TABNAPPING

Posted by Ganesh Murugaraju

TABNAPPING
Most Internet users know to watch for the telltale signs of a traditional phishing attack: An e-mail that asks you to click on a link and enter your e-mail or banking credentials at the resulting Web site. But a new phishing concept that exploits user inattention and trust in browser tabs is likely to fool even the most security-conscious Web surfers.
As Mozilla Firefox creative lead Aza Raskin describes it, the attack is as elegant as it is simple: A user has multiple tabs open, and surfs to a site that uses special javacript code to silently alter the contents of a tabbed page along with the information displayed on the tab itself, so that when the user switches back to that tab it appears to be the login page for a site the user normally visits.
Consider the following scenario: Bob has six or seven tabs open, and one of the sites he has open (but not the tab currently being viewed) contains a script that waits for a few minutes or hours, and then quietly changes both the content of the page and the icon and descriptor in the tab itself so that it appears to be the login page for Gmail.
In this attack, the phisher need not even change the Web address displayed in the browser’s navigation toolbar. Rather, this particular phishing attack takes advantage of user trust and inattention to detail, or what Raskin calls “the perceived immutability of tabs.” Then, as the user scans their many open tabs, the favicon and title act as a strong visual cue, and the user will most likely simply think they left a Gmail tab open.
“When they click back to the fake Gmail tab, they’ll see the standard Gmail login page, assume they’ve been logged out, and provide their credentials to log in,” Raskin explained. “After the user has enter they have entered their login information and sent it back your server, you redirect them to Gmail. Because they were never logged out in the first place, it will appear as if the login was successful.”
Raskin includes a proof-of-concept at his site, which is sort of creepy when you let it run. In fact, at least once while composing this blog post in Firefox I went to click on the tab that had my Gmail inbox open, only to discover I’d accidentally clicked on Raskin’s page, which had morphed into the fake Gmail site in the interim.
It’s important to keep in mind that this attack could be used against any site, not just Gmail. Also, Raskin includes a few suggestions about how this attack could be made far sneakier — such as taking advantage of CSS history attacks.
Of course, if you are browsing with the excellent “Noscript” add-on and this is a site you have not allowed to run javascript, the proof-of-concept won’t work until you allow javascript on the page. It did not work completely against the Safari browser on my Mac (no favicon), and the test page failed completely against Google Chrome. [Update: As several readers have correctly pointed out, this attack does in fact work against Chrome, although it doesn't seem to change the favicon in Chrome tabs].
I’m left wondering what this new form of phishing will be called if it is ever adopted by the bad guys. Tabnabbing? Tabgrabbing? See if you can coin a better phrase in the comments below.
Update, May 25, 7:55 p.m. ET: Researcher Aviv Raff has posted an interesting proof-of-concept of his own that shows how this attack can work against Firefox even when users have the Noscript add-on installed and in full paranoid mode. Raff crafted his page, which is a mock up of this blog post, to morph into an image of the Gmail login page, and it will reload every 20 seconds but will only change to the sample phish page if you move to another tab with your mouse, or after 10 reloads (in case you moved with the keyboard). So it will change only after 3 minutes or so, unless you move to another tab with your mouse.
“I was trying to find a way to work around the javascript need for the [proof-of-concept],” Raff said in an instant message. “First I was able to do this without knowing if the user moved to a new tab. Now I can almost be sure of that.”
Update, May 27, 11:41 p.m. ET: For Firefox users with the Noscript plugin, there is an update to the program that can block these types of tabnabbing attacks.

Know About Virus

Posted by Ganesh Murugaraju

Computer Virus is a kind of malicious software written intentionally to enter a computer without the user’s permission or knowledge, with an ability to replicate itself, thus continuing to spread. Some viruses do little but replicate others can cause severe harm or adversely effect program and performance of the system. A virus should never be assumed harmless and left on a system. Most common types of viruses are mentioned below:

Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.

Examples include: Randex, CMJ, Meve, and MrKlunky.

Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.

Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.

The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.

Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.

Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.

The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.

Examples of boot viruses include: Polyboot.B, AntiEXE.

Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.

Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.

Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running the virus program, while the original file and program have been previously moved by the virus.

Once infected it becomes impossible to locate the original files.

Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.

This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.

Examples include: Elkern, Marburg, Satan Bug, and Tuareg.

File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.

Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).

Some examples include: Stator, Asimov.1539, and Terrax.1069

FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

Worms
A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.

Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.

Trojans or Trojan Horses
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms.

Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.

Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.

Country Codes

Posted by Ganesh Murugaraju

International Country Code Listing

*UNITED KINGDOM/IRELAND
------------------------------------
IRELAND.........................353
UNITED KINGDOM...................44

*EUROPE

------------------------------------
ANDORRA..........................33
AUSTRIA..........................43
BELGIUM..........................32
CYPRUS..........................357
CZECHOLSLOVAKIA..................42
DENMARK..........................45
FINLAND.........................358
FRANCE...........................33
GERMAN DEMOCRATIC REPUBLIC.......37
GERMANY, FEDERAL REPUBLIC OF.....49
GIBRALTAR.......................350
GREECE...........................30
HUNGARY..........................36
ICELAND.........................354
ITALY............................39
LIECHTENSTEIN....................41
LUXEMBOURG......................352
MONACO...........................33
NETHERLANDS......................31
NORWAY...........................47
POLAND...........................48
PORTUGAL........................351
ROMANIA..........................40
SAN MARINO.......................39
SPAIN............................34
SWEDEN...........................46
SWITZERLAND......................41
TURKEY...........................90
VATICAN CITY.....................39
YUGOSLAVIA.......................38

*CENTRAL AMERICA

------------------------------------
BELIZE..........................501
COSTA RICA......................506
EL SALVADOR.....................503
GUATEMALA.......................502
HONDURAS........................504
NICARAGUA.......................505
PANAMA..........................507

*AFRICA

------------------------------------
ALGERIA.........................213
CAMEROON........................237
EGYPT............................20
ETHIOPIA........................251
GABON...........................241
IVORY COAST.....................225
KENYA...........................254
LESOTHO.........................266
LIBERIA.........................231
LIBYA...........................218
MALAWI..........................265
MOROCCO.........................212
NAMIBIA.........................264
NIGERIA.........................234
SENEGAL.........................221
SOUTH AFRICA.....................27
SWAZILAND.......................268
TANZANIA........................255
TUNISIA.........................216
UGANDA..........................256
ZAMBIA..........................260
ZIMBABWE........................263

*PACIFIC

------------------------------------
AMERICAN SAMOA..................684
AUSTRAILIA.......................61
BRUNEI..........................673
FIJI............................679
FRENCH POLYNESIA................689
GUAM............................671
HONG KONG.......................852
INDONESIA........................62
JAPAN............................81
KOREA, REPUBLIC OF...............82
MALAYSIA.........................60
NEW CALEDONIA...................687
NEW ZEALAND......................64
PAPUA NEW GUINEA................675
PHILIPPINES......................63
SAIPAN..........................670
SINGAPORE........................65
TAIWAN..........................886
THAILAND.........................66

*INDIAN OCEAN

------------------------------------
PAKISTAN.........................92
SRI LANKA........................94

*SOUTH AMERICA

------------------------------------
ARGENTINA........................54
BOLIVIA.........................591
BRAZIL...........................55
CHILE............................56
COLOMBIA.........................57
ECUADOR.........................593
GUYANA..........................592
PARAGUAY........................595
PERU.............................51
SURINAME........................597
URUGUAY.........................598
VENEZUELA........................58

*NEAR EAST

------------------------------------
BAHRAIN.........................973
IRAN.............................98
IRAQ............................964
ISRAEL..........................972
JORDAN..........................962
KUWAIT..........................965
OMAN............................968
QATAR...........................974
SAUDI ARABIA....................966
UNITED ARAB EMIRATES............971
YEMEN ARAB REPUBLIC.............967

*CARIBBEAN/ATLANTIC

------------------------------------
FRENCH ANTILLES.................596
GUANTANAMO BAY (US NAVY BASE)....53
HAITI...........................509
NETHERLANDS ANTILLES............599
ST. PIERRE AND MIQUELON.........508

*INDIA

------------------------------------
INDIA............................91

*CANADA

------------------------------------
TO CALL CANADA, DIAL 1 + AREA CODE +
LOCAL NUMBER.

*MEXICO

------------------------------------
TO CALL MEXICO, DIAL 011 + 52 + CITY CODE+ LOCAL NUMBER.


To dial international calls:


International Access Code + Country code + Routing code


Example :


To call Frankfurt, Germany, you would do the following:


011 + 49 + 611 + (# wanted) + # sign(octothrope)


The # sign at the end is to tell Bell that you are done entering in all the

needed info.

DOS Attack

Posted by Ganesh Murugaraju

*** DOS ATTACK ***

DOS – Denial Of Service :

DOS attacks are the one of the most serious attack, protection against these kinds of attacks are too difficult. A denial of service attack (DOS) is when an attacker can make a system unusable or significantly slow for legitimate users by overloading the resources, so that no one can access it. If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine by using denial of service attack. Dos is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer's network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that's all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests. Not all service outages, even those that result from malicious activity, are necessarily denial-of-service attacks. Other types of attack may include a denial of service as a component, but the denial of service may be part of a larger attack. Illegitimate use of resources may also result in denial of service. For example, an intruder may use of an anonymous ftp area as a place to store illegal copies of commercial software, consuming disk space and generating network traffic. A denial of service attack can also destroy programming and files in a computer system. Although usually intentional and malicious, a denial of service attack can sometimes happen accidentally. A denial of service attack is a type of security breach to a computer system that does not usually result in the theft of information or other security loss.

HACK FACEBOOK

Posted by Ganesh Murugaraju

TRICK TO HACK FACEBOOK

Facebook has evolved into one of the hottest social networking website in the world. Here is a simple tutorial that you can use to hack your friend's facebook password. Here i'm writting on hacking Facebbok password using Facebook Phisher.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.



Hacking Facebook password:

Phishing is the most commonly used method to hack Facebook. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites likeYahoo , Gmail, MySpace etc. The victim is fooled to believe the fake facebook page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her facebook login details are stolen away. I recommend the use of Phishing to hack facebook account since it is the easiest one.

How to Hack :

1. First of all create a Facebook Phisher or Orkut Phisher

2. The Phishing page should contain:
  • Index.html
  • write.php
3. Upload both files to any of these free webhost sites:

4. Now, send this phisher link (index.html link) to your victim and make him login to his Facebook account using your sent Phisher.

5. Once he logs in to his Facebook account using Phisher, all his typed Facebook id and password is stored in "passes.txt". This file is created in your webhost control panel as shown.





Then.. the account is urs.. Njoy Hacking..

For Phishing Tool Kit & Phishers of Any Website @ low price
Contact me -
Hell's doors are always open @ :
virusoverload@gmail.com