack doesn’t work on all computers with wireless internet connectivity so there are no guarantees.
  • DVD drive. You need it to boot into BackTrack mode. A built-in DVD drive will come in handy but if your computer doesn’t have one, you can attach a portable DVD drive via USB.
  • BackTrack 5 Live DVD. Reaver can be downloaded from the live program. You can get BackTrack 5 here for free and burn it into a DVD. The latest available version as of this writing is BackTrack 5 R3. To download BackTrack, go the download page and select “Download”. Choose the latest version from the BackTrack Release drop-down menu. Under Windows Manager, select “GNOME”.Then, choose from 32- and 64-bit architecture depending on your computer. Finally, select “ISO” under Image Type and choose your download method.
  • An active WPA network with WPS enabled. For Reaver to work, you need a WPA-secured Wi-Fi network which has WPS enabled. Reaver exploits a WPS security hole which makes hacking WPA networks possible.
Note: If you know how VMWare works, you can choose it instead of ISO under Image Type when downloading BackTrack. Otherwise, stick with ISO image.
You should know…
Reaver takes plenty of time to hack WPA networks. It tests different crack combinations on your router until it identifies the right password. According to its developers, the program could take 4 to 10 hours before Reaver successfully cracks a WPA network. The performance of your computer could determine the speed at which it works. Fortunately, you can pause Reaver without losing progress. To pause the program simply press Ctrl+C while it is running. Just don’t shut down your computer because that will cause Reaver to lose its progress when attempting to crack a WPA network.
Reaver doesn’t work on all routers so there’s no guarantee that it will crack your wireless home network. Furthermore, the wireless network you are trying to hack should have a strong signal.

How to crack WPA networks with Reaver

1. Boot into BackTrack mode. Place your pre-made BackTrack Live DVD into your DVD drive. When BackTrack prompts you to choose from a selection of boot modes, choose “BackTrack Text – Default Boot Text Mode” and hit Enter. After a while, BackTrack will take you to the command line prompt. At the command line prompt, type startx and hit Enter. You will then be taken into a graphical UI of BackTrack.
2. Install Reaver. Reaver is not part of the live DVD so you have to download and install it. You begin by connecting to your home Wi-Fi network. Don’t forget to input your WPA password! Once you’re online, go back to the command prompt and type the following command:
apt-get update
This will download Reaver. When the update is finished, type:
apt- get install reaver
3. Disconnect from your home network. This step is optional but if you want to make sure that Reaver works, you can do it as a precaution. In addition, you can choose to forget your network or even change your WPA password.
4. Find out your wireless card’s interface name. This information is needed for hacking WPA networks. On the Terminal, type the following command and hit Enter
The name identified beside your wireless card information such as IEEE and ESSID is your wireless card’s interface name. It is likely wlan0 but it could be different.
5.  Place your wireless card into “monitor mode”. Using the interface name you acquired from step 4, type the following command and press Enter. For the sake of illustration, we are assuming thatwlan0 is your wireless card’s interface name.
airmon-ng start wlan0
This command will display the name of your monitor mode interface. It will show something like:
(monitor mode enabled on mon0)
Here, mon0 is the name of the monitor mode interface but it varies across devices.
6.  Discover the BSSID of the wireless router you want to crack. You can do this by typing the following command at the Terminal.
airodump-ng wlan0
Again, use the wireless card interface name you acquired from Step 4 in replacement of wlan0.If the above command doesn’t work on you, try the following command:
airodump-ng mon0
Don’t forget to replace mon0 with the information you got from Step 5.
After placing the right command, you will see an assortment of wireless networks within your computer’s range. Select the WPA network you want to crack (preferably your home network) and copy its BSSID. You can find it on the far left and consists of a series of letters, numbers, and colons. An example of BSSID is 96:84:0D:DA:56:FD.
Remember: When choosing a network from the list, it should be either WPA or WPA2 as listed under the ENC column.
7.  Use Reaver to crack a network’s WPA password. On the Terminal, use the command below. Use the information you acquired from Steps 5 (monitor mode interface name) and 6 (BSSID) to replace the moninterface and bssid of the following command.
reaver -i moninterface -b bssid -vv
With the right information in place, it should look something like this:
reaver –i mon0 -b 96:84:0D:DA:56:FD –vv
Hit Enter and wait for the process to finish.
8.  Retrieve the WPA password. When Step 7 is done, look for the information listed beside WPA PSK. This is the WPA password. Here you can confirm if Reaver successfully cracked your home network.

How to protect your wireless home network from Reaver

Reaver attacks WPA and WPA2 protected networks by exploiting vulnerabilities in their WPS or Wi-Fi Protected Setup. With that in mind, you can use the following tips to protect your home network from Reaver.
1. Turn off your WPS. If the feature is present in your router, disabling it can help keep your network safe. Sad to say, this method doesn’t guarantee full protection. LinkSys and Cisco Valet routers remain vulnerable to Reaver attacks even if you disable their WPS. Use Reaver to check if your network is vulnerable even with WPS disabled. If turning it off does the job, then you don’t have to worry.
2. Opt for a router that doesn’t have WPS. If your network still keeps getting cracked by Reaver even with the WPS disabled, then get a router that doesn’t have this feature built-in.
3. Do your research. Perform an online check and find out what internet providers are servicing your area and what kind of routers they are supplying. If their routers have WPS, ask if you can switch to one that doesn’t have WPS for better security.