Encode your secret messages in Your Facebook Pics

Facebook is a place where you can share pictures of cute animals and fun activities. Now there’s a browser extension that lets you encode those images with secret, hard-to-detect messages.  With the extension, anyone — you, your sister, a terrorist — could share messages hidden in JPEG images uploaded to Facebook without the prying eyes of the company, the government or anyone else noticing or figuring out what the messages say. The only way to unlock them is through a password you create.

The goal of this research was to demonstrate that JPEG steganography can be performed on social media where it has previously been impossible,” Campbell-Moore tells Danger Room. He says he spent about two months spread out over the last year working on the extension as a research project for the university.

The extension is only available for the Google Chrome browser — Campbell-Moore cites its developer tools and popularity — and the messages are restricted to 140 characters. Less certain is what Facebook thinks; a spokesman declined to comment. But it’s still the first time anyone’s managed to figure out how to automate digital steganography — the practice of concealing messages inside computer files — through Facebook, the world’s biggest social media platform. Unlike cryptography, which uses ciphertext to encrypt messages, steganographic messages are simply hidden where no one would think to look.

How to do 
1.Go the link  secret book chrome store

2.Click add to chrome

Quickstart

Refresh Facebook. Press ctrl+alt+a while on Facebook to encode a message. Press ctrl+alt+a while looking at a photo to decode a message.

Creating a new secret message

If you've just installed Secretbook then please refresh Facebook before trying to use this extension.

1. Securely share a password with the friend you wish to communicate secretly with.
2. While on Facebook press ctrl+alt+a to activate the secret system.
3. Use the dialogue to create an image. Upload this new image to any album on Facebook or post it on your friend's wall.
   • Note that sending secret messages via messaging is not yet implemented
4. Attempt to receive the message from the image you just uploaded in case an error occurred!
5. Optional: Mention your friend in a comment or the description to ensure they know to check it for a message.

Your friend can now use the password you shared to decode the message.

Receiving a secret message

1. While looking at an image on Facebook press ctrl+alt+a to activate the secret system.
2. Enter your shared password to receive the secret message.

Secretbook has to be subtle. It uses Google Chrome’s web extension platform, since Facebook’s in-house apps publicly list their users — which would defeat the purpose of a secrecy tool. Since the extension runs through a web browser without a server connection, the users can’t be detected by network analysis. It’s also hard for Facebook to block or remove permissions, as the extension doesn’t rely on a Facebook API key.

Read more »

Simulation and Analysis of Routing Protocol under CBR and TCP Traffic Source in NS2

In this project we are going to investigate the performance of some routing protocols for Ad-Hoc Networks under CBR and TCP traffic source. The behaviors of TCP still have not well understood in the multi-hop wireless networks. Through this paper we are able to find that how TCP will react under different network conditions. In this traffic and mobility scenarios play an important role in evaluating the performance of these networks, despite comment and belief from various researches on TCP's weaknesses on MANET. As Mobile Ad-Hoc Network (MANET) support multi-hops wireless communication without using any existing infrastructure or centralized administration. And support continuous changing network topology, provides distributed operations, easily deployment and thus, routing becomes a challenging task. A different flavor of reactive and proactive routing protocols are analyze with varying network conditions and speed to find an optimized route from a source to some possible destination. This paper presents how routing protocol will behave in less and more stressful condition, performance of mobile ad hoc network routing protocol such as AODV, DSDV, DSR, to simulate the above said protocol on the base of normalize routing load, throughput, Average End-to-End to delay, packet loss and packet delivery fraction. For our simulation we used a discrete event simulator known as Network Simulator version 2.34.

The code is here in github : https://github.com/ebine/cbr-ftp-comparison-/blob/master/xgragh.tcl

Read more »

AODV routing Protocol simulation using NS2

The Network Simulator (NS-2) is a most widely used network simulator. It has the capabilities to simulate a range of networks including wired and wireless networks. In this tutorial, we present the implementation of Ad Hoc On-Demand Distance Vector (AODV) Protocol in NS-2.This tutorial is targeted to the novice user who wants to understand the implementation of AODV Protocol in NS-2

FILE REFERENCE OF AODV.H 

The step by step process happening in AODV network simulation in NS2

1. In the TCL script, when the user configures AODV as a routing protocol by using the command,

$ns node-config -adhocRouting AODV

the pointer moves to the “start” and this “start” moves the pointer to the Command function of AODV protocol.

2. In the Command function, the user can find two timers in the “start”

* btimer.handle((Event*) 0);

* htimer.handle((Event*) 0);

3. Let’s consider the case of htimer, the flow points to HelloTimer::handle(Event*) function and the user can see the following lines:

agent -> sendHello();

double interval = MinHelloInterval + ((MaxHelloInterval - Min-HelloInterval) * Random::uniform());

assert(interval -> = 0);

Scheduler::instance().schedule(this, &intr, interval);

These lines are calling the sendHello() function by setting the appropriate interval of Hello Packets.

4. Now, the pointer is in AODV::sendHello() function and the user can see Scheduler::instance().schedule(target , p, 0.0) which will schedule the packets.

5. In the destination node AODV::recv(Packet*p, Handler*) is called, but actually this is done after the node is receiving a packet.

6. AODV::recv(Packet*p, Handler*) function then calls the recvAODV(p) function.

7. Hence, the flow goes to the AODV::recvAODV(Packet *p) function, which will check different packets types and call the respective function.

8. In this example, flow can go to case 

AODVTYPE HELLO:

recvHello(p);

break;

9. Finally, in the recvHello() function, the packet is received.

hope you have got it how to do ...
you can also generate the codes using NSG2

The files related are given below

aodv.cc

aodv.h

simple-wireless.tcl

Read more »

Essential Network Security Tools for Hacking

  Wireshark

Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source multi-platform network protocol analyzer. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tshark is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

  Metasploit

Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality.
Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).
The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs.

Nessus

Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.
Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name

Aircrack

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It implements the best known cracking algorithms to recover wireless keys once enough encrypted packets have been gathered. . The suite comprises over a dozen discrete tools, including airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

Snort

This network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.
While Snort itself is free and open source, parent company SourceFire offers their VRT-certified rules for $499 per sensor per year and a complementary product line of software and appliances with more enterprise-level features. Sourcefire also offers a free 30-day delayed feed

  Cain and Abel

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols

BackTrack
This excellent bootable live CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.


 NETCAT
This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool to use directly or easily drive by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections.
The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its popularity. It can sometimes even be hard to find a copy of the v1.10 source code. The flexibility and usefulness of this tool prompted the Nmap Project to produce Ncat, a modern reimplementation which supports SSL, IPv6, SOCKS and http proxies, connection brokering, and more. Other takes on this classic tool include the amazingly versatile Socat, OpenBSD's nc, Cryptcat, Netcat6, pnetcat, SBD, and so-called GNU Netcat
Tcpdump
Tcpdump is the network sniffer we all used before (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI and parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with less security risk. It also requires fewer system resources. While Tcpdump doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. tcpdump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap and many other tools. Read 1 review.

  John the Ripper
  John the Ripper is a fast password cracker for UNIX/Linux and Mac OS X.. Its primary purpose is to detect weak Unix passwords, though it supports hashes for many other platforms as well. There is an official free version, a community-enhanced version (with many contributed patches but not as much quality assurance), and an inexpensive pro version. You will probably want to start with some wordlists, which you can find here, here, or here.

Kismet
Kismet is a console (ncurses) based 802.11 layer-2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/tcpdump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, etc.

 Ping/telnet/dig/traceroute/whois/netstat

While there are many advanced high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although more advanced functionality is available from Hping and Netcat.

Read more »

Howto: Sniff or Hack someone’s username and password over an SSL encrypted connection with Ubuntu Linux

Do you think you're safe if you type https :// before gmail.com or paypal.com? I hope you'll think twice before you login from a computer connected to a wireless network after reading this guide. Let's start at the beginning. Let's say you have an evil neighbour who wants your paypal credentials. He buys himself a nice laptop with a wireless card and, if you are using a wep encryption, he cracks your wep code (click here to see how). After cracking the key he logs into your network. Maybe you always allowed him to use your network because you thought it can't do any harm to your computer. You aren't sharing any folders so what's the problem? Well, in the next few steps I'm going to describe the problem.

Guide

1. Let's assume your neighbour uses linux to crack your wep key. After cracking it, he installs ettercap (http://ettercap.sourceforge.net/) on his linux system. If you want to do this at home, I would recommend you to download BackTrack because it already has everything installed. If you want to install it on your own linux distribution, download the source and install it with the following commands:

$ tar -xzvf ettercap-version.tar.gz

$ make

$ make install

To install in Ubuntu simply click here within firefox or:
sudo apt-get install ettercap-gtk

2. After installing, you need to uncomment some code to enable SSL dissection. Open up a terminal window and type “nano /usr/local/etc/etter.conf”, without the quotes. Scroll down using your arrow keys until you find this piece of code:

if you use iptables:

# redir_command_on = “iptables -t nat -A PREROUTING -i %iface -p tcp -dport %port -j REDIRECT -to-port %rport”

# redir_command_off = “iptables -t nat -D PREROUTING -i %iface -p tcp -dport %port -j REDIRECT -to-port %rport”

You need to uncomment the last two lines.

redir_command_on = “iptables -t nat -A PREROUTING -i %iface -p tcp -dport %port -j REDIRECT -to-port %rport”

redir_command_off = “iptables -t nat -D PREROUTING -i %iface -p tcp -dport %port -j REDIRECT -to-port %rport”

3. Press CTRL+O, press enter to safe the file and then press CTRL+X.

4. Start Ettercap and click on Sniff > Unified Sniffing > type in your wireless interface and press ok.

5. Press CTRL+S to scan for hosts

6. Go to MITM > ARP poisoning, select sniff remote connections and press ok.

7. Now you (and your neighbour!) can start sniffing! Press start > start sniffing. Walk to another computer on your network and open up paypal or any other site where you need to type in an username/password (gmail, hotmail, digg.com, etc.). All credentials will appear on the computer running Ettercap!

8. When you're done, don't just close Ettercap, but go to Start > Stop Sniffing, and then go to MITM > Stop mitm attack(s).

But how does all this stuff work?

Look at the following scheme:

Normally when you type in a password, host 1 (your computer) directly connects to host 2 (your modem or router). But if someone launced Ettercap on your network, host 1 isn't sending it's passwords to host 2, but to the Attacking host, the host that's running Ettercap! The attacking host sends everything to Host 2. This means that host 1 isn't noticing anything! Exactly the same happens with everything that host 2 is sending. Host 2 doesn't send packets directly to host 1, but forst to the attacking host.

Read more »