Thursday, November 17, 2016

Hack Locked Computer using $5 Device (PoisionTap)

If you think that your computer is safe when it is locked with a strong password, then Samy Kamkar’s device PoisionTap will make you wrong. This cheap exploit tool takes just 30 seconds to install a privacy-invading backdoor into your computer.

PoisionTap, a tiny $5 Raspberry Pi Zero microcomputer loaded with Node.js code and attached to a USB adapter. Inventor has publicly released the source code to PoisionTap, so that any would-be hacker can try it out for themselves.

If you are a hacker and want to hack or get information of any of your coworker in your office. All you need is to plug this device in the target computer and wait. PoisonTap targets the victim’s browser cache and injects the malicious code there.

Once the hacking tool is recognized by the target machine, it is loaded as a low-priority network device that starts impersonating a new Ethernet connection and runs a DHCP request across it. The machine sends a DHCP request to the tool that in response tells it that the entire IPv4 address space is part of PoisonTap’s local network. In this way, the entire traffic it routed through the PoisonTap device before reaching the legitimate gateway to the Internet. With this trick, it intercepts all unencrypted Web traffic and steals any HTTP authentication cookies used to log into private accounts as well as sessions for the Alexa top 1 Million sites.

PoisonTap will give you an invisible position on the local network to connect to the intranet site and send data to a remote server. Now this computer will be in your control even after this tool is unplugged from the targeted computer. Since it uses siphons cookies, you can also hijack the target user's online accounts even they are secured with two-factor authentication (2FA).

Inventor says “it can also bypass many other security mechanisms, including same-origin policy (SOP), HttpOnly cookies, X-Frame-Options HTTP response headers, DNS pinning and cross-origin resource sharing (CORS). Whenever the websocket is open, the attacker can remotely send commands to the victim and force their browser to execute JavaScript code

There is no easy fix available for users as long as a web browser application is running in the background.

Thursday, November 3, 2016

Google’s Disclosure Makes Microsoft Unhappy

Now Google has started a new war by publishing details about a critical vulnerability in Windows and that makes Microsoft angry. Google claimed that it reported the bug to Microsoft 10 days ago but company did nothing to address this issue.

In its official Security Blog , Google wrote:

"After seven days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released.

Google confirmed that it repaired the vulnerability for its Chrome users, and Adobe issued an update for Flash last week.

Google describes the vulnerability, CVE-2016-7855, as:

“A local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.”

Microsoft shows his anger by below statements:

"We believe in coordinated vulnerability disclosure, and today's disclosure by Google could put customers at potential risk,"

“We disagree with Google's characterization of a local elevation of privilege as 'critical' and 'particularly serious,' since the attack scenario they describe is fully mitigated by the deployment of the Adobe Flash update released last week. Additionally, our analysis indicates that this specific attack was never effective in the Windows 10 Anniversary Update due to security enhancements previously implemented."

It’s not first time, Google exposed bug in Microsoft. In 2015, Google published bug report 90 days after informing MS company.

Microsoft’s Chris Betz said at the time “The decision feels less like principles and more like a ‘gotcha’, with customers the ones who may suffer as a result. What’s right for Google is not always right for customers.”

Tuesday, November 1, 2016

Increase JIO Internet Speed - Simple Tricks

Nowadays every Indian is going after Jio SIM and trying hard to get new SIM from reliance store. However, they are being disappointed due to slow internet speed. There are several post and videos to speed up your Jio internet but they are absolutely waste of time and promotion of their apps. I’m not saying that below tip will work 100% for you but I checked few of phones and observed better speed. But before telling you about these tricks, will give you some background on LTE band.

About 4G band:
Please see below band information using by Indian service providers.]

Airtel offers 4G on Band 40 (2300MHz)
Vodafone offers 4G on Band 5 (850Mhz)
Reliance Jio offers 4G on Band 3, Band 5, and Band 40.

Before we move ahead, it is important to know the difference in these three bands and how they work.

Best coverage: Band 5 > Band 3 > Band 40.
Best speed: Band 40 > Band 3 > Band 5

In that case, you will get best connection speed in the Band 5 then your speed will not be as good and if you are on Band 40 then you will get good speed but coverage will be poor.

Please be informed your phone automatically switches between bands according to the strength of the signal at a certain location, that’s why Reliance Jio work in good speed at certain areas than poor at others.

You can fix the LTE band to get better Jio speed by doing below changes.

Trick 1: Select band 40 manually

  • To increase speed, follow these steps
  •  Dial *#*#4636#*#*
  • Select phone information 
  •  Select "Set preferred network type"
  • Select LTE Only
For Qualcomm processor

 Install Shortcut Master (Lite) app from Play Store.-à Menu > Search -à Type "Service Menu" or "Engineering Mode" and search à Open if found and access to change LTE bands

For MediaTek processor

Install MTK Engineering Mode à Run app à Select 'MTK Settings' à Select 'BandMode' àSelect SIM slot where you have put your Jio SIM à Select 'LTE mode' à Select band 40 for best speed or band 5 for best coverage à Save settings & reboot mobile to activate changes.

Note: These methods may or may not work even if you have smartphones with these processors. We suggest you to try these on your own risk.

I would suggest, note down your current setting before making changes manually. If you see any network issue with above changes so you can reset your settings. I hope you understand that one band work for good speed and other one is being used for better coverage.

Trick 2: Change APN settings

Jio internet speed can be increased by making changes on APN settings.

Please note down your existing setting before going for change.

Change the APN Settings as shown below.
 Name - RJio
 APN - jionet
 APN Type - Default
 Proxy - No changes
 Port - No changes
 Username - No changes
 Password - No changes
 Server -
 MMSC - No changes
 MMS proxy - No changes
 MMS port - No changes
 MCC - 405
 MNC - 857 or 863 or 874
 Authentication type - No changes
 APN Protocol - Ipv4/Ipv6

Use Snap VPN :

Now download Snap VPN app from the Google Play Store and connect to Singapore or France server. This should improve your downloading speed but not browsing speed.

Enjoy high-speed internet.