Tuesday 31 December 2013

Basic tips on hacking challenges in websites

These are the very basic tips to solve challenges and a beginner knowledge in hacking
"Google is the biggest teacher for any Security Researcher or Enthusiast".
Websites :
1.hackthissite.org
2.securityoverride.org
3.enigmagroup.org
4.wechall.net
5.dareyourmind.net
6.canyouhack.it
7.thisislegal.com
8.newbiecontest.org

Web hacking :
Tip 1 : Look for web source page by right click -> View Page Source.
Tip 2 : Use Inspect element wisely to change the data.(Right click -> Inspect Element).
Tip 3 : URL location helps you to know the directories and for SQL injection problems.
Tip 4 : Use "Tamper Data" and "Add n Edit Cookie" plugins in firefox for tampering and cookie editing         challenges.
Tip 5 : Use "No script" plugin to disable javascript  and view page source is the biggest source for javascript challenges.

Cryptography Challenges :
Best tool : Crypt tool.
Link : cryptool-online.org

You can use online version of crypt tool in the website.

Basic ciphers :
1. Base64 Decoder => base64decode.org
2.Hashes
  a. LM , NTML Hash cracker => onlinehashcrack.com
  b.md5 hash cracker => md5online.org/
  c. sha1 hash cracker => crackstation.net/
3.Caeser (ROT 13,ROT 47,Shift Caeser) cracking => online-calculators.appspot.com/caesar/
4.Morse Code (Google around a bit there is a lot of online tools).
5.Vigenere,RSA is all good in Crypt tool so i suggest to download the tool.



Stegonography Challenges :

Tools : Adobe photoshop or GIMP,Paint,Notepad++,Winrar.

Tip 1 : JPG images renaming to rar and getting the file is the simplest and basic of all.
           copy /b temp.jpg + temp.rar temp.jpg => wat does this do is copy a rar merge it with a jpg image.
           basic challenge in stegonography.
Tip 2 : Opening image in notepad ++ would reveal the answers.
Tip 3 : Brightness,Contrast modification can be the answers for few challenges.
Tip 4 : Outguess,Stegdetect are few tools that may come in handy.

Crack me's or Reverse engineering challenges :

Tools : Linux Os,GDB,Olly dbg,IDA Pro.

Tip 1 : Strings command is the first thing every reverser looks for.
Tip 2 : Modifying jumps and NOP ing would help.
Tip 3 : Stack contents,Registers all will help.

Forensics :
Tools : Wireshark,Notepad++,Binwalk,Volatility

Tip 1 : File command in linux helps to find the type of file and accordingly tools can be used.
Tip 2 : Properties of file,Details about file,file signature all helps.
Tip 3 : Memory dumps use Volatility tool to get in and out of it.

7 comments:

  1. very good !!!!

    ReplyDelete
  2. i want to know the user name and password of this 104.225.8.239 server. can you hack this private server(sorry for my bad english)

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
  4. What exactly should I begin with?And, do you have a github?Thanks

    ReplyDelete

  5. Email:CYBERFILES.HACKER@GMAIL.COM

    REACH US THROUGH THE EMAIL ABOVE, FOR SPYING AND HACKING PHONES, COMPUTER, EMAIL, FACEBOOK, WHATSAPP AND OTHER SOCIAL NETWORK ACCOUNTS, CANCEL PHONE TAPPING, CHANGE YOUR GRADES OR BOOST YOUR CREDIT SCORE.
    OUR SERVICES ARE THE BEST ON THE MARKET AND 100% SECURE AND GUARANTEED.

    ReplyDelete
  6. Thank you, Sir, for taking the time to share the knowledge. Here is a website, I would like to suggest url-decode.com/ . Actually, that website contains the tools related to decoding and encoding (URL, base64), number utilities, unit converter, developers, string utilities, converter, and IP tools under one domain. So, it will definitely help you out in solving the challenges.

    ReplyDelete
  7. Thanks for the good writeup. It if truth be told used to be a amusement account it. Glance advanced to more brought agreeable from you! However, how can we keep in touch?

    ReplyDelete

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.