ANTI FORENSICS ~ Tool

DIGITAL ANTI FORENSICS

Digital Anti Forensics

Install truecrypt

This script is used to install Truecrypt, software that is used to create encrypted files using various encryption ciphers. It contains features such as hidden partitions inside the encyption file, as well as the ability to use files and text passwords as keys to the encryption file.

Download here

Digital Forensics

hexedit

hexedit is a program that gives the user the ability to view a file in hexadecimal and ASCII view. It offers the ability to read a device as a file. It includes build in key shortcuts to make it fast and easy to edit and analyze file, including skipping to specific memory locations, cutting and pasting, changing views, modes, and syntaxes similar to that of emacs.

Example usage: hexedit [filename]

Download here

Read more

Installing Backtrack In An Android Device

Install Backtrack In Tablets

We going to show you the easiest way to install backtrack on an android device. For this tutorial you need:

• Rooted android device

• Linux installer (Can be found on Google play)

• Zarchiver (Can be found on Google play)

• Busybox (Can be found on Google play)

• Android-VNC (Can be found on Google play)

• Terminal  Emulator (Can be found on Google play)

All of the programs mentioned above are free. Ok, now let's start, The first thing you need to do is install Busybox from Google play: Install it, then open it when it's done, it will install some more things. When it's done, install Linux Installer from Google Play:

Open Linux installer, then click on Install Guides from the list on your right hand side:

When you click that, you'll see a list of Linux distros, click on Backtrack and you will see a screen with steps on how to install it. Now click on the second page of those steps, you will get a page that looks like this: Just click on "Download Image", and let it finish downloading. While it's downloading, open Google play and install Terminal Emulator, and Zarchiver.

Terminal Emulator:

Zarchiver:

When it finishes downloading, open Zarchiver, and look for the ZIP file that you downloaded, and extraxt the image into a root folder called "backtrack", extract the image into an external memory card not the internal one. Once it's done, open Linux Installer again, and click on launch, you'll get a screen that looks like this:

If it didn't recognize any distro, click on Setting > Edit then change the file path there to your backtrack image, the .img file that you extracted. When it finally say "backtrack" on the drop down list, click "Start Linux"  Terminal Emulator will open, you just have to proceed with the installation steps, ask you for a new password, and some preferences. When it's done you will get a red "root@localhost~#" like the picture bellow: You are now in backtrack! Now if you want backtrack in GUI, open Google play, and install Android VNC:

Open It when it finishes installing, and it will look like this:

Set to the same settings in the picture, but not the IP address, you can get your IP by opening backtrack terminal, in terminal emulator, and running "ifconfig" command: Settings for VNC are, Username: backtrack Password: backtrack IP: from the "ifconfig" command or just put 127.0.0.1  Color Format: 24-bit Now click connect, and boom! You'r in backtrack Desktop! ;)

When you finish using it, remember to disconnect VNC  AND exit backtrack in Terminal Emulator, else it will be taking your battery in the background. And note that Ubuntu can be installed in the same exact way, just the username and password for VNC will change.

Read more

Netcat - Banner Grabbing

Banner Grabbing Using netcat!

To gather more information about a service running on a system’s open port we are going to use a known technique, known as banner grabbing and netcat network tool.

 nc -nvv x.x.x.x 80

-n        Suppress name/port resolutions
-v        Verbose

You will get an answer like this:

Connection to 85.25.132.39 80 port [tcp/*] succeeded!

if the connection was established.

Then type the following command:

HEAD / HTTP/1.0

To get the http headers:

HTTP/1.1 200 OK
Date: …..
Server: …..
Last-Modified: …..
ETag: ……
Accept-Ranges: bytes
Content-Length: ….
Vary: Accept-Encoding
Content-Type: text/html
Connection: close

Read more

BTGuard To Anonymize Bittorrent Traffic

Use BTGuard To Anonymize Bittorrent Traffic

If you're using BitTorrent without taking special measures to hide your activity, it's just a matter of time before your ISP throttles your connection, sends you an ominous letter, or worst case, your ISP gets a subpoena from a lawyer asking for your identity for a file-sharing law suit. Here's how to set up a simple proxy to keep your torrenting safe and anonymous. 

Note, you don't need to be doing anything illegal. Maybe you just want to keep Big Brother out of your business and from throttling your connection. Either way, if you really want to keep your activity private, your best bet involves routing your BitTorrent connection through an external service. BTGuard is a dead simple BT-focused proxy server and encryption service, and it's my service of choice. Below, I'll explain what it does, how it works, and how to set it up to privatize and anonymous your BT traffic.

How BTGuard Works

When you download or seed a torrent, you're connecting to a bunch of other people, called a swarm, all of whom—in order to share files—can see your computer's IP address. That's all very handy when you're sharing files with other netizens, but file sharers such as yourself aren't necessarily the only people paying attention. Piracy monitoring groups (often paid for by the entertainment industry either before or after they find violators) also join BitTorrent swarms, but instead of sharing files, they're logging the IP addresses of other people in the swarm—including you—so that they can notify your ISP of your doings.A proxy(like BTGuard) funnels your internet traffic—in this case, just your BitTorrent traffic—through another server, so that the BitTorrent swarm will show an IP address from a server that can't be traced back to you instead of the address that points to your house. That way, those anti-piracy groups can't contact your ISP, and your ISP has no cause to send you a harrowing letter.

But wait, can't the piracy groups then go to the anonymizer service (BTGuard) and requisition their logs to figure out that you're the one downloading the new Harry Potter? Theoretically, yes, but the reason why we chose BTGuard is because they don't keep logs, so there's no paper trail of activity leading back to you. All the piracy monitors see is BTGuard sharing a file, and all your ISP sees is you connecting to BTGuard—but not what data you're downloading, because it's encrypted.If you subscribe to an ISP that throttles BitTorrent traffic, and aren't using an anonymizer service, you have an additional problem. Your ISP can still see what you're doing, and if they detect that you're using BitTorrent—even if you're using it for perfectly legal purposes—they'll throttle your connection so you get unbearably slow speeds. When you encrypt your BitTorrent traffic, your ISP can't see what you're using your connection for. They'll see that you're downloading lots of information, but they won't be able to see that it's BitTorrent traffic, and thus won't throttle your connection. You still have to be careful of going over your ISP's bandwidth cap, however, if that exists.BTGuard offers you both a proxy (to combat spying) and encryption (to combat throttling)—though many torrent clients have encryption built-in as well.First, BTGuard isn't free. At $7/month (as little as $5 if you pay for a year in advance), it isn't very expensive, and we think it's well worth it if you want to torrent anonymously. A law suitsettlement, if it comes to that, will cost you at least a couple thousand dollars, which equals a couple decades of BTGuard subscriptions, so keep that in mind, too. The other potential downside is that piping your downloads through another service may decrease your upload and download speeds. How much depends on what torrent you're downloading, who from, and a lot of other factors, but just know that it's a possibility. In my experience, more popular torrents stayed at their top speed of 1.4 MB/s (my bandwidth cap) with a proxy, while other less popular torrents (which flew at 1.4MB/s without a proxy) would fluctuate around 200 or 300 kB/s with BTGuard in place. Again, though, a little longer wait on downloads is well worth the protection you get.Lastly, proxies aren't supported by every client, which means you'll have to use one with more advanced features. uTorrent (for Windows) and Vuze (for Windows, Mac, and Linux) both support proxies, but sadly Mac and Linux favorite Transmission does not. (If you're absolutely stuck with a client that doesn't support proxies, check the end of this article for some alternative solutions to the anonymity problem.)


How to Set Up BTGuard

BTGuard has a one-click install process, but we're going to show you how to do it the manual way, since it works in any BitTorrent client that supports SOCKS5 Proxy—not just the ones supported by BTGuard's installer. It'll also give you a better sense of what exactly BTGuard does, so if you run into problems, you'll have a better idea of how to fix it.

Step One: Sign Up for BTGuard

First, sign up for an account over at BTGuard.com. It'll just take a minute, and then you can get to configuring your client. Their BitTorrent proxy service costs $6.95 a month, but you can get discounts by buying multiple months at a time (up to a year's service for $59.95). Once you're done, you should receive an email telling you that BTGuard is ready to go.

Step Two: Configure Your Client

Next, open up your torrent client of choice and find the proxy settings within its preferences. In uTorrent, for example, this is under Preferences > Connection. Your client may have them in a different place (Google around to find out where), but no matter your client, your settings should look like this:

• Proxy Type: Socks v5
• Proxy Host: proxy.btguard.com
• Proxy Port: 1025
• Username: Your BTGuard username
• Password: Your BTGuard password

You'll also want to make sure you're using the proxy for hostname or tracker lookups as well as peer-to-peer connections, so check all boxes that say anything like that. You'll also want to disable connections or features that could compromise the proxy, so check all the boxes under uTorrent's "Proxy Privacy" section, or anything similar that your client may have. Hit Apply, exit the preferences, and restart your client. Your proxy should now be active.

Step Three: See If It's Working

To ensure that it's working, head over to CheckMyTorrentIP.com. This site can tell you what your IP address is, and compare it to the IP address of your torrent client, which will let you know whether your proxy is working correctly. To test it, hit the "Generate Torrent" button, and open the resulting torrent in your client. Then, go back to your browser and hit the Refresh button under the "Check IP" tab. If it's the same as your browser IP—which you'll see next to the Refresh button—then your proxy isn't working, and you'll want to double-check all of the above settings. If it shows a different IP address (often from another country like Germany or Canada), then BTGuard is successfully tunneling all your traffic for you.

Step Four (Optional): Enable Encryption

If you want extra security (or if you're trying to protect your connection from being throttled), you'll also want to encrypt all that traffic. Many clients have this feature built-in. In uTorrent, for example, just head to Preferences > BitTorrent and look for the "Protocol Encryption" section. Change your outgoing connection to Forced encryption, and uncheck the "Allow incoming legacy connections" box. From there, you should be good—your ISP shouldn't throttle your connection after this is enabled.

If your client doesn't support encryption, or you want a more powerful encryption behind your torrenting, BTGuard offers an encryption service as well. Just head to their Encryption page,download the software, and install it to C:\BTGUARD (this is very important; don't change the installation directory). Then, start the BTGuard Encryption program (accessible from the Start menu), and open up your BitTorrent client. Change your proxy server from proxy.btguard.com to 127.0.0.1, restart your client, and you're golden. Again, this isn't necessary if your client already supports encryption, but it is an extra layer of protection if you really want to keep everything private.

BitTorrent isn't the safe place it once was, and if you're going to use it to share and download files, we highly recommend getting some sort of protection from the services above so you can avoid DCMA notices and throttled speeds.

Read more

Hide exe into Image

Hide exe Files into Image

This is a good trick to hide your exe files into a jpg file..!
How about sending a trojan or a keylogger into your victim using this trick..?  Here this Hiding exe in image id called Binding.

This can be done using software and also manully via Dos.So ,here we are going to do this using Dos.

Do the following steps as explained:

1) Firstly, create a new folder and make sure that the options 'show hidden files and folders' is checked and ‘hide extensions for known file types’ is unchecked.Basically what you need is to see hidden files and see the extension of all your files on your pc.

2) Paste a copy of your server on the new created folder. let's say it's called 'server.exe' (that's why you need the extension of files showing, cause you need to see it to change it )

3) Now you’re going to rename this 'server.exe' to whatever you want, let’s say for example 'picture.jpeg'

4) Windows is going to warn you if you really want to change this extension from exe to jpeg, click YES.

5) Now create a shortcut of this 'picture.jpeg' in the same folder.

6) Now that you have a shortcut, rename it to whatever you want, for example, 'me.jpeg'.

7) Go to properties (on file me.jpeg) and now you need to do some changes there.

8) First of all delete all the text on field 'Start In' and leave it empty.

9) Then on field 'Target' you need to write the path to open the other file (the server renamed 'picture.jpeg') so you have to write this :- 'C:\WINDOWS\system32\cmd.exe /c picture.jpeg'  .Hope every CHC(Chennai Hackers Connect) member understanding it.

10) The last field, 'c picture.jpeg' is always the name of the first file. If you called the first file 'soccer.avi' you gotta write 'C:\WINDOWS\system32\cmd.exe /c soccer.avi'.

11) So what you’re doing is when someone clicks on 'me.jpeg', a cmd will execute the other file 'picture.jpeg' and the server will run.

12) On that file 'me.jpeg' (shortcut), go to properties and you have an option to change the icon. Click that and a new window will pop up and you have to write this :- %SystemRoot%\system32\SHELL32.dll . Then press OK.

13) You can set the properties 'Hidden' for the first file 'picture.jpeg' if you think it’s better to get a connection from someone.

14) But don’t forget one thing, these 2 files must always be together in the same folder and to get connected to someone they must click on the shortcut created not on the first file. So rename the files to whatever you want considering the person and the knowledge they have on this matter.

15) For me for example I always want the shortcut showing first so can be the first file to be opened. So I rename the server to 'picture2.jpeg' and the shortcut to 'picture1.jpeg'.This way the shortcut will show up first. If you set hidden properties to the server 'picture.jpeg' then you don’t have to bother with this detail but I’m warning you, the hidden file will always show up inside of a Zip or a Rar file.

16) So the best way to send these files together to someone is compress them into Zip or Rar.

17) Inside the Rar or Zip file you can see the files properties and even after all this work you can see that the shortcut is recognized like a shortcut but hopefully the person you sent this too doesn’t know that and is going to open it.

Read more

Use internet without browser

Surf on the internet without Browser

Hello CHC(Chennai Hackers Members), now can surf on the internet without any actual browser. Have you ever been find yourself sitting in front of some computer where Internet Explorer or Firefox was blocked and restricted from installing any software? If that PC is running Windows XP,  then there is chance for you to still surf on the Internet. Just follow this:
Open Calculator, Start> Program Files> Accessories> Calculator, or press Windows+R and type ‘calc’ in the run box, click OK. In Calculator, go to Help> Help Topics.Right click on the left hand side of the title bar and click on ‘Jump to URL’. 
Type in the URL and make sure include the ‘http://’ at the beginning.

Basically what you are looking at is Internet Explorer 6 inside a help window, but this version of program isn’t quite smart. This was tested in Windows XP SP2 with Internet Explorer 6 and I’m not sure whether it will works in Internet Explorer 7 installed computer.

Feel free to comment 

Enjoy.

Read more

Preyproject - Trace your LAPTOP

Preyproject- Find Stolen Laptop & Phone

Have you ever faced this situation means have you ever lost your personal digital assistants it could you your Iphone, Laptop and so on. It can be happen with any one and every where is the world, so the question is how to protect and how to get back your stolen Laptop and phone. There are different tools, software's and services available that provides a feature to find your stolen laptop or phone.

What Is PreyProject

According to the official website “Prey lets you keep track of your phone or laptop at all times, and will help you find it if it ever gets lost or stolen. It's lightweight, open source software, and free for anyone to use. And it just works”.

Download here

So you can download the open source tool to protect your Laptop and phone, try to be smart like Martin.

Read more

Net Bios Hacking

  

THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND
 GAINING ACCESS TO IT’S HARD-DISK OR PRINTER.NETBIOS HACK IS THE EASIEST WAY TO
 BREAK INTO A REMOTE COMPUTER.
STEP-BY-STEP NETBIOS HACKING PROCEDURE.


1.Open command prompt

2. In the command prompt use the “net view” command
( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP-TOOLS” SOFTWARE 
BY ENTERING RANGE OF IP ADDRESSS.BY THIS METHOD YOU CAN SCAN 
NUMBER OF COMPUTERS AT A TIME).

Example: C:>net view \59.43.45.212
The above is an example for operation using command prompt.”net view” 
is one of the netbios command to view the shared resources of the remote 
computer.Here “59.43.45.212? is an IP address of remote computer that is to 
be hacked through Netbios.You have to substitute a vlaid IP address in it’s 
place.If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown.If not 
an error message is displayed. So repeat the procedure 2 with a different IP 
address.

3. After succeeding, use the “net use” command in the command prompt.The 
“net use” is another netbios command which makes it possible to hack remote 
drives or printers.

Example-1:
C:>net use D: \59.43.45.212F
Example-2:
C:>net use G: \59.43.45.212SharedDocs
Example-3:
C:>net use I: \59.43.45.212Myprint

NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are 
to be created on your computer to access remote computer’s hard-disk.

NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES 
INCLUDING HARD-DISK DRIVES,FLOPPY DRIVES AND ROM-DRIVES ON YOUR 
COMPUTER.THAT IS IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE
AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND 
PROMPT

F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that 
you want to hack. “Myprint” is the name of remote computer’s printer. These 
are displayed after giving “net use” command. 59.43.45.212 is the IP address 
of remote computer that you want to hack.

4. After succeeding your computer will give a message that “The command 
completed successfully“. Once you get the above message you are only one 
step away from hacking the computer.[ad code=1 align=center]

Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the
specified name. You can open it and access remote computer’s Hard-Drive. You 
can copy files,music,folders etc. from victim’s hard-drive.You can delete/modify 
data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s 
system.You can access files folders quickly through “Command Prompt”.

NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not 
Succeed In Gaining Access To Remote Computer Through Net bios.That is Net 
bios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed). 
So Repeat The Procedure 2,3 With Different IP Address.

Read more

IP TOOLS for WINDOWS

IP TOOLS - WINDOWS APPLICATION

IP Tools is a windows application. It has 2 features in it.
1) URL to primary IP.
2) DNS Resolver.

Here is an example of a URL to IP address:

All you need to do is input the URL and click "Get IP Address" button

The second feature, which everyone is excited about is the DNS Resolver.
Here is an example of the DNS Resolver:

Click the top arrow and the app gives all the IP Addresses for that domain name. Click the bottom arrow and it gives the host name.

Requirements:

1) .NET Framework 2.0 or higher.

2) Windows XP/Vista/7/8

Download here

Read more

HIDE FILES AND FOLDERS IN LINUX

HIDE YOUR PERSONAL FILES AND FOLDERS IN LINUX

Steps to Hide a File or Folder :

1. Open the drive containing the folder.

2. Select the folder to rename it. or by simply pressing F2 after selecting the folder.



3. Rename the folder by putting a “.” (dot) in front of current name. Press ENTER.



4. The folder is now ready to be hidden.

Viewing the Hidden File or Folder :

Proceed in the following steps to view the folder you have hidden :
1. Navigate to the location of the hidden folder.
2. In the menu bar, click the “View” tab and select to check the box next to “Show Hidden Files”. This can also be done by simply pressing “Ctrl + H”.



Your hidden folder appears to you, enabling you to access it right away. This of-course doesn’t change the hidden property of the folder. Re-hiding the folder involves just clicking on the “View” tab once more and un-checking the box next to “Show Hidden Files” or pressing “Ctrl + H” once again.

Un-hiding the File or Folder :

Un-hiding a hidden file or folder in Linux is a much simpler task. The process is described below :
1. Follow the steps to view the hidden folder as mentioned above.
2. After the folder can be viewed, select to rename it once again.
3. Just remove the “.” (dot) you had placed at the beginning of the name of the folder and press ENTER.



The folder has been un-hidden.
Hiding a file or a folder is a basic example of the highest level of security that Linux provides its users with. This, and a lot more makes Linux the “numero uno” operating system for a secure workstation.

Read more