IEPasswordDecryptor is the free tool to quickly and easily recover stored passwords from Internet Explorer.It can recover both Autocomplete and HTTP basic authentication based passwords from IE secret store.It also presents ‘IE history manager’ interface which not only displays the contents of IE history in detail but also provides the option to add/remove websites with ease.

Newer version presents the enhanced look & feel with cool button interface as shown below…

For more information and to download,  visit the IEPasswordDecryptor main page….

.

Spyware Analytics Forum, the division of EvilFingers empire is released to public now. The main aim of this forum is to provide an interface for home & enterprise users to interact with security professionals. Most users do not really get a chance to directly interact with professionals who can really solve their issues. Spyware Analytics is created to fix this gap and to help people fix malware or spyware issues.

In addition to normal forum activities, it also hosts pathora of articles pertaining to latest happenings in security arena. So you have every reason to join no matter if you are computer user, professional or security geek…

It also provides wide and strong platform for security nerds to contribute and make their mark before they fade away in the darkness of the life.

Click here to join the SpywareAnalytics Forum now

.

ChromePasswordDecryptor, the free tool to recover web sign-on secrets (username/passwords) stored by Google Chrome is now looks even better with cooler interface.  New version comes the buttons with image icons which enhances over all look & feel as shown in the screen shot below.

Also it provides additional export option to save the recovered password list to TEXT file.

For more information about how it works and to download, visit the ChromePasswordDecryptor home page.

.

SQL Injection is one of the most popular web attacks that the security world has ever witnessed since the evolution of Internet. Till date it remains one of the less understood vulnerability from web security perspective as indicated by growing number of SQL injection attacks.

In this direction, this book is set to clear apart those short comings and present real facts about the insecurities surrounding the  SQL Injection.

Here is the table of contents…

Chapter 1: What is SQL Injection?
Chapter 2: Testing for SQL Injection
Chapter 3: Reviewing Code for SQL Injection
Chapter 4: Exploiting SQL Injection
Chapter 5: Blind SQL Injection Exploitation
Chapter 6: Exploiting the Operating System
Chapter 7: Advanced Topics
Chapter 8: Code-Level Defenses
Chapter 9: Platform-Level Defenses
Chapter 10: References

The book starts with describing various SQL Injection attack scenarios from different angles covering multiple operating systems. Also it covers different type of SQL Injection attacks in detail which makes it easy to understand. Rest of the book deals with defenses at different level, starting from development to deployment. Chapter 8 explains static analysis of code using the tools for identifying and preventing SQL injection vulnerabilities at the root itself.  Chapter 9 focuses on putting up defenses on different operating systems and for various type of databases including MsSQL, MySQL, Oracle etc.

Compared to any of the books produced so far, this book does real justice to the subject by comprehensively explaining both sides of the game, the attacking & defending against the SQL injection.

Written by the experts the book covers from basic to advanced levels and it is highly recommended for any one involved in the web security.

Ebook Link – http://rs59.rapidshare.com/files/293360186/1597494240.pdf

.

Sniffing the neighbor’s passwords on the network was an age old stuff and every hacker would have done it at some point of time using tools such as Dsniff, cain & abel etc. Now you can record and listen to your neighbor’s  phone calls too using the tool called UCSniff. Not just calls, you can even view the video conversations done through IP Video.

UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping.

Here is the video demonstration created by Nishant, the security researcher which illustrates how any one on the network can easily sniff your VoIP/Video conversations transparently.

UCSniff supports wide range of popular protocols and can be run on multiple platforms including Windows & Linux.

So next time when your manager says pissa pissa on the phone, you know what he is upto…!

The newer version of SpyDLLRemover v3.2 now support removal malicious DLL from system processes on Vista/Win7 platforms. Starting with Vista, Windows has introduced the session separation feature which prevents processes in one session interacting with process in another session.

Normally all system processes including services live in session 0. All user session starts with session 1. So even though any process is running as administrator it cannot create remote thread, hence cannot inject/free DLL from system processes because of the session separation concept.

SpyDLLRemover uses advanced DLL removal technique to remove spy DLL from remote process. However due to this session restriction it was not able to remove DLL from system processes. Often spywares hide themselves in the system processes so as to be evade suspicion of user. In that context such a limitation was in fact boon for those spywares.

But stars have changed in the sky. The new version of SpyDLLRemover now comes with a support to remove DLL from any system process across session boundaries thus breaking all those restrictions imposed by Vista/Win7.

Now even if malware is hiding its DLL in the system process such as Lsass.exe or Winlogon.exe, it cannot escape from SpyDLLRemover any more…!

.

NetworkPasswordDecryptor is the free tool to instantly recover the network passwords stored in the ‘Credential Store’ of Windows. Not only Windows uses it to store network authentication passwords, but also other applications such as Outlook, Windows Live Messenger, Remote Destktop, Gmail Notifier etc uses it for storing their login passwords.

NetworkPasswordDecryptor can recover following passwords on all versions of Windows starting from XP to Windows 7.

• All network authentication passwords.
• Basic/Digest authentication passwords stored by Internet Explorer
• Google login password stored by GMail Notifier
• Remote Desktop stored passwords.
• Exchange server login passwords stored by Outlook.
• Login passwords of Windows Live Messenger

To understand how NetworkPasswordDecryptor decrypts these network passwords,  refer to following research article

‘Exposing the Secret of Decrypting Network  Passwords’

This research article presents the crypto techniques required to decode and decrypt all such network based passwords from Windows ‘Credential Store’.

.

Here comes the Google’s turn to offer bounty for hackers finding bugs in Chrome. As per the latest post “Encouraging More Chromium Security Research” on its official blog of Chrome,  Google has decided to follow the practice of Microsoft and other organizations to reward the security researchers.

For every Security vulnerability found in Chrome,  Google will be offering cash reward of $500 and  if that bug turns out to be critical then it can go upto $1337 (magic number ).  Even more, Google is willing to offer permanent position for security researcher in its Mountain View office at CA.

This is wise step from Google to get the attention of security researchers and make them work for its products.

However I wonder when third party organizations such as iDefense, Tipping Point offering bigger bounties for hackers why some one will settle for mere $500 …!

Windows uses registry to store every user and policy configuration on the system. One can directly tweak anything in the registry to alter any of the  system settings. However not all registry keys are visible when viewed through default registry editor (regedit.exe).  Especially some of the security and core system related keys are hidden from user. Even administrator cannot see these special keys.

Here are some of the such hidden registry keys

HKEY_LOCAL_MACHINE\SECURITY

HKEY_LOCAL_MACHINE\SAM

SECURITY registry key stores all the system policy and LSA secrets related information.  SAM registry key has details for user accounts along with LM/NTLM password hashes for each user.

There are many ways we can view these hidden registry keys. We can use psexec.exe tool (part of pstools package from sysinternals) to launch the regedit.exe as system account as shown below.

psexec.exe -s -i regedit.exe

Here is the screenshot showing the hidden SAM accounts through registry editor running under system account.

Another way to view these hidden keys is through IceSword, the antirootkit tool.  This beautiful tool comes with powerful registry editor using which all these hidden registry keys can be discovered easily.

Here is the screenshot below which shows Security registry key through IceSword.

.

Some times back I have written article on using Rainbow crack to recover windows passwords. This article explains how one can crack any windows user passwords in seconds instead of regular brute force approach.

In short, Rainbow crack involves comparing the password hash with precomputed hash tables called rainbow tables to find the matching plain text password.  As it involves just look up process instead of on the fly brute force cracking, it takes very very less time to crack the password.

To recover the password, you just need to retrieve the password hash as explained in this article and submit it to online rainbow cracking service.

There are lot of websites which offer free online rainbow cracking services.Here are few good ones…..

http://cracker.offensive-security.com/index.php (best one)
http://lmcrack.com/
http://cracker.offensive-security.com/index.php
http://plain-text.info/add/
http://hashcrack.com/index.php
http://www.milw0rm.com/cracker/insert.php

Now you don’t have to wait for days together with half hope to get back your lost password

.