Nytro Posted July 20, 2012 Report Posted July 20, 2012 [h=1]ClubHACK Magazine July 2012![/h] July 20, 2012 By MayureshClubHACK has released the July 2012 version of their magazine. It is the first Indian “Hacking” Magazine. This 30th issue discusses topics such as PHP shells, DirBuster, Secure Android Coding and much more.[h=2]Contents of ClubHACK Magazine July 2012:[/h]Tech Gyan: PHP Shells PHP shells are used by Blackhats to maintain persistence into a compromised machine, typically a webserver. A “shell” is the common name given to a Command Line Interface (CLI) used to interact with the Operating System, even at low level. The usage requires the knowledge of a discrete set of commands that are often different among different Operating Systems (e.g. Unix/DOS). After a successful breach into a vulnerable system, the attacker could adopt a “Shell” as a payload in order to taking control of the victim system.Legal Gyan: Section 66E – Punishment for violation of Privacy Policy In some of the latest articles we have focused on the areas of data privacy, due diligence to be observed by the companies handling sensitive personal data, etc. But, not much has been spoken/written on violation of person’s privacy. I.e. ensuring privacy on an individual at the places where he/she under the normal circumstances expects to be in a private environment.Tool Gyan: OWASP DirBuster – Bruteforcing the Web DirBuster is a multi-threaded Java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these. This tool is written by James Fisher and now an OWASP’s Project, licensed under LGPL.Mom’s Guide: Private Browsing While trying to read what “private browsing” means, I came across its page in Wikipedia. It has a very interesting definition. It reads as follows: Privacy mode or “private browsing” is a term that refers to privacy features in some web browsers. Historically speaking, web browsers store information such as browsing history, images, videos and text within cache. In contrast, privacy mode can be enabled so that the browser does not store this information for selected browsing sessions.Code Gyan: Basics of Android Secure Coding Android is an OS designed for Smart phones. The phones are meant for office productivity apps, games, social networks etc. The phone comes pre-installed with a selection of system applications, e.g., phone dialer, address book, but the platform gives ample opportunities for the developers to create their own applications and publish into the huge android market, so called the “Play Store”.Matriux Vibhag: MITM with Ettercap Hello readers, we are back with our tutorials on Matriux, due to some unwanted circumstances we weren’t able to be a part of last month’s issue. However we promise to provide our continued support and help to the users. This month we are going to cover a basic tutorial of Man-In-The-Middle (MITM) attack using Ettercap by ARP spoofing technique.Special Feature: Impact of Cybercrime on Businesses IT security is more important for businesses than ever. A study that was carried out by the Ponemon Institute has revealed that businesses lacking in IT security could be losing over £200,000. The study, entitled “Impact of Cybercrime on Businesses”, surveyed 2,618 C-level IT security and executive personnel with the aim of finding out what everyone has in common. The survey spanned the United States, United Kingdom, Hong Kong, Brazil and Germany. It was found that in the latter country, cyber-attacks cost businesses more than anywhere else, with the average cost being around $298,359. The average cost that cyber-attacks will have on companies in the United States is $276,671, if they are successfully carried out.Download:http://chmag.in/issue/jul2012.pdfSursa: 'ClubHACK Magazine July 2012!' — PenTestIT Quote
