يتم التشغيل بواسطة Blogger.

آخر الحلقات عن الفيسبوك

آخر حلقات الويندوز

الاقسام

آخر الحلقات الحصرية

صوت وصورة

أخبار المشاهير

توقيت المغرب

رياضة عالمية

Main Post

أرشيف المدونة الإلكترونية

آخر الحلقات عن الانترنت

آخر حلقات الحماية من الهاكرز

أقسام

Send Quick Massage

الاسم

بريد إلكتروني *

رسالة *

إشترك بالمدونة

الكتاب الرسميون

الدولي

آخر الحلقات عن منتجات جوجل

المشاركات الشائعة

عن الموقع

my

Visitors

الاثنين، 28 يونيو، 2010

Desktop phishing

TH3 Professional Security

TH3-pro.blogspot.com




















By Mr Raghib Amine



PHISHING : DESKTOP PHISHING
Summary

1- Disclaimer

2 - Phishing ?

3-What is desktop phishing ?

4- How it's work ?

5- What is Hostfile in windows ?

6-Example

7 -How can this attack can be allocatable ?

8- Credit

Disclamer




What is THe Professional security or TH3-pro.blogspot.Com?

TH3-pro.blogspot.Com is definitely not a site that promotes or encourages computer hacking (unethical), but rather it is a Computer Security related website. In fact, Computer Hacking and Computer Security are the two concepts that goes hand-in-hand. They are like the two faces of the same coin. So with the existence of close proximity between Hacking and Security, it is more likely that people often mistake our site to be one that promotes Hacking. But in reality, our goal is to prevent hacking. We believe that unless you know how to hack (ethically), you cannot defend yourself from malicious hack attacks. Know Hacking but No Hacking!

Your usage of this website constitutes your agreement to the following terms.
1. All the information provided on this site are for educational purposes only. The site is no way responsible for any misuse of the information.

2. “ TH3 professional security” is just a term that represents the name of the site and is not a site that provides any illegal information. TH3-pro.blogspot.Com is a site related to Computer Security and not a site that promotes hacking/cracking/software piracy.

3. This site is totally meant for providing information on “Computer Security” “Computer Programming” and other related topics and is no way related towards the terms “CRACKING” or “HACKING” (Unethical).

4. Few articles (posts) on this site may contain the information related to “Hacking Passwords” or “Hacking Email Accounts” (Or Similar terms). These are not the GUIDES of Hacking. They only provide information about the legal ways of retrieving the passwords. You shall not misuse the information to gain unauthorised access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.

5. The virus creation section on this site provides demonstration on coding simple viruses using high level programming languages. These viruses are simple ones and cause no serious damage to the computer. However we strongly insist that these information shall only be used to expand programming knowledge and not for causing malicious attacks.

6. All the information on this site are meant for developing Hacker Defense attitude among the users and help preventing the hack attacks. Gohacking.Com insists that these information shall not be used for causing any kind of damage directly or indirectly. However you may try these codes on your own computer at your own risk.

7. The word “Hack” or “Hacking” that is used on this site shall be regarded as “Ethical Hack” or “Ethical Hacking” respectively.

8. We believe only in White Hat Hacking. On the other hand we condemn Black Hat Hacking.

8. Most of the information provided on this site are simple computer tricks (may be called by the name hacks) and are no way related to the term hacking.

9. Some of the tricks provided by us may no longer work due to fixture in the bugs that enabled the exploits. We are not responsible for any direct or indirect damage caused due to the usage of the hacks provided on this site.

10. The site holds no reponsiblity for the contents found in user comments and forum since we do not monitor them. However we may remove any sensitive information present in the user comments or on the forum upon request.

11. We reserve the right to modify the Disclaimer at any time without notice.
This documentation is joined with a video you can found it in youtube channel youtube/oxiiiiid or our tv
TH3.blip.tv
2 What Is Phishing ?

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often
directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users,[2] and exploits the poor usability of current web security technologies.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing,[4] probably influenced by phreaking,[5][6] and alludes to baits used to "catch" financial information and passwords. Wikipidia


1) what is desktop phishing ?


Salamo Alaykoum . Desktop Phishing is one more method of Phishing useful to hack email account passwords. Not only email passwords, but you can hack any account password of site you want. Attacker has to send phisher to victim to his in box and you have to wait for victim to login with out sent Phisher.

But, in Desktop Phishing, you only have to send the Phisher Arm (If it's phisher in phishing, we call it phisher arm in Desktop Phishing). You have to run server on your computer and save fake page of the website you wanna hack password, in directory of this server.

2) how it's work ?


Like you see in diagram pic in desktop phishing the victim are not directly linked to the fake page but is redirected to the fake page by using something called hostfile in windows

3)What is Hostfile in windows ?












The hosts file is a computer file used in an operating system to map hostnames to IP addresses. This method is one of several system facilities to address network nodes on a computer network. On some operating systems, the host file content is used preferentially over other methods, such as the Domain Name System (DNS), but many systems implement name service switches to provide customization. Unlike DNS, the hosts file is under the control of the local computer's administrator (wiki)

the attacker with some way like we will see in this tutorial can change the host file by changing or adding a wrong Dns value DNS linked to a web site by an other related to the fake page

4)How ? (example)

take of Example that the Ip address of www.paypal.com is 88.55.266.4
and the attacker has a server with a fake page of paypal uploaded in and the ip address of server is 255.56.77.89 so the attacker will add

www.paypal.com 255.56.77.89

then the victim when he will put http://www.paypal.com the address bar normally the browser will look for the ip address of this by looking first in hostfile in windows will not redirect to 88.55.266.4 but it will redirect to the attacker server 255.56.77.89
more than that the address will not change I mean that www.paypal.com it will stay and it will not change also the victim will not pay attention that he is on a fake website or a page
From here you will understand the danger of hostfile in windows

5) How can this attack can be allocatable ?

Simply you can use a large script that can aplicate this attack for me or like you see in video I use a fake program that I prompte to user to click to see the webcam of camera by clicking the program will put some fake ip address related to some fake servers that I have

VB script Code:



Open "c:\windows\system32\drivers\etc\hosts" For Output As #1

Print #1, "127.0.0.1 localhost"

Print #1, "127.0.0.1 th3-pro.blogspot.com"

Close #1


TH3- END

Credit

TH3 professional security TM
copyright 2010©

Raghib Amine
BlOG : TH3-pro.blogspot.com
YOUTBE : Youtube.com/oxiiiiid
FACEBOOK:facebook.com/TH3.prof
TV: TH3.blip.TV






Download documentation from
http://www.ziddu.com/download/10481575/dekstopphishing.doc.html


see or video also in

from

http://blip.tv/file/3812654


التصنيفات


Desktop phishing

بواسطة : مدونة المحترف 9:09 ص
TH3 Professional Security

TH3-pro.blogspot.com




















By Mr Raghib Amine



PHISHING : DESKTOP PHISHING
Summary

1- Disclaimer

2 - Phishing ?

3-What is desktop phishing ?

4- How it's work ?

5- What is Hostfile in windows ?

6-Example

7 -How can this attack can be allocatable ?

8- Credit

Disclamer




What is THe Professional security or TH3-pro.blogspot.Com?

TH3-pro.blogspot.Com is definitely not a site that promotes or encourages computer hacking (unethical), but rather it is a Computer Security related website. In fact, Computer Hacking and Computer Security are the two concepts that goes hand-in-hand. They are like the two faces of the same coin. So with the existence of close proximity between Hacking and Security, it is more likely that people often mistake our site to be one that promotes Hacking. But in reality, our goal is to prevent hacking. We believe that unless you know how to hack (ethically), you cannot defend yourself from malicious hack attacks. Know Hacking but No Hacking!

Your usage of this website constitutes your agreement to the following terms.
1. All the information provided on this site are for educational purposes only. The site is no way responsible for any misuse of the information.

2. “ TH3 professional security” is just a term that represents the name of the site and is not a site that provides any illegal information. TH3-pro.blogspot.Com is a site related to Computer Security and not a site that promotes hacking/cracking/software piracy.

3. This site is totally meant for providing information on “Computer Security” “Computer Programming” and other related topics and is no way related towards the terms “CRACKING” or “HACKING” (Unethical).

4. Few articles (posts) on this site may contain the information related to “Hacking Passwords” or “Hacking Email Accounts” (Or Similar terms). These are not the GUIDES of Hacking. They only provide information about the legal ways of retrieving the passwords. You shall not misuse the information to gain unauthorised access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.

5. The virus creation section on this site provides demonstration on coding simple viruses using high level programming languages. These viruses are simple ones and cause no serious damage to the computer. However we strongly insist that these information shall only be used to expand programming knowledge and not for causing malicious attacks.

6. All the information on this site are meant for developing Hacker Defense attitude among the users and help preventing the hack attacks. Gohacking.Com insists that these information shall not be used for causing any kind of damage directly or indirectly. However you may try these codes on your own computer at your own risk.

7. The word “Hack” or “Hacking” that is used on this site shall be regarded as “Ethical Hack” or “Ethical Hacking” respectively.

8. We believe only in White Hat Hacking. On the other hand we condemn Black Hat Hacking.

8. Most of the information provided on this site are simple computer tricks (may be called by the name hacks) and are no way related to the term hacking.

9. Some of the tricks provided by us may no longer work due to fixture in the bugs that enabled the exploits. We are not responsible for any direct or indirect damage caused due to the usage of the hacks provided on this site.

10. The site holds no reponsiblity for the contents found in user comments and forum since we do not monitor them. However we may remove any sensitive information present in the user comments or on the forum upon request.

11. We reserve the right to modify the Disclaimer at any time without notice.
This documentation is joined with a video you can found it in youtube channel youtube/oxiiiiid or our tv
TH3.blip.tv
2 What Is Phishing ?

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often
directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users,[2] and exploits the poor usability of current web security technologies.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing,[4] probably influenced by phreaking,[5][6] and alludes to baits used to "catch" financial information and passwords. Wikipidia


1) what is desktop phishing ?


Salamo Alaykoum . Desktop Phishing is one more method of Phishing useful to hack email account passwords. Not only email passwords, but you can hack any account password of site you want. Attacker has to send phisher to victim to his in box and you have to wait for victim to login with out sent Phisher.

But, in Desktop Phishing, you only have to send the Phisher Arm (If it's phisher in phishing, we call it phisher arm in Desktop Phishing). You have to run server on your computer and save fake page of the website you wanna hack password, in directory of this server.

2) how it's work ?


Like you see in diagram pic in desktop phishing the victim are not directly linked to the fake page but is redirected to the fake page by using something called hostfile in windows

3)What is Hostfile in windows ?












The hosts file is a computer file used in an operating system to map hostnames to IP addresses. This method is one of several system facilities to address network nodes on a computer network. On some operating systems, the host file content is used preferentially over other methods, such as the Domain Name System (DNS), but many systems implement name service switches to provide customization. Unlike DNS, the hosts file is under the control of the local computer's administrator (wiki)

the attacker with some way like we will see in this tutorial can change the host file by changing or adding a wrong Dns value DNS linked to a web site by an other related to the fake page

4)How ? (example)

take of Example that the Ip address of www.paypal.com is 88.55.266.4
and the attacker has a server with a fake page of paypal uploaded in and the ip address of server is 255.56.77.89 so the attacker will add

www.paypal.com 255.56.77.89

then the victim when he will put http://www.paypal.com the address bar normally the browser will look for the ip address of this by looking first in hostfile in windows will not redirect to 88.55.266.4 but it will redirect to the attacker server 255.56.77.89
more than that the address will not change I mean that www.paypal.com it will stay and it will not change also the victim will not pay attention that he is on a fake website or a page
From here you will understand the danger of hostfile in windows

5) How can this attack can be allocatable ?

Simply you can use a large script that can aplicate this attack for me or like you see in video I use a fake program that I prompte to user to click to see the webcam of camera by clicking the program will put some fake ip address related to some fake servers that I have

VB script Code:



Open "c:\windows\system32\drivers\etc\hosts" For Output As #1

Print #1, "127.0.0.1 localhost"

Print #1, "127.0.0.1 th3-pro.blogspot.com"

Close #1


TH3- END

Credit

TH3 professional security TM
copyright 2010©

Raghib Amine
BlOG : TH3-pro.blogspot.com
YOUTBE : Youtube.com/oxiiiiid
FACEBOOK:facebook.com/TH3.prof
TV: TH3.blip.TV






Download documentation from
http://www.ziddu.com/download/10481575/dekstopphishing.doc.html


see or video also in

from

http://blip.tv/file/3812654


تطوير : مدونة حكمات