ALL AVAILABLE JavaScript Tricks

Today, I will list some very cool JavaScript hacks and tricks that you can use creatively or just have plain fun. To make each one of these codes work, all you have to do is copy and paste it into the address bar of your browser window and hit “Enter”. So here they are :-

Play the “Lord of the Web”

This code lets you edit any page/website in real-time . With Firefox, you can even edit and save the modified pages to your computer. Very nifty code!
javascript:document.body.contentEditable='true'; document.designMode='on'; void 0

What I have so far:

Code:

javascript: contentBodyEditable="true".DesginMode="message"

Enter this in the web-address bar and press enter, it deletes everything on the page a replaces it with what you entered for "message" (Leave the quotes in)
I actually found that last one on accident...While trying to remember this one:

Code:

javascript: document.body.contentEditable ='true'; document.designMode='on'; void 0

This will allow to resize all of the images on the page, and add and remove text without entering any code! - All credits of the finding of this code to GreenDiamond Worlds :: Forums.
Next.

Code:

javascript: alert('message here');

Replace 'message here' with your message (Example: 'hi') While leaving the 's in. This will make a pop-up message saying your message.
Next.

Code:

javascript: back();

OR

Code:

javascript: forward();

These take you forward or back one page.
Next.

Ok this is a long one, so just copy & paste, NO EDITING:

Code:

javascript: R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+"px"; DIS.top=(Math.cos(R*y1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',5); void(0);

Use this one to make all the pictures on the page fly around the screen! (Works on any page)

The Big Wheel

This piece of code pulls off all the images from your web page and rotates them in a circle. Really makes any page go naked (without its images). The best place to test is a website with many images. (Google Images for an example)
javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+"px"; DIS.top=(Math.cos(R*y1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',5); void(0);
If you look carefully in the above code, its rotating the HTML “img” tag. Just replace it with “a” or “p” and watch some links or text rotate instead of images.

Tremors

Your browser will be very afraid of this code If the code below doesn’t seem to work, please replace > with > and < with <
javascript:function flood(n) {if (self.moveBy) {for (i = 200; i > 0;i--){for (j = n; j > 0; j--) {self.moveBy(1,i); self.moveBy(i,0);self.moveBy(0,-i); self.moveBy(-i,0); } } }}flood(6);{ var inp = "D-X !msagro na dah tsuj resworb rouY"; var outp = ""; for (i = 0; i <= inp.length; i++) {outp =inp.charAt (i) + outp ; } alert(outp) ;}; reverse

The Calculator

In case you are not in a mood to use the standard windows calculator and want your browser to do the dirty job for you, use this code.
javascript: alert(34343+3434-222);
You can change the numbers according to your choice and also try creative complex equations. Just put your arithmetic into javascript: alert( );

Finding Spoof Websites

There are times when you are not sure that the website that you are visiting is authentic. Use this code whenever in doubt :-
javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");
And finally here is something that you can only get to hear if you ever worked in a Tech Support department

Read More

Mark Zuckerberg FB fan page hacked On 26/1/2011 (Shocked News)

 Yesterday

There are some clues left by the person who hacked Mark Zuckerberg's Facebook fan page on Wikipedia – but what do they add up to ? 

Who Will Trace the Guy ?

Facebook CEO Mark Zuckerberg Facebook chief Mark Zuckerberg's fan page was hacked.

Let's follow up some of the trail left in the Mark Zuckerberg Facebook fan page hacking incident.

The only – and best clue – is the link left by the hacker in the status update posted on Zuckerberg's wall, which reads "Let the hacking begin: if facebook needs money, instead of going to the banks, why doesn't Facebook let its user invest in Facebook in a social way? Why not transform Facebook into a 'social business' the way Nobel Price [sic] winner Muhammad Yunus described it? http://bit.ly/f26rT3 What do you think? #hackercup2011"

That contains a bit.ly link. Well, you can find out what the original URL is by adding a plus on the end, so: http://bit.ly/fs6rT3+ From which we can see that about 17,000 people clicked the link. Not bad (though we have to say that Julian Assange gets more clicks when he appears on the Guardian ... but we digress).

The original, shortened link was actually: http://en.wikipedia.org/wiki/Social_business?h=d044aeb71f4e466a552708fc6e3863ef&thanksforthecup=https://www.facebook.com/photo.php%3Fpid%3D393752%26id%3D133954286636768%26fbid%3D170535036312026

Let's begin with the second part of the long link – the part that starts "thanksforthecup": it's URL-encoded (so "%3D" actually stands for the character "=", "%26" for "&") and leads to a Facebook photo page for the Hacker Cup, a competition run by Facebook itself. So the hacker is saying he thinks he should get the cup. OK, we get it.

Now, back to the first part. If you just click the link, you'll be taken to Wikipedia's page about social business. But not the latest version – to a specific version in its edit history. That is, to http://en.wikipedia.org/wiki/Social_business?h=d044aeb71f4e466a552708fc6e3863ef – which is not the same, now, as http://en.wikipedia.org/wiki/Social_business. If you open them in two tabs, or just open the first in a tab and click on the "Article" link in the top left, you'll see it. Go back and forth a couple of times and you might spot the difference. Yes? No? Have a look at this difference page, then. (And look at how it was before that edit.)

Yup, the difference is the addition in the first sentence. Usually, that reads:

"A '''social business''' is a non-loss, non-dividend company designed to address a social objective"

. But in the edited (older) version that you get sent to, the phrase

" much like [http://www.romanstwelve.net www.romanstwelve.net]"

has been added. (The square brackets turn the text into a link going out to romanstwelve.net). And what does that site do? It offers "total web consulting" and is based in Pickerington, Ohio.

Crucially, as the picture shows, that edit was only on Wikipedia for two minutes on Tuesday 25 – between 19.17EST and 19.19EST – indicating that the hacker must have created the edit with the link and then deleted it straight afterwards, but kept the link to the version he had edited. Then he encoded the link for the photo and attached it to the Wikipedia link, and stuffed the whole lot into bit.ly. Then, having got the shortened link, he went and updated the status on the fan page. The timing of the change, and its reversion, indicates that this was the same person. You don't accidentally link to an old version of a page; you'd link to the generic version.

In other words, we might be able to find the hacker if we can find out who changed the Wikipedia page. Unfortunately, it wasn't done by a registered user. But because of Wikipedia's clever tracking system, you can see the IP of non-registered users: there it is at the top of the edit page in the screenshot: 131.74.110.168. You can also see what articles machines at that IP address have edited – a very mixed bag–- and also how edits from that IP have been increasingly smacked down by Wikipedia editors (latest on that page coming from October 2009: "Please stop your disruptive editing. If you continue to vandalise Wikipedia, as you did at Lyoto Machida, you will be blocked from editing."

So who's behind 131.74.110.168? A quick whois query tells you that it... the US department of defence in Williamsburg.

In other words: this might be someone in the military. Most likely those edits don't come from one person – they come from all sorts of people in the Williamsburg location. Or, just as possible, it was someone who had hacked into the computers there from outside (not as difficult as you'd hope it would be) and is using them as a proxy to make the Wikipedia edit, and, quite possibly, hack Zuckerberg's page. (We've asked Facebook whether Zuckerberg's page was accessed from that IP, but haven't had an answer yet.)

That's about all the clues we have: a US DOD IP, a transient Wikipedia page, and a link to a web consulting business. We asked Jeremy Reger, of Romanstwelve, if he was involved with or knew who was behind the hacking. His answer is an emphatic no: "Hackers don't link to pages who then link to pages. I do not have any idea who did the hack." He added: "I'm sure Facebook would confirm that the IP [address] in the wiki history in not the same IP that "hacked" the fan page."

Read More

"HIJACKING SERVERS" How to transfer Zones From ur System

Hey Niggas ,Welcom3  to our school, Today in this Section am gonnna Teach u all, How to Copy the File from DNS  Or  Zones  Data From ur Computer, And Niggas  Before I start this Topic Lemme Tell u , This Works Only if the Server  Is  MisConfigured(By Disabling Automaticaly Notify)..Coz  Windows 2000 as a Defaut  Set as Disable..!! So y don u try out.>!! Evn Still the Syatem may use Windows 2000 Server..If u ask me..Most Corp Are prefer to Use 2000 Over Windows 2008..

ZONE TRANSFER:  

                       Zone Transfer is a mechanism, Tat is used By the web server to update each other  ServERS,by transferring the contents to their  Database   (Whereever in tha Planet).

There are two types of servers Primary and Secondary Servers, Primary Server is The Main(Authoritive Server) , Secondary Server is tha (Non –Authoritive Servers)

Name Server is nothing but ,  See If there is Google, They might have 10 or 15 locations, To Identify the location of each server,Name Server was Formed..Purinjitha no…!!

If a google in US ,Illonis(I love this place Persnaolly ,Coz  Actor Surya Missed Her LoverHere only)m8 have name server like this    :

US:    ert1s.google.com

India:   machi:google.com

Uk:  per4t.google.com

Got it..Primary is the Main Server, all tha secondary are Cache Server also called as Back Up Servers. 

Entering  “nslookup”  in the cmd will give the following results:

DNS Movves tha Information from one site to another called Zoned Transfers Port num 53: Ok

And More Port Numbers For ur eye, You need to Memorize this For God Sake if u wannna be a good Security professional..

Briefings of tha 2^nd Command prompt image:

There are tha 4 steps involved in Zone transfer Process:

Ha ha ha…Very Firstly

1.    The Secondary Server, Sends SOA(Start of authority) record to the Primary Server

2.    Primary Server Checks, whether the Secondary Server SOA Is authorized(SOA Has Unique Nembers,Differs from Server to server in Diff locations)

3.    If an update is need for the Secondary server, It will send (AXFR) All Zone Transfer , To Tha Primary Server

4.    In Follow up response to the Secon, Primary will send the Updated Files to the Req Zones

DNS Records and types:

A   --> Host  (Maps an Domain Name to IP)

PTR- -> Pointer (Maps an IP To domain name)

NS- -> Name server(Which I said Earlier)

SOA - -> Start of authority(I Hope u Kno)

SRV- ->Service Locator(Used to Map tha Network)

MXà Mail((Usd to Identify the SMTP Services)

SOA record  Has TTL(Time to live) For the Session (Zone transfers).

Yeap..Open Up tha Command Prompt:

#nslookup  - Enter it on cmd n wait.

##Server <IP Address>  - Enter it(I Hop u kno to obtain The Server IP,If kno Drop Comments,ADD ONS avail fr Firefox)

###set type = any (Tells Ns lookup To Query fr all record,If u want something particular,Refer abov Commands WE Discussed)

#### ls –d <domain name> = www.defendhacker.blogspot.com (Trust me u cant play Around wit Blogs) Asssuming u are targetin to transfer tha zone.

Either u will get eerrors Or ll See Zone transfers.

Here We perform Now

C:\user\h4ckfeak> nslookup

Default server: hi43/defendhackers.blogspot.com

Address: 193.445.345.344

Server 123.343.545.54(You are typing in after obtain tha server Addr)

Set type=any

ls –d defendhackers.blogspot.com

defendhackers.blogspot.com         SOA  host.defendhackes.com(12 23 123    0000)                 

defendhackers.blogspot.com        NS       auth.34.bc.net

defendhackers.blogspot.com        NS       auth.34.bc.net

defendhackers.blogspot.com         A        12.43.55.56

defendhackers.blogspot.com        MX       chennaismtp1.defnd..rs.com

defendhackers.blogspot.com        MX       chennaismtp2.defnd..rs.com

defendhackers.blogspot.com        MX        chennaismtp1.defnd..rs.com

defendhackers.blogspot.com        A            123.334.545.66

defendhackers.blogspot.com        A            123.334.545.67

defendhackers.blogspot.com        A            123.334.545.68

defendhackers.blogspot.com        A            123.334.545.69

This Would Help u understand Better

There is a tool name called DIG Which Can provide These type Of Information to the Hackers, To Hack into the Servers This is the Intial Stage, Launchin tha Attack

##### Always one have to Ensure that the DNS Has Secured Properly. Periodic Check is Good Like Checkin ur fuel in Car, And Ensure its Security..But the Fuckin Thing is..The Secodary Servers Always Zone Transfers..And its  about security of each compny Maintain

For Full Understandin Do Watch This Video,.Would Help u a lot..

I hope u ll understood..Talk to me  @ Comments Section..! Will  Back with another Stuff

Lat3r

Read More

BILL GATES,, STEVE JOBS...Documentary Movie 7/10 IMDB

I hope u all Watched "The Social  Network"  Movies...And in a 1 and Half Hours Travelled in a Dream Of Mark Zuckerberg,Here is thaa Documentary About BILL GATES AND STEVE JOBS....!!

GODDAMN...!!! I LOVE THIS MOVIE..!!!!

I watched it More than 50 times\



Genres: Biography / Comedy / Drama
Plot Outline: History of Apple and Microsoft.
Plot Synopsis: This film is the semi-humorous documentary about the men who made the world of technology what it is today, their struggles during college, the founding of their companies, and the ingenious actions they took to build up the global corporate empires of Apple Computer Corporation and Microsoft Inc.

 

For More Movie Reivews..Guys Step in to IMDB

Code:

http://www.us.imdb.com/title/tt0168122/

Format               : Matroska
File size            : 300 MiB
PlayTime             : 1h 36mn
Bit rate             : 434 Kbps
Encoded date         : UTC 2009-05-30 16:13:09
Writing application  : mkvmerge v2.7.0 ('Do It Again') built on Apr 15 2009 00:27:10
Writing library      : libebml v0.7.7 + libmatroska v0.8.1

Video #0
Codec                : MPEG-4 AVC
Codec/Info           : MPEG4 ISO advanced profile
PlayTime             : 1h 36mn
Width                : 576 pixels
Height               : 320 pixels
Aspect ratio         : 16/9
Frame rate           : 23.976 fps

Audio #0
Codec                : A_AAC
Channel(s)           : 2 channels
Sampling rate        : 24 KHz

Click this bar to view the original image of 640x480px.

Click this bar to view the original image of 640x480px.

Click this bar to view the original image of 640x480px.

Hotfile:

Code:

http://hotfile.com/dl/78814326/7a40639/Pirates.Of.Silicon.Valley.1999.chiaotzu.part1.rar
http://hotfile.com/dl/78898623/89660c6/Pirates.Of.Silicon.Valley.1999.chiaotzu.part2.rar

Fileserve:

Code:

http://www.fileserve.com/file/QKcgKMA/Pirates.Of.Silicon.Valley.1999.chiaotzu.part1.rar
http://www.fileserve.com/file/Eq99gzH/Pirates.Of.Silicon.Valley.1999.chiaotzu.part2.rar

Filesonic:

Code:

http://www.filesonic.com/file/27850737/Pirates.Of.Silicon.Valley.1999.chiaotzu.part1.rar
http://www.filesonic.com/file/27849677/Pirates.Of.Silicon.Valley.1999.chiaotzu.part2.rar

Oron:

Code:

http://oron.com/v91ymin0ic97/Pirates.Of.Silicon.Valley.1999.chiaotzu.part1.rar
http://oron.com/1gy0nx2powti/Pirates.Of.Silicon.Valley.1999.chiaotzu.part2.rar

Rapidshare:

Code:

http://rapidshare.com/files/427550588/Pirates.Of.Silicon.Valley.1999.chiaotzu.part1.rar
http://rapidshare.com/files/427548027/Pirates.Of.Silicon.Valley.1999.chiaotzu.part2.rar

ALL LINKS ARE INTERCHANGEABLE


*** Took 356 Minutes to Upload ***
*** Took 3 Minutes to Scan ***
*** Took 9 Minutes to Create Topic/Screens ***
*** Takes 6 Seconds to say "Thank You", or 4 seconds to say "Whoooo"***




So Leave Comments For h4ckfreak abo tha Posts

Read More

How DNS Works..In a NOOB Lang

 

In This am Going to Tell the indepth Workin Procedure  About how DNS  Works.....The internet uses DNS (Domain Name System) records to translate host names (e.g. www.defendhackers.blogspot.com) into IP addresses (in this case 66.45.245.34) and in some cases vice versa too. When you type the DNS of a website into your browser (which I would hope is Firefox or Opera, and not IE) it begins looking up the host. To do this, it sends a packet of data to one of 13 pre-programmed root nameservers. Surprisingly, there are only 13 root nameservers in the world! Some are government operated (e.g. NASA, DISA) and some are run by large companies such as VeriSign and Cogent. Just in case you think "oh, that seems easy to attack", it's not - they run load distribution systems that can repel more than a 5TB/s DDoS with little more than a slight slowdown in service. The purpose of these name servers is to tell clients (e.g. your web browser) where the name server is for the host you are requesting, so that it can go ask that server for more information. These requests are made using UDP (User Datagram Protocol) port 53. Sometimes this process is recursive, propogating down multiple levels of DNS servers before you get an authoratitive response. Here's an example:

1) Your web browser asks a root nameserver about www.defendhackersblogspot.com
2) It replies: The nameserver ns34.cogent.net has that information.
3) Your web browser asks ns34.cogent.net about www.defendhackersblogspot.com
4) It replies: The nameserver ns1.tucows.com has that information.
5) Your web browser asks ns1.tucows.com about www.defendhackersblogspot.com
6) It replies: The nameserver ns1.afraid.org has that information.
7) Your web browser asks ns1.afraid.org about www.defendhackersblogspot.com
8) It replies: The authoratitive IP address of www.defendhackersblogspot.com
 is 66.45.245.34

See how that works? Each name server passed the buck to the next one, until you finally got an answer from someone who knows it. 

The authorititive IP address, also known as the A record, is stored as a DNS entry on the name server. Other records, such as MX (mail server) and CNAME (canonical name, i.e. an alias) are also stored in the domain record. A service called 'whois' exists to get the contents of these records. There are hundreds of websites that let you perform a whois. My favourite is http://whois.domaintools.com/ but as I said there are hundreds out there. These records often include the name, address and telephone number of the person who registered the domain, as well as the name and telephone number of the company that leases the domain to that person. Private individuals can opt out of the whois lookup to prevent privicy issues.

If you were to attack a nameserver, you could flood it with UDP packets on port 53 in order to cause large amounts of processing to be done on the server that runs it. This would mean that normal DNS traffic would not always get processed and the users would not be able to resolve the domain's IP, resulting in a denial of service. In combination with a TCP SYN flood on port 80 of the server itself, a DNS flood can take out a website completely, given enough resources.

I Hope This Simple Illustration Helps u hellla lOt..

Lat3r..

Read More

WIKILEAKS HIRING HACKERS

Hey Niggas , Wondering While u read, Everything is truth, As u r seeing it..Believe..! We all have been known that WIKILEAKS has Tored the Fake face of America, And America Tryin To DDOS the Wikileaks And Successfully have done it..!! now www.wikileaks.org has been moved to mirror.wikileaks.org,
“JULIAN ASSANGE IS THE ONE MAN ARMY I GOTTTA SAY” Wikileaks has Showcased all the Drama of United States

Few Revealled Stuffs by WIKILEAKS:
1. IRAQ WAR LOGS
2. Calling tha Bessst World leaders in a NICK NAME.
3. Intruded in all governments Personal Stuff.
4. Spying on all Countries activites
5. SRILANKA WAR LOGS AGAINST Tamilian

Like all the Secrets has been revelaed With facts and Proffs,

Wikileaks Officialy Said Still they are having 2.5 Laks Of Confidential Notes From U.S Embassey
Hilary Clinton also warned there should not be Any post Regarding About one Secrets, If IT Happpens, Will be taken Series Account Leads to immediate action, (Ho HILARY am jus Askin Do u think Julian Assange(WIKILEAKS TEAM) India Or Wat…Watever u Say, To Nodding up Head Right and left)
This is WIKILEAKS..
Lets See Wat the steps Has taken Still So Far..
This Case has Been Movved To F.B.I , With Few Hired Hackers And Security Proff They DDosed And Main Site Has Been Shut Down…!! But Mirror Site (Backup Site) is still Active Upon now ..!!

( EVERYDNS.NET ) Wikileaks Has been hosted by this Provider F.B.I Forced to remove the Registration Entries..And Finally they Acted Upon..!
Now WIKILEAKS Has Come up With 729 Websites , Like( Replication in tha ROBOT Movie,If u have Seen tha Climax of tha movie u can understand it better)..So Now its hard for FBI To Identify tha Targeted Server Because Each Server From Different Location they hav hosted , And Wikileaks Are Looking to Take it 7000 Websites..!! And Hell Ya..!! NO WAY TO FIND…

And Here are the 729 Websites , Now Wikileaks CABLE Datas are available..! This Information is Strictly Confidential And Have Got Permission to Publish In Hackersbay.in

wikileaks.as50620.net wikileaks.tard.is ipv6 freeus.jsdev.org
wikileaks.enzym.su freeus.jsdev.org wikileaks.cellue.de
wikileaks.kafe-in.net wl.opsec.eu ipv6 wl.donatepl0x.com
wikileaks.challet.eu wikileaks.kister.org wl.gernox.de
wikileaks.morningtime.com wikileaks.renout.nl wikileaks.fdn.fr
wikileaks.gonte.se wikileaks.kaptenkong.se
wikileaksmirror.proxelsus-hosting.de ipv6 leaks.gooby.org
wikileaks.dubronetwork.fr ipv6 wikileaks.perry.ch wikileaks.sbr.im
wikileaks.u0d.de
wikileaks.81-89-98-125.blue.kundencontro...
www.fuckip.de wikileaks.psytek.net wl.mrkva.eu wikileaks.joworld.net
www.wlmirror.com wikileaks.chiquitico.org wikileaks.rout0r.org
www.gruiiik.org wikileaks.adhelis.com wikileaks.high-color.de
wikileaks.holarse-linuxgaming.de wl.alfeldr.de wikileaks.jikan.fr
wikileaks.huissoud.ch wikileaks.geekview.be wikileaks.fs-cdn.net
wikileaks.burnzone.de wikileaks.dysternis.de wikileaks.nulset.net
wikileaks.franslundberg.com wikileaks.krkr.eu ipv6 wl.yoltie.net
wikileaks.gnourt.org wikileaks.theunfamiliar.co.uk wikileaks.zeitkunst.org
wikileaks.aelmans.eu wikileaks.serverius.net wikileaks.synssans.nl
wl.ernstchan.net wikileaks.yasaw.net zwartemarktplaats.com
wikileaks.dena-design.de wikileaks.zone84.net wikileaks.subastas-xxx.com
wikileaks.iuwt.fr wikileaks.fernandoramirez.com.ar wikileaks.chmod.fi
wlmirror.wildeboer.net www.wikileaks.freelists.com.au leaked.rndm.ath.cx
wikileaks.splichy.cz wleaks.3sge.pulsedmedia.com
wleaks.hellfire.pulsedmedia.com wikileaks.palisades-berlin.de
wikileaks.razor1911.com wikileaks.dokansoft.com.ar
wikileaks.thinkfurther.de wikileaks.trankil.info wikileaks.gonte2.nu
leaks.stumcomie.com wikileaks.timburke.org wikileaks.ehcdev.com
wikileaks.zurk.org wikileaks.myscripts24.de wikileaks.breit.ws
wikileaks.emilts.com wikileaks.ruicruz.pt wikileaks.now-pages.com
wikileaks.ego-world.org wikileaks.nerdpol.org ipv6 cablegate.r3blog.nl ipv6
wikileaks.footboot.net www.wikileakz.eu wikileaks.realprogrammer.org
wikileaks.the-secret-world.info wikileaks.superjoesoftware.com
wikileaks.rtjuette.de wikileaks.rustigereigers.nl mirror1.wikileaks.lu
mirror2.wikileaks.lu wikileaks.emptyflask.net internaluse.net
wikileaks.r00t.la wikileaks.cordover.id.au brd.mcbf.net
wikileaks.merciful.nl wikileaks.spurious.biz wikileaks.1407.org
wl.datendetektei.de ipv6 wikileaks.mollar.me azow.selb.us
wikileaks.furdev.org wikileaks.datkan.net ipv6 wikileaks.nortemagnetico.es
wikileaks.threefingers.ca wikileaks.brenne.nu ipv6 www.anontalk.com
wikileaks.hutonline.nl vm8157.vps.tagadab.com nl1.wikileaksmirror.nl
wikileaks.noomad.org wikileaks.xcplanet.com www.wikileaks.nw-ds.com
wikileaks.infinium.org.uk wikileaks.piratskasit.cz peoplerule.info
wikileaks.sirobert.com wikileaks.solvare.se wikileaks.marktaff.com
wikileaks.hmaks.com im.wikileak.im wikileaks.aamjanata.com
www.wikigoteo.dialetheia.net wikileaks.dft-labs.eu
wikileaks.julietvanree.com wikileaks.argenton.ch wikileaks.i0i.co
wikileaks.lionelwood.com wikileaks.antifan.de ipv6 wasiutynski.net
wikileaks.diedx.nl wikileaks.chram.net wikil3aks.dyndns.org
wikileaks.encgmail.com wikileaks.yoerin.nl wikileaks.mcpond.co.nz
wikileaks.siwhine.org wikileaks.schroth.cx wikileaks.delight.ch
wikileaks.moochm.de wikileaks.syncaddict.net www.hallitus.info
info.patourie-systems.com wikileaks.softic.cz wikileaks.redhog.org
wikileaks.brokenbydesign.org wikileaks.nisd.dk wikileaks.sentientrobot.net
wikileaks.kronoss.org wikileaks.s4ku.com wikileaks.glembotzky.com
wikileaks.nperfection.com wikileaks.laquadrature.net
wikileaks.legrandsoir.info wikileaks.artwww.net wikileaks.39mm.net
leaks.uaqv.com wikileaks.krtek.net www.emilts.com leaks.3nglish.co.uk
wikileaks.explain-it.org wikileaks.dunnewind.net wl.fcharlier.net
wikileaks.poete.eu.org wikileaks.datenscheibe.org wikileaks.kapitein.org
www.wikileaks.djity.net wikileaks.nodemaster.de wikileaks.listepik.net
wikileaks.explain-it.org wikileaks.sedrati-dinet.net wikileaks.rigacci.org
wikileaks.ratm.ch wikileaks.tonbnc.fr cablegate.sentientrobot.net
wikileaks.ist-bremer.de wikileaks.spinrise.com wikileaks.rothnet.org
wikileaks.webtito.be ipv6 wikileaks.lainconscienciadepablo.net
wikileaks.g33kthug.co.uk wikileaks.b166er.net
wikileaksmirror.matstace.me.uk 87.106.58.253 wikileaks.virii.lu
wikileaks.junkle.org leaks.iamfos.co wikileaks.wass-media.com
wikileaks.karlsen.co wikileaks.lupine.me.uk ipv6 wikileaks.webprofiles.org
wikileaks.azatoth.net wl.unbloggbar.org santocristo.info
wikileaks.back2hack.cc wikileaks.supercrapule.com wl.treymassingill.com
wikileaks.poliisi.mobi wikileaks.karlsen.co wikileaks.rickfalkvinge.se
wikileaks.amette.eu wikileaks.batsh.it wikileaks.freei.me
wikileaks.chsdl.de last.to wikileaks.iheartfreedom.ca
wikileaks.rackstack.com wikileaks.serverlicious.org wikileaks.excds.se
wikileaks.under.ch leaks.kooll.info wikileaks.nldla.com
cablegate.dyndns.info wikileaks.afturgurluk.org wikileaks.phasebook.net
wikileaks.emquadat.com wikileaks3.no-ip.org wikileaks.hermans.net
wikileaks.urli.eu wikileaks.laotracarboneria.net wikileaks.datapusher.net
wleaks.shellmix.com wikileaks.citizen-boycott.org wikileaks.in-edv.de
wl.hor.de wl.rekursion.ch naixt-genne.com wikileaks.aircraftdispatch.net
wikileaks.cimeterre.info wikileaks.2qt.us wikileaks.rhgnet.de
wikileaks.crypton-technologies.net wikileaks.xgstatic.fr
wikileaks.medienfuzzis.com wl.creative-guerillas.com wikileaks.philpep.org
ipv6 wikileaks.para-dice.de wikileaks.outcast.no wikileaks.bandsal.at ipv6
wikileaks.concretedonkey.cz.cc wikileaks.oualid.net
wikileaks.webterrorist.net wl.22web.net wikileaks.deepdata.de
wikileaks.theano.de wikileaks.buzzworkers.com wikileaks.electric-castle.net
wikileaks.caseid.org wikileaks.luchaspopulares.org wikileaks.paysen.net
wikileaks.atpolitics.com wikileaks.otnf.tk wikileaks.nslu2-info.de
leaks.letsneverdie.net wikileaks.yasaw.net wikileaks.atpolitics.com mhym.de
www.wikileaks.videoteppista.net wikileaks.deutero.org wikileaks.grokia.se
wikileaks.tamcore.eu wikileaks.youfailed.de wikileaks.stephaneerard.fr
wikileaks.jotocorp.com wikileaks.canariaswireless.net
wikileaks.thearksakura.com wikileaks.org.org wikileaks.thefrackin.info
wikileaks.maero.dk wikileaks.metrogeek.fr wikileaks.simplaza.net
gouv.delation.org wikileaks.fellr.net wikileaks.mindfreakonline.de
wl.dixon.pl wikileaks.zombix.pcriot.com wikileaks.wkellner.com wl.thj.no
wikileaks.sodom.se wikileaks.macventure.de wikileaks.damn1337.de
wikileaks.bitciple.com wl-mirror.sokoll.com wikileaks.224charenton.net
help.majestan.com wikileaks.giggsey.com wl.kallix.net ipv6
wikileaks.unknowntruth.net wl.kaizer.se wikileaks.legalsutra.org
wikileaks.kitara.nl wikileaks.kyak106.com wikileaks.marpeck.net
wikileaks.leech.it wikileaks.pamphleteer.de wikileaks.return0.de
wikileaks.0x04.com wikileaks.mirror.jfet.org wikileaks.nerdhero.org
wikileaks.3ofcoins.net wikileaks.g0rn.com wikileaks.chpwn.com
wikileaks.fuck.cc wikileaks.hoppipolla.net wikileaks.slackdev.com
wikileaks.openmafia.org wikileaks.paper.st wikileaks.efremigio.es
wikileaks.zanooda.com wikileaks.wtfstfu.org wikileaks.freedomofspee.ch
www.elajt.info wikileaks.chuso.net wikileaks.letras.net wikileak.eicat.ca
wleaks.fryking.se wikileaks.0xff.it wikileaks.apileofbytes.com
wikileaks.revspace.nl leaks.curaj.tv wikileaks.mumu.cz wikileaks.kassala.de
wikileaks.mairipa.com wikileaks.crome.us wikileaks.chpwn.com
wikileaks.waixan.se wikileaks.k-ribou.com wikileaks.stasi.fi
wikileaks.milchi.de wl.kollegstufe.org leaks.freudian.sl wikileaks.laez.nl
wikileaks.dexite.de 74.63.248.219 wl.ownage4u.nl wikileaks.peer7.de
wikileaks.infinityloop.es wikileaks.orfeu.es wikileaks.myke.us
wikileaks.noova.de ipv6 wikileaks.leckerbits.com wikileaks.jikbag.net
wikileaks.pesqair.com wikileaks.nicolbolas.org ipv6 wikileaks.vixns.net
wikileaks.byteserv.de wikileaks.zro.co wikileaks.popcnt.org
wikileaks.acm.jhu.edu raubmordkopiert.ws wikileaks.adoutte.com
wikileaks.iodev.org wikileaks.ludost.net wikileaks.roethof.net ipv6
wikileaks.thespinlight.com wikileaks.apathie.net wl.mimamau.de
www.wikileaks.ufone.de wikileaks.mooo.se wikileaks.neofosis.com
wikileaks.eglin.net kileaks.byethost6.com www.mistermikileaks.com
wikileaks.pwnt.nl majjj.com wikileaks.antoniojperez.info
wikileaks.ig33k.com wikileaks.extensity.co.nz wikileaks.rudemusic.net
wikileaks.adoutte.com dgmx2k.dyndns.org:800 wl.fuldaecho.de
wikileaks.nc23.de www.wikileaks-backup.com wikileaks.bynoob.com
wl.mrblue.name wikileaks.martindv.es mirror.friendsofwikileaks.org.uk
wikileaks.disknode.org wikileaks.adundo.com wikileaks.lazzurs.net
wikileaks.deathserv.net wikileaks.tollofsen.se wikileaks.brokenco.de
wikileaks.buckyslan.com wikileaks.moell.us wikileaks.classcast.de
wikileaks.datenwelten.de www.priv.us wikileaks.neopt.org
wikileaks.samhargreaves.eu www.finngaria.de wikileaks.skvorsmalt.cz
wikileaks.neurd.org wlmirror.cosego.com leaks.boerdy.net
wikileaks.gundam.eu ipv6 novgorod.zunedevwiki.org ipv6 wikileaks.biz.tm
wikileaks.k4hosting.com wl.i2pbote.net leaks.underrun.org
wikileaks.simleb.cc wl.stefanpopp.de wikileaks.tejero.ca
www.keepinformationfree.com whatever.grillcheeze.com wikileaks.olivu.com
wikileaks.jieji.org wikileaks.zakulisa.org wlm.flooble.net
wikileaks.eondream.com www.shamanhouse.com wikileaks.galama.net
wikileaks.eondream.com wikileaks.goodlifebikes.ca wl.newscenterx.de
wikileaks.kofuke.org ipv6 wikileaks.xr3.cc dev.quadodo.net
wikileaks.cybertroops.com wikileaks.yacy.info wikileaks.anarka.nl
wikileaks.happyforever.com wikileaks.data-get.org wikileaks.humanpets.com
wikileaks.spectle.com wikileaks.hellopal.biz wleaks.verymad.net
whitenetdownloads.com WL.sanvicentemedia.com
wikileaks.lotek.org wikileaks.profithost.net wikileaksmirror.eu
wikileaks.chronzz.co wikiconstitution.info wikileaks.tinychan.org
wikileaks.holy.jp leaks.no.net www.wikileaks.angelbeast.org
www.wikileaks.angelbeast.org wikileaks.drewhavard.com wikileaks.keladi.org
wikileaks.awardspace.us wikijm.com wikileaks.pandas.es
wikileaks.mustashwax.com wikileaks2.info wikileaks.artwww.net
wikileaks.oneeyedman.net wikileaks.openconnector.net wikileaks.jordanroy.net
wikileaks.crazzy.se wikileaks.moo2ah.com wl.udderweb.com
www2181u.sakura.ne.jp wikileaks.blackwire.com wikileaks.rlsjrnl.info
wikileaked.jamestheawesome.kicks-ass.net wikileaks-in.ganesh.me 80.70.1.168
wikileaks.luotettu.net wikileaks.xakep.name wikileaks.jejaring.org
wikileaks.mahut.sk wl2.gernox.de wikileaks.mine-server.info
wikileaks.revoleaks.com bonsainetz.de www.spacemission.org
wikileaks.media.pl wikileaks.imrof.li wikileaks.hoper.dnsalias.net
wikileaks.escism.net wikileaks.lelapinblanc.eu wikileaks.tryptamine.net
wikileaks.piratenpartei-nrw.de wikileaks.cancamusa.net wikileaks.skarta.net
wikileaks.is-back.de wikileaks.radiopark.biz ipv6 wikileaks.nexiom.net
wikileaks.matschbirne.com www.extremesocial.biz wikileaks.blokovi.com
wikileaks.mooselook.de wikileaks.minibofh.org wikileaks.lengua.fr
wlmirror.riepernet.org wikileaks.aamjanata.com wikileaks.joevr.org
wikileaks.toile-libre.org wikileaks.parano.me wikileaks.slite.org
wikileaks.zvdk.nl wikileaks.picturesbyphilipk.de wikileaks.hostingjuice.com
wikileaks.editia.info wikileaks.renout.nl wikileaks.phoeney.de
wikileaks.msga.se wikileaks.infotubo.com wikileaks.adzi.net www.example.sk
wikileaks.wazong.de RealnoeBlinDelo.com
wikileaks.redandblack.cz ipv6 wikileaks.matschbirne.com wikileaks.aadnoy.no
wikileaks.erfassungsschutz.net wikileaks.aleph-0.net
wikileaks.oliverbaron.com wikileaks.vyus.de wikileaks.ladstaetter.at
wikileaks.willjones.eu wikileaks.anti-hack.net wikileaks3.piratenpartij.nl
wikileaks.ninanoe.net wikileaks.g0tweb.com 74.207.247.66
wikileaks.schuijff.com wikileaks.venix.eu wikileaks.iqaida.de
fremont.ca.us.wikileaks-mirror.com wikileaks.version2.nl
newark.nj.us.wikileaks-mirror.com london.uk.eu.wikileaks-mirror.com
dallas.tx.us.wikileaks-mirror.com zurich.ch.wikileaks-mirror.com
wikileaks.zici.fr wikileaks.tunny.ch wikileaks.boneputra.net
wikileaks.breit.ws wikileaks.weltgehirnmaschine.de wikileaks.csbnet.se
wikileaks.digital-revolution.at wl.dyndns-wiki.com wikileaks.nijhofnet.nl
ipv6 leaks.mooninhabitants.org wikileaks.ralforolf.com
wikileaks.pancake-pirates.org wl.farhad.su 93.90.28.65 wl.it.cx
wikileaks.lickmychip.com wikileaks.kimori.org wikileaks.beispieldomain.org
wikileaks.topdownmedia.nl wikileaks.webpagearts.com wikileaks.noreply.to
wl.openbotnet.eu wikileaks.univers-libre.net wikileaks.queralt.me
wikileaks.loutre.ch gatw.nl wikileaks.yourhero.de
wikileaks.disruptive.org.uk wl.scottymeuk.co.uk wikileaks.interblag.org
wikileaks.euridies.com wl.farhad.su wikileaks.jesolo-wants-adsl-back.info
wikileaks.ansible.fr wikileaks.violetsky.ch
wikileaks.dieinternetprofis.info wikileaks.daphne-dionys.com
wlmirror.dyndns.org whistleblower.futtta.be wikileaks.beraldoleal.com
newfagscanttriforce.com wikileaks.xen.no wikileaks.trylle.no
wikileaks.groissgroissgroiss.com wikileaks.nervsoft.com.ar
wikileaks.facenews.ru wikileaks.orientanet.es wikileaks.my-niap.org
wikileaks.phpdata.org wikileaks.nekochan.ch wklks.dyndns.org
wikileaks.uenota.org.ua wikileaks.4574.co.uk wikileaks.silverbullion.jp
wikileaks.gentlehost.net wikileaks.gonades.org wkl.fdumas.fr
wikileaks.gvoice.eu wikileaks.wiki-mirror.de wikileaks.socketubs.net
wikileaks.network-13.com wikileaks.sety.cz wikileaks.uruknet.com
wikileaks.brechi.com beatriceask.se wikileaks.uenota.org.ua
cablegate.dev-null.biz wikileaks.aditam.org wikileaks.bitplay.ru
wl.razor1911.com wlmirror.hopto.org:8000 wikileaks.mserverz.de
wikileaks.mazej.net:8080 wikileaks.com.hr wikileaks.bcweb.co.uk
wikileaks.weis.tk cablegate.technoaddict.fr wikileaks.jsphoto.at
wikileaks.africanaristocrat.com wikileaks.walgemoed.net
wikileaks.michaelkesler.info wikil.dyndns.org wikileaks.equal.cluenet.org
ipv6 wikileaks.bennyjacobs.nl wikileaks.kor.de
wikileaks.creativereasons.co.uk wikileaks.2114.su wikileaks.blazor.org
wl.shathor.com wikileaks.arulns.com wikileaks.fuxter.ru wiki.arrr.tv
wikileaks.synful.us wikileaks.nodehost.co.uk wikileaks.pod.cvut.cz
wikileaks.ihide.in wikileaks.nukezone-cnd.com wikileaks.key-server.de
wikileaks.silenceisdefeat.com wikileaks.reezer.org wikileaks.evilsocket.net
wikileaks.u35.dk wikileaks.felixbecker.name wikileaks.3g.de
wikileaks.tbotcotw.com wikileaks.b0x.lv wikileaks.sekil.fr
wikileaks.ebsserver.nl www.mirrorleaks.com partyboy.me
wikileaks.dashavoo.com 178.77.79.170 wikileaks.runlevel3.org
wikileaks.txapelbeltz.net wikileaks.av3s.net wikileaks.soft-creation.de
wikileaks.foetusproducts.com leaks.hw.is wikileaks.kiney.de
wikileaks.prismation.com wikileaks.brunogola.com.br
wikileaks.spiltirsdag.dk wikileaks.gehostet.de wikileaks.dennix.eu
wlm.hor.de iwikileaks.co.cc ewikileaks.co.cc wikileaks.sebastianbartsch.eu
wikileaks.bodji.net leaks.freecooki.es wikileaks.ecobytes.net
wikileaks.rolamasao.org cablegate.dyndns-remote.com
wikileaks.karimhossen.fr wikileaks.hlubina.com the-loser.net
wikileaks.tancee.com wl-tdl.ath.cx wikileaks.kermsware.net
wikileaks.kutxa.homeunix.org geheimnisse.taegli.ch www.swisswikileaks.ch
wikileaks.scratchbook.ch wikileaks.extranet.ee wikileaks.event-lan.net
wikileaks.bosna-i-hercegovina.info december.freez.in ipv6
wikileaks.mein-le.de wikileaks.mretc.net wikileaks.i-caramba.de
wikileaks.uwe.gd wikileaks.co.nl wikileaks.robsayers.com
wikileaks.i-caramba.de wikileaks.otherreality.net ipv6
wikileaks.hostalis.net wikileaks.maketo.se wikileaks.sharea.tk
wkleak.tartiflettes.com wikileaks.varchar.nl wikileaks.anavallasuiza.com
wikileaks.plixup.fr wikileaks.imrof.li freedomisimportant.org
wleaks.ddsd.de wikileaks.archive-one.us wikileaks.delovayakolbasa.ru
wikileaks.german-radio.net wikileaks.rootssh.net wikileaks.itos.pl
wikileaks.hackerheaven.org ipv6 wl.paranoidsecurity.nl
wikileaks.jugendverein.nl wikileaks.redcube.nl www.pucawo.net
wikileaks.neodox.org wikileaks.besthost.nl wikileaks.hinin.fr
wikileaks.WhoTheFox.com
wikileaks.capitanruby.es wikileaks.rorbuilder.info wikileaks.ce.tc
109.109.225.178 www.netur.net wleak.de ipv6 wikileaks.insultant.nl ipv6
wikileaks.eldaria.net wikileaks.dennix.eu wikileaks.spacedigital.eu
wikileaks.vanwoudt.com wikileaks.ypanema.de wikileaks.mindfarming.de
wikileaks.feh.name wikileaks.a-dit.fr wikileaks.jcowboy.org
wikileaks.diario-geek.com


-- Wikileaks Hiring Hackers Security Proffessional To Manage their Site,ur Original Information is Handled With tighten security Wen registering Domain For u On tha behalf of wikileaks, Your Job is to receive the Documents and Keeeps Postin on it as it Comes, Owner Can be a single person , Security Geek , Corporation , Security Consultant Firm….E.t.c
For More regarding Visit tha Main ..(Mirror sire) Site Of Wikileaks.org

ENJOY THA UPDATES WITH US…

Read More

Verisign and responsible disclosure

In a recent post on his company blog, Verisign's vice president of marketing Tim Callan commented on the disclosure of our MD5 collision attack:

Here is the Scene Follow,

VeriSign did not receive any of [the] information ahead of the actual presentation, rendering it impossible for us to begin work on mitigating this issue prior to this morning.

I feel that this statement is inaccurate. Not only did we contact Verisign before our presentation to let them know about our research, we also strongly advised them to stop using MD5 as soon as possible and were given a chance to review their mitigation plans. I hope that Tim Callan's post is a result of a simple miscommunication between the technical people at Verisign their marketing department.

To help clarify this issue, in this post I will provide some background information about the disclosure of our work, as well as the exact timeline of our communication with the affected certificate authorities.
Protecting Internet users

From the very beginning of this project, all members of our team agreed that we needed to disclose this vulnerability without putting any users at risk. There were two main goals we set out to achieve: first, to prevent our rogue CA certificate from being abused; and second, to ensure that nobody else can repeat this attack before the affected CAs get a chance to fix the problem.

We took the following steps to prevent abuse of our rogue CA certificate:

* We did not release the private key for our rogue CA.
* We set the expiration date of the rogue CA certificate to August 2004, ensuring that even if the private key falls into the wrong hands, it will be useless against people who have their system date set correctly.
* We contacted the major browser vendors (Microsoft and Mozilla) to offer them a chance to explicitly blacklist our certificate if they felt that the past expiration date is not effective enough.

To make sure that our work could not be repeated by malicious attackers, we did not release the MD5 collision finding software necessary to do the attack. In addition, we chose to delay the publication of the improved collision finding techniques we had to develop for this project. Our team was confident that the R&D investment required to repeat our attack without access to this information would be prohibitive and the affected CAs would have enough time to stop using MD5 before the attack could be repeated.
Notifying the affected certificate authorities

Since we had already taken steps to ensure that the attack could not be easily repeated, notifying the affected certificate authorities before our presentation was not required in order to protect Internet users. A more important consideration was to ensure that we could present our work at the Chaos Computer Congress without interference. In the last year we have seen multiple cases in which companies have used legal threats in an attempt to silence security researchers and prevent the release of information that exposes their security failures. The most prominent examples include the lawsuit against Dutch researchers who showed fatal security flaws in the MIFARE transit cards and the restraining order that led to the cancelation of a talk about vulnerabilities in the fare collection system of the Boston subway.

Since the affected CAs did not have a significant track record of responding to public security vulnerabiltiies in their systems, we could not be confident that they wouldn't overreact and attempt to stop or delay our presentation through legal or other means. It was this feeling of uncertainty that led to our decision to avoid direct contact with them and to obtain Non-Disclosure Agreements from the browser vendors we contacted.

Recognizing the significance of the issue, Microsoft offered to act as a intermediary and contact the affected CAs on our behalf without revealing our names or the date of our presentation. Their proposal was reviewed by our team as well as our lawyers and on Dec 23 we agreed to go ahead with it:

Date: Tue, 23 Dec 2008 05:21:07 -0500
From: Alexander Sotirov
To: Microsoft Security Response Center

All of the team members agreed with the proposed plan, you can go ahead and
contact Verisign. Thanks for the help with this issue.

Here are the details that you can reveal to Verisign:

1) point them to the 2007 paper that describes the generation of colliding x509
certificates: http://www.win.tue.nl/hashclash/TargetCollidingCertificates/

2) tell them that Microsoft has been made aware that this crypto attack has been
improved and some practical limitations have been worked out, allowing the
successful generation of colliding x509 certificates signed by real
certificate authorities which still use MD5

3) tell them that RapidSSL and FreeSSL (also owned by Geotrust) use MD5 and
are vulnerable to this attack

4) encourage them to move to SHA-1 for all new certificates asap

5) it is important to stress that this attack is a generic attack against
CAs that use MD5 and not specifically targeting Verisign. They have a
good PR opportunity to react quickly and fix the bug before other CAs
They don't want to be the _last_ CA that uses MD5 :-)

If they request additional information from us, please pass the request along
and we'll try to help with what we can. You can call me directly at
XXX-XXX-XXXX if rapid response is required. We would be happy to chat with
Verisign directly on Dec 30, but we'd like to avoid direct contact until then.

The same day Microsoft contacted Verisign and informed them about our research. Verisign understood the severity of the issue and began working on it:

From: Microsoft Security Response Center
To: Alexander Sotirov
Date: Tue, 23 Dec 2008 13:18:09 -0800

We spoke to Verisign this morning, and essentially used your last e-mail as
a script to introduce them to the issue. We also passed along the roots they
own which you identified as affected, and they are reviewing their next steps
right now. They understood the severity of the issue and are taking it
seriously. At this point in time they did not have any further requests for
information.

They were however surprised by the ssl123 certificate: they claim these are
all issued using sha1. The ip address you listed for that certificate is no
longer live, and the hostname in the CN is using another Verisign certificate.
Would you mind if I pass along the subject and issuer information for them to
progress their validation?

I was happy to help Verisign by providing extra information about the SSL123 certificate in question. I also gave Microsoft permission to contact the other affected CA:

Date: Tue, 23 Dec 2008 19:38:09 -0500
From: Alexander Sotirov
To: Microsoft Security Response Center

> They were however surprised by the ssl123 certificate: they claim these are
> all issued using sha1. The ip address you listed for that certificate is no
> longer live, and the hostname in the CN is using another Verisign
> certificate. Would you mind if I pass along the subject and issuer
> information for them to progress their validation?

I have the original cert from that website. I've attached a zip file with all 5
Thawte MD5 certs that I found in the wild, including the SSL123 one. It's a
bit disconcerning that the CAs themselves don't know what algorithms they are
using.

You can give Verisign these certs, I collected them from public websites so
they are not secret in any way.

> The RSA root you listed is in fact also owned by Verisign, so they are
> investigating that one as well. There is one other root which belongs to
> another company, being Chosen Security/TC TrustCenter AG. We tentatively have
> a call scheduled with them tomorrow morning at 8 AM PST. If you can confirm
> that we can communicate the same information to them, this would be
> excellent.

Yes, you can communicate the same information to them.

On Dec 24, Microsoft requested permission to release more information to the CAs:

From: Microsoft Security Response Center
To: Alexander Sotirov
Date: Wed, 24 Dec 2008 09:09:15 -0800

One of the two certificate authorities got back to us and stated they will be
changing their engineering efforts to SHA1 within a *very short* timeframe. We
are literally talking days/weeks here. This is still going to be after your
presentation date. However, they are asking us specifically whether this
timeframe will be acceptable.

We cannot answer any questions on this for now - we are only the "voice box" in
between here. I do feel you should be giving them at least some nod in the
direction that they will still not make it in time, but also that this is not
very critical.

Could I have your permission to release the following statement to them:

"Hi [name],

The finder informed us they will likely take this issue public prior to [your
proposed switch date]. However, he wanted us to convey to you that they will
only be demonstrating that the generation of an “evil twin” certificate is
possible. They will not disclose their collision seeking algorithm, nor will
they be releasing any Proof of Concept code. Given the significant amount of
cryptographic research involved, they feel that their results will not be
repeatable for at least some time. They do plan on releasing a full research
paper on their method, but this will definitely be released much later than
your proposed switch time.

As such they don't feel that making this change will directly affect your
customers. They do think the level of responsiveness you are showing would be a
positive PR opportunity for your organization."

As this statement essentially conveys your plans and opinion, please feel free
to propose any other one with your team or make changes where you deem
necessary.

I promptly agreed to the proposed statement, with some minor edits:

From: Alexander Sotirov
To: Microsoft Security Response Center
Date: Wed, 24 Dec 2008 14:04:40 -0500

> "Hi [name],
>
> The finder informed us they will likely take this issue public prior to [your
> proposed switch date]. However, he wanted us to convey to you that they will
> only be demonstrating that the generation of an “evil twin” certificate is
> possible. They will not disclose their collision seeking algorithm, nor will
> they be releasing any Proof of Concept code. Given the significant amount of

make this "...releasing the software that implements the collision generation."

> cryptographic research involved, they feel that their results will not be
> repeatable for at least some time. They do plan on releasing a full research
> paper on their method, but this will definitely be released much later than
> your proposed switch time.

add "They will wait until all CAs have completed the move to SHA-1 before publishing
the details necessary to repeat the attack."

> As such they don't feel that making this change will directly affect your
> customers. They do think the level of responsiveness you are showing would be
> a positive PR opportunity for your organization."

I agree with this statement. You can share it with all affected CAs.

Alex

On Dec 29, Verisign confirmed that they are planning to stop using MD5 by the end of January.

From: Microsoft Security Response Center
To: Alexander Sotirov
Date: Mon, 29 Dec 2008 13:45:25 -0800

Hi Alexander,

Here is more feedback and contact information from Verisign:

"The SSL123 certs using MD5 are through a legacy reseller platform we are in
the process of EOL'ing. We do still have resellers using it so will need to
make updates to that platform as well.

We are working on making system changes to stop using MD5. They won't all be in
place by January 5th, but will be by the end of January. From what I am reading
below, the key thing seems to be that we are taking measures to stop using MD5
in the short term - so our plan to have all system changes in place by the end
of January should be Ok. Would you agree?

As far as contacts, from a technical point of view they can contact me. My
information, including cell is below. From a PR standpoint, the best person to
contact is Tim Callan - his email address is xxxxxxxx@verisign.com and direct
line is XXX-XXX-XXXX and cell is XXX-XXX-XXXX. An alternative contact for PR if
you can't reach Tim is Tina Hou (xxxxxxxx@verisign.com). She reports directly
to Tim.

Jay Schiavo
xxxxxxxx@verisign.com
Direct: XXX.XXX.XXXX
Mobile: XXX.XXX.XXXX"

Only 5 hours after our presentation, Verisign stopped using MD5 for all new RapidSSL certificates, successfully eliminating this vulnerability.

Cryptographic algorithms can become broken overnight, so it is important for CAs to demonstrate the ability to react quickly to such issues. I'm happy with the reponse from Verisign and the other affected CAs. Based on our experience with them, I would not hesitate to work with them directly on any vulnerabilties I might discover in the future.


This Symbolically tells..!! "SECURITY IS ZERO"

Read More

COOKIE POISONING OR STEALING

WELL…Good To see You again all yo guys..!! Yest had a Conversation with d Team members , About Enhancements,features,and I Swear..
We are performing but not happy, Like how the little master said…. When “Cookie” the term comes to my mind, I THINK about Hot Bakes wat we prepare if my were friends together, doesn’t even care bout logical Shit(Cookie)..But this time need to give some shits to care about,Coz it Annoys a Lot more than before n one of the major threat in web applications..!!
So let see Wat n all the definitions available for COOKIES In the Planet:

“”Cookies are programs that Web sites put on your hard disk. They sit on your computer gathering information about you and everything you do on the Internet, and whenever the Web site wants to it can download all of the information the cookie has collected.”” [wrong]

Coookies are programs, Are u gone Insane,Heckkkkk….!! It’s a Parameter Used in the Web Prg Lanuage, used By POST,GET Methods..

POST-> Is for Posting the Contents In the web browser login page or form…Wat was Stored in Users Web Browser Or Harddisk

GET METHOD->Used to retrieve the Stored Contents on the Harddisk With the proper Mathching of ID From the webserver,,!! The records have been Pulled and Showed In Home LOGIN PAGE Or FORM Page by Post Methods..!!

And Niggas Here Is the r8 Definition, Don ask Stupid Ques..Right is Always Right One..
“”A cookie is a piece of text that a Web server can store on a user's hard disk. Cookies allow a Web site to store information on a user's machine and later retrieve it. The pieces of information are stored as name-value pairs.””

So We now Knew Cookies Sits on ur hard Drive(Class Bench) With ID Name(Student Name), The teacher Calls KEVIN, “Come Forward With ur Assignment”, Probably Kevin gets his ass along with him to the Teachers Cabin, So if Cookie with ID name Called By Tha Web Server it must Go..FATE…!! lol

The most common place for them to Place their Ass Safe is in d directory called c:windowscookies. When I look in that directory on my machine(NO LATE NIGHTACTIVITY),LOL…SOMETIMES AM A BAD ASS PSYCHO…..!!.But I find 165 files. Each file is a text file that contains name-value pairs, and there is one file for each Web site that has placed cookies on my machine.

Cookie Poisoning attacks involve the modification of the contents [[[i.e Like Changin the Clothes and appearences, if u chased By F.B.I In newyork City streets]]] of a cookie (personal information stored in a Web user's computer) in order to bypass security mechanisms. Using cookie poisoning attacks, attackers can gain unauthorized Access[lLIKE ILLEGAL AFFAIR…!! lol] information about another user and steal their identity.

Ok Be Serious Now..!! Gotta Pay more attention

Detail Portrays OF Scenario :
Many Web applications use cookies to save information (user IDs, passwords, account numbers, time stamps, etc.).about timestamp Protocol We Discuss Later In This Weeks threads,TRUST ME..Coz it’s a Imp One too, In TCP/IP Prg or in Network prog…!!!lets comeback.. The cookies stored on a user's hard drive maintain information that allows the applications to authenticate the user identity, speed up transactions, monitor behavior, and personalize content presented to the user based on identity and preferences. For example, when ur GF/BF/Spouse/Babysitter(Do u think Babysitter use Computers,ter are some hi tech Babysitters too in U.S Those are HOT,Hard to rent them) logs into a Web site that requires authentication, a login CGI validates his username and password and sets a cookie with a numerical identifier in the user's browser. When the user browses to another page, another CGI (say, preferences.asp) retrieves the cookie and displays personalized content according to the values contained in the cookie.

Cookie poisoning is in fact a Parameter Tampering attack As I Said Before in the Introduction Part, where the parameters are stored in a cookie. In many cases cookie poisoning is more useful than other Parameter Tampering attacks because programmers[Creative Thinkers Who Lives in a imaginary World ill say] store sensitive information in the allegedly invisible cookie.
For example, consider the following request: This is Just an Fictious link to make u understand better.:)
GET /store/buy.asp?checkout=yes HTTP/1.0 Host: www.hackersbay.in
Accept: */* Referrer: http://www.hackersbay.in/showprods.asp
Cookie: SESSIONID=570321ASDD23SA2321; BasketSize=3; Item1=2892;
Item2=3210; Item3=9942; TotalPrice=16044;
In this example, the dynamic page requested by the browser is called buy.asp and the browser sends the parameter checkout to the Web server with a yes value, indicating that the user wants to finalize his purchase. The request includes a cookie that contains the following parameters: SESSIONID, which is a unique identification string that associates the user with the site, BasketSize (how many items are in the purchase), the price of each item and the TotalPrice. When executed by the Web server, buy.asp retrieves the cookie from the user, analyzes the cookie's parameters and charges the user account according to the TotalPrice parameter. An attacker can change, for example, the TotalPrice parameter in order to get a "special discount".
Since programmers rely on cookies as a location for storing parameters, all parameter attacks including SQL Injection, Cross-Site Scripting, and Buffer Overflow can be executed using cookie poisoning.


Whooophh..!! Feel thE Unique Way of Learning With HACKERSBAY.IN, Coz learning Sorta Fun..!!

Read More

DNS and DNS cache (DNS Flush Error).

YES..!!!!!!!!!This will help you guys for better understanding of “DNS CACHE” When you use the Internet, you log to a site by its URL name (like www.BUY.com).
The naming scheme was done to make it easier for people to identify and remember the Sites. In reality, each Site name has an IP address (Internet Protocol address), which is a number on a database that is maintained by the Internet supervisors, and the actual surfing it done by the number. As an Example www.BUY.com actually goes around as 209.67.181.11
DNS (Domain Name service), is the data base that translates the name BUY.com to the IP number 209.67.181.11
Your Internet Service Provider (ISP) is usually providing an automatic access to their DNS data base while your are surfing.
Windows can keep the IP address of the sites that you Snoopin evry time, so wen u visit them the 2nd time the number is readily available.
It is done through a running service called DNS Client.
At times, this cache of numbers might end up with incorrect numbers or other mistakes, and can cause surfing troubles.
In case of trouble, the DNS cache can be cleaned by doing the following.
________________________________________
Click Start and Run, in the Run Box type cmd and click OK.
At the prompt of the open Command Box type, ipconfig/flushdns

________________________________________
If every thing were OK, you would get the message,

Successfully flushed the DNS Resolver Cache.
In addition, the DNS cache is flushed as part of repairing the Network’s TCP/IP Stack
If instead of Successful Flushing you get the message indicated that, the DNS could be Flushed.
Meanwhile,If u work with DNS CACHE STUFF U MAY receive this Error also, the following post help you to come up from this “here we go“Could not flush the DNS Resolver Cache error message”

While trying to clear DNS Cache on Windows XP or Vista computer, you might get error “Could not flush the DNS Resolver Cache” instead of successful flushing of DNS cache. We generally get this error when DNS Client service stops working or is disabled. You need to enable this service to resolve the issue.
Enable DNS Client Service

1. Click Start > Run
2. Type services.msc and click OK
3. Double click DNS Client option in the list
4. Set startup type automatic and click Start button
5. Close the settings window

After above steps, run the flush DNS command, you should see successful DNS cache clearance message.

Read More

HIJACKING SSL

""SUCCESS IS ONLY OUR M**** F***** OPTION""

Lovers Of Hackersbay.in, How you all Doing Today…Hope you all Doing Good,Today I am Gonna Show You How To Crack SSL Certification Sites, Where U all PAY Bucks To Buy Stuffs..Lemme Take Yoy Through…

Before We Get Into..!! Let Us Know What Is SSL STRIP:
The SSL Strip Works By Watching All the Http Traffic, When a User Try to create Https Connection, SSL Strip replace the http By Https..And Persuade The User He was Connected To a HTTPS Connection..! You May B Posted Some Fuckin Warnings Ba ur Browser..Like “Page appears to be invalid “ Or “Link was Broken” or “404 Timed Out” Or “Server Not Responding” My Niggas Don Mind Keep your Movin ON.


What The Author Of The TOOL Says:è
The author of the tool Moxie Marlinspike says:”” This tool provides a demonstration of the HTTPS stripping attacks that were presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, and then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.””
A https Padlock Will Be Spoofed On the URL Bar, Amd Make The User Believe He/She Fuckin With Secured Website..LOL..!! And a SSL Connection Has Been Created Which Aint Be Pierced..!!

FLAW IN SSL AS PRACTISE:
Researcher Have Used 3 Techniques To Bring This Operation Success..! FAKE LEAF NODE CERTIFICATION . NULL CHARACTER ATTACK , MAN-IN-THE-MIDDLE ATTACK…We aint Gonna Discuss About this Shit..Coz a Person Who Buys a Car Don Need To Kno The Cars Tech Like TURBINE POWER, FUEL INJECTION TECHNIQUES, Enigines CC..Etcetra..!! If He Knows To Drive that’s Hell a Lot Enuf..Like Guys if u Can abl 2 Understand n Deploy..More Than Enuf.. !!
Here Is a Concept, For SSL Connection X509 Certificate is used To Authenticante a Person to Logging in His SECURED SERVER(Lmao).. !! If u are Log in to www.paypal.com.

They don fuckin care whether ur Requesting Into anything.paypal.com OR something.paypal.com..!! Wateva the page in Noob Lang.. X509 Certificates are formatted thro ASN1 Notation..! PASCAL Lang used By ASN1.. Pascal Will Consider the NULL as Character..! this is the Flaw.

So Signing a Request Like www.paypal.com \ 0.paypal.com Will be treated valid by authentication Servers. Coz the prefix can be ignored by servers..!!

If u guys any Doubt in Rejecting “0” Shoot ur Comments I have a real time Example that will Help u Understand Better..! the Blueanarchy.org can create a Fake Cert and use as Paypal.com and Use it..!

PERFORMING THE HIJACK ON WINDOWS:
Using the SSL Strip On Windows iz Similar 2 Using In LINUX..!! But LINUX Has Inbuilt FIREWALL , PORT FORWARDING mean If there is a Traffic On a Port While The Data is Travelling it has been Redirect 2 Another Port..! BUT Ma Man BILL GATES Forgot to Consider Tis Shits While Constructin His OS`s.
So We Make it as Manual .!!
Turn ur Machine Into IP FORWARDING MODE.
Riderct ur HTTP traffic To SSL Strip.
Now Run Ur SSL Strip.
Perform Arp Spoof to Decieve Ur network that all Traffic Has Been Pass Away Ba You.


PREREQUSITE:
Install Python , And SSLStrip is a Python based tool. You need two machines running Windows on same LAN- one for attacker, another for victim

Step 1:
Enable IP forwarding on Attacker’s Machine
Get the hacker machine into acting as a router as it
needs to forward all the traffic coming to it to outside
internet.
• Start Registry Editor (Regedit.exe).
• In Registry Editor, locate the following registry key:
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
• Set the following registry value:
• Value Name: IPEnableRouter
• Value type: REG_DWORD
• Value Data: 1
• A value of 1 enables TCP/IP forwarding for all
network connections that are installed and used by
this computer.
• Quit Registry Editor. Restart the PC.

Step 2:
Set a firewall rule that forwards HTTP trafc from the victim to hacker’s machine for modification:
It tells all HTTP traffic from victim, coming on port 80 of hacker’s machine to redirect it on port 10000 on the same hacker’s machine. Port 10000 is used by SSLStrip tool by default..if u don find any utility to set a new firewall rule Visit Kenneth Xu (http://
kennethxu.blogspot.com) and fetch it..! Java based TCP/IP port forwarding utility – (Download here http://code.google.com/p/portforward/downloads/list)

C:\>java -classpath commons-logging.jar;portforward.jar org.enterprisepower.net.portforward. Forwarder 80 localhost:10000
This command forwards all HTTP traffic received on port 80 of Hacker’s machine to port 10000 of the same machine. SSLStrip runs on port 10000 by default

GOT INTERSTING..!! If u are a Die Hard Hacker U Must Be, I kno To Be a Hacker, It Takes Years , And Matters Full Of Brain n Passion in Wat He Do.! Lemme Come to Topic..
Step 3:
ARP spoof the target traffic to redirect to hacker’s machine Suppose the Victim machine’s IP is 192.168.1.10 and IP of the gateway is 192.168.1.1. It will poison the victim machine (192.168.1.10) MAC table and instead of sending the traffic to Gateway (192.168.1.1) it will send to the hacker’s machine falsely assuming it as the real gateway.Run the following command on attacker’s machine
arpspoof –t 192.168.1.10 192.168.1.1
It Will Update The Update The ARP Table Of Victim Machine.
Step 4:
Run SSLStrip on hacker’s machine:
Run the following command on Hacker’s machineè
python sslstrip.py -f lock.ico
You can see the log fle in the SSLStrip installation folder for logged credentials.The SSLStrip will log all the traffic coming from Victim’s machine and strips the all the SSL link (https://) to http:// between the Victim and Hacker. Thus the traffic between the Victim to Hacker is transparent and in clear

View page source can also reveal that links are stripped of SSL:
..
Gmail on http: see Figure 7

****IMP Look Up The URL BAR Guys…!! Fuck The SECURITY..! FUCK THE WORLD..!!
An example of Log file of SSLStrip, Passwords logged: see Figure 8.

Guys There We Are…!! Have Spent Some time Get to Know About SSL Stripps Where are Other Guys Was Spendin Time Thinkin About Wen Their GIRL FRIEND STRIPS OFF HER CLOTHES For them..! He he he.. Jus For Kiddin..LOL…!!
GOSH ..!! My Back Hurts !!
Materials Refered, I just gave d cream ,And For Ur Future Reference As Well..If u wanna Kno In Depth Info Fetch the Research Papers Wat I fuckin Gone Thro To Put in ma Own Sentence..! Here They Are…=è
SSLStrip tool:
http://www.thoughtcrime.org/software/sslstrip/
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf


This Contents Are Strictly Belongs To The Property Of (hackersbay.in)-> HACKERS & Also d techie Who Helped To Bring this Paper To Our Readers Nilesh Kumar, A Nerd From HONEYWELL TECHNOLOGY, Bengaluru….!



.

Read More