Showing posts with label Backtrack5 R3. Show all posts
Showing posts with label Backtrack5 R3. Show all posts

Credit Card Generating Sequence

This file is for educational purposes ONLY to show how insecure is our world! I take no responsibility for your actions! I'm NOT responsible for any damages you make! The information in this file may be incorrect. You can copy this file but you are not allowed to change anything in this file without the author's permission. This is a personal file which you are not supposed to read, so just go away.

TURN WORD WRAP ON IF YOU USE TEXT EDITOR Wink

-------------------------------------------------

How to generate valid credit card numbers by yourself (Credit Cards Algorithm)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

If you desperately need a valid credit card number because you don't have
your credit card generator - generate a valid credit card number by
yourself!

The way of doing it, is simple - you just need to remember it. First of all
let me fast explain you about the credit card number. Credit cards use the
Luhn Check Digit Algorithm. The first number depends on the credit card
type, such as : Visa, Master Card, Discover etc. The folowing few numbers
depend on which bank the credit card belong to. The other numbers can be
any numbers. The last number will be the most important number. Here are a
few examples that will be useful later:

1. Visa [Citibank] - 4013 **** **** **** {Lenght: 16 numbers}
(Visa Cards begin with number 4. Number 013 - represents Citibank)

2. Gold Visa [Bank of America] - 4024 0238 **** **** {Lenght: 16 numbers}
(the number 4024 0238 in the beggining tells us that this is Gold Visa of
the Bank of America)

3. Visa - 4*** **** **** ** {Lenght: 14 numbers}
(All Visa cards begins with number 4. This is an ordinary Visa card. It
can be also 16 numbers)

4. Master Card [Bank of America] - 5254 **** **** **** {Lenght: 16 numbers}
(Master cards begin with 5 in the beggining and the other few numbers
depend on the bank)

5. Master Card [Citibank] - 5424 **** **** **** {Lenght: 16 numbers}
(Master card that belongs to Citibank)

There are lots and lots of other credit cards numbers but this will be
enough for now. So as you should understand by now - the first numbers
depend on which bank it belongs to and what credit card it is. The lenght
of the numbers depends on the credit card type too.
All the other numbers except the last one can be whatever you wish! The last
numbers is the one that will determine the validation of the credit card number.

Example #1:
-=-=-=-=-=-

So lets take for example the first Visa [Citibank]:

4013 **** **** *** X
|__| |___________| |________________All depends on this number!
| |
| |___Any numbers you wish.
|
|_____This number says it belongs to Citibank and it's a Visa card.

Now we want to generate our own valid credit card number. The number must
begin with those numbers (4013 or any other number which belongs to credit
card company/bank). Without them it won't be valid. As i said, there are a
lot of credit cards - you can use one of the list above.
We took the Visa [Citibank] number for the first example.

[1] The "*" represents any number. So lets choose them (ANY 11 numbers!):

Before we choosed any numbers: 4013 **** **** *** X
|||| |||| |||
We get this after choosing the numbers: 4013 5426 7346 375 X

[2] We need to add together every second number:

4013 5426 7346 375 X
| | | | | | | |
0+3 +4+6 +3+6 +7 +X

We need to find the "X" so it will create a valid credit card number, so
for now we don't count it. We get:

0+3+4+6+3+6+7=29 < -= Final sum of section #2

[3] Now we need to multiply by 2 any other numbers and add them together. If
the number bigger than 9 - we subtract 9 from the number, this to get a
one digit number.

4013 5426 7346 375 X
| | | | | | | |
4 1 5 2 7 4 3 5

Multiply by 2:

4*2=8
1*2=2
5*2=10-9=1 (the number is bigger then 9)
2*2=4
7*2=14-9=5 (the number is bigger then 9)
4*2=8
3*2=6
5*2=10-9=1 (the number is bigger then 9)

Add them together:

8+2+1+4+5+8+6+1=35 < -= Final sum of section #3

[4] Now we take the final sum of section #2 and add it to the final sum of
section #3. We get:

29+35=64

[5] Now we need to take a bigger number that can be devided by 10. The
closest one is 70. (if we get 64 then we go up to the next number that
can be devided by 10 - we get 70. The same with others: 37...40, 24...30,
59...60 etc). If we get number that can be devided by 10 (in section #4)
then we leave it unchangble. In other words, numbers like 10, 20, 30, 40
etc are left the same because they can be devided by 10.

64...70

[6] Now we subtract the smaller number from the bigger number and we get:

70-64=6

Waaallla! 6 is the last number [X=6]. Then the final VALID credit card
number is:

4013 5426 7346 375 X
|||| |||| |||| ||| |
4013 5426 7346 375 6

Yes! The number 4013 5426 7346 3756 is a valid credit card number!
The expire date and the name are not related to the credit card number, thus
the expire date or the name can be whatever you want.
You can check a validation of a credit card number by the same method and if
you get the same last number as it is in the credit number
(the one you want to check) then it is a valid credit card number.

Here are another few examples so you will take a little practice and
understand the whole process:

Example #2:
-=-=-=-=-=-

Gold Visa [Bank of America] - 4024 0238 **** ****

[1] Choose any numbers:

4024 0238 3425 642X

[2] Add together every second number (Except "X"):

0+4+2+8+4+5+4=27 < -= Final sum of sec. #2

[3] Multiply by 2 any other numbers (subtract 9 if it's bigger than 9) and
add them together:

4*2=8
2*2=4
0*2=0
3*2=6
3*2=6
2*2=4
6*2=12-9=3
2*2=4

8+4+0+6+6+4+3+4=35 < -= Final sum of sec. #3

[4] Adding sum of sec. #2 to sum of sec. # 3:

35+27=62

[5] Take the closest bigger number that can be devided by 10:

62...70

[6] Subtract:

70-62=8

X=8

Final VALID credit card number:

4024 0238 3425 6428
===================

Example #3:
-=-=-=-=-=-

Visa - 4*** **** **** **

[1] Choose any numbers:

4921 2354 4364 0X

[2] Add together every second number (Except "X"):

9+1+3+4+3+4=24

[3] Multiply by 2 any other numbers (subtract 9 if it's bigger than 9) and
add them together:

4*2=8
2*2=4
2*2=4
5*2=10-9=1
4*2=8
6*2=12-9=3
0*2=0

8+4+4+1+8+3+0=28

[4] Adding sum of sec. #2 to sum of sec. # 3:

24+28=52

[5] Take the closest bigger number that can be devided by 10:

52...60

[6] Subtract:

60-52=8

X=8

Final VALID credit card number:

4921 2354 4364 08
=================

That's not that hard after you practice it a bit.
Ohh... Btw the number 4123 456 789 1235 is a valid credit card number, but if you will use credit cards like this one, you will loose the game faster then you think.

Installing backtrack 5 R3 in virtual machine step by step











In this tutorial i will show you how to install Backtrack 5 R3 which is recently  released by offensive security team . if you've previously installed backtrack then you might be familiar with backtrack installations  . its easy and simple just follow given simple steps.

Stage 1 
Requirements
1 : Download backtrack ISO from here
2 :  Download VMware Workstation or  VMplayer
3 : Install any of above 


Stage 2

Installation 

1 : Create A new virtual machine
2 : choose installer ISO ( choose backtrack 5 ISO ) 

3 : choose Linux as your guest operating system type and Ubuntu as version
4 : give a name and location of your backtrack VM 
5 : Specify virtual hard drive space ( 20 GB is good enough )
then click finish from ready to create vm window 
hit enter to go boot screen then choose default boot text mode and hit enter
HIT ENTER AT THIS POINT

type startx to start GUI ( x server ) 

click on Install backtrack icon or open terminal type sh -c "ubiquity" 
and continue like normal installation choose keyboard type and provide location info 

if you are installing just backtrack then go normally and erase and use entire disk 

or if you installing backtrack with other OS then specify partition accordingly ( in this tutorial m using virtual hard-drive ) 
click on forward and click on install



wait until it finish installing 



it will take up-to 30 minutes depend on your system
  













Stage 3
Network Configuration 
virtualbox guest audition installation 
vmware tools installation 
backup and recovery

The Hacker’s Choice releases SSL DOS Tool



______________ ___ _________ \__ ___/ | \ \_ ___ \ | | / ~ \/ \ \/ | | \ Y /\ \____ |____| \___|_ / \______ / \/ \/ http://www.thc.org THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via single TCP connection. Download: Windows binary: thc-ssl-dos-1.4-win-bin.zip Unix Source : thc-ssl-dos-1.4.tar.gz Use "./configure; make all install" to build. Usage: ./thc-ssl-dos 127.3.133.7 443 Handshakes 0 [0.00 h/s], 0 Conn, 0 Err Secure Renegotiation support: yes Handshakes 0 [0.00 h/s], 97 Conn, 0 Err Handshakes 68 [67.39 h/s], 97 Conn, 0 Err Handshakes 148 [79.91 h/s], 97 Conn, 0 Err Handshakes 228 [80.32 h/s], 100 Conn, 0 Err Handshakes 308 [80.62 h/s], 100 Conn, 0 Err Handshakes 390 [81.10 h/s], 100 Conn, 0 Err Handshakes 470 [80.24 h/s], 100 Conn, 0 Err Comparing flood DDoS vs. SSL-Exhaustion attack: A traditional flood DDoS attack cannot be mounted from a single DSL connection. This is because the bandwidth of a server is far superior to the bandwidth of a DSL connection: A DSL connection is not an equal opponent to challenge the bandwidth of a server. This is turned upside down for THC-SSL-DOS: The processing capacity for SSL handshakes is far superior at the client side: A laptop on a DSL connection can challenge a server on a 30Gbit link. Traditional DDoS attacks based on flooding are sub optimal: Servers are prepared to handle large amount of traffic and clients are constantly sending requests to the server even when not under attack. The SSL-handshake is only done at the beginning of a secure session and only if security is required. Servers are _not_ prepared to handle large amount of SSL Handshakes. The worst attack scenario is an SSL-Exhaustion attack mounted from thousands of clients (SSL-DDoS). Tips & Tricks for whitehats 1. The average server can do 300 handshakes per second. This would require 10-25% of your laptops CPU. 2. Use multiple hosts (SSL-DOS) if an SSL Accelerator is used. 3. Be smart in target acquisition: The HTTPS Port (443) is not always the best choice. Other SSL enabled ports are more unlikely to use an SSL Accelerator (like the POP3S, SMTPS, ... or the secure database port). Counter measurements: No real solutions exists. The following steps can mitigate (but not solve) the problem: 1. Disable SSL-Renegotiation 2. Invest into SSL Accelerator Either of these countermeasures can be circumventing by modifying THC-SSL-DOS. A better solution is desireable. Somebody should fix this www.blogbari.com