• cracking wep with no clients
  
• crack wep with aircrack + inject packets ( Windows )
  
• how to bug e-mail
  
• aircrack on backtrack with clients ( wep )
  
• writing a port scanner in java
  

• ettercap part 1
  
• ettercap part 2
  
• rainbow tables
  
• social engineering
  
• google security
  

• using truecrypt to lock up your private data
  
• nmap scanning and portsentry evasion
  
• nmap scanning and portsentry evasion 2
  
• windows xp security
  
• php filtering with owasp
  

• quick and simple netbios exploitation with windows xp
  
• quick and simple netbios exploitation with windows xp 2
  
• quick and simple netbios exploitation with windows xp 3
  
• quick and simple netbios exploitation with windows xp 4
  
• quick and simple netbios exploitation with windows xp 5
  

• computertutorials
  
• computertutorials2
  
• securitytutorials
  
• computertutorials3
  
• computertutorials4
  
• securitytutorials2
  
• securitytutorials4
  

HOW TO BUG E-MAIL

Soda_Popinsky has very kindly allowed this excellent tutorial of his to be hosted on the TAZ.

You can find the original post here:
http://www.antionline.com/showthread.php?s=&threadid=260660

Enjoy

How to bug an Email
by Soda_Popinsky

Overview-
How to bug an email to find the IP of the user that reads it, and how to prevent being bugged. This code is written in php with a mail function. This tutorial will give you email notification when your bugged email is read.

Most modern email clients by default have HTML and scripting on. This tutorial will take advatage of that. In the scenario where a victim is being attacked and taunted by someone jumping through email accounts, this tutorial will provide an IP address in the case that the attacker is not using a proxy, and mistakenly leaves HTML and scripting on in their emails. I do not encourage taking the law into your own hands, I do encourage law enforment or administrators to look at this tutorial.

Required is a webserver with PHP installed. Create a text file with the extension ".php" with the following code, using a raw text editor such as vi or notepad:



Code:
<?php

//YOUR Email Address Here
$to = "Whatever@Wherever.com";

$IP = getenv("REMOTE_ADDR");
header ("Content-type: image/png");
$img_handle = ImageCreate (1, 1) or die ("Cannot Create image");
$back_color = ImageColorAllocate ($img_handle, 0, 10, 10);
imagecolortransparent ( $img_handle , $back_color);
ImagePng ($img_handle);

$body = "Image viewed by " . $IP . " on " . date("D dS M,Y h:i a");
$subject = "Image has been viewed";

mail($to, $subject, $body);
?>


Inside the code, notice these lines:

Code:
//YOUR Email Address Here
$to = "Whatever@Wherever.com";


This should be the only thing you need to modify. It is the email address you want the notification to be sent to. Notice these next set of lines:

Code:
$IP = getenv("REMOTE_ADDR");  //This will grab the readers IP address. It may be a proxy address, may not be.
header ("Content-type: image/png"); //creates a 1 x 1 image
$img_handle = ImageCreate (1, 1) or die ("Cannot Create image");
$back_color = ImageColorAllocate ($img_handle, 0, 10, 10);  //makes that pixel transparent
imagecolortransparent ( $img_handle , $back_color);   //creates the image
ImagePng ($img_handle);


About now you should test if the script will work. Upload the script to your server, and point your browser to it. You should recieve an email from your server if it is properly configured to handle the mail funtion in the script. It will contain your IP and the time and date you accessed it.

Setting up the email

This will depend on your client, but you should be able to paste in something like this-


Code:
<html><body>Your email body text<img src="http://yourserver.com/Yourbuglocation.php"></body></html>



In Outlook, you need to set the email to an HTML email, as opposed to rich text or anything else. Then you send the email to the email address you need traced. Although I would test the html and script on other email clients first, because errors are dead giveaways of your intentions.


Preventing bugs

http://informationweek.securitypipe...m/news/18901439

This link tells us that almost half of spam is bugged. This means by opening a bugged email, you are flagged as a potential sale, therefore encouraging spam to your address. It is important to disable HTML and scripting in your client for this reason, as well as other reasons. Configuration varies by client to disable scripting. In Outlook, we go to tools-options-security tab- and we select restricted as our security zone. Make sure your restriced security zone settings are tight.

Thats all-
Comments and criticism welcome.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Someone requested I add code for those without sendmail.

Code:
<?php

$IP = getenv("REMOTE_ADDR");
header ("Content-type: image/png");
$img_handle = ImageCreate (1, 1);
$back_color = ImageColorAllocate ($img_handle, 0, 10, 10);
imagecolortransparent ( $img_handle , $back_color);
ImagePng ($img_handle);

$body = "Image viewed by " . $IP . " on " . date("D dS M,Y h:i a") . "\n";

$fn = "hits.txt";
$fp = fopen($fn, "a");
$write = fputs($fp, $body);
fclose($fp);

?>

Original Tutorial Submitted by nokia for TheTAZZone-TAZForum

Originally posted on March 6th, 2006 here

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post...we do not sell, publish, transmit, or have the right to give permission for such...TheTAZZone merely retains the right to use, retain, and publish submitted work within it's Network.