What is a Cookie

Well I have posted lots of articles on Phishing and keylogging, but today I would like to throw some light on a very useful method which hackers use to hack gmail, facebook and other email accounts i.e. Stealing.  One of the reasons why I am writing this article as there are lots of newbies having lots of misconceptions related to cookie stealing and session hijacking, So I hope this tutorial cover all those misconception and if not all most of them.

What is a Cookie?

A cookie is a piece of code which is used to authenticate a user on a website, In other words when ever you login to a website such as Facebook, Gmail, Orkut etc your browser assigns you a cookie which basically tells the browser that for how long the user should be logged it, Apart of authentication purpose a cookie can be used for variety of different purposes, If you would like to know more about cookie stealing kindly google it up.

What is a Session Token?

After an authentication is completed , A webserver hands the browser a session token which is used because a webserver needs a way to recognize between different connections, If a hacker could capture your session token then it's a cakewalk for the hacker to hack into your gmail, facebook or any other account.

What is a Session Hijacking Attack?

A session hijacking attack is basically an act of capturing session token and injecting it into your own browser to gain acess to victims account.

What is a Cookie Stealer?

A cookie stealer is basically a script used to steal victims authentication cookies, Now for a cookie stealing process to work the website or the webpage should be vulnerable to an XSS attack, This is the most common and widely known misconception among newbies.

How the stealing process work?

1. The attacker creates a PHP script and uploades it to a webhosting site.

2. The attacker then asks the victim to visit that particular link containing the PHP code.

3. Once the victim visits it his/her authentication cookie is saved in a .txt file.

4. Next the attacker uses a cookieinjector or a cookie editor, There are lots of firefox addons, google chrome extensions to do the work for you. Personally I use Cookie manager v1.5.1 as it's quite user friendly.

You can also use the webdeveloper toolbar to do the work for you.

5. The attacker replaces his own cookies with the victims cookies as a result of which the victims session is hijacking

Why it does not work on a website which is not vulnerable to XSS?

It's due to the browser's same origin policy, and according to it the browsers don't allow the javascripts to acess the cookies.

Gmail GX Cookie

By now I believe that I might have cleared lots of misconceptions related to cookie stealing, but all of those information is only good for you if you try to do it practically,  So let's get to the main topic.

In gmail the cookie which authenticates users is called a GX cookie, Now as we cannot use a cookie stealer as by now we don't know any XSS vulnerability in gmail, So if you are on a LAN  you can use wireshark or any other packet sniffer to steal gmail Unsecured GX cookie and use it to gain acess.

Will this hack always work?

Well this trick won't work on all Gmail accounts and as Gmail now offers End to End https:// encryption, Which encrypts the session token so even if we could get our hands on the GX cookie it's useless, but if a user has turned off the End to End https:// encryption in gmail it can work for sure.

I hope you have liked the post uptill now, I will cover the method to steal gmail gx cookies and using it to hack gmail accounts in the next post, So stay tuned !.

Apple Store Down, Hacked?

Well, currently apple store is down in lots of countries, A rumor is currently floating that if it's hacked or a victim of a Dddos attack, which makes people think if the hackivists group anonymous might be behind this attack, Usually when ever apple store is down, apple arrives with a new product launch, however if this is the case and apple is planning for a new product launch, the apple store should have been down in all other countries.

According to a ping test which I ran on apple store, apple store down in few countries where as it's acessible in e coutries, which leaves a possibility for a DDOS attack. Here is the screenshot of apple's app store as you can see it's down and inaccessible.

Here is the screenshot of the just-ping scan which shows that it's apple's store is down in lots countries, with packetloss over 40% is some countries.

I will update you, as soon as I get more information on apple store's status.



Android Is The Number 1 Target Of Hackers

If you are an android users, you could be or might be the next victim of hackers, According to a report by Mcafee, Google android has became the number 1 target of hackers, The Mcafee report also says that the recent attacks from hacktivists Anonymous and Lulzsec security helped in driving a massive increase in Online attacks.
According to the threat report the reason why google android is the number 1 target, is because google is not monitoring the active distribution of mobile apps. As a result of which android users are being the victim of massive malware attacks.

What kind of Malware is being distributed?

According to Mcafee report, the android malware takes over the identity of android user, hence causing an identity theft attack, Once the malware has been installed, the hacker has complete access to any kind of information including personal data, GPS logs and carrier and billing code information.

According to Dave Marcus the Director Of Mcafee Security Labs:
“There is malware ending up on Android phones that is coming out of China and is being used to steal the identity of Android users, Once hackers take control of an Android device, they have access to any kind of information on there including personal data, GPS logs and carrier and billing code information.”
According to me the reason why android is being targeted the most is because most android users do not bother to use any antivirus at all, or if they use it, they do not update it all. As a reason of which it becomes fairly easy for hackers to promote and distribute malware, I don't think that there are any zero days being used, A simple trojan is being used with a little bit code obfuscation to bypass the antiviruses.
How Can I protect My Self From Android Malware?
It's simple install a good antivirus and update it regularly, New malware come up every day, so you should make sure that your antivirus is updated, Plus avoid downloading any untrusted mobile apps which you are not sure about. It would be nice if you could do a little research on the google before installing any google app.
You can download the Mcafee report by clicking here

Learn Website Hacking And Security With DVWA Tools

Lots of readers often ask me How can I be good at website hacking and web application security, The thing is that even if you have an idea of how some popular website application attack work but still you need a safe environment to practice what you have learned because you are not allowed to access any website even for testing purposes unless and until you are not authorized to do that, This is where Damn vulnerable web app(DVWA) comes into play
Basically Damn vulnerable web app(DVWA) PHP/MySQL web app which is Damn vulnerable, DVWA web app allows you to learn and practice web application attacks in a safe environment, It's latest version is DVWA 1.7.

Web Hacking and Security related articles on RHA
Flood a website with denial of service attack
Common methods to hack a website
Website Hacking with Directory Transversal attacks
Vulnerabilities

SQL Injection
XSS (Cross Site Scripting)
LFI (Local File Inclusion)
RFI (Remote File Inclusion)
Command Execution
Upload Script
Login Brute Force
Blind SQL Injection
And much more.

Official warning

It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.

Installation Guide

You can download DVWA 1.0.4 here, below I am posting a video which will tell you step by step how to install DVWA tools on your computer and practice website Hacking

How To Protect Your Webserver From Getting Hacked?

It has been a while since I haven't posted on RHA, that's because I was extremely busy with my university stuff and had absolutely no time for blogging, However today I finally managed to get some time for posting on RHA, In my previous article related to webserver security section I told you some ways which hackers can use to compromise your webserver, However in this article I will tell you how to protect your webserver from getting hacked or being compromised.

Well there are variety of methods you can implement to protect your webserver, but  I will not be covering all of those method because it will take alot of time explaining the concepts.

WebApplication Security
Most of the webservers get compromised due to the vulnerability in their webapplication, some of the most common existing webapplication vulnerabilities are SQL Injection, Cross site scripting, Local file inclusion etc, These vulnerabilities usually due to improper or poor coding of web applications.
How do I find if these types of vulnerabilities really exist in my webapplications?
Well unless you are a penetration tester or have proper information related to these types of vulnerabilities, it is really difficult for you to find these types of vulnerabilities, A better option is to use a vulnerability scanner like Nessus or Acunetix.
Read More About finding a vulnerability in your website - How To Find A Vulnerable Website?
SSL(Secure Socket Layer)
SSL is not really necessary until you are running an ecommerce website or a website where you want the communication to be secure, If you are wondering what is SSL(Secure Socket Layer), Kindly read my article on What is SSL(Secure Socket Layer)
Password Cracking Attacks
As I told you in my previous article that some of the popular password cracking methods include:
1. Brute Force Attacks
2. Dictionary Attacks
3. Rainbow Tables
Here is a simple tip on how you can avoid these types of attacks - Keep Strong passwords, Now what do I mean by a strong password, read my post on How to create a strong password
Use Of Firewalls

Firewalls are usually designed from stopping attackers from evading a website, A firewall is basically a gateway used to allow or deny access, but are firewalls enough to protect your webserver?
The answer is "no", The administrator need to open ports like 80, 21, 25 etc to allow the firewall to give the users access to services like website, email, ftp etc, which leaves these services vulnerable to attackers.
What if some one sends a virus attached with an email through a mail server behind a firewall, The firewall will not be able to block these types of attacks, Hopefully I will explain this stuff related to firewall security in my upcoming articles.

Update Your Webserver Regularly
Vulnerabilities are created and pathed every day, so you need to make sure that you update your webserver and install latest patches and fixes.
Intrusion Detection System

An intrusion detection system (IDS) is used to monitor the entire network, it detects intruders; that is, unexpected, unwanted or unauthorized people or programs on network, If you want to know more about Intrusion detection system kindly read the following post, It will give you a better understanding of IDS
An Overview Of Intrusion Detection System
Certainly these methods aren't enough too for a total security, however I will continue the series of articles related to webserver security, Moreover I have also finished writing my newset book "An Introduction To Keyloggers, RATS And Malware" which I will be releasing very soon and the best part is that it will be free for all.