DHCP STARVATION ATTACK

DHCP STARVATION ATTACK

WHAT IS DHCP STARVATION?


           A DHCP starvation attack works by broadcasting DHCP requests with spoofed MAC addresses. This is easily achieved with attack tools such as gobbler. If enough requests are sent, the network attacker can exhaust the address space available to the DHCP servers for a period of time. This is a simple resource starvation attack just like a SYN flood is a starvation attack. The network attacker can then set up a rogue DHCP server on his or her system and respond to new DHCP requests from clients on the network. Exhausting all of the DHCP addresses is not required to introduce a rogue DHCP server.

How to prevent?

Allied Telesis switches prevent this specialized denial of service attack with port security. You can configure the edge ports with a mac learn limit, which once reached, allows no further mac traffic. You can also configure traps to notify management of the excessive mac activity on the port, and/or disable the port

MOBILE PHONE JAMMER

HOW TO MAKE MOBILE PHONE JAMMER

  

Many cell phones use GSM800 mobile standard to operate, thus our VCO (sweeping oscillator) is tuned to the 800MHz frequency range. It may be quite difficult to make this one to work properly without some skills and good testing tools, but in result you will have the efficient VCO. 

 

 

HOW TO MAKE:

 

1.     USED MIXER WAS ORIGINALLY MADE FOR 600MHZ BUT WE MODIFIED IT A LITTLE AND IT WORKS PERFECTLY FOR 800MHZ.

 

2.     THE AMPLIFIER MAKES FANTASTIC THING WITH OUTPUT POWER. DESPITE IT DRAWS ADDITIONAL POWER SUPPLY, IT IS WORTH IT.

 

 

3.       Jammer case was made from old aluminium box and UHF connectors So we took body of old Motorola phone.

4.       Those connectors must be soldered to the mini-circuit to work properly.

5.       To supply this little signal jammer the nine volts battery with voltage regulator is enough. We have separated it from other electronic components with foam plastic. 

6.       Don't forget to make a power switch for your new creation.

7.       Attach antennas to the UHF connectors. 

 JAMMER SCHEME:

 

SIM CLONE

What is it ?

SIM cloning is the process in which a legitimate SIM card is duplicated. When the cloning is completed, the cloned SIM card's identifying information is transferred onto a separate, secondary SIM card. The secondary card can then be used in a different phone while having all calls and associated charges attributed to the original SIM card. The phrase SIM clone is often used to refer to the SIM card that has been successfully duplicated.

How to make it ?

The stages

• Scan the SIM to extract IMSI (just read it!)

and Ki, the 128 bit key (for COMP128-1

only, so far….)

• Now put the IMSI and Ki into some card

software

• And then copy it into a new SIM card

• We now have a cloned SIM

First we need to read the SIM

• A small reader, connected to a serial port

Then we need to find Ki

• We need Ki and IMSI, we can use Simscan

from Dejan’s pages that will break COMP128-1

Here’s the software

• Simscan ready to go….

  

Now scanning the card

• Searching for the key

Getting there

• The result slowly appears (this one looks interesting)

Now we have it!

• This was a SIM supplied to delegates at a Meeting; Ki is a bit obvious isn’t it!

Now to create the software

• Using some more software from the Internet

Called KiSsMi we create the software for the card

We now need to program the SIM

• We use a single chip PIC computer which is in a SIM

shaped package (GOLD CARD)

• We use a smart card programmer (easily bought

on the Internet)

• And then we program up the card….

The programmer…..

• With the card ready to go

The software for the programmer

• Just load in the software we created with KiSsMi using VxTools

And we now have a cloned card

HOW TO HACK CASH COUNTER MACHINE

HOW TO HACK CASH COUNTER MACHINE

First these days in shopping malls and in other stores in India mostly  they have a cashier machine. What i found is that, they are using Casio electronic cashier. So here is what a hacker will do to hack the casio electronic machine. 

We work on the principal of Buffer Overflow , ya may be u will laugh that how we can produce a buffer overflow in a static chip machine. But the overflow i am talking about is not related to the software we will try to overflow the electronic voltage which is required to run the Casio machine. To get the root access of the machine.

We need,

1.      First you need a Pair of Gloves

2.     Second you need a 20V battery

3.    Third two wires one is Blue  and One going to be brown

Procedure 

Step 1:- First Go to any mall and look around for the electricity plugin its always beside the cashier take it of for 3 seconds and wire the 2 blue-brown cooper cable to the Real cashier power plugin
then plug it in

Step 2:-As the 20V hits the circuit the embedded CPU in it will go to its default initial state.so it will go to the Root password.  

Step 3:- Fill the default username and password 
User: Admin Pass: Admin

You successfully hacked the Casio Cashier machine

DIFFERENCE BETWEEN HTTP & HTTPS

DIFFERENCE BETWEEN HTTP & HTTPS

MANY PEOPLE ARE UNAWARE OF

**The main difference between http:// and https:// is It's all about keeping you secure**

 http stands for hypertext transfer protocol

https stands for Hyper Text Transfer Protocol Secure

https  is a Web protocol developed by Netscape

The important thing is the letter S which makes the difference between HTTP and HTTPS.

The S (big surprise) stands for "Secure". If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://.

This is why you never ever enter your creThis means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.

dit card number in an http website! But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.

Difference between HTTP and HTTPS:

1. URL begins with “http://" in case of HTTP while the URL begins with “https://” in case of HTTPS.
2. HTTP is unsecured while HTTPS is secured.
3. HTTP uses port 80 for communication while HTTPS uses port 443 for communication.
4. HTTP operates at Application Layer while HTTPS operates at Transport Layer.
5. No encryption is there in HTTP while HTTPS uses encryption.
6. No certificates required in HTTP while certificates required in HTTPS.

PREPARED BY :

CHIRAYU PANDIT

SMTP

SMTP

Smtp for sending emails & either pop3 orimap for receiving emails. Html Unix-based systems send mail is the most widely used smtp servers for email.  A commercial package send mail includes a pop3 server. Microsoft exchange includes an smtp server and can also be set upto include pop3 support.

Smtp usually is implemented to operate over internet port25. An alternate to smtp that is widely used in Europe is x400. Many mail servers now support extended simple mail transfer protocol(esmtp) which aloows multimedia files to be derived email.

FTP

FTP

                          File transfer protocol (ftp) a standard internet protocol is the simplest way to exchange files between computers on the internet. Like the hypertext transfer protocol (http) which transfers displayable web pages and related files and the simple mail transfer protocol which transfers e-mail. FTP is an application protocol that uses the internet’s TCP/IP protocols. FTP is commonly used to transfer webpage file. It’s also commonly used to download programs and other files to your computer from other servers.

                          Your web browser can also male FTP request to download programs you select from a webpage using FTP. You can also update, delete, rename, move and copy files at a server. You need to logon an FTP server publicly available files are easily accessed using anonymous FTP.