Allinone Cyberteam Pvt.Ltd.

Man In The Middle Attack The man-in-the-middle attack (also known as a bucket-brigade attack and abbreviated MITM) is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker. Ettercap Ettercap is a suite for man in the middle attacks on LAN (local area network). It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. In this tutorial i will explain how to sniff (user names,passwords) in LAN using Ettercap Configuring Ettercap for the Attack We will be using Ettercap to perform the MiTM attack, but to do so, we will have to set up Ettercap to use IPTables to forwa

What is Man-in-the-middle (MITM) attack? A man in the middle attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other. The attack gets its name from the ball game where two people try to throw a ball directly to each other while one person in between them attempts to catch it. In a man in the middle attack, the intruder uses a program that appears to be the server to the client and appears to be the client to the server. The attack may be used simply to gain access to the message, or enable the attacker to modify the message before retransmitting it. Man in the middle attacks is sometimes known as fire brigade attacks. The term derives from the bucket brigade method of putting out a fire by handing buckets of water from one person to another between a water source and the fire. What is BackTrack

What is Steganography ?  It is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. The word steganography is of greek origin and means "concealed writing" from the Greek words steganos meaning "covered or protected" and graphy meaning "writing". Anyone else viewing the message will fail to know it contains hidden/encrypted data. This can be achieved by concealing the existence of information within seemingly harmless carriers or cover.Carriers areText, Image, Audio, Video, etc History Of Steganography: Steganography has a long history. The first recorded uses of steganography can be traced back to 440 BC when Herodotus mentions two examples in his Histories. Demaratus sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing. Histiaeus shaved the head of his most trusted slave and tattooed a message on it. Aft

•Steganography from the Greek word steganos meaning “covered” and the Greek word graphie meaning “writing” •Process of hiding of a secret message within an ordinary message and extracting it at its destination •Anyone else viewing the message will fail to know it contains hidden/encrypted data This can be achieved by concealing the existence of information within seemingly harmless carriers or cover Carrier: Text, Image, Audio, Video, etc. History Of Steganography  Steganography ancient origins can be traced back to 440 BC, from the Histories of Herodotus Demeratus sent a warning about a forthcoming attack to Greece by writing it on a wooden panel and covering it in wax. Histiaeus, who shaved the head of his most trusted slave and tattooed a message on it. After his hair had grown the message was hidden. The purpose was to instigate a revolt against the Persians Techniques Of Steganography Masking and Filtering: Information is hidden inside of a image using digital wat

Registry •The registry is a hierarchical database that stores the values of variables in Windows and the applications and services that run on Windows. The operating system and other programs also use the registry to store data about users and about the current configuration of the system and its components. •The registry is available whenever the system is running, programs that start and stop can keep persistent data in the registry. Structure of the Registry •Much of the registry consists of nested containers known as subtrees, keys, and subkeys, which are like folders. •The actual data is stored in the registry entries, the lowest level element in the registry. •The series of nested containers make up a path to each entry. Because entry names are unique only within a path, entries are referenced by their full registry path and name. Subtree •Subtrees are the root, or primary divisions, of the registry. •The Windows Server 2003 registry is divided into five subtrees. Sub

Understanding Windows Registry •The Windows Registry is a hierarchical database that stores •configuration settings and options on Microsoft Windows operating systems. •It contains low level settings for operating system components and application. •The kernal, device drivers, services application make use •of it. •We will demonstrate registry hacking by:- 1. Hiding any Hard disk drive (HDD) 2. Changing the background of login screen Registry Hacking for Hiding Hard Disk Drive(HDD): 1.Start-Run-regedit 2.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Policies\Explorer 3.Right click-new -DWORD 32 bit - name it as NoDrives. Drive Decimal value C: 4 D: 8 E: 16 F: 32 •GOTO C:> Windows\System32\oobe\info\backgrounds\ Paste image less than 255kb name it as backgroundDefault.jpg •Note: - If you find any folder missing the create the folder with the name given in the path

Here we’ll learn how to break an Administrators password or to create an account without knowing the Administrator password. We need a backtrack CD What we’ll do here is, we will change the sticky key file “sethc.exe” file name to “cmd.exe” file so that if we will press the shift button 5 times on the login screen the command prompt will come up. Once the command prompt displayed we can make a user through command and can give the Administrators rights to him. Steps: 1. Insert the CD in CD-ROM Live boot the system through the backtrack O/S, Select the boot priority by pressing F12 CD/DVD After the machine will boot if it will ask you for the login, then the Username = Root Password = toor Type “startx” to change CLI to GUI Once you come to the GUI 2. Open a Terminal Type:#fdisk –l (To check the free disk) 3. #mkdir /mnt/cdrive (To make a directory to mount the cdrive, you can use any name here it is just a folder name) 4. #mount –t ntfs /dev/sda2 /mnt/cdrive (Mount the C