FN SECURE: 10/01/2011 - 11/01/2011

Call Us For Workshops Or Seminars.. In Your University, Colleges, or Schools.
Email Us At : vicky@globallyunique.in

Save as PDF

Tor 0.2.2.34 Released with fixes of anonymity vulnerability



Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can de-anonymize Tor users. Everybody should upgrade. Clients should upgrade so they are no longer recognizable by the TLS certs they present. Relays should upgrade so they no longer allow a remote attacker to probe them to test whether unpatched clients are currently connected to them.This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays. Some bridge enumeration attacks still remain.
Download Here



More Downloads


                                                      Plz, Post a Thanks To Keep This Post Alive!

Read more

How to bypass/hack a Firewall

Firewall is a basic and main component for securing a network . The basic purpose of a firewall is to isolate one network from another network so that networks can't make effect on each other.Hackers often bypass Antiviruses and Anti-spywares by some methods Like Crypting,Hexing, File-pumping etc,but it becomes very difficult for a Hacker to bypass a Firewall that's why I am writing this article about How to bypass a Firewall easily. 
Firewall is often called Hindrance(Obstacle) by hackers. In the below chart ,the complete working of firewall is shown :
The method which is mostly used by Hackers to bypass firewall is known as SSH tunneling.

What is SSH Tunneling?

  • Well according to wikipedia:
A Secure Shell (SSH) tunnel consists of an encrypted tunnel created through an SSH protocol connection. Users may set up SSH tunnels to tunnel unencrypted traffic over a network through an encrypted channel.
For more information on SSH Tunneling See it on Wikipedia Here

Reason to Bypass firewall

Firewall is always a problem for Hackers.Particularly if you are in university or working somewhere,you have examined that the network administrators deny access to file sharing, instant messaging or social networks such as facebook or myspace with a firewall or proxy server.So when ever you want to connect to them a message comes that these services are unavailable or something like that.To avoid this ,we have to break firewall so that we may access these services. 

SSH Tunneling

Now we will see How to Hack or Bypass firewall using SSH Tunneling
  • First of all Create an account for SSH access.There are many sites which provide paid and free SSH access.One of them is Superprotocol .
  • Now download an open source SSH Client named Putty .
  • After downloading ,execute the software and run it.
  • Now you will come to this configuration settings page.

  • Now in the host name,enter the server through which we can connect SSH access.make sure SSH is selected using port 22.
  • Next, in the SSH options,click on Tunnels,here we will set up a Tunnel.
  • Change the Source port to 8080 and then click on Dynamic.
  • After doing all this click on Open. 
  • Now login in with username and password which we given in SSH Provider.
  • Establishing the tunnel part is completed now.

Wire Shark Instalation

  • Now we need to Download another software named Wire Shark and execute wireshark.
  • Now start Packet capture,in the beginning it will be empty.
  • Open google.com in your browser and then packets getting captured by the software.

Configuring Mozilla

 Now the next part is the configuring of Mozilla Firefox so that we can use SSH connection.
  • Open the Mozilla browser and open "Tools" menu and then "Options".
  • Click on "Advanced" button tab, and then "Network" tab, and then click on "Settings".

  • Now you are in Connection Settings enter "localhost" as the "Socks Host and port number, such as "1080" into the "Port:" field.
  • Now come back to wire shark you will see some SSH connection but now there's no information about what is being sent from server to client.

Read more

How to use proxy easily in Backtrack 5


Hey guys how u been ??? hope u enjoying , huh !!!
There are a lot of ways to hide your identity , either by single proxy or by multiple proxies like TOR which Xeo Hacker explained in a recent post.

But if u have BackTrack then nothing to worry about you can use proxy very easily and u can use multilple proxies also.

Well its called proxychains ..


So lets get started

wat it does


Well proxychains is a inbuilt tool in backtrack to let u use proxy very easily. It uses proxy according to the configuration file , which we gonna config and it takes u to any address or url via multiple proxies.


proxychains intro



well actually there is a configuration (.conf) file in etc folder . its named proxychains.conf . This is the file where u will do all ur stuffs and u'll hide your identity just by typing a single command once you configure.

Go to terminal and type following command then hit enter
gedit /etc/proxychains.conf

Wat happened ??? there is a gedit window opened with some text in it ... its actually ur config file


Modes or types of proxychains


There are 3 modes of proxychains
  1. dynamic_chain:This uses the list of proxies in the same order as u placed
  2. strict_chain:almost similar to previous one except it will not work if it gets any dead proxy server
  3. random_chain:this is the best .. this chooses and uses proxies randomly

Configuration of the file


u have to open that file with root privilege to edit that file so first issue following command
sudo su
then issue this command
gedit /etc/proxychains.conf
now you have to follow these steps
  • comment out the mode u want to use 









as u can see i have commented out random_chain by "//" .
  • now go to any proxy server list .. just google it .. i'll be using socks4 proxy servers so search on google .. then copy some IPs and their port no. and then  paste it where it says add proxy here . refer the pic at last i have added some IPs.

Now your configuration is done .....

How to use proxychains

to use proxychains just have to issue some commands as listed below.
proxyresolv [the site u want to open]

proxychains firefox [the site u want to open ]  (for firefox)

Read more

Preview YouTube ‘Like Bar’ On Video Thumbnail


We normally click on a YouTube video thinking that it is interesting because of the thumbnail preview and it turned out to be either boring or useless and just a waste of time.That's why YouTube has a like bar which tells the users whether the video is good or bad but the problem is we don’t see the like bar until we click on the video. The Search results only show us the views for a video and we probably think that so much views the video must be great.So lets get rid of it and use YouTube Ratings Preview

What is YouTube Rating Preview

YouTube Ratings Preview is a Chrome extension and by using this extension we can see the like bar on the thumbnail of a video in both search results and suggested videos,and we can easily judge that whether the video is worth watching or not.

Note : This extension works only for Chrome.

Read more

Most advanced and dangerous malware for Apple products - Why you should be concerned !




Indian security researcher from MalCon has created an advanced and dangerous malware for Apple products which can not only compromize your privacy but also steal important data and let hackers control your device by simple text messages.

If you are using any Apple product such as iPhone, iPad or iPod, then you shuuld be concerned. Indian security researcher from MalConAtul Alex has created an advanced malware for the Apple products which can not only intercept calls of users, steal data, but also provide a reverse VNC to see remotely all the actions of the victim.
The malware can be deployed remotely over the web and is supposed to work on the latest iOS 5. Atul Alex, Technical director of MalCon said "Apple products are extremely secure by design. The malware works on jailbroken devices - something which over 90% of users have. If your device is not jailbroken, you have nothing to worry about!".

However, over 90% of users normally jailbreak their devices. iOS jailbreaking, or simply jailbreaking, is the process of removing the limitations imposed by Apple on devices running the iOS operating system through use of custom kernels. Such devices include the iPhone, iPod Touch, iPad, and 2nd Gen Apple TV. Jailbreaking allows users to gain root access to the operating system, allowing iOS users to download additional applications, extensions, and themes that are unavailable through the official Apple App Store. A jailbroken iPhone, iPod Touch, or iPad running iOS can still use the App Store, iTunes, and other normal functions, such as making telephone calls.

The malware malware boasts of the following features:
• Control devices by SMS
• Invisible Malware
• VNC Server to view remote screen
• Record and listen to all calls remotely
• Upload / Download user Data
• Access all mails and texts

The Malware will be demonstrated next month at the upcoming International Malware Conference, MalConin Mumbai, India. The researcher Atul Alex has previously coded and demonstated a custom malicious firmware for Symbian last year.

Read more

Anonymous DDOS Oakland police site after violence


Cyber activists associated with Anonymous have targeted the Oakland Police Department (OPD) and other law enforcement agencies that participated in a controversial crackdown against OccupyOakland protestors. A DDOS (distributed denial-of-service) attack against the department's websitewww.oaklandpolice.com is underway, and the website currently is unreachable.

AnonyOps tweet "I'm amazed and proud of #occupyOakland protesters who stood defiant, peaceful in the face of lethal force by Oakland PD."

Police fired a number of tear gas canisters, concussion grenades, rubber bullets and non-lethal rounds at demonstrators on Tuesday night, drawing widespread condemnation for the use of heavy-handed tactics against unarmed civilians.


The attack was first announced via Anonymous' AnonOps Twitter feed. "@Anon_Central: Admin/User/Password Dump of oaklandnet.com Problem Oakland authorities? F--- you! >>pastebin.com/S8VRwRxQ #Anonymous," read AnonOps' tweet.

Reports of police violence against Oakland protesters re-emerged Tuesday on the movement's Web site,occupyoakland.org. The Web site published statements charging the U.S. police of numerous acts of brutality, during a recent raid designed to evict protesters from their encampment.

The most seriously injured victim was Scott Olsen, an Iraq War veteran, who suffered a fractured skull after being struck by a police projectile. His condition was upgraded to "fair" today, according to reports. According to the Pastebin document, Anonymous is offering a "no questions asked" $1,000 reward for information about the officer who threw the projectile at Olsen.

Read more

How to Beat Evil Governments When Your Internet Turned Off ?





Bruce Sutherland explain at DefCon 19 Conference that "How To Get Your Message Out When Your Government Turns Off The Internet" . Bruce Sutherland  is a network systems architect and software developer with Domex Computer Services Inc, based in Melbourne Beach, FL.

How would you communicate with the world if your government turned off the Internet? Sound far-fetched? It isn't. It already happened in Egypt and Lybia and the US Congress is working on laws that would allow it to do the same. In this talk we'll explore how to get short messages out of the country via Email and Twitter in the event of a national Internet outage. Remember, data wants to be free.

Bruce has worked in the industry for over 20 years and has recently been working on building and hardening web-based applications. He has been an amateur radio operator since 2003 and enjoys making contacts worldwide via amateur radio satellite and on the traditional HF bands.


Download Complete PDF presentation here.

Read more

Malware for xbox Kinect created by 15 years old Indian researchers




Indian researchers from MalCon have created a malware that utlizes Microsoft Kinect to secretly capture pictures and upload to a picasa account.

A 15year old Indian security researcher 'Shantanu Gawde' from MalCon Research has created a malware that utilizes the Microsoft xbox kinect controller.
Kinect for Xbox 360, or simply Kinect, is a motion sensing input device by Microsoft for the Xbox 360 video game console. With over 10 million devices sold till date, the kinect holds the Guiness book for world record for the fastest selling consumer electronics device - and is exactly the reason why the malware is a concern.

In recent months, there have been a number of innovative kinect hacks that make use of the kinect using both Open source drivers and the Kinect SDK. The malware, code-named 'gawde' after its creators name, works on Windows 7 to secretly capture pictures of the victim / surroundings from a connected Kinect device and uploads them to a picasa account.

Rajshekhar Murthy, Director at ISAC, (Information Sharing and Anaysis Center), a scientifc non-profit body that holds the International Malware Conference, MalCon said. "We believe that in coming years, a lot of windows based applications will be developed for Kinect and the device will gain further immense popularity and acceptance- and from a perpective of an attacker, such a popular device can be an exciting target for visual and audio intelligence. At MalCon research labs, we promote proactive security research and the malware utilizing Kinect is only a proof of concept. "

The kienct malware 'gawde' goes a step ahead and even uses voice recognition to execute a program based on keyword, without the knowledge of the victim. The malware PoC will be demonstrated at the upcoming MalCon 2011 in Mumbai, India.

Read more

Save this Page

Download as PDF