“Cat Techie” book written by vaidehi sachin aka Cat Techie, journalist’s journey in hackers world. Online edition of cat techie available on www.cattechie.com. This is the best book, read and responded with maximum hits. Cattechie is hacker and Journalist.

“Cat Techie” book written by vaidehi sachin aka Cat Techie, journalist’s journey in hackers world. Online edition of cat techie available on www.cattechie.com. This is the best book, read and responded with maximum hits. Cattechie is hacker and Journalist.

Vaidehi Sachin aka Cat Techie the writer of Cyber terror, a favorite target of Indian Hackers..

Now days every day an average 10 to 15 news satiating, a stunning exposure on Sonia Gandhi’s secret billions in Swiss banks came, surprisingly, from Switzerland itself, where the world’s corrupt stash away their booty. In its issue of November 19, 1991, Schweizer Illustrierte, the most popular magazine of Switzerland, did an exposé of over a dozen politicians of the third world, including Rajiv Gandhi, who had stashed away their bribe monies in Swiss banks. Schweizer Illustrierte, not a rag, sells some 2,15,000 copies and has a readership of 9,17,000 — almost a sixth of Swiss adult population. …blab la bla

The writer and the promoter tried his level best to talk and write about this family and the members, you Google about Rahul Gandhi Rape case, you will be surprised to see the kind of news written about him bust yet I am sure no one ever heard about it, just because we are blessed with wisdom and freedom to blog and spread news without being made answerable, that does not mean one should misuse the liberty given to an individual. We the human being are big hypocrites, maligning image of some known prospering personality gives us immense pleasure, but in the end we remain like fools.

Tell me how does that made difference to Sonia Gandhi’s life? Could you succeed in stalling Rahul Gandhi’s fate and carrier? When Amitab Bachan twitted about Aaishvarya Rai’s pregnancy, instead of enjoying and blessing the young couple we were busy circulating nasty messages. Whenever a new movie in Bollywood gets released we try to find out from which Hollywood movie this is copied, but that never affects the box office hit or collections. we become critics but fallow that subject most honestly as if some one assigned us to do so or, as if we are paid for it.

Maria Susairaj was release in murder case, many people arranged rallies, some created chaos in her press conference, some gave interviews on National Tv, all were against the verdict, but one Ram Gopal Verma stood by her and asked “people those are saying she had sex with Neeraj Gover, and called Jerom to kill him, were really present under the bed of Maria? If everyone claims to have so much evidence and knowledge about the crime which was not done in presence of anyone, even police failed to prove what they said during investigations, then why these so called moral custodians should make noise over the issue? That means you have no faith over judiciary and law order, if you don’t have faith then do you have any options to change it or slam it? No, you don’t have that, because your credentials are not crystal clear. When rapist Madhur Bhandarkar and Shainy Ahooja were prosecuted for rape this same Ashok Pandit rent -a -protestor stood by them by telling media how innocent the rapists are, in maria’s case why he had to go against? this was just a publicity stunt to come in lime light. Maria is weaker section yet very infamous and the other two strong infamous can get work for Pandit. They gave him opportunities to work in their films, this is the irony of these so called social custodians. if a so called crusader is so diplomatic and false then whom to blame?
Why no one stood so strongly when J’Day was murdered? Where were these page3 guys needed publicity they used to lick his boots for coverage? that time he was alive. More over the reason is simple standing for J Day means standing against authorities and police. J’ Day is gone that’s why his utility is zero for these so called custodians.

same had happened with Anna Hazare,initially all supported him and now they doubt his stand.Advaniji was made reason for worst conditions of BJP. New term saffron terror is established when Hindus stood in thier own protection.

What kind of world we are living in? What kind of morals we are setting? What are we actually trying to prove?

Nothing, but just fooling ourselves by mud shilling on others. Any ways how will that make any difference to other life? You are wasting your energy is false things they are progressing day by day, who cares about you and your stupid agenda and statements?

Same is happening here with me, I wrote a book Cyber Terror, that time I was quite new to this area of research, and Hackers were acquaintance for me, my co author provided me 70 % of content, published in the book, and that I clearly mentioned in my books first five pages, but some so called attrition making undue issue over this and the guys those cutting pasting and promoting these links have no capacity to even write few words on their own are circulating it all over.wait for my new book I will give you enough chance to make cheos.

any ways by doing all this ,How does that made difference to me and Ankit Fadia? Ankit's books still sold like hot cake, and now people are rushing in my office to see what sort of content made controversy? you are not stoppoing anyone you are provocking readers to have look at my book..You must be aware of the fact, that controversy always pays in present time. Please dont make me famous.

You cannot change anyone’s fait, may god bless you with some more wisdom.

Vaidehi Sachin aka Cat Techie the writer of Cyber terror, a favorite target of Indian Hackers..

Now days every day an average 10 to 15 news satiating, a stunning exposure on Sonia Gandhi’s secret billions in Swiss banks came, surprisingly, from Switzerland itself, where the world’s corrupt stash away their booty. In its issue of November 19, 1991, Schweizer Illustrierte, the most popular magazine of Switzerland, did an exposé of over a dozen politicians of the third world, including Rajiv Gandhi, who had stashed away their bribe monies in Swiss banks. Schweizer Illustrierte, not a rag, sells some 2,15,000 copies and has a readership of 9,17,000 — almost a sixth of Swiss adult population. …blab la bla

The writer and the promoter tried his level best to talk and write about this family and the members, you Google about Rahul Gandhi Rape case, you will be surprised to see the kind of news written about him bust yet I am sure no one ever heard about it, just because we are blessed with wisdom and freedom to blog and spread news without being made answerable, that does not mean one should misuse the liberty given to an individual. We the human being are big hypocrites, maligning image of some known prospering personality gives us immense pleasure, but in the end we remain like fools.

Tell me how does that made difference to Sonia Gandhi’s life? Could you succeed in stalling Rahul Gandhi’s fate and carrier? When Amitab Bachan twitted about Aaishvarya Rai’s pregnancy, instead of enjoying and blessing the young couple we were busy circulating nasty messages. Whenever a new movie in Bollywood gets released we try to find out from which Hollywood movie this is copied, but that never affects the box office hit or collections. we become critics but fallow that subject most honestly as if some one assigned us to do so or, as if we are paid for it.

Maria Susairaj was release in murder case, many people arranged rallies, some created chaos in her press conference, some gave interviews on National Tv, all were against the verdict, but one Ram Gopal Verma stood by her and asked “people those are saying she had sex with Neeraj Gover, and called Jerom to kill him, were really present under the bed of Maria? If everyone claims to have so much evidence and knowledge about the crime which was not done in presence of anyone, even police failed to prove what they said during investigations, then why these so called moral custodians should make noise over the issue? That means you have no faith over judiciary and law order, if you don’t have faith then do you have any options to change it or slam it? No, you don’t have that, because your credentials are not crystal clear. When rapist Madhur Bhandarkar and Shainy Ahooja were prosecuted for rape this same Ashok Pandit rent -a -protestor stood by them by telling media how innocent the rapists are, in maria’s case why he had to go against? this was just a publicity stunt to come in lime light. Maria is weaker section yet very infamous and the other two strong infamous can get work for Pandit. They gave him opportunities to work in their films, this is the irony of these so called social custodians. if a so called crusader is so diplomatic and false then whom to blame?
Why no one stood so strongly when J’Day was murdered? Where were these page3 guys needed publicity they used to lick his boots for coverage? that time he was alive. More over the reason is simple standing for J Day means standing against authorities and police. J’ Day is gone that’s why his utility is zero for these so called custodians.

same had happened with Anna Hazare,initially all supported him and now they doubt his stand.Advaniji was made reason for worst conditions of BJP. New term saffron terror is established when Hindus stood in thier own protection.

What kind of world we are living in? What kind of morals we are setting? What are we actually trying to prove?

Nothing, but just fooling ourselves by mud shilling on others. Any ways how will that make any difference to other life? You are wasting your energy is false things they are progressing day by day, who cares about you and your stupid agenda and statements?

Same is happening here with me, I wrote a book Cyber Terror, that time I was quite new to this area of research, and Hackers were acquaintance for me, my co author provided me 70 % of content, published in the book, and that I clearly mentioned in my books first five pages, but some so called attrition making undue issue over this and the guys those cutting pasting and promoting these links have no capacity to even write few words on their own are circulating it all over.wait for my new book I will give you enough chance to make cheos.

any ways by doing all this ,How does that made difference to me and Ankit Fadia? Ankit's books still sold like hot cake, and now people are rushing in my office to see what sort of content made controversy? you are not stoppoing anyone you are provocking readers to have look at my book..You must be aware of the fact, that controversy always pays in present time. Please dont make me famous.

You cannot change anyone’s fait, may god bless you with some more wisdom.

We the Indian Cyber Army.

Indian Cyber Army has committed what you would call ‘cyber-attacks’ in protest against several military contractors, companies, lawmakers, and governments, and has continuously sought to fight against threats to our freedoms on the Internet. And since you consider state control of the Internet to be in the best interest of the various nations of your military alliance, you therefore consider us a potential threat to international security.
So we would like to make it clear that we, in reality, pose no threat to the people of your nations. Indian Cyber Army is not a reckless swarm attacking the websites of governments and companies out of hatred or spite. We fight for freedom. For ourselves, and the people of the world, we seek to preserve the liberty granted to the millions of people who have found it on the Internet. We care not whether the actions we have taken in this struggle have complied with laws of the India or any other country. What your lot fails to understand is that we live in cyberspace. The only laws that apply are the laws set forth by our individual consciences. We break your nations’ laws when we recognize those laws to stand between the people and their freedom. Indian Cyber Army is not simply „a group of super hackers”. Indian Cyber Army is the embodiment of freedom on the web.
Indian Cyber Army will live on.

We the Indian Cyber Army.

Indian Cyber Army has committed what you would call ‘cyber-attacks’ in protest against several military contractors, companies, lawmakers, and governments, and has continuously sought to fight against threats to our freedoms on the Internet. And since you consider state control of the Internet to be in the best interest of the various nations of your military alliance, you therefore consider us a potential threat to international security.
So we would like to make it clear that we, in reality, pose no threat to the people of your nations. Indian Cyber Army is not a reckless swarm attacking the websites of governments and companies out of hatred or spite. We fight for freedom. For ourselves, and the people of the world, we seek to preserve the liberty granted to the millions of people who have found it on the Internet. We care not whether the actions we have taken in this struggle have complied with laws of the India or any other country. What your lot fails to understand is that we live in cyberspace. The only laws that apply are the laws set forth by our individual consciences. We break your nations’ laws when we recognize those laws to stand between the people and their freedom. Indian Cyber Army is not simply „a group of super hackers”. Indian Cyber Army is the embodiment of freedom on the web.
Indian Cyber Army will live on.

LulzSec - You are missed by your fans

From past 55 days Media is reporting on the LulzSec activities. Most of the time there were just our silly press statements other than the facts. Lulz Security, more commonly referred to as LulzSec. It’s been a long 50- days for the Lulz Boat, those fun-loving hackers sailing under the Twitter handle of LulzSec, their message use to end with love all, love more and some time love. If you are on twitter, I am sure you must have witnessed the funny and humorous messages by them, no hard words no grief, just humor. No, new was the way in which this hacking group kept the media waiting on their every breach, joke and, importantly, tweet. Tweeting out announcements, upcoming targets, jokes and more, LulzSec, has almost 282,000 followers at the time of writing – a figure which has rocketed up in recent weeks. But now I am sure you all must be missing that. Actually they did biggest mistake being too much vocal on social networking sites. LulzSec have taken a lot of joy from tweeting about all the times they’ve supposedly been exposed, only to remain online. The core members – Topiary, Sabu and Kayla were tweeted a lot and that’s how they gave their rivals a tip off to reach them.

This ‘hacktivist’ group was not new - let’s not forget the Anonymous crowd which LulzSec. This group received widespread attention by engaging in “Denial of Service” (Dos) attacks on companies which acted against WikiLeaks. The young hackers group really had huge fan fallowing and liking, they were much more famous than Anonymous. And there are no doubt the half-dozen hackers who make up LulzSec took real interest in the mainstream media’s coverage of their work, as leaked chat logs. Yet the more they attacked, the more they talked it up, and the more enemies they made, and even more the fan fallowing. LulzSec formerly associated with Anonymous. LulzSec also urged fellow hackers with similar agendas to join the “revolution” against large Government bodies and corporations, referring to the spate of attacks recently carried out by LulzSec in some kind of collaboration with the much larger hacking group called Anonymous. Representing a new generation of activists, who use the internet as their grounds of battle, the LulzSec represent the newest group of “hacktivists” who’ve come into the limelight for data theft through cyber attacks. Cyber attacks, and related data and/or identity theft have become increasingly common, with a major such incident being reported every other week.

The attacks, termed by Anonymous as being part of a much larger “Operation Payback”, have come in retaliation to online file-sharing and restrictions on downloading by companies and authorities. InfraGard, an information- sharing organization of companies that collaborates with the FBI towards curbing cyber crime has also reportedly been attacked by LulzSec. LulzSec's campaign was designed to take down corruption in governments globally as well as big business. With recent hacks and announcements, it hardly seemed like LulzSec would ever slow down. Earlier, the group had hacked the U.S. Senate, the CIA, an FBI-affiliated website, PBS, Sony and much more. Those seemed random and chaotic. The group even opened what amounted to a dial-a-hack hotline, asking folks to call with hack suggestions.

In their farewell post, the group admitted it was a small group of hackers: six, in fact. However, it also gave up a huge amount of booty. LulzSec also implied its efforts ended after 50 long days, why would LulzSec quit so suddenly? Earlier in the week, 19-year-old Ryan Cleary was arrested by Scotland Yard. While LulzSec denied he was a member, rival group Team Poison said he was, and Team Poison also promised to expose the identities of the remaining LulzSec members. It's unclear if this is real, but LulzSec made the announcement on its Twitter feed. And they announced their retirement…

Their face book fans, twitter followers all missing them, they never thought of such a painful farewell to their beloved hackers group LulzSec.

Any ways I am verymuch sure, LulzSec retired but the group will definitely emerge in some other Avatara..

Guys your fans missing you..Come back in whichever way you can..

Every revolution has hard path and strong obstacles.

You re cyber warriors, come back with ban

LulzSec - You are missed by your fans

From past 55 days Media is reporting on the LulzSec activities. Most of the time there were just our silly press statements other than the facts. Lulz Security, more commonly referred to as LulzSec. It’s been a long 50- days for the Lulz Boat, those fun-loving hackers sailing under the Twitter handle of LulzSec, their message use to end with love all, love more and some time love. If you are on twitter, I am sure you must have witnessed the funny and humorous messages by them, no hard words no grief, just humor. No, new was the way in which this hacking group kept the media waiting on their every breach, joke and, importantly, tweet. Tweeting out announcements, upcoming targets, jokes and more, LulzSec, has almost 282,000 followers at the time of writing – a figure which has rocketed up in recent weeks. But now I am sure you all must be missing that. Actually they did biggest mistake being too much vocal on social networking sites. LulzSec have taken a lot of joy from tweeting about all the times they’ve supposedly been exposed, only to remain online. The core members – Topiary, Sabu and Kayla were tweeted a lot and that’s how they gave their rivals a tip off to reach them.

This ‘hacktivist’ group was not new - let’s not forget the Anonymous crowd which LulzSec. This group received widespread attention by engaging in “Denial of Service” (Dos) attacks on companies which acted against WikiLeaks. The young hackers group really had huge fan fallowing and liking, they were much more famous than Anonymous. And there are no doubt the half-dozen hackers who make up LulzSec took real interest in the mainstream media’s coverage of their work, as leaked chat logs. Yet the more they attacked, the more they talked it up, and the more enemies they made, and even more the fan fallowing. LulzSec formerly associated with Anonymous. LulzSec also urged fellow hackers with similar agendas to join the “revolution” against large Government bodies and corporations, referring to the spate of attacks recently carried out by LulzSec in some kind of collaboration with the much larger hacking group called Anonymous. Representing a new generation of activists, who use the internet as their grounds of battle, the LulzSec represent the newest group of “hacktivists” who’ve come into the limelight for data theft through cyber attacks. Cyber attacks, and related data and/or identity theft have become increasingly common, with a major such incident being reported every other week.

The attacks, termed by Anonymous as being part of a much larger “Operation Payback”, have come in retaliation to online file-sharing and restrictions on downloading by companies and authorities. InfraGard, an information- sharing organization of companies that collaborates with the FBI towards curbing cyber crime has also reportedly been attacked by LulzSec. LulzSec's campaign was designed to take down corruption in governments globally as well as big business. With recent hacks and announcements, it hardly seemed like LulzSec would ever slow down. Earlier, the group had hacked the U.S. Senate, the CIA, an FBI-affiliated website, PBS, Sony and much more. Those seemed random and chaotic. The group even opened what amounted to a dial-a-hack hotline, asking folks to call with hack suggestions.

In their farewell post, the group admitted it was a small group of hackers: six, in fact. However, it also gave up a huge amount of booty. LulzSec also implied its efforts ended after 50 long days, why would LulzSec quit so suddenly? Earlier in the week, 19-year-old Ryan Cleary was arrested by Scotland Yard. While LulzSec denied he was a member, rival group Team Poison said he was, and Team Poison also promised to expose the identities of the remaining LulzSec members. It's unclear if this is real, but LulzSec made the announcement on its Twitter feed. And they announced their retirement…

Their face book fans, twitter followers all missing them, they never thought of such a painful farewell to their beloved hackers group LulzSec.

Any ways I am verymuch sure, LulzSec retired but the group will definitely emerge in some other Avatara..

Guys your fans missing you..Come back in whichever way you can..

Every revolution has hard path and strong obstacles.

You re cyber warriors, come back with ban

warning to Vaidehi Sachin-Cat techie by Anonymous The Silence Broken

I was never against the real heroes of Anonymous group, I salute their courage and worship their mission and guts, I disagree their name being misused by the fakes with ill intentions and in power greed. I disagree with and that’s the reason standing firm against them. 494 members in my friend list are Anonymous, I interact with them on regular basis, I give them each pastebin link that you create. They just laugh at your stupidity and advice me to forgive . They are the real heroes.

In the recent past the group of hackers those working on #OpIndia, are spreading rumors about Cattechie being against Anonymous Group. This is really height of nonsense and proof of cunning intentions of Indian Fake Anon group. Since the

#OpIndia started there is lots of restlessness amongst the hacker’s community. It’s not me who is against you; it’s your own community trying to expose you. There are many hackers such as Voice Of grey Hat, invisible Nandu, and many more.
You never realized why they all went against you. Whenever I go to IRC #OpIndia room, I see the guys asking about cattechie’s presence there, and they kick out one of the suspect. Not only are the cat but there many such people like cat are watching you and your funny activities.

See how you dug your own graves, the saga started from Face book page and twitter created by Mohit kumar Aka The Hackers News, he was fired by Sebastian for bringing hurdles and spreading wrong messages across about the OpIndia. Sebastian was receiving PM from one of the member against THN ( I won’t disclose the names) and this guy without giving a second thought started attacking THN randomly, and that’s how both the pages from Twitter and FB were removed. I was carefully watching the fight to analyze the situations. The guy impersonating Sebastian Michaelis tried his level best to use typical kind of language, just to pretend as some outsider, but one silly mistake of his lead to me NullCon seminar, and thus my traces made way to trace him. Any ways I am not going to expose his name in this post, then come 'Onidaz' who assumed c007 is cattechie and kicks her out. When sick asked about hacking www.amritavidyalayam.com, I was shocked to know this little fellow once Pm me on face book to hack this site I replied back saying not to touch Indian that to educational institutes. Then ‘tomgeorge’ to apposed saying the same, now this tom also gave me way to him because of his way of conversing. Then comes ‘arkangel’ his story is again quite interesting he is young student. ‘nomcat’ is the creature worked with me in the past on unite hackers project and also hacker5. H3v3n is close to my heart so no comments. These are just few names, and 50% of biggest players here are from the Unite hackers and hacker5’s initial group. Their language their conduct and their restlessness made me reach them, guys be careful there are many watch dogs working on you and you are very near to fall in the grave that you dug for yourself.
While concluding I want to tell you one more funny happening, have you ever seen in the history of Anonymous they ever used pastebin to convey their messages to hackers? Same language, same accusations and same style of taking revenge by spitting venom, this is happening since they made their exit from Hacker5 and Unite hackers. Anonymous threaten a journalist saying James Attrition is working on your fake profile, soon he will expose you, this dialog really tickled in my ribs. How stupid?

You can disguise by impersonating as Anonymous but you can never be like them. The reason is that your focus is not the nation or its betterment. It’s just greed for power; greed of being one as Anonymous and greed to create deter. This is what driven you making blunders and those blunders were quite visible and witnessed by your fellow hackers. If you are against one Cat techie there are many against you too. Its nature’s law, when you use your skills and potentials for wrong reason, you have to pay for it.

Go through the fallowing links, interesting pastebin culture of Hackers.

http://www.invisblenandu.com/2011/06/message-to-india-hacker-by-anonextreme.html

http://pastebin.com/Bn699keB

http://www.voiceofgreyhat.com/2011/06/vogh-released-their-1st-magazine-op.html

https://www.facebook.com/media/set/?set=a.102355269837287.3873.100001884429440

http://pastebin.com/JSGPZ56P

http://pastebin.com/4K6Yf2z2

This post will continue in seven parts and end with an evident “curtain raiser” that’s my promise. Attacks on journalists are common phenomena. All investigative journalists had to pay for bringing out the hidden crime and for exposing the evils of this country. I am really lucky till now you Hackers just sabotaged me virtually; but recently we lost our senior journalist in Mumbai, who was killed for exposing underworld and political nexus. I won’t be surprised even if this happens with me.

Any ways don’t forget to read...............

Why congress, Rahul and Sonia Gandhi on target?

Are they Hindu group supporters? their origin.

Why some of them planning to attack media?

Who wants collages site to be down?

Why pastebin and who they are? the frustration and helpless fake Anons.

Why this operation may end in bad shape? who is watching them?

While signing off, I recollect a story told by ma granny…please watch it and get the moral of it..

http://www.youtube.com/watch?v=QfWl_I1OKI8

till then enjoy more paste been links,blogs, and even animations. i am happy being a subject of writing. their English is really improving day by day, if not Anonymous but one day they can establish themselves as good writers.So many hackers made posts, animations, fake profiles, strategies, groups etc etc..just to defeat on poor stupid Cat.I consider them as my promoters, and wish them luck.

I WAS NEVER AGAINST ANY HACKER OR ANONYMOUS, I WAS AGAINST THE WOLFS IN SHEEP'S CLOTHING

warning to Vaidehi Sachin-Cat techie by Anonymous The Silence Broken

I was never against the real heroes of Anonymous group, I salute their courage and worship their mission and guts, I disagree their name being misused by the fakes with ill intentions and in power greed. I disagree with and that’s the reason standing firm against them. 494 members in my friend list are Anonymous, I interact with them on regular basis, I give them each pastebin link that you create. They just laugh at your stupidity and advice me to forgive . They are the real heroes.

In the recent past the group of hackers those working on #OpIndia, are spreading rumors about Cattechie being against Anonymous Group. This is really height of nonsense and proof of cunning intentions of Indian Fake Anon group. Since the

#OpIndia started there is lots of restlessness amongst the hacker’s community. It’s not me who is against you; it’s your own community trying to expose you. There are many hackers such as Voice Of grey Hat, invisible Nandu, and many more.
You never realized why they all went against you. Whenever I go to IRC #OpIndia room, I see the guys asking about cattechie’s presence there, and they kick out one of the suspect. Not only are the cat but there many such people like cat are watching you and your funny activities.

See how you dug your own graves, the saga started from Face book page and twitter created by Mohit kumar Aka The Hackers News, he was fired by Sebastian for bringing hurdles and spreading wrong messages across about the OpIndia. Sebastian was receiving PM from one of the member against THN ( I won’t disclose the names) and this guy without giving a second thought started attacking THN randomly, and that’s how both the pages from Twitter and FB were removed. I was carefully watching the fight to analyze the situations. The guy impersonating Sebastian Michaelis tried his level best to use typical kind of language, just to pretend as some outsider, but one silly mistake of his lead to me NullCon seminar, and thus my traces made way to trace him. Any ways I am not going to expose his name in this post, then come 'Onidaz' who assumed c007 is cattechie and kicks her out. When sick asked about hacking www.amritavidyalayam.com, I was shocked to know this little fellow once Pm me on face book to hack this site I replied back saying not to touch Indian that to educational institutes. Then ‘tomgeorge’ to apposed saying the same, now this tom also gave me way to him because of his way of conversing. Then comes ‘arkangel’ his story is again quite interesting he is young student. ‘nomcat’ is the creature worked with me in the past on unite hackers project and also hacker5. H3v3n is close to my heart so no comments. These are just few names, and 50% of biggest players here are from the Unite hackers and hacker5’s initial group. Their language their conduct and their restlessness made me reach them, guys be careful there are many watch dogs working on you and you are very near to fall in the grave that you dug for yourself.
While concluding I want to tell you one more funny happening, have you ever seen in the history of Anonymous they ever used pastebin to convey their messages to hackers? Same language, same accusations and same style of taking revenge by spitting venom, this is happening since they made their exit from Hacker5 and Unite hackers. Anonymous threaten a journalist saying James Attrition is working on your fake profile, soon he will expose you, this dialog really tickled in my ribs. How stupid?

You can disguise by impersonating as Anonymous but you can never be like them. The reason is that your focus is not the nation or its betterment. It’s just greed for power; greed of being one as Anonymous and greed to create deter. This is what driven you making blunders and those blunders were quite visible and witnessed by your fellow hackers. If you are against one Cat techie there are many against you too. Its nature’s law, when you use your skills and potentials for wrong reason, you have to pay for it.

Go through the fallowing links, interesting pastebin culture of Hackers.

http://www.invisblenandu.com/2011/06/message-to-india-hacker-by-anonextreme.html

http://pastebin.com/Bn699keB

http://www.voiceofgreyhat.com/2011/06/vogh-released-their-1st-magazine-op.html

https://www.facebook.com/media/set/?set=a.102355269837287.3873.100001884429440

http://pastebin.com/JSGPZ56P

http://pastebin.com/4K6Yf2z2

This post will continue in seven parts and end with an evident “curtain raiser” that’s my promise. Attacks on journalists are common phenomena. All investigative journalists had to pay for bringing out the hidden crime and for exposing the evils of this country. I am really lucky till now you Hackers just sabotaged me virtually; but recently we lost our senior journalist in Mumbai, who was killed for exposing underworld and political nexus. I won’t be surprised even if this happens with me.

Any ways don’t forget to read...............

Why congress, Rahul and Sonia Gandhi on target?

Are they Hindu group supporters? their origin.

Why some of them planning to attack media?

Who wants collages site to be down?

Why pastebin and who they are? the frustration and helpless fake Anons.

Why this operation may end in bad shape? who is watching them?

While signing off, I recollect a story told by ma granny…please watch it and get the moral of it..

http://www.youtube.com/watch?v=QfWl_I1OKI8

till then enjoy more paste been links,blogs, and even animations. i am happy being a subject of writing. their English is really improving day by day, if not Anonymous but one day they can establish themselves as good writers.So many hackers made posts, animations, fake profiles, strategies, groups etc etc..just to defeat on poor stupid Cat.I consider them as my promoters, and wish them luck.

I WAS NEVER AGAINST ANY HACKER OR ANONYMOUS, I WAS AGAINST THE WOLFS IN SHEEP'S CLOTHING

Investigative Journalists are soft targets

After J Dey’s death, silent moments, pain and tears and whispers are visible. 24 hours have already passed since Dey’s departure, yet the police are clueless about his death. Dey's funeral was an emotional farewell. So many questions around, so much of grief, insecurity, pain was in ambience. Shameless police and politicians marked their presence by facing media cameras but there was no hitch of regret on their face. Condolence messages kept pouring from media house to media house. There was competition in sending fax and smses to media. Finally, a journalist’s death too was encashed by these hypocrites for their own publicity. None of them is worried about the police and home department that is clueless about the crime. It was difficult to believe that their buddy left this world forever. He was shot from close distance and police are still clue less about the unknown assailants. How can this government and police department can just let go such issue? Now they think that journalists should be provided with security but what about the past? Who will compensate for J Dey’s death? A large number of media persons had turned up to pay their last respects to the senior journalist. Dey is survived by his wife Shubha Sharma and mother. Looking at his family I had experienced pain in my ribs. I started wondering that this could happen to my family too for bringing out the truth. A journalist is always a soft target.

In broad daylight city like Mumbai where we boast about better law and order, anyone can take anybody’s life and escape clueless. The Maharashtra government swung into action, ordering special police teams to probe Dey’s death. Will they be really investigating the issue? Do you thing can we ever get to know the real criminal? Despite being compared with Scotland Yard police, the Mumbai police continue to be clueless about the crime. State Home Minister R R Patil, Mumbai Police Commissioner Arup Patnaik, Joint Commissioner of Police (Crime) Himanshu Roy, Joint Commissioner of Police (Law and order) Rajnish Seth and several senior government officers should be answerable for this incidence. Our dumb Chief Minister directed Patnaik to arrest the culprits involved in Mr Dey’s murder but where can the murderer be nabbed? He also has failed to mention whom to be held responsible for this case? Always an eye wash, god knows for how long?

J Dey had been receiving death threats and police were aware about it. How come Chief Minister failed to provide police protection for Dey? The government has provided security to Dey’s family at a time when it has lost it bread winner. It very unfortunate, the Home Minister could have acted and provided security to the crime journalist before he was gunned down. Now what is the use of plan for journalists' protection? Senior NCP leader and PWD Minister Chhagan Bhujbal said that it was very important to get the culprits behind bars. It’s true Mr Bhujbal but how can we put the accused behind bars? Just by giving mere political statements to media or by exercising your powers to really nab a culprit? How can you all ministers become so shameless to come in front of camera and still talk big. The manner in which bullets were pumped into Dey’s body, no law could have helped him at that time. The relevant department will look into it. But whatever happened is sad, bad.

The police, meanwhile, are examining the CCTV footage of Crisil House, which is located opposite the scene of the crime. The footage, though, isn't very clear because it was raining heavily at the time of the journalist's murder. So now is there any other way? Or any other excuse for media? The post-mortem report of Dey shows that five bullets were pumped into his body and one bullet that hit his shoulder did not come out. He died due to the bullet injury. Five bullets were pumped into his body and there was no noise? The attack on J Dey was undoubtedly an attack on the media. The police say they can’t establish a motive. Well, Dey had been covering the underworld for years; he’d written on the diesel mafia. Two leads for you, Commissioner Arup Patnaik. But we’re not surprised. The police force is flabby, too busy with rallies and subordinates’ cell phones. It, therefore, came as no surprise at all that in recent cases like the Kurar murders, the local officers did not even want to take down a complaint. Is the Mumbai police inept, poorly led, or just plain corrupt? Difficult to say.

J Dey was killed in a centrally-connected neighbourhood, in broad daylight and within walking distance of a police station. It adds up to one conclusion: in Mumbai, no one is safe. And when a citizen’s physical security cannot be guaranteed by the State, then that State has forfeited its right to govern. Bullet riddled bodies don’t make a crime reporter cringe. When I looked at J Day’s dead body I was scared, because all these days even I was doing investigative journalism, now also i am doing my reserch on Hackers, they do defametary blogging,they abuse and some times even make calls to me and threatn.

If you want to reach the fact and fight odd, then your destiny is death. It was an association that lasted right unto his death. Those were the years when J. Dey was still trying to find his footing in journalism. Enough is enough. Things need to get back on track, and we can start with the enactment of stringent provisions against those who attack the media. Or we can be one of those banana republics where dead journalists are commonplace.

Investigative Journalists are soft targets

After J Dey’s death, silent moments, pain and tears and whispers are visible. 24 hours have already passed since Dey’s departure, yet the police are clueless about his death. Dey's funeral was an emotional farewell. So many questions around, so much of grief, insecurity, pain was in ambience. Shameless police and politicians marked their presence by facing media cameras but there was no hitch of regret on their face. Condolence messages kept pouring from media house to media house. There was competition in sending fax and smses to media. Finally, a journalist’s death too was encashed by these hypocrites for their own publicity. None of them is worried about the police and home department that is clueless about the crime. It was difficult to believe that their buddy left this world forever. He was shot from close distance and police are still clue less about the unknown assailants. How can this government and police department can just let go such issue? Now they think that journalists should be provided with security but what about the past? Who will compensate for J Dey’s death? A large number of media persons had turned up to pay their last respects to the senior journalist. Dey is survived by his wife Shubha Sharma and mother. Looking at his family I had experienced pain in my ribs. I started wondering that this could happen to my family too for bringing out the truth. A journalist is always a soft target.

In broad daylight city like Mumbai where we boast about better law and order, anyone can take anybody’s life and escape clueless. The Maharashtra government swung into action, ordering special police teams to probe Dey’s death. Will they be really investigating the issue? Do you thing can we ever get to know the real criminal? Despite being compared with Scotland Yard police, the Mumbai police continue to be clueless about the crime. State Home Minister R R Patil, Mumbai Police Commissioner Arup Patnaik, Joint Commissioner of Police (Crime) Himanshu Roy, Joint Commissioner of Police (Law and order) Rajnish Seth and several senior government officers should be answerable for this incidence. Our dumb Chief Minister directed Patnaik to arrest the culprits involved in Mr Dey’s murder but where can the murderer be nabbed? He also has failed to mention whom to be held responsible for this case? Always an eye wash, god knows for how long?

J Dey had been receiving death threats and police were aware about it. How come Chief Minister failed to provide police protection for Dey? The government has provided security to Dey’s family at a time when it has lost it bread winner. It very unfortunate, the Home Minister could have acted and provided security to the crime journalist before he was gunned down. Now what is the use of plan for journalists' protection? Senior NCP leader and PWD Minister Chhagan Bhujbal said that it was very important to get the culprits behind bars. It’s true Mr Bhujbal but how can we put the accused behind bars? Just by giving mere political statements to media or by exercising your powers to really nab a culprit? How can you all ministers become so shameless to come in front of camera and still talk big. The manner in which bullets were pumped into Dey’s body, no law could have helped him at that time. The relevant department will look into it. But whatever happened is sad, bad.

The police, meanwhile, are examining the CCTV footage of Crisil House, which is located opposite the scene of the crime. The footage, though, isn't very clear because it was raining heavily at the time of the journalist's murder. So now is there any other way? Or any other excuse for media? The post-mortem report of Dey shows that five bullets were pumped into his body and one bullet that hit his shoulder did not come out. He died due to the bullet injury. Five bullets were pumped into his body and there was no noise? The attack on J Dey was undoubtedly an attack on the media. The police say they can’t establish a motive. Well, Dey had been covering the underworld for years; he’d written on the diesel mafia. Two leads for you, Commissioner Arup Patnaik. But we’re not surprised. The police force is flabby, too busy with rallies and subordinates’ cell phones. It, therefore, came as no surprise at all that in recent cases like the Kurar murders, the local officers did not even want to take down a complaint. Is the Mumbai police inept, poorly led, or just plain corrupt? Difficult to say.

J Dey was killed in a centrally-connected neighbourhood, in broad daylight and within walking distance of a police station. It adds up to one conclusion: in Mumbai, no one is safe. And when a citizen’s physical security cannot be guaranteed by the State, then that State has forfeited its right to govern. Bullet riddled bodies don’t make a crime reporter cringe. When I looked at J Day’s dead body I was scared, because all these days even I was doing investigative journalism, now also i am doing my reserch on Hackers, they do defametary blogging,they abuse and some times even make calls to me and threatn.

If you want to reach the fact and fight odd, then your destiny is death. It was an association that lasted right unto his death. Those were the years when J. Dey was still trying to find his footing in journalism. Enough is enough. Things need to get back on track, and we can start with the enactment of stringent provisions against those who attack the media. Or we can be one of those banana republics where dead journalists are commonplace.

INDIAN CYBER ARMY and FALSE Claimers

This post is dedicated to the Editor and Reporter of Deccan Chronicle .

Dear Madam thanks a lot for giving us good coverage in your esteemed news paper and encouraging our “Indian Cyber Army members” to stand by this country when ever cyber security challenges are biggest concern.

It was quite shocking when I came to know some Kislay Chaudhary called your office and questioned our integrity, No one can say that “Indian Cyber Army” is not belong to us, Even I also can’t declare that ICA is only mine because this title is been possessed by many people of this country.. Indian Cyber Army is the group of Hackers or individual from different parts of India, who care for Nation! I believe, anyone can use the name ICA, who is interested to work for Indian’s Cyber Space. Yeah, may be the way of working will be different but the aim is same. Here on our site everyone is openly invited to join us, either he/she is from India or any other country. We are “Indian Cyber Army”, that means we love Indians first and we are here for our country..

In the recent past there were people claiming for the name Indian Cyber Army. Actually this title is belongs to Indishell group and rest all are third party or they may possess this name but they are no one to stop others by using the same. Since so many months, Kislay Chaudhary and his group had tussle with Indian Hackers and they are none other than Indishell guys. Indian Cyber Army is a group of Hackers, Penetration Testers, developers, Security Experts, Programmers, and Cyber Geeks, cyber security experts, and even defacers. To deface and express their disagreement over certain patriotic issues they have been using this name and there is nothing wrong. For them Hacking is a weapon for Cyber War, they even believe in using Hacking skills for Security and Development. Without your knowledge they have secured many such Indian websites.

I have cyber security as business, but they are doing it without any commercial gains. They are not against any Country, Community, and Group. Indian Cyber Army is the open platform for everyone to come and join! They are against just against antinational elements. So what is wrong in it?

They are the members from different countries and Religions, groups. I think this is the best example of Team work where everyone is dedicatedly having concentration mission..They too don’t believe in cyber war and working underground. They believe in giving it back when some casualty comes to this nation as terror or threat. And I am sure they don’t need to prove us!

The Purpose of Indian Cyber Army is to provide security to cyber space of this country and safe guard nation’s interest. Thousands of young aspiring hackers are getting trained by them; they are the huge group with utmost integrity. Real Hackers should know to deface a website or who can root venerable servers if needed. Lucky, silent poison Atul Dwivedi I am sure these guys are good at code programs, find vulnerabilities, can write exploits and can test the every possible way to hack or secure a system.

The meaning of ICA is that, a step taken by an Indian for securing the cyber world and taking stand with best of the best persons of Cyber Field. Here ICA is not mean to only a group of 10-15 members, Even in actual, Indian Cyber Army should include every that person who is interested to be the part of National Security.

Now even we also possess the trade mark of Indian cyber Army, we have magazine titled Indian cyber Army, and even society and company registrations formalities are under progress. No one can stop us using this name or no one has right to stop anyone using this name. Not even kislay Chaudhary.

If Kislay has any issues over this title, then he can go legal and fight the battle, and that he cannot do, because he has nothing to claim. more over we also posses ICA website that is www.indiancyberarmy.info Trade mark registration can be done under any class by any one, with the same name. That does not mean the one who got trade mark; possess every right over the name or banner. Mr. Kislay chaudhary stop using cheap traits and back stabbing others. If you have any issues come across the table or go to court let judiciary take call over this subject. Stop phoning, threatening, warning and accusing people over false issues.

Sorry Manu Bharat for the inconvenience caused due to misunderstandings and unwanted claims.

Regards

Vaidehi

http://www.dc-epaper.com/Publications/DC/DCK/2011/06/07/INDEX.SHTML

INDIAN CYBER ARMY and FALSE Claimers

This post is dedicated to the Editor and Reporter of Deccan Chronicle .

Dear Madam thanks a lot for giving us good coverage in your esteemed news paper and encouraging our “Indian Cyber Army members” to stand by this country when ever cyber security challenges are biggest concern.

It was quite shocking when I came to know some Kislay Chaudhary called your office and questioned our integrity, No one can say that “Indian Cyber Army” is not belong to us, Even I also can’t declare that ICA is only mine because this title is been possessed by many people of this country.. Indian Cyber Army is the group of Hackers or individual from different parts of India, who care for Nation! I believe, anyone can use the name ICA, who is interested to work for Indian’s Cyber Space. Yeah, may be the way of working will be different but the aim is same. Here on our site everyone is openly invited to join us, either he/she is from India or any other country. We are “Indian Cyber Army”, that means we love Indians first and we are here for our country..

In the recent past there were people claiming for the name Indian Cyber Army. Actually this title is belongs to Indishell group and rest all are third party or they may possess this name but they are no one to stop others by using the same. Since so many months, Kislay Chaudhary and his group had tussle with Indian Hackers and they are none other than Indishell guys. Indian Cyber Army is a group of Hackers, Penetration Testers, developers, Security Experts, Programmers, and Cyber Geeks, cyber security experts, and even defacers. To deface and express their disagreement over certain patriotic issues they have been using this name and there is nothing wrong. For them Hacking is a weapon for Cyber War, they even believe in using Hacking skills for Security and Development. Without your knowledge they have secured many such Indian websites.

I have cyber security as business, but they are doing it without any commercial gains. They are not against any Country, Community, and Group. Indian Cyber Army is the open platform for everyone to come and join! They are against just against antinational elements. So what is wrong in it?

They are the members from different countries and Religions, groups. I think this is the best example of Team work where everyone is dedicatedly having concentration mission..They too don’t believe in cyber war and working underground. They believe in giving it back when some casualty comes to this nation as terror or threat. And I am sure they don’t need to prove us!

The Purpose of Indian Cyber Army is to provide security to cyber space of this country and safe guard nation’s interest. Thousands of young aspiring hackers are getting trained by them; they are the huge group with utmost integrity. Real Hackers should know to deface a website or who can root venerable servers if needed. Lucky, silent poison Atul Dwivedi I am sure these guys are good at code programs, find vulnerabilities, can write exploits and can test the every possible way to hack or secure a system.

The meaning of ICA is that, a step taken by an Indian for securing the cyber world and taking stand with best of the best persons of Cyber Field. Here ICA is not mean to only a group of 10-15 members, Even in actual, Indian Cyber Army should include every that person who is interested to be the part of National Security.

Now even we also possess the trade mark of Indian cyber Army, we have magazine titled Indian cyber Army, and even society and company registrations formalities are under progress. No one can stop us using this name or no one has right to stop anyone using this name. Not even kislay Chaudhary.

If Kislay has any issues over this title, then he can go legal and fight the battle, and that he cannot do, because he has nothing to claim. more over we also posses ICA website that is www.indiancyberarmy.info Trade mark registration can be done under any class by any one, with the same name. That does not mean the one who got trade mark; possess every right over the name or banner. Mr. Kislay chaudhary stop using cheap traits and back stabbing others. If you have any issues come across the table or go to court let judiciary take call over this subject. Stop phoning, threatening, warning and accusing people over false issues.

Sorry Manu Bharat for the inconvenience caused due to misunderstandings and unwanted claims.

Regards

Vaidehi

http://www.dc-epaper.com/Publications/DC/DCK/2011/06/07/INDEX.SHTML

Indian Government web-sites need attention

The Hacker collective Anonymous joined the fight against Indian corruption by hacking the site of the Indian government IT website NIC, the National Informatics Center. Ostensibly the hack was a retaliation for the government’s violence against Indian activist Baba Ramdev, who had been staging a hunger strike to protest government corruption, which the government recently disbanded with violent force. The hack, which the group claims took just three minutes, displayed the above message on the site. NIC quickly moved to take the page offline, but a cached Google page confirmed the direct hit by Anonymous. The hack comes just days after Anonymous hacked the government database of Iran, exposing private emails from that country. While no data was stolen or exposed from this latest hack in India, Anonymous’ message was clear: the corruption of institutional forces runs against individual freedom.

A statement by Anonymous said, “Over fifty years ago, Indian Freedom Fighters laid down their lives for our freedom. In the end, what was it all for? Today our politicians ride slip-shod over our laws, corruption is rampant. If the brutal way Baba Ramdev’s hunger strike was crushed is anything to go by, it would seem that India is now on its way to becoming an undemocratic ‘democracy’.”
This is something really worth giving a thought, why all of sudden ANONYMUS has to voice for Indian issues, give a thought, you hackers may realize the fact and reason behind it.

In the past, we have witnessed many of our websites being hacked including India's Central Bureau of Investigation (CBI), colleges, NGOs, Indian companies and religious organisations among others by Pakistani Hackers. And, in the recent past, ONGC website too was hacked by them. And now, there are many chances that they would target SAIL (Steel Authority of India) website as it has many vulnerabilities and can be easily hacked.

The unfortunate part is that in spite of being warned by Kaizen India Info – Sec Solutions Pvt. Ltd (A cyber security firm that is working towards making our country free from cyber threats) about the loopholes to SAIL authorities, no necessary actions have been taken so far. Similarly, Kaizen had also informed higher authorities of ONGC about the vulnerabilities in their website but they too did not pay heed to the warning and ultimately landed up getting hacked by Pakistani hackers. Sadly, whenever a website gets hacked, fingers are always pointed towards the hackers but the fact is that the website owners themselves are responsible for not taking proper care and leaving their websites open with all the loopholes inviting hackers to attack.

A tit-for-tat campaign has been in practice by groups on both Indian and Pakistani sides dating back to the late 1990s when tensions over the disputed Himalayan territory of Kashmir brought the nuclear-armed neighbours to the brink of war.

In 2009, India’s one of the biggest banks Bank of Baroda, a global bank with a network of branches in India, and an international presence in 21 countries was hacked by Pakistani hacker group called Pakbugs.

“Indians place little or no value on the kind of data individuals and organisations in many countries prefer to keep confidential, like passport and bank account details or work contracts,” Cyber Expert Vijay Mukhi said.
"Privacy is a concept not rooted in India culture. I don't think we can change that and I don't think it's going to change in my lifetime," he added.
"The government doesn't care" about protecting information online. Corporates for some reason just don't want to spend the money. They don't think it happens often. Web security is a low priority," he said.

Very recently, the website of Sony BMG has been hacked and an anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr. This kind of company websites getting hacked not only affects the company itself but also the customers. Interestingly, many of the companies are insured and thus they get their losses recovered leaving the customers to suffer.

The question that arises is who will take action against these attacks? Government has been maintaining silence even though one after the other their websites are been attacked and details are been leaked or deleted. Is our government so weak? Now, after CBI, ONGC, Bank of Baroda and many other official websites, SAIL can be the next target. Hope that the SAIL authorities are listening and would take necessary steps towards protecting their website

‘Session Hijacking’

‘Session Hijacking’ is a high level attack vector which many systems are completely open to. Most systems are vulnerable to this type of attack as most systems use Transmission Control Protocol (TCP), the standard communication protocol used on the Internet and internal Local Area Networks (LANs). This paper assumes a level of network competency by the reader to being equivalent to that of a network engineer or experienced administrator.

Background

To establish a session with a TCP server, a client must follow a structured system of packet transmissions; this system is known as the ‘3 Way Handshake’. For two TCP enabled machines to talk to each other, they must synchronize, specifically they must inform the other machine of their communication settings such as Sequence Number (SEQ) and Window size (WIN). ALL packets transmitted in a TCP connection must have a sequence number as TCP is a connection oriented protocol; every single packet has to be assigned a session unique number that will enable the receiving machine to reassemble the stream of packets back into their original and intended order. If the packets arrive out of order, as can happen regularly over the internet, then the SEQ is used to stream them correctly.


The 3 Way Handshake

The synchronization of two TCP computers has to follow a defined process, a handshake. Both machines must inform the other of communication specific settings vital to the successful transmission of data. These settings are used so that each machine knows of the other’s capabilities in handling TCP packets. The 3 way handshake, as the name suggests, has 3 parts. The following diagram shows the 3 steps in establishing a handshake, and therefore a TCP session.



The computer wishing to initiate the TCP session, the Client in the above example, transmits a packet with the SYN control bit set, a synchronize packet. This packet includes the clients ‘Initial Sequence Number’ (ISN) and ‘Window’ size (WIN).

The ISN is a pseudo-randomly generated number. It is essential to remember that the actual sequence number space is finite, although very large. This space ranges from 0 to 2^32 – 1, which equates to 4,294,967,295 (over 4 Billion) possible combinations.

Every TCP terminal has a Window size that tells the sender how many bytes it can send before the receiver will have to toss it away due to fixed input buffer size. Imagine it as a bucket of water, if you pour too much water into my bucket, it will overflow. The Window size tells both machines what the size of bucket the other has.

You may have noticed that the acknowledgement (ACK) by each machine is the received packet sequence number plus one increment. This method of acknowledgement will tell the sender the next expected TCP packet sequence number. When within the 3 way handshake, the increment value is literally 1. When inside normal data communications, the increment value is that of the data size in bytes, e.g. you transmit 38 bytes of data, the increment goes up by 38 to ACK the 38 bytes.



Again, the ACK is the next expected packet to the sent by the client.

Great! So that’s how TCP sessions are established and normal TCP communications takes place. So what is ‘Session Hijacking’?


Session Hijacking

“Session Hijacking - A method of attack which involves a third party intercepting communications in a session, or series of communications, and pretending to be one of the parties involved in the session.” http://www.cryptnet.net/fdp/crypto/crypto-dict.html#S

I do not quite agree with the above definition by cryptnet.net. As far as the receiving computer is concerned, you ARE the other party in the session. This comes down to the subtle difference between spoofing and hijacking.

Spoofing is pretending to be someone else. This could be achieved by sniffing a logon/authentication process and replaying it to the server after the user has logged off. The server may then assume you are the user that the sniffed process actually belongs to.



Hijacking is taking over an already established TCP session and injecting your own packets into that stream so that your commands are processed as the authentic owner of the session.

One problem with TCP is that it was not built with security in mind. Any TCP session is identified by the (client IP address + client port number) and (server IP address + server port number). Any packets that reach either machine that have those identifiers are assumed to be part of the existing session. So if an attacker can spoof those items, they can pass TCP packets to the client or server and have those packets processed as someone else!



To complete a hijack you must perform 3 actions.
Monitor or track a session
Desynchronize the session
Inject your own commands
To monitor a session, you simply sniff the traffic. How do we achieve the de-synchronization of a session?? By ‘Sequence Packet Prediction’.

If we can predict the next sequence number to be used by a client (or server), we can use that sequence number before the client (or server) gets a chance to. Predicting the number may seem a difficult task to do as we have a possible 4 billion combinations, but remember that the ACK packet actually tells us the next expected sequence number. If we have access to the network and can sniff the TCP session, we don’t have to guess, we are told what sequence number to use! This is known as ‘Local Session Hijacking’. More security tools are also available..

If you do not have the ability to sniff the TCP session between client and server, you will have to attempt ‘Blind Session Hijacking’. This attack vector is much less reliable as you are transmitting data packets with guessed sequence numbers. 4 billion possible combinations then becomes a very big pool to choose from!

Below is a packet analysis of a local session hijack.



We now know the next expected sequence number. If we transmit that packet sequence number before the client, we will desynchronize the connection; basically we will bump the server up by one increment.



What happens when the real client sends the next packet that it has?



The server treats it as a resent packet as it has already received that SEQ number. So, now the client is unable to communicate with the server, the hacker is still able to communicate as they know the correct sequence number. This dropping of packets can create a problem with the network. Because the client is not receiving an ACK for his TCP packet, he assumes that it did not make it to the server and resends it, only to have it dropped by the server.

It is important to note at this point that to carry out this attack correctly, you must employ an ‘ARP Cache poisoning’ attack on both machines. The reason you must redirect the packets through the Hacker machine is so that the server does not reply directly to the client. By transferring all packets through the Hacker machine, the Hacker is able to filter out what they want the server or client to be able to see and control any communications between the two. The hijacking tools will do this for you!

If the flow of data is not completely controlled, packets may get through to either party. The server may be able to send an ACK packet to the client, this packet will contain a sequence number that the client is not expecting, so when the client receives this packet, it will try to resynchronize the TCP session with the server by sending it an ACK packet with the sequence number that it is expecting. This ACK packet will in turn contain a sequence number that the server is not expecting, and so the server will resend its last ACK packet. This cycle goes on and on and on, and this rapid passing back and forth of ACK packets creates an ‘ACK Storm’. This ‘ACK Storm’ can quite quickly grind a network to a halt, so any attack tends to be carried out rapidly by the hacker.



To clear the ACK storm, the Hacker could send TCP packets to both parties with the control bit set to RST, reset. This will essentially tear down the established session, disconnecting all connected machines. However, if the attacker is performing an ‘ARP Cache Poison’ of the two machines, the ‘ACK Storm’ should not occur as neither machine can directly communicate with each other.


Available Hacking Tools

There are a number of tools available to conduct TCP Session Hijacking, some open source, some commercial applications. In the interest of operating system independence, I will mention two.


T-Sight

T-Sight, by Engarde Systems is a Windows based ‘Local Session Hijacking’ application. It is actually much more than just that, it is a post-mortem and real-time network analysis tool.

T-Sight is really easy to use, I do not know of another session hijacking tool that is as easy to use! Its main screen is a connection monitoring window. This will display on the left hand ‘Protocols’ pane all of the connections that T-Sight can ‘see’. This means that if you are on a hub based network, you can see plenty of connections. If you are on a switch based network, you will need to perform some attack, such as ‘Switch Flooding’ or ‘ARP Cache Poisoning’ to be able to sniff or see other user’s connections.



Once you see a connection you wish to monitor, you double click on the entry in the right hand pane, the ‘connections pane’. This opens a new window with which you can analyze post-mortem packets, or by clicking on ‘Generate’, you can move into the real-time monitoring window.



If you can monitor a connection, you are performing a ‘Passive Hijack’ of that session. This is simply a real-time sniff of the data packets. For instance, if you are passively hijacking a Telnet session, you can see the Telnet commands as the Administrator types them into their window. You are not injecting packets or attempting to desynchronize the connection, you are simply watching it in real-time. This is very important as you can time your hijack to take over the session only after the Administrator has logged onto the Telnet server!



Wait for the user to authenticate against the server and click on ‘Take Over’, you can even see the username and password in the connection stream at the bottom. That’s it! You now have desynchronized the session, and have the ability to inject your own Telnet (if you have hijacked a Telnet session) commands. You do this by typing directly into the white screen. Any command you enter is processed as the Administrator that originally created the session. If you have the resource tool ‘WhoAmI’ installed, you will see that the logged on user is the creator of the session. Fantastic!! What ever you do now is logged as someone else.

Completely invisible to the user, a number of actions are running in the background. T-Sight is performing an ARP cache poison of the two victim machines to control the flow of data. It is also spoofing the IP address, MAC address and port number of the client, so that the server has no idea it is communicating with someone else.

T-Sight has the option of creating ‘Macros’ and storing commands in them. These macros can then be sent in quick succession to the server, enabling the Hacker to carry out the attack and get out before anyone notices.

As for the poor Administrator? The command prompt window that they are using to create a Telnet session hangs while the session is being hijacked. After a minute or so the window will display a message ‘Connection to host lost.’ What would most Administrators do? Blame Windows and re-establish the session!! What will you do from now on?

At the time of writing this paper, Engarde has the following pricing for T-Sight.

Class C: US$ 1,500.00
Additional Class C: US$ 225.00
Class B: US$ 3,500.00
Additional Class B: US$ 525.00
Consultant license: (unlimited networks) US$ 9,000.00


Hunt

Hunt, by Pavel Krauz is a Linux open source attack tool that performs session hijacking. The fundamental difference between Hunt and most other hijackers is that it can hand back the victim session. To hand back the session, the attacker needs to resynchronize the client sequence number to match the server. Hunt tries to solve this problem by sending a message to the logged on client user. One of those messages is shown below:

#msg from root: power failure – try to type 17 chars

The number of characters that needs to be entered is entirely dependant on the difference between the client sequence number and the server sequence number. Hunt will replace this value with whatever number of bytes is required, 1 character = 1 byte. The crux of this is if the user will obey the instruction. When the user has typed enough characters and therefore transmitted enough bytes to synchronize, Hunt will then transmit ARP update packets to restore the correct values to the ARP table entries it modified on the client and server. This technique will probably not work against well-educated users or any protocol other than Telnet or possibly FTP, both text based unencrypted protocols.




Countermeasures

To defend against session hijack attacks, a network should employ several defenses. The most effective is encryption such as ‘IPSEC’. Internet Protocol Security has the ability to encrypt your IP packets based on a Pre-Shared Key or with more complex systems like a Public Key Infrastructure ‘PKI’. This will also defend against many other attack vectors such as sniffing. The attacker may be able to passively monitor your connection, but they will not be able to read any data as it is all encrypted. There might be actions an attacker could take against an IPSEC enabled network, depending on if they use IKE-PSK or PKI to manage the encryption keys, but this would require an experienced hacker. Don’t think that IPSEC is the panacea to all your ills, there are IPSEC cracking tools available on the internet that will attempt to guess the PSK and decrypt packets.

Other countermeasures include encrypted applications like SSH (Secure SHell, an encrypted Telnet) or SSL (Secure Sockets Layer, HTTPS traffic). Again this reflects back to using encryption, but a subtle difference being that you are using the encryption within an application. Be aware though that there are known attacks against SSH and SSL. OWA, Outlook Web Access uses SSL to encrypt data between an internet client browser and the Exchange mail server, but tools like Cain & Abel (my favorite Windows based attack tool!) can spoof the SSL certificate and mount a Man-In-The-Middle (MITM) attack and decrypt everything!

Reducing your ‘Attack Surface’ (the potential methods of gaining access to your network) will help, e.g. eliminate remote access to the internal systems. By cutting out authorized remote connections, you have removed the potential for somebody to attack those remote connections. If you have remote users that need to connect to carry out their duties, then use ‘Virtual Private Networks’ that have been secured with tunneling protocols and encryption, L3TP/PPTP & IPSEC.

Again, a defense in depth approach is always the best countermeasure to any potential threat. Employing any one countermeasure may not be enough, but using them together to secure your enterprise will make the success rate of any attack minimal to anyone but the most professional and dedicated attacker. Remember, no computer system is every 100% secure! (Unless it is powered off and dropped in the ocean!!