BERGIN AZHAGESAN (TamilNadu, India)
Get in touch

Sunday, September 15, 2013

Port Scanning

Filled under:

Port scanning is the process of checking for open TCP or UDP ports on a machine. Please note that port scanning is considered illegal in many countries and should not be performed outside the labs. I was once running an Nmap scan during an internal penetration test. Unwittingly, I did not take note of the unusual subnet mask employed on the local network, and ended up running the Nmap scan through a remote up link that was offsite....

Posted By Bergin A11:18 AM

Little About Nmap

Filled under:

Nmap is probably one of the most comprehensive port scanners to date. Looking at the Nmap usage might be daunting at first. However, once you start scanning you will quickly become accustomed to the syntax. In BackTrack, the Nmap configuration files (such as the default port scan list) are located in /usr/local/share/nmap/.Note that when running Nmap as a root user, certain defaults are assumed...

Posted By Bergin A11:15 AM

Dynamic Memory & The Heap

Filled under:

Dynamic Linux Memory In this article we will take look at how the heap works on the Linux operating system. This includes structure, allocation, functions, clean-up and other important details. Feel free to ask questions in comments as the topics ahead are rather complex compared to that of stack-based memory. We will go through how dynamic memory differs from stack memory and analyse the aspects...

Posted By Bergin A11:13 AM

The Phases of an Attack

Filled under:

Both malicious attackers and professional penetration tester/ ethical hackers apply various phases in their attacks. Attacks are often separated into these phases: Reconnaissance is the process of investigating target organization to gather information about it from publicly available sources, such as domain registration services, websites, and so on. Some people include techniques such as...

Posted By Bergin A11:12 AM

Google Hacking

Filled under: ,

Prior to an attack, I spend some time browsing the web and looking for background information about the organization I’m about to attack. First, I usually browse the organizational website and look for general information such as contact information, phone and fax numbers, emails, company structure, and so on. I also usually look for sites that link to the target site or for organizational emails...

Posted By Bergin A11:11 AM

Listening on a TCP/UDP Port with Netcat

Filled under:

 To listen on port 4444 and accept incoming connections,type: Computer 1 (local computer – 192.168.8.74)root@bt:~# nc -lvp 4444                 listening on [any]4444From a different computer connect to port 4444 on your local machine:Computer 2 (Windows box – 192.168.9.158)C:\>nc -v 192.168.8.74 4444192.168.8.74: inverse host lookup failed: h_errno 11004: NO_DATA(UNKNOWN) [192.168.8.74] 4444...

Posted By Bergin A11:10 AM

Netcat

Filled under:

Netcat is a wonderfully versatile tool that has been dubbed the “hackers’ Swiss army knife.” The simplest definition of Netcat is “a tool that can read and write to TCP and UDP ports.” This dual functionality suggests that Netcat runs in two modes: client and server.Connecting to a TCP/UDP port can be useful in several situations:To check if a port is open or closedTo read a banner from the portTo connect to a network service manuallyPlease take...

Posted By Bergin A11:09 AM

Basics Of Web App Attack

Filled under: ,

In this article we’ll define how web applications are associated with network penetration testing and ethical hacking. In this up-front overview, we’ll also define web applications.Some of the most widespread web application vulnerabilities found today are Cross-Site Request Forgery (XSRF), Cross-Site Scripting (XSS), SQL Injection etc, In the penetration testing and ethical hacking field,...

Posted By Bergin A11:08 AM

Transferring Files with Netcat

Filled under: ,

Netcat can also be used to transfer files, both text and binary, from one computer to another. To send a file from Computer 2 to Computer 1, try the following:Computer 1: Set up Netcat to listen to and accept the connection and to redirect any input into a file.root@bt:~# nc -lvp 4444 > output.txtlistening on [any] 4444 …Computer 2: Connect to the listening Netcat on computer 1 (port 4444) and send the file:C:\>echo “Hi! This is a text file!”...

Posted By Bergin A11:06 AM

Forward Lookup Brute Force

Filled under: ,

The idea behind this method is to try to guess valid names of organizational servers by trying to resolve a given name. If the name resolves, the server exists. Here’s a short example using the host command:root@bt:~# host www.checkpoint.comwww.checkpoint.com has address 216.200.241.66root@bt:~# host idontexist.checkpoint.comHost idontexist.checkpoint.com not found: 3(NXDOMAIN)root@bt:~#Notice that the DNS name www.checkpoint.com resolved and...

Posted By Bergin A11:05 AM

DNS Reconnaissance

Filled under: ,

DNS is one of my favorite sources of information gathering. DNS offers a variety of information about public (and sometimes private!) organization servers, such as IP addresses, server names, and server functions.Interacting with a DNS ServerA DNS server will usually divulge DNS and mail server information for the domain for which it is authoritative. This is a necessity because public requests for mail server addresses and DNS server addresses...

Posted By Bergin A11:03 AM

Wednesday, July 31, 2013

Review: Google Chromecast

Filled under: ,

 “Any sufficiently advanced technology is indistinguishable from magic."-Sir Arthur C. Clarke” It’s probably the most overused quote in tech writing… which sucks, because I’d really like to use it to describe how I feel about the Chromecast.The Chromecast is deceptively simple: you plug it into your TV, then stream video and music to it from apps running on your iPhone, Android device, or laptop. The Chromecast itself has no remote; whatever...

Posted By Bergin A4:02 PM

Opera Proposes NEX Packaging Format For Browser Extensions, Hopes To Make It A Web Standard

Filled under: ,

Opera today detailed a proposal for NEX, the Navigator Extension format, a new vendor-neutral browser extension packaging format that it hopes to turn into a future W3C standard for packaging cross-browser, add-on development. Currently, Chromium-based browsers use Google’s CRX format for delivering browser extensions. Opera, which recently switched to Chromium, says it developed NEX to “find a solution that would allow us to extend the Chromium...

Posted By Bergin A3:54 PM

Android 4.3 Includes Hidden App Permissions Manager That Could Bolster Privacy & Security

 As expected, Google officially confirmed Android 4.3 at its event on Wednesday with Android chief Sundar Pichai. Among the new features/improvements in the update are a redesigned camera interface, Bluetooth Low Energy support, performance improvements such as smoother animations, and multi-user restricted profiles. But there’s apparently something else that Google didn’t talk about. Android Police...

Posted By Bergin A3:49 PM

Android Is The New Windows

Filled under: ,

 A flexible, customizable operating system that’s farmed out to third-party hardware makers and dominates market share but not profits? You’re not the only one experiencing déjà vu. The parallels of Android and Windows are striking. But can that which is unique about Android save it from the fate befalling Microsoft’s stumbling OS?Let’s look at the similarities between the Android of today and the Windows 95 of … ’95: Android is a growing...

Posted By Bergin A3:44 PM

Facebook Announces New Mobile Game Publishing Effort

Filled under: ,

 A few weeks ago, we reported that Facebook was experimenting with becoming a mobile games publisher by offering distribution to studios in exchange for a cut of revenue. Today, Facebook is formally announcing that effort at the Casual Connect conference in San Francisco, and they’re putting a call out for developers that are looking to participate. They didn’t disclose the revenue share they’re asking for. The company says its publishing...

Posted By Bergin A3:21 PM

Sunday, July 21, 2013

Type This Into Google for a Valentine's Day Surprise

 Romantic math geeks, your moment has arrived. In the spirit of Valentine's Day, go ahead and type (or paste) this into Google search: sqrt(cos(x))*cos(300x)+sqrt(abs(x))-0.7)*(4-x*x)^0.01, sqrt(6-x^2), -sqrt(6-x^2) from -4.5 to 4.5 The fact that typing in the algebraic equation plots several different functions on a graph that forms the shape of a heart.The series includes various square roots, absolute values and cosine functions —...

Posted By Bergin A8:22 PM

Type 'Conway's Game of Life' on Google and See What Happens

 Google has dropped one of its more subtle easter eggs for "Conway's Game of Life," a game developed in 1970 by British mathematician John Horton Conway. If you Google the term, the right side of the page will begin to be overrun by cellular automoton, a.k.a. little blue boxes that flicker and spread out. A menu at the top right also lets you view the boxes without the search results and to pause the action.All in all, it's the kind of...

Posted By Bergin A8:19 PM
Subscribe to: Posts (Atom)
 

About Me

Bergin Azhagesan is the Owner and Editor of this blog, He is a Passionate Blogger from TamilNadu,India. He loves to write and read about Technology and Blogging!
Follow him on Facebook, Twitter, Google+.