Blog of Chandika

Today I am going to explain about another cool experiment done by me. That is a DNS Poisoning (or Spoofing) attack. So let's start, Before the start I like to compare the Phishing attack and the DNS Poisoning attack. As we know Phishing is a well known method armed with Social Engineering to steal sensitive information by using bait (Compromised URL or Link). In the DNS Poisoning, the process is likely same, but not exactly the same. When we are talking about Phishing web pages there is a main weak point, Phishing web pages can not serve under genuine domain addresses, (There are methods by using Cross-site Scripting but I am not going to talk about that.) but when talking about DNS Poisoning, hackers can serve malicious web pages under genuine domain addresses. So that is very hard to identify these kind of attacks. Image Reference: https://www.imperva.com/learn/application-security/dns-spoofing/ Now I am going to talk about how to perform these kind of attacks. To

Today I am going to present you another free time fun project done by me to spend my free time. Actually, this is not a big deal. I am simply automated very known command. All of you know we can view saved WiFi Profiles by using the following command netsh wlan show profile <target-ssid> key=clear So, I make this easier by creating an automated batch file. Someone thinks this is useless, but if you are Batch script lover then you will definitely love my project because I added colours for that and also able to give an option for Run as Administrator. These are my codes: @echo off title WiFi Password Viewer :start cls echo. echo [7mWiFi Password Viewer v1.0 [0m echo -------------------------------- echo Author : [41;93mArea Master [0m echo Website : [44;93mWidane Forums [0m echo Link : https://www.widane.com echo -------------------------------- echo. echo 1 - Run as Administrator [91m(Recommended) [0m echo 2 - View all saved WiFi profiles echo 3 - View passwor

Today I am here to warning you to about another scam message spread through social media websites. I received below message from one of my students. This message is claimed that is giving you 1000GB (nearly 1 Tera Byte) data bundle. Most techie people are familiar with these kind of scam messages, but the problem is other people haven't any idea about this. So let's take a closer look about this message and also this website. In this message there is a URL as shown bellow, So, what is you can say about this Address? T h is is not a WhatsApp Official Website address (Or Facebook) so at this point you can safely discard this message without getting tricked (Sometimes these kind of messages trick users to install malware applications, So the safest move is not to click on these type of messages or links). So I hope you can get an idea about how we can deal with this type of messages. Now I am going to see what is this website and what is that trying to do. Fi