How to Install Nessus on Backtrack 5 R3

Nessus is a network vulnerability scanning program. It is free for personal use. Its can detect vulnerabilities on the systems. Nessus is the most popular vulnerability scanner in the computer security. Nessus allows scans for vulnerabilities, misconfiguration, default passwords / common passwords / blank passwords on some system accounts, etc. You can use Nessus to scan your system and patch the vulnerability. If you want install Nessus on Backtrack 5 R3 first thing to do is download it from http://www.tenable.com/products/nessus/

Download the Nessus package from http://www.tenable.com/products/nessus/ and install it manually. Read my post before about How to Install Package on Backtrack 5 after you install it, skip to step two. If you have internet connection you can install Nessus from repository. Run this command to download and install Nessus.
apt-get install nessus

After install it, create an account with adduser command like this
/opt/nessus/sbin/nessus-adduser

Now register to Nessus website http://www.nessus.org/register/ to get your activation code that send to your email. After you get the key, run this command, fill change xxxx-xxxx-xxxx-xxxx-xxxx with your key
/opt/nessus/bin/nessus-fetch --register xxxx-xxxx-xxxx-xxxx-xxxx

It will take some time because plugin is being updated. After the update complete, run your Nessus
/etc/init.d/nessusd start

Then open your browser and type this in the URL of the browser
https://localhost:8834/

Nessus will run on the secure channel https and on the port number 8834. Now try and use Nessus for your own risk :-D

Using BackTrack 5 R3 with Metasploit Community or Metasploit Pro

As of version 5 R3, BackTrack comes pre-installed with Metasploit 4.4, so it's now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack. Here is how it's done:

• After BackTrack boots, enter startx to get into the UI.
• Install BackTrack in a virtual machine using the Install BackTrack icon in the top left corner. This is recommended so that Metasploit remembers its product key; otherwise, you would have to register Metasploit each time.
• Log in with user root, password toor. Enter startx.
• In the main menu, open BackTrack / Exploitation Tools / Network Exploitation Tools / Metasploit Framework and select start msfpro, which starts the service for the commercial Metasploit UI.
  
• The Metasploit service is started when you see the following screen:
  
• Open the Firefox browser from the Internet menu.
• Enter the URL https://localhost:3790. Note that the connection must be https.
• You'll see "This Connection is Untrusted". If the server cannot be reached, the Metasploit server may not be started. Please wait a few seconds and try again.
• Since the Metasploit UI uses a user-generated, unsigned SSL certificate, Firefox complains that the connection is untrusted. Click on I understand the risks, Add Exception..., and Confirm Security Exception.
• Metasploit is now initializing and creating the exploit database. Depending on your hardware, this may take up to 10 minutes. You may also see this screen when you launch Metasploit the second time, but the startup time should only be a couple of minutes at the most.
  
  
• The NoScript Addon is installed by default on BackTrack and makes registration and use of Metasploit very difficult. The easiest option is to allow JavaScript globally. Click on the NoScript icon to the left of the URL field and select Allow Scripts Globally (dangerous). Confirm the popup dialogue.
  
• You should also turn off the Application Boundary Enforcer since it causes some issues with the registration. Open the same NoScript menu, chooseNoScript Options, choose Advanced tab, choose ABE sub-tab, and uncheck Enable ABE (Application Boundary Enforcer). Confirm the dialog with OK.
  
• Enter a username and password, and click Create Account. You should now see the following screen:
  
• Click on Get Product Key.
• Choose either Metasploit Pro Trial if you want to get a test of the fully featured product, or Metasploit Community if you're working for an SMB or are a student and need a limited but free edition.
• Complete the registration screen.
• You're now back at this screen:
  
• Within 5 minutes of completing the form, you'll receive an email with a product key. Copy it to the text field under number 2, then click Activate License. You should now see this success message:
  
• Now that you've registered Metasploit, you have access to the update packages, which give you access to new features, exploits, and bug fixes. To update Metasploit, follow these steps:

1. In the Administration menu, choose Software Updates.
2. Click Check for Updates.
3. Click Install.
4. Repeat the process until the software update reports that there are no more updates available. 
   

Congratulations, you're good to go!

Galaxy Note II security flaw

                                           

A security flaw in the Samsung Galaxy Note allows unauthorised users to bypass the lock screen. The flaw was discovered by Terence Eden on the Galaxy Note II running Android 4.1.2 The security flaw can be demonstrated by doing the following :-

1. Lock the device with a “secure” pattern, PIN, or password.
2. Activate the screen.
3. Press “Emergency Call”.
4. Press the “ICE” button on the bottom left.
5. Hold down the physical home key for a few seconds and then release.
6. The phone’s home screen will be displayed – briefly.
7. While the home screen is displayed, click on an app or a widget.
8. The app or widget will launch.
9. If the widget is “direct dial” the phone will start ringing.

Using the flaw, sensitive information such as contact information can be divulged.

2 x Adobe Zero Day Exploits

If you are working in computer security and still don’t have heard about the latest Adobe Flash 0days, aka CVE-2013-0633 and CVE-2013-0634, then you should change of job ! These vulnerabilities were found exploited in targeted attacks through spear phishing email messages targeting several industries including the aerospace one.

One of the e-email attached Word document was using the 2013 IEEE Aerospace Conference schedule, and another reported sample was related to online payroll system of ADP US company, to exploit CVE-2013-0633

Adobe fixed the vulnerabilities in APSB13-04 the 7 February, but the vulnerabilities were not found massively exploited in Exploit Kits. Also there was a confusion,  by anti-virus vendors and security researchers, regarding CVE-2013-0633 and CVE-2013-0634 detection. But as mentioned in Adobe APSB13-04 CVE-2013-0633 was only exploited by been embedded in Word documents and CVE-2013-0634 was exploited through HTML web pages and by been embedded in Word documents.

So as nobody as seen CVE-2013-0633 working outside a Word document, I will suppose that the vulnerability I discovered exploited in Gong Da exploit kit is potentially a fork of CVE-2013-0633 or could be CVE-2013-0634.

Here is the new code in Gong Da exploit kit.

If you take a look at the ActionScript of “myrF03.swf” (506fe8f82ea151959c5160bc40da25b5) you will see some similarities with CVE-2013-0633, like the “ByteArrayAsset” mentioned by MalwareMustDie, or the well-known “LadyBoyle” function.

Users should update their flash if it does not do so automatically. The affected versions and platforms are as follows

• Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh
• Adobe Flash Player 11.2.202.261 and earlier versions for Linux
• Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x
• Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x

CVE 2013-0634 utilises Microsoft Office documents that when opened causes a malicious flash file to be executed. CVE 2013-0633 requires the malicious flash object to be hosted on a website.

Digital Forensics

Digital forensics, also known as computer and network forensics, is the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.

Data refers to distinct pieces of digital information that have been formatted in a specific way. Organizations have an ever-increasing amount of data from many sources.

For example, data can be stored or transferred by standard computer systems, networking equipment, computing peripherals, personal digital assistants (PDA), consumer electronic devices, and various types of media, among other sources
.
Digital Forensics Process

The process for performing digital forensics comprises the following basic phases:

• Collection: identifying, labeling, recording, and acquiring data from the possible sources of relevant data, while following procedures that preserve the integrity of the data.
• Examination: forensically processing collected data using a combination of automated and manual methods, and assessing and extracting data of particular interest, while preserving the integrity of the data.
• Analysis: analyzing the results of the examination, using legally justifiable methods and techniques, to derive useful information that addresses the questions that were the impetus for performing the collection and examination.
• Reporting: reporting the results of the analysis, which may include describing the actions used, explaining how tools and procedures were selected, determining what other actions need to be performed (e.g., forensic examination of additional data sources, securing identified vulnerabilities, improving existing security controls), and providing recommendations for improvement to policies, procedures, tools, and other aspects of the forensic process.

             

Integrating Forensic Techniques into Incident Response

• Organizations should ensure that their policies contain clear statements addressing all major forensic considerations, such as contacting law enforcement, performing monitoring, and conducting regular reviews of forensic policies and procedures.
• Organizations should create and maintain procedures and guidelines for performing forensic tasks, based on the organization’s policies and all applicable laws and regulations.
• Organizations should ensure that their policies and procedures support the reasonable and appropriate use of forensic tools.
• Organizations should ensure that their IT professionals are prepared to participate in forensic activities.

Internet Fraud

Listed below are tips to protect yourself and your family from various forms of Internet fraud.

For information on the most common complaints and scams, see the annual reports of the Internet Crime Complaint Center, or IC3, a partnership of the FBI and the National White Collar Crime Center. Also see its information on Internet Crime Schemes and its Internet Crime Prevention Tips.

Use our online tips form or the IC3 website to report potential cases of cyber fraud.

Tips for Avoiding Internet Auction Fraud:

• Understand as much as possible about how the auction works, what your obligations are as a buyer, and what the seller’s obligations are before you bid.
• Find out what actions the website/company takes if a problem occurs and consider insuring the transaction and shipment.
• Learn as much as possible about the seller, especially if the only information you have is an e-mail address. If it is a business, check the Better Business Bureau where the seller/business is located.
• Examine the feedback on the seller.
• Determine what method of payment the seller is asking from the buyer and where he/she is asking to send payment.
• If possible, purchase items online using your credit card, because you can often dispute the charges if something goes wrong.
• Be cautious when dealing with sellers outside the United States. If a problem occurs with the auction transaction, it could be much more difficult to rectify.
• Ask the seller about when delivery can be expected and whether the merchandise is covered by a warranty or can be exchanged if there is a problem.
• Make sure there are no unexpected costs, including whether shipping and handling is included in the auction price.
• There should be no reason to give out your social security number or driver’s license number to the seller.

Tips for Avoiding Non-Delivery of Merchandise:

• Make sure you are purchasing merchandise from a reputable source.
• Do your homework on the individual or company to ensure that they are legitimate.
• Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.
• Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card wasn’t required to open the account.
• Consider not purchasing from sellers who won’t provide you with this type of information.
• Check with the Better Business Bureau from the seller’s area.
• Check out other websites regarding this person/company.
• Don’t judge a person or company by their website. Flashy websites can be set up quickly.
• Be cautious when responding to special investment offers, especially through unsolicited e-mail.
• Be cautious when dealing with individuals/companies from outside your own country.
• Inquire about returns and warranties.
• If possible, purchase items online using your credit card, because you can often dispute the charges if something goes wrong.
• Make sure the transaction is secure when you electronically send your credit card numbers.
• Consider using an escrow or alternate payment service.

Tips for Avoiding Credit Card Fraud:

• Don’t give out your credit card number online unless the site is a secure and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but provides some assurance.
• Don’t trust a site just because it claims to be secure.
• Before using the site, check out the security/encryption software it uses.
• Make sure you are purchasing merchandise from a reputable source.
• Do your homework on the individual or company to ensure that they are legitimate.
• Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.
• Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card wasn’t required to open the account.
• Consider not purchasing from sellers who won’t provide you with this type of information.
• Check with the Better Business Bureau from the seller’s area.
• Check out other websites regarding this person/company.
• Don’t judge a person or company by their website. Flashy websites can be set up quickly.
• Be cautious when responding to special investment offers, especially through unsolicited e-mail.
• Be cautious when dealing with individuals/companies from outside your own country.
• If possible, purchase items online using your credit card, because you can often dispute the charges if something goes wrong.
• Make sure the transaction is secure when you electronically send your credit card number.
• Keep a list of all your credit cards and account information along with the card issuer’s contact information. If anything looks suspicious or you lose your credit card(s), contact the card issuer immediately.

Tips for Avoiding Investment Fraud:

• Don’t judge a person or company by their website. Flashy websites can be set up quickly.
• Don’t invest in anything you are not absolutely sure about. Do your homework on the investment and the company to ensure that they are legitimate.
• Check out other websites regarding this person/company.
• Be cautious when responding to special investment offers, especially through unsolicited e-mail.
• Be cautious when dealing with individuals/companies from outside your own country.
• Inquire about all the terms and conditions.

Tips for Avoiding Business Fraud:

• Purchase merchandise from reputable dealers or establishments.
• Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.
• Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card wasn’t required to open the account.
• Consider not purchasing from sellers who won’t provide you with this type of information.
• Purchase merchandise directly from the individual/company that holds the trademark, copyright, or patent.

Tips for Avoiding the Nigerian Letter or “419” Fraud:

• Be skeptical of individuals representing themselves as Nigerian or foreign government officials asking for your help in placing large sums of money in overseas bank accounts.
• Do not believe the promise of large sums of money for your cooperation.
• Guard your account information carefully.

Latest Internet Scams in INDIA

Internet Scams in INDIA are in trend these days. Daily, we at Security Era receive so many requests from cyber victims. Everyone is aware about popular “lottery/Money reward” scams, so these scammers has changed the scenario. Among all the requests that we received from cyber victims, we found some common scams for which we want to make public aware.

Scam 1: Loan at 3% Interest

Fake Companies sometimes “HimGange Association”, “Hindustan Money Solutions” publish their proposal in reputed newspapers. Generally these fraud companies offers loan upto 50 lakh at a minimal rate of interest (3%). Whole plot starts when newspaper subscribers call them for further details. Usually, a customer associates Pooja/Nisha (other fake names) will ask callers to deposit minimum 2000rs to start the process. Slowly, they will ask more amounts to complete the file work. Sooner or later when callers realize that they may lose the money and ask them that they don’t want any further relation, these companies stop lifting there calls or other communication. As all these conversations held on internet, so many people find difficulty in tracking them.

Scam 2: Claim Income Tax Refund

Many Businessmen get spam mails every day, in which few of them get an Email for getting their Income Tax Refund. These kind of mails claim to refund Income Tax in exact figures (35783rs / 19237rs) or other. Sender [re-funds.net44@incometaxindia.com] of this mail will ask you to open some link where you can fill your details. Once a person enters such links, they got redirected to phishing pages on incomeTaxIndia website and other reputed online bank websites. Few of innocent people got trapped in such scams and have lost their hard earned money. Further this website will show you one or another error message and stores victim’s credentials. Many people tried to track these frauds but all went in vain.

As we all know that the entire government official website has a suffix “gov.in”, where in this case mail address has a suffix “.com”, so be aware before you click any such website.

We want to make you aware that nothing is free in this fishy internet world. Beware of such frauds. If you need any assistance in such cases you may contact us.

Access Free Wifi

“Hackers are taking advantage of travelers who want to stay connected,”

“They are setting up fake Wi-Fi connections designed to steal your personal information without you even knowing it.”

Although hackers have set up fake Wi-Fi connections in many locations, airports are a favorite ‘hot spot’.When searching for connections, consumers may see a network connection available that could simply be named‘Free Wi-Fi’.

Unfortunately, the network may actually be an ad-hoc network, or a peer-to-peer connection. The user will be able to surf the Internet, but they are doing it through the hacker’s computer.

While the user is online, the hacker is stealing information like passwords, credit card and bank account numbers, and social security numbers from the user’s laptop computers.

Airports across the nation continue to report Wi-Fi security issues. In a investigation revealed Airports had 20 wireless networks present that were specifically designed to hack into unsuspecting users’ computers and networks.

 We offers the following wireless safety advice:-

1. Connect securely - Never connect to an unfamiliar wireless network—even if the name sounds genuine
2. Create a Virtual Private Network (VPN) - A VPN establishes a private network across the public network which prevents a hacker from intercepting your data.
3. Turn off file sharing when you are on the road to prevent hackers from stealing sensitive data from your computer or smartphone.
4. Disable automatic connections - Make sure that your computer and smartphone are not set up to automatically connect to any wireless networks within your range.

BACKTRACK 5 R3 New Features

Backtrack 5 R3 focuses on bug-fixes as well as the addition of over 60 new tools

What are the new utilities included with Backtrack 5r3?
This is not a Perfect list, but hopefully it will help you see some of the very cool new tools and programs added to Backtrack 5 r3.

               

Following list of the new tools:-

>Identify Live Hosts:

  dnmap – Distributed NMap
  address6 (The Second “Alive6? entry) – IPV6 address conversion                                                                                                                                           

>Information Gathering Analysis

    Jigsaw – Grabs information about company employees
    Uberharvest – E-mail harvester
    sslcaudit – SSL Cert audit
    VoIP honey – VoIP Honeypot
    urlcrazy – Detects URL typos used in typo squatting, url hijacking, phishing

>Web Crawlers

  Apache_users – Apache username enumerator
  Deblaze – Performs enumeration & interrogation against Flash remote end points
  Database Analysis

  Tnscmd10g – Allows you to inject commands into Oracle
  BBQSQL – Blind SQL injection toolkit

>Bluetooth Analysis

  Blueranger – Uses link quality to locate Bluetooth devices

>Vulnerability Assesment

  Lynis – Scans systems & software for security issues
  DotDotPwn – Directory Traversal fuzzer

>Exploitation Tools

 Netgear-telnetable – Enables Telnet console on Netgear devices
  Termineter – Smart Meter tester
  Htexploit – Tool to bypass standard directory protection
  Jboss-Autopwn – Deploys JSP shell on target JBoss servers
  Websploit – Scans & analyses remote systems for vulnerabilities

>Wireless Exploitation Tools

 Bluepot – Bluetooth honeypot
 Spooftooph – Spoofs or clones Bluetooth devices
 Smartphone-Pentest-Framework
 Fern-Wifi-cracker – Gui for testing Wireless encryption strength
 Wi-fihoney – Creates fake APs using all encryption and monitors with Airodump
 Wifite – Automated wireless auditor

>A Bunch of Password Tools

  Creddump
  Johnny
  Manglefizz
  Ophcrack
  Phrasendresher
  Rainbowcrack
  Acccheck
  smbexec

How to hide a files in a jpg image / file

How to:

Hide files in a jpg

Set up:

1. Must have a .zip or .rar compressor.

2. Willingness to learn.

Steps:

1. Save the picture of choice to your desktop.

2. Make a new .rar or .zip folder on your desktop.

3. Add the files you want to hide into the .zip or .rar

4. Click start menu, run, cmd.

5. In Command Prompt type cd “desktop” with the quotation marks.

6. Now type in copy /b picturename.jpg + foldername.rar outputfilename.jpg

( If you use .zip then: copy /b picturename.jpg + foldername.zip outputfilename.jpg)

7. Now there should be the outputed file name with a .jpg extension on the desktop.

( Do not close Command Prompt just yet )

8. Double click it to open the picture and check it out.

9. When your done looking, and want to view the hidden files

Type: ren outputfilename.jpg outputfilename.rar or zip

Now you’re done!