Archive for the ‘Tutorial’ Category

  1. wifite
    Link Project: https://github.com/derv82/wifite
    Wifite is for Linux only.Wifite is an automated wireless attack tool.Wifite was designed for use with pentesting distributions of Linux, such as Kali LinuxPentooBackBox; any Linux distributions with wireless drivers patched for injection. The script appears to also operate with Ubuntu 11/10, Debian 6, and Fedora 16.Wifite must be run as root. This is required by the suite of programs it uses. Running downloaded scripts as root is a bad idea. I recommend using the Kali Linux bootable Live CD, a bootable USB stick (for persistent), or a virtual machine. Note that Virtual Machines cannot directly access hardware so a wireless USB dongle would be required.Wifite assumes that you have a wireless card and the appropriate drivers that are patched for injection and promiscuous/monitor mode.
  2. wifiphisher
    Link Project: https://github.com/sophron/wifiphisher
    Wifiphisher is a security tool that performs Wi-Fi automatic association attacks to force wireless clients to unknowingly connect to an attacker-controlled Access Point. It is a rogue Access Point framework that can be used to mount automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It can work a social engineering attack tool that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages (e.g. in social networks) or WPA/WPA2 pre-shared keys.Wifiphisher works on Kali Linux and is licensed under the GPL license.
  3. wifi-pumpkin
    Link Project: https://github.com/P0cL4bs/WiFi-Pumpkin
    Very friendly graphic user interface, good handling, my favorite one is the establishment of phishing wifi attack tools, rich functional interface, ease of use is excellent. Compatibility is also very good. Researcher  is actively update them, we can continue to focus on this fun project
  4. fruitywifi
    Link Project: https://github.com/xtr4nge/FruityWifi
    FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it.
    Initially the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system
  5. mama toolkit
    Link Project: https://github.com/sensepost/mana
    A toolkit for rogue access point (evilAP) attacks first presented at Defcon 22.
    More specifically, it contains the improvements to KARMA attacks we implemented into hostapd, as well as some useful configs for conducting MitM once you’ve managed to get a victim to connect.
  6. 3vilTwinAttacker
    Link Project:https://github.com/wi-fi-analyzer/3vilTwinAttacker
    Much like wifi-pumpkin interface. Has a good graphical interface, the overall experience is very good, good ease of use. Good compatibility. Researcher has hardly been updated.
  7. ghost-phisher
    Link Project: http://tools.kali.org/information-gathering/ghost-phisher
    It has a good graphical interface, but almost no fault tolerance, many options easily confusing, but the overall feeling is still very good use. It can be a key to establish rogue ap, and protect dhcp, dns services interface, easy to launch a variety of middle attack, ease of use is good. Compatible good. Kali has been made official team updated original repo.
  8. fluxion
    Link Project: https://github.com/wi-fi-analyzer/fluxion
    Fluxion is a remake of linset by vk496 with (hopefully) less bugs and more functionality. It’s compatible with the latest release of Kali (rolling). The attack is mostly manual, but experimental versions will automatically handle most functionality from the stable releases.

Happy Hunting

nmap

Nmap is a powerful network scanner used to identify systems and services. nmap was originally developed with network security in mind, it is a tool that was designed to find vulnerabilities within a network. nmap is more than just a simple port scanner though, you can use nmap to find specific versions of services, certain OS types, or even find that pesky printer someone put on your network without telling you.

nmap can be used for good and for evil, today we will cover some common situations where nmap makes life easier for sysadmins which is generally good. Even if some Sysadmins are evil…

Discover IP’s in a subnet (no root)

 $ nmap -sP 192.168.0.0/24
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:12 GMT
 Nmap scan report for 192.168.0.1
 Host is up (0.0013s latency).
 Nmap scan report for 192.168.0.92
 Host is up (0.0032s latency).
 Nmap scan report for 192.168.0.113
 Host is up (0.0011s latency).

This is one of the simplest uses of nmap. This command is commonly refereed to as a “ping scan”, and tells nmap to send an icmp echo request, TCP SYN to port 443, TCP ACK to port 80 and icmp timestamp request to all hosts in the specified subnet. nmap will simply return a list of ip’s that responded. Unlike many nmap commands this particular one does not require root privileges, however when executed by root nmap will also by default send arp requests to the subnet.

Scan for open ports (no root)

 $ nmap 192.168.0.0/24
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:20 GMT
Nmap scan report for 192.168.0.1 Host is up (0.0043s latency). Not shown: 998 closed ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 

This scan is the default scan for nmap and can take some time to generate. With this scan nmap will attempt a TCP SYN connection to 1000 of the most common ports as well as an icmp echo request to determine if a host is up. nmap will also perform a DNS reverse lookup on the identified ip’s as this can sometimes be useful information.

Identify the Operating System of a host (requires root)

 # nmap -O 192.168.0.164
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:35 GMT
 Nmap scan report for 192.168.0.112
 Host is up (0.00032s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 MAC Address: 00:00:00:00:00:00 (Unknown)
 Device type: general purpose
 Running: Apple Mac OS X 10.5.X
 OS details: Apple Mac OS X 10.5 - 10.6 (Leopard - Snow Leopard) (Darwin 9.0.0b5 - 10.0.0)
 Network Distance: 1 hop

With the -O option nmap will try to guess the targets operating system. This is accomplished by utilizing information that nmap is already getting through the TCP SYN port scan. This is usually a best guess but can actually be fairly accurate. The operating system scan however does require root privileges.

Identify Hostnames (no root)

 $ nmap -sL 192.168.0.0/24
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:35 GMT
 Nmap scan report for 192.168.0.0
 Nmap scan report for router.local (192.168.0.1)
 Nmap scan report for fake.local (192.168.0.2)
 Nmap scan report for another.fake.local (192.168.0.3)

This is one of the most subtle commands of nmap, the -sL flag tells nmap to do a simple DNS query for the specified ip. This allows you to find hostnames for all of the ip’s in a subnet without having send a packet to the individual hosts themselves.

Hostname information can tell you a lot more about a network than you would think, for instance if you labeled your Active Directory Servers with ads01.domain.com you shouldn’t be surprised if someone guesses its use.

TCP Syn and UDP Scan (requires root)

 # nmap -sS -sU -PN 192.168.0.164
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:12 GMT
 Nmap scan report for 192.168.0.112
 Host is up (0.00029s latency).
 Not shown: 1494 closed ports, 496 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf

The TCP SYN and UDP scan will take a while to generate but is fairly unobtrusive and stealthy. This command will check about 2000 common tcp and udp ports to see if they are responding. When you use the -Pn flag this tells nmap to skip the ping scan and assume the host is up. This can be useful when there is a firewall that might be preventing icmp replies.

TCP SYN and UDP scan for all ports (requires root)

 # nmap -sS -sU -PN -p 1-65535 192.168.0.164
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:36 GMT
 Nmap scan report for 192.168.0.112
 Host is up (0.00021s latency).
 Not shown: 131051 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 17500/tcp open unknown
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf
 17500/udp open|filtered unknown
 51657/udp open|filtered unknown
 54658/udp open|filtered unknown
 57798/udp open|filtered unknown
 58488/udp open|filtered unknown
 60027/udp open|filtered unknown

This command is the same as above however by specifying the full port range from 1 to 65535 nmap will scan to see if the host is listening on all available ports. You can use the port range specification on any scan that performs a port scan.

TCP Connect Scan (no root)

 $ nmap -sT 192.168.0.164
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:40 GMT
 Nmap scan report for 192.168.0.112
 Host is up (0.0015s latency).
 Not shown: 964 closed ports, 32 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This command is similar to the TCP SYN scan however rather than sending a SYN packet and reviewing the headers it will ask the OS to establish a TCP connection to the 1000 common ports.

Aggressively Scan Hosts (no root)

 $ nmap -T4 -A 192.168.0.0/24
 Nmap scan report for 192.168.0.67
 Host is up (0.00060s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1 (protocol 2.0)
 | ssh-hostkey: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (DSA)
 |_2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (RSA)
 80/tcp open http nginx 1.1.19
 |_http-title: 403 Forbidden
 |_http-methods: No Allow or Public header in OPTIONS response (status code 405)
 111/tcp open rpcbind
 | rpcinfo:
 | program version port/proto service
 | 100000 2,3,4 111/tcp rpcbind
 | 100000 2,3,4 111/udp rpcbind
 | 100003 2,3,4 2049/tcp nfs
 | 100003 2,3,4 2049/udp nfs
 | 100005 1,2,3 46448/tcp mountd
 | 100005 1,2,3 52408/udp mountd
 | 100021 1,3,4 35394/udp nlockmgr
 | 100021 1,3,4 57150/tcp nlockmgr
 | 100024 1 49363/tcp status
 | 100024 1 51515/udp status
 | 100227 2,3 2049/tcp nfs_acl
 |_ 100227 2,3 2049/udp nfs_acl
 2049/tcp open nfs (nfs V2-4) 2-4 (rpc #100003)
 Service Info: OS: Linux; CPE: cpe:/o:linux:kernel

Unlike some of the earlier commands this command is very aggressive and very obtrusive. The -A simply tells nmap to perform OS checking and version checking. The -T4 is for the speed template, these templates are what tells nmap how quickly to perform the scan. The speed template ranges from 0 for slow and stealthy to 5 for fast and obvious.

Fast Scan (no root)

 $ nmap -T4 -F 192.168.0.138
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:48 GMT
 Nmap scan report for 192.168.0.112
 Host is up (0.00047s latency).
 Not shown: 96 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This scan limits the scan to the most common 100 ports, if you simply want to know some potential hosts with ports open that shouldn’t be this is a quick and dirty command to use.

Verbose

 $ nmap -T4 -A -v 192.168.0.164
 Starting Nmap 7.30 ( http://nmap.org ) at 2016-10-12 21:50 GMT
 NSE: Loaded 93 scripts for scanning.
 NSE: Script Pre-scanning.
 Initiating Ping Scan at 21:50
 Scanning 192.168.0.164 [2 ports]
 Completed Ping Scan at 21:50, 0.00s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 21:50
 Completed Parallel DNS resolution of 1 host. at 21:50, 0.01s elapsed
 Initiating Connect Scan at 21:50
 Scanning 192.168.0.187 [1000 ports]
 Discovered open port 139/tcp on 192.168.0.164
 Discovered open port 445/tcp on 192.168.0.164
 Discovered open port 88/tcp on 192.168.0.164
 Discovered open port 631/tcp on 192.168.0.164
 Completed Connect Scan at 21:50, 5.22s elapsed (1000 total ports)
 Initiating Service scan at 21:50
 Scanning 4 services on 192.168.0.164
 Completed Service scan at 21:51, 11.00s elapsed (4 services on 1 host)
 NSE: Script scanning 192.168.0.164.
 Initiating NSE at 21:51
 Completed NSE at 21:51, 12.11s elapsed
 Nmap scan report for 192.168.0.164
 Host is up (0.00026s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 88/tcp open kerberos-sec Mac OS X kerberos-sec
 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 631/tcp open ipp CUPS 1.4
 | http-methods: GET HEAD OPTIONS POST PUT
 | Potentially risky methods: PUT
 |_See http://nmap.org/nsedoc/scripts/http-methods.html
 | http-robots.txt: 1 disallowed entry
 |_/
 Service Info: OS: Mac OS X; CPE: cpe:/o:apple:mac_os_x

By adding verbose to a majority of the commands above you get a better insight into what nmap is doing; for some scans verbosity will provide additional details that the report does not provide.
While these are 10 very useful nmap commands I am sure there are some more handy nmap examples out there. If you have one to add to this list feel free to drop it into a comment.

Performing a nMap Scan

tv crime2Internet trolls are using Tor nowadays to avoid bans by IP. However, banning Tor exit nodes is just slightly more complex. The Tor Project provides a regularly updated list of exit nodes that can access your IP here. As there may be many hundreds or even thousands of nodes, adding them to iptables can hurt your server’s network performance. Enter ipset, a user-space hash table for iptables:

# create a new set for individual IP addresses
ipset -N tor iphash
# get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line
wget -q https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$YOUR_IP -O -|sed '/^#/d' |while read IP
do
  # add each IP address to the new set, silencing the warnings for IPs that have already been added
  ipset -q -A tor $IP
done
# filter our new set in iptables
iptables -A INPUT -m set --match-set tor src -j DROP

tv crime2

Before I start this guide, I would like to make one thing clear SIM CLONING is illegal. This tutorial should be used for educational purposes only.

First off a little introduction about SIM CARD:

Our SIM cards contain two secret codes or keys called (imsi value and ki value) which enables the operator to know the mobile number and authenticate the customer, these codes are related to our mobile numbers which the operators store in their vast database, it is based on these secret keys that enables the billing to be made to that customer.

SIM cloning extracting these two secret codes from the SIM and programme it into a new blank smart card (often known as wafer) since the operator authentication on SIM is based on these values, it enables us to fool the operators in thinking that it’s the original SIM, this authentication is a flaw with the GSM technology

Now which SIM cards can be cloned?

SIM cards are manufactured based on three algorithms COMP128v1, COMP128v2 and COMP128v3. It is important note currently only COMP128v1 version SIM cards can be cloned, since this is the only algorithm, which has been cracked, bear in mind that 70% of all the SIM cards we use are COMP128v1.

Cloning a card:

1. Buy a SIM card Reader

2. Need a Blank SIM card or super SIM card

3. Download and install MagicSIM

4. Download and install USB SIM Card Reader Software3.0.1.5

6. Go in phone tools, select SIM card, then select unlock SIM, it will prompt for a code.

7 Call network provider, they will ask for your phone number, your account info, name and security code, then they will ask why you want to unlock your SIM card, just tell them you need to unlock your SIM to get it to work with your overseas phone or something.

8. Once they give you the SIM unlock code, enter it, and it will say SIM unlocked.

9. Remove the SIM from your phone, place it in the card reader, click read from card in magic SIM the application.

10. When it displays ‘connected’, select crack SIM in the toolbar. Click strong ki and select all of the other find options and then click start.

11. Once your ki is found and the crack is finished, click file, save as and save your cracked SIM info to a file.

12. IMPORTANT!!! You must click disconnect from the file menu or you will ruin your SIM card.

Once it says disconnected, remove the SIM. Put the SIM in your phone and see if it still works, it should. (If not, either you did not unlock your SIM, or you tried to copy it instead of crack and save.)

13. Insert blank 3g card USB SIM Card Reader Software3.0.1.5, not magic SIM at this point.

14. Click connect

15. It should say ‘No Info Found’ if it is truly blank.

16. Select write to SIM, it will prompt you to select a dat file, select the one you saved earlier. Now click start, it will take about 10 minutes to write it, once it is complete, it will ask for a security code, enter the security code the network provider gave you, then click finish.

17. Your card is now cloned.

It should be noted that if you try to make two calls at the same time, one will connect; the other will say call failed, both phones will get the same messages, text and voice, and both will receive the same calls, but only one can talk at a time.

 

tv-300x2241

 

The de-facto standard in network scanning for many years has been Nmap. Nmap is universally supported by Linux and Windows alike and is free to download > Download Nmap

The only thing I have found is that there are so many commands it makes it difficult to remember what to enter, so here is a quick guide for fast scanning, Also I have created it in a PDF for easy reference > Caintech.co.uk Nmap Cheat

Basic Scanning Techniques

Scan a single target —> nmap [target]

Scan multiple targets —> nmap [target1,target2,etc]

Scan a list of targets —-> nmap -iL [list.txt]

Scan a range of hosts —-> nmap [range of IP addresses]

Scan an entire subnet —-> nmap [IP address/cdir]

Scan random hosts —-> nmap -iR [number]

Excluding targets from a scan —> nmap [targets] –exclude [targets]

Excluding targets using a list —> nmap [targets] –excludefile [list.txt]

Perform an aggressive scan —> nmap -A [target]

Scan an IPv6 target —> nmap -6 [target]

Discovery Options

Perform a ping scan only —> nmap -sP [target]

Don’t ping —> nmap -PN [target]

TCP SYN Ping —> nmap -PS [target]

TCP ACK ping —-> nmap -PA [target]

UDP ping —-> nmap -PU [target]

SCTP Init Ping —> nmap -PY [target]

ICMP echo ping —-> nmap -PE [target]

ICMP Timestamp ping —> nmap -PP [target]

ICMP address mask ping —> nmap -PM [target]

IP protocol ping —-> nmap -PO [target]

ARP ping —> nmap -PR [target]

Traceroute —> nmap –traceroute [target]

Force reverse DNS resolution —> nmap -R [target]

Disable reverse DNS resolution —> nmap -n [target]

Alternative DNS lookup —> nmap –system-dns [target]

Manually specify DNS servers —> nmap –dns-servers [servers] [target]

Create a host list —-> nmap -sL [targets]

Advanced Scanning Options

TCP SYN Scan —> nmap -sS [target]

TCP connect scan —-> nmap -sT [target]

UDP scan —-> nmap -sU [target]

TCP Null scan —-> nmap -sN [target]

TCP Fin scan —> nmap -sF [target]

Xmas scan —-> nmap -sX [target]

TCP ACK scan —> nmap -sA [target]

Custom TCP scan —-> nmap –scanflags [flags] [target]

IP protocol scan —-> nmap -sO [target]

Send Raw Ethernet packets —-> nmap –send-eth [target]

Send IP packets —-> nmap –send-ip [target]

Port Scanning Options

Perform a fast scan —> nmap -F [target]

Scan specific ports —-> nmap -p [ports] [target]

Scan ports by name —-> nmap -p [port name] [target]

Scan ports by protocol —-> nmap -sU -sT -p U:[ports],T:[ports] [target]

Scan all ports —-> nmap -p “*” [target]

Scan top ports —–> nmap –top-ports [number] [target]

Perform a sequential port scan —-> nmap -r [target]

Version Detection

Operating system detection —-> nmap -O [target]

Submit TCP/IP Fingerprints —-> http://www.nmap.org/submit/

Attempt to guess an unknown —-> nmap -O –osscan-guess [target]

Service version detection —-> nmap -sV [target]

Troubleshooting version scans —-> nmap -sV –version-trace [target]

Perform a RPC scan —-> nmap -sR [target]

Timing Options

Timing Templates —-> nmap -T [0-5] [target]

Set the packet TTL —-> nmap –ttl [time] [target]

Minimum of parallel connections —-> nmap –min-parallelism [number] [target]

Maximum of parallel connection —-> nmap –max-parallelism [number] [target]

Minimum host group size —–> nmap –min-hostgroup [number] [targets]

Maximum host group size —-> nmap –max-hostgroup [number] [targets]

Maximum RTT timeout —–> nmap –initial-rtt-timeout [time] [target]

Initial RTT timeout —-> nmap –max-rtt-timeout [TTL] [target]

Maximum retries —-> nmap –max-retries [number] [target]

Host timeout —-> nmap –host-timeout [time] [target]

Minimum Scan delay —-> nmap –scan-delay [time] [target]

Maximum scan delay —-> nmap –max-scan-delay [time] [target]

Minimum packet rate —-> nmap –min-rate [number] [target]

Maximum packet rate —-> nmap –max-rate [number] [target]

Defeat reset rate limits —-> nmap –defeat-rst-ratelimit [target]

Firewall Evasion Techniques

Fragment packets —-> nmap -f [target]

Specify a specific MTU —-> nmap –mtu [MTU] [target]

Use a decoy —-> nmap -D RND: [number] [target]

Idle zombie scan —> nmap -sI [zombie] [target]

Manually specify a source port —-> nmap –source-port [port] [target]

Append random data —-> nmap –data-length [size] [target]

Randomize target scan order —-> nmap –randomize-hosts [target]

Spoof MAC Address —-> nmap –spoof-mac [MAC|0|vendor] [target]

Send bad checksums —-> nmap –badsum [target]

Output Options

Save output to a text file —-> nmap -oN [scan.txt] [target]

Save output to a xml file —> nmap -oX [scan.xml] [target]

Grepable output —-> nmap -oG [scan.txt] [target]

Output all supported file types —-> nmap -oA [path/filename] [target]

Periodically display statistics —-> nmap –stats-every [time] [target]

133t output —-> nmap -oS [scan.txt] [target]

Troubleshooting and debugging

Help —> nmap -h

Display Nmap version —-> nmap -V

Verbose output —-> nmap -v [target]

Debugging —-> nmap -d [target]

Display port state reason —-> nmap –reason [target]

Only display open ports —-> nmap –open [target]

Trace packets —> nmap –packet-trace [target]

Display host networking —> nmap –iflist

Specify a network interface —> nmap -e [interface] [target]

Nmap Scripting Engine

Execute individual scripts —> nmap –script [script.nse] [target]

Execute multiple scripts —-> nmap –script [expression] [target]

Script categories —-> all, auth, default, discovery, external, intrusive, malware, safe, vuln

Execute scripts by category —-> nmap –script [category] [target]

Execute multiple scripts categories —-> nmap –script [category1,category2, etc]

Troubleshoot scripts —-> nmap –script [script] –script-trace [target]

Update the script database —-> nmap –script-updatedb

Ndiff

Comparison using Ndiff —-> ndiff [scan1.xml] [scan2.xml]

Ndiff verbose mode —-> ndiff -v [scan1.xml] [scan2.xml]

XML output mode —-> ndiff –xml [scan1.xm] [scan2.xml]

For more excellent FREE security training visit >

http://learnnetsec.com 

http://www.youtube.com/user/NetSecNow

 

 

tv-backtrackThis tutorial is for demonstration purposes only – Please use this knowledge responsibly

This video will show you how to create a reverse SSH connection to a server/workstation

This exploit is taking advantage of vulnerability MS08-067 using Metasploit on Kali.
This is a Kali VM attacking a Microsoft 2008 server (this will also work on any machine without the patch)

The moral of this is to update your system

http://www.kali.org

http://support.microsoft.com/kb/958644

Caintech.co.uk – Here comes Kali

Affected Software

Operating System

Microsoft Windows 2000 Service Pack 4

Windows XP Service Pack 2

Windows XP Service Pack 3

Windows XP Professional x64 Edition

Windows XP Professional x64 Edition Service Pack 2

Windows Server 2003 Service Pack 1

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition

Windows Server 2003 x64 Edition Service Pack 2

Windows Server 2003 with SP1 for Itanium-based Systems

Windows Server 2003 with SP2 for Itanium-based Systems

Windows Vista and Windows Vista Service Pack 1

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1

Windows Server 2008 for 32-bit Systems

Windows Server 2008 for x64-based Systems

Windows Server 2008 for Itanium-based Systems

Caintech.co.uk Please Note: Please ensure that you Back-up your Registry before attempting to modify it in anyway just in case you make a mistake. Here’s how:

  1. Depending on your version of Windows, do one of the following:
    • For Windows XP: Click Start > Run.
    • For Windows 7 or Vista: Click the Start button, and then click All Programs > Accessories > Run.
  2. In the Run dialog box, type the following text:

    regedit

  3. Click OK.

    If the User Account Control window appears, click Continue.

  4. On the File menu, click Export.
  5. In the File name box, type a name that you will remember, such as Registry Backup.
  6. Select a location where you want to save the Registration Entries (.reg) file, I suggest your desktop.
  7. Click Save.

Ok now that has been done lets get into the real technical stuff.

Changing the Default Installation Path in Windows 7 isn’t all that difficult, we all know that our Default Installation Path is C:\Program Files but if you want to change this to another Drive so that will become the Default Path for all new program Installations you can with a few clicks in the registry editor.

Ok for X64 Version User’s this simply Copy and Paste the following into the Run Box

%systemroot%\syswow64\regedit

For X32 Version User’s Go to Start and in the Search Box type in Regedit and Hit Enter to Open the Registry Editor

Now the Registry Editor will open

  • Ok now locate the following:- HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion

Now you will see that I have marked out the ProgramFilesDir for the X32 Version and ProgramW6432Dir the X64 Version and the reason for this you will need to change both if you are running a X64 Version.

So, If you have the X32 Version of Windows then choose the ProgramFileDir x86 path by Right Clicking and then Selecting Modify.

Then simply change the Drive Letter and Path to where you want to Install your Programs then Click OK

  • For X32 Version user’s, that it for you all done!

So, If you have the X64 Version of Windows then choose and Modify both ProgramFileDir x86 and ProgramW6432Dir path by Right Clicking and then Selecting Modify.

Then simply change the Drive Letter and Path to where you want to Install your Programs then Click OK

Now if you have messed it up and when you reboot your machine you get errors, a simple way to revert back to the previous version of the registry is to:

Reboot the machine  keep tapping F8 this will take you into ‘Safe Mode’

When the desktop boots double click on the .reg file you made earlier in this tutorial and when prompted with a warnig (as below) press ‘Yes’

Reboot and now you are back to how your registry was before you started (now print this tutorial out and try again)

 

Firefox is the latest version of Mozilla’s popular Internet browser. People using it typically update the software to get its new features. Unfortunately, this version brought us an unpleasant crash issue connected with Flash Player. More accurately, when you update Firefox 13 with Flash 11.3 on your Windows 7 computer, you may encounter the Flash 11.3 Protected Mode problem. In the instructions below you can read about how to fix this issue and prevent unpleasant Flash Player crashes.

 

Fixing Flash 11.3 Protected Mode Issue in Firefox 13 Instructions:

  1. Open “Computer / My Computer” and go to Flash folder:
    For Windows 32bit Users: C:\windows\system32\macromed\flash
    For Windows 64bit Users: C:\windows\syswow64\macromed\flash
  2. Find and open the “mms.cfg” file in a text editor.
    Note: If there is no mms.cfg file, you will need to create one.
  3. Add the following command to the file:
    ProtectedMode = 0
  4. Save the “mms.cfg” file and close it.

The Error 404 “Page not found” is the error page displayed whenever someone asks for a page that’s simply not available on your site. The reason for this is that there may be a link on your site that was wrong or the page might have been recently removed from the site. As there is no web page to display, the web server sends a page that simply says “404 Page not found”.

The 404 error message is an HTTP (Hypertext Transfer Protocol) standard status code. This “Not Found” response code indicates that although the client could communicate to the server, the server could not find what was requested or it was configured not to fulfil the request.

The 404 “Not Found” error is not the same as the “Server Not Found” error which you see whenever a connection to the destination server could not be established at all.

The default 404 error page as shown on Internet Explorer is given below.

HTTP Status Code

Whenever you visit a web page, your computer will request data from a server through HTTP. Even before the requested page is displayed in your browser, the web server will send the HTTP header that has the status code. The status code provides information about the status of the request. A normal web page gets the status code as 200. But we do not see this as the server proceeds to send the contents of the page. It’s only when there is an error, we see the status code 404 Not Found.

Origin of Status Codes

As a part of the HTTP 0.9 specifications, the World Wide Web Consortium (W3C) established HTTP status codes in 1992. Tim Berners-Lee, who invented the web and the first web browser in 1990, defined the status codes.

List of Status Codes

A brief overview of HTTP status codes is given below.

HTTP Status Code

Whenever you visit a web page, your computer will request data from a server through HTTP. Even before the requested page is displayed in your browser, the web server will send the HTTP header that has the status code. The status code provides information about the status of the request. A normal web page gets the status code as 200. But we do not see this as the server proceeds to send the contents of the page. It’s only when there is an error, we see the status code 404 Not Found.

Origin of Status Codes

As a part of the HTTP 0.9 specifications, the World Wide Web Consortium (W3C) established HTTP status codes in 1992. Tim Berners-Lee, who invented the web and the first web browser in 1990, defined the status codes.

List of Status Codes

A brief overview of HTTP status codes is given below.

Code Meaning Description
100 Continue Confirms the client about the arrival of the first part of the request and informs to continue with the rest of the request or ignore if the request has been fulfilled
101 Switching Protocols Informs the client about the server switching the protocols to that specified in the Upgrade message header field during the current connection.
200 OK Standard response for successful requests
201 Created Request fulfilled and new resource created
202 Accepted Request accepted, but not yet processed
203 Non-Authoritative Information Returned meta information was not the definitive set from the origin server.
204 No Content Request succeeded without requiring the return of an entity-body
205 Reset Content Request succeeded but require resetting of the document view that caused the request
206 Partial Content Partial GET request was successful
300 Multiple Choices Requested resource has multiple choices at different locations.
301 Moved Permanently Resource permanently moved to a different URL.
302 Found Requested resource was found under a different URL but the client should continue to use the original URL.
303 See Other Requested response is at a different URL and can be accessed only through a GET command.
304 Not Modified Resource not modified since the last request.
305 Use Proxy Requested resource should be accessed through the proxy specified in the location field.
306 No Longer Used Reserved for future use
307 Temporary Redirect Resource has been moved temporarily to a different URL.
400 Bad Request Syntax of the request not understood by the server.
401 Not Authorized Request requires user authentication
402 Payment Required Reserved for future use.
403 Forbidden Server refuses to fulfill the request.
404 Not Found Document or file requested by the client was not found.
405 Method Not Allowed Method specified in the Request-Line was not allowed for the specified resource.
406 Not Acceptable Resource requested generates response entities that has content characteristics not specified in the accept headers.
407 Proxy Authentication Required Request requires the authentication with the proxy.
408 Request Timeout Client fails to send a request in the time allowed by the server.
409 Conflict Request was unsuccessful due to a conflict in the state of the resource.
410 Gone Resource requested is no longer available with no forwarding address
411 Length Required Server doesn’t accept the request without a valid Content-Length header field.
412 Precondition Failed Precondition specified in the Request-Header field returns false.
413 Request Entity Too Large Request unsuccessful as the request entity is larger than that allowed by the server
414 Request URL Too Long Request unsuccessful as the URL specified is longer than the one, the server is willing to process.
415 Unsupported Media Type Request unsuccessful as the entity of the request is in a format not supported by the requested resource
416 Requested Range Not Satisfiable Request included a Range request-header field without any range-specifier value
417 Expectation Failed Expectation given in the Expect request-header was not fulfilled by the server.
422 Unprocessable Entity Request well-formed but unable to process because of semantic errors
423 Locked Resource accessed was locked
424 Failed Dependency Request failed because of the failure of a previous request
426 Upgrade Required Client should switch to Transport Layer Security
500 Internal Server Error Request unsuccessful because of an unexpected condition encountered by the server.
501 Not Implemented Request unsuccessful as the server could not support the functionality needed to fulfill the request.
502 Bad Gateway Server received an invalid response from the upstream server while trying to fulfill the request.
503 Service Unavailable Request unsuccessful to the server being down or overloaded.
504 Gateway Timeout Upstream server failed to send a request in the time allowed by the server.
505 HTTP Version Not Supported Server does not support the HTTP version specified in the request.

Meaning of 404

When we expand the code 404, the first digit “4” represents a client error. The server indicates that you did a mistake like misspelling the URL or requesting for a page that is no longer available.

The middle digit, 0 represents a general syntax error and could indicate a spelling mistake.

The last digit, 4 refers to a specific error in the group of 40x.

The World Wide Web Consortium (W3C) states that 404 Not Found should be used in cases where the server fails to find the requested location and is unsure of its status. Whenever a page has been permanently removed, the status code used must be 410. But hardly have we seen a 410 page. Instead, 404 Not Found page has become popular and the most commonly used error page.

Content of a 404 Error Page

A 404 response code is always followed by a human readable reason phrase as per the HTTP specification. Generally, a web server issues an HTML page that has the 404 code and the “Not Found” phrase by default. You can configure a web server to display a branded page with a better description and a search form. But the protocol level phrase requires no customization as it is hidden from the user.

Soft 404s

Soft 404 errors are actually “Not Found” errors returned by a web server as a standard web page with a 200 Ok response code. In an automated process of discovering a broken link, the soft 404 errors are problematic.

The BT Group of UK has a clean feed content blocking system that returns a 404 error to the requests for content identified as illegal by the Internet Watch Foundation. Even when the user tries to access the Government censored websites, a fake 404 error will be returned.

404 Error Percentages

A sample web trends’ summary report by ARCHIVI shows the client error details for 404 Page.

Client Errors

Error

Hits

% of Failed Hits

000 Incomplete / Undefined

29,164

69.62%

404 Page or File Not Found

12,651

30.2%

400 Bad Request

57

0.13%

18745 Incomplete / Undefined

5

0.01%

18747 Incomplete / Undefined

4

0%

401 Unauthorized Access

4

0%

Total

41,885

100%

Although the web statistics generally vary from month to month, based on the strategy used to eliminate 404 errors, and how active the website is, the percentage of 404 errors varies. Most active websites that have frequently changed or added content generally experience a higher number of Page Not Found errors. But there are many large and busy sites that achieve zero percent 404 errors over a period. On an average, around 7% of visits to any given web site will result in a 404 error page.

Tracking and Preventing 404 Errors

  • Log Files – Web Server log files help in tracking the 404 errors. These standard log files are just ASCII text files that have each HTTP protocol transaction, whether completed or not, recorded in them. Most of the HTTP errors are recorded in the transfer log and the error log files. If you have access to the log files of your website, you can observe the HTTP status code field. This field gives you an idea about the occurrence of 404 errors, their frequencies, consistencies, and also the referred document that led to the errors. Also find out the existence of any broken link on your site and the misspelled URL that led to the error. When you know all these information, you can easily correct the link and prevent 404 errors on your website.
  • Redirects – If you find a page that is consistently getting a 404 error, you can create a redirect page using the .htaccess file that automatically takes the users from an older page to its newer replacement. You can use Permanent and Temporary Redirects to “catch” old referrals from other sites and send the visitors to their intended information.
  • Robots File – If you have a section of your site with pages that are frequently changed, you can block the search engines from indexing them in their databases using robots.txt file so that you can prevent 404 errors.

Using Log Files

A sample line from a common transfer log file is given below.

Address or DNS revacsystems.com
RFC931
AuthUser
TimeStamp [18/June/2008:12:13:03 -0700]
Access Request GET /download/windows/happiness.zip HTTP/1.0
Status Code 200
Transfer Volume 9887
Referer URL http://www.payoneer.com/
User Agent Mozilla/4.7 [en]C-SYMPA (Win95; U)
  •  Address or DNS – This field refers to the address of the computer making the HTTP request.
  • RFC931 – This field identifies the requestor. If no information is available, you’ll find the symbol – for this column in the log file.
  • AuthUser – This field has the authenticated user sent via clear text.
  • TimeStamp – This field has the date, time, and offset from Greenwich Mean Time (GMT x 100) recorded for each hit. You can even compare the time stamps between entries so that you’ll know how long a visitor stayed on a given page.
  • Access Request – This field has one of the three types of HTTP requests. Get request is for a document or program. POST is to tell the server that the data is following. HEAD is for use by the link checking programs.
  • Status Code – This field has the status code of 200 meaning that the transaction was successful. If the requested URL doesn’t exist, then you would have noticed the 404 code in the log.
  • Transfer Volume – This field shows the number of bytes transferred.
  • Referer URL – This field refers to the page where the visitor was located when making the next request.
  • User Agent – This field refers to the information such as the browser, version, and operating system of the reader.

Using Redirects

Redirects are very useful when used in conjunction with a 404 error page. To redirect a page, simply follow the steps given below.

1. Create a file “notfound404.htm” with a message such as:

Using Redirects

Redirects are very useful when used in conjunction with a 404 error page. To redirect a page, simply follow the steps given below.

1. Create a file “notfound404.htm” with a message such as:

“Sorry, this page was not found. In a few seconds, you will be redirected to the Home page.”

2. Allow 5 seconds for reading the message and then redirect.

3. A sample redirect code is:

Note: The value for CONTENT specifies the number of seconds you allow the user to read the message before redirecting.

 Using robots.txt File

Robots.txt file is useful when there are frequently changing sections on your webpage. To use a robots.txt file, simply follow the steps given below.

1. Create a file “robots.txt” in the root directory.

2. A sample robots.txt code is:

Note: User-agent: * will apply to all search engines. Disallow command helps you to block complete directories or only the individual files that change.

Laptop screen replacement can be a tricky thing to master and repair companies take total advantage of this fact by charging out of the world prices to do it. The following post has also be made into a handy PDF for you to print and have next to you when you replace your screen.PDF Download> Screen Replacement Instructions

Remember, take your time and place all the screws from each step in their own pile.

Screen Replacement Instructions

Generally, replacing your notebook display is rather simple. These steps cover the process of removing the screen; once removed, follow the same steps in reverse to install your brand-new display.

Preparation: Before doing any type of repair on your notebook, YOU MUST turn the laptop off, unplug its power source and remove the battery. If you don’t you might cause more damage to your laptop than has already occurred.

You will also need these tools:

  • 1 small screw driver (Phillips head)
  • 1 sharp object (like a razor)
  • Step 1: Bezel Screws & Covers

 

 

 

Most notebooks have plastic or rubber screw covers. Remove the screw covers with a sharp object. Remove the screws beneath the screw covers.

  • Step 2: Remove Plastic Bezel

 

 

 

Use your fingers to get between the plastic bezel and the display. Start with one corner or side, and gently work around the perimeter of the display. If at any point the bezel won’t budge, inspect carefully for hidden screws.

  • Diagram 1: What It Looks Like

 

 

 

This is what your notebook looks like with the bezel removed. The display, inverter and possibly more screws are now visible.

  • Step 3: Back Bezel Screws

 

 

 

If you notebooks has screws securing the display to the rear shell, remove them. Then you can move on to the brackets holding the screen in place.

  • (another angle)

 

 

 

While removing your display, be careful to keep the screws in a safe place, and to note which screws go where.

  • Step 4: Framing Brackets

 

 

 

The next step is to remove the screws from the brackets that hold the display in place. There should be at least two on each side of the display.

  • (another angle)

 

 

 

Once the display is free of the framing brackets, you can usually then lay it flat onto the laptop keyboard.

  • Diagram 2: What It Looks Like

 

 

 

This image shows the notebook free from the back bezel and the brackets. Now the video cable and the inverter are both visible.

  • Step 5: Video / Data Cable

 

 

 

Next, remove the video cable from the back of the display. Remove any tape that may be securing the video cable in place. There may also be tape toward the bottom of the display holding the video cable in place.

  • Step 6: Inverter

 

 

 

Next, remove the inverter plug from the inverter board. The inverter plug simply pulls out from the inverter board. Some may require that you use needle-nose pliers to remove the plug. This will free the display from the notebook.

  • Diagram 3: What It Looks Like

 

 

 

This image shows the display completely removed from the notebook. You can see the inverter and video cable are disconnected from the display. Now you can begin installing the new display. Follow these directions in reverse to properly install the new display.

Ordering Tip: Save time & money by ordering with the display-maker’s part number.

It’s actually a very good idea to remove the notebook display before you order the new one, so that you can find the part number from the notebook-display factory.

You can find displays online by searching for the notebook, and you can find them by searching for the part number added by the notebook maker (i.e. the HP or Sony part number), but to be sure you get the exact same screen, it’s best to use the part number from the display manufacturer, not the notebook manufacturer.

As you may see, in this case the screen manufacturer is Samsung, and the part number is LTN141X8-L04. By finding and ordering by this kind of part number, you can often save time, save money, and avoid receiving the wrong screen by mistake.