Tech-Boy-Andy we talk about technology, mobiles, computers, hacking.

  • This is default featured slide 4 title

    Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by NewBloggerThemes.com.

  • This is default featured slide 5 title

    Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by NewBloggerThemes.com.

5 Best Earphones Available On Amazon Under 1000 Rupees

5 Best Earphones Available On Amazon Under 1000 Rupees





1. 1More Piston Fit in-ear Headphones






3. Brainwavz Omega







5. Sony MDR-EX150 Earphones





If you like the post please share it ... :)
Share:

Beware This Clever "Fake Attachment" Gmail Phishing Scam

 Beware This Clever "Fake Attachment" Gmail Phishing Scam





With a little know-how, most phishing scams are pretty easy to detect. This one, on the other hand, is devilishly clever and just might dupe you if you’re not careful.
The way this phish scam works is simple. Wordfence, who brought light to the scam, says the attacker creates an email address to disguise themselves as someone you know. Then they send you an email with an attachment, like a PDF or Word doc, that looks legitimate. When you click the attachment to see a preview of it, you get redirected to a Google sign-in page where you enter your credentials.
Here’s the trick: those attachments aren’t attachments—they’re embedded images designed to look like attachments that link out to a fake Google sign-in page. You can see an example of how real they look in Tom Scott’s tweet below.


What’s worse is everything about the fake Google sign-in page looks normal. The logo, text boxes, and tagline are all there. The only difference is in the address bar, where careful eyes will see that the page is actually a data URI with the prefix “data:text/htyml”, not a URL with the standard “https://”. But if you don’t spot it, the attackers get your information and use it to send out more of the same phish emails to your contacts.
Google has since updated Chrome to 56.0.2924, which makes it easier to spot fake forms like these, but it doesn’t exactly stop this type of scam dead in its tracks. And whether you use Chrome or not, it’s important to stay vigilant and keep your eyes peeled when checking email.


If you like the post please share it ... :)
Share:

The Anonymous Group: What is it and How big is it



The Anonymous Group: What is it and How big is it








Research proved that Anonymous hacktivists group is relatively much bigger than you anticipated and become quite popular among people all over the world but how did it all start?



The Anonymous group has been gaining a lot of attention in the past few years. This is mainly due to the way they act and the way they portray themselves. People donning Guy Fawkes masks and taking down the government and non-government agencies are sure to attract some attention, and because the activity of Anonymous is not restricted to a single country, they have gained global attention.




With many people talking about the hacktivist group, people have often wondered just how big the group is, given their widespread activities. However, that question is not easy to give a definitive answer to. As to what the group is, we take a look at that here.

Beginning

Anonymous first came in existence in 2003 when unknown users who were tagged as Anonymous posted images on 4chan’s /b/ board. The images were about random things but the Anonymous tag soon gained popularity on the website. The group then escalated their activities to internet pranks, troll events, and raiding websites like that of Habbo Hotel, a hotel in Finland.
In 2004, they started to use the website of Encyclopaedia Dramatica as a platform for their activities. For some years, they did little more than mass pranks and take action against communities that supported anti-piracy acts.

Change of Stance

In 2008, Anonymous started Project Chanology, a direct campaign against the Church of Scientology. The campaign included repeatedly carrying out DDoS attacks on the Church’s website, the Anonymous members, or Anons as they are called, used to make prank calls to the Church’s hotline, and sending black faxes to them to waste their ink cartridges. This project resulted in the group gaining global criticism from the media and authorities and global appreciation from casual internet users.



In 2010, Anonymous took their next big step, taking down the website of Aiplex software using a DDoS attack. Aiplex was a company based in India which partnered with different film studios to launch DDoS attacks against P2P sharing platforms and websites like The Pirate Bay. The group next took down the website of Recording Industry Association of America and Motion Pictures Association of America.


Under their project “Payback is a Bitch” they hacked the website of Copyright Alliance, giving their reason as an act against all those that want to silence people’s rights to spread information. After this, they attacked websites of companies like Amazon, PayPal, VISA, and Mastercard. This attack, named Operation Avenge Assange, was carried out because the aforementioned companies boycotted WikiLeaks.

Other groups and agendas of Anonymous

Anonymous is a hacktivist group that has grown enormously since it first came into existence. There are a number of groups that are associated with Anonymous, with LulzSec and Operation AntiSec. These groups have also targeted government agencies, video game companies, media groups, etc. LulzSec was formed after Anonymous attack HBGarry.

Official LulzSec logo
Official LulzSec logo Via: Enter
Speaking about the philosophy behind Anonymous, there is no particular set of guidelines that the group follows. It is merely a vast and intricate network of like-minded hackers who work with common ideas and goals. Recently, they have been involved in taking down Donald Trump’s Trump Towers’ website following the presidential candidate’s remarks on Muslim immigrants in the USA.



However, the most notable of Anonymous projects, which has gained them the most admirers, is their campaign against ISIS. The group are quite active in taking down any website that copies or spreads the propaganda of the terrorist outfit. They that had moved to the dark net, posting a message next to an advert for a pharmaceutical company that sold Prozac and Viagra. The group have also acted against paedophile websites, saying that they are against the injustice of any kind.
Anonymous – Web Warriors Full Documentary










If you like the post please share it ... :)
Share:

Top 5 Websites To Learn Hacking



Top 5 Websites To Learn How To Hack Like A Pro




You might be surprised to learn just how many people want to learn how to hack. The stereotype is that of the young college guy – a computer science major for sure – who spends his evenings and weekends writing up intricate hacking scripts to break into whatever computer system he can get his hands on.


The truth is that what was once a male-dominated community is fast changing into one that includes folks – men and women – from many walks of life, from many countries and with many backgrounds. A recent CNET article about DEFCON makes note of the fact that claims of sexual harassment and unwanted advances are increasing. This isn’t because hackers are getting more obnoxious or offensive, but because more female hackers are entering into the community and trying to find a home there, only to find insulting behavior, and other actions unbecoming of a gentleman.




This is the natural evolution of such communities, and in time the scales will balance and men and women will hack side by side – but when searching for places to go online to learn how to hack, it’s important to remember that because demographics and the world itself is changing, what you’ll find at most of the hacker websites are also changing significantly as well.



Platforms in use are shifting from computer-based to more mobile and tablet hacking efforts, there’s much greater emphasis on social networks and the many hacks that are possible there, and all of the other new technologies and hacker tools available. The sites that keep up with these changing times will survive, while those that are stuck in the decades-old mentality of hackerdom-gone-by are doomed to fail.

Where You Can Go To Learn How To Hack Like a Pro

 

 

There’s a caveat that I have to share before diving into these sites. Hacking isn’t a single subject that anyone can pick up overnight. In the title of this article, I mention hacking like a pro. This can not be accomplished after reading one article and visiting a few of these sites – the phrase is used to imply that in time and with lots of practice, you can in fact learn to hack like a pro.



For our many readers that are already at that expert-hacker level, a few of these sites may not be for you. They may feel too simple and basic – for “script-kiddies” as some might say. The truth is, we all had to start somewhere, and these websites are offered as a starting point for those people just embarking down the wrote toward hackerdom.



Your intention for learning how to hack is completely your own. I do not judge. However, it should be noted that there are two forms of hacking – “white hat” and “black hat”.  White hat hackers call themselves “ethical hackers”, in that they find vulnerabilities simply to make systems and applications more secure for everyone. However, there’s a whole other community of hackers – the black hats – who find vulnerabilities only to exploit them as much as possible. Now that you know what sort of community you may be entering, let’s get on with the list of top sites where you can learn to hack.

#1 – Hacking Tutorial: Tech Tips and Hacking Tricks

Sometimes, perfect English isn’t everything. Hacking Tutorial is an example of when the writing skill of the author doesn’t necessarily equate to the quality of his or her technical knowledge. This is actually the case over at Hacking Tutorial, where the author offers articles like “Client Side Attack Using Adobe PDF Escape EXE Social Engineering”, “Exploiting MS11_003 Internet Explorer Vulnerability”, and “Hacking Using BeeF XSS Framework”.
howtohack1
The articles are usually short, but actually offer highly technical, step-by-step instructions on how to do the task at hand, and the tricks and tweets absolutely work, unless the exploit has been patched.  It’s a small blog, but it’s a good one for the volume of technical tricks that you’ll find there.

#2 – EvilZone Hacking Forums

While the name, EvilZone, isn’t exactly the most inviting – it is easily one of the largest forum communities that you’ll find on the subject of hacking. With over 13,042 members and over 50,000 posts (and counting), this community likely has the skills and knowledge to answer any programming question you could possibly have. Just be careful about coming across as a “noob” – these guys don’t handle newcomers with kid gloves, so be careful.
howtohack2
You’d definitely be best off working through the programming and encyclopedia sections first, where you’ll find areas with projects, tutorials and a lot more that will help you become educated and well-versed in hacking techniques and terminology.

#3 – Hack a Day

While I certainly don’t want to offer a nod to any blogs that may be considered competition, you really have to give credit where credit is due when it comes to a particular niche like hacking – and Hack a Day definitely offers an amazing library of information for anyone looking for specific categories like cellphones, GPS or digital cameras. Over the years, Hack A Day has transformed the site into a fairly popular blog.

howtohack3
More than any other site, this particular “hacking” site is very much hardware based, and they redefine the meaning of the word hacking by helping you learn how to hack up electronic devices like a Gameboy or a digital camera and completely modifying it, or building electronics for the sole purpose of hacking other commercial devices. You’ll also find a popular and busy forum section as well – a high point of the site.
howtohack4
While I personally don’t find the articles themselves very detailed (as an EE, I like schematics and elaborate descriptions), the site makes up for it with video demonstrations throughout.

#4 – Hack In The Box

Hack In The Box has really change significantly through the years. It is rebranded as HITB, and the site is completely transformed into what looks like a WordPressed-based platform. Still, today Hack In The Box remains focused on security and ethical hacking. However, it has obviously shifted gears at some point and changed to a more content-focused approach with a greater volume of news, and fewer in-depth articles with detailed hacks.
howtohack5

This transition makes it less of a place to go for actually technical hacking tips, and more of a daily spot to get your latest fix of hacking news. The site is updated frequently, and of course you can also go for the print version of the HITB-branded magazine if you want.

howtohack6

Clearly, HITB has gone very commercialized, but it is a great resource for news for anyone interested in the latest gossip throughout the hacking community.








If you like the post please share it ... :)
Share:

Hacking WPA/WPA2 without dictionary/bruteforce










Hacking WPA/WPA2 without dictionary/bruteforce





Fluxion (linset)

I hadn't ventured into Hackforums since a while, and this time when I went there I saw a thread about a script called Fluxion. It's based on another script called linset (actually it's no much different from linset, think of it as an improvement, with some bug fixes and additional options). I did once think about (and was asked in a comment about) using something like a man in the middle attack/ evil twin attack to get WPA password instead of going the bruteforce/dictionary route, but never looked the idea up on the internet nor spent much time pondering over it. However, once I saw the thread about this cool script, I decided to give it a try. So in this post I'll show you how I used Fluxion, and how you can too.
Disclaimer : Use this tool only on networks you own .Don't do anything illegal.

Contents

  • Checking if tool is pre-installed, getting it via github if it isn't.
  • Running the script, installing dependencies if required.
  • Quick overview of how to use Fluxion.
  • Detailed walk-through and demonstration with text explanation and screenshots
  • Video demonstration (not identical to the written demo, but almost the same)
  • Troubleshooting section




Just double checking

The first thing I did was make sure that Kali doesn't already have this tool. Maybe if you are reading this post a long time after it was written, then you might have the tool pre-installed in Kali. In any case, try this out:
fluxion
I, personally tried to check if linset or fluxion came pre-installed in Kali (though I didn't expect them to be there).

Getting the script

Getting the script is just a matter of cloning the github repository. Just use the git command line tool to do it.

If you have any problems with this step, then you can just naviagate to the repostitory and manually download the stuff.


Update : There seems to be some legal trouble with Fluxion. The creator of the script has removed the source code of the tool, and uploaded code that is supposed to delete fluxion from your computer. I don't know the specifics of what is going on, but will provide updates ASAP.
Update : Now the repository is gone altogether!
What this means : As of now, this tutorial is useless. If you can find the source code for Fluxion, then you can use it and continue with the tutorial. Otherwise, not much can be done without the tool.


Update Again!
You can try this repo - https://github.com/wi-fi-analyzer/fluxion. It's an old version, might or might not work.

git clone https://github.com/wi-fi-analyzer/fluxion

There are 4 dependencies that need to be installed

Running the script

Just navigate to the fluxion directory or the directory containing the scripts in case you downloaded them manually. If you are following the terminal commands I'm using, then it's just a simple change directory command for you:
cd fluxion
Now, run the script.
sudo ./fluxion



Dependencies

If you have any unmet dependencies, then  run the installer script.
sudo ./Installer.sh
I had 4 unmet dependencies, and the installer script run was a buggy experience for me (though it might be becuase I have completely screwed up my system, editing files I wasn't supposed to and now I can't get them back in order) .It got stuck multiple times during the process, and I had to ctrl+c my way out of it many times (though ctrl+c didn't terminate the whole installer, just the little update popup). Also, I ran the installer script twice and that messed up with some of the apt-get settings. I suggest that after installation is complete, you restore your /etc/apt/sources.list to it's original state, and remove the bleeding edge repositories (unless you know what you're doing). To know what your repository should look like, take a look here.


Anyways, one way or the other, your unmet dependencies will be resolved, and then you can use Flexion.
PS: For those trying to use apt-get to install the missing stuff - some of the dependencies aren't available in the default Kali repos, so you'll have to let the script do the installation for you, or manually add the repos to /etc/apt/sources.list (look at the script to find out which repos you need to add)


Fluxion

Once again, type the following:
sudo ./fluxion


This time it should run just fine, and you would be asked a few very simple questions.
  • For the wireless adapter, choose whichever one you want to monitor on. For the channels question, choose all, unless you have a specific channel in mind, which you know has the target AP.
  • Then you will see an airodump-ng window (named Wifi Monitor). Let it run while it looks for APs and clients. Once you think you have what you need, use the close button to stop the monitoring.
  • Fluxion using airodump-ng
  • You'll then be prompted to select target.
  • Then you'll be prompted to select attack.
  • Then you'll be prompted to provide handshake.
  • If you don't have a handshake captured already, the script will help you capture one. It will send deauth packets to achieve that.
  • After that, I quit the procedure (I was using the script in my college hostel and didn't want to cause any troubles to other students).

If you are with me so far, then you can either just close this website, and try to use the tool on your own (it look intuitive enough to me), or you can read through the test run that I'm going to be doing now.

Getting my wireless network's password by fooling my smartphone into connecting to a fake AP

So, in this example run, I will try to find out the password of my wireless network by making my smartphone connect to a fake AP, and then type out the password in the smartphone, and then see if my Fluxion instance on my Kali machine (laptop) gets the password. Also, for the handshake, I will de-authenticate the same smartphone.
PS: You can probably follow this guide without having any clue how WPA works, what handshake is, what is actually going on, etc., but I suggest you do read up about these things. Here are a few links to other tutorials on this website itself that would prove useful (the first two are theoretical, yet nice, the third one is a pretty fun attack, which I suggest you try out, now or later):
  1. Things you should know about Wireless Hacking - Beginner Level Stuff
  2. Things you should know about Wireless Hacking Part II - Intermediate Level Stuff
  3. Evil Twin Attack
This is the theoretical stuff. Experience with tools like aircrack-ng, etc. would also be useful. Take a look at the navigation bar at the top and look at the various tutorials under the "Wireless Hacking" category.
Anyways, with the recommended reading material covered, you can comfortably move on to the actual hacking now:

The real stuff begins!

This section is going to be a set of pictures with captions below them explaining stuff. It should be easy to follow I hope.
Select language
After selecting language, this step shows up.
Note how I am not using any external wireless card, but my laptop's internal card.
However, some internal cards may cause problems, so it's better to use an
external card (and if you are on a virtual machine you will have to use an external card).

The scanning process starts, using airodump-ng.

You get to choose a target. I'm going after network number 21, the one my smartphone
is connected to.

You choose an attack. I am going to choose the Hostapd (first one) attack.

If you had already captured a 4-way handshake, then you can specify the location
to that handshake and the script will use it. Otherwise, it will capture a handshake
in the next step for you. (A tutorial on capturing the handshake separately)
If you didn't capture a handshake beforehand, then you get to choose which
tool to use to do that. I'm go with aircrack-ng.

Once you have a handshake captured (see the WPA Handshake: [MAC Address] on top, if it's
there, then you have the handhake), then type 1 and enter to check the handshake. If everything's fine,
you'll go to the next step.

Use the Web Interface method. I didn't try the bruteforce thing, but I guess it's just
the usual bruteforce attack that most tools use (and thus no use to us, since that's
not what we are using this script for).

This offers a variety of login pages that you can use to get (phish) the
WPA network's password. I went with the first choice.

After making your decision, you'll see multiple windows. DHCP and DNS requests are being handled in
left two windows, while the right two are status reporting window and deauth window (to get users
off the actual AP and lure them to our fake AP)

In my smartphone, I see two network of the same name. Note that while the original network is WPA-2
protected, the fake AP we have created is an open network (which is a huge giveaway stopping most people
from making the mistake of connecting to it). Anyways, I connected to the fake AP, and the DNS and DHCP windows
(left ones), reacted accordingly.
After connecting to the network, I got a notification saying that I need to login to the wireless network.
On clicking that, I found this page. For some people, you'll have to open your browser and try to open a website (say facebook.com) to get this page to show up. After I entered the password, and pressed submit, the script ran the
password against the handshake we had captured earlier to verify if it is indeed correct. Note how the
handshake is a luxury, not a necessity in this method. It just ensures that we can verify if the password
submitted by the fake AP client is correct or not. If we don't have the handshake, then we lose this ability,
but assuming the client will type the correct password, we can still make the attack work.

Aircrack-ng tried the password again the handshake, and as expected, it worked.
We successfully obtained the password to a WPA-2 protected network in a matter of minutes.















If you like the post please share it ... :)
Share:

Top 5 Best Apps To Customize Your Android Phone Must watch!



Top 5 Best Apps To Customize Your Android Phone Must watch!



One of the coolest things about Android is the ease with which you can customize, modify and otherwise set up your smartphone or tablet to be exactly how you want it. With a little know-how and the right apps, you can make it truly unique, and if you're not sure where to start, our list of the best apps to customize Android can help.

Note: This list is not hierarchical, and these apps are not presented in any particular order. Their appropriateness for your custom job will depend entirely on what exactly you want to achieve. Needless to say though, combining several of these apps together will get you something truly special.



Nova Launcher


Nova Launcher is widely regarded as the best custom launcher on Android. It is packed with features and advanced customization options and manages to avoid becoming too confusing.

Zooper Widget Pro



Minimal, classy, extremely customizable, and battery friendly "Do It Yourself" widget with almost limitless possibilities!
If you like the software and want to support the development please rate it! If you have issues or requests send me an email or use the forum at http://zooper.uservoice.com

Sloth Launcher





Get quick access to your apps, shortcuts and quick-toggles just when you need them. Create multiple scenarios by using different trigger which will ensure that your apps are only available when needed.


CandyCons - Icon Pack


CandyCons is an icon pack which follows Google's Material Design language.
This icon pack uses the material design color palette given by google. Every icon is handcrafted with attention to the smallest details!




InsWall Wallpapers

Experience the world of customization with 1000+ beautiful wallpapers in Full HD and 4K.
Enjoy the wide content of wallpapers selected from among the best and you see your best screen. Download now the most complete free application in its category.
 


 



If you like the post please share it ... :)
Share:

Top 10 Best Android Games 2016 | MUST PLAY

Top 10 Best Android Games 2016 

 *MUST PLAY* 


GAMES LIST



1-Jungle adventures 


Rendered Ideas presents classic side scroller game "Jungle Adventures". This game bring back memories of old school arcade games with numerous adventure. World of this game contains well designed levels, various enemies, bosses, simple gameplay, nice graphics and soothing music and sounds.

2-Zombie Anarchy: War & Survival

Do you have what it takes to survive Hell on Earth?
Begin a desperate struggle to stand among the living in this bold action-strategy survival game. Find the last humans on Earth and train them in the art of survival as you wage war against the apocalypse. Build defenses to protect your camp from an army of raiders and battle against the living in online multiplayer missions. Kill leagues of undead walking the city as you begin fighting for the secret behind the infection that ended the world.

3-Bloons Supermonkey

Endless legions of colorful bloons in outlandish shapes and patterns are invading Monkey Town and only Super Monkey can stop them! Equip dozens of powerful weapons, unlock never-before-seen Super Monkeys, and use dozens of screen-clearing powerups to pop every bloon and achieve a perfect diamond ranking.
* 50 vibrant levels, each with unique bloon waves
* Colorful, easy to control family fun for new gamers
* Intense skill-based diamond challenges for hardcore players
* 90+ weapons including epic powers like Doom Gauntlets, Sidewinder Ace, and Yeti
* 40+ bloon shredding powerups like Explosive Shots, Parallel Universe Monkey, and the Sun God
* Compare level ranks with your friends
* Fast-action, pop everything fun-fest
Take to the skies and get popping!

4-One More Bounce


Bounce your way to victory by simply drawing a line. Sounds easy right?
From the creators of One More Line, One More Jump and Thumb Drift.
Features:
- 100+ hand crafted levels (new levels added every month)
- Daily endless mode : One new level every day!
- Customize your character with unlockable themes and avatars
- Share gameplay moments through animated gifs
- Original music soundtrack by Big Giant Circles
How to Play:
- Drag to draw a line
- Make the right angle to direct your avatar
- Bounce your avatar through the level
- Collect all three level diamonds to show your mastery
PERMISSIONS:
READ + WRITE external storage permissions needed to save and share game-play gifs

5-Break liner

 A great game from Ketchapp. The visuals and physics are great. The soundtrack is suiting to the atmosphere and it changes as you reach certain goals. And there's actual progression in this game.. Which feels right. As you level up it gets harder.. Throwing more obstacles at you. A welcomed change from most apps in this category. An upgrade system to the ship would give it 5 stars from me

6-Flappy golf 2

The sequel to the insanely addicting Flappy Golf is here! Featuring the courses of Super Stickman Golf 3.
Play our famous Race Mode either online against your friends or locally for some serious fun! Or flap your way to the hole in as few flaps as possible to earn all the Gold Stars. Can you get them all and unlock Super Star Mode?

7-Circuroid

Circuroid is an unique fast-paced colorful arcade shooter where you must defend the circular perimeter from endless of incoming asteroids.
Circuroid features an intuitive control where you can precisely switch between positions of your spaceship around the circle to shoot at the direction that you are pointing.
More than dozens of colorful Power Ups to unlock. Each Power Up will change the color and behavior of your spaceship which brings you a whole new gameplay experience while defending the perimeter.

8-Putthole

Putthole! An endless putt-putt puzzle game that you can play at your own pace.
Connect balls with holes to score as high as you can. Completed tracks clear tiles, cleared tiles award points, more tiles are worth more points. The game is over when you've run out of moves. Take risks and go for the longer tracks, or play the slow and steady game? I don't care!

9-Shootout in Mushroom Land

Not so many downloads worldwide and no game awards !
Use guns, helmets, grenades and jetpacks to find and collect the map pieces placed in the empty jam jars around the island.
Ben from Team Hot Guns has a job to locate and secure the legendary Money Tree, but as it always happens in this kind of nonsense stories - he's not the only one looking for it.

10-Asphalt Xtreame

 Overall, it was very addictive and exciting! I just can't stop playin this all day! But if u guys can make playable offline #no internet connection, to play in campaign.. Then I'll give 5star for good! Great job #GAMELOFT for all your games.. Thank You very much.. I've been your been biggest fan since the beginning of Gameloft gaming app.. Godbless #GAMELOFT keep on going guys!!


          




If you like the post please share it ... :)
Share:

Comment

Labels

Recent Posts

Unordered List

  • Lorem ipsum dolor sit amet, consectetuer adipiscing elit.
  • Aliquam tincidunt mauris eu risus.
  • Vestibulum auctor dapibus neque.

Sample Text

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Ut enim ad minim veniam, quis nostrud exercitation test link ullamco laboris nisi ut aliquip ex ea commodo consequat.