Virus Total: Ultimate On-line Virus Scanner

  • Category: Hacking & Security
  • Published on Monday, 27 January 2014 02:07
  • Written by Nasirul Huq
  • Hits: 2987

Got new, unknown, untested file from a friend/colleague ? The file is so important that you must use it with your computer having very very important data ? You can test it with your anti-virus and another by your friend's PC. But no anti-virus is 100% correct. Only 95% accurate.

Now test the file with Top 32 anti-viruses for FREE !!

VirusTotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines.

Virus Total

Specifications

  • Free, independent service.
  • Use of multiple antivirus engines.
  • Real-time automatic updates of virus signatures.
  • Detailed results from each antivirus engine.
  • Real time global statistics
Received Files / Infected Files
(Last 24 Hours)
     Failures in Detection
(Last 24 Hours)
Stat1
 
Stat2
This image shows the number of files that have been detected as infected (Red) among the total number of files received within the last 24 hours (clean ones marked in Blue).  

Red: Infected files which one or more antivirus engines failed to detect as a threat.
Blue: Infected files detected by all antivirus engines.

Antivirus Engines

This is a list of the companies that participate in VirusTotal with their antivirus engines.

Usability

There are several ways user can scan a suspicious file.

VT Uploader 1

  1. Directly upload the file(s) through their web-form.
  2. Forward the mail with attachment(s) you just got, to This email address is being protected from spambots. You need JavaScript enabled to view it.">This email address is being protected from spambots. You need JavaScript enabled to view it..
    Details Here
  3. Install a small Client Software for Windows that enables you to directly send files from your system using the context menu.
    Details Here.
    Virustotal

Scanning System

Through it scans your file with multiple antivirus scanners, but still its not that slow. This is due to its intelligent scanning signature system. If a file is scanned for the 1st time by VirusTotal, its stores the report (success/failure) in its database along with its signature (MD5) value and creates a certificate. if the same file is requested to be scanned by you or by others it instantly generates the report.

VT Report2

Hope Hispasec will continue this awsome service for a long long time for FREE.

Windows XP Password Hack

  • Category: Hacking & Security
  • Published on Thursday, 09 October 2008 13:42
  • Written by Nasirul Huq
  • Hits: 1196

Forgot the Windows XP Administrator password ? Or maybe you never knew the password ? Is your Administrator giving you limited access/resources ?  There's hope !

Crack Windows XP password in 30 seconds !

Windows XP Professional comes with more than one way to control the user accounts. However, it leaves one mostly hidden. This one is called Control Userpasswords2, and it can be used to automatically login to XP Pro.

Its just a 5 Step process without using any other 3rd-party softwares or tools. More interesting thing is that, you can do this even if you are under Guest user !!

Steps

  1. Go to the Start Menu and click Run.
    Run
     
  2. In the Run text box, type control userpasswords2 and click OK.
    Command

Now you have 2 Options -
 
either Reset Administrator Password only
or, Reset every Users' Password including Administrator.
If you want to Reset Administrator Password only -
  1. Click on the Reset Password.... button.
    Admin Password Reset
     
  2. Set new Password or make it blank by hitting Enter in both text-boxes.
  3. Click OK
Done. Now you can login the system as Administrator.
If you want to Reset every Users' Password including Administrator - 
  1. Uncheck the checkbox that says "Users must enter a user name and password to use this computer."
    Setup 1
     
  2. Click the Advanced tab and uncheck "Require users to press Ctrl + Alt + Delete"
    Setup 2
     
  3. Click OK
  4. When the dialogue box pops up, type in your username and password (if you do not have a password, leave it blank)
    Password Reset 
Done.

You can try more methods here

Secure your Wi-Fi Network

  • Category: Hacking & Security
  • Published on Sunday, 31 August 2008 13:42
  • Written by Nasirul Huq
  • Hits: 1307

http://infotech.indiatimes.com/quickiearticleshow/3488190.cms

http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm

http://www.wlanbook.com/netstumbler-alternatives/ 

http://compnetworking.about.com/od/wirelesshotspots/qt/noautoconnect.htm

http://www.dailywireless.com/features/secure-wireless-lan-021507/ 

Wardriving, in which any person within the peripheral reach of your router’s wireless signal (between 20 to 100 metres) can simply stand outside your premises in a car or on a bike and send a terror mail by using a laptop or handheld device. 

Definition of White-Hat Hacker :

White Hat Hackers, also known as Ethical Hackers, are Computer Security experts, who specialise in Penetration Testing, and other testing methodologies, to ensure that a company's information systems are secure. Such people are employed by companies where these professionals are sometimes called sneakers. These Security experts may utilise a variety of methods to carry out their tests, including Social Engineering tactics, use of Hacking tools, and attempts to evade security to gain entry into secured areas.

Wikipedia

  1. Change Default Admin Password.
  2. Change Default IP and Netmask.
  3. Disable remote administration.
  4. Change SSID.
  5. Turn off SSID broadcasting.
  6. Turn off PING Response.
  7. Turn on (Compatible) WPA / WEP Encryption. WPA instead of WEP
  8. Enable MAC Address Filtering.
  9. Turn off Auto-Connect to Open WiFi Network.
  10. Assign Static IP Addresses to Devices.
  11. Enable Firewalls On Each Computer and the Router.
  12. Position the Router or Access Point Safely.
  13. Reduce your WLAN transmitter Power.
  14. Install Firewalls, Anti-Virus, Anti-Spyware on Each Computer.
  15. Turn Off the Router when its not in use.

Test Tool: http://www.netstumbler.com/downloads/
http://www.metageek.net

Setting up a wireless network isn't easy--and the hardest part is making sure that you have it working properly. Netstumbler helps you optimize your wireless network by showing you whether it has any holes. With NetStumbler, you can locate WLAN areas with poor coverage and detect other networks that may be interfering with your network. You can also detect unauthorized access points.

How the SSID spreads virally.

A second person in close proximity to the user above also has a wireless enabled laptop and is looking to connect to a WiFi network. They scan to see what is available and notice an SSID called “Free Public WiFi”….they connect to it not knowing that it is an ad hoc network. After a few seconds of wondering why they can’t surf the web they disconnect from the SSID, shrug their shoulders and move on with life. Now they have the viral SSID in their preferred list too. The next time they power on their laptop it starts to look for the “Free Public WiFi” SSID. This process is repeated in many locations across the US and world again and again. Soon this SSID is in preferred wireless networks lists everywhere spreads like a virus.

What is MAC ?

In Computer Networking, a Media Access Control address (MAC address) or Ethernet Hardware Address (EHA), hardware address, adapter address or physical address is a quasi-unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number.

Wikipedia

Access Password Recovery

  • Category: Hacking & Security
  • Published on Thursday, 10 April 2008 06:57
  • Written by Nasirul Huq
  • Hits: 1108

Ever lost the entire data as you or your colleague gave you a password protected Access file but forgot the password !! Your entire months of work is just ruined ? Here comes the rescue.

Description

This utility reveals the database password of every password-protected mdb file that created with Microsoft Access 95/97/2000/XP or with Jet Database Engine 3.0/4.0 . It can be very useful if you forgot your Access Database password and you want to recover it.

Known Limitations

  • In Access 2000/XP files, this utility cannot recover passwords that contains more than 18 characters.
     
  • This utility shows only the main database password. It cannot recover the user-level passwords.

Using Access PassView

Using the Access PassView utility is very simple. it doesn't need any installation process or additional DLL files. You can run the "accesspv.exe" file from any directory you want, and start to work. In order to get the password from your mdb file, click the "Get Password" button, select the mdb file and the password will be shown in the main text box.

There are also 2 alternative ways for getting the password of mdb file:

  1. Drag & Drop: You can get the password of your mdb file by dragging it from the explorer window into the Access PassView window.
     
  2. Command-line: You can get the password of your mdb file by adding the filename as command-line parameter.
          For example:
          d:\>accesspv.exe c:\access\mymdb.mdb

Access PassView

We have personally tested the software with 100% success.

Download

Mirror

Website

This email address is being protected from spambots. You need JavaScript enabled to view it.

Sniff plain-text passwords over network

  • Category: Hacking & Security
  • Published on Wednesday, 06 June 2007 06:32
  • Written by Nasirul Huq
  • Hits: 1235

The following is an instructional tutorial. I hope to show how easy it is to sniff people's passwords in plain-text form on virtually any wired network. Common applications for this would be on a university, school or otherwise large network. This has only been tested on a Windows machine, but can be used to sniff passwords from any operating system.

Steps:

  1. Download, install and run Cain & Abel.
  2. Click "Configure" in the top bar.
  3. In the "Sniffer" tab, click the adapter which is connected to the network to be sniffed, then click "Apply", then "OK".
  4. Click the "Sniffer" tab in the main window.
  5. Click the network card in the top bar (2nd icon from the left).
  6. Click the "+" button in the top bar.  
  7. Select "All hosts in my subnet", click "OK". Entries should appear in the main window under the "IP address", "MAC address" and "OUI fingerprint" headings.
  8. From the "Sniffer" tab, click "APR" in the bottom tab. 
  9. Click the top right pane in the main window. Click the "+" button in the top bar. 
  10. Click on the router in the left pane. The router is generally the entry which has the lowest final IP value (xxx.xxx.xxx.*). Highlight the IP addresses to sniff in the right pane. Click "OK". 
  11. Click the ARP icon in the top bar (3rd icon from the left). Wait until other users have logged into websites on other computers. Depending on the size of the network and the traffic which this network receives, this can range from minutes to hours. 
  12. After some time has passed, click "Passwords" in the bottom tab. 
  13. In the left pane, select the bolded entries. The right pane should show the time, server, username, password (in plaintext) and site accessed. 

Please use this tutorial with caution as most private institutions, as well as countries, have strict rules and laws against network sniffing and could lead to expulsion from an institution, as well as critical litigation! This tutorial is for educational purposes only and should only be used to demonstrate the security weaknesses of common networking infrastructures.