I give some good marks to this guy when compared to our earlier workshop. I kept the way he taught aside. He tried to show atleast few attacks like Wireless Hacking, Reverse Engineering. Still i wanted to write this article since he made many script kiddies over there in the workshop and he didnt teach above 50% of course contents that he had placed in his website. In many workshops, it has been becoming a fashion to show off with VOIP hacking. They are placing it in their contents, showing off in the workshops but not teaching how to do. They are simply saying, "we are not going to teach VOIP hacking. Except this, we will teach everything". then why the hell do they show off.
- Workshop fee 1100/-
- Trainer- A guy from cybercure.in
- Course content- you can see at their site.
Email attacks and keylogging
He started the workshop with introduction. His introduction was really good with some examples on why hackers are needed. I thought he would do some wonders in the workshop. Then he started email attacks by sending fake emails. he has given some websites like www.emkei.cz for that. Then he started phishing.
The real fun was started here. He has given a PHP link whose PHP file is hosted on their cybercure.in website. He asked to place that link in the html page's "action" part and also suggeted to send the html page as an attachment. My point is, if he deletes that PHP file from his website, those people will become noobs. It means they should use cybercure.in website if they want to do phishing. (He didnt mention the word "free web hosting sites" atleast once in the whole workshop).
then started fun with keyloggers.He said the biggest drawback with keyloggers is we cannot install them remotely. (You can clearly unserstand that there was no demo on Remote Keylogging. Atleast he didnt mention it.
Operating System Hacking (Dont expect too much)
After hearing the above heading, i thought he was going to dig the operating system vulnerabilities. I was shocked at the end of this session. Because, its all about password recovery,hiding folders and steganography using command prompt. the attraction in this session is, he used to call all those concepts attacks.(i dont know what he has attacked by hiding folders :p).
Calling password recovery OS HACKING is really funny.
Virus,trojans,website hacking,Google Hacking
If you compare the session wise topics, you can come to a conclusion of what he did teach in this session. Only OS HACKING :p one complete session.
All these topics- one session
Virus- he told some batch file codes
Website Hacking- simple SQL injection (x' or 'x'='x) on few sites, No advanced injection.
He has shown the website of bipasabasu and said it has a direct upload option where we can upload shells right from the client side.(URL is hidden). I asked him to show us the URL. He said NO.
Then, opened some terrorist website and shown a vulnerability of Directory Traversal Attack(No basics, even i didnt understand how it works).
I was really dissapointed with website hacking. He hadnt given any concept(how it works) to any method except simple sqli. The most funniest thing in this session is he has spent equal time on both website hacking and Google hacking.
To be frank, this is the only session where he had given some advanced content. He has shown WEP cracking with BackTrack5 and shown reverse engineering by cracking perfect keylogger.
But shit always happens. He said we cant crack WEP from Virtual Box.
After the workshop four guys were discussing. One said "Workshop was really great, i will hack my friend's email id today itself". i went to him and asked him "what will you do if our trainer removes the link from his website?". He was stunned :) . because he doesnt know what to do if he deletes the link. Many People know how to attract the students. Still i dont blame our trainer, but i expect them to teach the original content.
Finally the organizers asked anyone to speak about the workshop. I went on to the dais and praised everyone whole heartedly,because they did a great job. Finally, i called our trainer and said "Please remove the contents from your website that you are not going to teach in your workshops". He has changed his expression which resembles depression :) .
My Small Message
This article is not to say that our trainers dont know anythng. Really, they have the stuff to teach. But the only thing is, they wont share. That is up to them .We have no rights to ask them to share the things. But when people are paying, they should get the fruits too. If teaching hacking increases the crime rate, what should we call charging money without teaching.?? Please think of it and give the best to the aspirants.