TJX hacker sent to jail for 20 years after stealing 40 million credit cards
Albert Gonzalez, the 28-year-old college drop out who was the mastermind of a hacking ring that stole over 40 million credit and debit card numbers from retailers including TJ Maxx, Barnes & Noble and BJ’s Wholesale Club, has been sent to jail for 20 years.
Miami-based Gonzalez, who went by the handle of “Sevgec”, was the ringleader behind what has been described as the single largest and most complex hacking and identity theft that has ever been prosecuted.
Gonzalez and a team of “wardriving” accomplices initially exploited insecure corporate wireless networks, gaining access to the commiunications of several retailers. Reports emerged in 2007, for instance, that the TJX data breach occurred because of weak WEP encryption in use at two of its Marshalls stores in Miami.
Once they had gained access, the hackers were able to install a packet sniffer on TJX’s network which was able to scoop up details of transactions in real-time, including the data stored on payment cards.
Another member of the gang, 25-year-old Ukranian Maksym Yastremskiy, also known as “Maksik”, was sentenced to 30 years in a Turkish prison in early 2009, after being found guilty of selling hundreds of thousands of the stolen credit card numbers and other personal information to the criminal underground.
128 Bit Wep Cracking With Injection!
A Penetration Attack Reconstructed
A Quick and Dirty Intro to Nessus using the Auditor Boot CD!
Adding Modules to a Slax or Backtrack Live CD from Windows
Airplay replay attack – no wireless client required
Anonym.OS LiveCD with build in Tor Onion routing and Privoxy
BackTrack LiveCD to HD Installation Instruction Video
Basic Nmap Usage!
Basic Tools for Wardriving!
Bluesnarfer attack tool demonstration
Bluesnarfing a Nokia 6310i hand set
Breaking WEP in 10 minutes
Cain to ARP poison and sniff passwords!
Complete Hacking Video using Metasploit – Meterpreter
Cracking a 128 bit WEP key (Auditor)
Cracking a 128 Bit Wep key entering the cridentials
Cracking Syskey and the SAM on Windows Using Samdump2 and John!
Cracking Windows Passwords with BackTrack and the Online Rainbow Tables at Plain-Text!
Cracking WPA Networks (Auditor)
DoS attack against Windows FTP Server – DoS
Droop s Box Simple Pen-test Using Nmap, Nikto, Bugtraq, Nslookup and Other Tools!
Exploiting some bugs of tools used in Windows
Exploiting weaknesses of PPTP VPN (Auditor)
Finding Rogue SMB File Shares On Your Network!
Fun with Ettercap Filters!
How to crack the local windows passwords in the SAM database
How to decrypt SSL encrypted traffic using a man in the middle attack (Auditor)
How to sniff around switches using Arpspoof and Ngrep!
Install VNC Remotely!
Internet Explorer Remote Command Execution Exploit (CMDExe) Client Side Attack (Hi-Res)
Internet Explorer Remote Command Execution Exploit (CMDExe) Client Side Attack (Lo-Res)
John The Ripper 1.7 password cracker Installation Instruction Video
Local Password Cracking Presentation for the Indiana Higher Education Cybersecurity Summit 2005!
MAC Bridging with Windows XP and Sniffing!
Mass De-Authentication using void11 (Auditor)
Metasploit Flash Tutorial!
MITM Hijacking
Nmap Video Tutorial 2 Port Scan Boogaloo!
Sniffing logins and passwords
Sniffing Remote Router Traffic via GRE Tunnels (Hi-Res)
Sniffing Remote Router Traffic via GRE Tunnels (Lo-Res)
Sniffing VoIP Using Cain!
Snort Instruction video – howto install into backtrack
SSH Dynamic Port Forwarding!
Start a session and get interactive commandline access to a remote Windows box!
Telnet Bruteforce
Tunneling Exploits through SSH
Use Brutus to crack a box running telnet!
Hacking – The art of explotation
Using NetworkActiv to sniff webpages on a Wi-Fi network!
WEP Cracking using Aireplay v2.2 Beta 7 (Whax 3.0)
WMF File Code Execution Vulnerability With Metasploit!
WPA Cracking using Aireplay v2.2 Beta 7 (Whax 3.0)
If you are ever in the Toronto area you can get free Wifi at over 20 free wifi locations. The SSID for all Toronto Free Hotspots is wirelesstoronto When you open your web browser you will be redirected to their registration page to register for free and that’s it you can now surf for 20 minutes. Make sure you read the email the send you at the email you use to register, if you can’t find the email check your spam folder in case of an over zealous spam filter, enjoy!
Wardriving is a geeky hobby, once you plot your wardriving data
on maps it is eye opening as to how many unsecured wireless routers
in a small area. You could map wifi hostspots to get free wifi,
but you should never connect to a private wireless router unless
it is labeled public. If you connect to a Free Wifi Hotspot
your data should be encrypted, if not then i would not recommend
doing any transactions requiring entering a login and password.
The following video shows how to map wireless routers.
To start you should have the following:
-Laptop with a good battery
-Wireless card
-GPS unit
-Netstumbler
You then need to get around and gather wardriving data,
preferably a car, you could walk or take a bike as long
your laptop is secured. You could use this to do any kind of
gps mapping. You do not need any mapping software except netstumbler,
the gps mapping software is web based, this is a good site
and i recommend supporting them, on their site GPSvisualizer
you can upload your gps file or your netstumbler file and
plot a map with all the router points.
This is a 2 step process,
1.Gather netstumbler and GPS data
2.Save your netstumbler data and upload it to GPSvisualizer
Here’s some new Wireless Access Point Mapping of Downtown Kitchener, any request to have a street surveyed, just post a comment, right now we only cover South-Western Ontario. Click here to view the Map