This Blog is about Technology to which our World is Addicted

This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Tuesday, 29 December 2015

Free New Troid Vpn Trick For Airtel 2016

By using Troid VPN 2.6.9 Trick For unblocked Airtel sims by Cyber stream you will be able to use all your applications including whatsapp, hike, viber, uc mini etc free of cost without any kind of internet data or balance. This trick is simple to use just follow the procedure carefully. Your android version should be 4.0+.

NOTE:- If this trick worked in your device then your sim is not blocked otherwise it may be blocked / double blocked.

Download Limit: 100mb Per Day.

Advantages Of Troid VPN Over Droid VPN:

◇ No need to register an account.

◇ No Speed low problems or disconnection problem.

◇ Very Fast Than Droid Vpn.

◇ Simple GUI and easy to configure.

◇ HTTPS+KA based proxy.

◇ Long time connection proxy.

◇ Based On New Host.

Requirements:

◇ Android Device.
◇ Latest Troid VPN 2.6.9
◇ Airtel Sim (unblocked sim).
◇ Zero balance.
◇ Android Version 4.0+.
◇ Airtel Internet Settings.

Procedure;

Note: Please activate  airtel internet setting.

1) Download Troid VPN 2.6.9 by Cyber Stream from Here:

What’s new in Troid VPN 2.6.9

SUPPORT FOR ANDROID M DEVICES ADDED

2) Install it In your device.

3) Open it and select any of the free server from server list.

4) Write Rport as 443 and Lport as 0

5) Change Protocol to TCP.

6) Click on advanced settings button.

7) Check (mark) use proxy for Tcp connection.

8) Enter Proxy Host as 178.254.13.112

9) Enter Proxy Port as 3128

10) Enter Header as host:125.21.246.114/@

11) Click on save button and press connect button.

12) Wait For A Few Seconds Until You Get Connected.

13) Enjoy Free Super Fast 3G Internet

Share:

Monday, 28 December 2015

"How To Find Lost Android Using Google?"

This  tutorial will help you to track your lost Android's position using Google. So if you had lost your smartphone you will be keen in finding it back, right? Actually this is a feature of Android Smartphones provided by Google, to know more about this trick follow the following tutorial:
When you are using your smartphone you are requested to connect it to your Gmail address, right? Then you and Google are connected via this mail, for example you can then Download Apps from Play Store, Access your Mail, Connect Gmail, Google Map... So this mail connection will help you to find your Android as well in case you lose it.
Assume that you had lost your Android and now you want to get it back. For getting your Android back you need to find its location first so to do so, first you should sign in to your Gmail (The Mail You Had Used in Your Android Smartphone), once you signed in then open Google in another tab of your browser. After that write this keyword in Google "Find My Phone". Done!!!
Now you will see your Android's location, hope this tutorial has helped you. If you have any problem or difficulty in the tutorial don't hesitate to share it in the comment box below.

Share:

Simple Method For Facebook Hacking



Here is The Trick
Firstly Find Victim ip address

Now goto
Internt Settings,
Put victim ip address
In proxy ,No Need Port

Goto updatevia.com
Select Any Fake status update device

Now copy your url Link,
Give it to victim
Now refresh your page again and again...
If victim click your link,
You Are Entered To Victim Account
And it shows status update box

Update Any status ,
Now you are redirect to victim's Facebook
Homepage

Now open Facebook. com/hacked
Its giving password change option
Without asking old password
Change password, and remove
Email in this same process...
Add your email and enjoy

Its my thinking..
Please check and say
My thinking is correct or Not

Share:

Friday, 18 December 2015

Unlock ur sim card without puk code

Unlock ur sim card without puk code..

■ First Of All Take Your Phone In Your
Hand...

■ After That Put The Blocked Sim Card In
The
Phone..

■ Then Switch off The Phone For Two
Minutes,
And Remove The Sim From Phone..

■ After That Put Back The Sim Again,
Then Switch
On The Phone..

■ After That Enter This Secret Code
*22233421#

Its All Then Press A New Pin As You Wish
Like -
*121# Etc

Share:

Thursday, 22 October 2015

OPEN PATTERN LOCK OF ANDROID

OPEN PATTERN LOCK OF ANDROID

Step 1: Connect your Android Phone to Your
Computer.
Step 2 : Open command prompt as administrator.
Step 3 : Now in command prompt window type the
following code carefully exactly as it is and then
press enter.
adb shell
cd /data/data/com.android.providers.settings/
databases
sqlite3 settings.db
update system set value=0 where
name='lock_pattern_autolock';
update system set value=0 where
name='lockscreen.lockedoutpermanently';
.quit
Step 4 : Now you will some screen as shown below
and then you can reboot your phone and now when
your will start again then try unlocking your phone
using any random lock pattern and it will work
pretty fine.
Step 5 : If you face any problem repeat same steps
but instead of the above code try using adb shell
rm /data/system/gesture.key and then press enter and restart

Share:

Monday, 14 September 2015

Hack WEP wifi by using Android:

Hack WEP wifi by using Android:
Step 1: Firstly, if your android phone isn't rooted, try to root it, and also make sure that such android phone have a Broadcom bcm4329 or bcm 4330 chipest unlike the Nexus 7, Galaxy S1/S2, Nuxus 1, Htc Desire HD, etc. The presence of Cyanogen ROM on your device can be of use to make the bcmon app work through.
Step 2: Then download and install bcmon, it's essential because it helps monitor mode on your broadcom chipest that helps in the PIN Cracking.
Step 3: After installation, run the app and tap "monitor mode" option.
Step 4: Then tap the "Run bcmon terminal" option and type "airodump-ng" and Enter. Once the airodump loads finish, you would be directed to the prompt command in which you're to type "airodump-ng wlan0" then tap the Enter button.
Step 5: In this stage, a Mac address would appear, in which you're to jot down.
Step 6: Start scanning the channel by collecting information from the access point before attempting to crack the password, then type, "airodump-ng -cchannel#--bssidMAC address-w output ath0" and tap enter, then it would start scanning, try scanning till it reaches 20,000 - 30,000 packets.
Step 7: To finally crack the password, return to the terminal, but make sure you've reached the suitable number of packets, then type "aircrack-ng output*.cap" and tap enter at the terminal.
Step 8: Once the password is cracked successfully, you would recieve a message alerting, 'Key Found' and would display the key in hexidecimal form. So when entering the key, make sure you eliminate the dots '.' or double dots ':', i.e if it displays 12:34:56:78:90, then enter 1234567890as the code.
Disclaimer: Please I won't be held responsible for any illegal activity this tips is used for, it's just for knowledge sake.
Share:

Saturday, 8 August 2015

Mobile bots and botnets

 

Mobile bots and botnets 




A mobile bot is a type of malware that runs automatically once installed on a mobile device without mobile antivirus software. It gains complete access to the device and its contents, and starts communicating with and receiving instructions from one or more command and control servers. Every smartphone infected is added to a network of mobile bots (mobile botnet) managed by a cybercriminal called the botmaster.

The first mobile bot-infections were discovered at the beginning of 2011 with the attacks of DroidDream and Geimini – both trojanized game apps with bot-like capabilities that compromised Android devices. There have also been mobile botnet attacks targeted at iPhones (SMS attacks), Blackberry and Symbian devices. So no matter the operating system your smartphone runs on, all these precedents are strong cases for mobile antivirus protection.


How can bots get to smartphones?

Mobile bot infections can be spread via viruses, worms and Trojans with bot capabilities:

  •  sent by e-mail
  •  embedded in seemingly legit apps – even malicious apps that pose as mobile antivirus programs – that you download
  •  embedded in websites that you visit while surfing the web
  •  in “drive-by” downloads

Over the course of weeks, thousands of smartphones can get infected and added to the mobile botnet.


What can you expect from a bot infection?

If your smartphone doesn’t have proper mobile antivirus protection, it can easily become a part of a botnet. Let’s assume it has. What can a botmaster do now?

  •  Disrupt or deny access to networks
  •  Steal credit card details, usernames, passwords etc.
  •  Send SMSs to premium numbers or block incoming SMSs
  •  Copy SMSs and the contact list stored on your smartphone to a server
  •  Install/remove an application
  •  Dial a certain phone number
  •  Open a web page that’s either malicious or filled with ads

In short, send orders to your smartphone from anywhere, anytime to make some money exploiting it.

Some botmasters want more than a couple of mobile user’s data.  After organizing an army of bots, meaning thousands of infected smartphones, they can launch an attack over an entire mobile network.



Share:

Wednesday, 22 July 2015

7 Must Have Tools For Every Hacker (Hacking tools)



7 Must Have Tools For Every Hacker (Hacking tools)



Its been a while since I have posted about some hacking tools and with increasing number of emails asking
 me to do an  article on it, I finally decided to cover it up.Hacking tools are developed by some really good
 coders out there to ease out many complex tasks which have to be done manually and took painstakingly 
great deal of time and effort.All these tools provided here are free of cost,are tried hands on and are being
 actively developed by community,and if not,their alternatives are provided.To summarize it up, these are 
the 7 must have tools for every hacker out there.
7 Must Have Tools For Every Hacker





1. Nmap 
I think everyone has heard of this one, Nmap (Network Mapper) is a free open source utility for network 

exploration or security auditing. It was designed to rapidly scan large networks, although it works fine 
against single hosts.Many systems and network administrators also find it useful for tasks such as network
 inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP 
packets in novel ways to determine what hosts are available on the network, what services
 (application name and version) those hosts are offering, what operating systems (and OS versions)
 they are running, what type of packet filters/firewalls are in use,and dozens of other characteristics. It may be 
used to discover computers and services on a computer network, thus creating a “map” of the network.Nmap
 runs on most types of computers and both console and graphical versions are available. Nmap is free and
open source.Can be used by beginners (-sT) or by pros alike (packet_trace). A very versatile tool, once you
 fully understand the results.



2. Nessus Remote Security Scanner 
Recently went closed source, but is still essentially free. Works with a client-server framework.Nessus is the worlds most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds 

largest organizations are realizing significant cost savings by using Nessus to audit business-
critical enterprise devices and applications.



3. Wireshark 
Wireshark is a GTK+-based  network protocol analyzer, or sniffer, that lets you capture and interactively browse

 the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and 
to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and
 Windows (with a GUI), easy to use and can reconstruct TCP/IPStreams! .


4. Cain and Abel 
The swiss knife of hacking tools..Cain & Abel is a password recovery tool for Microsoft Operating Systems. 

It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords 
using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
5. Kismet 
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with  any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a,

 and 802.11g traffic. A good wireless tool as long as your card supports rfmon


6. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use

 and has a nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you
 to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
  1. Verify that your network is set up the way you intended.
  2. Find locations with poor coverage in your WLAN.
  3. Detect other networks that may be causing interference on your network.
  4. Detect unauthorized rogue access points in your workplace.
  5. Help aim directional antennas for long-haul WLAN links.
  6. Use it recreationally for WarDriving.

7. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port 

scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest
 you check this out, it’s pretty nice.
Alternatively, you can try Angry IP Scanner which is a pretty good replacement for it
Share:

Top 5 Websites To Learn How To Hack Like Hackers

Top 5 Websites To Learn How To Hack Like Hackers



Whether you’re a college student, a well experience 
networking trainer or a computer games 
addicted – everyone comes across a situation where we 
make life a lot easier with some type of hacking.Maybe
 you’ve lost the license key that came with your genuine 
anti-virus or games package that you  paid for. Maybe
 you want to make a backup copy of your Favorite'Games,
 DVD Movies, but there is a copy-protection 
encoded into the disk. or May be your stuck on a your favorite online games and you want
 to know if any hacks available to leave up in the game.
In today’s age of computer and Internet technologies, everything is written in one or 
anther programming language. No programmer is perfect – they all make mistakes and always
 there are back door, secret codes and vulnerabilities in any application you come across.
 Believe me if you just following the efforts of active hacking communities or if you learn how
 to hack on your own, it shows you tremendous into the inner-working of your most “Trusted”
 games & software applications.
As we are exploring the hacking world , It should be keep some thing in your mind, there are
 two major type of hackers, we call them “White hat” and “Black hat” (today’s people also
 refereed gray hat which is a middle in black hat & white hat ). “White hat” hackers call themselves as “ethical hackers,” in that they find vulnerabilities and exploit to make the 
application’s programming more secure for everyone. However, there are many hackers 
community who find vulnerabilities to exploit in a application for crack or in server to break
 them and gain illegal access. Now you know what sort of community you may take interest
 to join them. Let’s get on top 5 Hackers communities where you can learn how to hack like 
hackers.
Top 5 Website, Where you can learn How to hack like Hackers
#1.  Hackfourms — Hacking and Market place
The no. 1 hackers communities with 225,405 memeber with 1,514,999 threads. where you can
 even learn computing, coding, Gaming, Graphics, in Market place you can buy code or can
 sell your own code of apps, games, tools, software anything. i recommend you this website
to learn hacking and also you’ll able to find many real hackers there from all over the world.
#2. EvilZone— Hacking and Warez 
It is the second largest Hacking communities and warez fourm with 6,500 members with active
 100,000 post ( old statistics ), likely this forums is very active and help you in any coding help,
 but be care full with “noob” they can’t handle and misguide you so always check reputation,
 position of members.
this website has no competition in amazing information for anyone who is looking for specific categories like gadget, cellphone, GPS devices, digital cameras, you’ll find all categories in right column. Unlike then other websites hack-a-day is more likely based on hardware. it’s dedicated to new, amazing innovation in physical hacking with gadget old hardware in your warehouses.
#4. Hack in the Box
If any website which help you to learn How to hack, this would be hack in the box, hack in
 the box is more about security and ethical hacking, it provide classes and conference , you can subscribe HITB magazine or HITB news from there main website, HITB has 14669
 members with  active 13879 topic and more interesting to learn how to hack.
#5 – Hack this site 
Hack this site is coolest website ever for free programmer training site where you can learn
 how to hack by accepting the different challenges, unlike then other website, hack this
site provide you different level of hacking challenges where you can check your level, it
 is a kind of honeypottype of website.
Hacking level are like mission design by this site designer, you need to carefully read &
 studies all the articles on this site and you have to find out the vulnerabilities of a site and
 attempts to use your new founded hacking skills to hack web page. missions include basic Realistic, application, programming. I’m sure you’ll be earn tittle of professional hackers if
you’re able to figure out how to properly hack the most difficult missions on this site.
Share:

How hackers hack facebook, gmail, yahoo accounts

How hackers hack facebook, 

gmail, yahoo accounts


These are the most common ways how hackers hack facebook, gmail and other accounts 
on social networking sites :
1.Phishing – It is technique in which hacker creates a fake page (login page) of the site. As the user fills his user id and password in the fields the hacker gets them .
2.Keyloggers -Keyloggers are used to record the key strokes typed by the victim. A hacker installs a keylogger in the pc of the victim and gets all the logs of password via mail or physical access .
3.Social engineering – Social engineering is understood to mean the art of manipulating  people into performing actions or divulging confidential information. Here a hacker uses his ability to speak,converse,read minds of people to extract information from them. Kevin mitnick is one hacker who is known to be master in this technique.
Look forward to further articles for details about these techniques. :)
Share:

How to Join Anonymous Army?

How to Join Anonymous Army?

What to join army? So are you like expecting from me that i will tell you that enrollment forms are out to join The Anonymous ? No, No such news ! And you cannot join anonymous ! In fact no one can !
Anonymous is not an organization,not a club too,nor a party.Anonymous has no ideology,no gurus and no leaders too.
Anonymous are like people who are with each other for a small time to bring do a task,be it good thing or bad.But as soon as that task is complete those people may or may not be together.You can compare them to a group of people traveling small distance together just like the passengers of a bus.
How do people from Anonymous communicate ?
Anonymous are regarded both as Heroes or Villains of cyber world by person to person.And just like every other person members of anonymous also communicate via the social network-,skype,yahoo etc.
How to recognize members of Anonymous ?
Members of Anonymous have no different characteristics.A person you meet or see everyday may be a member of anonymous and you have no idea about it.There is no age,sex,caste,country barrier to be a member of anonymous,anyone and everyone can be a member.All you require to be a member are – Skills !
During public appearances members of anonymous are often seen wearing Masks.
Is it Good or Bad to be a member of Anonymous ?
It is totally up to you ! If you are good you remain good being a member of anonymous too and vice verse !
Being associated with anonymous does not bring you any ”Bad” image as it is often misunderstood by people.
Anonymous group never asks it’s members for their personal information or identity proof.
How many Anonymous are there ?
There are many of them,more than we can think ! And as i had said,they are with each other for short time and they keep on adding every time they are together.
Share:

Top 5 Movies of All Time a Hacker Must Watch

Top 5 Movies of All Time a Hacker Must Watch


1. Pirates of Silicon Valley : A really good movie I must say which gives your an insight about Bill Gates and Steve Jobs. It tells you about their hard work, curiosity, leadership quality which lead to formation of Microsoft and Apple. The movie also provides us with some facts about the life’s of these two great men and truly and inspiration to a hacker or techie .
hacking watch
2. Firewall : Firewall is a movie which is quite interesting movie which revolves around a family being hijacked and the head of the family being forced to do some work for hijackers. There is a good use of gadgets in the movie.
3. Hackers : A young boy is arrested by the US Secret Service for writing a computer virus and is banned from using a computer until his 18th birthday. Years later, he and his new-found friends discover a plot to unleash a dangerous computer virus, but they must use their computer skills to find the evidence while being pursued by the Secret Service and the evil computer genius behind the virus(source:imdb.com). This movie if a very old one and reveals some old hacking techniques and displays the two sides of hacking culture and perception of government and people too towards hacking.
4. Enemy of The State : A lawyer becomes a target by a corrupt politician and his NSA goons when he accidentally receives key evidence to a serious politically motivated crime. A nice movie which a techie should surely enjoy.
5. The Social Network :  A great movie which tells about the founder of facebook Mr.Mark Zuckerberg and this is a very motivating movie which tells us about the success story of a student who went on to become the youngest Billionaire. Mark initially used hacking to get the pics of girls to make facemash.
Share:

Tuesday, 21 July 2015

Top 10 Facebook profile hacking Methods!

Top 10 Facebook profile hacking Methods!

There are many ways someone can hack Facebook Profile's, and here are the 10 most usual:

1. Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

2. Keylogging

Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3. Stealer's

Almost 80% percent people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealer's are software's specially designed to capture the saved passwords stored in the victims Internet browser.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http (non secure) connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections.

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards WiFi users.

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying software's used to monitor a Cellphone. The most popular Mobile Phone Spying software's are: Mobile Spy, and Spy Phone Gold.

7. DNS Spoofing

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.

8. USB Hacking

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.

9. Man In the Middle Attacks

If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.

10. Botnets

Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of compromised computer. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.
Share:

Saturday, 11 July 2015

SKEYE Nano Drone

SKEYE Nano Drone





Meet the SKEYE Nano Drone, measuring just 4.0 x 4.0 centimeter (or 1.57 x 1.57 inch)! An incredible quadcopter, so small it can easily sit on your thumb and fly on precision controlled exercises into the narrowest of nooks! The stylish design looks and performs amazing in flight. Turning cycles, figure of eights, banking turns are simple to achieve. Super stable indoors or even o
utside on a calm day.

The drone offers three flight modes: Beginners, for those aiming to become proficient at flight basics, Advanced, for those experienced in piloting a craft and an Expert modus. Bright, built-in LEDs make it easy to see the SKEYE Nano Drone in low-light conditions.





Exciting Aerobatics
High thrust, low weight, and incredibly responsive controls allow you to perform amazing maneuvers with just a flick of the sticks. The SKEYE Nano Drone aggressively snaps into forward and backward flips and barrel rolls with lightning speed. It can even make banked turns!

Six-Axis Stabilization
Sophisticated circuitry, piezoelectric gyros, and accelerometers give the SKEYE Nano Drone outstanding stability. Each time you power-on the drone, its smart software calibrates the model for stable flight. Take your hands off the sticks, and it returns to a solid and steady hover. You can even throw it in the air while throttling up and it will automatically stabilize!

A 3.7V 100mAh LiPo battery, USB charging cable, rotor protection guard and 4 replacement rotor blades are also included in the ready-to-fly package. All you need to add are two “AAA” batteries!



Features:
– Throw To Fly
– RTF (Ready to Fly) Technology
– 6-Axis Flight Control System w/ Adjustable Gyro Sensitivity
– Stable & Easy to Fly
– Aerobatic “Flip” Capability
– LED Lights for Night Flights
– 3-Level Adjustable Controller Sensitivity: Beginner, Mid-Level, Expert

Specifications:
– Gyro: 6-Axis Gyro
– Frequency: 2.4GHz
– Channels: 4
– Battery: 3.7V 100mAh
– Flight time: ~7-8 minutes
– Charging time: 30 minutes
– Controller Battery:2 x AAA (Not Included)
– Remote-controlled Distance: Up To 50m
– Weight: 11.9 gram (0.42 ounce)
– Dimensions: 4.0 x 4.0 x 2.2 cm (1.57 x 1.57 x 0.87 inch)
Share:

Friday, 10 July 2015

Found Clickjacking Vulnerability at Login Page





 I found Clickjacking Vulnerability at Login Page                                                                                                                     
Vulnerability Type : Clickjacking                                                                                                                                               
Two links are vulnerable to clickjacking .....Login page                                                                                                                                                                
https://auth.api.sonyentertainmentnetwork.com/login.jsp                            
https://www.oriss.ap.sony.com/Admin/Login.aspx
Vulnerability Description :
Typically there is one type of attack - cross site request forgeries (CSRF)
that can interact with functions on other websites.
Clickjacking (User Interface redress attack, UI redress attack, UI redressing)
is a malicious technique of tricking a Web user into clicking on something different 
from what the user perceives they are clicking on, thus potentially revealing confidential
information or taking control of their computer while clicking on seemingly innocuous web pages.
The server didn't return an X-Frame-Options header which means that this website could be at
risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate
whether or not a browser should be allowed to render a page in a  or                                


2.save it as .html eg sony.html
3.and just simply open that..             
          
As far as i know this data is enough to prove that your site is vulberable to Clickjacking..                                                  
according to OWASP its more than enough..
https://www.owasp.org/index.php/Testing_for_Clickjacking_(OWASP-CS-004)
Solution -->>                                                                                                                                                                                                                                                                                                                                                                                                               
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet                                       
check this out..here is the solution for that...                                                                                                                                                
Share:

get free cryto here

Check our new updates

CHECK THIS

get your free bitcoins here

Check your Ads here

Get Your Packs here

Powered by Blogger.

Wikipedia

Search results

Contact Form

Name

Email *

Message *

Followers

Total Pageviews

Facebook

Advertise

Translate

Custom Gadget

Blog Archive

Blogger templates