Saturday, February 9, 2013

Methods/Precautions to Become Anonymous Before and After Any deface and ddos........

All information in this tutorial is for educational purposes only. Any illegal activity relating to this tutorial is not my responsibility, although I would like to say I don't care how you use it, I do. So please do not use this for Black-hat activities. One day when you grow up you might realise that you have been a skid, by using mass-deface techniques and SQLi for your entire life. Do not just hack a site because it is there. I have a few sites of my own and its annoying, unproductive, and pointless.

Hide like a hacker


i- Protection
ii- Encryption
iii- Anonymity
iv- Links


1. Protection

Basically what I am trying to say in this section is, before you go out hacking other people and other things, just check for a second and make sure it's not as easy to hack your device. There are some pretty simple steps for this though.
Make sure all your security updates are installed, if you have windows firewall disable it.
Download your own firewall. If you are behind a router you can skip this.
Make sure all unused ports are closed.
Check your msconfig, run a few HJT logs and Malwarebyte's to make sure you are not already infected.
Use a keyscambler to prevent keyloggers

It is important that you are not infected because other could see you hacking and steal it from you or alternitively, if they get caught, you get caught. On the other hand you might want to stay infected by a bot or RAT so if and when you are caught you can claim you had no knowledge and the bot controlled your PC and performed the hack without your knowledge. However I am not someone who intends to be caught. (I'm not really a black hat either)

I don't personally use an AV for many reasons reasons:
It is possible to make an FUD virus, this is likely to be what you get infected with.
It often goes around deleting your stuff without asking.
They slow down your PC and often hog the CPU.
Whilst performing updates it slows down your connection.

FireWall: (not tested)
http://personalfirewall.comodo.com/

KeyScrambler:
http://www.qfxsoftware.com/

HJT:
http://download.cnet.com/Trend-Micro-Hij...27353.html

Malewarebytes:
http://www.malwarebytes.org/

Another way to prvent this is to use a Lixux-based O/S as altohugh these aren't 100% secure they have a lot on Windows machines due to the fact they are less common.

But remember you are not invisible:

Code:
If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pwned.

"Hi all,

This is very embarrassing…

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.

This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in)."

2. Encryption

Be under no ilussions, this is one of the most important steps to keeping information secret. Now I am a big fan of encryption and here is why:

"if your encryption program uses 128-bit keys, your particular key could be any of more than 3.4 trillion billion billion billion possible combinations. More likely to win the lottery than to crack that level of encryption using the brute-force method"Or just use RSA 4096-bit and 256-bit AES?

Now I think this says a little bit about how much safer encryption makes you, if you encrypt your HDD using 256-bit, there is little chance even the authorities will crack it.... in your lifetime. However do be aware of local law for example in the UK the new Regulation of Investigatory Powers Act states:

Individuals who are believed to have the cryptographic keys necessary for such decryption will face up to 5 years in prison for failing to comply with police or military orders to hand over either the cryptographic keys, or the data in a decrypted form.

The penelties are up to 5 years for terrorism-related inforamtion and 2 years for "All other failures to comply"

Therefore depending on the strength of your offence it could be more wise to with-hold your key on claims of a privacy breach, and face the maximum two years than to hand over your keys.

The program I most recomend for doing this is

TrueCrypt:
http://www.truecrypt.org/

True crypt can provdie 256-bit encryption

Code:
The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.

Oh and that's not even the most useful part:

TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove (provided that certain guidelines are followed — see below). Thus, you will not have to decrypt or reveal the password for the hidden operating system.

As there is a pre-boot authentication process which asks for your encryption password you can have two, one for people to see and one for hacking purposes. This is IMPOSSIBLE to prove so I highly recommed using it, although I don't use it myself...

3. Anonymity

Now, this is THE MOST IMPORTANT section of the whole tutorial, get this part right and you can pretty much forget about the rest (however if you are performing something illegal following the other steps might help you sleep better).

Hidding your IP and identity is crucial. Here is my prefred methods:
SOCKS5 Proxy
L1 HTTPS Proxy
GCI proxy
Encrypted VPN (no logs)

Diference between SOCKS and HTTP

Code:
SOCKS

Bill wishes to communicate with Jane over the internet, but a firewall exists on his network between them and Bill is not authorized to communicate through it himself. Therefore, he connects to the SOCKS proxy on his network and sends to it information about the connection he wishes to make to Jane. The SOCKS proxy opens a connection through the firewall and facilitates the communication between Bill and Jane. For more information on the technical specifics of the SOCKS protocol, see the sections below.
HTTP

Bill wishes to download a web page from Jane, who runs a web server. Bill cannot directly connect to Jane's server, as a firewall has been put in place on his network. In order to communicate with the server, Bill connects to his network's HTTP proxy. His internet browser communicates with the proxy in exactly the same way it would the target server—it sends a standard HTTP request header. The HTTP proxy reads the request and looks for the Host header. It then connects to the server specified in the header and transmits any data the server replies with back to Bill.

Remember:

Code:
HTTP proxies are traditionally more HTTP protocol aware and do more high level filtering (even though that usually only applies to GET and POST methods, not CONNECT). SOCKS proxies can also forward UDP traffic and work in reverse - HTTP proxies can't do that.

Due to the restrictions of a HTTP proxy, they ONLY work for HTTP traffic and do not support UDP and other types of proxy uses. the reason is because they "infer the address of the server and therefore may only be used for HTTP traffic".

Use both HTTP and SOCKS if possible though this is known as "Proxy Chaining" this is used to make your actions harder to trace but its not truely effective.

REMEBER: Do not use an L3 HTTP proxy as they show your true IP in the header and are therefore essentially pointless.

VPN

This is by far the most effective way to conceal your identity. It channels you traffic and encrpts it with 128-bit. Although some support 256-bit. Often a VPN is much more reliable and does not slow down your connection as much (in fact I haven't noticed mine at all)

A VPN is a virtual Private Network

Code:
"Secure VPNs use cryptographic tunneling protocols to provide confidentiality by blocking intercepts and packet sniffing, allow sender authentication to block identity spoofing, and provide message integrity by preventing message alteration."

The best VPN's are paid I used to have a link to a free VPN but that is dead now. I will edit this if I find a link again.

A decent PAID VPN is: HMA

But always use this in conjunction with something else if you are breaking something...

ProxyFirewall is a good program which runs SOCKS and HTTP proxies

[http://uniqueinternetservices.com/proxy-firewall-download.html

Bibliography:

UK law report:
http://arstechnica.com/tech-policy/news/...l-time.ars

Regulation of Investigatory Powers Act:
http://www.opsi.gov.uk/acts/acts2000/ukpga_20023_en_8

Goverment stance on AES:
http://csrc.nist.gov/groups/STM/cmvp/doc...SS15FS.pdf

Wikipedia review on AES:
http://en.wikipedia.org/wiki/Advanced_En...d#Security

TrueCrypt Hidden o/s:
http://www.truecrypt.org/docs/?s=hidden-...ing-system

SOCKS Information and example:
http://en.wikipedia.org/wiki/SOCKS

Proxy Chaining:
http://www.freeproxy.ru/en/free_proxy/fa...aining.htm

Linux infection news:
http://www.zdnet.com/blog/bott/linux-inf...dated/2206

Official IRCd announcement:
http://forums.unrealircd.com/viewtopic.php?t=6562

Downloads linked:

Proxy firewall:
http://uniqueinternetservices.com/proxy-...nload.html

TrueCrypt:
http://www.truecrypt.org/downloads

UltraVPN:
https://www.ultravpn.fr/download.htm

FireWall: (not tested)
http://personalfirewall.comodo.com/

KeyScrambler:
http://www.qfxsoftware.com/

HJT:
http://download.cnet.com/Trend-Micro-Hij...27353.html

Malewarebytes:
http://www.malwarebytes.org/




No comments:

Post a Comment