latest articles

Update to Computer Korner Android App


Hi Dear followers

Previous month we introduced our android app that was also a good app but we added some new features in the android app


  • Bugs Fixes related to UI
  • UI improvements
  • Search Bar added 
And Many other minor Improvements 
You can download it from here

Enjoy and let us know if you want any other improvements to be added to the app 

Special Thank to Gaurav Arora 


Cheers
Jitendra Santram Singh ( Team Computer Korner)





Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

WordPress Directory Listing : The Story of Cloakfusion Bug







Hi Followers

Due to the workload cant able to update the website but I am back with my work again 


The Story

So this is a story of a very minor bug which most webmasters forgot to patch this is about the directory listing vulnerability in the WordPrets and they think that they patched it.

But still the danger exists there are three folders in the WordPress main directory they are
  • wp-admin
  • wp-content
  • wp-includes
what they actually do they only deny the access to these three directory but they forget that these directory also contains some other folders so to secure the website they should have to revoke the access to all of the folders of these three folders.


The Bug

The bug exists here
during browsing www.cloakfusion.com i found that it is a WordPress based website to first I tried some simple things like accessing the readme.html file but it was protected and the three directory is protected as well but after that I browsed the folder which are inside these three folders
Then I tried

https://www.cloakfusion.com/wp-content/uploads 
and yes I can browse it 
I also tried 
https://www.cloakfusion.com/wp-includes/

and it was also not protected
here are the screenshots of both



So this has to be patched by modifying the .htaccess file and deny the access to these folders

So tuned more is coming soon


Thank You
Jitendra Santram Singh (Team Computer Korner ) 





Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

Computer Korner Android App


Hi Dear Ck lover

It was a proud moment and my immense pleasure to announce the we are now on a android app.

Due to the vast variety of smartphones we also thought then we should have a android app so here we are with our android app

You can download our app from here 
Click here for app


For this app i want to thank My best friend Gaurav Arora for his effort in creating this app and this was a surprise for our whole computer korner team


Regards
Jitendra (Team Computer Korner)

Special Thanks to Gaurav Arora




Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

WebApp Pentesting: Using SSLScan








Hi ,

So this is my another post on WebApp pentesting on how to enumerate the SSL/TLS ciphers used by a website and also about gathering the information on the SSL certificate used by the website.


What  is SSLScan

SSLScan is  also a very good information gathering tools it is used to gathering about the SSL/TLS ciphers used by a website it also shows the information about SSL certificate used by the website.


How to use SSLScan


SSLScan comes pre installed in major linux distributions like backbox and kali linux.
if this is not preinstalled on your distribution just simply type

sudo apt-get install sslscan






Now for scanning a website just simply type

sslscan -domain




Now it will start enumerating the ciphers used by that website like this 



After that it will show you the information about the ssl certificate used by the website.








So by this method you can use sslscan and can find out the vulnerability based on the ssl cipher like POODLE vulnerability and other.


More tutorials coming soon 
Stay tuned 


Thanks 
Jitendra Singh (Team Computer Korner )

Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

WebApp Pentesting: Using WhatWeb








Hi Ck lovers

Today I am writing a post on information gathering for a website.Whatweb is a very interesting tool which can be used for information gathering.

What is WhatWeb ?

As the name suggests WhatWeb , It tell about What is the Website. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1500 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

How to Use this:-

WhatWeb comes preinstalled on major linux distributions like backbox and kali linux.
So to start using :-

  1. Open Terminal and type WhatWeb it will show you a screen like this
2.Now to scan a website just simply type whatweb -website 
3. Now as soon you give the whatweb command it starts scanning the host. and after scanning it show a output like this 




There are many option in this tools which you can use for a vast variety of scanning to know all the option which is available just open terminal and type 
whatweb --help

it will show you all the available option for scanning.

More tutorials coming soon 
Stay tuned.


Thanks 
Jitendra Singh (Team Computer Korner)


Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

WebApp Pentesting: Cookie Reuse







Hi there,

Happy Christmas to All the readers 

Today I am sharing about a new vulnerability which is can be exploited by reusing cookie.

There are many website which does not expire the old session id in order to verify the session.
So this can be exploited and can be used for full compromise of account.
Cookie maintains the session on a website after login website sent user cookie by which the can identify the session of the user on the website these cookie are saved on user machine.
So if they are saved on user machine they are already becomes vulnerable if a user copied and used them then this can lead to a full account takeover.

Now in order to maintain the session a website creates a unique session id in order to verify the user but some website forgots to add a expiration on these session ids.

How this can be exploited ?

Since cookie can be exploited using any XSS attack then cookies becomes vulnerable for more info on XSS read this post 
So You are only needed some tools to exploit it.
What you need a cookie editable tool and a web browser 
If You are using chrome then there is a very good extension in chrome used as EditTheCookie You can export and import cookie using it.


Exploiting 

  • Install EditThisCookie on chrome
  • Now Login to any website and export the cookie using this.
  • Now do Logout and paste the cookie in the import tab of the extension.
  • Reload the page if you get sign in then the cookie is not expiring if not then it expired.

Fix

In order to fix this websites should have to generate a random session id for the user when he logs in and should have to expire it as soon as users do a signout.
I will be discussing a very great fix of this in my future posts.

Till then stay tuned 
Suggestion are welcome 

Thanks 
Jitendra Singh (Team Computer Korner )

In guidance of Gurpreet Singh and Subir Sutradhar



Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

SSL/TLS Pentesting: Renegotiation







Renegotiation
*****************
The SSL/TLS protocols allow the client and server to renegotiate new encryption keys during a session. A vulnerability was discovered in 2009 whereby an attacker could exploit a flaw in the renegotiation process and inject content into the start of the session, compromising the integrity of the session.
This is only possible if two conditions are met, namely that the server does not support secure renegotiation but does honour client-initiated renegotiations.

Secure Renegotiation
*****************************
the following command can be used for checking if the system supports secure renegotiation.
command : openssl s_client -connect example.com:443

A system that does support secure renegotiation will return the following when a connection is established










Special Thanks 

Sooraj Shekhar 


Thanks
Jitendra K Singh (Team Computer Korner)
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

SSL/TLS Pentesting: What is a SSL certificate



SSL/TLS supports the use of authentication via X.509 certificates, which are often termed "SSL certificates" when used in this context. Server certificates enable the client to verify that it is connecting to the correct host. Though not usually used for HTTPS, SSL/TLS can also support mutual authentication in which the client proves its own identity through the provision of its own certificate.
Some of the main security properties which should be considered when setting up a certificate, include:
"Not Before" - This gives the start date of the certificate and should be a date in the past.
"Not After" - This gives the expiry date of the certificate after which is should not be trusted. It is therefore important to ensure that this is a date in the future. As the expiry date approaches, a new certificate should be issued to replace it.
"Signature Algorithm" - This is the algorithm used to ensure the certificate's integrity. MD5 has been shown to be inadequate for this, with collision attacks allowing fake, but valid, certificates to be generated. SHA1 is in the process of being phased out due to known weaknesses, with SHA2 hash functions being the preferred alternative.
"Public-Key" - The public key should be long enough to ensure that attacks are computationally infeasible. In the case of RSA, 2048 bit public keys are now considered a sensible minimum to protect against factoring attacks.
"Issuer" - This is the entity which has issued the certificate and should be a trusted party recognised by both the client and server. The issuer is typically a third-party certificate authority (such as DigiCert in the example above), though larger organisations often operate their own certificate authority to sign certificates for internal use. While it is possible to generate so-called "self-signed" certificates, these prevent the client from authenticating the server and open up the possibility of man-in-the-middle attacks in which an attacker dupes the client and/or server into communicating with the attacker rather than each other.

"Subject" and "Subject Alternative Name" - These should contain the DNS information necessary to tie the IP of the server running the SSL/TLS service. If these values are not valid domain names (or wildcard domains), then the client will be unable to determine whether or not the certificate is associated with the server in question and cannot therefore use it to authenticate the server.



to viewing the details of a servers certificate 
******************************************************
command : openssl s_client -connect example.com:443 | openssl x509 -noout -text
you will get an output same like below







Special Thanks 

Sooraj Shekhar 


Thanks 
Jitendra K Singh (Team Computer Korner) Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more