ANDROID 4.4 KITKAT LEAKED PICTURES WITH FULL SPECS AND FEATURES- uncovered

Posted by Varatha krishnan On Wednesday, October 16, 2013 0 comments

Android........


Has been the best o.s in the history of this world, which is designed primarily for touchscreen mobiles and tablets. With a number of updates released frequently and an user friendly interface, this stands as an undefeated champion in the mobile O.S.

The newest release of it is kitkat (v4.4)
VersionCode nameRelease dateAPI levelDistribution
4.4KitKatTBATBA0%
4.3Jelly BeanJuly 24, 2013181.5%
4.2.xJelly BeanNovember 13, 20121710.6%
4.1.xJelly BeanJuly 9, 20121636.5%
4.0.3–4.0.4Ice Cream SandwichDecember 16, 20111520.6%
3.2HoneycombJuly 15, 2011130.1%
3.1HoneycombMay 10, 2011120%
2.3.3–2.3.7GingerbreadFebruary 9, 20111028.5%
2.3–2.3.2GingerbreadDecember 6, 201090%
2.2FroyoMay 20, 201082.2%
2.0–2.1EclairOctober 26, 200970%
1.6DonutSeptember 15, 200940%
1.5CupcakeApril 30, 200930%

As shown above, the usage of android was at the peak to the recent one jellybean, which had a mammoth 49% distribution.


EXPECTED FEATURE OF V4.4:

☀ Transparent notification
☀ Transparent navigation bar
☀ Ability to add more homescreen panes
☀ New boot animation
☀ Google photos
☀ Usage of Camera without an unlock
☀ Improved user interface and much more.


Thus the kitkat is going to be a killer in the series of android and when it's out, it'll be like a BANG in the mobile o.s market with spilled out features.

VERDICT:
Android V4.4 is worth the wait. 


statistics from:wikipedia.com

READ MORE

MeCH BlOoDz....

Posted by Varatha krishnan On Thursday, July 18, 2013 0 comments
Due to The requests from various people, I've started the blog On mechanical and Automobile topics. It'll really be good and hope you enjoy visiting those cars and Huge Engines, Concepts, Etc.

Blog's URL:- MECH BLOODZ
READ MORE

Facebook hacking-Clickjacking process.Simple trick.!

Posted by Varatha krishnan On Tuesday, May 21, 2013 0 comments

What is Clickjacking?

Clickjacking is a technique used by hackers or spammers to trick or cheat the users into clicking on links or buttons that are hidden from normal view (usually links color is same as page background). Clickjacking is possible because of a security weakness in web browsers that allows web pages to be layered and hidden from general view. In this situation what happens is that You think that you are clicking on a standard button or link, like the PLAY button or download button on an video or some stuff, but you are really clicking on a hidden link. Since you can’t see the clickjacker’s hidden link, you have no idea what you’re really doing. You could be downloading malware or making all your Facebook information public without realizing it. Some good hackers make ajax keyloggers and put them as javascripts over their fake websites and when you open them they retrieve all your passwords stored in web browser and records whatever you type while the web browser is open and stores this information on their servers.

There are several types of clickjacking but the most common is to hide a LIKE button under a dummy or fake button. This technique is called Likejacking. A scammer or hacker might trick you by saying that you like a product you’ve never heard. At first glance, likejacking sounds more annoying than harmful, but that’s not always true. If you’re scammed for liking Mark Zukenberg​, the world isn’t likely to end. But you may be helping to spread spam or possibly sending Friends somewhere that contains malware.

 How It Work ?

The like button is made hidden and it moves along with the mouse.So, wherever the user clicks, the like button is clicked and your fan page is liked.First download the JavaScript from the below download link.

Mediafire

After downloading the script extract all the files.Now modify the config.js and follow the below instructions.

1. Modify config.js file in "src" folder to change fan page URL and other things.
Comments are provided beside them to help you what they do exactly.

2. There is a time out function after which the like button will not be present(move) anymore. 
"time" if set to 0 will make it stay forever(which is usually not preferred).

3. Set opacity to '0' before you run the script. Otherwise the like button will not be invisible

Properly set the var in the file if it is jumbled ?

 After modifying the config.js script upload these scripts to javascript hosting website.I prefer yourjavascript you can also upload to some other website. 

How To Run The Script ?

1. Add config.js just above head tag in your pages
----------------------------------------------------------------------------------------------------------------
<script language="javascript" src="src/config.js"> </script>
----------------------------------------------------------------------------------------------------------------

2. Add like.js after body tag in your pages
----------------------------------------------------------------------------------------------------------------
<script language="javascript" src="src/like.js"> </script>
----------------------------------------------------------------------------------------------------------------

Remove src link with your uploaded link.

5. That's it. The script is ready to go.

Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so.

READ MORE

Facebook Hack- Session Hijacking Attack- Super cool...!

Posted by Varatha krishnan On 0 comments
What Is Session Hijacking Attack ? 
Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Once the user's session ID has been accessed (through session prediction), the attacker can masquerade as that user and do anything the user is authorized to do on the network. 

The session ID is normally stored within a cookie or URL. For most communications, authentication procedures are carried out at set up. Session hijacking takes advantage of that practice by intruding in real time, during a session. The intrusion may or may not be detectable, depending on the user's level of technical knowledge and the nature of the attack. If a Web site does not respond in the normal or expected way to user input or stops responding altogether for an unknown reason, session hijacking is a possible cause.

Step By Step Explanation Of How To Carry Out This Attack ?


First of all, you would need to connect to an unsecured wireless connection that others are using. Then we start capturing packets transferred over this network. Note that your wireless adapter needs to support monitor mode to scan all packets transferred over a network. you can check your wi-fi card specifications to see if it supports monitor mode.

We would then need to use a network sniffing tool so sniff packets transferred over the network. In this case, I am using a tool called Wireshark (Download From Here). Within wireshark, there is a menu called "Capture"; Under the capture menu, select interfaces from that menu, and a list of your interfaces will come up.


Next you select Start Next to the interface that you have enabled monitor mode on. most times it is the interface that is capturing the most packets. In my case, Microsoft interface is capturing the most packets, so i will select to start capturing with the microsoft interface. You would leave wireshark to capture packets for a couple of seconds depending on the amount of persons currently using the network. Say 30 seconds if 10 people currently are using the network, or 30 minutes if there is barely network activity going on. While capturing, wireshark will look something like this.

  
After capturing a certain amount of packets, or running the capture for a certain amount of time, stop it by clicking on the stop current capture button.


  After stopping the capture, you will need to look for the user's facebook session cookie which, hopefully was transferred in one of the packets captured. to find this cookie, use the wireshark search which can be found by pressing "ctrl + f" on your keyboard. In this search interface, select Find: By "String"; Search In: "Packet Details". and Filter by the string "Cookie". 


When you press find, if there is a cookie, this search will find it, if no cookie was captured, you will have to start back at step 2. However, if youre lucky and some cookies we're captured, when you search for cookie, your interface will come up looking like this in the diagram below. You would notice the cookie next to the arrow contains lots of data, to get the data. the next thing you do is to right click on the cookie and click copy->description. 

After copying the description, paste it in a text file, and separate each variable to a new line (note the end of every variable is depicted by a semicolon eg - c_user=100002316516702;). After some research and experimenting, i figured out that facebook authenticated the user session by 2 cookies called c_user and xs. Therefore you will only need the values of these cookies, and then need to inject them into your browser. Before injecting the cookies, here is what my facebook page looked like:

The next thing you would need to do is to inject this information as your own cookie. so firstly you would need to install a cookie manager extension for your browser, I'm using firefox Cookie Manager. After installing this extension, you will find it under Tools->cookie manager. The interface for cookie manager looks like this:

The first thing we would need to do is to clear all cookies, so clear all the cookies you currently have. Then select the "Add Cookie" link to add a new cookie. The first cookie you will add is the c_user cookie which will have the following information:: Domain - ".facebook.com", name-"c_user", value-"the value you copied earlier from the wireshark scanning" and the Path-"/"; leave the isSecure and Expires On values to default:


 The next thing you do is to hit the "Add" button and the cookie is saved. Repeat the same steps to add the xs cookie with all of the same information, except the value, which would be the xs value you have.


After adding these 2 cookies, just go to facebook.com, refresh the page and... Boom!! you will see you are logged in as that user whose cookie information you stole. Here is my facebook page after i injected those cookies:



Video Demonstration:-
 
Youtube video






Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so.

READ MORE

Facebook- hack- Cookie Stealing Attack.

Posted by Varatha krishnan On Monday, May 20, 2013 0 comments

In this tutorial i will explain how you can hack a Facebook/twitter accounts by stealing cookies. This method works only when the victims computer is in a LAN (local area network ).Best place to try out this is in schools ,collages ,cafes . where computers are connected in LAN .Before i proceed let me first explain cookies.

What Are Cookies ? And What Is The Use Of Stealing Cookies ?

Cookies are small files that stored on users computer by websites when a user visits them. The stored Cookies are used by the web server to identify and authenticate the user .For example when a user logins in Facebook a unique string is generated and one copy of it is saved on the server and other is saved on the users browser as Cookies. Both are matched every time the user does any thing in his account

So if we steal the victims cookie and inject them in our browser we will be able to imitate the victims identity to the web server and thus we will be able to login is his account . This is called as Side jacking .The best thing about this is that we need not no the victims id or password all we need is the victims cookie.

Hack Facebook / Twitter By Stealing Cookies ?

1. Ettercap or Cain and able for ARP poisoning the victim
2. Wire shark for sniffing and stealing cookies
3. Firefox browser and Cookie logger add on for injecting the stolen cookies in our browser

1. First ARP poison the victim .For this you can refer my previous articles on how to ARP poison the victims computer using Cain and able or Ettercap

2. After ARP poisoning open Wire shark ,click capture button from the menu bar , then select interface .Now select your interface (usually eth0 ) finally click start capture .

3. Now you can see the packets being captured , wait for a while till the victim logs in his account( Facebook /twitter ),

4. Mean while Find the IP address of Facebook ,for this you can open CMD (command prompt ) and enter .Ping Facebook.com to find its IP address.

5. Now filter the packets by entering the the IP address (Facebook) in the filter bar and click apply 

6. Now Locate HTTP Get /home.php  and copy all the cookie names and values in a notepad.
7. Now open Firefox and open add and edit cookies ,which we downloaded earlier , add all the cookie values and save them.

 8. Now open Facebook in a new tab , you will be logged in the victims account .


Varatha krishnan ......you have hacked the victims Facebook account by stealing cookies , You can also follow the same steps to hack  Twitter accounts


Hope you enjoyed this tutorial , If you have any doubts please feel  free to post a comment.


Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so. 

READ MORE

Facebook- Hacking in few minutes.Easy..

Posted by Varatha krishnan On 0 comments

#1– Enable HTTPS ?

When you bookmark the URL for Facebook or any of your other social networks, be sure to use HTTPS instead of HTTP. This encrypts your communications. 

In fact, you will have to temporarily disable this feature any time you give access to a new application. That alone should give you confidence that you have achieved a greater level of protection.

#2– Disable Online Chat ?

All of us have witnessed Facebook scams, with the most common being the infamous chat message … “I’m in the UK and have been mugged – please send money so I can get back home.” 

While I have no technical basis for this, it stands to reason that the hackers get in through the chat service. Every time I have noticed bogus comments allegedly made by me to my Facebook friends, it is because I had previously used the online chat. 

To disable chat just click on the little wheel in the right sidebar and take yourself offline. Then close the window and make sure is registers as chat offline.

#3 – Review Permissions Granted to Third Party Apps ?


When you grant access to Facebook apps, those permissions endure long after you stop using them. Go to this link to review your Facebook app permissions – and disable any you are no longer using. 

You will probably be surprised at the long list permissions your have previously granted!

#4 – Activate Text Message Notifications ?


Facebook allows you to receive text notifications whenever your account is accessed from a device other than your primary computer or mobile device. 

You simply go to Account Settings and then to Security Settings to set-up the proper notifications to your mobile device. 

First go to login approvals – then login notifications.


You can only choose email or text notifications. By choosing text notifications you not only get an immediate notice, but you also activate both your mobile device and your primary computer as approved access points.


#5 – Maintain Public and Private Email Addresses ?


The email address you use for Facebook should be distinct from the one you use where security is more critical – such as your online banking or Paypal account. 

If your Facebook account gets hacked its embarrassing. If that is the same email used on your more secure accounts, now that vulnerability could be costly. 

Obviously, if you are selective with your email addresses and periodically change your passwords, you minimize your chances of being hacked. 

Did you know that anyone can search Facebook for an email address? For example, if you are looking a common name such as John Smith, you only need to search with their email to find the right one. 

This is handy for finding your friends on Facebook, but also useful for hackers. The safe bet is to use distinct passwords for your public and private email addresses. 

There are even more ways to protect your Facebook and other online accounts, but these 5 are the most essential, and they are specific to Facebook, which seems to be the site that is the most vulnerable.


Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so.

READ MORE