Saturday, 26 May 2012

How to Crack a Program using OllyDbg

Software Cracking is the art of breaking security protections in a software. Generally software cracks are distributed in the form of patches to the original software or keygen programs which generate arbitrary key / serial combinations. A Cracker works his way through a program by disassembling it and understanding the security protections built into it. He then proceeds to alter the behavior of the program by finding and changing (patching) the routines responsible for the security mechanisms, in order to allow full unlimited access to the program. Alternately, he can also reverse engineer the key / serial comparison routines and write a keygen for the program. This allows users to generate arbitrary valid keys / serials for the program.

Download Now

Thursday, 3 May 2012

ATM Skimmers: Hacking the Cash Machine

Most of the ATM skimmers I’ve profiled in this blog are comprised of parts designed to mimic and to fit on top of existing cash machine components, such as card acceptance slots or PIN pads. But sometimes, skimmer thieves find success by swapping out ATM parts with compromised look-alikes.
ATM Card skimmer, using modified ATM component
ATM Card skimmer, using modified ATM component
On May 16, 2009, a company representative from ATM maker Diebold was servicing an ATM at a Bank of America branch in Sun Valley, Calif., when he discovered a skimming device and a camera that were attached to the machine. The technician took pictures of the camera and card skimmer (click picture at right for larger image), and then went into the branch to contact his supervisor.
But when the Diebold employee returned, the camera had been removed from the ATM, suggesting that the skimmer scammer was lurking somewhere nearby and had swooped in to salvage his remaining equipment. This is similar to what happened when an ATM technician discovered a compromised ATM a year ago.
Investigators of the present scam learned that the thief had somehow pried off the plastic cover of the ATM’s card acceptance slot and replaced it with an identical, compromised version that included a modified magnetic stripe reader and a flash storage device. The new card slot came with its own clear plastic face that was situated in front of the plastic one that was already attached to the ATM’s internal card reader (see picture below). The entire fraudulent device was glued onto the ATM with silicon.
Real card reader and skimmer overlayBelow are a few close-ups of the silicon-based magnetic stripe reader attached to the compromised card acceptance slot overlay.
A close-up of an ATM card skimmer
A close-up of an ATM card reader
Here’s a closer look at the electronics inside this handmade reader:
A close-up of an ATM card skimmerThe camera was in a trim piece that was attached above the PIN pad, cleverly designed to match the rest of the ATM in color and contour. Although the camera was removed by the thief, investigators said the trim piece was similar to a hidden camera found attached to an identical ATM at a Washington Mutual bank branch in the area.

Backside of hidden camera for ATM skimmer
Backside of hidden camera for ATM skimmer
In other skimmer cases, ATM thieves also have been known to hack apart and modify portions of the ATM. Last week, the Palm Beach Sun Sentinel published a story about crooks in Boynton Beach, Fla. who have been cutting the bottom of ATM card readers to remove the microchip inside and replace it with their own battery-operated card reader.
If you visit a cash machine that looks strange, tampered with, or out of place, then try to find another ATM. And remember, the most important security advice is to watch out for your own physical safety while using an ATM: Use only machines in public, well-lit areas, and avoid ATMs in  secluded spots. Also, cover the PIN pad with your hand when entering your PIN: That way, if even if the thieves somehow skim your card, there is less chance that they will be able to snag your PIN as well.