7 May 2015

Double up your internet browser speed in easy steps

1. Go and open regedit. (Press windows+r , then type "regedit") 

2. Go to HKEY_LOCAL_MACHINE then Software then Microsoft then Windows then CurrentVersion then Explorer then Remote Computer then Namespace.

3. You will find this value {D6277990-4C6A-11CF-8D87-00AA0060F5BF} or {863aa9fd-42df-457b-8e4d-0de1b8015c60}.

4. If you find it then right click on it and delete you will find the browser is faster. This is because this registry makes the browser look for shared (remote) files/folder.

Question: I didn't get those values above, should I delete it as well?
Answer: Yes, It might not be the exact same value, if there is any number in {}, delete it.
Read More

18 April 2015

The ultimate choice of bitcoin wallet

Bitcoin blockchain

Hi, I see constant blog posts on what wallet to use and the benefits of wallets and such so I decided to make a post regarding all the wallets, their benefits, and my overall review on them, I hope this helps for your choice of bitcoin wallet. Let's begin!

Online Wallets

1.  Blockchain
Blockchain is an online wallet and a desktop client with a nice security system Blockchain makes your wallet encrypted, and runs the code necessary to decrypt your wallet and sign transactions in your browser, so the operators of Blockchain have no way to access your funds. There are some security issues with relying solely on the Javscript cryptography With Blockchain you can also download and backup your wallet to your computer or a print it, offline transaction modes are available. I personally use blockchain and i recommend it. (Also has phone app)

Ease of use: 5/5
Security level: 4/5
Extra features: 5/5
(Phone app +1

2. Circle
Circle is an instant transferring bitcoin wallet that also doesn't charge fees, that makes it a plus, although not a special quality, a great one to have.All of the money in your Circle account is insured at no cost to you. They take every precaution to keep your money safe, but if something unfortunate happens, they have you covered. This website has security at top priority, and even if it doesn't youre still insured so thats absolutely wonderful

Ease of use: 5/5
Security: 5/5
Extra features: 3/5
(Insured coinage +2

3. Robocoin
Something interesting I found out about this is that they invented a Bitcoin ATM, this is wild to me because I never thought bitcoin would go much outside of the internet realm, but with more places using bitcoin its not surprising to see an ATM come out. Robocoins security involves the use of

  1. 3 Factor Biometric Authentication at Robocoin Kiosks
  2. 97% of Funds Offsite in Cold Storage
  3. Multi-Signature Architecture
  4. 2 Factor Authentication Online at Robocoin.com
  5. 100% Proveable Reserves
  6. Encrypted SSL Connections

With robocoin you can use the wallet for:

  • Travel
  • Banking your funds
  • Investing
  • Transfers
  • Shopping
  • Operations

I really like the layout of this site, it looks quite professional and it really catches my eye. The coin transferring is instant which is great. I might actually switch to this wallet.

Ease of use: 5/5
Security: 5/5
Extra features: 5/5
(ATM +3)

4. Coinbase
Coinbase is a nice wallet for someone starting to get into BTC. The interface is quite simple which makes it nice. This wallet allows you to send directly to an email address. This makes the transfer internally if both parties have a Coinbase account and if the receiver does not then it sends an email message to the recipient instructing them to immediately create an account to receive the bitcoin payment. I think this is quite cool however I enjoy the discreteness of BTC addresses. Also,Coinbase has its own built-in BTC exchange where you can convert your bitcoins and US dollars directly through their bank accounts using ACH (United States only) however, only a limited amount can be bought or sold at a time. Something many people look for are phonebased wallet apps and if you have an android you are in luck because they have a Coinbase Android app.Coinbase does not claim to be trust-free and all bitcoins are stored in a centralized location controlled by its operators. Coinbase has American companies headquartered in the USA who insure your BitCoins against loss. If they lose your BitCoin, you will be reimbursed for it, unlike other wallets. Online wallets have no risk of data loss as opposed to offline wallets

Ease of use: 5/5
Security: 5/5
Extra features: 4/5
(Phone App +1)
(insured coinage +2

5. Strongcoin
They process payments in the browser so they have an encrypted version of your private keys on our server. They have been around since 2011 and according to their site over 50,000 use this wallet. You can create as many Bitcoin addresses as you like and manage them from an iPad, iPhone, Android or your desktop. Its pretty much your average bitcoin wallet.

Ease of use: 3/5
Security: 3.5/5
Extra features: 3/5
(Phone App +1)

6. Bitgo
I've never personally used Bitgo, but I've reviewed over there website and saw some interesting things. They have "Treasury Controls" which lets you add multiple users and roles to your wallet and set treasury policies like spending limits to protect your funds. I think thats a pretty cool feature. The security run down is as this, BitGo handles user authentication, fraud detection, and policy verification before co-signing any transaction. They also offer 24/7 Monitoring which lets you get instant alerts for every transaction, track audit logs, and get detailed reports for your bitcoin holdings. The overall security of their website seems nice and includes;
  1. 100% on blockchain
  2. Multi-signature technology
  3. Advanced privacy protection
  4. 2-factor authentication
  5. Anti-phishing protection
Ease of use: 3/5
Security: 5/5
Extra features: 4/5

7. Coinkite
Coinkite has some nice cool features such as:
  1. Easy and Secure (2FA)
  2. Multiple Notifications Options
  3. Multi-Signature and Shared Accounts
  4. Send Bitcoin by E-mail and SMS
And for Developers it has:
  1. HD Wallet API
  2. Pubnub Notifications
  3. Granular API key Limits
  4. Withdraw via M-of-15
For Merchants:
  1. Point-of-Sale Terminal
  2. Bitcoin Payment Pages
  3. Staff Management
  4. Instant Quotes
The Security features are
  1. Bank Grade Security H.S.M.
  2. Shared Accounts with Multi-Signature
  3. Bitcoin Forwarding and Splitting
  4. Multiple Wallets Per Account
I didn't exactly like the interface but this website is fantastic, they have one of the coolest things I've heard of, a bitcoin debit card. I think that's really cool for places that accept BTC in real life.

Ease of use: 4/5
Security: 5/5
Extra features: 5/5
(Phone app +1)
(Debit Card +2

Offline Wallets (or Hybrids) 

1.  Bitcoin Core
I use only one offline wallet and its this one, its reliability has been proven trustworthy which is what I look for in a wallet .Bitcoin Core is the original Bitcoin wallet, and is continually updated by the core Bitcoin development team. Its not very fancy but it gets the job done Bitcoin Core is constantly worked on wallet which makes it a reliable wallet. A major downside is that it requires the entire blockchain to run(which is over 20GB at this point). However since I've had it from the start that wasn't really a problem.

Ease of use: 3/5
Security: 5/5
Extra features: 1/5
(Trustworthy +1)

2. Multibit
MultiBit is a secure, lightweight, international Bitcoin wallet for Windows, MacOS and Linux. MultiBit comes in a variety of languages which is kinda cool. A very big benefit of this is you don't need to download the entire blockchain which frees up an enormous amount of space. Overall its a simple basic bitcoin wallet.

Ease of use: 5/5
Security: 5/5
Extra features: 1/5

3. Electrum
I've seen a lot of users on the forums recommend this wallet which decided to make me look into it and I found this is quite a nice wallet. Electrum is another wallet that also doesnt require you to download the entire blockchain, which again is very handy. Your wallet can be recovered from a secret seed which is pretty cool. And an advantage over online wallets is No downtimes, your client is not tied to a particular server; it will switch instantly if your server is down. Another cool feature is that you can use the same wallet on different computers and they will synchronize automatically.

Ease of use: 5/5
Security: 3/5
Extra features: 4/5

4. Hivewallet
I'm gonna start this off with one of the most important things about this wallet, its MAC OS X only but it plans on coming to the android very soon, this already makes it a wallet not of interest in my opinion. (Only because I don't have a mac anymore) Hive is a Bitcoin wallet with some interesting features. Hive has an instant messaging style interface that lets you send and receive Bitcoins quickly and efficiently. It also has an integrated application platform and comes with some built-in apps that give you easy access to some of the more popular Bitcoin-related services available.

Ease of use: 2.5/5
Security: 3/5
Extra features: 4/5

5. Bitcoinarmory
Armory has many features and includes secure software Bitcoin wallets. Armory offers three different user modes: Standard, Advanced and Developer.(which makes this a versatile wallet) Some of it’s security features include a graphical keyboard to protect against keyloggers, support for deterministic wallets, offline transactions and extensive cold storage options, including fragmented paper wallets.Using this offline transactions protects it from most security risks. However it requires the official Bitcoin Core wallet, since Armory doesn’t have any networking features. Armory is available on Windows, Mac and Linux. It’s also available as a Ubuntu PPA.

Ease of use: 4.5/5
Security: 4.5/5
Extra features: 4.5/5

Hardware Wallets

1. Ledgerwallet
First of, this wallet costs money (.1474 BTC to be exact) so don't bother reading if you don't plan on spending money.

The Ledger Wallet protects your keys with a secure micro-processor certified against all types of attacks (both physical and logical). This technology has been used in the banking industry for decades (think credit card chips). Their hardware wallet will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoins with maximum trust, even on an insecure or compromised computer. A plus about hardware wallets is, Bitcoin ownership is materialized by a private key, or a private master seed. Computers are not great at protecting such data, especially considering that whenever you sign a transaction your key must be read and stored in the application memory. If your computer is compromised, then your keys are, and your bitcoins are gone forever.

The Ledger Wallet includes:
State of the art Security:
-The technology used to secure your Bitcoin transactions is an industry standard EAL5+ smartcard.
Full Stack
-All the Bitcoin cryptographic heavy lifting such as parsing and signing a transaction is done inside the secure element.
-If you lose your device, you can restore a new one or use any other compatible software wallet at any time.
Malware Proof
-Sensitive operations can be safely confirmed by a second factor even on a fully compromised computer.
World-Class UX
-The Ledger wallet software offers a simple and seamless user experience. Anyone can use it.
Future Driven
-NFC will be available on our next release, for mobile connectivity and fast contactless payments.

Hardware wallets are easily the best in security and this one seems to provide every fit necessary.

Ease of use: 3/5
Security: 5/5
Extra features: 2/5
(Security bonus +2)
(Con, price to pay (.1474 BTC)

2.  Bitcointrezor
Now don't even bother with this if you don't want to spend money ($119 or around .54 BTC (Btc being at 221 per BTC))

This is way more expensive than the ledger wallet. I personally wouldn't spend this much on a wallet but I guess if you like what they offer go right ahead like a typical hardware wallet, "TREZOR is safer than a computer wallet as it never exposes your private keys. TREZOR is an isolated environment for offline transaction signing and using a small display you can visually verify the transaction contents. That's why all operations using TREZOR are entirely safe.

TREZOR is Windows, OS X and Linux friendly. All you need to do is to connect your TREZOR to the computer and follow the instructions. There are only two buttons, to confirm or to deny the action, so using TREZOR is as easy and as intuitive as it can be. Users can backup the whole TREZOR contents on a small piece of paper and use this backup to regain access to all their coins in case of disaster, loss or theft.

Modern cryptography
TREZOR uses state of the art cryptographic algorithms and practices, but you don't have to read long manuals or to be a crypto-expert in order to use them properly.

Community driven open-source
TREZOR code is open-source and technical decisions are discussed with the wider developer community. Everything can be audited by an independent third party. This ensures that TREZOR is absolutely transparent and backdoor free.

Ease of use: 3/5
Security: 5/5
Extra features: 3/5
(Security bonus +2)
(Con, price to pay (.54 BTC(1btc being at $221) or $119)

There are many efficient bitcoin wallets out there, personally the ones that have the best security levels are generally the ones I go with first, then I look for the features, ease of use increases as you use something more often.Hardware wallets seem to be the most secure but then again they cost money, if I had more money to invest into bitcoin I'd go with a hardware wallet personally, if I was just a regular bitcoin user I'd stick with my choice of blockchain, however robocoin looks like quite a nice second option in my mind. Most people I know love the security features of circle and coinbase. Keeping your wallet .dat files on a USB with offline wallets for safety is no doubt the best choice (safety wise). Picking a wallet is a tough decision if you plan on using bitcoin frequently, I hope this thread helps you with your decision. If I missed any important things or a popular wallet let me know, I hope you choose the right wallet that fits you well.

By Blastonic.
Read More

12 April 2015

Man in the Middle Attack on DHCP Exhaustion

MITM DHCP Exhaustion on Windows Server 2012 R2

When it comes to network attacks, we are constantly looking for the most recent and up-to-date attack vectors in modern network environments. With this tutorial, I'd like to go over the steps needed to become MITM of new network devices in networks with the most up-to-date software (Windows Server 2012 R2 and Windows 8.1). The goal of this is to inform you of how DHCP attacks work as well as protections against them to ensure the most secure environment for your users. This attack does not utilize ARP spoofing, so even if there are anti-ARP-spoofing security measures, such as an IPS or Dynamic ARP Inspection, it should still be able to run. This simple tutorial should give you a better understanding of how your network works. 

The Dynamic Host Configuration Protocol (DHCP) was created to allow machines to connect to networks without statically assigning IP addresses and receiving information such as a default gateway, DNS servers, and an IP address. The four-way handshake is as follows:

  • DHCPDISCOVER:                                                                                                                         A discovery packet is sent from the client to all nodes on the network over UDP. If a helper-address is defined in a router or switch, it can be forwarded to other networks for multi-scope DHCP networks. This is not covered in this tutorial, but the process is the same. This packet is meant to find all viable DHCP servers on the network.
  • DHCPOFFER:                                                                                                                             Each DHCP Server on the network that received a Discover packet will send an Offer packet. If the client receives multiple DHCP offer packets, it will select one of the servers based on a number of configuration parameters.
  • DHCPREQUEST:                                                                                                                        Once a client has determined which DHCP server it would like to use, it sends out a Request packet to that server letting it know that it would like to be apart of that scope. If there are multiple servers, the ones that were not selected will be sent a Request packet telling it that the client has declined the offer.
  • DHCHACK:                                                                                                                                 The fourth and final packet is the Acknowledgement packet. This lets the client know that the parameters of the request are valid and the client has been associated with that DHCP scope and can now start using the resources. The DHCP Server will update its leases with the MAC address of the client mapping it to its given IP address.

Quite obviously, before the client has an IP address, all communication occurs on Layer 2 (via MAC address and switching) meaning it is MAC address dependent. The DHCP Exhaustion attack takes advantage of this by spoofing various MAC addresses to allow for multiple DHCP leases on a single client, and using all of the available leases in the DHCP server. This way, clients on the network that attempt to discover a DHCP server will not be able to connect to the real DHCP server (in this case, a Windows Server 2012 R2 machine). They will, however, be able to discover the attacker's machine who can serve them rogue DNS Servers and a Default Gateway without ARP spoofing which can then be used in various data gathering and Man-in-the-Middle techniques.

In years older times, it may have sufficed to quickly write your own DHCP packets with minimal configuration in SCAPY to run this attack, but as Servers become more resistant to such simple-minded methods, I choose to rely on already-established applications capable of execution this. The program that I will use is called DHCPig and can be downloaded at this GitHub link.

1. Preparation.
We need to install the DHCP server that we will be using as well as download the DHCPig application and enable IPv4 packet forwarding. I have moved the pig file to the /usr/bin directory so I can execute it from anywhere with the pig command.
echo "1" > /proc/sys/net/ipv4/ip_forward git clone https://github.com/kamorin/DHCPig.git cp DHCPig/pig.py /usr/bin/pig chmod +x /usr/bin/pig rm -rf DHCPig apt-get install udhcpd -y

2. Rogue DHCP Server.
Once the prerequisites have been installed, we can set up the DHCP server that we will deploy on the network. First, we need to know some information about the network.

Attacker IP Address:
Default Gateway:
DHCP Range:

When we perform the exhaustion, it is important to exclude the addresses that are already in use. Otherwise, there will be IP conflicts within the network. This is a tell-tale sign that there is an error with the DHCP servers. In my case, there are no other devices, but I will show you how to exclude addresses nonetheless. The UDHCPD configuration file is located at /etc/udhcpd.conf. You can use nano or the text editor of your choice to make changes.

Important configuration settings:

  • Start and End IP address.
  • Interface on which UDHCPD will run.
  • Different options:
opt dns [attacker IP or rogue DNS server]
option subnet [subnet]
opt router [attacker IP]

  • Excluding IP Addresses with fake MAC addresses.
For example:
static_lease 00:00:00:00:00:00
static_lease 00:00:00:00:00:00
static_lease 00:00:00:00:00:00

Do not start the UDHCPD server until you have exhausted the IP's on the legitimate server.

3. Execution.
Before we start the attack, we can see the DHCP server leases which only contains the Kali machine: Once the Pig application is installed, we simply have to execute pig eth0 where "eth0" is your networking interface.

pig eth0

As you watch the exhaustion take place on your machine, we can see the leases in the Windows Server 2012 R2 machine filling up with pseudo-random MAC addresses.

Attacker Machine:
Windows Server: When you see the following success message, you know that you are ready to deploy the UDHCPD server. You can do this by starting the udhcpd service:

/etc/init.d/udhcpd start

4. Impact.
Since the legitimate DHCP server is no longer capable of handling requests, the rogue DHCP server will be accepting all requests. When a new device joins the network, under these settings, they will use the attacker as the default gateway. Now, since this is not a layer 2 attack, we need to understand that this will only capture traffic that is destined to exit the network. You may still perform a Man in the Middle attack, as well as ARP poisoning to get L2 MITM, but if you are only interested in capturing Internet traffic, then this is perfectly sufficient. The impact that this can have on a network is enormous. After all, you control their gateway.

From a Windows 8.1 machine, I connected to the same network and got an IP address. This is the result: Note that the default gateway is that of the attacker machine. This means that all network traffic that is not destined for a local network machine will be sent to you for further processing.

There are several ways to protect against this attack, however, from my experience as a network engineer, very few network administrators actually implement this as they are often more focused on connectivity and simplicity than on security. Essentially all security engineers absolutely should implement these protections:

  1. Dynamic ARP Inspection:                                                                                                            Dynamic ARP inspection will automatically inspect ARP packets and ensure that the source MAC addresses are coming from the correct port. This will protect against ARP spoofing, but it will do nothing to protect against randomly generated MAC addresses requesting DHCP leases. For example, if a machine on the network has a MAC address of 11:22:33:44:55:66 and is connected to port 30 on the switch, it will not accept any frames with that source MAC coming in on any other port. 
  2. MAC Limit Port Security:                                                                                                             Setting a maximum number of allowed MAC addresses per port will thwart the exhaustion attack. It allows only a certain number of devices to be connected to any one port. This is, however, a restrictive feature when using it on dot1q tagged ports ("trunks" in Cisco-speak), but enabling it on ports connected to host devices should be enough. Keep in mind that this will limit the number of virtual machines, for example, that you can run, but even with these two security features enabled, and if the attacker can run this from multiple machines/ports, it still wouldn't be comprehensive protection. 
  3. DHCP Snooping:                                                                                                                          This is, perhaps, the most important security implementation. Essentially, it only allows certain DHCP packets to be processed on certain ports such as only allowing DHCP servers to reside on a small number of ports. If we just had this enabled on the switches, then the attacker would still be able to exhaust the DHCP leases on the server, but he would not be able to act as a DHCP server. It would be considered a DOS attack since it would deny new clients access to the network, but it is still less severe than becoming a Man in the Middle.

With all three of these protections, it would be very hard to initiate many network attacks and hackers would have to rely on remote exploits instead of network-based methods.

I hope you all learned something and enjoyed this simple tutorial.
By Goodies.
Read More

Submit blog

Add Your Blog to Malaysia Technology Blogs Directory

Are you working on Microsoft technologies C#, ASP.NET, VB.NET, SQL Server and any other .NET related technologies and having a blog about it? You are welcome to suggest your blog for inclusion in the directory. It must meet the following criteria:

1. Your blog must be related to technologies industries.
2. Your blog has been around for more than 3 months.
3. Your blog has at least 30 articles and must be active.

Before submitting, Make sure it’s not already added in the list.

List of Malaysia Technology Blogs

Your blog will be displayed in list after reviewing and approval.

Read More

About Me

Hello folks, VIPERVENOM is a professional and premium looking stuffs for web designers, internet security & forensics who are specialist in this field around ages.

Follow by Email

Designed By Current World Issues