EXPLAINATION OF OSI LAYER

Before we guys going through real hacking tricks we need to know what is exactly the OSI layer.. Because everything is depend on this seven layer..As more you learn about this, as much as you will be a great hacker..

OSI Layer:

let's breakdown this definition piece by piece and then we'll move onto a thorough explanation of each layer. Standards are rules of communication between two or more machines Protocols are instances of standards that apply to communication between equal processes on different machines but on the same layer. This same layer communication is known as horizontal

communication. In an attempt to create an analogy imagine standards as Federal Laws protocols would be like State Laws.

A framework is like a blueprint, a basic design. Lastly, a network is a system of computer components that connects two or more computers.

Application Layer:- 

Starting at the top, the Application layer allows communication to take place between two different applications on two  different machines.

Different applications have different protocols just as different file systems have different naming conventions and other such incompatibilities are all dealt with on the application layer. 

Examples of different applications are file transfers and e-mail..

Presentation Layer:- 

Just below the Application Layer is the presentation Layer. The basic design of the presentation Layer is format the information to be delivered or information received to the preferences of the two computers involved in the transaction.

These computers agree on a transfer syntax. It is as if English and German speakers, who both also speak French and Italian agree to communicate in French ?(Panko) This layer is also were processes such as data compression and data encryption also occur. This layer also causes many problems for any computer trying to communicate with it using TCP/IP.

because TCP/IP does not have a specific layer to serve these purposes..

Session Layer:- 

The Session Layer establishes a session between two computers. 

This session may be remotely timed, may allow file transfer, it may manage dialogue. This dialogue can allow traffic to go in both directions at the same time or may limit transfer so only one party may transmit at a time. 

The session can also be set up for token transfers. This token is like a talking stick in the kindergarten. The person with the talking stick is the only one allowed to talk at a time. When it is passed, then that person becomes the only one allowed to talk. Another service of the Session Layer is to enable synchronization.

This option prevents all possibility of collision during transmission. 

Examples of Session Layer Protocols include NetBIOS, Name Pipes, Mail Slots, and RPC (OSI Model Layers).

Transport Layer:- 

The main function of the Transport Layer is to receive data from the Session Layer, break it up into smaller units if needed, pass them all to the network layer, and ensure that all of the pieces arrive at the destination correctly. 

The Transport Layer establishes the correct network connection specified by the Session Layer. The Transport Layer may create multiple network connections, to increase throughput. Depending on the options set due to expensive transmission costs, the Transport Layer may also multiplex many connections onto the same network connection. 

Multiplexing is the act of breaking up the connection into sections to send more information at once. The type of service is also determined on this layer, such as Point-to-Point. 

The Transport Layer uses the transport header to tell the receiver what message belongs to what connection. The final responsibility of the Transport Layer is to establish network connections and delete them.

Examples of protocols used on the Transport Layer are NetBIOS, TCP, and ATM (OSI Model Layers).

Network Layer:- 

I know this is boring, but there’s only three more layers to go. The Network Layer is next. 

“The network and transport layers of the OSI correspond closely to the internet and transport layers of TCP/IP (Panko). The Network layer controls the operation of the subnet.

The Network Layer decides the route for the packets to take. This route may be “wired into?

Such as in a terminal session, or may be dynamic which allows for decision making according to the current network workload.

The Network Layer also keeps track of the amount of data sent for billing purposes.

Data Link Layer:- 

The Data Link Layer is what you could consider the organizer of the system.

The Physical Layer accepts data with no regard for organization. The DLL (Data Link Layer) organizes the received data into a single stream in order as described by the frame. 

The DLL provides error control, by announcing any missing frames or damaged ones. 

The DLL can also regulate the speed of transmission. This is necessary when the sender is capable of sending information much faster than the receiver can take it. 

This is critical in preventing loss of data and congestion. If the Session Layer has allowed for transmission in both directions, the DLL must compensate for lack of transmission capabilities by using techniques such as piggybacking. 

The protocol for this layer is the 802.1 OSI Model (OSI Model Layers).

Physical Layer:- 

Finally, the Physical Layer is the most basic of all the layers in concept. All it does is transmit and receive data in the form of electrical pulses.

 It uses binary language to transmit. The electrical signal is in pulses, so a 0 represents off and 1 represents on.

 Problems on this layer come from use of physical transmission medium like a phone line or a cable line or even a fiber optic line. 

The transmission protocols for the Physical Layer include IEEE 802, IEEE 802.2, ISO 2110, and ISDN (OSI Model Layers).

NMAP PROJECT

Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing.
 Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, 
what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. 
Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

NOTE: Only for educational purpose. Guys please don't misuse. 

BROWSE ANONYMOUSLY

There are possibilities of Tor being compromised by the NSA who has called it “the king of high secure and low latency anonymity.” The US department of defense, that includes NSA, funds the Tor Project and in the past, it has tried to compromise its integrity. The NSA has attempted to break the Tor browser’s encryption and has been successful to a small extent. You must have read our dedicated article on how true Identity of tor users can be hacked.

In past, Tor network has announced that some unknown sources have managed to get the information about people who are using these hidden services.

Here we are presenting a list of top 5 best Tor alternatives that you can use:

Tor alternative #1: I2P

I2P is an anonymous peer-to-peer distributes communication layer which is built using the open source tools. It is a complete Tor alternative. Just like any other P2P software, the software implementing this computer network layer is called I2P layer and other computers running I2P is called I2P node.

It is designed and optimized for hidden services, faster than Tor with fully distributed and self-organizing capability. Unlike Tor, peers are selected based on continuous ranking and profiling.  There are unidirectional tunnels instead if bidirectional circuits, thus making the number of nodes double which a node has to compromise to get the same information.

Tor alternative #2: Tails

Tails is one of the best Tor alternatives available out there. It is a live operating system which could be started from any computer using a USB drive, DVD or a SD card. It has in-built pre-configured apps that give you the services of a web browser, IM client, office suite, editors for image and sound etc. It uses Tor’s services for providing the anonymity but adds extra security layers. This could be used anywhere without leaving any trace.

Tor alternative #3: Subgraph OS

It uses the Tor network just like Tails but it focuses on usability. This Canadian security firm calls it an “adversary resistant” operating system that is designed to reduce the attacks on users. It boasts that it has built-in encrypted email client, built-in disk encryption and firewall. Added to these, Subgraph OS provides you the advantages of limiting the ability of malicious files and data formats. Unlike Tails, Subgraph OS could be run as a permanent OS rather than a bootable OS from a USB or BVD.

Tor alternative #4: Freenet

Freenet is a peer-to-peer to resist the censorship similar to I2P. It uses the same P2P technology of distributing data storage to deliver and keep the information but separates the protocol of user interaction and network structure. This makes it easy to access the Freenet network using a variety of ways like FProxy.

Since its version 0.7, Freenet comes with the two-tier security: Darknet and Opennet. With the help of Opennet, users connect to arbitrarily with other users. Using Darknet, users connect to only those users with whom they exchanged Public Keys in the past. Both of these modes could be used together. It comes with a free software suite to enhance the censorship free communication over the web.

Tor alternative #5: Freepto

Freepto is another Linux-based OS which could be booted using a USB disk on any computer. The data you will save on the USB disk will be automatically encrypted. It provides the hacktivists an easy way to communicate easily just like Tor. Freepto is a collective startup promoting the knowledge sharing. This OS comes loaded with a web browser, image editor, mail client and it’s easy to install. You can also create a customized version of Freepto. You are free to add new software and make changes. It is based on Debian Live Build which is a set of tools that helps you to make new and Debian-based Linux distributions.

CREATE MALWARE TO ATTACK INDIAN GOVERNMENT

Last year on December 24, 2015, a potential online target was identified which was delivered via an email to a high profile Indian diplomat, an Ambassador to Afghanistan. The email was spoofed and crafted as if it was sent by the current defence minister of India, Mr. Manohar Parikar. The mail commended the Ambassador to Afghanistan on his contributions and success.

Looking at the recent Political interests of India in building and funding Afghanistan’s infrastructure and economic development, it is possible that some groups are interested in tracking and spying on the key political individuals.

Some of the economic interests which have been taken by India in Afghanistan are setting up iron ore mines, steel plants, power plants and transportation systems, helping reconstruct the Salma Dam and constructing a new Parliament Complex for the Afghan Government.

Here is how the email which was a Trojan was supposed to work:

• The Rich Text format downloads an executable from newsumbrella[.]net.
• The executable downloaded file is executed on the Victim’s machine
• The executable ‘file.exe‘ is a downloader which is used to call out to a server with the IP ‘46.166.165.254‘ and downloads the main Rover malware along with plugins used by the Rover malware.
• Rover malware and plugins are downloaded and installed on the victim machine.
• Data exfiltrated from the victim’s machine.

Researchers are relating it to the OpenCV technology. It is interesting to know that the OpenCV has been extensively used by organizations and research groups for real-time capture, image manipulation, object detection and many other uses in new forms of human-computer interaction, security systems, driver-less cars among many others. OpenCV was also used by the Mars Rovers to send captured data back to Earth.

It is interesting to see that the very code used in Mars Rovers are also being used to track and spy on individuals being targeted and which can remain undetected by traditional security systems.

HOW TO SHARE YOUR WIFI PASSWORD WITH QR CODES

This is how you can share your Wi-Fi password with QR codes to your friends

You do not need to face the trade off between “easy to remember” and “hard to guess”

The first thing people do when they visit someone is asking the WiFi password. And if you are among the security conscious geeks who set a password such that even F.B.I. might have hard time cracking it, you may not want to bother about remembering and typing your password again and again.

The solution to this problem is “QR code”. You can generate a QR code for your Wireless AP and the aspiring person has to scan it in order to connect. You can generate QR code online or offline, but we recommend doing it online.

There are various websites which let you generate these codes, we recommend using goqr.me as it is hassle free and provides live demonstration of your QR code.

Go to the website and you will be presented with this :

This is a simple text option. You can fill your password in the text section and generate the corresponding code.
Then you have to save it in your device, get it printed and place somewhere. Numerous formats are offered along with vast customization options. That is you can adjust the QR code’s color scheme, size etc.
This code, when scanned will present the text . Then, user will have to copy the text and paste in the password section of connection prompt of your AP.

This is one way, the other one is to use a dedicated QR code. Click on the “lock” icon on this website’s left pane and you’ ll see something like this..

Fill the details and download the code. The user then has to scan it using a feature rich QR code scanner. Which will display the details and establish connection on one tap.

A good scanner which has the required feature is QR and Barcode Scanner

On Scanning the dedicated QR code on your Android phone using this app, the details will be displayed as follows:

For connecting, you just have to tap the connect icon once.

This was all about how to share your complicated WiFi password easily.

KALI LINUX 2.0. NEW TRICKS AND TIPS

After a long waiting, the Kali Linux got updated... In this post we going to see some useful tips and tricks that we can do with the Kali Linux 2.0 .
In the last session we saw how to hack Facebook, Gmail and how to hack Android and windows.. 
In this session we just going to see new Kali Linux features and it's tools.
The most awaited version of Kali Linux is dubbed as Kali 2.0 or Kali Sana. Kali Sana has a new Graphical User Interface which looks like the Unity GUI of Canonical's Ubuntu Operating System. New Kali has redesigned the main menu and the tools category and has fast desktops shuffling feature. This version brings the lesser Metasploit load time with Native Ruby 2.0 support and built-in Desktop notifications feature as well as built-inscreen-casting feature. Also providing weekly updates for core tool-sets.