Rabu, 25 Desember 2013

How to reveal saved asterisk password in the browser without any tool

What do you want to do when you open the web browser and then find a page with saved credential like this?
Do you want to know that saved password? :D




well, here is few step to reveal that asterisk password without any tools:
1. Right click on the saved password and then choose inspect element


2. Find text "<input type='password' name='bla bla bla >"
3. Change "type='password'" to "type='text'"

4. Enter
5. Now you can reveal the asterisk password


Next question, how to avoid this happening?
to avoid this happening you can do this things,
1. If there are anyone else that can use your computer, never save your password when your browser ask you to save the password.

2. if you really the one that can use your computer don't forget to lock your computer when you leave it. The simplest way if you can Windows OS you can press (Windows + L) to lock your computer.

-Your awareness is your computer security key- :)

Diposting oleh di Tidak ada komentar:
Label: , ,

How to know the real extension of a file?

In computer forensic challenge we usually work with a file with no extension like the file in red rectangle below
The next question, how we can know the real extension of those files?
If you want to know the real extension of those files the first thing you can do is check the "file signature" from those files.
what is file signature?
 a file signature is data used to identify or verify the content of a file. In particular, it may refer to:
  • File magic number: bytes within a file used to identify the format of the file; generally a short sequence of bytes (most are 2-4 bytes long) placed at the beginning of the file (wikipedia)
     1 byte = 8 bits = 2 Hex
     2 - 4 bytes = 4-8 hex
to know the "file signature" a file the first thing you can do is check the hex value of that file (because most of file signature is stored as hex value on database),
to do this you can follow this steps:
1. download this tool "HxD Editor"
http://www.softpedia.com/get/Programming/File-Editors/HxD.shtml
2. after download, just install and open it.

3. open the file you want to know the real extension (click menu File --> Open)

4. copy first 4-8 hex value from HxD Editor
in example we copy first 6 digit Hex value : FF D8 FF
5. find file signature database in internet, like this one
http://en.wikipedia.org/wiki/List_of_file_signatures
the other file signature database:
http://www.garykessler.net/library/file_sigs.html
http://www.filesignatures.net
6. rename the file with real extension

ta daaaa :)
For your exercise please find the right extesion for "Mocca" file :D
this is the file that you can download.


Diposting oleh di Tidak ada komentar:
Label: ,
Langganan: Postingan (Atom)