article-stack

P@$$w0rd

Everyone is interested to steal personal information of others. But sometimes it is needful. I already had written 3 articles for hacking/cracking passwords and what to avoid.

1. Brute-force and dictionary attack, poor hacking tactics
2. How to extract contents from locked zip files
3. 5 efficient ways to hack locked folders

One more article that I hadn’t published is about keylogger. Let me describe key loggers in brief.

Well! My aim for writing this article is to share a very useful link with you and to improve knowledge in how to guess password.

No body want to forget his password. So he generally chose the password related to his past, someone’s name or some stuff. To make it difficult he uses special characters looks similar to English character. For example , @ in place of a or $ or 5 in place of S.

One more common habit is putting @123 or @1234 at the end of password.

Well it is not the end there are more tricks which make someone guess password and crack it easily.

My this article is inspired by How To Guessing Hacking Figuring Cracking Password Art Guide

During writing of Powerset vs Google, who is better?, I observed that google is not good in safe search. I found that if you search for some vulgar or spam words on google, it returns result which are not suitable for minors.

Now the question is,

Well! The answer is

For the sake of children career, their future and mental growth, parent control is required. Some days ago I wrote an article about some advertisements should be banned in public. Although the advertisements are first step of selling a product but sometimes they might be as harmful as an adult movie for children.

Please read, Why should you bane google on your home PC? if your child access that PC.

This is not only the point i wanted to discussion. Read Top 5 google fallouts to know “why indians are demanding google banned?”

I agree with these two facts

1. Most of the people use only google for searching. Even now the google has has taken place in English dictionary as a synonym of search.
2. Most of the parent uses parent control software on their PC. So that their children would not have to face any unwanted contents knowingly or unknowingly.

But…

I need not to say “why?”. You experience it yourself. Lets do some exercise;

Search for some images with some spam or vulgar keywords on bing, yahoo and google.

You’ll see that Bing and Yahoo will not show you results which are banned by the government. Even you set safe search off in Bing, you’ll not get inappropriate result. On the other hand Yahoo will not allow you to off the safe search. If you get some vulgar suggestion and click them, still those results will be banned. This search depends on country to country. At least these results are banned in INDIA as per Indian Information Act.

On the other hand, if you search same keywords on google, you’ll surely get inappropriate result which are suitable for your children. You’ll get these results even if safe search is on.

*i cropped the above image. Because the previous image, even after hiding the hiding some place, was banned.

Remember that the google is not only the option for searching in contrast of study. Read Powerset vs Google, who is better? for this.

There is common thinking in everyone’s mind that if you want to secure your wordpress blog then you must disable users to get registered on your site.

Registration on a site always attracts hackers. Many plug-ins may secure your blog. But some of them might be proved as a powerful & useful tool for hackers.

Here I am discussing about a plug-in which is very useful in point of security. But I used this to hack my own site.

Let’s do it.

http://localhost/wp-admin/options-general.php?page=WordPressFileMonitor&display=alertDesc

or
< your blog url >/wp-admin/options-general.php?page=WordPressFileMonitor&display=alertDesc

This hack will help you to collect more information about the site like latest changes, posts in draft, plug-in recently installed, theme, and various path along with file name.

You’ll find many posts over wordpress security plug-ins. But I had excluded all plug-ins which do less work that you can do by changing some settings. Like creating .htaccess file etc.

I also not mentioned plug-ins related to SSL. SSL certificates let you connect to your server with encrypted channel which is very secure. You need to buy SSL certificate. You can use shared or private certificates. But in both cases you need to payment. Since most of the bloggers doesn’t go for buying SSL certificates. So I avoided them.

You can achieve full security by using very less number of plug-ins. Some of them are;

Akismet - It helps you to protect from SPAM. In simple words you can say. If someone comments on a post just for advertisement or uses offensive word then Akismet can stop them.

Block Bad Queries (BBQ) - I hope all of you are aware with SQL injection. SQL injections are nothing but some complex SQL queries written with the aim of breaking your site security. And to get internal information of your site database as much as possible. This plug-in can control SQL injection & base64 attacks till some extension.

Login LockDown - Login LockDown controls number of unsuccessful login attempts. So you ever be safe from brute force & dictionary attack.

WordPress File Monitor - As its name suggest, it monitors all files on your server. This plug-in tells you about what files are changed on your server. So that you can identify whether the mentioned files are changed by you or by some script.

Many sites use CAPTCHA security. You can see CAPTCHA when you

1. register on any site
2. are booking train or flight ticket
3. change password
4. put some link in scrap on orkut etc.

How does it look..

CAPTCHA is nothing but an image drawn in a style so only human can understand it. No software like handwriting recognition or pattern matching software, must be able to recognize them. As per their complexity you can find many types of CAPTCHA. Sometimes CAPTCHA is not an image. It might be a mathematics calculation. And you are supposed to enter its result.

CAPTCHA ensures human presence.

No but some good programmers can build application called virus which can download multiple files from a site or a single file multiple times. It may be used to increase number of hits to that file or with any other purpose. These scripts can be used to make a server down or with many other harmful purposes. So CAPTCHA is needful.

CAPTCHA saves you from brute force or dictionary attacks as well.

Well!! You’ll find many of valid invalid circumstances where you need to open locked folder & files. Here I am explaining how can you break any folder/ file security software without having any technical or hacking knowledge. Most of the techniques are applicable only on PC SECURITY software. But some of them you can apply on other locking software as well.