::: Credential Harvester Attacker Method Using Social Engineering Toolkit Tutorial :::

Hello friends today i'm going to share a tutorial on "How to get victims username and password credentials ?" by using Social Engineering Toolkit.

Brief Intro : This is a sample demo on one of the attacks in the social engineering toolkit called the Credential Harvester. I'm going to show you ways to hack someone outside the network using your external ip address which you can get at www.ipchicken.com.


WARNING : This is for educational purpose, I'm not responsible for any illegal activities performed by U

Requirements :
1) BackTrack5r3 OS
2) Vmware workstation
3) Basic knowledge on Unix commands 

Follow the below screenshots :

                                                       WARNING : This is for educational purpose only...

Friends last thing i want to say that ... whenever you click on some link spend your few seconds to read it before you face calamity ...

Thank You and Keep Following :)

4 years old Android bug affects 99 percent of devices

Security researchers from bluebox has discovered a 4 year old Android bug ( since Android 1.6 Donut,) and affects 99 percent (or nearly 900 million devices) of devices released in the last 4 years.
This Android vulnerability allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end-user.

"Installation of a Trojan application from the device manufacturer can grant the application full access to Android system and all applications (and their data) currently installed.
The application then not only has the ability to read arbitrary application data on the device (email, SMS messages, documents, etc.), retrieve all stored account & service passwords,
it can essentially take over the normal functioning of the phone and control any function thereof (make arbitrary phone calls, send arbitrary SMS messages, turn on the camera, and record calls). Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these “zombie” mobile devices to create a botnet."

The Bluebox team says the vulnerability was disclosed to Google in February 2013. Now it’s up to device manufacturers to produce and release firmware updates for mobile devices (and furthermore for users to install these updates).

More details : http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/

Subscribe the blog for more feeds  ...

Sandboxie ::: Secure Your PC by running Malicious Softwares in a Virtual ENV

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.

Benefits of the Isolated Sandbox

• Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.

• Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.

• Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.

• Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Download Sandboxie now and give it a try!

Source : http://www.sandboxie.com/