Tag: Firefox

Proxmate- Browser plugins for Proxy Surfing to sites closed to certain countries

A neat technical innovation Proxmate is a browser plugin with a Chrome and Firefox version. It allows non US internet citizens to go to US sites , including Google’s Play Store, Spotify, Turntable and others

It is very professionally designed and now being used quite a lot.

Great Work by Dave Mohl at http://proxmate.dave.cx/

I wish the same principle could be applied to create a fork of Chromium /Firefox to mash up with the Tor do not track privacy software. Or if a fork is too much work- even a plugin 🙂

proxmate

Continue reading “Proxmate- Browser plugins for Proxy Surfing to sites closed to certain countries”

How to learn Hacking Part 2

Now that you have read the basics here at http://www.decisionstats.com/how-to-learn-to-be-a-hacker-easily/ (please do read this before reading the below)

 

Here is a list of tutorials that you should study (in order of ease)

1) LEARN BASICS – enough to get you a job maybe if that’s all you wanted.

http://www.offensive-security.com/metasploit-unleashed/Main_Page

2) READ SOME MORE-

Lena’s Reverse Engineering Tutorial-“Use Google.com  for finding the Tutorial

Lena’s Reverse Engineering tutorial. It includes 36 parts of individual cracking techniques and will teach you the basics of protection bypassing

01. Olly + assembler + patching a basic reverseme
02. Keyfiling the reverseme + assembler
03. Basic nag removal + header problems
04. Basic + aesthetic patching
05. Comparing on changes in cond jumps, animate over/in, breakpoints
06. “The plain stupid patching method”, searching for textstrings
07. Intermediate level patching, Kanal in PEiD
08. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor
09. Explaining the Visual Basic concept, introduction to SmartCheck and configuration
10. Continued reversing techniques in VB, use of decompilers and a basic anti-anti-trick
11. Intermediate patching using Olly’s “pane window”
12. Guiding a program by multiple patching.
13. The use of API’s in software, avoiding doublechecking tricks
14. More difficult schemes and an introduction to inline patching
15. How to study behaviour in the code, continued inlining using a pointer
16. Reversing using resources
17. Insights and practice in basic (self)keygenning
18. Diversion code, encryption/decryption, selfmodifying code and polymorphism
19. Debugger detected and anti-anti-techniques
20. Packers and protectors : an introduction
21. Imports rebuilding
22. API Redirection
23. Stolen bytes
24. Patching at runtime using loaders from lena151 original
25. Continued patching at runtime & unpacking armadillo standard protection
26. Machine specific loaders, unpacking & debugging armadillo
27. tElock + advanced patching
28. Bypassing & killing server checks
29. Killing & inlining a more difficult server check
30. SFX, Run Trace & more advanced string searching
31. Delphi in Olly & DeDe
32. Author tricks, HIEW & approaches in inline patching
33. The FPU, integrity checks & loader versus patcher
34. Reversing techniques in packed software & a S&R loader for ASProtect
35. Inlining inside polymorphic code
36. Keygenning

If you want more free training – hang around this website

http://www.owasp.org/index.php/Cheat_Sheets

OWASP Cheat Sheet Series

Draft OWASP Cheat Sheets

3) SPEND SOME MONEY on TRAINING

http://www.corelan-training.com/index.php/training/corelan-live/

Course overview

Module 1 – The x86 environment

  • System Architecture
  • Windows Memory Management
  • Registers
  • Introduction to Assembly
  • The stack

Module 2 – The exploit developer environment

  • Setting up the exploit developer lab
  • Using debuggers and debugger plugins to gather primitives

Module 3 – Saved Return Pointer Overwrite

  • Functions
  • Saved return pointer overwrites
  • Stack cookies

Module 4 – Abusing Structured Exception Handlers

  • Abusing exception handler overwrites
  • Bypassing Safeseh

Module 5 – Pointer smashing

  • Function pointers
  • Data/object pointers
  • vtable/virtual functions

Module 6 – Off-by-one and integer overflows

  • Off-by-one
  • Integer overflows

Module 7 – Limited buffers

  • Limited buffers, shellcode splitting

Module 8 – Reliability++ & reusability++

  • Finding and avoiding bad characters
  • Creative ways to deal with character set limitations

Module 9 – Fun with Unicode

  • Exploiting Unicode based overflows
  • Writing venetian alignment code
  • Creating and Using venetian shellcode

Module 10 – Heap Spraying Fundamentals

  • Heap Management and behaviour
  • Heap Spraying for Internet Explorer 6 and 7

Module 11 – Egg Hunters

  • Using and tweaking Egg hunters
  • Custom egghunters
  • Using Omelet egghunters
  • Egghunters in a WoW64 environment

Module 12 – Shellcoding

  • Building custom shellcode from scratch
  • Understanding existing shellcode
  • Writing portable shellcode
  • Bypassing Antivirus

Module 13 – Metasploit Exploit Modules

  • Writing exploits for the Metasploit Framework
  • Porting exploits to the Metasploit Framework

Module 14 – ASLR

  • Bypassing ASLR

Module 15 – W^X

  • Bypassing NX/DEP
  • Return Oriented Programming / Code Reuse (ROP) )

Module 16 – Advanced Heap Spraying

  • Heap Feng Shui & heaplib
  • Precise heap spraying in modern browsers (IE8 & IE9, Firefox 13)

Module 17 – Use After Free

  • Exploiting Use-After-Free conditions

Module 18 – Windows 8

  • Windows 8 Memory Protections and Bypass
TRAINING SCHEDULES AT

ALSO GET CERTIFIED http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ ($950 cost)

the syllabus is here at

http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf

4) HANG AROUND OTHER HACKERS

At http://attrition.org/attrition/

or The Noir  Hat Conferences-

http://blackhat.com/html/bh-us-12/training/bh-us-12-training_complete.html

or read this website

http://software-security.sans.org/developer-how-to/

5) GET A DEGREE

Yes it is possible

 

See http://web.jhu.edu/jhuisi/

The Johns Hopkins University Information Security Institute (JHUISI) is the University’s focal point for research and education in information security, assurance and privacy.

Scholarship Information

 

The Information Security Institute is now accepting applications for the Department of Defense’s Information Assurance Scholarship Program (IASP).  This scholarship includes full tuition, a living stipend, books and health insurance. In return each student recipient must work for a DoD agency at a competitive salary for six months for every semester funded. The scholarship is open to American citizens only.

http://web.jhu.edu/jhuisi/mssi/index.html

MASTER OF SCIENCE IN SECURITY INFORMATICS PROGRAM

The flagship educational experience offered by Johns Hopkins University in the area of information security and assurance is represented by the Master of Science in Security Informatics degree.  Over thirty courses are available in support of this unique and innovative graduate program.

———————————————————–

Disclaimer- I havent done any of these things- This is just a curated list from Quora  so I am open to feedback.

You use this at your own risk of conscience ,local legal jurisdictions and your own legal liability.

 

 

 

 

 

 

April Fool's Day- Catblock!

Since Anonymous didnt disrupt the internet on April Fools Day by overloading the DNS Servers! , the best April Fool’s day imho goes to Adblock- that  nifty extension that allows you to block ads.

Well for today- it replaced ads with funny cats- and you can even buy the cats for ads extension  permanently. That’s right cats take over the Internet!

Only 2% of Chrome and Firefox users block ads! so what are you waiting for- this is how the NYTimes looks for me!!

 

Replace ads with cats-

for chrome here-

https://chrome.google.com/webstore/detail/gighmmpiobklfepjocnamgkkbiglidom

for firefox here-

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

read more on catblock here-

http://adblockforchrome.blogspot.in/2012/03/inturdusing-catblock.html

but if you want to buy catblock—

see this

https://chromeadblock.com/pay/?source=catblock

 

Does the Internet need its own version of credit bureaus

Data Miners love data. The more data they have the better model they can build. Consumers do not love data so much and find sharing data generally a cumbersome task. They need to be incentivize for filling out survey forms , and for signing to loyalty programs. Lawyers, and privacy advocates love to use examples of improper data collection and usage as the harbinger of an ominous scenario. George Orwell’s 1984 never “mentioned” anything about Big Brother trying to sell you one more loan, credit card or product.

Data generated by customers is now growing without their needing to fill out forms and surveys. This data is about their preferences , tastes and choices and is growing in size and depth because it is generated from social media channels on the Internet.It is this data that can be and is captured by social media analytics.

Mobile data is also growing, including usage of location based applications and usage of Internet from the mobile phone is leading to further increases in data about consumers.Increasingly , location based applications help to provide a much more relevant context to the data generated. Just mobile data is expected to grow to 15 exabytes by 2015.

People want to have more and more conversations online publicly , share pictures , activity and interact with a large number of people whom  they have never met. But resent that information being used or abused without their knowledge.

Also the Internet is increasingly being consolidated into a few players like Microsoft, Amazon, Google  and Facebook, who are unable to agree on agreements to share that data between themselves. Interestingly you can use Yahoo as a data middleman between Google and Facebook.

At the same time, more and more purchases are being done online by customers and Internet advertising has grown much above the rate of growth of other mediums of communication.
Internet retail sales have the advantage that better demand predictability can lead to lower inventories as retailers need not stock up displays to look good. An Amazon warehouse need not keep material to simply stock up it shelves like a K-Mart does.

Our Hypothesis – An Analogy with how Financial Data Marketing is managed offline

  1. Financial information regarding spending and saving is much more sensitive yet the presence of credit bureaus alleviates these concerns.
  2. Credit bureaus collect information from all sources, aggregate and anonymize the individual components accordingly.They use SSN as a unique identifier.
  3. The Internet has a unique number too , called the Internet Protocol Address (I.P) 
  4. Should there be a unique identifier like Internet Security Number for the Internet to ensure adequate balance between the need for privacy as well as the need for appropriate targeting? 

After all, no one complains about privacy intrusions if their credit bureau data is aggregated , rolled up, and anonymized and turned into a propensity model for sending them direct mailers.

Advertising using Social Media and Internet

https://www.facebook.com/about/ads/#stories

1. A business creates an ad
Let’s say a gym opens in your neighborhood. The owner creates an ad to get people to come in for a free workout.
2. Facebook gets paid to deliver the ad
The owner sends the ad to Facebook and describes who should see it: people who live nearby and like running.
The right people see the ad
3. Facebook only shows you the ad if you live in town and like to run. That’s how advertisers reach you without knowing who you are.

Adding in credit bureau data and legislative regulation for anonymizing  and handling privacy data can expand the internet selling market, which is much more efficient from a supply chain perspective than the offline display and shop models.

Privacy Regulations on Marketing using Internet data
Should laws on opt out and do not mail, do not call, lists be extended to do not show ads , do not collect information on social media. In the offline world, you can choose to be part of direct marketing or opt out of direct marketing by enrolling yourself in various do not solicit lists. On the internet the only option from advertisements is to use the Adblock plugin if you are Google Chrome or Firefox browser user. Even Facebook gives you many more ads than you need to see.

One reason for so many ads on the Internet is lack of central anonymize data repositories for giving high quality data to these marketing companies.Software that can be used for social media analytics is already available off the shelf.

The growth of the Internet has helped carved out a big industry for Internet web analytics so it is a matter of time before social media analytics becomes a multi billion dollar business as well. What new developments would be unleashed in this brave new world is just a matter of time, and of course of the social media data!

Chrome Extension- MafiaaFire

The chrome extension MafiaaWire basically gives you an updated list of redirected websites. So the next time , your evil highness shuts down your favorite website- the list promises to give you an update.  While obviously entertainment intellectual property is a very obvious site category for such redirects, in some cases these extensions can be used for simple things like hosting dissents or protesters against govt corruption in non US countries .

Basically under the new SOPA act (an oline version of pepper spray http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act) even browsers like Firefox and Chrome would be liable for any such extension that can be used to download American Intellectual property illegally.

In the meantime – this is an interesting and creative use case of technology and sociology merging in the brave new world.

You can read about it here-

http://en.wikipedia.org/wiki/MAFIAAFire_Redirector

MAFIAAFire works by downloading a list which contains the names of the “blocked” sites as well as the sites to redirect to. This list is downloaded every time Firefox starts up or every two days on the Chrome version (although the user has the choice to force an update on the Chrome version instead of waiting for two days).

When a user types in a domain name from the list of blocked domains, the add-on recognizes this and automatically redirects the user to the secondary site. Since this happens before the browser connects to the DNS server, this renders any DNS blocks useless.

Although the add-on checks for which sites are entered into the address bar every time (as it needs to check if that site is on its block list), it does not log these requests nor send these requests to any central server. In other words: it does not track the user.

or

Download it from

https://chrome.google.com/webstore/detail/hnifiobpjihmmjgiokkaalgomddebhng

Interesting times indeed!

Related-

Encryption

http://poemsforkush.wordpress.com/2011/12/17/encryption/

 

How to surf anonymously on the mobile- Use Orbot

This is an interesting use case of anonymous surfing through mobile by using Tor Project on the Android Mobile OS.

Source- https://guardianproject.info/apps/orbot/
 

Orbot requires different configuration depending on the Android operating system version it is used on.

For standard Android 1.x devices (G1, MyTouch3G, Hero, Droid Eris, Cliq, Moment)

  • WEB BROWSING: You can use the Orweb Privacy Browser which we offer, which only works via Orbot and Tor.
  • For Instant Messsaging, please try Gibberbot which provides integrated, optional support for Orbot and Tor.

For Android 2.x devices: Droid, Nexus, Evo, Galaxy

  • WEB BROWSING: Non-rooted devices should use Firefox for Android with our ProxyMob Add-On to browse via the Tor network. Rooted devices can take advantage of transparent proxying (see below) and do not need an additional app installed.
  • Transparent Proxying: You must root your device in order for Orbot to work transparently for all web and DNS traffic. If you root your device, whether it is 1.x or 2.x based, Orbot will automatically, transparently proxy all web traffic on port 80 and 443 and all DNS requests. This includes the built-in Browser, Gmail, YouTube, Maps and any other application that uses standard web traffic.
  • For Instant Messsaging, please try Gibberbot which provides integrated, optional support for Orbot and Tor.

Developers

Chrome

If you are new to using Chrome, there are many delightful features just beneath the surface.

If you are an Internet Explorer or Firefox or Safari or Arora or Opera or Sea Monkey browser user- this is one more reason to test, just test Chrome.

Ok so who Made chrome- (note the link i.e about:credits is what you type in chrome to see features)

about:credits

Credits

David M. Gay’s floating point routines
dynamic annotations
Netscape Portable Runtime (NSPR)
Network Security Services (NSS)
purify headers
google-glog’s symbolization library
valgrind
xdg-mime
xdg-user-dirs
google-jstemplateshow licensehomepage
Launchpad Translationsshow licensehomepage
Mozilla Personal Security Managershow licensehomepage
Google Toolbox for Macshow licensehomepage
ActiveX Scripting SDKshow licensehomepage
Almost Native Graphics Layer Engineshow licensehomepage
Apple sample codeshow licensehomepage
Google Cache Invalidation APIshow licensehomepage
Compact Language Detectionshow licensehomepage
OpenGL ES 2.0 Programming Guideshow licensehomepage
OpenGL ES 2.0 Conformance Testsshow licensehomepage
hunspell dictionariesshow licensehomepage
IAccessible2 COM interfaces for accessibilityshow licensehomepage
Chinese and Japanese Word Listshow licensehomepage
ISimpleDOM COM interfaces for accessibilityshow licensehomepage
modp base64 decodershow licensehomepage
NSBezierPath additions from Sean Patrick O’Brienshow licensehomepage
Cocoa extension code from Caminoshow licensehomepage
OTS (OpenType Sanitizer)show licensehomepage
Google Safe Browsingshow licensehomepage
XUL Runner SDKshow licensehomepage
and of course
so thats who made chrome.
  • Will Google be able to monetize Chrome the way it has monetized Android (Atleast by locking in both search,computing and browsing platforms)? I like the Adblock extension- and I would be happy to see more paid extensions. or even two versions one free and other freer (in choice) browsers for ads /security etc. maybe even a premium paid browser which has tor embedded in it , adblock enabled in it, and encrypted chat (like Waste Again) as an extension…. Hmm Hmm Hmm There is a SOCIAL version of Chromium called Rockmelt used ironically by Google Social Nemesis -Facebook (see http://blogs.ft.com/fttechhub/2011/06/facebook-partners-with-rockmelt-on-building-a-social-web-browser/)
  • Will Google share more revenue with open source contributors and thus create a new path in open source revenue generation just like it did with online advertising as an industry? Hmm Hmm Hmm. or Will Facebook continue to lead the way with extensions and applications (which did predate the mobile app place- so thats one innovation u gotta give to Zuk’s boys 😉
Back to Chrome-
To change settings- chrome://settings/browser
but to check what Autofill Data is stored within chrome (thats your credit card and your web form information)
chrome://settings/autofill and chrome://settings/content has all your content settings
Well Chrome is very very secure, or as secure as a browser can be in 2011.
You can set up Google Sync to keep all your data in the cloud, and it has an application specific password as well.
So hopefully you will have much more fun enjoying hacking Chromium 😉
See these