Tag Archives: Computer Addicted

एनआईसी एसिया (N.I.C. Asia) बैंकको ‘स्विफ्ट ह्याक’ – करिब ४५ करोड रुपैयाँ चोरी भएको


HACKED ? OR INSIDER ATTACK ?

Cyber Criminals hacked into the SWIFT System of NIC Asia Bank & Grabbed around 45 Crores !

ad : PHOTOSHOP TUTORIALS IN NEPALI LANGUAGE, HERE IN YOUTUBE.  

The Society for Worldwide Interbank Financial Telecommunication (SWIFT)provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment. It is also said that more than 90 percent fund transfer in the world take place by SWIFT.

Back to topic : According to latest update, 3 or 4 crore baayek aru sabai firta lyaaune process cha rey bank ko. (Tyo 3 or 4 crore chai saayed katai dekhiyeko chaina hola)

Still to follow exact update. Stay tuned.

WHAT DO YOU THINK ? DROP YOUR THOUGHTS IN COMMENT.

VIDEO REPORT BY AP1 HERE : https://www.facebook.com/ap1tv/videos/1511277252295305/

 

TOP 5 ONLINE EDUCATION WEBSITE | 2017


I’ve learned a lot from these sites. There are more other sites which is providing best online education. If you’ve best one, then please mention in comment. Since this video was about top 5, so I picked my personal favorite.

Undetected For Years, Stantinko Malware Infected Half a Million Systems


A massive botnet that remained under the radar for the past five years managed to infect around half a million computers and allows operators to “execute anything on the infected host,” ESET researchers warn.

Dubbed Stantinko, the botnet has powered a massive adware campaign active since 2012, mainly targeting Russia and Ukraine, but remained hidden courtesy of code encryption and the ability to rapidly adapt to avoid detection by anti-malware solutions.

Targeting users looking for pirated software, the actors behind the malware use an app called FileTour as the initial infection vector. The program installs a variety of programs on the victim’s machine, while also launching Stantinko in the background.

The massive botnet is used mainly to install browser extensions that in turn perform ad injections and click fraud, but malicious Windows services are used to execute a broad range of operations: backdoor activities, searches on Google, and brute-force attacks on Joomla and WordPress administrator panels, ESET reveals.

Full Story > http://www.securityweek.com/undetected-years-stantinko-malware-infected-half-million-systems

Nepal’s register.mos.com.np hacked by PakMonster


hacked_site

Found this in there facebook post.

Nepalian Domain Registrar Pwn3d
Hacked by Pak Monster
Team:; Pak Cyber Thunders
http://register.mos.com.np/

Mirrors:-
https://defacer-db.com/mirror/id/18523
https://defacer.id/archive/mirror/441473
http://mirror-h.org/browse/863480/

The hacked website acts as an official registration site for .np ccTLD domains in Nepal. Mercantile has been providing free of cost booking, renewal, DNS pointing, DNS transfer etc. for .np domains through this website.

Learn Ethical Hacking in Nepali Language here :  Student Video Tutorial in Youtube

MilkyDoor malware turns Androids into backdoors to attack enterprise networks


Routines and techniques build on those of the malware’s predecessor, DressCode.

A new Android malware family is able to blend in with normal network traffic and avoid detection by encrypting its payloads, in order to access internal networks.

The backdoor, known as MilkyDoor, has so far affected 200 unique Android apps available on the official Google Play Store. Some of those apps boast between 500,000 and one million installs. 

Hundreds of other programs, including books for children and doodle applications, have also suffered infections by MilkyDoor. It appears criminals seized most if not all of these apps, repackaged them with malware, and uploaded them to the Play Store. No doubt they thought these modified versions would still attract large numbers of downloads based upon the popularity of their parent programs.

MilkyDoor malware turns Androids into backdoors to attack enterprise networks

Src & more :https://www.grahamcluley.com/milkydoor-malware-turns-androids-backdoors-attack-enterprise-networks/

Password Cracking. pt 1 – using ‘Hashcat’ (step-by-step guide)


How to crack passwords using Hashcat ?

In this part of Password Cracking Series, I’ll show you built in tool in kali linux for password cracking, i.e. Hashcat.

note : If you face problem during this lab, then at the bottom of step-by-step guide, you will find Video Tutorial (walk-through) of this lab. You can refer that video too.

Let’s get started.

Start kali and open Hashcat.

> go to application and password attacks (offline) and then click hashcat. As shown in image below.

1 locate.JPG

In top of screen you will see usage. Note that carefully. As shown in image below.

2 usage.JPG

Before cracking, we need to what kind of hashing the system is using. type as shown in fig below.

more /etc/login.defs

3 know.JPG

Now, notice in between 80-90%, kali is using sha512 encryption. Refer img below.

4 enc type.JPG

Now, copy that hash to separate file. Refer img below.

cp /etc/shadow copiedhash.lst

5 copy hash.JPG

Make sure of it. Refer 2 images below.

more copiedhash.lst

6 make sure.JPG

6a making sure.JPG

Now, open copiedhash.lst in your editor. I used leafpad. And remove username, in my case it is ‘root’ (notice in above image) and also remove following colon. Then go to last of that line and remove all colon. And image below shows you what we got after that.

7 deleting.JPG

Finally, lets start cracking password of that hash. Type following or refer img.

hashcat -m 1800 -a 0 -o cracked.txt –remove copiedhash.lst /usr/share/sqlmap/txt/wordlist.txt

*note : in image you saw ‘hash.lst’ but in command you saw ‘copiedhash.lst’ . Do not worry, just replace this with what you’ve assigned.

8 cracking.JPG

9 final.JPG

10 toor.JPG Video Tutorial >

By : Bijay Acharya (Follow twitter : @acharya_bijay)

crack password using hashcat, hashcat tutorial, how to crack password, kali linux hashcat password crack, step by step guide on password cracking hashcat

Password Cracking. pt 1 – Hashcat [Only For Educational Purpose ]


This is new series, and here I’m going to post about Password Cracking. Starting with “hashcat”, I will show you different platform, OS and areas on carrying out Password Cracking.

As mentioned in topic, this is video series. But, in video you will get chance to see theory too. It’s a kind of Theory Walk-through via Video Demo on hashcat. In any confusion, please comment in comment section, I will reply as soon as possible.

[ in Nepali ] 45 Ways to Earn Money Online – Way 4 : Create Niche Websites


[ in Nepali ] 45 Ways to Earn Money Online – Way 4 : Create Niche Websites

how to earn money online, how to earn money from website in nepal, how to earn money online nepal, how to earn money passive money, how to earn money from google adsense, how to earn money online nepali tutorial, earn money from home, how to earn money online website, student video tutorial, bijay acharya, how to earn money from youtube in nepal

Ethical Hacking with Kali Linux [3] – Bypassing MAC Address Filter


BY : BIJAY ACHARYA http://bijayacharya.com/

Ethical Hacking with Kali Linux [3] – Bypassing MAC Address Filter

> > Welcome all, to this series of Kali Linux for Ethical Hacking. This is 3rd part, & I’ll explain process of bypassing MAC Address Filter on an AP (Access Point).

# 3 basic Process :

– Finding the AP : airmon-ng & airodump-ng

– Finding an associated client : airodump-ng

– Finally, using the Macchanger

# . . . Let’s Begin,

– Before start, make sure that you have eth0, lo, wlan0 are in action. (go to terminal, & run ifconfig)

– Let’s start to monitor on that wireless interface, run :

airmon-ng start wlan0

– After executing above command, we must get new interface mon0 (monitor mode enabled)

– Verify that both interfaces are up & running, run

airmon-ng

– Watch for wlan0 & mon0 , Run :

airodump-ng mon0

– For monitoring all the APs that Kali Linux OS can find out.

– In next step, you will get BSSID and ESSID, channel, cipher. If there is any hidden SSID, then ESSID will be format like this : <length: 0> or with no SSID. [We, saw in 2nd part, on how to uncover this hidden SSID]. But, here you can use any SSID with Open Encryption, or SSID with known password. We will use the MAC address, that was seen in part 2. i.e. 00:A1:B2:11:20:13:5T & channel ‘1’ (Assume, MAC address filter is done in this system & lets suppose it’s SSID is nhc-BJ)

– Now, we try to find out the Client & his MAC Associated with this AP (nhc-BJ). So, that we can use that MAC to bypass filter. Run;

airodump-ng -c 1 -a –bssid 00:A1:B2:11:20:13:5T mon0

(-c is for channel, channel is 1 for BSSID we are trying to connect, -a is for showing only the client associated with this BSSID)

– You will get MAC address with Station associated with that AP, and this is client’s station. (Lets assume Mac = 00:C1:52:11:20:13:7D)

– CTRL+C (press)

– Run ;

macchanger –help
(notice, -m for setting mac)

-Run ;

macchanger -m 00:C1:52:11:20:13:7D wlan0

(if Device or resource busy, then run following command)

airmon-ng stop wlan0

– Run ;

macchanger -m 00:C1:52:11:20:13:7D wlan0

(in success, you will see msg like ‘faked MAC’)

-Run ;

ifconfig wlan0 down

ifconfig wlan0 up

(now, lets see whether we can associate with SSID now or not, with this Faked MAC)

Run ;

iwconfig wlan0 essid nhc-BJ channel 1

(if not run in kali, run it in BackTrack. Or, see update version for kali)

iwconfig wlan0

(if success, Access Point will be associated)

“This series is only for educational purpose, practice this series lab in virtual/separate network, always avoid illegal activities, and if you can, then support us to fight against black hat hackers”

# Join our Facebook NHC group, to get most out of this series

http://www.facebook.com/groups/nepalesehackerscommunity

# Register in our NHC Forum Website

http://www.nhc.bijayacharya.com

# For, free video tutorial & minimum priced certificate, register my OCN (Online Course Nepal) here : http://www.ocn.bijayacharya.com(Remember, Videos are free to watch, you will pay only if you want certificate :), so that we can maintain this open source culture)

ATTACHMENTS
image005ab.png
image005ab.png (26.61 KiB) 

 

 

Encryption Is Not Enough !, Research & Conclusion (Part 1)


By : BIJAY ACHARYA
Hello World ! Well, welcome in my post. This will be in series, and this is first part. Throughout the series, I will share my research and findings with you. And that will be on topic, Encryption Is Not Enough. We will see, how Encryption is broken & what countermeasures should be implemented to secure it.

 

Image via traxarmstrong.com

Let’s begin, Why do we encrypt ?
-We encrypt, simply for privacy & secrecy
-We encrypt, in pro term : for Confidentiality & Integrity. Well, these are basics for encryption.