Essential Hack Tools

  • Category: Hacking & Security
  • Published on Sunday, 06 May 2007 06:35
  • Written by Nasirul Huq
  • Hits: 1601

Here is the list of Softwares and Tools with their details, that are essential for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons.

This atricle is meant to teach people about the ways 'Black-Hat' hackers exploite people's PC and Network to gain confidential information.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.

Sniffer


The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and  some not so common utilities related to network and system security.

Official Site

Download

Manual

Tutorial  

More will be added soon.... 

Recovering ADSL password [TOOL]

  • Category: Hacking & Security
  • Published on Thursday, 15 March 2007 07:07
  • Written by Nasirul Huq
  • Hits: 5220

ADSL password recovery is a small utility that can help you to recover your lost or forgotten ADSL connection password. The password is stored inside the ADSL router and can be retrieved usually by using the telnet interface or by checking the source of the router configuration pages -- well, that is for the advanced user with some background knowledge.

This utility is made for the novice user who doesn't have the knowledge to do all those complicated stuf -- it automates all this process to just a single mouse click! Yes its that easy !

Here is the way to retrieve the password stored in the ADSL Modem.
The username and password is stored in the modem itself, not in the PC or server. 

Installation of adslpwd utility :

First you need to download the latest copy of adslpwd from here. Its a zipped archive containing a single executable file.

Usage :

After you run the exe, it will give you the following screen, prompting you to enter the router IP address, login user name and password. Enter your router user name and password here and press Recover.
The default is admin/admin unless you have changed it. Click here to search for default username/password list.

 

 
What this utility does is that it connects to the telnet interface of your router available at the specified address (i.e., port 23), and attempt to download a configuration dump. Once this configuration dump file is received from the router, it parses the output line by line to match ADSL account user name and password. The program outputs the matched lines to the status window. It takes only one or two minutes to connect download and parse the configuration and find the password.

DONE.

I have tested this on Huawei MT880 and MT 882 routers. I cannot guarantee that they work on other routers too. But these commands are usually same on all devices so they should work on other routers too.

Recovering ADSL password [TELNET]

  • Category: Hacking & Security
  • Published on Thursday, 15 March 2007 06:09
  • Written by Nasirul Huq
  • Hits: 5122

Lost and forgotten passwords can be really tiresome when you realize you cannot retrieve them anymore. This can be the situation if you have a forgotten ADSL account password -- you can set a new one anytime, but often you are not permitted to know the old one.

We can easily do that using simple Telnet  program.

Here is the way to retrieve the password stored in the ADSL Modem.
The username and password is stored in the modem itself, not in the PC or server. 

But, before I start, this is geeks stuff and you shouldn't try it if you are not confident with CLI. You can follow the steps, its quite easy, but if you face any problems, you must not force it to work. You must google out to find the solution. There is also a Tool  to do the same thing, you can check that out here but its trial.

Here are the steps :

  • Start > Run > Cmd <Press Enter> in Windows platform or start Terminal <Press Enter> in Linux platform.
      • On the Command line, type:
                       telnet 192.168.1.1 <Press Enter> or the IP on which is assigned to the ADSL modem
      • Type your router username and password.
        The default is admin/admin unless you have changed it. Click here to search for default username/password list.
      • On the telnet cli, type this:
                       console enable <Press enter>
        Console should look like this:
                       Quantum>
      • Now in the console mode, type this :
                       Quantum> fm <Press Enter>
      • Now type:
                       Quantum fm>cat im.conf <Press Enter>
      • Now this will be a big file, and will take around a 20 seconds to list. After the listing is finished, find the string "password". The text listed against weLoginName and weLoginPassword is your ISP username and password respectively. Its stored in cleartext. Like this -

 

DONE.

I have tested this on Huawei MT880 and MT 882 routers. I cannot guarantee that they work on other routers too. But these commands are usually same on all devices so they should work on other routers too.

Send Free SMS from your Mobile

  • Category: Hacking & Security
  • Published on Saturday, 22 October 2005 13:42
  • Written by Nasirul Huq
  • Hits: 1455

It is possible to send free SMS from some mobiles with some mobile operators. To achieve this you need to enter a special code that will bypass the billing-system of mobile operators. This code was actually meant for diagonistics and reporting purpose for mobile operators.

The code is *#746025625#  (please note the * and # in front and the # at the end)

This code actually just stops the SIM clock on most Nokia and Sony Ericsson phones though some firmware versions on phones are unaffected. The clock stops for just about 3 mins and if your operator bills according to SIM clock time then you can theoretically make free calls. However, most operators now bill remotely according to their own clocks. Some operators may still allow free calls in their pre-paid schemes.

As for sms, many operators have a few message centers that allow free text messages to go through if they're sent immediately after entering this code.

Most operators though know about this code so its unlikely that you will be able to use this feature indefinitely - use it as a one-time emergency option.