Hackers Could Hijack Your Facebook Fan Page With This Trick

Facebook bounty hunter Laxman Muthiyah from India has recently discovered his third bug of this year in the widely popular social network website that just made a new record by touching 1 Billion users in a single day.

At the beginning of the year, Laxman discovered a serious flaw in Facebook graphs that allowed him to view or probably delete others photo album on Facebook, even without having authentication.

Just after a month, Laxman uncovered another critical vulnerability in the social network platform that resided in the Facebook Photo Sync feature, that automatically uploads photos from your mobile device to a private Facebook album, which isn’t visible to any of your Facebook friends or other Facebook users.

However, the flaw discovered by Laxman could allowed any third-party app to access and steal your personal photographs from the hidden Facebook Photo Sync album.

Hacking Any Facebook Page

Now, the latest bug in Laxman's list could allow attackers to take over control of your Facebook pages.

This time Laxman has found an issue with the "Facebook business pages" that are not specific to a single user account, but instead represent a business and are usually managed by a number of users.

However, Laxman could allow third-party apps to take complete control of a Facebook business page with limited permissions, possibly making the victim permanently lose administrator access to the page.

Here's How:

Third party Facebook applications are capable of performing all sets of operations, including post status on your behalf, publishing photos, and other tasks, but Facebook doesn't allow them to add or modify page admin roles.

Facebook allows a page administrator to assign different roles to different people in the organisation through manage_pages, a special access permission requested by third-party apps.

However, according to Laxman, an attacker can use a simple string of requests in an attempt to make himself as admin of the particular Facebook page.

Sample Request

The string something look like this:

POST /PGID/userpermissions HTTP/1.1Host: graph.facebook.comContent-Length: 245role=MANAGER&user=X&business=B&access_token=AAAA…

Here, page PGID belongs to business B, where one can manage_pages request to make user 'X' as a MANAGER (assign as an administrator) of the page.

This means these small changes in the request parameters could allow an attacker to gain complete control over your Facebook page.

Video Demonstration

Laxman has also provided a video demonstration that shows the attack in work. You can watch the video given below that will walk you through the entire procedure:

Laxman reported the flaw to the Facebook security team and received the reward of $2500 USD as a part of Facebook's bug bounty program.

Though the social network has now fixed the loophole, you must always be aware of the permissions you grant to any third-party applications.

Recommended Articles To Become A Hacker:

How To Become A Hacker - Basic Guide For Beginners 2015

Understand The Hacker Mindset To Become A Real Hacker

Programming Languages For Hackers And Learn It From Most 6 Helpful Websites

Installing Hacker's OS Kali Linux In VMware (Beginners Guide With Screenshots)

Easy Steps to Create Web Penetration Testing Lab in Kali Linux

Introduction to using Metasploit in Kali Linux

An Introduction To Hacker’s OS: Kali Linux And Setup Tutorial.

Linux Powerful Distros For Hacking Or Security: Kali, Tails And Qubes

Become A Hacker: What Is Denial of Service (DoS) Attack?

Kali Linux Tutorial: Hack a Website login Page Password Using Wireshark

Whenever you login into a website that requires a username and password, your information is sent to the site to verify your credentials.

This is nothing new and happens constantly whether its Facebook or Gmail.

Ever wonder how hackers capture these passwords?

It is done by using tools such as Wireshark which is built into Pen testing operating systems such as Kali Linux.

As most people know browsers use HTTP to do a request and response that are sent over the internet.

What many don’t realize is HTTP is not encrypted and data is sent in the clear.

This has been updated to use a secure form of HTTP called HTTPS, but the fact is that unless a site is a bank or other secure site most don’t use HTTPS.

To make matters worse a clever MitM (Man-in-the-Middle) attack can fool HTTPS if done cleverly.

A clever MitM attack with tools such as Ettercap will take all the information from a target computer and funnel it through their machine. When a HTTPS request is sent to a secure site the machine in the middle strips the HTTPS request and sends a HTTP request which will send a password back to the attacker in the clear.

The victim is never the wiser since the data they requested is still sent to them.

To combat this most secure sites now do not send HTTP request at all and only allow HTTPS.

But what about the majority of sites that do send simple HTTP request?

Sites that still use HTTP are venerable to tools such as Wireshark and usernames and passwords can be displayed.

Before Wireshark can be run on a victim they must be on the same network. To test this on your own network will be easy since you already belong to it.

Steps to using Wireshark and Kali Linux.

1…

Start Kali Linux and go to Application–>Sniffing spoofing–>Network Sniffers–>wireshark

2…

After Wireshark starts click on interface and choose the interface you want to use such as Ethernet or wireless.

3…

Wireshark will begin to show all the data that it being transmitted on the network.

4…

To narrow down the information you are looking for with out all the clutter filters can be used.

For example to narrow down a specific IP Address the following is typed into the filter bar.

ip addr ==(target IP address)
example (ip addr ==192.168.0.1)

Summary

If your a system administrator than Wireshark can be helpful in many ways in analyzing traffic. If you are a webmaster than knowing how venerable HTTP is something that must be considered. Using tools such as Wireshark will give you insight into how a potential attack will be done and give you insight intosecuring your network.

New Android Vulnerable - Hackers To Take Over Your Phone

This time Everything is Affected!

Yet another potentially dangerous vulnerability has reportedly been disclosed in the Google's mobile operating system platform – Android.

Android has been hit by a number of security flaws this month, including:

•  Stagefright vulnerability that affects 950 Million Android devices worldwide
• A critical mediaserver vulnerability that threatened to crash more than 55 percent of Android devices
• Another critical flaw (CVE-2015-3842) discovered last week, affected almost all the versions of Android devices

This time the issue resides in the multitasking capability of the Android phones, the ability to run more than one app at a time.

The security flaw gives hacker ability to spy on Android smartphone owners, steal login credentials, install malware, and many more, according to the latest research conducted by the researchers at thePennsylvania State University and FireEye.

How the Attack Works?

According to security researchers, the flaw could be exploited to lure the victim into unwittingly handing over their login details into a spoofed user interface, controlled by a hacker, when an Android user starts an app.

The device owner won't at all be aware that they are typing their sensitive details into a malicious software program masquerading as a legit Android app.

The researchers published their research in a paper titled, "Towards Discovering and Understanding Task Hijacking in Android" [PDF], which they presented at the USENIX Security 15 conference in Washington DC last week.

The study explained practical details of how multitasking within Android differs from multitasking within desktop operating systems that focused on what happens when an app or multiple apps run in one or multiple processes simultaneously creating Multi-Tasks.

Multitasking in Android allows us to gain advantage in a way:

• By being able to switch between the apps
• Apps being able to maintain their state in the background
• Easy task or app switching

Task Hijacking Attacks on Large Scale

Android task management mechanism is threatened by severe security risks. When maltreated, these convenient multitasking features can backfire and initiate task hijacking attacks on a vast scale.

The researchers analyzed more than 6.8 Million apps from multiple Android app stores and found that the task hijacking flaw is prevalent in all apps. Since many Android apps depend on "the current multitasking design, defeating task hijacking is not easy."

The researchers also claimed that the vulnerability can impersonate the user interface of the app, which is controlled by the attacker on the other hand.

You can watch the video to find the quick overview of the vulnerability.

This is just one scenario where the attacker is deploying phishing attack on Android users, and gaining their privacy credentials.

Yet More to Come

There can be instances where the users can be the victims of Ransomware, Distributed Denial of Service (DDoS) attacks and other cyber attacks.

The five security researchers – Peng Liu and Chuangang Ren from the Pennsylvania State University, and Yulong Zhang, Tao Wei and Hui Xue from FireEye – involved in the research reported the security hole to the Android team.

"We appreciate this theoretical research as it makes Android's security stronger," said a Google spokeswoman.

You are safe as; as Google said that customers are protected from hijacking and phishing attacks withAndroid's Verify Apps and Safety Net features.

Also, you can keep yourself safe by installing apps from trusted sources and keeping your safety completely with you.

Code Injection Attacks - Basic Guide For Beginners

Well here is a pretty lengthy article on code injection attacks which I think is going to benefit you in the future when it comes on to hacking although it has a lot of content trust it’s very important so hope you enjoy. Like buffer overflows in system code, injection attacks have been a serious issue in the web world for many years, and like buffer overflows, there are many different kinds of code injection attacks. Broadly defined, this class of attacks could easily fill a chapter. However, because we are focusing on the basics, we will examine the most basic type of code injection: the classic SQL injection. We will explore the basic commands needed to run an SQL injection and how it can be used to bypass basic web application authentication. Injection attacks can be used for a variety of purposes including bypassing authentication, manipulating data, viewing sensitive data, and even executing commands on the remote host.

Must Read:

• How to Hack Website Using Sql Map in Kali Linux - Sql Injection
• An Introduction To Buffer Overflow Attack With Example

Most modern web applications rely on the use of interpreted programming languages and backend databases to store information and generate dynamically driven content to the user. There are many popular interpreted programming languages in use today including PHP, Javascript, ASP, Structured Query Language (SQL), Python, and countless others. An interpreted language differs from a compiled language because the interpreted language generates machine code just before it is executed. Compiled programming languages require the programmer to compile the source code and generate an executable (.exe) file. In this case, once the program is compiled, the source code cannot be changed unless it is recompiled and the new executable is redistributed.

In the case of modern web applications, like an e-commerce site, the interpreted language works by building a series of executable statements that utilize both the original programmer’s work and input from the user. Consider an online shopper who wants to purchase more RAM for his computer. The user navigates to his favorite online retailer and enters the term “16gb RAM” in the search box. After the user clicks the search button, the web app gathers the user’s input (“16gb RAM”) and constructs a query to search the backend database for any rows in the product table containing “16gb RAM.” Any products that contain the keywords “16gb RAM” are collected from the database and returned to the user’s browser.

Understanding what an interpreted language is and how it works is the key to understanding injection attacks. Knowing that user input will often be used to build code that is executed on the target system, injection attacks focus on submitting, sending, and manipulating user-driven input. The goal of sending manipulated input or queries to a target is to get the target to execute unintended commands or return unintended information back to the attacker. The classic example of an injection attack is SQL injection. SQL is a programming language that is used to interact with and manipulate data in a database. Using SQL a user can read, write, modify, and delete data stored in the database tables. Recall from our example above that the user supplied a search string “16gb RAM” to the web application (an e-commerce website). In this case, the web application generated an SQL statement based off of the user input. It is important that you understand there are many different flavors of SQL and different vendors may use different verbs to perform the same actions. Specific statements that work in Oracle may not work in MySQL or MSS QL.

The information contained below will provide a basic and generic framework for interacting with most applications that use SQL, but you should strive to learn the specific elements for your target. Consider another example. Assume that our network admin Ben Owned is searching for a Christmas present for his boss. Wanting to make up for many of his past mistakes, Ben decides to browse his favorite online retailer to search for a new laptop. To search the site for laptops, Ben enters the keywords “laptop” (minus the quotes) into a search box. This causes the web application to build an SQL query looking for any rows in the product table that include the word “laptop.” SQL queries are among the most common actions performed by web applications as they are used to search tables and return matching results. The following is an example of a simple SQL query:

SELECT * FROM product WHERE category = ‘laptop’;

In the statement above, the “SELECT ” verb is used to tell SQL that you wish to search and return results from a table. The “*” is used as a wildcard and instructs SQL to return every column from the table when a match is found. The “FROM ” keyword is used to tell SQL which table to search. The “FROM ” verb is followed immediately by the actual name of the table (“product” in this example). Finally, the “WHERE ” clause is used to set up a test condition. The test condition is used to restrict or specify which rows are to be returned back to the user. In this case, the SELECT statement will return all the rows from the product table that contain the word “laptop” in the “category” column. It is important to remember that in real life, most SQL statements you will encounter are much more complex than this example. Oftentimes, an SQL query will interact with several columns from several different tables in the same query. However, armed with this basic SQL knowledge, let us examine this statement a little more closely. We should be able to clearly see that in our example the user created the value to the right of the “=” sign, whereas the original programmer created everything to the left of the “=” sign. We can combine this knowledge with a little bit of SQL syntax to produce some unexpected results. The programmer built an SQL statement that was already fully constructed except for the string value to be used in the WHERE clause. The application accepts whatever the user types into the “search” textbox and appends that string value to the end of the already created SQL statement. Lastly, a final single quote is appended onto the SQL statement to balance the quotes. It looks like this when it is all done:

SELECT * FROM product WHERE category = ‘laptop’

where SELECT * FROM product WHERE category =‘ is created ahead of time
by the programmer, while the word laptop is user-supplied and the final ‘ is appended by the application to balance quotes. Also notice that when the actual SQL statement was built, it included single quotes around the word “laptop.” SQL adds these because “category” is a string datatype in the database. They must always be balanced, that is there must be an even number of quotes in the statement, so an SQL syntax error does not occur. Failure to have both an opening and closing quote will cause the SQL statement to error and fail. Suppose that rather than simply entering the keyword, laptop, Ben entered the

following into the search box:

laptop’ or 1 = 1–

In this case the following SQL statement would be built and executed:

SELECT * FROM product WHERE category = ‘laptop’ or 1 = 1–‘

By adding the extra quote, Ben would close off the string containing the user supplied word of ‘laptop’ and add some additional code to be executed by the SQL server, namely:

or 1 = 1–

The “or” statement above is an SQL condition that is used to return records when either statement is true. The “—” is a programmatic comment. In most SQL versions, everything that follows the “—” is simply ignored by the interpreter. The final single quote is still appended by the application, but it is ignored. This is a very handy trick for bypassing additional code that could interfere with your injection. In this case the new SQL statement is saying “return all of the records from the product table where the category is ‘laptop’ or 1 = 1.” It should be obvious that 1 = 1 is always true. Because this is a true statement, SQL will actually return ALL of the records in the product table! The key to understanding how to use SQL injections is to understand the subtleties in how the statements are constructed.

On the whole, the example above may not seem too exciting; instead of returning all the rows containing the keyword laptop, we were able to return the whole table. However, if we apply this type of attack to a slightly different example, you may find the results a bit more sensational. Many web applications use SQL to perform authentication. You gain access to restricted or confidential locations and material by entering a username and password. As in the previous example, oftentimes this information is constructed from a combination of user-supplied input, the username and password, and programmer-constructed statements.

Consider the following example. The network admin Ben Owned has created a new website that is used to distribute confidential documents to the company’s key strategic partners. Partners are given a unique username and password to log into the website and download material. After setting up his secure website, Ben asks you to perform a penetration test against the site to see if you can bypass his authentication. You should start this task by using the same technique we examined to return all the data in the “products” table. Remember the “—” is a common way of commenting out any code following the “—”. As a result, in some instances it is possible to simply enter a username followed by the “—” sequence. If interpreted correctly, this can cause the SQL statement to simply bypass or ignore the section of code that checks for a password and give you access to the specified user. However, this technique will only work if you already know a username. If you do not know the username, you should begin by entering the following into the username text box:

‘or 1 = 1–

Leaving the username parameter blank and using an expression that will always evaluate to true is a key way to attack a system when we are unsure of the usernames required to log into a database. Not entering a username will cause most databases to simply grab the first user in the database. In many instances, the first user account in a database is an administrative account. You can enter whatever you want for a password (for example, “syngress”), as it will not even get checked by the database because it is commented out. You do need to supply a password to bypass client-side authentication (or you can use your intercepting proxy to delete this parameter altogether).

SELECT * FROM users WHERE uname = ‘‘or 1 = 1– and pwd = ‘syngress’

At this point you should either have a username or be prepared to access the database with the first user listed in the database. If you have a username, we need to attack the password field; here again we can enter the statement:

‘or 1 = 1–

Because we are using an “or” statement, regardless of what is entered before the first single quote, the statement will always evaluate to true. Upon examining this statement, the interpreter will see that the password is true and grant access to the specified user. If the username parameter is left blank, but the rest of the statement is executed, you will be given access to the first user listed in the database. In this instance, assuming we have a username, the new SQL statement would look similar to the following:

SELECT * FROM users WHERE uname = ‘admin’ and pwd = ‘’or 1 = 1–

In many instances, the simple injection above will grant you full access to the database as the first user listed in the “users” table. In all fairness, it should be pointed out that it is becoming more uncommon to find SQL injection errors and bypass authentication using the techniques listed above. Injection attacks are now much more difficult to locate. However, this classic example still rears its head on occasion, especially with custom built apps, and it also serves as an excellent starting point for learning about and discovering the more advanced injection attacks.so there you have it guys you can research on it more and try out some techniques yourself.

Recommended Articles To Become A Hacker:

How To Become A Hacker - Basic Guide For Beginners 2015

Understand The Hacker Mindset To Become A Real Hacker

Programming Languages For Hackers And Learn It From Most 6 Helpful Websites

Installing Hacker's OS Kali Linux In VMware (Beginners Guide With Screenshots)

Easy Steps to Create Web Penetration Testing Lab in Kali Linux

Introduction to using Metasploit in Kali Linux

An Introduction To Hacker’s OS: Kali Linux And Setup Tutorial.

Linux Powerful Distros For Hacking Or Security: Kali, Tails And Qubes

Become A Hacker: What Is Denial of Service (DoS) Attack?

Web Encryption Protocol That Even Quantum Computers Can't Crack

Sometimes, instead of black and white we tend to look out, how a grey would look?

Yes, today we are going to discuss the ‘entangling’ or ‘superpositioning’ which is a power packed functionality of quantum computers. And simultaneously, how can they pose a threat when fully launched in the world.

Superposition is a state in which a system can be in multiple stages i.e. it can be ‘up’ and ‘down’ at the same time. The Quantum systems can hit different modules of a problem simultaneously, split across possible versions of the universe.

What are Quantum Computers?

Quantum computers are going to be the next huge development in computing for processing data, with an ability to perform calculations thousands of times faster than today’s modern supercomputers.

Quantum computing is not well suited for tasks such as word processing and email, but it is ideal for tasks such as cryptography, modeling and indexing enormous databases.

A quantum computer can compute in minutes or hours what a conventional computer would take years or much longer to do the same action.

Quantum computers are threatening to kill something on which we have the highest faith.

Want to know what that is? Read on...

Quantum Computers vs. Encryption

‘Encryption’- the thing on which the privacy and security of whole Internet depend on - is going to abolish with the production of quantum computers.

When a message is secured with a modern encryption system, the keys used to lock it are typically very large in numbers; tens, if not hundreds, of digits long.

Therefore, finding that key and breaking the lock means using a computer to carry out lots of sums and then trying each answer to see if it unlocks a message or not is a huge task for hackers.

As per Peter Shor, a mathematician, who says fully working quantum computer could factor large numbers easily, thus making it capable of breaking already existing strongest forms of encryption, used to protect things like financial and medical data.

The CIA, Google, NSA and Microsoft have already set up their labs and working hard to build such a system that could create either revolution or panic!

New Encryption Protocol that Even Quantum Computers can’t Crack

However, before the development of Quantum computers, we need a quantum computer-proof web encryption protocol to keep the Internet a safer place for next generation.

Microsoft has already took an initiative, and is working with chip maker NXP and Queensland University of Technology (QUT), to build a new protocol of key exchange model that is suitable for use in SSL/TLS and can’t be cracked easily by Quantum computers.

The team has already developed a robust encryption protocol prototype that they explained can slow down cracking process by 21 percent than the versions using elliptic curve cryptography.

Rather than multiplying large prime numbers together, or using elliptic curve cryptography, the mathematical operation of new protocol is based upon multiplying polynomials together, then adding some random noise, which makes it much harder to crack.

Future of Quantum Computing?

As we live in the notion where encryption is rock-solid and is unbreakable. However, within the foreseeable future, cracking those same codes could become accessible, thanks to quantum computing.

Quantum computers have a lot of potential, which can be of a great advantage like they can allow researchers to design better circuits as well as offers sturdy growth in artificial intelligence.

D-Wave One, a Canada-based Quantum computing company developed the only commercially available quantum computer. And within a period of 2 years it has doubled its computational power.